Computer Networks 1

Combines Layers 7 (Application), 6 (Presentation) and 5 (Session).

Nameservers resolve domains to IP’s through a distributed, hierarchical database.

Segment size: 1440-1480b when using IPv4, <=1460b when using IPv6

• Process-to-process delivery (distinguish between multiple applications via ports)
• Ensure reliable transfer (acknowledgments, retransmissions & reordering)
• Flow control (sender does not overwhelm receiver)
• Congestion control (network is not overloaded)

Connection-oriented, bidirectional, reliable, managed data flow.

So that the sender does not overwhelm the receiver.

To prevent network congestion.

Term	Definition
Congestion window
Sliding Window	Describes the process of the congestion window sliding to the right after receiving ACKs.
Slow start	Gradual growth (doubling cwnd every RTT) within the congestion window size at the start of a connection or after a period of state of no activity. Purpose: Allows the sender to probe the available bandwidth in a controlled way.
Congestion avoidance	Transition from sluggish start to congestion avoidance segment after accomplishing a threshold. Purpose: Maintains a truthful share of the community bandwidth even as heading off excessive congestion.
Fast Retransmit	Detects packet loss through duplicate acknowledgments and triggers speedy retransmission without waiting for the retransmission timeout. Purpose: Speeds up the recuperation method with the aid of retransmitting lost packets without looking ahead to a timeout.
Fast Recovery	Enters a quick healing state after detecting packet loss, lowering congestion window and transitioning to congestion avoidance. Purpose: Accelerates healing from congestion by way of avoiding a complete go back to slow begin after packet loss.
AIMD	Adjusts the congestion window size based on network situations following the Additive Increase, Multiplicative Decrease principle. Purpose: Provides a balanced approach by way of linearly growing the window all through congestion avoidance and halving it on packet loss.

Actually a layer 7 Protocol, running on top of UDP

Packet size: 1500b

Dividing a /X network into n amount of /Y subnets: .

A method for automatically configuring IPv6 addresses without a DHCP server, relying on local network information.

To make sure that the address is actually unique in the local segment.
Upon configuring an IPv6 address, every node joins a multicast group identified by the address FF02::1:FFxx:xxxx where xx:xxxx are the last 6 hexadecimal values in the IPv6 unicast address, eg. FF02::1:FF34:5678

1. The host sends a Neighbor Solicitation message from the Unspecified Address (::) to the Solicited Node multicast address.
2. If the generated address is in use, the host using that address sends a Neighbor Advertisement back. The sending host then knows the tentative address can not be used.
3. The host then proceeds to generate a new address and sends a new Neighbor Solicitation message to the link.
4. If there is no reply after some time, the host informs all the other hosts that it uses this address and it sends a Neighbor Advertisement message to the All Nodes address.
5. The host assigns the address to the interface and now has an active IPv6 link. This is the so-called Link-local Address Assignment.

1. Router solicitation
2. Router advertisement

Based on the information from the Router Advertisement, the host generates a global unicast address and wants to know if it is available to use, so it does the DAD process again. If it is not a duplicate, the host will use it.

/24 = 1111 1111 . 1111 1111 . 1111 1111 . 0000 0000 = 255.255.255.0
/10 = 1111 1111 . 1100 0000 . 0000 0000 . 0000 0000 = 255.192.0.0

Address increment = or

Includes functions and processes that determine which path to use to send the packet or frame. The control plane is responsible for populating the routing table, drawing network topology, forwarding table, and hence enabling the data plane functions. This means here the router makes its decision.

• Network-wide logic
• Determines how datagram is routed among routers along end-to-end path from source to destination host

Includes functions and processes that forward packets/frames from one interface to another based on control plane logic. Routing table, forwarding table and the routing logic constitute the data plane function. Data plane packet goes through the router and incoming and outgoing of frames are done based on control plane logic.

• Local, per-router function
• Determines how datagram arriving on router input port is forwarded to router output port

• Each router floods OSPF link-state advertisements (directly over IP rather than using TCP/UDP) to all other routers in entire AS
• Multiple link costs metrics possible: bandwidth, delay
• Each router has full topology, uses Dijkstra’s algorithm to compute forwarding table

Not used anymore, uses distance vector algorithm to calculate shortest route.

Functions:

• Error detection
• Flow control
• Addressing

Ethernet specifies and implements encoding and decoding schemes that enable frame bits to be carried as signals across both copper and fiber cables. Ethernet separates the functions of the data link layer into two sublayers: Logical Link Control and Media Access Control.

Defines how the Ethernet logical bus is accessed. It is in effect within a collision domain and if a device’s network interface card (NIC) is operating in half-duplex mode. It helps prevent collisions and defines how to act when a collision does occur.

• Carrier Sense: Listen to the medium
• Multiple Access: Sending if medium is free, else waiting for a random time and try again
• Collision: The amplitude of the signal increases beacuse a collision occurs.
• Collision Detection / Backoff algorithm: The nodes stop transmitting for a random period of time, which is different for each device.

After 16 tries, the host gives up the transmission attempt and discards the frame. The network is overloaded or broken.

• A jam signal informs all devices that a collision occurred.
• The collision invokes a random backoff algorithm.
• Each device on the Ethernet segment stops transmitting until their backoff timers expire.
• All hosts have equal priority to transmit after the timers have expired.

Full-duplex requires point-to-point connection where only two nodes are present. The data is sent on a different set of wires than the received data, so no collisions will occur. When a NIC detects that it can operate in full-duplex mode, CSMA/CD is disabled. Half-duplex needs CSMA/CD for collision detection.

Most common type in use today. Also called the DIX frame.

MAC PDU must be at least 64B to guarantee that all collisions can be detected. If it’s smaller, the frame must be filled with Padding Bytes.

• The sender applies a math formula to the frame before sending it, storing the result in the FCS field.
• The receiver applies the same math formula to the received frame and compares with the sender’s result.
• If the results are the same, the frame did not change. If the results are different, an error occurred, and the receiver discards the frame. The Ethernet device does not attempt to recover the lost frame.

7th bit: Globally unique (0) or locally administered (1)

8th bit: Unicast (0) or multicast (1)

Maps network addresses to data link layer addresses / resolves IPv4 addresses to MAC addresses. Entries in the ARP table are time stamped and can time out.

Entries are added by monitoring the traffic and adding source IP and MAC addresses of the incoming packets to the table. If no entry is found inside of the ARP table, then the node launches an ARP discovery process by sending an ARP broadcast request and receiving an ARP reply from the requested MAC addresses’ host. When a node receives a packet with a destination IP address where no cached entry for the MAC address can be found, the encapsulation of the IPv4 packet fails and the packet gets dropped.

IPv6 does not need ARP because it uses the Neighnor Discovery Protocol (NDP).

PC C sends a packet to 10.0.0.4, PC D responds. SW02 sends broadcast all switches receive C’s address SW02 and SW03 receive D’s address from the reply PC A sends a frame to dd:dd:dd:dd:dd:dd, PC D responds. SW01 sends broadcast SW02 & SW03 alread know D’s address SW01-SW03 receive A’s address PC B sends an ICMP ping to 10.0.0.4 PC B sends ARP request to find D’s MAC address all switches receive B’s address

1. PC A sends a broadcast: “Who has the IP 10.10.10.30?”
2. The ARP Request is flooded
3. The PC with the sought IP sends his ARP Reply “I have the IP, here is my MAC Address”. This is sent as a unicast because the Switch already knows PC A.
4. Now the PC A knows the MAC address of 10.10.10.30 and can send its Packet.

ARP has no validation if the sender of a frame is correct. ARP spoofing, also called ARP poisoning, refers to the method of inserting the wrong MAC address into ARP requests and responses by the node. An attacker can lead sent frames to the wrong destination and has the ability to read the traffic (MITM attack). Configuring static ARP entries is one way to prevent ARP spoofing.

• All devices connected to the switch ports form a broadcast domain
• All ports are full-duplex

When a switch gets a data packet, and it did not know the DA, it floods the information to all ports but the one where it received the data. (Unicast flooding)

When a switch gets a data packet, and already knows that the DA is on the same port as the SA, it filters the information and does not flood it, because the other switches do not need to know. This reduces traffic.

If the destination MAC address comes from another port within the switch, then the frame is sent to the identified port for transmission.

EtherChannel is a technology used in networking to group several physical Ethernet links into a single logical link. This approach increases bandwidth and provides redundancy.

IEEE specification (802.3ad) open-standard protocol for EtherChannel Configurations. It dynamically adds and manages ports in the EtherChannel.

The hashes created from source or destination IP addresses determine which link in the EtherChannel will carry the traffic.

LAN: all devices in the same broadcast domain

VLAN: Virtual separation of LAN on a switch

Reasons for using VLANs:

• To reduce CPU overhead on each device by reducing the number of devices that receive each broadcast frame
• To reduce security risks by reducing the number of hosts that receive copies of frames that the switches flood (broadcasts, multicasts, and unknown unicasts)
• To improve security for hosts that send sensitive data by keeping those hosts on a sepa- rate VLAN
• To create more flexible designs that group users by department, or by groups that work together, instead of by physical location
• To solve problems more quickly, because the failure domain for many problems is the same set of devices as those in the same broadcast domain
• To reduce the workload for the Spanning Tree Protocol (STP) by limiting a VLAN to a single access switch

With trunking, only a single cable is needed to carry traffic for all VLANs. VLAN trunking works by applying VLAN tagging, where the sending switch adds an extra header to each frame before sending it across the trunk link. This trunking header contains a VLAN Identifier (VLAN ID), allowing the receiving switch to determine the VLAN to which each frame belongs. Switch ports that are assigned to a single VLAN and carry traffic for only that VLAN are referred to as access ports. Ports that carry traffic for multiple VLANs using VLAN tagging are called trunk ports.

The standard of how to tag an ethernet frame in a trunk is defined in IEEE 802.1Q. 802.1Q inserts an extra 4 byte 802.1Q VLAN header into the original frame’s Ethernet header.

A router can be added to a switch using multiple VLANs. The cable from the switch to the router gets configured as a trunk. The router then can simply perform its usual routing logic between the subnets. This concept is called Router-on-a-Stick.

With the use of a switch with layer 3 capabilities, the need for a separate router is omitted, as the switch brings the ability for routing by itself. Routing can be turned on that switch and packets between the VLANs get routed.

cisco docs

Prevents loops in the network (eg. broadcast).

When the bridges in a network are powered up, each bridge functions as the STP root. The bridges send configuration BPDUs and compute the spanning-tree topology.

When a bridge receives a configuration BPDU that contains superior information (lower bridge ID, lower path cost, and so forth), it stores the information for that port. If this BPDU is received on the root port of the bridge, the bridge also forwards it with an updated message to all attached LANs for which it is the designated bridge.

If a bridge receives a configuration BPDU that contains inferior information to that currently stored for that port, it discards the BPDU.

1. Lowest root bridge ID (BID) – Determines the root bridge.
2. Lowest cost to the root bridge – Favors the upstream switch with the least cost to root
3. Lowest sender bridge ID – Serves as a tiebreaker if multiple upstream switches have equal cost to root

4. Lowest sender port ID – Serves as a tiebreaker if a switch has multiple (non-EtherChannel) links to a single upstream switch, where:

   • Bridge ID = priority (4 bits) + locally assigned system ID extension (12 bits) + ID [MAC address] (48 bits); the default bridge priority is 32,768, and
   • Port ID = priority (4 bits) + ID (Interface number) (12 bits); the default port priority is 128.

1. Identify the Root Bridge with the lowest BID (only one per network)
2. Identify link costs (per link)
3. Select root ports (1 per switch) with the lowest total cost to the Root Bridge
4. Select designated ports (1 per link)
5. Identify blocked ports (1 per redundant link)

1. Link goes down
2. Switch with changed link will send a BPDU of type Topology Change Notification (TCN) on its root port
3. Next switch in the hierarchy forwards the TCN to its root port and sends a configuration BPDU with the Topology Change Acknowledgement (TCA) flag set back to the previous bridge
4. As soon as root bridge receives TCN it sends a configuration BPDU with the TCA and Topology Change (TC) flags set
5. Root bridge continues to set TC flag on its configuration BPDUs for a duration of Max Age + Forward Delay (35s) and the other bridges forward them
6. As soon as a switch receives a BPDU with TC set, it shortens its MAC address aging timer to Forward Delay (15s)

RSTP provides significantly faster spanning tree convergence after a topology change, introducing new convergence behaviors and bridge port roles to accomplish this. While STP can take 30 to 50 seconds to respond to a topology change, RSTP is typically able to respond to changes within 3 * hello times (default: 3 * 2 seconds) or within a few milliseconds of a physical link failure.

Uses different MAC address.

Two or more adjacent channels within a given frequency band are combined to increase throughput between two or more wireless devices.

It is not possible to use CSMA/CD because we do not know if everyone receives everything. If there is a wall between to clients for example, the clients do not know if the other is sending at the same time.

Function which creates the backoff time for CSMA/CA. CTS, ACK and Block ACK (SIFS) have the highest priority and the shortest backoff time. PIFS have a middle priority and DIFS the lowest.

Listening Stations can mark the medium as busy with the Network Allocation Vector (NAV), while another station is sending.

Frame types:

Parameters that determine when a device should switch from one access point to another during movement. These might include:

Responsibilities

• Representing bits as physical signals (electrical voltage, light pulses, radio waves)
• Defining cables, connectors, modulation methods, and wireless frequencies
• Synchronization of transmitter and receiver
• Data rates and physical medium characteristics

Encoding converts the stream of bits into a format recognizable by the next device in the network path.

5.1.1.Manchester encoding Self-clocking 1 = Falling 0 = Rising Requires twice as much bandwitdth as binary encoding
5.1.2.RZ (Return-to-Zero) Self-clocking Refinement of NRZ
5.1.3.NRZ (Non-Return-to-Zero) Not self-clocking

Maps 8-bit words to 10-bit symbols – prevents too many zeros or ones in a row (relevant for NRZ).

• A value of 3 dB means that the power value of interest is double the reference value
• A value of −3 dB means the power value of interest is half the reference

• A value of 10 dB means that the power value of interest is 10 times the reference value
• A value of −10 dB means the power value of interest is 1/10 of the reference

Altering the carrier signal.

5.4.1.Eye Diagram An eye diagram results from superimposing the “0”s and “1”s of a high-speed digital data stream. An eye diagram shows a relative performance of the signal For a good transmission system, the eye opening should be as wide and open as possible Horizontal shift is called jitter, which can be caused by imprecise clocks

• Absorption by the fiber material
• Scattering of the light from the fiber

Fixes the dispersion.

Term Definition Re-amplifying Makes the analog signal stronger (i.e. makes the light brighter) Reshaping Restores the original pulse shape that is used to distinguish 1’s and 0’s. Retiming Restores the original timing between the pulses. Usually involves an Optical-Electric- Optical (O-E-O) conversion.

Term Definition Hertz (Hz) Number of cycles per second Bandwidth Width of frequency space required within the band Wavelength Measure of the physical distance that a wave travels over on cycle. Increases as the frequency decreases

In fiber glass, signals travel about 2/3 of the speed of light (200’000km/s).

The Time a Signal needs is calculated as follows:

Transmission power - Receiver sensitivity

Router> enable
Router# configure terminal
Router(config)#

Router> enable
Router# configure terminal
Router(config)#

Router(config)# interface GigabetEthernet 0/0/1
Router(config-if)# ip address 172.16.0.0 255.255.255.252
Router(config-if)# no shutdown
Router(config-if)# exit

Router(config)# interface GigabetEthernet 0/0/1
Router(config-if)# ip address 172.16.0.0 255.255.255.252
Router(config-if)# no shutdown
Router(config-if)# exit

Router(config)# interface GigabetEthernet 0/1/1
Router(config-if)# ip address dhcp
Router(config-if)# no shutdown
Router(config-if)# exit

Router(config)# interface GigabetEthernet 0/1/1
Router(config-if)# ip address dhcp
Router(config-if)# no shutdown
Router(config-if)# exit

Router(config)# do show ip interface brief
Router# show ip interface brief
Router# show ip interface GigabetEthernet 0/0/1

Router(config)# do show ip interface brief
Router# show ip interface brief
Router# show ip interface GigabetEthernet 0/0/1

Switch(config)# vlan 120
Switch(config-if)# name vlan-server
Switch(config-if)# exit

Switch(config)# vlan 120
Switch(config-if)# name vlan-server
Switch(config-if)# exit

Switch(config)# interface vlan 120
Switch(config-if)# ip address 10.120.0.10 255.255.255.0

Switch(config)# interface vlan 120
Switch(config-if)# ip address 10.120.0.10 255.255.255.0

Switch(config)# interface GigabitEthernet 0/0/1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 120
Switch(config-if)# exit
Switch(config)# interface GigabitEthernet 0/0/1-5
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 120
Switch(config-if)# exit

Switch(config)# interface GigabitEthernet 0/0/1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 120
Switch(config-if)# exit
Switch(config)# interface GigabitEthernet 0/0/1-5
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 120
Switch(config-if)# exit

Switch(config-if)# switchport mode trunk

Switch(config-if)# switchport mode trunk

Switch(config)# vtp domain ins
Switch(config)# vtp mode server

Switch(config)# vtp domain ins
Switch(config)# vtp mode server

Switch(config)# vtp domain ins
Switch(config)# vtp mode client

Switch(config)# vtp domain ins
Switch(config)# vtp mode client

Switch(config-if)# channel-group 5 mode active
Switch(config-if)# channel-group 5 mode passive

Switch(config-if)# channel-group 5 mode active
Switch(config-if)# channel-group 5 mode passive

Switch(config)# port-channel load-balance <strategy>

Switch(config)# port-channel load-balance <strategy>

Switch(config)# spanning-tree vlan 1 priority <priority>

Switch(config)# spanning-tree vlan 1 priority <priority>

Switch(config-if)# spanning-tree cost 100

Switch(config-if)# spanning-tree cost 100

Switch(config-if)# spanning-tree portfast

Switch(config-if)# spanning-tree portfast

Switch# show spanning-tree
Switch# show spanning-tree root

Switch# show spanning-tree
Switch# show spanning-tree root

Router(config-if)# ip route <destination_network_id> <subnet_mask> <next_hop_router> <adminitrative_distance>?
Router(config-if)# ip route 10.0.0.0 255.0.0.0 192.168.1.1

Router(config-if)# ip route <destination_network_id> <subnet_mask> <next_hop_router> <adminitrative_distance>?
Router(config-if)# ip route 10.0.0.0 255.0.0.0 192.168.1.1

Router(config-if)# ip route <ipv6_prefix> <outgoing_interface> <next-hop> <administrative_distance>?
Router(config-if)# ipv6 route 2001:db8:2103:a::/64 GigabitEthernet1/0/1 fe80::ba27:ebff:fea8:3e50

Router(config-if)# ip route <ipv6_prefix> <outgoing_interface> <next-hop> <administrative_distance>?
Router(config-if)# ipv6 route 2001:db8:2103:a::/64 GigabitEthernet1/0/1 fe80::ba27:ebff:fea8:3e50

Router(config)# router ospf <process-id>
Router(config-if)# ip ospf <process-id> area <area-nr>

Router(config)# router ospf <process-id>
Router(config-if)# ip ospf <process-id> area <area-nr>

Router(config)# ipv6 router ospf <process-id>
Router(config-if)# ipv6 ospf <process-id> area <area-nr>

Router(config)# ipv6 router ospf <process-id>
Router(config-if)# ipv6 ospf <process-id> area <area-nr>