Network Topology:
What is a Network Topology:
A topology – is the characteristic of a communication
network that is concern both with the physical configuration of the cabling
that is used to inter connect communicating system and the logical way in which
system view the structure of the network. Topology is the therefore physical or
logical arrangement of computers.
Factors to consider when selecting a Topology:
1. Cost – whatever transmission medium is chosen for a
Local Area Network has to be physically installed in the building, this maybe a
lengthy process including the installation cables and raceways. For a Network
to be cost effective one would strive to minimize installation cost. This may
be achieved by using the proper hardware linking the cables, good modems, cost
effective computers to reduced cost.
2. Flexibility – one of the main benefit of a local Area
Network is it ability to have the data processing and peripheral nodes
distributed around a given area. This means that the computing power and
equipment can be located close to the ultimate users. Because the
arrangements of furniture, internal walls etc in the offices is often subject
to change. The topology should allow for easy reconstruction of the network
which involves moving existing nodes and adding new nodes.
3. Reliability – The topology chosen for the network can
help by allowing the location of the fault to be detected and to provide some
means of isolating the faults.
Main Types of Network Topologies: In networking, the term
"topology" refers to the layout of connected devices on a network.
One can think of a topology as a network's virtual shape or structure. This
shape does not necessarily correspond to the actual physical layout of the
devices on the network. For example, the computers on a home LAN may be
arranged in a circle in a family room, but it would be highly unlikely to find
an actual ring topology there.
Network topologies are categorized into the following basic
types:
Bus Topology
Ring Topology
Star Topology
Tree Topology
Mesh Topology
Hybrid Topology
Bus Topology:
Bus topology is
one the easiest topologies to install, it does not require lots of cabling.
There are two most popular Ethernet cable types which are used in this topology
they are 10Base-2 and 10BaseT. Bus topology based networks works with very
limited devices. It performs fine as long as computer count remain with in 12 –
15, problems occurs when number of computer increases.
Bus topology uses one common cable (backbone) to connect
all devices in the network in linear shape. Network interface cards of all
network devices are attached to single communication medium backbone cable.
When any computer sends out message in the network it is broadcasted in the
entire network but only intended computer accepts the message and process it.
Bus topology provide simplicity to the network, however there is big
disadvantage of this topology, if main single network cable some how gets
damaged, it will shut down the entire network no computer will run on network
and no communication can be made among computers until backbone cable is
replaced.
Ring Topology:
Ring topology is one of the old ways of building computer
network design and it is pretty much obsolete. FDDI, SONET or Token Ring
technologies are used to build ring technology. It is not widely popular in
terms of usability but incase if you find it any where it will mostly be in
schools or office buildings. In ring network topology computers and other networking
devices are attached to each other in such a way that they have devices
adjacent to each other (Left and right side). All messages are travelled in the
same directory either clockwise or anticlockwise. In case of failure of any
device or cable the whole network will be down and communication will not be
possible.
Star Topology:
This is the most commonly used network topology design
you will come across in LAN computer networks. In Star, all computers are
connected to central device called hub, router or switches using Unshielded
Twisted Pair (UTP) or Shielded Twisted Pair cables.
In star topology, we require more connecting devices like
routers, cables unlike in bus topology where entire network is supported by
single backbone. The most practical point of Star topology success is that the
entire network does not go down incase of failure of a computer or cable or
device, it will only affect the computer whose wire failed rest of the network
will be working fine. However, incase of failure of central communication
device such as Hub, Router or Switch the entire network will collapse. Star
topology is widely used in homes, offices and in buildings because of its
commercial success.
Tree Topology:
A tree topology combines the characteristics of linear bus and star topology. In Tree topology, group of star networks are connected to the linear bus backbone. Tree topology enables the user to expand and configure the existing network depending on the requirements. Twisted pair cable is commonly used by tree topology. Tree topology is also called as hierarchical structure.A tree topology connects multiple star networks. According to the structure of star topology, all devices are connected to a central hub. There are multiple such hub devices which are connected directly to a tree bus. Thus, the hub is used as the root of the tree of number of devices. Tree networks thus may have branches that contain multiple devices connected point-to-point.
Signal from transmitting device first reaches the hub to which it is connected. Hub then directs this signal to tree bus which then travels along the entire network.Tree topology supports further expandability of the network as compared to bus and star topologies. In a bus topology, the number of devices is limited due to the broadcast traffic it generates. In star topology, the expansion of the network is limited due to less number of hub ports.
Mesh Topology:
Mesh topology is designed over the concept of routing.
Basically it uses router to choose the shortest distance for the destination.
In topologies like star, bus etc, message is broadcasted to entire network and
only intended computer accepts the message, but in mesh the message is only
sent to the destination computer which finds its route it self with the help of
router. Internet is based on mesh topology. Routers plays important role in
mesh topology, routers are responsible to route the message to its destination
address or computer. When every device is connected to every other device it is
known as full mesh topology and if every device is connected indirectly to each
other then it is called partial mesh topology.
Hybrid Topology:
Hybrid topology is a combination of different network topologies. It is also known as a Special Topology. This topology is useful for corporate offices to link their internal LANs together while adding external networks through Wide Area Networks (WANs). The commonly used combination of topologies is Star-Bus or Star-Ring. A star-bus network consists of two or more star topologies connected using a bus trunk. Whereas a tree topology, can be viewed as a collection of star networks arranged in a hierarchy. Here the function of the central node may be distributed unlike the star topology.
Hybrid topology is a network where two or more topologies are connected in such a way that the resulting network does not have one of the standard forms. This network is a combination of two or more topologies. . The ring network and bus network are connected to another network through point-to-point connection. Star topologies are connected using Multistation Access Unit (MAU) as a centralized hub. MAU connects network computers in a star topology. It has the ability to identify non-operating devices and maintain the structure of the network.
In hybrid topology, multiple physical topologies are combined to form one large network. Each topology has its own strengths and weakness. When different types of topologies are combined, their total strength improves the network performance.
OSI MODEL:
OSI model
define the functionality of digital network. OSI model divided in 7 parts or
layers and every part have different functionality. These 7 layers supporting different types of
protocols and every protocol have different functionality.
Protocol:
Protocol is a set of rules which decide how data will flow in the network and
every protocol is working on any specific port. Every protocol is travelling on
the TCP or UDP port no. of any protocol defined by TCP/UDP.
Device:
A device an equipment working with OSI layers and any device categorized by supporting
protocols which belonging to different layers.
PORT:
Port no. belongs to any protocol or process. In computer networking a port is
an application-specific or process-specific software construct serving as a
communications endpoint in a computer's host operating system. A port is
associated with an IP address of the host, as well as the type of protocol used
for communication. The protocols that primarily use the ports are the Transport
Layer protocols, such as the Transmission Control Protocol (TCP) and the User
Datagram Protocol (UDP) of the Internet Protocol Suite. A port is identified
for each address and protocol by a 16-bit number, commonly known as the port
number.
TCP UDP Port
Numbers:
There three port ranges defined by IETF IANA: The Well
Known Ports, the Registered Ports, and the Dynamic and/or Private Ports.
The Well Known Ports are those from 0 through 1023.
The Registered Ports are those from 1024 through 49151.
The Dynamic and/or Private Ports are those from 49152
through 65535
Partial TCP UDP Port Numbers Well-Known Ports
Port
No.
|
Protocol
|
Service Name
|
Aliases
|
Comment
|
7
|
TCP
|
echo
|
Echo
|
|
7
|
UDP
|
echo
|
Echo
|
|
9
|
TCP
|
discard
|
sink null
|
Discard
|
9
|
UDP
|
discard
|
sink null
|
Discard
|
13
|
TCP
|
daytime
|
Daytime
|
|
13
|
UDP
|
daytime
|
Daytime
|
|
17
|
TCP
|
qotd
|
quote
|
Quote of the day
|
17
|
UDP
|
qotd
|
quote
|
Quote of the day
|
19
|
TCP
|
chargen
|
ttytst source
|
Character generator
|
19
|
UDP
|
chargen
|
ttytst source
|
Character generator
|
20
|
TCP
|
ftp-data
|
File Transfer
|
|
21
|
TCP
|
ftp
|
FTP Control
|
|
23
|
TCP
|
telnet
|
Telnet
|
|
25
|
TCP
|
smtp
|
mail
|
Simple Mail Transfer
|
37
|
TCP
|
time
|
Time
|
|
37
|
UDP
|
time
|
Time
|
|
39
|
UDP
|
rlp
|
resource
|
Resource Location Protocol
|
42
|
TCP
|
nameserver
|
name
|
Host Name Server
|
42
|
UDP
|
nameserver
|
name
|
Host Name Server
|
43
|
TCP
|
nicname
|
whois
|
Who Is
|
53
|
TCP
|
domain
|
Domain Name
|
|
53
|
UDP
|
domain
|
Domain Name Server
|
|
67
|
UDP
|
bootps
|
dhcps
|
Bootstrap Protocol Server
|
68
|
UDP
|
bootpc
|
dhcpc
|
Bootstrap Protocol Client
|
69
|
UDP
|
tftp
|
Trivial File Transfer
|
|
70
|
TCP
|
gopher
|
Gopher
|
|
79
|
TCP
|
finger
|
Finger
|
|
80
|
TCP
|
http
|
www, http
|
World Wide Web
|
88
|
TCP
|
kerberos
|
krb5
|
Kerberos
|
88
|
UDP
|
kerberos
|
krb5
|
Kerberos
|
101
|
TCP
|
hostname
|
hostnames
|
NIC Host Name Server
|
102
|
TCP
|
iso-tsap
|
ISO-TSAP Class 0
|
|
107
|
TCP
|
rtelnet
|
Remote Telnet Service
|
|
109
|
TCP
|
pop2
|
postoffice
|
Post Office Protocol - Version 2
|
110
|
TCP
|
pop3
|
postoffice
|
Post Office Protocol - Version 3
|
111
|
TCP
|
sunrpc
|
rpcbind portmap
|
SUN Remote Procedure Call
|
111
|
UDP
|
sunrpc
|
rpcbind portmap
|
SUN Remote Procedure Call
|
113
|
TCP
|
auth
|
ident tap
|
Authentication Sevice
|
117
|
TCP
|
uucp-path
|
UUCP Path Service
|
|
119
|
TCP
|
nntp
|
usenet
|
Network News Transfer Protocol
|
123
|
UDP
|
ntp
|
Network Time Protocol
|
|
135
|
TCP
|
epmap
|
loc-srv
|
DCE endpoint resolution
|
135
|
UDP
|
epmap
|
loc-srv
|
DCE endpoint resolution
|
137
|
TCP
|
netbios-ns
|
nbname
|
NETBIOS Name Service
|
137
|
UDP
|
netbios-ns
|
nbname
|
NETBIOS Name Service
|
138
|
UDP
|
netbios-dgm
|
nbdatagram
|
NETBIOS Datagram Service
|
139
|
TCP
|
netbios-ssn
|
nbsession
|
NETBIOS Session Service
|
143
|
TCP
|
imap
|
imap4
|
Internet Message Access Protocol
|
158
|
TCP
|
pcmail-srv
|
repository
|
PC Mail Server
|
161
|
UDP
|
snmp
|
snmp
|
SNMP
|
162
|
UDP
|
snmptrap
|
snmp-trap
|
SNMP TRAP
|
170
|
TCP
|
print-srv
|
Network PostScript
|
|
179
|
TCP
|
bgp
|
Border Gateway Protocol
|
|
194
|
TCP
|
irc
|
Internet Relay Chat Protocol
|
|
213
|
UDP
|
ipx
|
IPX over IP
|
|
389
|
TCP
|
ldap
|
Lightweight Directory Access Protocol
|
|
443
|
TCP
|
https
|
MCom
|
|
443
|
UDP
|
https
|
MCom
|
|
445
|
TCP
|
Microsoft CIFS
|
||
445
|
UDP
|
Microsoft CIFS
|
||
464
|
TCP
|
kpasswd
|
Kerberos (v5)
|
|
464
|
UDP
|
kpasswd
|
Kerberos (v5)
|
|
500
|
UDP
|
isakmp
|
ike
|
Internet Key Exchange (IPSec)
|
512
|
TCP
|
exec
|
Remote Process Execution
|
|
512
|
UDP
|
biff
|
comsat
|
Notifies users of new mail
|
513
|
TCP
|
login
|
Remote Login
|
|
513
|
UDP
|
who
|
whod
|
Database of who's logged on, average load
|
514
|
TCP
|
cmd
|
shell
|
Automatic Authentication
|
514
|
UDP
|
syslog
|
||
515
|
TCP
|
printer
|
spooler
|
Listens for incoming connections
|
517
|
UDP
|
talk
|
Establishes TCP Connection
|
|
518
|
UDP
|
ntalk
|
||
520
|
TCP
|
efs
|
Extended File Name Server
|
|
520
|
UDP
|
router
|
router routed
|
RIPv.1, RIPv.2
|
525
|
UDP
|
timed
|
timeserver
|
Timeserver
|
526
|
TCP
|
tempo
|
newdate
|
Newdate
|
530
|
TCP,UDP
|
courier
|
rpc
|
RPC
|
531
|
TCP
|
conference
|
chat
|
IRC Chat
|
532
|
TCP
|
netnews
|
readnews
|
Readnews
|
533
|
UDP
|
netwall
|
For emergency broadcasts
|
|
540
|
TCP
|
uucp
|
uucpd
|
Uucpd
|
543
|
TCP
|
klogin
|
Kerberos login
|
|
544
|
TCP
|
kshell
|
krcmd
|
Kerberos remote shell
|
550
|
UDP
|
new-rwho
|
new-who
|
New-who
|
556
|
TCP
|
remotefs
|
rfs rfs_server
|
Rfs Server
|
560
|
UDP
|
rmonitor
|
rmonitord
|
Rmonitor
|
561
|
UDP
|
monitor
|
||
636
|
TCP
|
ldaps
|
sldap
|
LDAP over TLS/SSL
|
749
|
TCP
|
kerberos-adm
|
Kerberos administration
|
|
749
|
UDP
|
kerberos-adm
|
Kerberos administration
|
OSI MODEL
LAYERS
|
PROTOCOLS
|
||||||
|
(WORKING ON DATA): closest layer to end user it is
doing Network process for application
|
NNTP (network new transfer protocol) : It is used for
transforming use net news articles b/w news servers and for reading and posting
article by end user client application. It uses tcp port no 119. NNTP servers manage the global network of
collected Usenet newsgroups and include the server at your Internet access
provider. An NNTP client is included as part of a Netscape, Internet Explorer,
Opera, or other Web browser or you may use a separate client program called a
newsreader.
SIP (Session Initial Protocols) : SIP is a signaling
protocol used to create, manage and terminate sessions in an IP based network.
A session could be a simple two-way telephone call or it could be a
collaborative multi-media conference session. This makes possible to implement
services like voice-enriched e-commerce, web page click-to-dial or Instant Messaging in an IP based
environment. The protocol can be used for creating, modifying and terminating
two-party or multiparty sessions. Sessions may consist of one or several media
streams. Port uses tcp udp 5060.
Other SIP applications include video conferencing,
streaming multimedia distribution, instant messaging, presence information,
file transfer and online games. The SIP protocol is an Application Layer
protocol designed to be independent of the underlying Transport Layer; it can
run on Transmission Control Protocol (TCP), User Datagram Protocol (UDP), or
Stream Control Transmission Protocol (SCTP). It is a text-based protocol,
incorporating many elements of the Hypertext Transfer Protocol (HTTP) and the
Simple Mail Transfer Protocol (SMTP)
SSI (Simple sensor interface protocol): SSI protocol is a
simple communications protocol designed
for data transfer between computers or user terminals and smart sensors.It is
used in point-to-point communications over UART(Universal Asynchronous
Receiver/Transmitter: is a type of "asynchronous
receiver/transmitter", a piece of computer hardware that translates data
between parallel and serial forms.) and networking nano IP applications. SSI also
provides polling sensors and streaming sensor data.
DNS(Domain name system): translate domain name to ip and
ip to domain name It uses tcp udp port 53
FTP: FTP allows the remote user to navigate the server's
file structure and upload and download over tcp based network. Ftp is based on
client server architecture. It uses tcp port 20-data, 21-control.
TFTP (The Trivial File Transfer Protocol): TFTP is a
simplified alternative to FTP that provides no authentication and is most often
used to transfer configurations to and from network devices. PORT UDP 69
secure FTP: protocol uses the Secure Shell (SSH) protocol to encrypt standard FTP communications and provide confidentiality in transit. FTP and TFTP are inherently insecure protocols. They do not use encryption. Uses TCP UDP PORT NO 22 SSH (SCP, SFTP)
Secure Shell (SSH): is a network protocol for secure data
communication, remote shell services or command execution and other secure
network services between two networked computers that it connects via a secure
channel over an insecure network:
It was designed as a replacement for Telnet, ftp and
other insecure remote shell protocols which working on client server model,.
The encryption used by SSH is intended to provide confidentiality and integrity
of data over an unsecured network, such as the Internet. SSH uses the
client-server model.
Gopher :Gopher combines document hierarchies with
collections of services, including WAIS, the Archie and Veronica search
engines, and gateways to other information systems such as FTP and Usenet. Port
tcp 70
HTTP : It is a distributive collaborative hypermedia
information system. It functions as request response protocol in client server
communication model. It uses tcp udp port 80
HTTPS: HTTPS provides secure communication mechanisms
between an HTTP client-server pair in order to enable spontaneous commercial
transactions for a wide range of applications. HTTPS provides a flexible
protocol that supports multiple orthogonal operation modes, key management
mechanisms, trust models, cryptographic algorithms and encapsulation formats
through option negotiation between parties for each transaction. Port TCP 443
NTP : It synchronizing the clock of computer system. Port
udp 123
SMTP : It use for electrical mail transmission across ip
network. It is specified for outgoing mail and it uses tcp port 25, Secure SMTP
(SSMTP) - port 465
POP3: The Post Office Protocol version 3 (POP3) is
intended to permit a workstation to
dynamically access a mail drop on a server host. It is usually used to
allow a workstation to retrieve mail that the server is holding for it. POP3 -
port 110 TCP, Secure POP3 (SSL-POP) - port 995
IMAP4: The Internet Message Access Protocol, Version 4
allows a client to access and manipulate electronic mail messages on a server.
IMAP4 permits manipulation of remote message folders, called mailboxes, in a
way that is functionally equivalent to local mailboxes. IMAP4 also provides the
capability for an offline client to resynchronize with the server.
IMAP - port 143 TCP, IMAP4 over SSL (IMAPS) - port 993
TCP
ISAKMP: (Internet Security Association and Key Management
Protocol): ISAKMP works with IPsec to make VPNs more scalable. It defines
procedures and packet formats to establish, negotiate, modify and delete Security
Associations (SA). SA contain all the information required for execution of
various network security services, such as the IP layer services transport or
application layer services, or self-protection of negotiation traffic. ISAKMP
defines the procedures for authenticating a communicating peer, creation and
management of Security Associations, key generation techniques, and threat
mitigation. ISAKMP is typically utilized by IKE for key exchange. Port UDP 500
RLOGIN (Remote LOGIN): RLOGIN allows to UNIX users of one
machine to connect to other UNIX systems across an Internet and interact as if
their terminals are directly connected to the machines. This protocol offers
essentially the same services as TELNET. TCP port 513
SNMP (Simple Network Management Protocol): SNMP is an
"Internet-standard protocol for managing devices on IP networks. Devices
that typically support SNMP include routers, switches, servers, workstations,
printers, modem racks, and more. It is
used mostly in network management systems to monitor network-attached devices
for conditions that warrant administrative attention. It consists of a set of
standards for network management, including an application layer protocol, a
database schema, and a set of data objects SNMP exposes management data in the
form of variables on the managed systems, which describe the system
configuration. These variables can then be queried (and sometimes set) by
managing applications. The protocol also permits active management tasks, such
as modifying and applying a new configuration .SNMP exposed the data with the
help of agent The agent is the software on the network element that runs the
network management software. Management software will poll the various network
devices and get the information stored in them. The manager uses UDP port 61 to
send requests to the agent and the agent uses UDP port 62 to send replies or
messages to the manager. The manager can ask for data from the agent or set
variable values in the agent. Agents can reply and report events.
SNMP collects information two ways:
1-The devices on the network are polled by management
stations.
2-Devices send alerts to SNMP management stations. The
public community may be added to the alert list so all management stations will
receive the alert.
An SNMP-managed network consists of following key
components
Managed device- managed device is a network node that
implements an SNMP interface that allows unidirectional (read-only) or
bidirectional access to node-specific information. Managed devices exchange
node-specific information with the NMSs type of device, including, but not
limited to, routers, access servers, switches, bridges
Trap - An alert that is sent to a management station by
agents.
Agent - A program at devices that can be set to watch for
some event and send a trap message to a management station if the event occurs.
An agent has local knowledge of management information and translates that
information to or from an SNMP specific form.
Network management system (NMS)- executes applications
that monitor and control managed devices.
SNMP Communities:
An SNMP community is the group that devices and
management stations running SNMP belong to. It helps define where information
is sent. The community name is used to identify the group. A SNMP device or
agent may belong to more than one SNMP community. It will not respond to
requests from management stations that do not belong to one of its communities.
SNMP default communities are:
Write = private
Read = public
SNMP Versions
Cisco IOS software supports the following versions of
SNMP:
SNMPv1—Security is based on community strings. Version 1
has been criticized for its poor security. Authentication of clients is
performed only by a "community string", in effect a type of password,
which is transmitted in clear text.
SNMPv2c— The community-string based Administrative
Framework for SNMPv2. SNMPv2c (the "c" stands for
"community") is an update of the protocol operations and data types
of SNMPv2p (SNMPv2 Classic), and uses the community-based security model of
SNMPv1.
SNMPv3—SNMPv3 provides secure access to devices by a
combination of authenticating and encrypting packets over the network.
The security features provided in SNMPv3 are as follows:
–Message integrity—Ensuring that a packet has not been
tampered with in transit.
–Authentication—Determining that the message is from a
valid source.
–Encryption—Scrambling the contents of a packet prevent
it from being learned by an unauthorized source.
Telnet : It provides a bidirectional interactive text
oriented communication facility using a virtual terminal connection.it uses tcp
port 23
Netconf : It provides mechanisms to install, manipulate,
and delete the configuration of network devices.
TACACS+: TACACS+ is a protocol providing access control
for routers, network access servers and other networked computing devices via
one or more centralized servers. TACACS+ provides separate authentication,
authorization and accounting services. Port TCP UDP 49 TACACS allows a client
to accept a username and password and send a query to a TACACS authentication
server. TACACS+ offers multiprotocol support, such as IP and AppleTalk. Normal
operation fully encrypts the body of the packet for more secure communications.
It is a Cisco proprietary enhancement to the original TACACS protocol.
Radius (Remote Authentication Dial In User Service) :
RADIUS is a networking protocol that provides centralised Authentication,
Authorisation, and Accounting (AAA) management for computers to connect and use
a network service. RADIUS is a client/server protocol that runs in the
application layer, using UDP as transport. RADIUS serves doing three functions:
1- authenticate users or devices before granting them
access to a network,
2- authorize those users or devices for certain network
services
3-account for usage of those services.
PORT TCP UDP 1812 Authentication, TCP UDP 1813
Accounting.
RTSP: (Real-Time Streaming Protocol):RTSP is a network
control protocol designed for use in entertainment and communications systems
to control streaming media servers. The protocol is used for establishing and
controlling media sessions between end points. Clients of media servers issue
VCR-like commands, such as play and pause, to facilitate real-time control
(on-demand delivery) of playback of media files (audio, video). Sources of data
can include both live data feeds and stored clips. The transmission of
streaming data itself is not a task of the RTSP protocol. Most RTSP servers use
the Real-time Transport Protocol (RTP) in conjunction with Real-time Control
Protocol (RTCP) for media stream delivery. Port TCP UDP 554
SMB: Server Message Block (SMB), also known as Common
Internet File System (CIFS, /ˈsɪfs/) operates as an application-layer network
protocol mainly used for providing shared access to files, printers, serial
ports, and miscellaneous communications between nodes on a network. It also
provides an authenticated inter-process communication mechanism. Most usage of
SMB involves computers running Microsoft Windows, where it was known as
"Microsoft Windows Network" before the subsequent introduction of
Active Directory. Corresponding Windows services are the "Server
Service" (for the server component) and "Workstation Service"
(for the client component).
The Server Message Block protocol can run atop the
Session (and lower) network layers in several ways:
-directly over TCP, port 445;
- via the NetBIOS API, which in turn can run on several
transports:
- on UDP ports 137, 138 & amp; TCP ports
137, 139 see NetBIOS over TCP/IP;
- on several
legacy protocols such as NBF (incorrectly referred to as NetBEUI).
SMB was originally designed to run on top of the
NetBIOS/NetBEUI API (typically implemented with NBF, NetBIOS over IPX/SPX, or NBT).
Since Windows 2000, SMB runs, by default, with a thin layer, similar to the
Session Message packet of NBT's Session Service, on top of TCP, using TCP port
445 rather than TCP port 139 — a feature known as "direct host SMB"
|
||||||
|
(WORKING ON DATA):
Data representation, encryption and decryption, convert machine dependent
data to machine independent data
|
MIME (Multipurpose internet mail extensions): It extends
the format of emails. MIME defines mechanisms for sending other kinds of
information in e-mail such as files containing images, sounds, movies, and
computer programs
XDR (External data representation): XDR is a standard
data serialization format, for uses such as computer network protocols. It
allows data to be transferred between different kinds of computer systems.
Converting from the local representation to XDR is called encoding. Converting
from XDR to the local representation is called decoding. XDR is implemented as
a software library of functions which is portable between different operating
systems and is also independent of the transport layer. It allows data to be
wrapped in an architecture independent manner. XDR uses a base unit of 4 bytes,
serialized in big-endian(In computing, the term endian or endianness refers to
the ordering of individually addressable sub-components within the
representation of a larger data item as stored in external memory) order;
smaller data types still occupy four bytes each after encoding. Variable-length
types like string and opaque are padded to a total divisible by four bytes.
TLS/ SSL (Secure socket layer/ Transport layer security):
IT is a cryptography protocol that provides communication security over
internet. TLS and SSL encrypt the segment of network connection above transport
layer using symmetric cryptography.
A popular implementation of public-key encryption is the
Secure Sockets Layer (SSL). Originally developed by Netscape, SSL is an
Internet security protocol used by Internet browsers and Web servers to
transmit sensitive information. SSL has become part of an overall security
protocol known as Transport Layer Security (TLS).
In your browser, you can tell when you are using a secure
protocol, such as TLS, in a couple of different ways. You will notice that the
"http" in the address line is replaced with "https," and
you should see a small padlock in the status bar at the bottom of the browser
window.
TLS and its predecessor SSL make significant use of
certificate authorities. Once your browser requests a secure page and adds the
"s" onto "http," the browser sends out the public key and
the certificate, checking three things: 1) that the certificate comes from a
trusted party; 2) that the certificate is currently valid; and 3) that the
certificate has a relationship with the site from which it's coming.
The browser then uses the public key to encrypt a
randomly selected symmetric key. Public-key encryption takes a lot of
computing, so most systems use a combination of public-key and symmetric key
encryption. When two computers initiate a secure session, one computer creates
a symmetric key and sends it to the other computer using public-key encryption. The two computers can then
communicate using symmetric-key encryption. Once the session is finished, each
computer discards the symmetric key used for that session. Any additional
sessions require that a new symmetric key be created, and the process is
repeated.
|
||||||
|
(WORKING ON DATA): Session
layer establishes, manages, and terminate communication session b/w different
network devices (sometimes called the "port layer")
|
NetBIOS : It allowing applications on separate computers to communicate over a local area network. Port uses tcp udp for NetBIOS Name Service137 (for name registration and resolution.), NetBIOS Datagram Service138(Datagram distribution service for connectionless communication.) and Session 139 (for connection-oriented communication.)
NetBIOS is used in Ethernet and Token Ring networks and,
included as part of NetBIOS Extended User Interface (NetBEUI), in recent
Microsoft Windows operating systems. It does not in itself support a routing
mechanism so applications communicating on a wide area network (WAN) must use
another "transport mechanism" (such as Transmission Control Protocol)
rather than or in addition to NetBIOS.
NetBIOS frees the application from having to understand
the details of the network, including error recovery (in session mode). A
NetBIOS request is provided in the form of a Network Control Block (NCB) which,
among other things, specifies a message location and the name of a destination.
NetBIOS provides the session and transport services
described in the Open Systems Interconnection model. However, it does not
provide a standard frame or data format for transmission. A standard frame
format is provided by NetBUI.
NetBIOS provides two communication modes: session or
datagram. Session mode lets two computers establish a connection for a
"conversation," allows larger messages to be handled, and provides
error detection and recovery. Datagram mode is "connectionless" (each
message is sent independently), messages must be smaller, and the application
is responsible for error detection and recovery. Datagram mode also supports
the broadcast of a message to every computer on the LAN.
iSCSI: The iSCSI (Small Computer Systems Interface) protocol is a mapping of the SCSI remote procedure invocation model over the TCP protocol. SCSI commands are carried by iSCSI requests and SCSI responses and status are carried by iSCSI responses. iSCSI also uses the request response mechanism for iSCSI protocol mechanisms. Port TCP 860 LDAP: The LDAP (Lightweight Directory Access Protocol.) LDAP, is an Internet protocol that email and other directory services like telephone directory use to look up information from a server. Every email program has a personal address book, but how do you look up an address for someone who's never sent you email? How can an organization keep one centralized up-to-date phone book that everybody has access to? "LDAP-aware" client programs can ask LDAP servers to look up entries in a wide variety of ways. LDAP servers index all the data in their entries, and "filters" may be used to select just the person or group you want, and return just the information you want. LDAP is not limited to contact information, or even information about people. LDAP is used to look up encryption certificates, pointers to printers and other services on a network, and provide "single signon" where one password for a user is shared between many services. LDAP is appropriate for any kind of directory-like information, where fast lookups and less-frequent updates are the norm. LDAP also defines: Permissions, set by the administrator to allow only certain people to access the LDAP database, and optionally keep certain data private. Schema: a way to describe the format and attributes of data in the server. Port TCP UDP 389 SMB: Server Message Block (SMB), also known as Common Internet File System (CIFS, /ˈsɪfs/) operates as an application-layer network protocol mainly used for providing shared access to files, printers, serial ports, and miscellaneous communications between nodes on a network. It also provides an authenticated inter-process communication mechanism. Most usage of SMB involves computers running Microsoft Windows, where it was known as "Microsoft Windows Network" before the subsequent introduction of Active Directory. Corresponding Windows services are the "Server Service" (for the server component) and "Workstation Service" (for the client component). Port 445 TCP. SPDY: The goal of SPDY is to reduce web page load time. This is achieved by prioritizing and multiplexing the transfer of several files so that only one connection per client is required. SAP (Session announcement protocol): It is a protocol for broadcasting multicast session information. Port 3299 TCP (sap router) NAMED PIPE: A named pipe is system-persistent and exists beyond the life of the process and must be deleted once it is no longer being used. Processes generally attach to the named pipe (usually appearing as a file) to perform inter-process communication (IPC).
BGMP (Border Gateway Multicast Protocol): BGMP is a
protocol for inter-domain multicast routing
to build shared trees of active multicast groups. BGMP natively supports
"source-specific multicast" (SSM). To also support "any-source
multicast" (ASM), BGMP builds shared trees for active multicast groups,
and allows domains to build source-specific, inter-domain, distribution
branches where needed. Building upon
concepts from PIM-SM (Protocol Independent Multicast-Sparse Mode (PIM-SM) is a
protocol for efficiently routing to multicast groups that may span wide-area
(WAN and inter-domain) internets. PIM-SM is not dependent on any particular
unicast routing protocol, and is designed to support sparse groups. PIM-SM uses
the traditional IP multicast model of receiver-initiated membership, supports
both shared and shortest-path trees, and uses soft-state mechanisms to adapt to
changing network conditions. PIM-SM can use the route information that any
routing protocol enters into the multicast Routing Information Base (RIB).
Examples of these routing protocols include unicast protocols such as the
Routing Information Protocol (RIP) and Open Shortest Path First (OSPF), but
multicast protocols that populate the routing tables - such as the Distance
Vector Multicast Routing Protocol (DVMRP) - can also be used.) and CBT(Core
Base Tree is a multicast routing architecture that builds a single delivery
tree per group which is shared by all of the group's senders and receivers.
Most multicast algorithms build one multicast tree per sender (subnetwork), the
tree being rooted at the sender's subnetwork. The primary advantage of the
shared tree approach is that it typically offers more favourable scaling
characteristics than all other multicast algorithms. The CBT protocol is a
network layer multicast routing protocol that builds and maintains a shared
delivery tree for a multicast group. The sending and receiving of multicast
data by hosts on a subnetwork conforms to the traditional IP multicast service
model.), BGMP requires that each global multicast group be associated with a
single root. However, in BGMP, the root is an entire exchange or domain, rather
than a single router.
For non-source-specific groups, BGMP assumes that ranges
of the multicast address space have been associated with selected domains. Each
such domain then becomes the root of the shared domain-trees for all groups in
its range. An address allocator will generally achieve better distribution
trees if it takes its multicast addresses from its own domain's part of the
space, thereby causing the root domain to be local.
BGMP uses TCP as its transport protocol. This eliminates
the need to implement message fragmentation, retransmission, acknowledgement,
and sequencing. BGMP uses TCP port 264 for establishing its connections. This
port is distinct from BGP 's port to provide protocol independence, and to
facilitate distinguishing between protocol packets. Two BGMP peers form a TCP
connection between one another, and exchange messages to open and confirm the
connection parameters. They then send incremental Join/Prune Updates as group
memberships change. BGMP does not require periodic refresh of individual
entries. KeepAlive messages are sent periodically to ensure the liveness of the
connection. Notification messages are sent in response to errors or special
conditions. If a connection encounters an error condition, a notification
message is sent and the connection is closed if the error is a fatal one.
Length - The total length of the message including the
header in octets. It allows one to locate in the transport-level stream the
start of the next message.
Type - The type code of the message. The following type codes are available:
1 OPEN; 2 UPDATE; 3NOTIFICATION;4KEEPALIVE
After a transport protocol connection is established,
the first message sent by each side is an OPEN message. If the OPEN message
is acceptable, a KEEPALIVE message confirming the OPEN is sent back. Once the
OPEN is confirmed, UPDATE, KEEPALIVE, and NOTIFICATION messages may be
exchanged.
|
||||||
TCP: TCP is a connection oriented protocol its provides reliable transmission, efficient
flow control and multiplexing from a program on one computer to another
program on another computer.
UDP: It is connectionless
protocol and it’s adding no reliability flow control or error recovery
function like TCP. Because UDP contain fewer bytes and consume less network
overhead than TCP. UDP is useful when reliability is necessary such as in
case higher layer protocol might provide error recovery and flow control. UDP
uses in Network file system, SNMP, DNS, TFTP.
Mobile IP: The Mobile IP protocol enables nodes to move
from one IP subnet to another. Each mobile node is always identified by its
home address, regardless of its current point of attachment to the Internet.
While situated away from its home, a mobile node is also associated with a
care-of address, which provides information about its current point of
attachment to the Internet. The protocol allows registration of the care-of
address with a home agent. The home agent sends datagrams destined for the
mobile node through a tunnel to the care-of address. After arriving at
the end of the tunnel, each datagram is then delivered to the mobile node. It
can be used for mobility across both homogeneous and heterogeneous media.
Mobile IP defines a set of new control messages, sent with UDP, Registration
Request and Registration Reply.
The IP packet consists of the IP source and destination
addresses, followed by the UDP source and destination ports, followed by the
Mobile IP fields. Mobile IP packets can be either registration request or
registration reply.
SPX: IPX and SPX both provide connection services similar
to TCP/IP, with the IPX protocol having similarities to IP, and SPX having
similarities to TCP . IPX is network layer protocol while spx is is a transport
layer protocol. SPX sits on the top of ipx and provide connection oriented
service b/w two nodes on the network. Spx primarily by client server
application.
DCCP: (data gram congestion control protocol): DCCP is a
message-oriented Transport Layer protocol. DCCP implements reliable connection
setup, teardown, Explicit Congestion Notification (ECN), congestion control,
and feature negotiation. DCCP provides a way to gain access to congestion
control mechanisms without having to implement them at the Application layer.
SCTP: (Stream control protocol): It is serving a similer
role like tcp and udp it provide the same services and and feature of both. It
is message oriented like udp and ensures reliable, in-sequence transport of
messages with congestion control like TCP.
Authentication Header: Authentication Header (AH)
is a member of the IPsec protocol suite. Ah provide connectionless integrity
and data origin authentication for IP datagrams and provides protection against
replay attacks.
-Encapsulating Security Payloads (ESP) provide
confidentiality, data-origin authentication, connectionless integrity, an
anti-replay service (a form of partial sequence integrity), and limited
traffic-flow confidentiality.
AH operates directly on top of IP, using IP protocol
number 51
Encapsulating Security Payload: ESP is a member of the IPsec
protocol suite. ESP provide confidentiality, data-origin authentication,
connectionless integrity, an anti-replay service (a form of partial sequence
integrity), and limited traffic-flow confidentiality.using IP protocol number
50
Generic Routing Encapsulation: GRE or IP tunneling (IP
encapsulation) is a technique that allows datagrams to be encapsulated into IP
packets and then redirected to an intermediate host. At this intermediate
destination, the datagrams are encapsulated and then routed to the next leg.
GRE tunnels are designed to be completely stateless. This means that each
tunnel end-point does not keep any information about the state or availability
of the remote tunnel end-point. A consequence of this is that the local tunnel
end-point router does not have the ability to bring the line protocol of the
GRE tunnel interface down if the remote end-point is unreachable. In such a
case, a network administrator can manually bring the interface down in order to
remove any routes (specifically static routes) in the routing table that use
that interface as the outbound interface. This allows for an alternate route
with a higher metric (where a higher metric means a lower priority) or for
policy-based routing (PBR) to select an alternate next-hop or interface.
Normally, a GRE tunnel interface comes up as soon as it
is configured and it stays up as long as there is a valid tunnel source address
or interface which is up. The tunnel destination IP address must also be
routable, which is true even if the other side of the tunnel has not been
configured. This means that a static route or PBR forwarding of packets via the
GRE tunnel interface remains in effect even though the GRE tunnel packets do
not reach the other end of the tunnel.
Example uses
In conjunction with PPTP to create VPNs.
In conjunction with IPsec VPNs to allow passing of
routing information between connected networks.
In Mobility protocols.
|
|||||||
|
(WORKING ON
IP):
Path determination and logical addressing
|
IP (IPv4, IPv6) : It has the task of delivering datagrams
from the source host to the destination host solely based on their addresses.
For this purpose, IP defines addressing methods and structures for datagram
encapsulation.
ICMP(Internet
control message protocol): It is chiefly used by the operating systems of
networked computers to send error messages indicating for example destination
host not reachable, request time out, echo request and router advertisement
through IDRP (ICMP router discovery protocol). ICMP can also be used to relay
query messages.
IPsec: IP sec used
for securing ip communication by authenticating each ip packet of a
communication session. IP sec is an end to end security scheme.
Security architecture
The IPsec suite is an open standard. IPsec uses the
following protocols to perform various functions:
-Authentication Headers (AH) provide connectionless
integrity and data origin authentication for IP datagrams and provides
protection against replay attacks.
-Encapsulating Security Payloads (ESP) provide
confidentiality, data-origin authentication, connectionless integrity, an
anti-replay service (a form of partial sequence integrity), and limited
traffic-flow confidentiality.
-Security Associations (SA) provide the bundle of algorithms
and data that provide the parameters necessary to operate the AH and/or ESP
operations. ISAKMP provides a framework for authentication and key exchange,
with actual authenticated keying material provided either by manual
configuration with pre-shared keys, Internet Key Exchange (IKE and IKEv2),
Kerberized Internet Negotiation of Keys (KINK), or IPSECKEY DNS records.
IGMP (Internet
group management protocol): It is communication protocol used by host and
adjacent router on ip network to establish multicast group membership. IGMP is
a integral part of ip multicast specification. IGMP can be used for online
streaming, video and gaming.
IPX : IPX/SPX protocol supported by Novell Netware
network os. IPX/SPX work like TCP/IP.
AppleTalk: IT is now unsupported with the release of Mac
OS X v10.6 in 2009 in favor of TCP/IP
Neighbor Discovery Protocol: NDP is a protocol in the
Internet Protocol Suite used with IPv6. It is responsible for address auto
configuration of nodes, discovery of other nodes on the link, determining the
Link Layer addresses of other nodes, duplicate address detection, finding available routers and
Domain Name System (DNS) servers, address prefix discovery, and maintaining
reachability information about the paths to other active neighbor nodes. The
protocol defines five different ICMPv6 packet types to perform functions for
IPv6 similar to the Address Resolution Protocol (ARP) and Internet Control
Message Protocol (ICMP) Router Discovery and Router Redirect protocols for
IPv4.
CLNS: CLNS is an abbreviation of Connectionless Network
Service.
It is an OSI Network Layer service that (unlike CONS)
does not require a circuit to be established before data is transmitted. CLNS
routes messages to their destinations independently of any other messages.
In an OSI protocol deployment, CLNS would be the service
provided by CLNP (Connectionless Network Protocol) and used by TP4 (Transport
Protocol Class 4). However CLNP is not used on the Internet, instead its
function is provided by IP. CLNP is still widely used today in many
telecommunications networks around the world. This is because IS-IS (an OSI
layer 3 protocol) is mandated by the ITU-T as the protocol for management of
the SDH (Synchronous Digital Hierarchy) elements.
Gateway Discovery Protocol: Cisco protocol that allows
hosts to dynamically detect the addition of new routers to a network. It also
enables the host to determine when a router goes down. Gateway Discovery
Protocol (GDP) is based on User Datagram Protocol (UDP).
VRRP: (The Virtual Router Redundancy Protocol): VRRP This
increases the availability and reliability of routing paths via automatic
default gateway selections on an IP subnetwork. The protocol achieves this by
creation of virtual routers, which are an abstract representation of multiple
router, i.e. master and backup routers, acting as a group. The default gateway
of a participating host is assigned to the virtual router instead of a physical
router. If the physical router that is routing packets on behalf of the virtual
router fails, another physical router is selected to automatically replace it.
The physical router that is forwarding packets at any given time is called the
master router. VRRP provides information on the state of a router, not the routes
processed and exchanged by that router. Each VRRP instance is limited, in
scope, to a single subnet. It does not advertise IP routes beyond that subnet
or affect the routing table in any way. VRRP can be used in Ethernet, MPLS and
token ring networks with Internet Protocol Version 4 (IPv4), as well as IPv6.
VRRP redundancy scheme is VRRP router priority. Priority
determines the role that each VRRP router plays and what happens if the virtual
router master fails.
Ascending priority router (higher number value) will
become the master router.
DVMRP: Distance Vector Multicast Routing Protocol (DVMRP)
is an Internet routing protocol that provides an efficient mechanism for
connectionless datagram delivery to a group of hosts across an internetwork. It
is a distributed protocol that dynamically generates IP multicast delivery
trees using a technique called Reverse Path Multicasting
|
||||||
|
(WORKING ON
FRAME):
Physical addressing . The data link layer divide into two sublayers are LLC
and DLC
Data Link Layer Functions
Logical Link Control (LLC): Logical link
control refers to the functions required for the establishment and control of
logical links between local devices on a network. As mentioned above, this is
usually considered a DLL sublayer; it provides services to the network layer
above it and hides the rest of the details of the data link layer to allow
different technologies to work seamlessly with the higher layers. Most local
area networking technologies use the IEEE 802.2 LLC protocol.
Media Access Control (MAC): This refers to
the procedures used by devices to control access to the network medium. Since
many networks use a shared medium (such as a single network cable, or a
series of cables that are electrically connected into a single virtual
medium) it is necessary to have rules for managing the medium to avoid
conflicts. For example. Ethernet uses the CSMA/CD method of media access
control, while Token Ring uses token passing.
Data Framing: The data link layer is
responsible for the final encapsulation of higher-level messages into frames that
are sent over the network at the physical layer.
Addressing: The data link layer is the
lowest layer in the OSI model that is concerned with addressing: labeling
information with a particular destination location. Each device on a network
has a unique number, usually called a hardware address or MAC
address, that is used by the data link layer protocol to ensure that data
intended for a specific machine gets to it properly.
Error Detection and Handling: The data link
layer handles errors that occur at the lower levels of the network stack. For
example, a cyclic redundancy check (CRC) field is often employed to allow the
station receiving data to detect if it was received correctly.
|
FDDI: (FDDI) specifies a 100-Mbps token-passing,
dual-ring LAN using fiber-optic cable. FDDI is frequently used as high-speed backbone
technology because of its support for high bandwidth and greater distances than
copper.
LLDP(Link Layer Discovery Protocol) :used by network
devices for advertising their identity, capabilities, and neighbors on a IEEE
802 local area network, principally wired Ethernet.
Point-to-Point Protocol: (PPP) is a data link protocol
commonly used in establishing a direct connection between two networking nodes.
It can provide connection authentication, transmission encryption, and
compression.
PPP is used over many types of physical networks
including serial cable, phone line, trunk line, cellular telephone, specialized
radio links, and fiber optic links such as SONET. PPP is also used over
Internet access connections (now marketed as "broadband"). Internet service
providers (ISPs) have used PPP for customer dial-up access to the Internet,
since IP packets cannot be transmitted over a modem line on without some their
own, data link protocol. Two encapsulated forms of PPP, Point-to-Point Protocol
over Ethernet (PPPoE) and Point-to-Point Protocol over ATM (PPPoA), are used
most commonly by Internet Service Providers (ISPs) to establish a Digital
Subscriber Line (DSL) Internet service connection with customers.
PPP is commonly used as a data link layer protocol for
connection over synchronous and asynchronous circuits, where it has largely
superseded the older Serial Line Internet Protocol (SLIP) and telephone company
mandated standards (such as Link Access Protocol, Balanced (LAPB) in the X.25
protocol suite). PPP was designed to work with numerous network layer
protocols, including Internet Protocol (IP), TRILL, Novell's Internetwork
Packet Exchange (IPX), NBF and AppleTalk.
PPTP(Point to point tunneling protocol):It is a method of
implementing virtual private network. PPTP uses control channel over tcp and
GRE tunnel operating to encapsulate PPP packets. PPTP does not provide
authentication and relies on PPP protocol for tunnel to implement security
functionality. It uses for similar level of security and remote vpn product.
Port 1723 tcp udp
L2TP: It is tunneling protocol use to support virtual
private network. It does not provide encryption or confidentiality by itself.
It relies on encryption protocol for privacy and uses udp port 1701.
ARP (Address resolution protocol): ARP converting ip to
mack for communicating two devices.
RARP: Reverse Address Resolution Protocol is an obsolete
computer networking protocol used by a host computer to request its Internet
Protocol (IPv4) address from an administrative host, when it has available its
Link Layer or hardware address, such as a MAC address.
DHCP: is an auto configuration protocol used on IP
networks. DHCP allows a computer to be configured automatically. It prevents to
configure accidentally same ip to two different computers. PORT UDP 67,68
VTP: VTP is a Cisco proprietary protocol that propagates
the definition of the VLAN on the whole local area network. To do this, VTP
carries VLAN information to all the switches in a VTP domain. VTP
advertisements can be sent over ISL, 802.1q, IEEE 802.10 and LANE trunks. VTP
is available on most of the Cisco Catalyst Family products.
DTP: is a proprietary networking protocol developed by
Cisco Systems for the purpose of negotiating trunking on a link between two
VLAN-aware switches, and for negotiating the type of trunking encapsulation to
be used. It works on the Layer 2 of the OSI model. VLAN trunks formed using DTP
may utilize either IEEE 802.1Q or Cisco ISL trunking protocols.
Multi-link trunking: MLT is a link aggregation or IEEE
802.3ad port trunking technology designed by Nortel (now Avaya). It allows
grouping several physical Ethernet links into one logical Ethernet link to
provide fault-tolerance and high-speed links between routers, switches, and
servers. In the past redundant links were unused due to Spanning Tree’s loop
protection.
Using this technology allows or enables the use of
several links (from 2 up to 8) and combined them to create increased bandwidth
and several fail-over paths. This produces server to switch or switch to switch
connections that are up to 8 times faster.
STP: STP is a network protocol that ensures a loop-free
topology for any bridged Ethernet local area network. The basic function of STP
is to prevent bridge loops and ensuing broadcast radiation. Spanning tree also
allows a network design to include spare (redundant) links to provide automatic
backup paths if an active link fails, without the danger of bridge loops, or
the need for manual enabling/disabling of these backup links.
Cisco Discovery Protocol: CDP is a proprietary Data Link
Layer network protocol developed by Cisco Systems. It is used to share
information about other directly connected Cisco equipment, such as the
operating system version and IP address. CDP can also be used for On-Demand
Routing, which is a method of including routing information in CDP
announcements so that dynamic routing protocols do not need to be used in
simple network.
Cisco devices send CDP announcements to the multicast
destination address 01-00-0c-cc-cc-cc, out each connected network interface.
These multicast packets may be received by Cisco switches and other networking
devices that support CDP into their connected network interface. This multicast
destination is also used in other Cisco protocols such as VTP. By default, CDP
announcements are sent every 60 seconds on interfaces that support Subnetwork
Access Protocol (SNAP) headers, including Ethernet, Frame Relay and
Asynchronous Transfer Mode (ATM). Each Cisco device that supports CDP stores
the information received from other devices in a table that can be viewed using
the show cdp neighbors command. This table is also accessible via snmp. The CDP
table information is refreshed each time an announcement is received, and the
holdtime for that entry is reinitialized. The holdtime specifies the lifetime
of an entry in the table - if no announcements are received from a device for a
period in excess of the holdtime, the device information is discarded (default
180 seconds).
Layer 2 Forwarding: It is a tunneling protocol developed
by Cisco Systems, Inc. to establish virtual private network connections over
the Internet. L2F does not provide encryption or confidentiality by itself; It
relies on the protocol being tunneled to provide privacy. L2F was specifically
designed to tunnel Point-to-Point Protocol (PPP) traffic.
Virtual dial-up allows many separate and autonomous
protocol domains to share common access infrastructure including modems, Access
Servers, and ISDN routers. RFCs prior to 2341 have specified protocols for
supporting IP dial-up via SLIP and multiprotocol dial-up via PPP.
Split Multi-Link Trunking :(SMLT) is a Layer-2 link
aggregation technology in computer networking designed by Nortel (now Avaya) as
an enhancement to standard multi-link trunking (MLT) as defined in IEEE
802.3ad. Link aggregation or MLT allows multiple physical network links between
two network switches and another device (which could be another switch or a
network device such as a server) to be treated as a single logical link and
load balance the traffic across all available links. For each packet that needs
to be transmitted, one of the physical links is selected based on a
load-balancing algorithm (usually involving a hash function operating on the
source and destination Media Access Control (MAC) address information). For
real-world network traffic this generally results in an effective bandwidth for
the logical link equal to the sum of the bandwidth of the individual physical links.
Redundant links that were once unused due to Spanning Tree’s loop protection
can now be used to their full potential.
A general limitation of standard link aggregation, MLT or
EtherChannel is that all the physical ports in the link aggregation group must
reside on the same switch. The SMLT, DSMLT and RSMLT protocols remove this
limitation by allowing the physical ports to be split between two switches,
allowing for the creation of Active load sharing high availability network designs that meet five nines
availability requirements.
|
||||||
|
(WORKING ON
BITS): Media, signal and binary
transmission
|
SONET/SDH
(Synchronous Optical Networking): SONET and Synchronous Digital
Hierarchy (SDH) are standardized multiplexing protocols that transfer multiple
digital bit streams over optical fiber using lasers or light-emitting diodes
(LEDs). Lower data rates can also be transferred via an electrical interface.
SONET and SDH, which are essentially the same, were originally designed to
transport circuit mode communications (e.g., DS1, DS3) from a variety of
different sources, but they were primarily designed to support real-time,
uncompressed, circuit-switched voice encoded in PCM format. SONET/SDH allowed
for the simultaneous transport of many different circuits of differing origin
within a single framing protocol. SONET/SDH is not itself a communications
protocol per se, but a transport protocol.
IEEE 802.3 : it defining the physical layer and data link
layer's media access control (MAC) of wired Ethernet
IEEE 802.11 : is a set of standards for implementing
wireless local area network (WLAN) computer communication in the 2.4, 3.6 and 5
GHz frequency bands.
IEEE 802.15 : it specifies wireless personal area network
(PAN ) standards
IEEE 802.16 : is a
series of Wireless Broadband standards
|
TCP/IP
MODEL (INTERNET PROTOCOL SUITE)
4-Application :(DATA): closest layer
to end user it is in this layer user working on the front end. This layer is
combination of application, presentation and session layer.
BGP • DHCP • DNS • FTP • HTTP • IMAP • IRC • LDAP • MGCP • NNTP
• NTP • POP • RIP • RPC • RTP • SIP • SMTP • SNMP • SSH • Telnet • TLS/SSL •
XMPP •
|
3-Transport (SEGMENT): This layer decide the flow of data segment to segment. Two types
data flow in this layer reliable and none reliable. Reliable delivery is
called guaranteed delivery with error checking and first establish the connection
before transmission that called connection oriented this done by
|
2-Internet Layer: (IP):
Path determination and logical addressing. Providing a path with unique
identification that is called ip addressing. A packet travel on the network
with addressing means form source address to destination address. IP (IPv4,
IPv6) • ICMP • ICMPv6 • IGMP • IPsec •
|
1-Link Layer: This layer is
the combination of physical and data link layer
ARP/InARP • NDP • OSPF • Tunnels (L2TP) • PPP • Media Access
Control (Ethernet, DSL, ISDN, FDDI)
|
OSI
VS TCP/IP (INTERNET) MODEL: OSI is a reference
model and TCP/IP is an implementation of OSI model. The OSI model consists of 7
architectural layers whereas the TCP/IP only has 4 layers. TCP/IP Protocols are
considered to be standards around which the internet has developed. The OSI
model however is a "generic, protocol-independent standard."
The main differences between the two models are as follows:
1.OSI is a reference model and TCP/IP is an implementation of OSI model.
2.TCP/IP Protocols are considered to be standards around which the internet has developed. The OSI model however is a "generic, protocol-independent standard."
3.TCP/IP combines the presentation and session layer issues into its application layer.
4.TCP/IP combines the OSI data link and physical layers into the network access layer.
5.TCP/IP appears to be a simpler model and this is mainly due to the fact that it has fewer layers.
6.TCP/IP is considered to be a more credible model- This is mainly due to the fact because TCP/IP protocols are the standards around which the internet was developed therefore it mainly gains creditability due to this reason. Where as in contrast networks are not usually built around the OSImodel as it is merely used as a guidance tool.
7.The OSI model consists of 7 architectural layers whereas the TCP/IP only has 4 layers.
8.In the TCP/IP model of the Internet, protocols are deliberately not as rigidly designed into strict layers as the OSI model. RFC 3439 contains a section entitled "Layering considered harmful." However, TCP/IP does recognize four broad layers of functionality which are derived from the operating scope of their contained protocols, namely the scope of the software application, the end-to-end transport connection, the internetworking range, and lastly the scope of the direct links to other nodes on the local network.
9. The presumably strict consumer/producer layering of OSI as it is usually described does not present contradictions in TCP/IP, as it is permissible that protocol usage does not follow the hierarchy implied in a layered model. Such examples exist in some routing protocols (e.g., OSPF), or in the description of tunneling protocols, which provide a Link Layer for an application, although the tunnel host protocol may well be a Transport or even an Application Layer protocol in its own right.
10.The TCP/IP design generally favors decisions based on simplicity, efficiency and ease of implementation.
Hierarchical internetworking model:
Core layer: This layer is
considered the backbone of the network and includes the high-end switches and
high-speed cables such as fiber cables. This layer of the network does not
route traffic at the LAN. In addition, no packet manipulation is done by
devices in this layer. Rather, this layer is concerned with speed and ensures
reliable delivery of packets.
Distribution layer: This layer includes LAN-based routers and layer 3 switches. This layer ensures that packets are properly routed between subnets and VLANs in your enterprise. This layer is also called the Workgroup layer.
Access layer: This layer includes hubs and switches. This layer is also called the desktop layer because it focuses on connecting client nodes, such as workstations to the network. This layer ensures that packets are delivered to end user computers.
Distribution layer: This layer includes LAN-based routers and layer 3 switches. This layer ensures that packets are properly routed between subnets and VLANs in your enterprise. This layer is also called the Workgroup layer.
Access layer: This layer includes hubs and switches. This layer is also called the desktop layer because it focuses on connecting client nodes, such as workstations to the network. This layer ensures that packets are delivered to end user computers.
This article is an amazing guide to learn about all the networking fundamentals. I am saving the link to this post so that I can share it with my friends and use the information provided to prepare assignment.
ReplyDeleteeSignature
If you want to know that which email protocol uses port 143 for unsecured communication then click this link for more information:
ReplyDeletewhich email protocol uses port 143 for unsecured communication?