Network

Engineering
Professional

Network Engineering Professional

 TechnoNet Engineering Training Center 09681900504

Content
1. Computer Networking Essentials Page-1
2.Infrastructure and Architecture Page-4
3.Network Defined by Topology Page-6
4.Wireless Network Topology Page-10
5.Network Defined by Resource location Page-11
6.TCP/IP and OSI Networking Model Page-14
7.Fibre Optic Cable Page-22
8.Networking Devices Page-33
9.WAN Technology Page-39
10.TCP/IP Fundamental (IP Address) Page-41
11.Public and Private IP Addresses Page-46
12.Wireless Technologies Page-48
13.VPN (Virtual Private Network) Page-50
14.DNS (Domain Name System) Page-52
15.Proxy Server Page-54
16.VLAN (Virtual Local Area Network) Page-55
17.VTP (VLAN Trunking Protocol) Page-57
18.DHCP (Dynamic Host Configuration Protocol) Page-59
19.Inter-VLAN Routing and Router-on-a-Stick Page-62
20.Port-Security Page-63
21.NAT (Network Address Translation) Page-65

1
 TechnoNet Engineering Training Center 09681900504

Computer Networking Essentials

Network is two or more computers that exchange data. A network’s purpose is to make
connections. These connections might be between a PC and a printer or between a laptop and
the Internet, as just a couple of examples. However, the true value of a network comes from
the traffic flowing over those connections.

Networks contains - Computers with network adapters.

-Central connecting devices.
- Some type of medium (cable or wireless connection)
- Numbering scheme (such as IP address)
- Protective device (such as firewall).

The real reasons that organizations need network are-

• File sharing between two computers
• Video chatting between computers located in different parts of the world
• Surfing the Web (for example, to use social media sites, watch streaming video, listen
to an Internet radio station, or do research for a school term paper)
• Instant messaging (IM) between computers with IM software installed
• Email
• Voice over IP (VoIP), to replace traditional telephony systems

Server: A server, as the name suggests, serves up resources to a network. These

resources might include email access as given by an email server, web pages as offered
by a web server, or files available on a file server. A server is used to centralize data and
share it (or serve it) with other computers on the network.
2
 TechnoNet Engineering Training Center 09681900504

Client: The term client defines the device an end user uses to access a network.
This device might be a workstation, laptop, smartphone with wireless capabilities, or a
variety of other end-user terminal devices.
A PC usually acts as a client on the network, most likely getting it information from the server.
A PC can also store information locally.
A Mac (Macintosh) computer: As another type of client computer, a Mac can store
information locally or get it from the server.
A Laptop: This could be a PC or Mac. Despite its portability a laptop stores and accesses
data the same way the other network computers do.
Network adapter: Network interface card or NIC, enables sending and receiving of data to
and from computers.

On a LAN, data is transferred in a serial fashion over twisted-pair cabling. Serial data
transfer means the transfer of one bit at a time, transfer in a single-bit stream.
3
 TechnoNet Engineering Training Center 09681900504

Infrastructure and Architecture

Based on the geographic dispersion of network components,

Local area network (LAN)
Wide area network (WAN)
Wireless local area network (WLAN)
Storage area network (SAN)
Campus area network (CAN)
Body Area Network(BAN)
Metropolitan area network (MAN)
Personal area network (PAN)

LAN
A LAN interconnects network components within a local area (for example,
within a building). Local Area Network (LAN) is a group of computers that are confined to
a small geographic area usually one building. Most common type of LAN is the wired LAN.
Examples of common LAN technologies you are likely to meet include Ethernet (that
is, IEEE 802.3) and wireless networks (that is, IEEE 802.11).

WAN
A WAN interconnects network components that are geographically separated. For
example, a corporate headquarters might have multiple WAN connections to remote
office sites.

WLAN
A local area network made up of wireless networking devices is a wireless local
area network (WLAN).

SAN
You can construct a high-speed, highly reliable network for the express purpose
of transmitting stored data. This network is called a storage area network.

4
 TechnoNet Engineering Training Center 09681900504

CAN
The university covered several square miles and had several dozen buildings.
Within many of these buildings was a LAN. However, those building-centric LANs
were interconnected. By these LANs being interconnected, another network type was
created, a CAN. Besides an actual university campus, you might also find a CAN in an
industrial park or business park.

MAN
More widespread than a CAN and less widespread than a WAN, a MAN
interconnects locations scattered throughout a metropolitan area. One example of a
MAN technology is Metro Ethernet, which features much higher speeds than the
traditional WAN technologies that might have been used in the past to connect such
locations.

PAN
A PAN is a network whose scale is even smaller than a LAN. For example, a
connection between a PC and a digital camera via a universal serial bus (USB) cable
could be considered a PAN. Another example is a PC connected to an external hard
drive via a FireWire connection. A PAN, however, is not necessarily a wired connection.
A Bluetooth connection between your cell phone and your car’s audio system is
considered a wireless PAN (WPAN). The main distinction of a PAN, however, is that
its range is typically limited to just a few meters.

BAN
A Body Area Network (BAN) is a short-range wireless network comprised of
devices positioned in, on, and around the body. It provides data communication over
short distances, limited to ranges of just a few meters.
This new, inherently personal type of network uses wearable and implanted
electronic circuits. It implements highly useful functions and capabilities in convenient,
unobtrusive configurations that operate at very low power and deliver superlative
security.

5
 TechnoNet Engineering Training Center 09681900504

Networks Defined by Topology

Network can be classified based on the placement of their components. Topology

defines the physical connections of hosts in a computer network. There are several types of
physical topologies, including bus, ring, star, mesh, and tree.
Physical topology: what the network looks like and how the cables and devices are connected
to each other.
Logical topology: the path the data signals take through the physical topology. (how data flows
in a network)

Bus Topology
In the old days, networks often used bus topology. In that topology, all computers are
connected to a single bus cable; if one computer failed, the whole network went down.

Figure: Bus topology

6
 TechnoNet Engineering Training Center 09681900504

Ring Topology
In this topology, each computer is connected to the network using a closed loop;
historically, this was done with coaxial cable. Token ring and FDDI (fibre distributed data
interface) utilize a token passing system. Instead of broadcasting information to all other
computers on an Ethernet network that uses token ring. The token is passed from computer to
computer, picking up data and dropping it off as needed. The biggest advantage of ring
topology is that collisions become a nonfactor. A collision is when two computers attempt to
send information simultaneously. The result is signal overlap, creating a collision of data that
makes both pieces of data unrecoverable. In token-based systems, there is only one item flying
around the network at high speed, so it has nothing to collide with. Disadvantages are cost and
maintenance.
Token Ring, however, was not the only popular ring-based topology popular in
networks back in the 1990s. Fiber Distributed Data Interface (FDDI) was another variant
of a ring-based topology. Most FDDI networks (which, as the name suggests, have fiber
optics as the media) used not just one ring, but two. These two rings sent data in opposite
directions, resulting in counter-rotating rings. One benefit of counterrotating rings was
that if a fiber brokes, the stations on each side of the break could interconnect their two
rings, resulting in a single ring capable of reaching all stations on the ring.

Figure: Ring topology

7
 TechnoNet Engineering Training Center 09681900504

Star Topology
In this topology, each computer is individually wired to a central connecting device with
twisted-pair cabling. The central connecting device could be a hub, a switch, or a router. Even
one cable is disconnected, the rest of the network can still function.

Figure:Star topology

Mesh Topology
In this topology, every computer connects to every other computer; no central
connecting device is needed. In a full mesh, the number of network connections that each
computer will need is the total number of computers minus one. This type of topology is rare,
but it is necessary in some situations and fault-tolerant purpose. A lesser version of this
topology is the partial mesh in which only one or a couple of the computers on the network
have a second connection.[11Mic]
The number of required WAN connections can be calculated with the formula w
= n * (n – 1) / 2, where w = the number of WAN links and n = the number of sites. For
example, a network with 10 sites would require 45 WAN connections to form a fully
meshed network: 45 = 10 * (10 – 1) / 2.

Figure: Mesh topology

8
 TechnoNet Engineering Training Center 09681900504

Hub-and-Spoke Topology
When interconnecting multiple sites (for example, multiple corporate locations)
via WAN links, a hub-and-spoke topology has a WAN link from each remote site (that
is, a spoke site) to the main site (that is, the hub site). With WAN links, a service provider
is paid a recurring fee for each link. Therefore, a hub-and-spoke topology helps
minimize WAN expenses by not directly connecting any two spoke locations. If two
spoke locations need to communicate between themselves, their communication is sent
via the hub location.

Fig: Hub and Spoke Topology

Wireless Network Topology

Ad Hoc
The simplest of wireless topologies is the ad hoc wireless network. This means
that the wireless nodes are in charge of sending and receiving traffic to each other,
without the assistance of infrastructure devices, such as switches or access points. Some
network engineers refer to the ad hoc topology as simply a wireless peer-to-peer (P2P)
type of network.

Infrastructure
With the infrastructure topology, you have specialized wireless equipment for
permitting the wireless communications to take place. Many homes today feature a
wireless local area network (WLAN). A wireless access point (WAP) allows the various
computers (and other wireless devices) to communicate with each other through the
9
 TechnoNet Engineering Training Center 09681900504

WAP acting like a hub device. This WAP connects to the service provider (SP) of the
home user with a wired connection. For example, a coaxial cable could connect to the
broadband cable service for high-speed Internet connectivity.

Networks Defined by Resource Location

An example of a client/server network is a collection of PCs all sharing files found

on a centralized server. However, if those PCs had their operating system (for example,
Microsoft Windows 10 or Mac OS X) configured for file sharing, they could share files
from one another’s hard drives. This is referred to as a peer-to-peer network, because
the peers (the PCs in this example) make resources available to other peers.

Client/Server Networks
Figure illustrates an example of a client/server network, where a dedicated file
server gives shared access to files, and a networked printer is available as a resource to
the network’s clients. Client/server networks are commonly used by businesses.
Because resources are found on one or more servers, administration is simpler than
trying to administer network resources on multiple peer devices. The performance of a
client/server network can be better than that of a peer-to-peer network because resources
can be located on dedicated servers rather than on a PC running a variety of end-user
applications.

Fig: Client-Server Network

10
 TechnoNet Engineering Training Center 09681900504

Note
A server in a client/server network could be a computer running a network
operating system (NOS) such as Linux Server or one of the Microsoft Windows Server
operating systems. Alternatively, a server might be a host making its file system
available to remote clients via the Network File System (NFS) service, which was
originally developed by Sun Microsystems.

Note
A variant of the traditional server in a client/server network, where the server
provides shared file access, is network-attached storage (NAS). A NAS device is a mass
storage device that attaches directly to a network. Rather than running an advanced
NOS, a NAS device usually makes files available to network clients via a service such
as NFS.

Peer-to-Peer Networks
Peer-to-peer networks allow interconnected devices (for example, PCs) to share
their resources with one another. Those resources could be, for example, files or printers.
As an example of a peer-to-peer network. Each of the peers can share files on their own
hard drives, and one of the peers has a directly attached printer that can be shared with
the other peers in the network. Peer-to-peer networks are seen in smaller businesses and
in homes. The popularity of these peer-to-peer networks is fueled in part by client
operating systems that support file and print sharing. Scalability for peer-to-peer
networks is a concern, however. Specifically, as the number of devices (that is, peers)
increases, the administration burden increases. For example, a network administrator
might have to manage file permissions on multiple devices, as opposed to a single
server.

Fig: Peer to Peer Network

11
 TechnoNet Engineering Training Center 09681900504

Some networks have characteristics of both peer-to-peer and client/server

networks. For example, all PCs in a company might point to a centralized server for
accessing a shared database in a client/server topology.
However, these PCs might simultaneously share files and printers between one
another in a peer-to-peer topology. Such a network, which has a mixture of client/server
and peer-to-peer characteristics, is called a hybrid network.

One way to classify networks is by their geographical dispersion. Specifically,

these network types were identified: LAN, WAN, CAN, MAN, PAN, WLAN, and SAN.
Another approach to classifying networks is based on a network’s topology. Examples
of network types, based on topology, include bus, ring, star, partial mesh, full mesh, and
hub and spoke.

12
 TechnoNet Engineering Training Center 09681900504

TCP/IP &OSI
A networking model, sometimes also called either a networking architecture or
networking blueprint, refers to a comprehensive set of documents.
Protocol is a set of logical rules that devices must follow to communicate.
In the late 1970s, International Organization for Standardization (ISO) created Open
Systems Interconnection (ISO) networking model.
*open, vendor-neutral, public networking model*
U.S. Department of Defensive (DOD) created open networking model called TCP/IP.
During the 1990s, companies began adding OSI, TCP/IP, or both to together enterprise
networks. By the end of the 1990s, TCP/IP had become the common choice, and OSI fell
away.Here, in the twenty-first century, TCP/IP dominates.

The TCP/IP model both defines and references a large collection of protocols that allow
computers to communicate. To define a protocol uses documents called Requests For
Comments (RFC). TCP/IP model does not define Ethernet in RFCs, but refers to IEEE
Ethernet.

TCP/IP model is also called as DOD model. IEEE defines Ethernet LANs. OS on the
computer implements parts of the TCP/IP model.

To help people understand a networking model, each model breaks the functions into a
small number of categories called layers. Each layer includes protocols and standards that
relate to that category of functions.

The Open Systems Interconnection (OSI) reference model helps network engineers,
network administrators, and system engineers define how data networking actually works from
one computer to another, regardless of where the computer is or what software it runs. This
model is composed of seven layers, which each corresponding to devices, protocols, standard,
and applications in the real world. Computer network specialists use the OSI model to aid them
when designing, maintaining, and troubleshooting their networks. The Open Systems
Interconnection (OSI) reference model is used to define how data communication occurs on
computer networks. This model is divided into layers, each of which provides services to the
layers above and below. These layers are associated with protocols and devices.
The OSI model was created and ratified by the International Organization for Standardization
(ISO), and it is represented in the United States by the American National Standards Institute
(ANSI).
-Explain network communications between hosts on a LAN or WAN.
-Present a categorization system for communication protocol suites. (e.g. TCP/IP, Apple talk)
13
 TechnoNet Engineering Training Center 09681900504

-Show how different protocol suites can communicate with each other.
-It is important to note that network communications existed before the OSI model was
created. Accordingly this model is an abstract way of categorizing the communications that
already existed. In fact, the model was created to help engineers understand what is happening
with communication protocols behind the scenes.
7 to 1 = all people seem to need data processing
1 to 7= please do not throw sausage pizza away
Protocol= document of functions/ the logical rules that devices must follow to communicate.
Topology=networking or computer technology

Physical Layer (Layer 1)

This is the physical and electrical medium for data transfer. The media might be
physical, such as a copper or fiber-optic cable. Alternatively, the media might be the air,
through which radio waves propagate (as is the case with wireless networking technologies).
It includes cables, jack, connector, repeater, hub. Concepts related to this layer include
topologies, Analog versus Digital encoding, bit synchronization, baseband, broadband,
multiplexing, and POE (power over Ethernet, 5V).
Bandwidth usage: The two fundamental approaches to bandwidth usage on a network
are broadband and baseband:
Broadband: Broadband technologies divide the bandwidth available on a medium (for
example, copper or fiber-optic cabling) into different channels.
A sender can then transmit different communication streams over the various channels.
For example, consider frequency-division multiplexing (FDM) used by a cable modem.
Specifically, a cable modem uses certain ranges of frequencies on the cable coming into your
home from the local cable company to carry incoming data, another range of frequencies for
outgoing data, and several other frequency ranges for various TV stations.

14
 TechnoNet Engineering Training Center 09681900504

Baseband: Baseband technologies, in contrast, use all the available frequencies on a

medium to send data. Ethernet is an example of a networking technology that uses baseband.
Multiplexing allows multiple communications sessions to share the same physical
medium. Cable TV, as previously mentioned, allows you to receive multiple channels over a
single physical medium.

Coaxial Cable

Coaxial cable (referred to as coax) consists of two conductors. One of the conductors
is an inner insulated conductor. This inner conductor is surrounded by another conductor. This
second conductor is sometimes made of a metallic foil or woven wire.

Because the inner conductor is shielded by the metallic outer conductor, coaxial cable
is resistant to electromagnetic interference (EMI). For example, EMI occurs when an external
signal is received on a wire and might result in a corrupted data transmission. As another
example, EMI occurs when a wire acts as an antenna and radiates electromagnetic waves,
which might interfere with data transmission on another cable. Coaxial cables have an
associated characteristic impedance that needs to be balanced with the device (or terminator)
with which the cable connects.

The term electromagnetic interference (EMI) is sometimes used interchangeably with the
term radio frequency interference (RFI).

The following list details three of the most common types of coaxial cables:

RG-59: Typically used for short-distance applications, such as carrying composite

video between two nearby devices. This cable type has loss characteristics such that it is not
right for long-distance applications. RG-59 cable has a characteristic impedance of 75 Ohms.
RG-6: Used by local cable companies to connect individual homes to the cable
company’s distribution network. Like RG-59 cable, RG-6 cable has a characteristic impedance
of 75 Ohms.

15
 TechnoNet Engineering Training Center 09681900504

RG-58: Has loss characteristics and distance limitations like those of RG-59. However,
the characteristic impedance of RG-58 is 50 ohms, and this type of coax was popular with
early 10BASE2 Ethernet networks.
The RG prefix used in coaxial cable types stands for radio guide.

Common connectors used on coaxial cables are as follows:

BNC: A Bayonet Neill-Concelman (BNC) connector (British Naval-Connector in some

literature) can be used for a variety of applications, including as a connector in a 10BASE2
Ethernet network. A BNC coupler could be used to connect two coaxial cables together back
to back.
F-connector: An F-connector is often used for cable TV (including cable modem)
connections.

Twisted-Pair Cable

Today’s most popular LAN media type is twisted-pair cable, where individually
insulated copper strands are intertwined. Two categories of twisted-pair cable include shielded
twisted pair (STP) and unshielded twisted pair (UTP).

Shielded Twisted Pair

If wires in a cable are not twisted or shielded, that cable can act as an antenna, which
might receive or transmit EMI. To help prevent this type of behavior, the wires (which are
individually insulated) can be twisted together in pairs. If the distance between the twists is
less than a quarter of the wavelength of an electromagnetic waveform, the twisted pair of wires
will not radiate that wavelength or receive EMI from that wavelength (in theory, if the wires
were perfect conductors). However, as frequencies increase, wavelengths decrease. One option
of supporting higher frequencies is to surround a twisted pair in a metallic shielding, similar
to the outer conductor in a coaxial cable. This type of cable is referred to as a shielded twisted-
pair (STP) cable.

16
 TechnoNet Engineering Training Center 09681900504

Unshielded Twisted Pair

Another way to block EMI from the copper strands making up a twisted-pair cable is to twist
the strands more tightly (that is, more twists per centimeter). With these strands wrapped
around each other, the wires insulate each other from EMI.

UTP cable types vary in their data carrying capacity. Common categories of UTP
cabling include the following:

Category 3: Category 3 (Cat 3) cable was used in older Ethernet 10BASE-T

networks, which carried data at a rate of 10Mbps (where Mbps stands for megabits per
second, meaning millions of bits per second). However, Cat 3 cable can carry data at a
maximum rate of 16Mbps, as seen in some older Token Ring networks.
Category 5: Category 5 (Cat 5) cable is commonly used in Ethernet 100BASETX
networks, which carry data at a rate of 100 Mbps. However, Cat 5 cable can carry ATM
traffic at a rate of 155 Mbps. Most Cat 5 cables consist of four pairs of 24-gauge wires.

17
 TechnoNet Engineering Training Center 09681900504

Each pair is twisted, with a different number of twists per meter. However, on average,
one pair of wires has a twist every 5 cm.
Category 5e: Category 5e (Cat 5e) cable is an updated version of Cat 5 and is
commonly used for 1000BASE-T networks, which carry data at a rate of 1Gbps. Cat 5e
cable offers reduced crosstalk, as compared to Cat 5 cable.
Category 6: Like Cat 5e cable, Category 6 (Cat 6) cable is commonly used for
1000BASE-T Ethernet networks. Some Cat 6 cable is made of thicker conductors (for
example, 22-gauge or 23-gauge wire), although some Cat 6 cable is made from the same
24-gauge wire used by Cat 5 and Cat 5e. Cat 6 cable has thicker insulation and offers
reduced crosstalk, as compared with Cat 5e.
Category 6a: Category 6a (Cat 6a), or augmented Cat 6, supports twice as many
frequencies as Cat 6 and can be used for 10GBASE-T networks, which can transmit
data at a rate of 10 billion bits per second (10 Gbps). Although other wiring categories
exist, those presented in the previous list are the categories most commonly seen in
modern networks.

T568A and T568B are the two color codes used for wiring eight-position RJ45 modular
plugs. ... The only difference between the two color codes is that the orange and green pairs
are interchanged.
The TIA/EIA acronym comes from Telecommunications Industry
Association/Electronic Industries Alliance.

The U.S. Government requires the use of the preferred T568A standard for wiring done under
federal contracts.

18
 TechnoNet Engineering Training Center 09681900504

What is a Straight Through Cable?

Straight-through cable is a type of CAT5 which the RJ-45 connectors at each end have
the same pin out. (colour code use on both ends are the same). Straight-Through cable is also
referred to as a “patch cable.” Straight-through cable is used to connect computers and other
end user devices to networking devices such as hubs & switches.

What is a Crossover Cable?

A Crossover cable is a type of CAT where one end is T568A configuration and the other
as T568B configuration. Pin 1 is crossed with Pin 3 and Pin 2 is crossed with Pin 6.
Crossover cable is used to connect two computers together without using a switch or hub.

Pin assignment of switch, hub, repeater and bridge are assigned as 1 and 2 (Receive, RX) and
3 and 6 (Transmit, TX), the rest 4 wires 4,5,7,8 are free (sometimes, they are used for VOIP
or POE).
Pin assignment of router, PC, server and access point are assigned as 1 and 2 (Transmit, TX)
and 3 and 6 (Receive, RX).

A traditional port found in a PCs NIC is called a media-dependent interface (MDI). If a

straight-through cable connects a PCs MDI port to an Ethernet switch port, the Ethernet switch
port needs to swap the transmit pair of wires (that is, the wires connected to pins 1 and 2) with
the receive pair of wires (that is, the wires connected to pins 3 and 6).
Therefore, a traditional port found on an Ethernet switch is called a media-dependent
interface crossover (MDIX), which reverses the transmit and receive pairs. However, if you
want to interconnect two switches, where both switch ports used for the interconnection were
MDIX ports, the cable would need to be a crossover cable.
Fortunately, most modern Ethernet switches have ports that can automatically detect
whether they need to act as MDI ports or MDIX ports and make the appropriate adjustments.
This eliminates the necessity of using straight-through cables for some Ethernet switch
connections and crossover cables for other connections. With this Auto-MDIX feature, you
can use either straight-through cables or crossover cables.

19
 TechnoNet Engineering Training Center 09681900504

Fiber-Optic Cable
An alternative to copper cabling is fiber-optic cabling, which sends light (instead of
electricity) through an optical fiber (typically made of glass). Using light instead of electricity
makes fiber optics immune to EMI. Also, depending on the Layer 1 technology being used,
fiber-optic cables typically have greater range (that is, a greater maximum distance between
networked devices) and greater data-carrying capacity. Lasers are often used to inject light
pulses into a fiber-optic cable. However, lowercost light-emitting diodes (LED) are also on
the market. Fiber-optic cables are
generally classified according to their diameter and fall into one of two categories:
multimode fiber (MMF) and single-mode fiber (SMF).

Multimode Fiber
When a light source, such as a laser, sends light pulses into a fiber-optic cable, what
keeps the light from simply passing through the glass and being dispersed into the surrounding
air? The trick is that fiber-optic cables use two different types of glass. There is an inner strand
of glass (that is, a core) surrounded by an outer cladding of glass, similar to the construction
of the previously mentioned coaxial cable. The light injected by a laser (or LED) enters the
core, and the light is prevented from leaving that inner strand and going into the outer cladding
of glass. Specifically, the indices of refraction of these two different types of glass are so
different that if the light attempts to leave the inner strand, it hits the outer cladding and bends
back on itself.
The diameter of the core in a multimode fiber is large enough to permit light to enter
the core at different angles, as depicted in Figure 3-7. If light enters at a steep angle, it bounces
back and forth much more frequently on its way to the far end of the cable as opposed to light
that enters the cable perpendicularly. If pulses of light representing different bits travel down
the cable using different modes of propagation, it is possible that the bits (that is, the pulses of
light representing the bits) will arrive out of order at the far end (where the pulses of light, or
absence of light, are interpreted as binary data by photoelectronic sensors).
For example, perhaps the pulse of light representing the first bit intersected the core at
a steep angle and bounced back and forth many times on its way to the far end of the cable,
while the light pulse representing the second bit intersected the core perpendicularly and did
not bounce back and forth very much. With all of its bouncing, the first bit has to travel further
than the second bit, which might cause the bits to arrive out of order. Such a condition is known
as multimode delay distortion. To mitigate the issue of multimode delay distortion, MMF
typically has shorter distance limitations, as opposed to SMF.

20
 TechnoNet Engineering Training Center 09681900504

Single-Mode Fiber

SMF eliminates the issue of multimode delay distortion by having a core with a diameter
so small that it only permits one mode (that is, one path) of propagation. With the issue of
multimode delay distortion mitigated, SMF typically has longer distance limitations than
MMF.

A potential downside to SMF, however, is cost. Because SMF has to be manufactured

to very exacting tolerances, you usually pay more for a given length of fiber-optic cabling.
However, for some implementations, where greater distances are required, the cost is an
acceptable trade-off to reach greater distances. Some common connectors used on fiber-optic
cables are as follows:
ST: A straight tip (ST) connector is sometimes referred to as a bayonet connector, because of
the long tip extending from the connector. ST connectors are most commonly used with MMF.
SC: Different literature defines an SC connector as subscriber connector,
standard connector, or square connector.
LC: A Lucent connector (LC) connects to a terminating device by pushing the connector into
the terminating device, and it can be removed by pressing the tab on the connector and pulling
it out of the terminating device.

21
 TechnoNet Engineering Training Center 09681900504

MTRJ: The most unique characteristic of a media termination recommended jack (MTRJ)
connector is that two fiber strands (a transmit strand and a receive strand) are included in a
single connector.

Media Converters

There may be times when the media needs to be converted. To do this, a media converter
could be used. Examples may include single-mode fiber to Ethernet, multimode fiber to
Ethernet, fiber to coaxial, and single-mode to multimode fiber.
A media converter operates at the OSI model layer 1 (Physical layer). The media
converter translates frames into bits and transmits them on the transmission medium. At layer
2, the MAC address is added to make the data into a frame. At layer 3, the IP address is added
to the packet. A media converter does not alter or use the MAC address or the IP address. You
have a server that has a 100BaseFX network interface card that you need to connect to a
switch. The switch only has 100BaseTX switch ports. Which device should you use?

Data Link Layer (Layer 2)

This layer establishes, maintains, and decides how transfer is accomplished over the
physical layer. This layer ensures error-free transmission over the physical layer through
physical address. It contains two parts: LLC (logical link control) and MAC (media access
control).
The components of data-link layer include Modem, Network Interface Controller, Bridge,
Switch, Wireless Access-point.
The functions of Layer-2 are Ethernet framing, data frame, switching functions, MAC address.
Three methods of switching,
1. Cut-through switching: Transfers directly without checking, less reliable but faster and
light weight.
2. Store and forward switching: Accept the frame, check the frame. If there any error, it
discards the whole frame. If no error, it forwards.
3. Fragement Switching : Accept the frame, check 64 byte of frame, if there error in this
64 byte of data, it discards just only 64 byte of data (not the whole frame). It forwards
the data per 64 byte.

22
 TechnoNet Engineering Training Center 09681900504

Ethernet addresses go by many names: LAN address, Ethernet address, hardware address,
burned-in address, physical address, universal address, or MAC address. For example, the term
burned-in address (BIA) refers to the idea that a permanent MAC address has been encoded
(burned into) the ROM chip on the NIC.

23
 TechnoNet Engineering Training Center 09681900504

• Packaging data into frames and transmitting those frames on the network
• Performing error detection/correction
• Uniquely finding network devices with an address
• Handling flow control

Network Layer (Layer-3)

This layer is dedicated to routing and switching information to different networks,
LANs or internet. This can be on a LAN or WAN. Devices that exist on that layer are routers
and IP switches.
The functions of Network Layer include Routing, Gateway, IP addressing, Subnetting,
connectivity path selection, IP packet, IPv4 and IPv6.

Logical addressing: Whereas the data link layer uses physical addresses to make forwarding
decisions, the network layer uses logical addressing to make forwarding decisions. A variety
of routed protocols (for example, AppleTalk and IPX) have their own logical addressing
schemes, but by far, the most widely deployed routed protocol is Internet Protocol (IP).

Switching: Engineers often associate the term switching with Layer 2 technologies; however,
the concept of switching also exists at Layer 3. Switching, at its essence, is making decisions
about how data should be forwarded. At Layer 3, three common switching techniques exist:

Packet switching: With packet switching, a data stream is divided into packets. Each packet
has a Layer 3 header that includes a source and destination Layer 3 address. Another term for
packet switching is routing.

24
 TechnoNet Engineering Training Center 09681900504

Circuit switching: Circuit switching dynamically brings up a dedicated communication link

between two parties for those parties to communicate. As a simple example of circuit
switching, think of making a phone call from your home to a business. Assuming you have a
traditional landline servicing your phone, the telephone company’s switching equipment
interconnects your home phone with the phone system of the business you are calling. This
interconnection (that is, circuit) only exists for the duration of the phone call.

Message switching: Unlike packet switching and circuit switching technologies, message
switching is usually not well suited for real-time applications because of the delay involved.
Specifically, with message switching, a data stream is divided into messages. Each message is
tagged
with a destination address, and the messages travel from one network device to another
network device on the way to their destination. Because these devices might briefly store the
messages before forwarding them, a network using message switching is sometimes called a
store-and-forward network. Metaphorically, you could visualize message switching like
routing an email message, where the email message might be briefly stored on an email server
before being forwarded to the recipient.

Route discovery and selection: Because Layer-3 devices make forwarding decisions based
on logical network addresses, a Layer 3 device might need to know how to reach various
network addresses. For example, a common Layer 3 device is a router. A router can maintain
a routing table indicating how to forward a packet based on the packet’s destination network
address.
Examples of devices found at the network layer include routers and multilayer switches.
The most common Layer 3 protocol in use, and the protocol on which the Internet is based, is
IPv4. However, IPv6 is beginning to be more common on networks today.

Transport Layer (Layer-4)

This layer ensures error-free transmission between hosts through logical addressing.
This layer contains TCP (connection-oriented) and UDP (connection less) protocol.
Transmission control protocol uses three-way handshaking method to establish a connection.
User datagram protocol is less reliable.

Transmission Control Protocol (TCP): A connection-oriented transport

protocol. Connection-oriented transport protocols offer reliable transport, in that if a segment
is dropped, the sender can detect that drop and retransmit the dropped segment. Specifically,
a receiver acknowledges segments that it receives. Based on those acknowledgments, a sender
25
 TechnoNet Engineering Training Center 09681900504

can decide which segments were successfully received and which segments need to be
transmitted again.

User Datagram Protocol (UDP): A connectionless transport protocol. Connectionless

transport protocols offer unreliable transport, in that if a segment is dropped, the sender is
unaware of the drop, and no retransmission occurs.

Buffering: With buffering, a device (for example, a router) uses a chunk of memory
(sometimes called a buffer or a queue) to store segments if bandwidth is not available to send
those segments. A queue has a finite capacity, however, and can overflow (that is, drop
segments) in case of sustained network congestion. In addition to TCP and UDP, Internet
Control Message Protocol (ICMP) is another transport layer protocol you are likely to meet.
ICMP is used by utilities such as ping and traceroute.
1. Flow Control: a speed-matching the rate at which the sender is sending against the rate
at which the receiving application is reading.
Flow control = Congestion control
2. Windowing: speed negotiation for size (Use down rate between sender and receiver)
3. Acknowledge: The TCP header shows a sequence number (SEQ) with each message.
If the network has a problem, we can know by seeing SEQ Numbers and retransmits the
missing data.

Session Layer (Layer-5)

This layer governs the establishment, termination and synchronization of the sessions.
Session layer establishes, controls, and ends sessions connection management. This layer
governs the establishment, termination, and synchronization of the sessions within the OS over
the network and between hosts. E.g. SQL, NFS, FAT 32, NTFS. Authorization: you are
authorized to do something.

26
 TechnoNet Engineering Training Center 09681900504

Authentication: process of verifying that “you are who”.

Setting up a session: Examples of the procedures involved in setting up a session include the
following:

• Checking user credentials (for example, username and password)

• Assigning numbers to a session’s communication flows to uniquely find each one
• Negotiating services needed during the session
• Negotiating which device begins sending data

Maintaining a session: Examples of the procedures involved in supporting a session include

the following:

• Transferring data
• Reestablishing a disconnected session
• Acknowledging receipt of data

Tearing down a session: A session can be disconnected based on agreement of the devices in
the session. Alternatively, a session might be torn down because one party disconnects (either
intentionally or because of an error condition). If one party disconnects, the other party can
detect a loss of communication with that party and tear down its side of the session.

Presentation Layer (Layer-6)

This layer translates data format from sender to receiver. Concepts include code
conversion, data compression, and file encryption, translation, formatting. This layer translates
the data format from sender to receiver I the various OSes that may be used. Concepts include
code conversion, data compression, and file encryption.
Data formatting: As an example of how the presentation layer handles data formatting,
consider how text is formatted. Some applications might format text using American Standard
Code for Information Interchange (ASCII), while other applications might format text using
Extended Binary Coded Decimal Interchange Code (EBCDIC). The presentation layer handles
formatting the text (or other types of data, such as multimedia or graphics files) in a format
that allows compatibility between the communicating devices.
Encryption: Imagine that you are sending sensitive information over a network (for
example, your credit card number or bank password). If a malicious user were to intercept
your transmission, they might be able to obtain this sensitive information. To add a layer of
security for such transmissions, encryption can be used to scramble up (encrypt) the data in

27
 TechnoNet Engineering Training Center 09681900504

such a way that if the data were intercepted, a third party would not be able to unscramble it
(decrypt). However, the intended recipient would be able to decrypt the transmission.
PDU= protocol data unit

Layer6 encode/decode the data from Layer7.

Application Layer (Layer-7)

There are three types of applications-

1. Batch applications
• File transfer like FTP, TFTP, perhaps a HTTP download. Could be a
backup at night.
• No direct human interaction.
• High bandwidth is important but not critical.
2. Interactive applications
• Human-to-Human interaction
• Someone is waiting for a response, response time (delay) is important.
3. Real-time applications
• Human-to-Human interaction
• VoIP (Voice over IP) or live Video conferencing.
• End-to-end delay is critical.

Every delay above 300ms is a hard time having a good conversation.

A delay above 150ms (1/8 of a second) is noticeable.

Application layer protocols provide services to the application software running on a

computer. e.g. HTTP (hypertext transfer protocol) defines how web browsers can pull the
contents of a web page from a web server. Application layer provides an interface between
software running on a computer and the network itself.

This layer is where message creation. End-user protocols such as FTP, SMTP, Telnet
work at this layer. For example, you are using Microsoft Outlook Express. You type a message
and click send. This initiates SMTP (simple mail transfer Protocol) and other protocols, which
send the mail message down through the other layer. All application services are done in this
layer.

28
 TechnoNet Engineering Training Center 09681900504

Web browser application and web server application and web server application use
TCP/IP (OSI) application layer protocol.To make the request for a web page and return the
contents of the web page, the application use the Hypertext Transfer Protocol (HTTP).

Time Berners-Lee gave HTTP functionality to ask for the contents of web pages,
specially by giving the web browser the ability to request files from the server and giving the
server a way to return the content of those files.

29
 TechnoNet Engineering Training Center 09681900504

Overview Of TCP/IP and OSI Model

Step 1. Create and encapsulate the application data with any required application layer
headers. For example, the HTTP OK message can be returned in an HTTP header, followed
by part of the contents of a web page.
Step 2. Encapsulate the data supplied by the application layer inside a transport layer header.
For end-user applications, a TCP or UDP header is typically used.
Step 3. Encapsulate the data supplied by the transport layer inside a network layer (IP) header.
IP defines the IP addresses that uniquely identify each computer.
Step 4. Encapsulate the data supplied by the network layer inside a data link layer header and
trailer. This layer uses both a header and a trailer.
Step 5. Transmit the bits. The physical layer encodes a signal onto the medium to transmit the
frame.

30
 TechnoNet Engineering Training Center 09681900504

Networking Devices

Hub
Hub is the most basic of central connecting devices, it connects each of the network
computers, known as hosts, to one another by way of copper-based cables. Any host that sends
data must first send that data to the hub, where it is broadcast to the rest of the network.
Broadcasting means that the data is sent to every host on the network. Then, the only intended
recipient keeps the data; the rest of the hosts discard it. Hub is a simple and cheap networking
broadcast device works under physical layer of OSI model that connects computers in a network,
but it consumes bandwidth. It can’t be recognized which port is for which PC.
Hub: A hub is an older technology that interconnects network components, such as
clients and servers. Hubs vary in their number of available ports.
A hub is a Layer 1 device and does not perform any inspection of the traffic it
passes. Rather, a hub simply receives traffic in a port (that is, a receptacle to which a
network cable connects) and repeats that traffic out all the other ports.

The three basic types of Ethernet hubs are as follows:

Passive hub: Does not amplify (that is, electrically regenerate) received bits.
Active hub: Regenerates incoming bits as they are sent out all the ports on a hub, other
than the port on which the bits were received.
Smart hub: The term smart hub usually implies an active hub with enhanced features,
such as Simple Network Management Protocol (SNMP) support.
A significant downside to hubs, and the main reason they have largely been
replaced with switches, is that all ports on a hub belong to the same collision domain. A
collision domain represents an area on a LAN on which there can be only one
transmission at a time. Because multiple devices can reside in the same collision domain,
as is the case with multiple PCs connected to a hub, if two devices transmit at the same
time, those transmissions collide and have to be retransmitted.
Notice that the PCs are interconnected using an Ethernet hub, but they are all in
the same collision domain. As a result, only one of the connected PCs can transmit at
any one time.
Also notice that all devices on a hub belong to the same broadcast domain, which
means that a broadcast sent into the hub will be propagated out all of the ports on the
hub.

31
 TechnoNet Engineering Training Center 09681900504

Bridge
A bridge joins two or more LAN segments, typically two Ethernet LAN segments. Each
LAN segment is in separate collision domains. Ethernet bridge can be used to scale Ethernet
networks to a large number of attached devices. Unlike a hub, which blindly forwards received
bits, a bridge makes intelligent forwarding decisions based on the destination MAC address
present in a frame. Because a bridge makes forwarding decisions based on Layer 2
information, a bridge is considered to be layer2 device.

Switch
Like a hub, a switch connects network components. Unlike hub, a switch does not
simply take in traffic on one port and blast that traffic out all other ports. A switch learns which
device live of which ports. It does this by inspecting traffic that comes into the inbound port
and recording the source address. It then looks at the destination address, it forwards the traffic
out of the appropriate port, not out of all other ports. Switch makes its forwarding decisions
based on address that are physically burned into a network interface card installed in a host.
This burned-in address is a Media Access Control address, which is unique for each computer.
It contains Content Addressable Memory table. CAM table has two parts: MAC addresses and
Port numbers. It works as unicast traffic and works under Data-Link layer of OSI model.
A bridge makes its forwarding decisions in software, whereas a switch makes its
forwarding decisions in hardware, using application-specific integrated circuits (ASICs).

32
 TechnoNet Engineering Training Center 09681900504

Switch: Like a hub, a switch interconnects network components, and switches are
available with a variety of port densities. Unlike a hub, a switch does not simply take in
traffic on one port and blast that traffic out all other ports. Rather, a switch learns which
devices live off of which ports. It does this by inspecting traffic that comes into the port
(inbound) and recording the source address. It then looks at the destination address and,
if the switch knows the destination address, it forwards the traffic out of the appropriate
port, not out of all the other ports. This dramatically cuts down on the volume of traffic
coursing through your network. Consider a switch a Layer 2 device, which means that
it makes its forwarding decisions based on addresses that are physically burned into a
network interface card (NIC) installed in a host (that is, any device that transmits or
receives traffic on a network). This burned-in address is a Media Access Control (MAC)
address. Note that today’s switches are capable of functioning at higher layers of the
network model but are still mostly considered as Layer 2 devices.

Router
Router makes its forwarding decisions based on logical network address. Most modern
networks use Internet Protocol addressing. Therefore, most routers know what logical IP
networks live off which router interfaces. Then, when traffic comes into a router, the router
examines the destination IP address of the traffic, based on the router’s database of networks,
it intelligently forwards the traffic out the appropriate interface. The router acts as a central
connecting device, but it also has a special communications link to the internet.
Router: Consider a router to be a Layer 3 device, which means that it makes its
forwarding decisions based on logical network addresses. Most modern networks use
Internet Protocol (IP) addressing. Therefore, most routers know what logical IP
networks live off which router interfaces. Then, when traffic comes into a router, the
router examines the destination IP address of the traffic and, based on the router’s
database of networks (that is, the routing table), it intelligently forwards the traffic out
the appropriate interface
33
 TechnoNet Engineering Training Center 09681900504

Multilayer Switch
Whereas a Layer 2 switch makes forwarding decisions based on MAC address
information, a multilayer switch can make forwarding decisions based on upper-layer
information. A multilayer switch performs functions as a router and make forwarding
decisions based on the destination IP address information. Like on a Layer 2 switch, each port
on a multilayer switch represents a separate collision domain, however, a characteristic of a
multilayer switch is that it can be become a boundary of the same broadcast domain. All ports
on a multilayer switch can belong to different broadcast domains.

Network Infrastructure Device Characteristics

Device Number of Number of OSI Layer of
Collision Broadcast Operation
Domains Domains

Hub 1 1 1

Bridge 1 per port 1 2

Switch 1 per port 1 2

Multilayer 1 per port 1 per port 3+

Switch

Router 1 per port 1 per port 3+

34
 TechnoNet Engineering Training Center 09681900504

WAN Technology
LANs typically include nearby devices, whereas WAN connects devices can be
hundreds or thousands of miles apart. WAN technology includes physical links as well as data-
link protocols that control these links. One main goal for a WAN is to move data between
LANs. Leased line WANs, a type of WAN link that has been part of enterprise networks since
the 1960s. Leased line WAN can responsible sending data from the remote LAN back to the
rest of the existing network and vice versa. The leased line service delivers bits in both
directions, at a predetermined speed, using full duplex logic.
The leased line uses one pair of wires, one pair for each direction of sending data, which
allows full-duplex operation. Leased line WAN works a lot like an Ethernet crossover cable
connecting two routers, but with few distance limitations. Each router can send at any time
(full-duplex) over the leased line, for tens, hundreds, or over thousands of miles. A leased line
does not actually exist as a single long cable between two sides. Instead, the Telco install a
large network of cables and special switching devices to create its own computer network.

Figure: WAN Principal

High Level Data-link Control Protocol

HDLC controls the correct delivery of data over a physical link of a particular type.
HDLC has less work to do because of the simple point-to-point topology of a point-to-point
leased line. When one router sends an HDLC frame, it can go only one place; to the other end
of the link.

35
 TechnoNet Engineering Training Center 09681900504

Ethernet as a WAN Technology

IEEE improved Ethernet standards in ways that made Ethernet a reasonable WAN
technology. Ethernet can be used to create WAN services by taking advantage of longer cable
length possibilities of modern fibre-optic Ethernet standards. In this second decade of the
twenty-first century, many WAN service providers offer WAN services that take advantage of
Ethernet. If the two routers use an EOMPLS service instead of a serial link. The routers use
Ethernet interfaces, and they can send data in both directions at the same time.

Three Routing Steps

1. To send IP packet to router R1 next, PC1 encapsulates the IP packet in an Ethernet frame that
has the destination MAC address of R1.

2. R1 de-encapsulates the IP packet from the Ethernet frame and encapsulates the packet into a
new Ethernet header and trailer.

3. R2 de-encapsulates the IP packet from the Ethernet frame, and encapsulates the packet into an
Ethernet frame that has a destination MAC address of PC2 and forwards the Ethernet frame to
PC2.

36
 TechnoNet Engineering Training Center 09681900504

TCP/IP FUNDAMENTALS
IP ADDRESS

Every host on a TCP/IP network needs to have a unique address. With this unique
address, it is possible to send data from host to host. Every packet contains addressing
information in the header, and the IP address in the header is used to route packets.

For version 4, TCP/IP addresses are 32-bit or 4 byte value. It is expressed in decimal is
referred to as dotted decimal notation because it has four decimal numbers, each separated by
a period, or a dot.

w.x.y.z(format) e.g. 192.168.1.1

The IP address can be divided into two parts: Network ID and Host ID.

A Subnet Mask is a number that looks like an IP address. It is used to separate Network
ID from the IP address by ANDing IP address with subnet mask.

W X Y Z

IP Address 192 . 168 . 6 . 50

Subnet Mask 255 . 255 . 255 . 0

Network ID 192 . 168 . 6 . 0

Host ID 0 . 0 . 0 . 50

How Subnet is used?

For every outgoing packet, IP has to determine whether the destination host is on the
same local network or on a remote network. If the destination is local then IP uses an ARP
broadcast to find out the hardware address of the destination host.

If the destination host is on the same local network, then ARP broadcasts a request for
the hardware address of the router. Therefore, IP sends packets that are bound for a remote
network directly to the router, which is known as the default gateway. The router then sends
the packet to the next network on its journey to the correct destination network.

37
TechnoNet Engineering Training Center 09681900504

38
 TechnoNet Engineering Training Center 09681900504

IP ADDRESS CLASESS
CLASS A

Class A addresses are assigned to networks with a very large number of hosts. The
highest-order bit in class A address is always set to zero. The next seven bits complete
network ID. The remaining 24 bits represent the host ID.

NETWORK ID HOST ID

0000 0000. 0000 0000. 0000 0000. 0000 0000 , to

0111 1111. 1111 1111. 1111 1111. 1111 1111

Class =A

Network range = 1.0.0.0 -126.0.0.0

No. of network= 126

No. of hosts per network= 16 777 216-2=16 777 214

CLASS B

Class B addresses are assigned to medium-sized to large-sized networks. The two

high-order bits in class B address are always set to binary 1 0. The next 14 bits complete
network ID. The remaining 16 bits represent the host ID.

NETWORK ID HOST ID

1000 0000. 0000 0000. 0000 0000. 0000 0000

1011 1111. 1111 1111. 1111 1111. 1111 1111

Class =B

Network Range = 128.0.0.0- 191.255.0.0

No. of network = 16384

No. of hosts per network =65536-2=65534

39
 TechnoNet Engineering Training Center 09681900504

CLASS C

Class C addresses are used for small networks. The three high-order bits in class C
address are always set to binary 1 1 0. The next 21 bits complete the network ID. The
remaining 8 bits represent the host ID.

NETWORK ID HOST ID

1100 0000. 0000 0000. 0000 0000. 0000 0000

1101 1111. 1111 1111. 1111 1111. 1111 1111

Class =C

Network Range = 192.0.0.0-223.255.255.0

No. of network = 2097152

No. of hosts per network =256-2=254

NETWORK ID GUIDELINES
All hosts on the same physical network must be assigned the same network ID to
communicate with each other.

The network ID must be unique to the IP internetwork.

Class =A First Network ID=1.0.0.0/8 Last Network ID=126.0.0.0/8

Class=B First Network ID=128.0.0.0/16 Last Network ID=191.255.0.0/16

Class=C First Network ID=192.0.0.0/24 Last NetworkID=223.255.255.0/24

• The host ID must be unique within the network.

• All bits within the host ID cannot be set to 1 because it is used for broadcast address.
• All bits in the host ID cannot be set to 0 because it is same as the network ID.

40
 TechnoNet Engineering Training Center 09681900504

EXERCISE 1: Identify address classes for different IP address and their associated subnet
masks.

IP Address Subnet Mask Address Class

196.79.123.56

130.49.34.23

109.189.109.200

189.90.23.100

126.34.100.12

192.14.2.0

EXERCISE 2 : Circle the following.

Circle the network portion Circle the host portion

177.100.18.4 10.15.123.50

119.18.45.0 171.2.12.1

209.240.0.1 198.125.87.177

220.200.23.1 126.8.125.4

41
 TechnoNet Engineering Training Center 09681900504

PUBLIC AND PRIVATE IP ADDRESSES

Public IP Address

Public addresses are assigned by internet and consist of class-based network IDs, that
are guaranteed to be globally unique to the internet.

Private IP Address

Each IP node requires an IP address that is globally unique to the IP internetwork. As

the internet grew, organizations connecting to the internet required a public address for each
node on their network.

• 127.0.0.1 is used as loopback address.

• 10.0.0.0/8 is reserved for class A’s private addressing.
• 172.16.0.0/12 is reserved for class B’s private addressing.
• 169.254.0.0/16 is reserved for APIPS

Automatic Private IP Addressing (APIPA)

1. Static: Defined at the host manually.
2. Dynamic: Assigned by DHCP server.
3. APIPA: If DHCP server is offline, all the DHCP client will be unable to get an IP
address. In such case, IPs are assigned themselves using the APIPA method.

SUBNETTING

Consider the class A network ID, which has the possibility of over 16 million
hosts on the same network. All the hosts on the same physical network share the
broadcast traffic; they are in the same broadcast domain. It is not practical to have 16
million nodes in the same broadcast domain.
Networks must often be divided into smaller networks, called sub-networks. To do this,
the network administrator must use the host portion of an address to create smaller
groups of addresses. This is done through a process called subnetting.

Before subnetting Network portion Host portion

After subnetting Network portion Subnet portion Host portion

42
 TechnoNet Engineering Training Center 09681900504

e.g.172.1.0.0/16 > 172.1.0.0/24

192.168.128.0/18>/24
192.168.0.0/17 >24

First IP of the first subnet :………………………………………………….

Last IP of the first subnet :………………………………………………….
Subnet Mask :…………………………………………………..
First subnet’s network ID:………………………………………………….
First subnet’s broadcast address:………………………………………….

First IP of the flast subnet :………………………………………………….

Last IP of the last subnet :………………………………………………….
Subnet Mask :…………………………………………………..
Last subnet’s network ID:………………………………………………….
Last subnet’s broadcast address:………………………………………….

Wireless Technologies
Wireless networks have unique advantages in many places. Firstly, wireless local area
networks are more flexible and mobile than the wired network. Users may have access to or
receive information at any network coverage in real time. Secondly, WLANs have good
scalability.
The main components of WLANs including client services, access point, wireless
network adapter, wireless controller and wireless antenna. Client devices are also known as
stations. All the end devices with wireless capabilities will act as client devices, for example,
mobile phones, laptops and PDA.
802.11 and 802.11x refers to a family of specifications developed by
the IEEE for wireless LAN (WLAN) technology. 802.11 specifies an over-the-air interface
between a wireless client and a base station or between two wireless clients. The IEEE
accepted the specification in 1997.

43
 TechnoNet Engineering Training Center 09681900504

Wireless Router
Wireless Router can function as a normal router or an access point. Most of the wireless
routers are designed for home users. The wireless routers have firewall inside in order to
protect home users from being hacked. Wireless router can support dual channels is called the
dual-band router. Within each band are specific frequencies at which wireless devices operate.

WAP (Wireless Access Point)

Wireless access point acts as the central connecting device for the network. (E.g. PCs,
smartphones, tablet and computers). Notice that wireless clients gain access to a wired network
by communicating via radio waves with a wireless access point (AP). The AP is then
hardwired to a LAN. Historically, wired networks were significantly faster than wireless

44
 TechnoNet Engineering Training Center 09681900504

networks. Now, speed between these two networks is much smaller due to progressing in
networking technology.
The access point acts as bridge between wireless devices and wired networks. Access
points are commonly used in large buildings in order to create a wireless local area network
that expands to a wide range of area. The wireless controllers used to automatically manage
and configure a set of APs. The features of the wireless controller including load balancing,
coverage hole detection and interface detection and avoidance.

Wireless network has many security problems. Wired network is securer than wireless
network. Wireless networks and wired networks can co-exist. Ethernet (LAN Standard) is a
group of networking technologies that define how information is sent and received between
network adapters, hubs, switches and other devices. Ethernet is standardized by the Institude
of Electrical and Electronics Engineers (IEEE) as 802.3 (developed originally by Xerox, it was
later championed by DCE and Intel).

Wireless range extender: Since all 802.11 wireless technologies have distance
limitations, a wireless range extender can amplify the signal and extend the reachability of a
wireless cell.

45
 TechnoNet Engineering Training Center 09681900504

VPN (Virtual Private Network)

VPN Concentrators

Companies with locations spread across multiple sites often require secure communications
between those sites. One option is to purchase multiple WAN connections interconnecting
those sites. Sometimes, however, a more cost-effective option is to create secure connections
through an untrusted network, such as the Internet. Such a secure tunnel is called a virtual
private network (VPN). Depending on the VPN technology being used, the devices that
terminate the ends of a VPN tunnel might be required to perform heavy processing. For
example, consider a company headquarters location with VPN connections to each of 100
remote sites. The device at the headquarters terminating these VPN tunnels might have to
perform encryption and authentication for each tunnel, resulting in a heavy processor burden
on that device. Although several router models can terminate a VPN circuit, a dedicated
device, called a VPN concentrator, can be used instead. A VPN concentrator performs the
processor intensive process required to terminate multiple VPN tunnels. Figure shows a
sample VPN topology, with a VPN concentrator at each corporate location.

The term encryption refers to the capability of a device to scramble data from a sender
in such a way that the data can be unscrambled by the receiver, but not by any other party who
might intercept the data. With a VPN concentrator’s capability to encrypt data, it is
considered to belong to a class of devices called encryption devices, which are devices (for
example, routers, firewalls, and VPN concentrators) capable of participating in an encrypted
session.

46
 TechnoNet Engineering Training Center 09681900504

Firewall
A firewall is primarily a network security appliance. a firewall stands guard at the door of
your network, protecting it from malicious Internet traffic.

For example, a stateful firewall allows traffic to originate from an inside network (that
is, a trusted network) and go out to the Internet (an untrusted network). Likewise, return traffic
coming back from the Internet to the inside network is allowed by the firewall. However, if
traffic were originated from a device on the Internet (that is, not returning traffic), the firewall
blocks that traffic.

Next-generation firewall (NGFW): Newer firewalls of today not only can perform
stateless and stateful filtering of traffic, but they can also deeply inspect the contents of packets
to find and prevent attacks. These devices also can connect to the cloud for the latest updates
in global threats.

Domain Name System

DNS Servers

A Domain Name System (DNS) server performs the task of taking a domain name (for
example, www.ciscopress.com) and resolving that name into a corresponding IP address (for
example, 10.1.2.3). Because routers (or multilayer switches) make their forwarding decisions
based on Layer 3 information (for example, IP addresses), an IP packet needs to contain IP
address information, not DNS names. However, as humans, we more readily recall meaningful
names rather than 32-bit numbers. As shown in Figure 3-31, an end user who wants to navigate

47
 TechnoNet Engineering Training Center 09681900504

to the www.ciscopress.com website enters that fully qualified domain name (FQDN) into her
web browser; however, the browser cannot immediately send a packet destined for
www.ciscopress.com. First, the end user’s computer needs to take the FQDN of
www.ciscopress.com and resolve it into a corresponding IP address, which can be inserted as
the destination IP address in an IP packet. This resolution is made possible by a DNS server,
which maintains a database of local FQDNs and their corresponding IP addresses, in addition
to pointers to other servers that can resolve IP addresses for other domains.

Proxy Servers
Some clients are configured to forward their packets, which are seemingly destined for
the Internet, to a proxy server. This proxy server receives the client’s request, and on behalf
of that client (that is, as that client’s proxy), the proxy server sends the request out to the
Internet. When a reply is received from the Internet, the proxy server forwards the response
on to the client. Figure 3-34 illustrates the operation of a proxy server.

Security is one benefit. Specifically, because all requests going out to the Internet are
sourced from the proxy server, the IP addresses of network devices inside the trusted network
are hidden from the Internet.

48
 TechnoNet Engineering Training Center 09681900504

Another benefit could come in the form of bandwidth savings, because many proxy
servers perform content caching. For example, without a proxy server, if multiple clients all
visited the same website, the same graphics from the home page of the website would be
downloaded multiple times (one time for each client visiting the website). However, with a
proxy server performing content caching, when the first client navigates to a website on the
Internet, and the Internet-based web server returns its content, the proxy server not only
forwards this content to the client requesting the web page but stores a copy of the content on
its hard drive. Then, when a subsequent client points its web browser to the same website, after
the proxy server determines that the page has not changed, the proxy server can locally serve
up the content to the client, without having to once again consume Internet bandwidth to
download all the graphic elements from the Internet-based website.

As a final example of a proxy server benefit, some proxy servers can perform content
filtering. Content filtering restricts clients from accessing certain URLs. For example, many
companies use content filtering to prevent their employees from accessing popular social
networking sites, in an attempt to prevent a loss of productivity. A reverse proxy receives
requests on behalf of a server or servers and replies back to the clients on behalf of those
servers. This can also be used with load-balancing and caching to better utilize a group of
servers.

49
 TechnoNet Engineering Training Center 09681900504

Virtual Local Area Network

A VLAN is a virtual LAN. So, it is like having a switch inside a switch. A VLAN is a
layer 2 method of creating independent logical networks within a single physical network.
Hosts in the same VLAN behaves as if they are connected to the same LAN, even though they
may be physically connected to different LAN segments. The primary use of VLAN is to split
large switched network, which are large broadcast domains. VLAN increase the number of
broadcast-domains but reduce the size of each broadcast domain.

Types of VLAN

There are many types Virtual Local Area Network. Every VLAN that goes across the
trunk will be tagged using 802.1Q protocol. Native VLAN is the only VLAN that will not be
tagged. Most common VLANs are;
• Static VLAN: is the most common method, this VLAN can be configured manually on the
interface. It is also called Port-based VLAN. Static VLAN is very useful and it can be
configured manually. With Static VLAN, all access devices can be link to interface od the
switch to each VLAN.
• Dynamic VLAN: is dynamically assigned by VMPS server (VLAN Management Policy
Server), which has a data base of MAC address – VLAN information.
• Voice VLAN has to be configured separately from data VLAN. It needs more bandwidth and
high priority.
• 802.1X and Radius Server: to authenticate users and dynamically assign the users to a VLAN.
For example, if one computer is not having all the latest window updates and antivirus, this
50
 TechnoNet Engineering Training Center 09681900504

laptop is added to the NAC. Once the laptop is updated, it will be removed to the correct
VLAN.

VLAN LAB

Switch>enable
Switch#configure terminal
Switch(config)#hostname SW1
SW1(config)#enable secret technonet
SW1(config)#vlan 10
SW1(config-vlan)#name HR
SW1(config-vlan)#vlan 20
SW1(config-vlan)#name Sales
SW1(config-vlan)#exit
SW1(config)#interface fastethernet0/1
SW1(config-if)#switchport mode access
SW1(config-if)#switchport access vlan 10
SW1(config-if)#exit
SW1(config)#interface fastethernet0/2
SW1(config-if)#switchport mode access
SW1(config-if)#switchport access vlan 20
SW1(config-if)#exit
SW1(config)#interface fastethernet0/24
SW1(config-if)#switchport trunk encapsulation dot1q
SW1(config-if)#switchport mode trunk
SW1(config-if)#exit

Switch>enable
51
 TechnoNet Engineering Training Center 09681900504

Switch#configure terminal
Switch(config)#hostname SW2
SW2(config)#enable secret technonet
SW2(config)#vlan 10
SW2(config-vlan)#name HR
SW2(config-vlan)#vlan 20
SW2(config-vlan)#name Sales
SW2(config-vlan)#exit
SW2(config)#interface fastethernet0/1
SW2(config-if)#switchport mode access
SW2(config-if)#switchport access vlan 10
SW2(config-if)#exit
SW2(config)#interface fastethernet0/2
SW2(config-if)#switchport mode access
SW2(config-if)#switchport access vlan 20
SW2(config-if)#exit
SW2(config)#interface fastethernet0/24
SW2(config-if)#switchport trunk encapsulation dot1q
SW2(config-if)#switchport mode trunk
SW2(config-if)#exit

VLAN Trunking Protocol

On Cisco switches, all the interfaces belong to VLAN 1 by default. VLAN 1 is also
considered as Management VLAN, and should be dedicated for system traffic such as CDP,
STP, VTP and DTP. For switches running in VTP (Virtual Trunking Protocol) can perform
three functions. Server mode which generates and propagates VTP advertisements to clients,
default mode on normal switches. Client mode which receives and forward advertisements
from server but VLAN cannot be manually configured on switches in client mode. Transparent
mode which only forwards advertisements but does not participate in VTP, VLAN must be
configured manually. Dynamic Trunking Protocol (DTP) can be used to automatically
establish between capable ports.

52
 TechnoNet Engineering Training Center 09681900504

VTP Lab

Switch>enable
Switch#configure terminal
Switch(config)#hostname L3SW
L3SW(config)#int range fa0/1-3
L3SW(config-if-range)#switchport trunk encapsulation dot1q
L3SW(config-if-range)#switchport mode trunk
L3SW(config-if-range)#switchport nonegotiate
L3SW(config-if-range)#exit
L3SW(config)#vtp domain cisco
L3SW(config)#vtp version 2
L3SW(config)#vtp mode server
L3SW(config)#vtp password 123

L3SW(config)#vlan 10
L3SW(config-vlan)#name HR
L3SW(config-vlan)#vlan 20
L3SW(config-vlan)#name Sales
L3SW(config-vlan)#vlan 30
L3SW(config-vlan)#name Admin

Switch>enable

53
 TechnoNet Engineering Training Center 09681900504

Switch#configure terminal
Switch(config)#hostname SW1
SW1(config)#int fa01
SW1(config-if)# switchport trunk encapsulation dot1q
SW1(config-if)# switchport mode trunk
SW1(config-if)#switchport nonegotiate
SW1(config-if)#exit

Switch(config)#vtp domain cisco

Switch(config)#vtp version 2
Switch(config)#vtp mode client
Switch(config)# vtp password 123

Dynamic Host Configuration Protocol

Most modern networks have IP addresses assigned to network devices, and those logical
Layer 3 addresses are used to route traffic between different networks. Network devices can
get IP addresses in two ways; static assigning and dynamic assigning. One option is to
manually configure an IP address on a device. But this process is time consuming and error
prone.
A more efficient method of assigning IP address is to dynamically assign IP
addresses to network devices. The most common approach for this auto-assignment of IP
addresses is Dynamic Host Configuration Protocol (DHCP). Not only does DHCP assign an
IP address to a network device, it can assign a wide variety of other IP parameters, such as
subnet mask, a default gateway, and the IP address of a DNS server. In many corporate
networks, when a PC boots, that PC receives its IP address configuration information from a
cooperate DHCP server.
DHCP client receives an IP address from DHCP server in four steps. These four steps
are called DORA functions; discover, offer, request and acknowledge.
• When a DHCP client initially boots, it has no IP address, default gateway, or other
configuration information. Therefore, DHCP client initiates a communication by sending a
broadcast message. This message is the DHCPDISCOVER message to destination address of
255.255.255.255 to discover a DHCP server.
When a DHCP server receives a DHCPDISCOVER message, it can respond with a unicast
DHCPOFFER message. Because the DHCPDISCOVER message is sent as a broadcast, more

54
 TechnoNet Engineering Training Center 09681900504

than one DHCP server might respond to this discover request. The client selects the server that
sent the first DHCPOFFER response received by the client.
• The DHCP client communicates with this selected server sending a unicast DHCPREQUEST
message asking the DHCP server to provide IP configuration parameters.
• The DHCP client communicates with this selected server by sending a unicast DHCPACK
message. This DHCPACK message contains a collection of IP configuration parameters.

Figure: Obtaining IP address information from a DHCP server

Relay Agent Router

In the first step of DORA function, the DHCPDISCOVER message was sent as a
broadcast. By default, a broadcast cannot cross a router boundary. Therefore, if a client resides
on a different network than the DHCP server, the client’s next-hop router should be configured
as a DHCP relay agent, which allows a router to relay DHCP requests to either a unicast IP
address or a directed broadcast address for a network. The DHCP relay agent is often referred
to as an IP helper.

DHCP Server Scope

A DHCP server can be configured to assign IP addresses to devices belonging to
different subnets. Specifically, the DHCP server can determine the source subnet of the DHCP

55
 TechnoNet Engineering Training Center 09681900504

request and select an appropriate address pool from which to assign an address. One of these
address pools is called a scope.
When a network device is assigned an IP address from an appropriate DHCP scope, that
assignment is not permanent. Rather, it is a temporary assignment referred to as a lease.
Although most client devices on a network work well with this dynamic addressing, some
devices (for example, servers) might need to be assigned a specific IP address. Fortunately,
you can configure a DHCP reservation, where a specific MAC address is mapped to a specific
IP address, which will not be assigned to any other network device. This static addressing
approach is referred to as a DHCP reservation. Another common concern in DHCP
configurations is to exclude IP addresses from the scope of addressed you make available. We
call these IP exclusions. You might do this for several servers you have in your organization
that required configurations with a static IP address in the scope of your overall IP address
space. IP exclusions are simple to configure and ensure that an IP address conflict does not
result in your subnet. A method for remembering the four main steps of DHCP is D.O.R.A.,
with each letter representing the steps discover, offer, request, and acknowledge.

56
 TechnoNet Engineering Training Center 09681900504

Inter-VLAN Routing & Router on a Stick

Inter-VLAN routing can be defined as a way to forward traffic between different VLAN
by implementing a router in the network. There are two types of Inter-VLAN routing;
1. Traditional Inter-VLAN routing
2. Router - on – a – stick.
In the type of traditional Inter-VLAN routing, a router is usually connected to the switch
using multiple interfaces. One for each VLAN. The interfaces on router are configured as the
default gateway for the VLANs configured on the switch. The port that connected to the router
from the switch are configured in access mode in their corresponding VLANs.
In the second type of Inter – VLAN routing is router on a stick, the router is connected
to the switch using a single interface. The switch-port is connecting to the router, which is
configured with multiple IP address that correspond to the VLANs on the switch. This
interface accepts the traffics from all the VLANs and determines the destination network based
on the source and the destination IP in the packets. It then forwards the data to the switch with
the correct VLAN information.

Figure: Inter-VLAN routing

57
 TechnoNet Engineering Training Center 09681900504

Figure: Router on a Stick

Port Security
Port security is a technology which does not allow invalid MAC address to come inside
of the switch. Port security is used to restrict the switch's interface so that only the expected
devices can use it. This reduces exposure to attacks in which the attacker connects a laptop to
some unused port.
Port security identifies devices based on the source MAC address of the Ethernet frames
the devices send. Port security has no restrictions on whether the frame came from a local
device or was forwarded through other switches. Port security is used to prevent MAC
Flooding attack, which is an attack that targets a switch in a LAN. This attack generates a lot
of fake MAC addresses that full the CAM table and lead to stop working. The unused ports
must be enabled Port Security. The unused ports must be shutdown. Port Security is one of the
Infrastructure securities. Port security is used to prevent user from any unauthorized
person.Port security prevents MAC flooding attack, allows the valid user, blocks the invalid
user. It must be applied to the specific port the switch.

58
 TechnoNet Engineering Training Center 09681900504

When some invalid user, attacker or MAC address enter the interface that enabled Port
Security, violation occurs. Violation has four actions,
• Shutdown
• Protect
• Restrict
• Shutdown-VLAN
By default, violation action is shut down. Shutdown option does not actually add the
shutdown subcommand to the interface configuration. Instead of putting the interface in an
error disabled state. To recover from this state, someone must manually disable the interface
with the shutdown interface command and then enable the interface with no shutdown
command.

59
 TechnoNet Engineering Training Center 09681900504

Network Address Translation (NAT)

Some IP addresses are routable through the public Internet, and other IP addresses are
considered private and are intended for use within an organization. Network Address
Translation allows private IP address to be translated into Internet-routable IP addresses. IPv4
has nearly 4.3 billion addresses. It includes private and public addresses. Public addresses are
routable and can be used in WAN. Private addresses are non-routable and can be used in LAN.
When private IP wants to cooperate with public IP, NAT is used. There are three types of
NAT;
1. Static NAT
2. Dynamic NAT
3. PAT (Port Address Translation).

Static NAT
Static NAT (Network Address Translation) is one-to-one mapping of a private IP
address to a public IP address. Static NAT (Network Address Translation) is useful when a
network device inside a private network needs to be accessible from internet. There is a one-
to-one relationship between the IP address of computer on the LAN and the IP address from
ISP.

Dynamic NAT
Dynamic NAT can be defined as mapping of a private IP address to a public IP address
from a group of public IP addresses called as NAT pool. Dynamic NAT establishes a one-to-
one mapping between a private IP address to a public IP address. The public IP address is
taken from the pool of IP addresses configured on the NAT router. The public to private

60
 TechnoNet Engineering Training Center 09681900504

mapping may vary based on the available public IP address in NAT pool. Dynamic NAT
required a pool of IP addresses to translate from public IP address to private IP address.

Figure: Dynamic NAT

Port Address Translation

Port Address Translation is the enhanced NAT which can map multiple private IP
addresses to a single public IP address by using the port number. PAT works with the
combination of IP address and port number.

Figure: Port Address Translation

61
 TechnoNet Engineering Training Center 09681900504

AVILIABLE TRAINING COURSES

• A+ (HARDWARE ENGINERRING)
• NETWORK ENGINERRING
• JAVA PROGRAMING (SE)
• ELECTRONICS BASIC + ARDUINO
• PIC CONTROLLER
• SYSTEM ENGINEERING
• COACHING FOR MINI-THESIS
• CCNA
No.146, Thitsar Lane, Aung San Street, Between 54 & 55
Street.Aung Pin Lae, Chanmyatharzi,Mandalay.
Ph no: 09 681900504, 09 699086237
Email address:
[email protected]

62