Lecture 04 Network Hardware in Depth.md

Lecture 04 Network Hardware in Depth

Table of Contents

• Lecture 04 Network Hardware in Depth
  • Network Switches in Depth
    • Port Modes of Operation
    • Creating Switch Table
    • Frame Forwarding Methods
    • Multilayer Switches
  • Advanced Switch Features
    • Multicast Processing
    • Spanning Tree Protocol (STP)
      • Side Effects of STP
      • Rapid Spanning Tree Protocol (RSTP)
    • Virtual Local Area Networks (VLANs)
      • VLAN Trunks
      • Consideration Factors
    • Switch Port Security
  • Routers in Depth
    • Router Interfaces
    • Routing Tables
    • Routing Protocols
      • Distance-Vector Protocols
      • Link-State Protocols
      • Routing Protocols Considerations
    • Access Control Lists
  • Wireless Access Points (WAP) in Depth
    • Basic Wireless Settings
    • Wireless Security Options
    • Advanced Wireless Settings
  • NIC in Depth
    • Advanced Features
      • Hardware Enhancement Options
  • Firewall
    • Router VS Firewall
    • Hardware VS Software Firewall
  • Summary

Network Switches in Depth

• work at datalink layer 2
  • receive frames on 1 port & forward to port whr dest device found
• switches send broadcast frames out all ports
• ea switch port considered a collision domain
  • dont forward collision info to other ports
• can operate in full-duplex
  • allows connected devices to transmit & receive simultaneously - eliminates possibility of collision

Port Modes of Operation

• ports on typical 10/100 mbps switch can usually operate in these modes
  • 10mbps half duplex
  • 100mbps half duplex
  • 10 mbps full duplex
  • 100mbps full duplex
• most inexpensive switches run in auto-nego mode
  • switch sets mode to highest perf setting the device supports
• auto-MDIX mode - switch port detects type of device & cable it's connected to
  • straight-through or crossover cable can be used

Creating Switch Table

• switching table holds MAC address/port pairs that tell switch whr to forward a frame based on dest MAC
• when switch powered on, its table is empty
  • as network devices send frames, switch reads ea frame's src address & adds to table with port its received from
• if frame's dest not found in table, the switch forwards the frame to all ports

• most swithes include a num that indicates num of MAC addresses the switch can hold
  • Eg. 8k MAC supported
• switching tables prevent stale entries by including timestamp when entry created
  • when switch gets frame from device alrdy in table, it updates the entry with new timestamp
• period of time a table keeps a MAC is called aging time
  • if timestamp not updated within aging time, the entry expires & removed from table

Frame Forwarding Methods

• cut-through switching - switch reads only enoguh of incoming frame to determine frame's src & dest
  • fastest
  • disadvantage - no error checking
• store-and-forward switching - switch reads entire frame into buffers before forwarding
  • examines the FCS field to enure it contains no errors before forwarding
  • a frame check sequence (FCS) refers to an error-detecting code added to a frame in a communications protocol
• fragment-free switching - switch reads enough of frame to guarantee that its at least the min size for network type

Multilayer Switches

• have funcs of switch (layer 2) but add layers 3 capabilities
  • typically used in interior of networks to route between vlans instead of being placed on network perimeter
• perf advantage over traditional routers
  • packet routing between vlans done within switch than having to exit switch to router

Advanced Switch Features

• high-end switches (AKA smart switches/manages switches) can help make network more efficient & reliable
• common features in smart switches
  • multicast processing
  • spanning tree protocol
  • virtual lan
  • port security

Multicast Processing

• switches process multicast frames in 1 of 2 ways
  • as broadcast & send to all port
    • used by low-end switches or those not configured for it
  • by forwarding frames only to ports with the registered multicast addr
    • used by switches that support internet grp management protocol (IGMP)
    • multicast MAC addr always begin with 01:00:5E
      • rest of addr identifies particular multicast app

Spanning Tree Protocol (STP)

• enables switches to detect when there's potential for switching loop
  • occurs when frame is forwarded from 1 switch to another in infinite loop
• when possible loop detected,
  • 1 of switch ports goes into blking mode
    • prevents it from forwarding frames that creates loops
  • if loop config broken, switch that was in blking mode resumes forwarding frames

Side Effects of STP

• device takes longer to create link with switch that runs the protocol

Rapid Spanning Tree Protocol (RSTP)

• enhancement to STP that provides faster convergence when topology changes

Virtual Local Area Networks (VLANs)

• enable you to config 1 or more switch ports into separate broadcast domains
  • like separating switch into 2 or more switches that aint connected
• router needed to comm between VLANs
• improves management & security of network & gives more control of broadcast frames
• allows admins to grp users & resources logically instead of by phy location

VLAN Trunks

• trunk port - switch port configed to carry traffic from all VLANs to another switch/router
  • switch/router port must also be configed as trunk port
• involves switch adding tag to ea frame that must traverse the trunk port
  • VLAN tag identifies which vlan traffic originated from

Consideration Factors

• overuse of vlans will cost more than it benefits you
• more vlan = more logical networks
  • network more complicated
• every vlan you create needs corr router interface
  • routers are slow so perf decrease with more vlan
• more router interfaces mean more IP networks
  • need subnetting your existing network

Switch Port Security

• network jacks with connections to switches often avail to public users - can plug in laptop with viruses, hacker tools or malware
  • switch with port security can help prevent these types of conn
  • enables admin to limit how many & which MAC can connect to a port
  • if unauth comp attempts to connect, port can be disabled & msg sent to admin to alert them of intrusion

Routers in Depth

• operate at network layer 3 & work with packets
  • connect separate logical networks to form internetwork
  • broadcast frames not forwarded to other outer ports/networks
  • can use complex internetworks with multiple paths
    • creates fault tolerance & load sharing
• all processing depends on following features
  • router interfaces
  • routing tables
  • routing protocols
  • access control lists

Router Interfaces

• must have 2 or more interfaces (ports) to forard packets to other networks
• when router interface receives frame, it compares the dest MAC with interface's MAC
  • if match, router strips frame header & trailer & reads packet's dest IP
  • if IP maches, it proceeds the packet
    • if not, router consults with routing table to determine how to get packet to dest
  • process of moving packet from incoming interfce to outgoing interface called packet forwarding

Routing Tables

• composed of network addr & interface pairs that telll router which interface packet shld be forwarded to
• most tables contain following for ea entry
  • dest network - usually in CIDR notation
  • next hop - indicates interface name/addr of next router in path to dest
    • total num of routers a packet must travel through called hop count
  • metric - numeric val that tells router how far away dest network is
    • AKA cost or distance
  • how route derived - tells you how route gets into routing table (1 of 3 ways)
    • network connected directly
    • admin enters route info manually
      • AKA static route
    • route info entered dynamically via routing protocol
  • timestamp - tells router how long since the routing protocol updated the dynamic route

Routing Protocols

• set of rules that routers use to exchange info so all routers have accurate info abt internetwork to populate their routing tables
• 2 main types of protocols
  • dist-vector protocols
  • link-state protocols

• speed of convergence - how fast routing tables of all routers in internetwork updated when change in network occurs

• interior gateway protocols (IGP) used in autonomous system (AS)

  • AS - internetwork managed by single org
  • routing protocols discussed so far are IGPs

• exterior gateway protocols (EGP) used between AS

  • Eg. broder gateway protocol (BGP)
    • path vector routing protocol - analyses characeristics of all ASs to form nonlooping routing topology

• static routes entered in manually

Distance-Vector Protocols

• share info abt internetwork's status by copying router's routing table to other routers
  • routers sharing network are called neighbour
  • routing info protocol (RIP) & RIPv2 are most common

Link-State Protocols

• share info with other routers by sending status of all interface links to other routers
  • open shortest path first (OSPF) most common

Routing Protocols Considerations

• does network change often?
  • routing protocol good
• are there several alt paths to many of the networks in the internetwork?
  • routing protocol can reroute arnd down links or congested routes automatically
• is internetwork large?
  • routing protocol builds & maintains routing protocols automatically

Access Control Lists

• set of rules configed on router's interface for specifying which addr & protocols can pass through interface & to whcih dests
• when ACL blks packet, its called packet filtering
• usually configd to blk traffic based on
  • inbound/outbound traffic
  • src addr
  • dest addr
  • protocol
• addr can be specific IP addr or network nums & filtering can be done on either src/dest addr or both

Wireless Access Points (WAP) in Depth

• 3 devices in 1
  • wireless AP
  • router
  • switch

Basic Wireless Settings

• wireless network mode
  • allows you to choose which 802.11 standard AP shld operate under
• wireless network name (SSID)
  • when AP is shipped SSID is set to default
    • pls change it
• wireless channel
  • recommended set channels 5 chann apart
    • Eg. 1, 6 & 11
• SSID broadcast status
  • by default, APs configed to transmit the SSID so any wireless device in range can see network

Wireless Security Options

• encryption - all private networks shld use
  • common protocols
    • wired equivalent privacy (WEP)
    • wifi protected access (WPA)
    • WPA2
  • use highest lvl of security your systems support
    • all device must use same protocol
• auth - users enter user & password to access wireless network
  • APs that support auth usually support remote dial-in user service (RADIUS) protocol
• MAC filtering - enables you to restrict which devices can connect to AP
  • & MAC of wireless devices allowed to access network to a list on AP
• AP Isolation - creates seperate virtual network for ea client conn
  • clients can access internet but cant comm with ea other

Advanced Wireless Settings

• adjustable transmit power
  • control power & range of wireless signal
• multiple SSIDs
  • 2 or more wireless networks can be created with diff security settings
• vlan support
  • assign wireless networks to wired vlan
• traffic priority
  • if AP configed for multiple networks, can assign priority to packets coming from ea network
• wifi multimedia
  • provides quality of service (QoS) settings for multimedia traffic
  • gives priority to streaming audio/video
• AP modes
  • AP can set to operate as traditional AP, repeater or wireless bridge

NIC in Depth

• NIC makes conn between comp & network medium
  • perf & reliability of NIC crucial to comp's network perf

Advanced Features

• if NIC slow, can limit network perf
• when selecting network adapter, 1st identify phy characteristics card must match
  • type of bus/tech/connector needed
• norm desktop comps with basic features usually adequate
  • servers sometimes warrant these high-end features
  • virtualised envs benefit from NICs with multiple ports

Hardware Enhancement Options

• shared adapter memory
  • adapter's buffers map directly to RAM on comp
• shared system memory
  • NIC's onboard processor selects region of RAM on comp & writes to it as though it were buffer space on adapter
• bus mastering
  • permit network adapter to take control of comp's bus to init & manage data transfers to/from comp's memory
• RAM buffering
  • NIC includes extra memory to provide temp storage for incoming/outgoing network data that arrives at NIC faster than it can be sent out
• onboard co-processors
  • enable card to process incoming & outgoing network data w/o requiring service from CPU
• QOS allow pripritising time-sensitive data
• auto link aggregation
  • enable you to install multiple NICs in 1 comp & aggregate bandwidth
• improved fault tolerance
  • by installing 2nd NIC
  • failure of primary NIC shifts network traffic to 2nd NIC
• advanced config power management interface (ACPI)
  • offers wake-up LAN
  • allow admin to power on PC remotely by accessing NIC through network
• preboot execution environment (PXE) adapter
  • allow comp to download OS instead of booting from local hard drive
  • used on diskless workstations (thin clients) that dont store OS locally

Firewall

• security device that puts up barrier between local network & internet
• acts as filter, allowing/restricting data traffic between network/other networks
• flexible
  • allows you to modify the blking rules by
    • IP
    • protocol (TCP, UDP, ICMP)
    • port
    • or for software apps & services

Router VS Firewall

Hardware VS Software Firewall

• both protect from malicious traffic
• hardware firewall can be stand-alone device or part of router
  • such router is simple & effective protection solution for network
    • reviews headers of data packets & decides if can be trusted
    • if think packet safe, forward
    • else, drop
• software firewall - program that you install on comp
  • can be part of antivirus suit or separate
  • protect from uncontrolled access to comp
  • depending on software can keep safe from trojans & worms too
  • differences
    • it will only protect the device with the firewall installed
      • have to install on all devices to be protected
    • will run in background - use up system resources
      • lead to slowdowns

Summary

tags: NETF DISM School Notes