CCNA-1. Chapter 9. Ethernet

Ethernet Data Link sublayers:

• Logical Link Control (LLC)
  
  • connection to upper layers
  • frames the network layer packet
  • identifies network layer protocol
  • independen of physical enviroment
• Media Access Control (MAC)
  
  • Data Encapsulation
    
    • Frame delimiting
      
      • identify a group of bits that make up a frame
      • synchronization between the transmitting and receiving nodes
    • Addressing (header contains physical address (48bit MAC address))
    • Error detection (trailer with a cyclic redundancy check (CRC))
  • Media Access Control
    
    • controls the placement and removal of frames from the media
    • initiation of frame transmission
    • recovery from transmission failure due to collisions

Ethernet logical topology - multi-access bus (see CCNA-1. Chapter7. Data link OSI level) Ethernet frame size 64 bytes - 1518 (1522 - 802.3ac) bytes. Ethernet framing types:

• Ethernet (IEEE 802.3) Length field: equal to or greater than 0x0600 hexadecimal or 1536 decimal

• Ethernet II (DIX Ethernet standard) Type field: equal or less than 0x05DC hexadecimal or 1500 decimal

MAC address types:

• Unicast (destination MAC address)
• Broadcast (FF-FF-FF-FF-FF-FF)
• Multicast (01-00-5E-XX-XX-XX) XX-XX-XX converted to hex lower 23 bits of the IP multicast group address. The remaining bit in the MAC address is always a "0".

Purpose of inventing hubs (multi-port repeaters):

• enable more nodes to connect to the shared media
• migration from physical bus to physical star topology
• increased network reliability by allowing any single cable to fail without disrupting the entire network

Communication types:

• Synchronous (Ethernet >100Mbs) Timing not required. Preamble and Start Frame Delimiter (SFD) - only for compatibility.
• Asynchronous (Ethernet <10Mbs) Use the timing information to synchronize the receive circuit to the incoming data.

Ethernet LAN switches basic operations:

• Learning (source MAC address based)
• Aging (time stamped entries)
• Flooding (not in the MAC table - switch sends the frame to all ports except port frame arrived)
• Selective Forwarding (forward to the corresponding port based on MAC table)
• Filtering (not forward frame to port it arrived, drop a corrupt frame(fails a CRC check), port security)

ARP table is stored in the RAM



Proxy ARP (Router map MAC address of the gateway to any IP addresses not on the local network). Usage:

• Older implementation of IPv4 (ARP always sends requests for the destination)
• Improper mask configured (host believes that it is directly connected to the same network)
• Static routing with only exit interface configured on broadcast and NMBA networks

Use static ARP to prevent ARP spoofing (ARP poisoning)

CCNA-1. Chapter 8. OSI Physical Layer

Physical layer elements:

• The physical media and associated connectors
• A representation of bits on the media
• Encoding of data and control information
• Transmitter and receiver circuitry on the network devices

Functions of the Physical layer:

• The physical components
• Data encoding (bits -> predefined code. Distinguish data bits from control bits, media error detection, beginning and end of a frame)
• Signaling (method of representing the bits)

Signaling Methods:

• Amplitude
  
  • Non-return to zero (NRZ) (low voltage - logical 0, high voltage - logical 1)
    
    • 
      simple
    • 
      inefficient bandwidth use
    • 
      susceptible to electromagnetic interference
    • 
      boundaries between individual bits can be lost when long strings of 1s or 0s are transmitted
    • 
      not have a transition to use in resynchronizing bit times
• Frequency
• Phase
  
  • Manchester Encoding ( low voltage ->high voltage = logical 1, high voltage -> low voltage = logical 0)
    
    • Used by 10BaseT Ethernet
    • 
      simple
    • 
      have a transition to use in resynchronizing bit times
    • 
      can be used only on slow speed links

Encoding methods:

• Signal Patterns (start of frame, end of frame, and frame contents. Patterns decoded into bits and are interpreted as codes)
• Code Groups (data bits divided to patterns and transmitted as set of code grops(symbols). 4B/5B (100BASE-T) 4D-PAM5 (1000BASE-T); 8B/10B (1000BASE-SX and 1000BASE-LX)
  
  • 
    Reduce bit level error (create more frequent transitions to solve timing synchronization problems)
  • 
    Limit the effective energy transmitted into the media  (long series of 1s changed to another code)
  • 
    Help to distinguish data bits from control bits. 3 Types of symbols used:
    
    • Data symbols - Symbols that represent the data of the frame.
    • Control symbols - Special codes injected by the Physical layer used to control transmission.
    • Invalid symbols - Patterns not allowed on the media. The receipt of an invalid symbol indicates a frame error.
  • 
    Better media error detection (Invalid symbols)
  • 
    Overhead in the form of extra bits to transmit

Data transfer can be measured in:

• Bandwidth (theoretical tecnological network performance)
• Throughput (actual network performance)
• Goodput (throughput minus traffic overhead for establishing sessions, acknowledgements, and encapsulation)

Interferience:

• cooper cables
  
  • fluorescent lights
  • motor venicles
• wireless
  
  • cordless phones
  • some types of fluorescent lights,
  • microwave ovens

Time definitions:

• Bit time (amount of time 1 bit occupies the media)
  
  • 10-Mbps Ethernet - 100 nanoseconds(nS) to transmit a bit
  • 100 Mbps Ethernet - 10 nS to transmit a bit
  • 1 Gbps Ethernet - 1 nS to transmit a bit
  • 10 Gbps Ethernet - 0,1 nS to transmit a bit
• Slot time (maximum theoretical time from first bit sent to time jam signal returned to sender)
-device must learn about the collision before it finishes sending the smallest Ethernet frame size (64byte)
-ensures that if a collision is going to occur, it will be detected within the first 512 bits (4096 for Gigabit Ethernet)
-sets maximum network diameter 2500 meters for CSMA\CD to handle errors and avoid late collisions.
Slot time values:
• 
  
  • 10-Mbps Ethernet - 512 bit time
  • 100 Mbps Ethernet - 512 bit time
  • 1 Gbps Ethernet - 4096 bit time
  • 10 Gbps Ethernet - not applicable
• Interframe spacing (from last bit of one frame to the first bit of next frame)
  
  • 10-Mbps Ethernet - 96 bit time (9.6 nS)
  • 100 Mbps Ethernet - 96 bit time (0,96 nS)
  • 1 Gbps Ethernet - 96 bit time (0,096 nS)
  • 10 Gbps Ethernet - 96 bit time (0,0096 nS)
• Latency (amount of time it takes for data to be sent from sender to reciever)
• Propagation delay (length of cable that signal propagates in 1 nanosecond)
  
  • UTP cable - 20.3 centimeters (8 inches) per nanosecond

Number of bit times to reach the destination = Cable length \ (Cable propagation delay * Bit time)



                                                                Physical media (Ethernet)











Coaxial cable Ethernet:

• 10BASE5 (Thicknet), used a thick coaxial
• 10BASE2 (Thinnet), used a thin coaxial cable that was smaller in diameter and more flexible.

Twisted pair features:

• The twisting cancel interference from external sources (makes common interference on both wires)
• The twisting cancel interference from internal sources - crosstalk (opposite direction causes magnetic field cancellation)
• Different pairs of wires use a different number of twists per meter (protect the cable from crosstalk between pairs)

Utp cable types:  

• Ethernet Straight-through (1+,2-(orange):transmit; 3+,6-(green):recieve)
• Ethernet Crossover
• Rollover 

Coaxial cable usage:

• Carries radio frequency (RF) energy between the antennas and the radio equipment.
• Transporting high radio frequency signals (cable television signals). In hybrid fiber coax (HFC) used only as last mile.
• 
  Ethernet installations - was totally replaced by UTP as a standart

                                                      

Fiber optic:

• Core (glass or optic fiber)
• Cladding (prevent light loss from the fiber)
• Buffer
• Aramid Yarn
• Jacket (polymer)

Fiber optic cables types:

• Single-mode
  
  • Small core (8-10 micron)
  • Less dispersion
  • Distance - up to 100 km (62,14 mi)
  • Uses lasers as the light source often within campus backbones for distance of several thousand meters
• Multimode (cheaper)
  
  • Larger core (50/62.5 microns)
  • Allows greater dispersion (modal dispersion) and therefore, loss of signal
  • Distance - up to ~2km (6560 ft)
  • Uses LEDs as the light source often within LANs or distances of a couple hundred meters within a campus network

Optical Time Domain Reflectometer (OTDR) - device injects a test pulse of light into the cable and measures back scatter and time reflection of light,l calculate the approximate distance at which faults are detected along the length of the cable.

CCNA-1. Chapter 7. Data link OSI level.

Data Link layer performs two basic services:

• Allows the upper layers to access different media (framing)
• Controls how data is placed onto the media and is received (media access control, error detection)

Data Link Sublayers:

• Logical Link Control (LLC):
  
  • Identify Network layer protocol
  • Frames the network layer packet
• Media Access Control (MAC):
  
  • Provides Data Link layer addressing
  • Delimiting of data according to the physical requirements (start and end of frame)
  • Regulating the placement of data frames onto the media

Network topology types:

• Physical topology  (representation of how the media is used to interconnect the devices)
• Logical topology (independent of physical layout. Define how connection between the nodes appears to the Data Link layer. LLC (Frame Type) and MAC method are choosed based on Logical topology, may differ from physical topology)

Data Link layer protocols specify the media access control methods. Media access control methods (define the processes of access the network media and transmiting frames) depend on:

• Media sharing (If and how the nodes share the media)
  
  • Shared media methods types:
    
    • Controlled (Deterministic) No collisions, Device wait for turn . MAC methods:
      
      • 
        Token passing. Recieve-> wait for token-> transmit (FDDI, Token Ring)
    • Contention-based (Non-deterministic) Collisions, Transmit at any time. Use Carrier Sense Multiple Access (CSMA) MAC methods for contention resolving:
      
      • 
        CSMA\CD - Collision Detection. Monitor media-> transmit the data (Ethernet
        
        • Carrier Sense (detects a signal on shared media)
        • Jam Signal (notify the other devices of a collision (32 bit))
        • Backoff algoritm (stop transmitting for a random time)
      • 
        CSMA\CA - Collision Avoidance. Monitor media-> send a notification-> transmit the data (Wireless LAN)
  • Non-Shared media (require little or no control placing frames onto the media, simpler rules and procedures for MAC)
• Logical Topology .
  
  • Point-to-point:
    
    • 
      Half-duplex (devices cannot simultaneously ransmit and receive on the media)
    • 
      Full-duplex (evices can transmit and receive on the media at the same time)
  • Multi-Access (Bus) :
    
    • All the nodes receive all the frames transmitted by any node in segment
    • Node determine if a frame is to be accepted by examining MAC address.
  • Ring

                                                                                       FRAME Field types:

• Frame Start (the beginning of the frame)
• Addressing (source and destination address)
• Type/Length (upper layer protocol or possibly length of frame)
• Control (Flow control services)
  
  • Priority/Quality of Service field - Indicates a particular type of communication service for processing
  • Logical connection control field - Used to establish a logical connection between nodes
  • Physical link control field - Used to establish the media link
  • Flow control field - Used to start and stop traffic over the media
  • Congestion control field - Indicates congestion in the media
• Data (Network layer packet)
• Error detection
• Frame Stop (end of the frame)

Ethernet frame:

PPP frame:

Wireless 802.11 frame:

 

• Protocol Version field - Version of 802.11 frame in use
• Type and Subtype fields - Identifies one of three functions and sub functions: control, data, and management
• To DS field - Set to 1 in data frames destined for the distribution system (devices in the wireless structure)
• From DS field - Set to 1 in data frames exiting the distribution system
• More Fragments field - Set to 1 for frames that have another fragment
• Retry field - Set to 1 if the frame is a retransmission of an earlier frame
• Power Management field - Set to 1 to indicate that a node will be in power-save mode
• More Data field - Set to 1 to indicate to a node in power-save mode that more frames are buffered for that node
• Wired Equivalent Privacy (WEP) field - Set to 1 if the frame contains WEP encrypted information for security
• Order field - Set to 1 in a data type frame that uses Strictly Ordered service class (does not need reordering)
• Duration/ID field - Depending on the type of frame, represents either the time, in microseconds, required to transmit the frame or an association identity (AID) for the station that transmitted the frame
• Destination Address (DA) field - MAC address of the final destination node in the network
• Source Address (SA) field - MAC address of the node the initiated the frame
• Receiver Address (RA) field - MAC address that identifies the device that is the immediate recipient of the frame
• Transmitter Address (TA) field - MAC address that identifies the wireless device that transmitted the frame
• Sequence Number field - Indicates the sequence number assigned to the frame; retransmitted duplicate numbers
• Fragment Number field - Indicates the number for each fragment of a frame
• Frame Body field - Contains the information being transported; for data frames, typically an IP packet
• FCS field - Contains a 32-bit cyclic redundancy check (CRC) of the frame

Upper layer standards and organizations:

• Internet Engineering Task Force (IETF) in RFCs.

Data link layer standards and organizations:

• International Organization for Standardization (ISO)
  
  • 
    HDLC (High Level Data Link Control)
• Institute of Electrical and Electronics Engineers (IEEE)
  
  • 802.1
    
    • 802.1x (port-based Network Access Control (PNAC))
  • 
    802.2 (LLC)
  • 
    802.3 (Ethernet)
    
    • 802.3ac (VLAN support added by extended maximum frame size 1518->1522 bytes)
    • 802.3ae (10Gb/s Ethernet)
  • 
    802.5 (Token Ring)
  • 
    802.11 (Wireless LAN or WLAN) - WiFi
    
    • 
      802.11a - 5 GHz frequency,speed of up to 54 Mbps.
      
      • 
        smaller coverage area
      • 
        less effective at penetrating building structures.
      • 
        not interoperable with the 802.11b and 802.11g standards
    • 
      802.11b - 2.4 GHz frequency, speed of up to 11 Mbps.
      
      • 
        longer range
      • 
        better able to penetrate building structures
      • 
        slow speed
    • 
      802.11g - 2.4 GHz frequency, speeds of up to 54 Mbps.
      
      • 
        interoperable with the 802.11b
    • 
      802.11n - 2.4 Ghz or 5 GHz. speed 100 Mbps to 210 Mbps, distance up to 70 meters.
  • 
    802.15 (Wireless Personal Area Network or WPAN) - Bluetooth (1 to 100 meters)
  • 
    802.16 (Worldwide Interoperability for Microwave Access or WiMAX) - point-to-multipoint topology  broadband access.
• American National Standards Institute (ANSI)
  
  • 
    Q922 (Frame Relay Standard)
  • 
    Q921 (ISDN Data Link Standard)
  • 
    HDLC (High Level Data Link Control)
• International Telecommunication Union (ITU)
  
  • 
    3T9.5 (MAC protocol of token ring)
  • 
    ADCCP (Advanced Data Communications Control Protocol ) functionally equivalent to HDLC

Physical layer standards (physical, electrical, mechanical properties of the media and connectors, encoding and control information techniques) and organizations:

• The International Organization for Standardization (ISO)
  
  • ISO 8877(RJ-45 connector)
• The Institute of Electrical and Electronics Engineers (IEEE) (cooper cabling categories)
• The American National Standards Institute (ANSI)
• The International Telecommunication Union (ITU)
• The Electronics Industry Alliance/Telecommunications Industry Association (EIA/TIA)
  
  • EIA-TIA 568a (wire color to pinouts)
  • EIA-TIA 568b (wire color to pinouts)
  • EIA-TIA 606A (labeling and administration)
• National telecommunications authorities such as the Federal Communication Commission (FCC) in the USA.

CCNA-1. Chapter6. Aderssing the IPv4 network.

Types of IPv4 network addresses:

• Network address - The address by which we refer to the network
• Broadcast address - A special address used to send data to all hosts in the network
• Host addresses - The addresses assigned to the end devices in the network

In an IPv4 network, the hosts can communicate one of three different ways:

• Unicast - the process of sending a packet from one host to an individual host
• Broadcast - the process of sending a packet from one host to all hosts in the network
  
  • Types:
    
    • Directed broadcast (to all hosts on a non-local network. by default Routers do not forward)
    • Limited broadcast.(to the hosts on the local network. Routers do not forward)
• Multicast - the process of sending a packet from one host to a selected group of hosts

IPv4 network specific address types:

• Limited broadcast.(255.255.255.255.) to the hosts on the local network
• Experimental Addresses (240.0.0.0-255.255.255.254) reserved for future use (RFC 3330). Cannot be used.
• Multicast adresses (224.0.0.0 - 239.255.255.255)
  
  • Multicast reserved link local addresses (224.0.0.0-224.0.0.255) . Multicast groups on a local network. (TTL)=1         224.0.0.10 - EIGRP
• Multicast globally scoped addresses (224.0.1.0-238.255.255.255) Multicast across the Internet.                                     224.0.1.1 - NTP

• Private Addresses (10.0.0.0-10.255.255.255;172.16.0.0-172.31.255.255;192.168.0.0-192.168.255.255) Not routed in Internet
• Default Route ( 0.0.0.0) a "catch all" route. The use of this address also reserves 0.0.0.0-0.255.255.255)
• Loopback (127.0.0.1) directs traffic to localhost. The use of this address also reserves 127.0.0.0-127.255.255.255)
• Link-local addresses (169.254.0.0-169.254.255.255) automatically assigned if no IP configuration is available.
• TEST-NET Addresses (192.0.2.0-192.0.2.255) for teaching and learning purposes. Can be used. Not routed in Internet.

Global IP address redistributors:

• Internet Assigned Numbers Authority (IANA) (http://www.iana.net) manages multicast addresses and the IPv6 addresses
• IPv4 address space allocate Regional Internet Registries (RIRs):
  
  • AfriNIC (African Network Information Centre) - Africa Region http://www.afrinic.net
  • APNIC (Asia Pacific Network Information Centre) - Asia/Pacific Region http://www.apnic.net
  • ARIN (American Registry for Internet Numbers) - North America Region http://www.arin.net
  • LACNIC (Regional Latin-American and Caribbean IP Address Registry) - Latin America and some Caribbean Islands http://www.lacnic.net
  • RIPE NCC (Reseaux IP Europeans) - Europe, the Middle East, and Central Asia http://www.ripe.net

IPv6 features:

• Improved packet handling
• Increased scalability and longevity
• QoS mechanisms
• Integrated security

IPv6 offers:

• 128-bit hierarchical addressing - to expand addressing capabilities
• Header format simplification - to improve packet handling
• Improved support for extensions and options - for increased scalability/longevity and improved packet handling
• Flow labeling capability - as QoS mechanisms
• Authentication and privacy capabilities - to integrate security

Formula for calculating subnets: 2^n where n = the number of bits borrowed



Formula for calculating the number of hosts: 2^n - 2 where n = the number of bits left for hosts.



ICMP messages that may be sent include:

• Host confirmation (ICMP Echo Request - ICMP Echo Reply)
• Unreachable Destination or Service
  
  • Unreachable codes are:
  0 = net unreachable (no route in routing table)
  1 = host unreachable (route exist but host unreachable)
  2 = protocol unreachable (host recieved packet but upper protocol is not avaliable)
  3 = port unreachable (host recieved packet but service daemon is not avaliable)
  
  

• Time exceeded  (ICMP Time Exceeded) TTL field of the packet has expired
• Route redirection (ICMP Redirect) If the next hop is attached to the same interface as client - notify to use another gateway
• Source quench (ICMP Source Quench) router reply if it dosnt have enough buffer space to receive incoming packets

CCNA-1. Chapter5. OSI Network layer.

Network layer basic processes:

• Addressing (when address is added to a device, the device is then referred to as a host)
• Encapsulation (add among other information, the address of the host to which it is being sent)
• Routing (As the packet is forwarded, the Transport layer PDU, remain intact until the destination host is reached).
• Decapsulation (If  packet was addressed to this device the packet is decapsulated by the Network layer to Lv4)

Protocols implemented at the Network layer include:

• Internet Protocol version 4 (IPv4)
• Internet Protocol version 6 (IPv6)
• Novell Internetwork Packet Exchange (IPX)
• AppleTalk
• Connectionless Network Service (CLNS/DECNet)

Pv4 basic characteristics:

• Connectionless -  sending a packet without notifying the recipient.
• Best Effort (unreliable) - No overhead but no guarantee packet delivery.
• Media Independent - Operates independently of the medium carrying the data. BUT considers 1major characteristic of the media - MTU. Intermediary device need to fragment packet.when forwarding from one media to a media with a smaller MTU.

Maximum Transmission Unit (MTU) - the maximum size of PDU that each medium can transport

Fragmentation - spliting up a packet.

                                                                     IP packet

Fields:

• Version - Contains the IP version number (4).
• Header Length (IHL) - size of the packet header.
• Type-of-Service (ToS) (used to determine the priority of each packet. This field is Quality-of-Service (QoS) value)
• Packet Length - full packet size (header+data) in bytes.
• Identification - This field is primarily used for uniquely identifying fragments of an original IP packet.
• Flag (MF-fragmented and it is not the last fragment , DF-fragmentation of packet NOT permitted, need to fragment - discard)
  
  • Unfragmented packet (MF = 0, Fragment offset =0)
  • Last fragment of packet (MF = 0,Fragment offset = non-zero value)
  • Not last fragment of packet (MF=1, Fragment offset = non-zero value)
• Fragment Offset (if fragmentation occurs used with MF flag to identify the order of fragments at the destination)
• Time-to-Live (TTL) (-1 each time the packet is processed by a router, prevents packets forward indefinitely in routing loop)
• Protocol (upper-layer protocol: 01- ICMP, 06 - TCP, 17- UDP, 88- EIGRP)
• Header Checksum - used for error checking of packet header.
• IP Source Address (Enables the destination host to respond if required)
• IP Destination Address (Enables routers at each hop to forward the packet towards the destination)
• Options - provide additional services (rarely used).
• Padding - additional field is used if packet is less than minimum packet size.

Networks can be divided based on:

• Geographic location (each building or each floor of a multi-level building. Network management and operation.)
• Purpose (balance number of hosts on a network with the amount of traffic generated by the users. Traffic ballance)
• Ownership (boundary for security enforcement and management of each network. Network security management)

Reasons to divide large networks :

• Improving Performance (reduce broadcasts, prevents volumes of traffic to overwhelm bandwidth and routing capability)
• Security issues (access to and from resources outside each network can be prohibited, allowed, or monitored)
• Address Management (reduces the unnecessary overhead of all hosts needing to know all addresses, only gateway)

Routes in a routing table have three main features:

• Destination network
• Next-hop
• Metric (is used to decide which route appears on the routing table If there are two or more routes to destination)

When forwarding a packet, the router always select the most specific route!


Dynamic routing protocols - easy to manage, overhead that consumes network bandwidth, high router cpu processing.