Networking Essentials jsdsdcjsdcdscdscsdc

Module 1:
Communications in a
Connected World
Networking Essentials (NETESS)

© 2020 Cisco and/or its affiliates. All rights reserved. Cisco Confidential
Network Types
Local Networks
Small home networks connect a few
computers to each other and to the
internet.
The SOHO network allows computers
in a home office or a remote office to
connect to a corporate network, or
access centralized, shared resources.

Network Types
Local Networks (Cont.)
Medium to large networks, such as those
used by corporations and schools, can
have many locations with hundreds or
thousands of interconnected hosts.
The internet is a network of networks
that connects hundreds of millions of
computers world-wide.

1.2 Data Transmission

Data Transmission
The Bit
Did you know that computers and networks only work with binary digits, zeros and ones? Each bit
can only have one of two possible values, 0 or 1. The term bit is an abbreviation of “binary digit” and
represents the smallest piece of data. Humans interpret words and pictures, computers interpret only
patterns of bits. Each group of eight bits, such as the representations of letters and numbers, is
known as a byte.
Using the American Standard Code for Information Interchange (ASCII), each character is
represented by eight bits. For example:
Capital letter: A = 01000001
Number: 9 = 00111001
Special character: # = 00100011
This page includes an ASCII bit translation engine where you can enter any character and see the 8
bit translation.

Data Transmission
Common Methods of Data Transmission
After the data is transformed into a series of bits, it must be
converted into signals that can be sent across the network
media to its destination. Media refers to the physical medium on
which the signals are transmitted. Examples of media are
copper wire, fiber-optic cable, and electromagnetic waves
through the air. A signal consists of electrical or optical patterns
that are transmitted from one connected device to another.
There are three common methods of signal transmission used
in networks:
• Electrical signals - Transmission is achieved by
representing data as electrical pulses on copper wire.
• Optical signals - Transmission is achieved by converting
the electrical signals into light pulses.
• Wireless signals - Transmission is achieved by using
infrared, microwave, or radio waves through the air.

1.3 Bandwidth and Throughput

Bandwidth and Throughput
Bandwidth
Bandwidth is the capacity of a medium to carry data. Digital bandwidth measures the amount of data
that can flow from one place to another in a given amount of time. Bandwidth is typically measured in
the number of bits that (theoretically) can be sent across the media in a second.
Unit of Bandwidth Abbreviation Equivalence
Bits per second bps 1 bps = fundamental unit of bandwidth
Kilobyte: Thousands of bits per second kbps 1 kbps = 1,000 bps = 103 bps
Megabyte: Millions of bits per second Mbps 1 Mbps = 1,000,000 bps = 106 bps
Gigabyte: Billions of bits per second Gbps 1 Gbps = 1,000,000,000 bps = 109 bps
Terabyte: Trillions of bits per second Tbps 1 Tbps = 1,000,000,000,000 bps = 1012 bps

Bandwidth and Throughput
Throughput
Like bandwidth, throughput is the measure of the transfer of bits across the media over a given
period of time. However, due to a number of factors, throughput does not usually match the
specified bandwidth. Many factors influence throughput including:
• The amount of data being sent and received over the connection
• The types of data being transmitted
• The latency created by the number of network devices encountered between source and
destination
Latency refers to the amount of time, including delays, for data to travel from one given point to
another.

1.4 Clients and Servers

Clients and Servers
Clients and Server Roles
Clients are computer hosts that have software installed that enables the hosts to request and display
the information obtained from the server. Servers are hosts that have software installed which enable
them to provide information, like email or web pages, to other hosts on the network.
Type Description
Email The email server runs email server software. Clients use mail client software, such as Microsoft Outlook, to
access email on the server.
Web The web server runs web server software. Clients use browser software, such as Windows Internet Explorer, to
access web pages on the server.
File The file server stores corporate and user files in a central location. The client devices access these files with
client software such as the Windows File Explorer.

Clients and Servers
Peer-to-Peer Networks
In small businesses and homes, many computers function as the servers and clients on the network.
This type of network is called a peer-to-peer (P2P) network. The simplest P2P network consists of two
directly connected computers using either a wired or wireless connection.
Advantages of P2P:
• Easy to set up
• Less complex than other networks
• Lower cost because network devices and dedicated servers may not be required
• Can be used for simple tasks such
as transferring files and sharing
printers
Disadvantages of P2P:
• No central administration
• Not as secure as other networks
• Not scalable
• All devices may act as both clients and server which can slow their performance

Clients and Servers
Peer-to-Peer Applications
A P2P application allows a device to act as both a client and a server within the same communication, as
shown in the figure. In this model, every client is a server and every server is a client. P2P applications
require that each end device provide a user interface and run a background service. In the figure, both
clients can simultaneously send and receive messages.

Clients and Servers
Multiple Roles in the Network
A computer with server
software can provide
services simultaneously to
one or many clients, as
shown in the figure.
Additionally, a single
computer can run multiple
types of server software. In a
home or small business, it
may be necessary for one
computer to act as a file
server, a web server, and an
email server.

1.5 Network Components

Network Components
Network Infrastructure
The network infrastructure contains three
categories of hardware components, as
shown in the figure:
• End devices
• Intermediate devices
• Network media

Network Components
End Devices
The network devices that people are most familiar
with are called end devices, or hosts. These devices
form the interface between users and the underlying
communication network.
Some examples of end devices are as follows:
• Computers (workstations, laptops, file servers,
web servers)
• Network printers
• Telephones and teleconferencing equipment
• Security cameras
• Mobile devices (such as smart phones, tablets,
PDAs, and wireless debit/credit card readers
and barcode scanners)

Module 2: Online
Connections

2.1 Wireless Networks

Wireless Networks
Other Wireless Networks
The GPS uses satellites to transmit signals that
cover the globe. The smart phone can receive
these signals and calculate the phone’s
location to an accuracy of within 10 meters.
Wi-Fi transmitters and receivers located within
the smartphone let the phone connect to local
networks and the internet. To receive and send
data on a Wi-Fi network, the phone needs to be
within the range of the signal from a wireless
network access point.

Wireless Networks
Other Wireless Networks (Cont.)
Bluetooth is wireless technology that allows
devices to communicate over short distances.
Because Bluetooth technology can be used to
transmit both data and voice, it can be used to
create small local networks.
NFC stands for near field communications.
NFC is a wireless communication technology
that enables data to be exchanged by devices
that are in very close proximity to each other,
usually less than a few centimeters.

2.2 Local Network Connections

Local Network Connections
LAN Components
There are many components that can be part of a local area network (LAN). Some examples of
network components are personal computers, servers, networking devices, and cabling. These
components can be grouped into four main categories:
• Hosts - Hosts send and receive user traffic. A host is a generic name for most end-user
devices. A host has an IP address. Examples of hosts are personal computers and network
attached printers.
• Peripherals - Shared peripheral devices do not communicate directly on the network. Instead,
peripherals rely on their connected host to perform all network operations. Examples of shared
peripherals are cameras, scanners, and locally attached printers.
• Network devices - Networking devices connect other devices, mainly hosts. These devices
move and control network traffic. Examples of network devices include hubs, switches, and
routers.
• Network media - Network media provides connections between hosts and network devices.
Network media can be wired, such as copper and fiber optic, or use wireless technologies.

End Device Addressing
To physically connect to a network, an
end-user device must have a network
interface card (NIC) and some
configuration of the operating system so
that the device can participate in the
network. There are three parts to the IP
configuration which must be correct for
the device to send and receive
information on the network:
• IP address - This identifies the host
on the network.
• Subnet mask - This is used to
identify the network on which the host
is connected.
• Default gateway - This identifies the
networking device that the host uses
to access the internet or another
remote network.

Manual and Automatic Address Assignment
With manual
configuration, the
required values
are entered into
the device by a
network
administrator. The
IP address that is
entered is referred
to as a static
address and must
be unique on the
network.
Most end-user
devices can be set up
to receive network
configuration
information
dynamically. The
device requests an
address from a pool of
addresses assigned
by a Dynamic Host
Configuration Protocol
(DHCP) server
located within the
network.

2.3 Network Documentation

Network Documentation
Device Names and Address Planning
The use of logical device naming and addressing conventions that are well documented can greatly
simplify the task of training and network management and can help as well with troubleshooting when
problems arise.

Network Topologies and Representations
The physical topology shows
where the wiring is installed
and the locations of the
networking devices that
connect the hosts. These
diagrams use symbols or
icons to represent the
different devices and
connections that make up a
network.

Logical Network Information
A physical topology shows how network devices connect.
A diagram called a logical topology illustrates the relevant network configuration information.
Physical Topology
Logical Topology

Module 4: Build a Simple
Network

4.1 Network Media Types

Three Media Types
Network Media Types
• Communication transmits across a network on media.
• Modern networks primarily use three types of media to interconnect devices.
• Metal wires within cables - Data is encoded
into electrical impulses.
• Glass or plastic fibers within cables (fiber-
optic cable) - Data is encoded into pulses of
light.
• Wireless transmission - Data is encoded via
modulation of specific frequencies of
electromagnetic waves.

Common Network Cables
Network Media Types
The three most common network cables are twisted-pair cable, coaxial cable, and fiber-optic cable.
Twisted-Pair Cable
Ethernet technology
generally uses twisted-pair
cables to interconnect
devices.
Coaxial Cable
• It was one of the earliest
network cabling types
developed.
• It is used as a high-
frequency transmission line
to carry high-frequency or
broadband signals.
Fiber-Optic Cable
It can be either glass or
plastic and it can carry digital
information at very high
speeds over long distances.

4.2 Ethernet Cabling

Twisted-Pair Cables
Ethernet Cabling
• The networks in most homes and schools are wired with twisted-pair copper cable.
• This type of cable is inexpensive and readily available.
• The Ethernet patch cables are an example of copper twisted-pair cable.
• Twisted-pair cables consist of one or more pairs of insulated copper wires
that are twisted together and housed in a protective jacket.
• Twisted-pair cable uses pulses of electricity to transmit data.
• Data transmission over copper cable is sensitive to electromagnetic interference (EMI).
• Another source of interference, called crosstalk, occurs when cables are bundled together for
long lengths.

Twisted-Pair Cables (Cont.)
Ethernet Cabling
Interference can cause problems with data being transmitted on the cable.
1. A pure digital signal is
transmitted.
2. On the medium, there is an
interference signal.
3. The digital signal is corrupted
by the interference signal.
4. The receiving computer reads
a changed signal. Notice that
a 0 bit is now interpreted as a
1 bit.

Types of Twisted-Pair Cables
Ethernet Cabling
There are two commonly installed types of twisted-pair cable:
• Unshielded twisted-pair (UTP) - This is the most common type of network cable in North
America and many other areas.
• Shielded cables (STP) - These are used almost exclusively in European countries.
• UTP cables are used to
connect workstations,
hosts and network
devices.
• Ethernet UTP cables
consists of 4 pairs of
twisted cables.
• Each pair is identified by
a specific color code.
• STP cables are immune to EMI and RFI
interference.
• STP cables are expensive, not as flexible,
and have additional requirements because of
the shielding.

4.3 Coaxial and Fiber-Optic Cabling

Cable TV and Satellite Cables
Coaxial and Fiber-Optic Cabling
• Coaxial cable (or coax) carries data in the form of electrical signals.
• It provides improved shielding compared to UTP and can therefore carry more data.
• It is used by cable television companies to provide service and for connecting the various
components that make up satellite communication systems.
• With the addition of a cable modem, the cable television provider can offer data and internet
service, as well as television signals and telephone over the same coaxial cable to customers.
Usually terminated with a BNC or F-series connector
A metallic braid helps to shield against EMI and RFI
The outer jacket is an insulator to protect against EMI and RFI
A single center conductor is copper or aluminum

Fiber-Optic Cables
Coaxial and Fiber-Optic Cabling
• Fiber-optic cables transmit data using pulses of light.
• Fiber-optic cable is constructed of either glass or plastic and it is immune to EMI and RFI.
Parts of a fiber-optical cable are:
• Jacket - typically a PVC jacket that protects the fiber against
abrasion, moisture, and other contaminants.
• Strengthening Material - Surrounds the buffer, prevents the
fiber cable from being stretched when it is being pulled
• Buffer - Used to help shield the core and cladding from
damage.
• Cladding - Made from slightly different chemicals than those
used to create the core. It tends to act like a mirror.
• Core - The light transmission element at the center of the
optical fiber. Light pulses travel through the fiber core.

4.4 Twisted-Pair Operation

Twisted-Pair Wiring Schemes
Twisted-Pair Operation
• The color coding of the wire pairs in an UTP cable is determined by the type of standard that is
used to make the cable.
• Different standards have different purposes and are closely governed by the standards
organizations.
• There are two standards that are widely implemented for
typical Ethernet installations.
• The TIA/EIA organization defines two different patterns,
or wiring schemes, called T568A and T568B.
• Each wiring scheme defines the pinout, or order of wire
connections, on the end of the cable.
• One of the two wiring schemes (T568A or T568B) should
be chosen for a network installation.
• It is important that the same wiring scheme is used for
every termination in that project.

Twisted-Pair Transmit and Receive Pairs
Twisted-Pair Operation
• Ethernet NICs and the ports on networking devices are designed to send data over UTP cables.
• Specific pins on the connector are associated with a transmit function and a receive function.
• The interfaces on each device are designed to transmit and receive data on designated wires
within the cable.
• When two unlike devices are directly connected using an UTP Ethernet cable, it is important
that the transmit function and the receive function on each end of the cable are reversed.
• This cable is called straight-through cable and it has the same color patterns on both ends
of the cable.

4.5 Verify Connectivity

Using the ping Command
Verify Connectivity
• A host that sends messages across the internet must have an IP address to identify it to the other
devices in the network.
• The ping utility can be used to test end-to-end connectivity between the IP address of the sending
host and the IP address of the destination host.
• It measures the time that it takes test messages to make a round trip from the source to the
destination, and whether the transmission is successful.
• However, if the test message does not reach the destination, or if delays are encountered along
the way, ping cannot determine where the problem is located.
The format of the ping command is ping x.x.x.x, where x.x.x.x
is an IP address or domain name of the destination host:
For example, ping 192.168.30.1, ping www.cisco.com, etc.

The traceroute Command
Verify Connectivity
• The traceroute utility traces the route a message takes from its
source to the destination.
• Each individual network through which the message travels is
referred to as a hop.
• The traceroute command displays each hop along the way
and the time it takes for the message to get to that network and
back.
• If a problem occurs, the output of the traceroute utility can help
determine where a message was lost or delayed.
• The traceroute utility is called tracert in the Windows
environment.

Module 5: Communication
Principles

5.1 The Rules
52

The Three Elements
The Rules
53
The primary purpose of any network is to provide us with a method to communicate and share
information. All communication begins with a message, or information, that must be sent from one
individual or device to another.
All communication methods have three elements in common:
• The first of these elements is the message source, or sender. Message sources are people, or
electronic devices, that need to communicate a message to other individuals or devices.
• The second element of communication is the destination, or receiver, of the message. The destination
receives the message and interprets it.
• The third element is called a transmission medium, or channel. It provides the pathway over which
the message can travel from source to destination.

Communication Protocols
The Rules
54
Before beginning to communicate with each other, we establish rules or agreements to govern the conversation:
• What method of communication should we use?
• What language should we use?
• Do we need to confirm that our messages are received?
These rules, or protocols, must be followed for the message to be successfully delivered and understood:
• An identified sender and receiver
• Agreed upon method of communicating (face-to-face, telephone, letter, photograph)
• Common language and grammar
• Speed and timing of delivery
• Confirmation or acknowledgment requirements

Why Protocols Matter
The Rules
55
Protocol Characteristic Description
Message format
When a message is sent, it must use a specific format or structure. Message formats depend on
the type of message and the channel that is used to deliver the message.
Message size
The rules that govern the size of the pieces communicated across the network are very strict and
can be different, depending on the channel used. It may be necessary to break a longer message
into smaller pieces in order to ensure that the message can be delivered reliably.
Timing
Many network communication functions are dependent on timing. Timing determines the speed
at which the bits are transmitted across the network. It also affects when an individual host can
send data and the total amount of data that can be sent in any one transmission.
Encoding
Messages sent across the network are first converted into bits by the sending host. Each bit is
encoded into a pattern of sounds, light waves, or electrical impulses. The destination host
receives and decodes the signals in order to interpret the message.
Encapsulation
Each message transmitted on a network must include a header that contains addressing
information that identifies the source and destination hosts. Encapsulation is the process of
adding this information to the pieces of data that make up the message.
Message pattern
Some messages require an acknowledgment before the next message can be sent. This type of
request/response pattern is a common aspect of many networking protocols.

5.2 Communication Standards
56

Network Standards Organizations
Communication Standards
57
An internet standard is the end result of a comprehensive cycle of
discussion, problem solving, and testing.
These different standards are developed, published, and maintained by
a variety of organizations.
When a new standard is proposed, each stage of the development and
approval process is recorded in a numbered Request for Comments
(RFC) document.
• RFCs for internet standards are published and managed by the
Internet Engineering Task Force (IETF).
Other standards organizations that support the internet are shown in
the figure.

5.3 Network Communication Models
58

The Protocol Stack
Network Communication Models
59
Successful communication between hosts requires interaction between a number of protocols.
These protocols are implemented in software and hardware that are installed on each host and networking
device.
The interaction between the different protocols on a device can be illustrated as a protocol stack, as shown in the
figure.
A stack illustrates the protocols as a layered hierarchy, with each higher-level protocol depending on the services
of the protocols shown in the lower levels.
The separation of functions enables each layer in the stack to operate independently of others

The Protocol Stack (Cont.)
60
The protocols in the figure are described as follows:
Hypertext Transfer Protocol (HTTP) – This protocol governs the way a
web server and a web client interact.
HTTP defines the content and formatting of the requests and responses
that are exchanged between the client and server.
Transmission Control Protocol (TCP) – This protocol manages the
individual conversations. TCP is responsible for guaranteeing the
reliable delivery of the information and managing flow control between
the end devices.
Internet Protocol (IP) – This protocol is responsible for delivering
messages from the sender to the receiver. IP is used by routers to
forward the messages across multiple networks.
Ethernet – This protocol is responsible for the delivery of messages
from one NIC to another NIC on the same Ethernet local area network
(LAN).

The TCP/IP Model
61
A layered model depicts the operation of the protocols occurring within each layer, as well as the interaction with
the layers above and below it.
The layered model has many benefits:
• Assists in protocol design, because protocols that operate at a specific layer have defined information that
they act upon and a defined interface to the layers above and below.
• Fosters competition because products from different vendors can work together.
• Enables technology changes to occur at one level without affecting the other levels.
• Provides a common language to describe networking functions and capabilities.
TCP/IP Model Layer Description
Application Represents data to the user, plus encoding and dialog control.
Transport Supports communication between various devices across diverse networks.
Internet Determines the best path through the network.
Network Access Controls the hardware devices and media that make up the network.

The OSI Reference Model
62
OSI Model Layer Description
7 - Application The application layer contains protocols used for process-to-process
communications.
6 - Presentation The presentation layer provides for common representation of the data transferred
between application layer services.
5 - Session The session layer provides services to the presentation layer to organize its dialogue
and to manage data exchange.
4 - Transport The transport layer defines services to segment, transfer, and reassemble the data
for individual communications between the end devices.
3 - Network The network layer provides services to exchange the individual pieces of data over
the network between identified end devices.
2 - Data Link The data link layer protocols describe methods for exchanging data frames between
devices over a common media
1 - Physical The physical layer protocols describe the mechanical, electrical, functional, and
procedural means to activate, maintain, and de-activate physical connections for a
bit transmission to and from a network device.

Upper and Lower Layers of the OSI Model
63
Group Layer Number Layer Name
Common Network Components Associated with this
Layer
Upper Layers
7 Application •Network aware applications
•Email
•Web browsers and servers
•File transfer
•Name resolution
6 Presentation
5 Session
Lower Layers
4 Transport
•Video and voice streaming mechanisms
•Firewall filtering lists
3 Network
•IP addressing
•Routing
2 Data Link
•Network interface cards and drivers
•Network switching
•WAN connectivity
1 Physical
•Physical medium (copper twisted pair, fiber-optic
cables, wireless transmitters)
•Hubs and repeaters

OSI Model and TCP/IP Model Comparison
64
The protocols that make up the TCP/IP
protocol suite can be described in terms of
the OSI reference model:
• The functions that occur at the internet
layer in the TCP/IP model are contained in
the network layer of the OSI Model.
• The transport layer functionality is the
same between both models.
• The network access layer and the
application layer of the TCP/IP model are
further divided in the OSI model to
describe discrete functions that must
occur at these layers.

5.4 Ethernet
65

The Rise of Ethernet
Ethernet
66
In the early days of networking, each vendor used its own proprietary methods of interconnecting
network devices and networking protocols.
As networks became more widespread, standards were developed that defined rules by which network
equipment from different vendors operated.
Standards are beneficial to networking in many ways:
• Facilitate design
• Simplify product development
• Promote competition
• Provide consistent interconnections
• Facilitate training
• Provide more vendor choices for customers

The Rise of Ethernet (Cont.)
Ethernet
67
There is no official local area networking standard protocol, but over time, Ethernet has become the
most common.
Ethernet protocols define how data is formatted and how it is transmitted over the wired network.
The Ethernet standards specify protocols that operate at Layer 1 and Layer 2 of the OSI model.
Ethernet has become a de facto standard, which means that it is the technology used by almost all wired
local area networks, as shown in the figure.

Ethernet Evolution
Ethernet
68
The Institute of Electrical and Electronic Engineers, or IEEE, maintains the networking standards, including
Ethernet and wireless standards.
Each technology standard is assigned a number that refers to the committee that is responsible for
approving and maintaining the standard.
The committee responsible for the Ethernet standards is 802.3.
Each version of Ethernet has an associated standard. For example, 802.3 100BASE-T.
This standard notation translates as:
• 100 is the speed in Mbps
• BASE stands for baseband transmission
• T stands for the type of cable, in this case, twisted-pair cable standards.
Early versions of Ethernet were relatively slow at 10 Mbps. The latest versions of Ethernet operate at 10
Gigabits per second and more.

The Ethernet MAC Address
Ethernet
69
All communication requires a way to identify the source and destination.
The source and destination in human communication are represented by names.
When your name is called, you listen to the message and respond. Other people in the room may hear the
message, but they ignore it because it is not addressed to them.
On Ethernet networks, a similar method exists for identifying source and destination hosts. Each host connected to
an Ethernet network is assigned a physical address which serves to identify the host on the network.
Every Ethernet network interface has a physical address assigned to it when it is manufactured. This address is
known as the Media Access Control (MAC) address.
The MAC address identifies each source and destination host on the network.

Module 6: Network
Design and the Access
Layer

6.1 Encapsulation and the Ethernet
Frame
71

Encapsulation
Encapsulation and the Ethernet Frame
72
Each message is encapsulated into a specific format,
called a frame, that includes the source and
destination addresses.
• An example is how a letter is put (encapsulated)
inside an envelope.
For communication on an IP network, the format is
very specific and includes a source and destination
address.

Ethernet Frame
Encapsulation and the Ethernet Frame
73
On an Ethernet network, messages are put into a frame or Layer 2 protocol data units (PDUs).

6.2 Hierarchical Network Design
74

Physical and Logical Addresses
Hierarchical Network Design
75
Both a physical address and logical IP address are needed for a device to communicate on an Ethernet
network.
• A physical address (MAC address) does not change.
• Burned into the NIC
• A logical address (IP address) can change and is commonly assigned by a network administrator.
• Two parts: network and host
Logical
addressing

Hierarchical Analogy
76
Network addressing is done in a hierarchical fashion.
North
America
Canada
Nova Scotia
Halifax

Benefits of a Hierarchical Design
77
A hierarchical, layered design provides:
• Increased efficiency
• Optimization of function
• Increased speed
• A way in which to scale the network without impacting
the performance of existing ones
Three layers:
• Access Layer - This layer provides connections to hosts in a
local Ethernet network.
• Distribution Layer - This layer interconnects the smaller local
networks.
• Core Layer - This layer provides a high-speed connection
between distribution layer devices.

Access, Distribution, and Core
78
Cisco ME 2600X Access Layer Switch
Cisco C9300 Series
Distribution Layer Switches
Cisco Catalyst 9600

6.3 The Access Layer
79

Access Layer Devices
The Access Layer
80
• Access layer devices provide access
so hosts can join a wired (or
wireless) network.
• In a wired network, each host
connects to an access layer network
device such as a switch.

Ethernet Hubs
The Access Layer
81
• Only one message can be sent through an
Ethernet hub at a time.
• Hubs take signals from one port and sends
the message out all of the other ports.

Ethernet Switches
The Access Layer
82
An Ethernet switch is an access layer
device.
• A switch builds a MAC address table.
• A switch uses the MAC address table
to send the message to a specific
port.

The MAC Address Table
The Access Layer
83
• A switch builds a MAC address table
by examining a frame as it comes into
the switch.
• A switch adds the source MAC
address of the device connected to the
port through which the frame came in
on.
• A switch forwards a frame out to a
specific port when the destination
MAC address is in the MAC address
table.
• A switch forwards a frame out to all
hosts (except the sending host) when
the destination MAC address is not in
the MAC address table.

6.4 Broadcast Containment
84

Ethernet Broadcasts in the Local Network
Broadcast Containment
85
• A broadcast message is used to contact every
other device on the local network.
• An Ethernet broadcast is all 1s in the
destination MAC address – FFFF.FFFF.FFFF.

Broadcast Domains
86
• A broadcast domain is the area
through which a broadcast message
can travel.
• Each local Ethernet network is a
broadcast domain.
• Routers are used to divide the
network into multiple broadcast
domains.

Access Layer Communication
87
• In order to send information from a device that is on an Ethernet network, the device must supply
its own source MAC address, a destination MAC address, its own source IP address, as well as a
destination IP address.
• The address resolution protocol (ARP) is used to discover the MAC address of a device on the
same local network.

ARP
88
ARP uses 3 steps to discover and store the MAC address of a host on the local network when only the
IPv4 address of that host is known.
1. The sending host creates and sends a frame addressed to a broadcast MAC address. Contained
in the frame is a message with the IPv4 address of the intended destination host.
2. Each host on the network receives the broadcast frame and compares the IPv4 address contained
in the message with its own IPv4 address. The host with the matching IPv4 address sends its own
MAC address back to the original sending host.
3. The sending host receives the message and stores the MAC address and the IPv4 address in an
ARP table.

Module 7: Routing
Between Networks

7.1 The Need for Routing
90

Criteria for Dividing the Local Network
The Need for Routing
91
Routers in the distribution layer can limit
broadcasts to the local network where they
need to be heard. Although broadcasts are
necessary, too many hosts connected on the
same local network can generate excessive
broadcast traffic and slow down the network.
Security
Routers in the distribution layer can separate
and protect certain groups of computers
where confidential information resides.
Routers can also hide the addresses of
internal computers from the outside world to
help prevent attacks, and control who can get
into or out of the local network.

Criteria for Dividing the Local Network (Cont.)
92
Locations
Routers in the distribution layer can be used
to interconnect local networks at various
locations of an organization that are
geographically separated.
Logical Grouping
Routers in the distribution layer can be used
to logically group users, such as departments
within a company, who have common needs
or for access to resources.

Now We Need Routing
93

7.2 The Routing Table
94

Path Selection
The Routing Table
95
• Each router interface connects to a different
network.
• A routing table contains information for how
to reach local and remote networks.
• The destination IP address is used and
compared with the networks in the routing
table to determine the interface to forward
the packet out of.
• Routers do not forward broadcast messages.

Packet Forwarding
The Routing Table
96
• The destination MAC address is used to forward the packet to either the router if the destination IP
address is for a different network or a specific network device on the local network.
• The ARP table shows a mapping of IP address to MAC address.

Routing Table Entries
The Routing Table
97
• A routing table contains network addresses
and the best path to reach a network.
• Two ways routes can be added to a routing
table
• Dynamically learned from other
routers
• Manually entered by a network
administrator
• A default route is the router interface used
when forwarding packets to a destination
that is not in the routing table.
• If a packet is destined for a network that is
not in the routing table and no default route
exists, the packet will be dropped.
Type Network Port
C 10.0.0.0/8 FastEthernet0/0
C 172.16.0.0/16 FastEthernet0/0

The Default Gateway
The Routing Table
98
• When a host sends a message to a device
on the same network, it forwards the
message directly and uses ARP to
discover the MAC address.
• When a host sends a message to a device
on a remote network, the hosts uses the
MAC address of the router as the
destination, but still has the IP address of
the remote host as the Layer 3 destination.
• It is very important that each host has the
correct default gateway that is the IP
address of the router on the same network.
PC IPv4 Address Subnet Mask Default
Gateway
H1 192.168.1.1 255.255.255.0 192.168.1.254
H2 192.168.1.2 255.255.255.0 192.168.1.254
H3 192.168.1.3 255.255.255.0 192.168.1.254

7.3 Create a LAN
99

Local Area Networks
Create a LAN
100
• LANs are under one administrative
control.
• LANs are usually either wired Ethernet
or wireless.
3 LANs

Local and Remote Network Segments
Create a LAN
101
Advantages of a single local segment:
• Appropriate for simpler networks
• Less complexity and lower network cost
• Allows devices to be "seen" by other devices
• Faster data transfer - more direct communication
• Ease of device access
Disadvantages of a single local segment:
• All hosts are in one broadcast domain which causes
more traffic on the segment and may slow network
performance
• Harder to implement QoS
• Harder to implement security
All Hosts in One Local Segment

Local and Remote Network Segments (Cont.)
Create a LAN
102
Advantages of having hosts on a remote segment
• More appropriate for larger, more complex networks
• Splits up broadcast domains and decreases traffic
• Can improve performance on each segment
• Makes the machines invisible to those on other local
network segments
• Can provide increased security
• Can improve network organization
Disadvantages of having hosts on a remote segment
• Requires the use of routing (distribution layer)
• Router can slow traffic between segments
• More complexity and expense (requires a router)
Hosts on a Remote Segment

Module 8: The Internet
Protocol

8.1 Purpose of the IPv4 Address

The IPv4 Address
Purpose of the IPv4 Address
The IPv4 address is a logical network address that
identifies a particular host.
• Must be properly configured and unique within the
LAN and world
An IPv4 address is assigned to the network interface
connection for a host such as workstations, servers,
network printers, and IP phones.
Router interfaces that provide connections to an IP
network will also have an IPv4 address.
Every packet sent across the internet has a source and
destination IPv4 address.
• Required by networking devices to ensure the
information gets to the destination and any replies
are returned to the source

8.2 Binary Conversion of an IPv4
Address

IPv4 Addressing
Binary Conversion of an IPv4 Address
An IPv4 address is a series of 32 binary bits (ones and zeros).
• The 32 bits are grouped into four 8-bit bytes called octets.
An IPv4 address written in binary is hard for humans to read, write,
and remember.
• To make the IPv4 address easier to understand, each octet is
presented as its decimal value, separated by a decimal point or
period.
• This is referred to as dotted-decimal notation.
When a host is configured with an IPv4 address, it is entered as a
dotted decimal number such as 192.168.1.5.
• The 32-bit binary equivalent is:
11000000101010000000000100000101.

Binary to Decimal
When a host receives an IPv4 address, it looks at all 32 bits as they are received by the NIC.
Humans convert those 32 bits into their four-octet decimal equivalent.
Each octet is made up of 8 bits and each bit has a value.
• The rightmost bit in an octet has a value of 1 and the values of the remaining bits, from right to left,
are 2, 4, 8, 16, 32, 64, and 128.
You can determine the value of the octet by adding the values of positions wherever there is a binary 1
present:
• If there is a 0 in a position, do not add the value.
• If all 8 bits are 0s, 00000000 the value of the octet is 0.
• If all 8 bits are 1s, 11111111 the value of the octet is 255 (128+64+32+16+8+4+2+1).
• If the 8 bits are mixed, such as the example 00100111, the value of the octet is 39 (32+4+2+1).

Binary to Decimal (Cont.)

8.3 The IPv4 Address Structure

Networks and Hosts
The IPv4 Address Structure
The logical 32-bit IPv4 address is hierarchical and is made up of two parts, the network and the host. Both
parts are required in an IPv4 address.
As an example, there is a host with an IPv4 address 192.168.5.11 with a subnet mask of 255.255.255.0.
• The first three octets, (192.168.5), identify the network portion of the address, and the last octet, (11)
identifies the host.
This is known as hierarchical addressing because the network portion indicates the network on which
each unique host address is located.
• Routers only need to know how to reach each network, rather than needing to know the location of
each individual host.

Networks and Hosts (Cont.)
With IPv4 addressing, multiple logical networks can exist on one physical network, if the network portion of
the logical network host addresses is different.
• The hosts with the same network number in their IPv4 addresses will be able to communicate with each
other, but will not be able to communicate with the other hosts without the use of routing.
In this example, there is one physical network and two logical IPv4 networks.

Logical AND
A logical AND is one of three basic binary operations used in digital logic and is used in determining the
network address.
Logical AND is the comparison of two bits that produce the results shown in the following. Note how
only a 1 AND 1 produce a 1.
• 1 AND 1 = 1
• 0 AND 1 = 0
• 1 AND 0 = 0
• 0 AND 0 = 0
To identify the network address of an IPv4 host, the IPv4 address is logically ANDed, bit by bit, with the
subnet mask.
• ANDing between the address and the subnet mask yields the network address.

Logical AND (Cont.)
To illustrate how AND is used to discover a network address, consider a host with IPv4 address
192.168.10.10 and subnet mask of 255.255.255.0.
The figure displays the host IPv4 address and converted binary address. The host subnet mask binary
address is ANDed.

Calculate Whether the Destination is Local or Remote
How do hosts know which portion of an IPv4 address is the network
and which is the host? Answer – The subnet mask
• The subnet mask signifies which part of the IPv4 address is
network and which part is host.
• The subnet mask is compared to the IPv4 address from left to
right, bit for bit.
• The 1s in the subnet mask represent the network portion;
the 0s represent the host portion.
• When a host sends a packet, it compares its subnet mask
to its own IPv4 address and the destination IPv4 address.
• If the network bits match, both the source and
destination host are on the same network and the
packet can be delivered locally.
• If the network bits do not match, the sending host
forwards the packet to the local router interface to
be sent on to the other network.

Calculate the Number of Hosts
The subnet masks most often used with networking are:
• 255.0.0.0 (8-bits)
• 255.255.0.0 (16 bits)
• 255.255.255.0 (24 bits)
A subnet mask of 255.255.255.0 (decimal) or
11111111.11111111.1111111.00000000 (binary) uses 24 network bits
and 8 host bits.
• To determine how many hosts can be on that network, take
the number 2 to the power of the number of host bits (2 8 =
256).
• Subtract 2 (256-2) for numbers that cannot be used
• Broadcast address of all 1s in the host portion
• Network ID of all 0s
• Another method - Add all values of the available host bits
(128+64+32+16+8+4+2+1 = 255).
• Subtract 1 (255-1 = 254), because the host bits cannot
be all 1s.

Activity - ANDing to Determine the Network Address
This page includes an activity to practice the ANDing process to determine the network address (in binary
and decimal formats).

8.4 Classful IPv4 Addressing

Classful and Classless Addressing
Classful IPv4 Addressing
IPv4 addresses are divided into the following ranges or classes:
• Class A (0.0.0.0/8 to 127.0.0.0/8) - Designed to support
extremely large networks with more than 16 million host
addresses. It used a fixed /8 prefix (255.0.0.0).
• Class B (128.0.0.0 /16 - 191.255.0.0 /16) - Designed to support
the needs of moderate to large size networks with up to
approximately 65,000 host addresses. It used a fixed /16 prefix
(255.255.0.0).
• Class C (192.0.0.0 /24 - 223.255.255.0 /24) - Designed to
support small networks with a maximum of 254 hosts. It used
a fixed /24 prefix (255.255.255.0).
Note: There is also a Class D multicast block consisting of
224.0.0.0 to 239.0.0.0 and a Class E experimental address
block consisting of 240.0.0.0 - 255.0.0.0.

8.5 Public and Private IPv4 Addresses

Private IPv4 Addressing
Public and Private IPv4 Addresses
Public IPv4 addresses are addresses which are globally routed between ISP (internet service provider) routers.
Private IPv4 addresses were introduced because of the depletion of IPv4 address space.
Private IPv4 addresses are not unique and can be used by an internal network.
• Specifically, the private address blocks are:
• 10.0.0.0 /8 or 10.0.0.0 to 10.255.255.255
• 172.16.0.0 /12 or 172.16.0.0 to 172.31.255.255
• 192.168.0.0 /16 or 192.168.0.0 to 192.168.255.255
• Note: Private addresses are defined in RFC 1918.

Private IPv4 Addressing (Cont.)
Most organizations use private IPv4 addresses for their internal hosts. However, these RFC 1918 addresses are
not routable in the internet and must be translated to a public IPv4 address.
• Network Address Translation (NAT) is used to translate between private IPv4 and public IPv4 addresses.
• This is usually done on the router that connects the internal network to the ISP's network.
• Home routers provide the same capability.

Assignment of IPv4 Addresses
For a company or organization to support network hosts that are
accessible from the internet, such as web servers, that organization
must have a block of public addresses assigned.
Public IPv4 and IPv6 addresses are regulated and allocated to each
organization separately. These public addresses must be unique and
not repeated in their use across the world.
Both IPv4 and IPv6 addresses are managed by the Internet Assigned
Numbers Authority (IANA).
• The IANA manages and allocates blocks of IP addresses to the
Regional Internet Registries (RIRs).
• RIRs are responsible for allocating IP addresses to ISPs, who
in turn provide IPv4 address blocks to organizations and
smaller ISPs.
• Organizations can get their addresses directly from
an RIR subject to the policies of that RIR.

8.6 Unicast, Broadcast and Multicast
Addresses

Unicast Transmission
Unicast, Broadcast and Multicast Addresses
Unicast communication is used for normal host-to-host
communication in both a client/server and a peer-to-peer network.
Unicast packets use the address of the destination device as the
destination address and can be routed through an internetwork.
• During the encapsulation process, the source host uses its IPv4
address as the source address and the IPv4 address of the
destination host as the destination address.
• Regardless of whether the destination specified a packet as a
unicast, broadcast or multicast; the source address of any packet
is always the unicast address of the originating host.

Broadcast Transmission
Broadcast packets are sent to all hosts in the network using a broadcast
address.
• A broadcast packet contains a destination IPv4 address with all ones (1s) in
the host portion.
• All hosts on that local network (broadcast domain) will receive and
look at the packet.
• When a host receives a broadcast packet, the host processes the
packet as it would a packet addressed to its unicast address.
Broadcast may be directed or limited.
• A directed broadcast is sent to all hosts on a specific network.
• A limited broadcast is sent to 255.255.255.255.
By default, routers do not forward broadcasts.
• Routers can eliminate excessive broadcast traffic by subdividing networks
into separate broadcast domains.

Multicast Transmission
Multicast transmission reduces traffic by allowing a host to send a
single packet to a selected set of hosts that subscribe to a multicast
group.
IPv4 has reserved the 224.0.0.0 to 239.255.255.255 addresses as a
multicast range.
• The IPv4 multicast addresses 224.0.0.0 to 224.0.0.255 are reserved
for multicasting on the local network only.
• A router connected to the local network will not forward
them further.
Hosts that receive multicast data are called multicast clients.
• The multicast clients use services requested by a client program to
subscribe to the multicast group.
• Each multicast group is represented by a single IPv4 multicast
destination address.

Module 9: Dynamic
Addressing with DHCP

9.1 Static and Dynamic Addressing
129

Static IPv4 Address Assignment
Static and Dynamic Addressing
• IPv4 addresses can be assigned either statically or dynamically.
• With a static assignment, the host IPv4 address must be
configured manually, together with subnet mask, default gateway,
and DNS server address.
• Static addresses are typically assigned for printers, servers, and
other networking devices that need to retain a fixed IP address to
provide services.
• Static assignment can be time consuming to implement. It is
prone to errors because manual configuration is required.

Dynamic IPv4 Address Assignment
• IPv4 addresses can be dynamically assigned to end devices
through an application protocol known as Dynamic Host
Configuration Protocol (DHCP).
• DHCP automatically assigns addressing information such as
IPv4 address, subnet mask, default gateway, and other
configuration information.
• Benefits of using DHCP include:
• Reduces the burden on network support staff and virtually
eliminates entry errors.
• A dynamic IP address is not permanently assigned to a
host but is only leased for a period of time.

DHCP Servers
• A device can be a DHCP server if it is running
the DHCP service software.
• DHCPv4 servers are typically connected to a
LAN because it uses broadcast. DHCPv4
servers deployed outside of a LAN will require
relay service.
• In a home network or SOHO, a wireless router
provides DHCP service to end devices. It is also
a DHCP client to get IPv4 address from ISP.

9.2 DHCPv4 Configuration

DCHPv4 Operation
DHCPv4 Configuration
• When a host is configured using DHCP, it will try to obtain
an IPv4 address, subnet mask, default gateway, and
DNS server from a DHCP. The process is as follows:
• The client sends a DHCPDISCOVER message
using broadcast.
• A DHCP server responds with a DHCPOFFER
message with a set of IPv4 addressing information.
• The client then sends a DHCPREQUEST message
to request the use of IPv4 addressing information
offered by the SHCP server.
• The DHCP server responds with a DHCPACK
message to grant the request from the client.

DHCP Service Configuration
DHCPv4 Configuration
• To configure a home wireless router, access its
graphical web interface by opening the browser and
entering the router default IPv4 address: 192.168.0.1
in the IP Address field.
• The IPv4 address of 192.168.0.1 and subnet mask of
255.255.255.0 are the defaults for the internal router
interface. This is the default gateway for all hosts on
the local network. Ensure the DHCP server is
enabled.
• Specify the DHCP IPv4 address range with a starting
address (do not use 192.168.0.1 because the router
is assigned this address) and the number of
addresses to be assigned.

Module 10: IPv4 and IPv6
Address Management

10.1 Network Boundaries

Routers as Gateways
Network Boundaries
• Routers are used to connect networks.
• Each router interface connects to a separate
network.
• The IPv4 address assigned to the interface is
the default gateway address for all hosts
connected to that same network.
• Hosts commonly get an IPv4 address using
DHCP.

Routers as Boundaries Between Networks
Network Boundaries
• A wireless router commonly provides IP addressing information for local internal hosts.
• A router that connects to the internet commonly gets addressing information using DHCP from the
internet provider.

10.2 Network Address Translation

NAT Operation
Network Address Translation
• NAT is used to convert private IP
addresses used within a company to a
public (global) address that can be
routed on the internet.
• One public address can be shared
among many private IP addresses
through the use of port numbers.

10.3 IPv4 Issues

Need for IPv6
IPv4 Issues
• While NAT has been used to
slow the depletion of IPv4
addresses, NAT creates
latency and has limitations.
• IoT devices are furthering the
need for IPv6 addressing.

IPv6 Address Size
IPv4 Issues
Number Name Scientific Notation Number of Zeros
1 Thousand 103 1,000
1 Million 106 1,000,000
1 Billion 109 1,000,000,000
1 Trillion 1012 1,000,000,000,000
1 Quadrillion 1015 1,000,000,000,000,000
1 Quintillion 1018 1,000,000,000,000,000,000
1 Sextillion 1021 1,000,000,000,000,000,000,000
1 Septillion 1024 1,000,000,000,000,000,000,000,000
1 Octillion 1027 1,000,000,000,000,000,000,000,000,000

IPv6 Address Size (Cont.)
IPv4 Issues
Number Name Scientific Notation Number of Zeros
1 Nonillion 1030 1,000,000,000,000,000,000,000,000,000,000
1 Decillion 1033 1,000,000,000,000,000,000,000,000,000,000,000
1 Undecillion 1036 1,000,000,000,000,000,000,000,000,000,000,000,000

IPv4 and IPv6 Coexistence
IPv4 Issues
Dual stack allows IPv4 and IPv6 to coexist on the same network segment. Dual stack devices run both IPv4 and
IPv6 protocol stacks simultaneously. Known as native IPv6, this means the customer network has an IPv6
connection to its ISP and is able to access content found on the internet over IPv6.
Dual Stack Routers and PCs

IPv4 and IPv6 Coexistence (Cont.)
IPv4 Issues
Tunneling is a method of transporting an IPv6 packet over an IPv4 network. The IPv6 packet is encapsulated
inside an IPv4 packet, similar to other types of data.
IPv4 Tunnel Between Two Dual
Stack Routers that connect to
IPv6-only Networks

IPv4 and IPv6 Coexistence (Cont.)
IPv4 Issues
Tunneling is a method of transporting an IPv6 packet over an IPv4 network. The IPv6 packet is encapsulated
inside an IPv4 packet, similar to other types of data.
NAT64 Router Translating
Between an IPv6-only Network
and an IPv4-only Network

10.4 IPv6 Features

IPv6 Autoconfiguration and Link-Local Addresses
IPv6 Features
• Stateless Address Autoconfiguration (SLAAC) allows a host to create its own internet-routable IPv6
address without the need for a DHCP server.
• Link-local address is used to communicate with devices on the same IPv6 local network.

IPv6 Address Representation
IPv6 Features
• Omit leading zeros in any 16-bit section
• ODB8 is DB8
• 0000 is 0
• 0200 is 200
• Omit any group of consecutive “all zero” segments and insert a double colon (::)
• Can only use one ::
Fully expanded 2001:0DB8:0000:1111:0000:0000:0000:0200
No leading 0s 2001:DB8:0:1111:0:0:0:200
Compressed 2001:DB8:0:1111::200

Module 11: Transport
Layer Services

11.1 The Client Server Relationship

Client and Server Interaction
The Client Server Relationship
Type Description
Email The email server runs email server software. Clients use mail client software, such
as Microsoft Outlook, to access email on the server.
Web The web server runs web server software. Clients use browser software, such as
Windows Internet Explorer, to access web pages on the server.
File The file server stores corporate and user files in a central location. The client
devices access these files with client software such as the Windows File Explorer.
• We use network services available over networks and the internet to communicate with others and
to perform routine tasks
• A server is a host running a software application (or server service) that provides services to other
hosts (clients)
• There are millions of servers on the internet. Clients and servers interact following agreed upon
standards and protocols

Client Requests a Web Page
A client/server system is illustrated by the interaction
between a web client and a web server:
1. A person uses a web browser to access a web
server by sending a request, for example, requesting
a web page.
2. The server receives the request and responds by
sending the requested web page back to the client.
A web server is usually in a part of the network with other
servers called a server farm, or within a data center.

URI, URN, and URL
Uniform Resource Name (URN) - identifies only the namespace of the resource without reference to the
protocol
Uniform Resource Locator (URL) - defines the network location of a specific resource on the network.
Components in the example URL:
• Protocol/scheme - HTTPS or other protocols such as FTP, SFTP, mailto, and NNTP
• Hostname - www.example.com
• Path and file name - /author/book.html
• Fragment - #page155

11.2 TCP and UDP

Protocol Operations
TCP and UDP
A web server and a web client use specific protocols and standards in the process of exchanging
information to ensure that the messages are received and understood. The various protocols
necessary to deliver a web page function at the four different layers of the TCP/IP model are as
follows:
• Application Layer Protocol - Hypertext Transfer Protocol (HTTP) governs the way that a web
server and a web client interact.
• Transport Layer Protocol - Transmission Control Protocol (TCP) ensures that IP packets are sent
reliably, and any missing packets are resent.
• Internetwork Layer Protocol - The most common internetwork protocol is Internet Protocol (IP)
which is used to identify end hosts and to route packets to destination host.
• Network Access Layer - The specific protocol at the network access layer, such as Ethernet,
depends on the type of media and transmission methods used in the physical network.

TCP and UDP
TCP and UDP
• Each service has its own application protocols that are
implemented in the server and client software.
• All the common internet services use Internet Protocol (IP)
to address and route messages between source and
destination hosts.
• The service application decides which transport protocol to
use. Transport protocols specify how to manage the
transfer of messages between hosts.
• The two most common transport protocols are
Transmission Control Protocol (TCP) and User Datagram
Protocol (UDP).

TCP Reliability
TCP and UDP
Transmission Control Protocol (TCP) helps ensure reliable
delivery of data packets:
• TCP breaks up a message into small pieces (segments)
• Segments are numbered in sequence and passed to the IP
process for assembly into packets.
• TCP tracks the number of segments that have been sent.
• If the sender does not receive an acknowledgment within a
certain period, it assumes that the segments were lost and
retransmits only the missing portion of the message.
On the receiving host, TCP is responsible for reassembling the
message segments in orders and passing them to the
application.

UDP Best Effort Delivery
TCP and UDP
In some applications, reliable delivery is not required, UDP
may be an appropriate transport protocol.
• UDP is a 'best effort' delivery system that does not require
acknowledgment of receipt.
• UDP is preferable with applications that use time sensitive
technology such as streaming audio and voice over IP
(VoIP).
• Acknowledgments would slow down delivery and
retransmissions are undesirable.

11.3 Port Numbers

TCP and UDP Port Numbers
Port Numbers
• When a message is delivered using either TCP or UDP, the protocols and services requested are
identified by a port number.
• A port is a numeric identifier within each segment that is used to keep track of specific
conversations between a client and server.
• Every message that a host sends contains both a source and destination port.
• Ports are assigned and managed by an organization known as the Internet Corporation for
Assigned Names and Numbers (ICANN). Ports are broken into three categories and range in
number from 1 to 65,535:
• Well-Known Ports - Destination ports that are associated with common network applications.
These ports are in the range of 1 to 1023.
• Registered Ports - Ports 1024 through 49151 can be used as either source or destination
ports.
• Private Ports - Ports 49152 through 65535 are often used as source ports. These ports can
be used by any application.

TCP and UDP Port Numbers (Cont.)
Port Numbers
Some Common Well-Known Port Numbers
Port Number Transport Application Protocol
20 TCP File Transfer Protocol (FTP) - Data
21 TCP File Transfer Protocol (FTP) - Control
22 TCP Secure Shell (SSH)
23 TCP Telnet
25 TCP Simple Mail Transfer Protocol (SMTP)
53 UDP, TCP Domain Name Service (DNS)
67 UDP Dynamic Host Configuration Protocol (DHCP) – Server
68 UDP Dynamic Host Configuration Protocol - Client

TCP and UDP Port Numbers (Cont.)
Port Numbers
Some Common Well-Known Port Numbers
Port Number Transport Application Protocol
68 UDP Dynamic Host Configuration Protocol - Client
69 UDP Trivial File Transfer Protocol (TFTP)
80 TCP Hypertext Transfer Protocol (HTTP)
110 TCP Post Office Protocol version 3 (POP3)
143 TCP Internet Message Access Protocol (IMAP)
161 UDP Simple Network Management Protocol (SNMP)
443 TCP Hypertext Transfer Protocol Secure (HTTPS)

Destination and Source Port Numbers
Port Numbers
The source port number is associated with the originating application on the local sending host. The
destination port number is associated with the destination application on the remote host.
Source Port - dynamically generated by the sending
device to identify a conversation between two devices.
This process allows multiple conversations to occur
simultaneously.
Destination Port - The client places a destination port
number in the segment to tell the destination server what
service is being requested. The server responds to the
request and sends information back to the sending
device using the source port.

Socket Pairs
Port Numbers
The source and destination ports are placed within the segment PDU. It is encapsulated within an IP
packet which contains the IP address of the source and destination. The combination of the source IP
address and source port number, or the destination IP address and destination port number is known as a
socket.
• In the example, the socket is used to identify the
server and service being requested by the client. A
client socket might look like192.168.1.5:1099. The
socket on a web server might be 192.168.1.7:80
• Together, these two sockets combine to form a
socket pair: 192.168.1.5:1099, 192.168.1.7:80
• The source port number acts as a return address
for the requesting application.

The netstat Command
Port Numbers
• Unexplained TCP connections can pose a major security threat.
• On a PC, the command netstat lists the protocols in use, the local address and port numbers, the
foreign address and port numbers, and the connection state.
In the example, the two lines
highlighted with the red block indicate
that the PC opens two web requests
with the same web server. Notice that
the PC generates two different
source ports to maintain these two
web sessions.

Module 12: Application Layer
Services

12.1 Network Application Services

Network Application Services
Common Network Application Services
What are the most common internet services that you
use on a regular basis?
For most people, the list includes services such as
internet searches, social media sites, video and audio
streaming, on-line shopping sites, email and messaging.
• Each of these services relies on protocols from the
TCP/IP protocol suite to reliably communicate the
information between the clients and the servers.
Some of the most common servers that provide these
services are shown.

Network Application Services
Common Network Application Services (Cont.)
Protocol Description
Domain Name System (DNS) Resolves internet names to IP addresses.
Secure Shell (SSH) Used to provide remote access to servers and networking devices.
Simple Mail Transfer Protocol (SMTP)
Sends email messages and attachments from clients to servers and from
servers to other email servers.
Post Office Protocol (POP)
Used by email clients to retrieve email and attachments from a remote
server.
Internet Message Access Protocol (IMAP)
Used by email clients to retrieve email and attachments from a remote
server.
Dynamic Host Configuration Protocol (DHCP)
Used to automatically configure devices with IP addressing and other
necessary information to enable them to communicate over the internet.
Hypertext Transfer Protocol (HTTP)
Used by web browsers to request web pages and web servers to transfers
the files that make up web pages of the World Wide Web.
File Transfer Protocol (FTP) Used for interactive file transfer between systems.

12.2 Domain Name System

Domain Name System
Domain Name Translation
It would be impossible to remember the IP addresses for all
of the servers hosting services on the internet.
Instead, there is an easier way to locate servers by
associating a name with an IP address:
The Domain Name System (DNS) provides a way for hosts to
use this name to request the IP address of a specific server.
• DNS names are registered and organized on the internet
within specific high-level groups, or domains.
• Some of the most common high-level domains on
the internet are .com, .edu, and .net.

Domain Name System
DNS Servers
A DNS server contains a table that associates hostnames in
a domain with corresponding IP addresses.
When a client has the name of server, such as a web server,
but needs to find the IP address, it sends a request to the
DNS server on port 53.
When the DNS server receives the request, it checks its
table to determine the IP address associated with that web
server.
If the local DNS server does not have an entry for the
requested name, it queries another DNS server within the
domain.

12.3 Web Clients and Servers

Web Clients and Servers
HTTP and HTML
When a web client receives the IP address of a web server,
the client browser uses that IP address and port 80 to request
web services.
• This request is sent to the server using the Hypertext
Transfer Protocol (HTTP).
• Requests for secure HTTP are sent to port 443.
When the server receives a port 80 request, the server
responds to the client request and sends the web page to the
client.
• The information content of a web page is encoded using
specialized 'mark-up' languages.
• The HyperText Markup Language (HTML) coding
tells the browser how to format the web page and
what graphics and fonts to use.
• HTML is the most commonly used language.

12.4 FTP Clients and Servers

FTP Clients and Servers
File Transfer Protocol
The File Transfer Protocol (FTP) provides an easy method to transfer
files from one computer to another.
A host running FTP client software can access an FTP server to
perform various file management functions, including file uploads and
downloads.
The FTP server enables a client to exchange files between devices. It
also enables clients to manage files remotely by sending file
management commands such as delete or rename.
The FTP service uses two different ports to communicate between
client and server.
• To begin an FTP session, control connection requests are sent to
the server using destination TCP port 21.
• When the session is opened, the server uses TCP port 20 to
transfer the data files.

FTP Clients and Servers
FTP Client Software
Most client operating systems such as
Windows, Mac OS, and Linux include a
command-line interface for FTP.
There is also GUI-based FTP client software
that provides a simple drag-and-drop
interface for FTP.
After logging into the FTP server with a
username and password, the user drags files
between the local host window and the
remote site (FTP server) window to transfer
files.

12.5 Virtual Terminals

Virtual Terminals
Telnet
Telnet provides a standard method of emulating text-based
terminal devices over the data network.
Telnet servers listen for client requests on TCP port 23.
A connection using Telnet is called a virtual terminal (vty)
session, or connection.
• Rather than using a physical device to connect to the
server, Telnet uses software to create a virtual device that
provides the same features of a terminal session with
access to the server’s command line interface (CLI).
The client is able to execute commands as if it were locally
(physically) connected to the server.

Virtual Terminals
Security Issues with Telnet
After a Telnet connection is established, users can perform any
authorized function on the server, just as if they were using a
command line session on the server itself.
Although the Telnet protocol can require a user to login, it does not
support transporting encrypted data.
• All data exchanged during Telnet sessions is transported as
plaintext across the network.
The Secure Shell (SSH) protocol offers an alternate and secure
method for server access.
SSH provides the structure for secure remote login and other
secure network services.
• SSH provides stronger authentication than Telnet and supports
transporting session data using encryption.

12.6 Email and Messaging

Email and Messaging
Email Clients and Servers
Email servers run server software that enables them to
interact with clients and with other email servers over the
network.
Various application protocols used in processing email
include SMTP, POP3, and IMAP4.
Each mail server receives and stores mail for users who have
mailboxes configured on the mail server.
• Mailboxes are identified by the format:
user@company.domain
• Each user with a mailbox must use an email client to
access the mail server and read these messages.

Email and Messaging
Email Protocols
Simple Mail Transfer Protocol (SMTP)
SMTP uses port 25 and is used by an email client to send messages to its
local email server. The local server then decides if the message is destined
for a local mailbox or if the message is addressed to a mailbox on another
server.
Post Office Protocol (POP3)
A server that supports POP clients receives and stores messages
addressed to its users. When the client connects to the email server, the
messages are downloaded to the client. By default, messages are not kept
on the server after they have been accessed by the client. Clients contact
POP3 servers on port 110.
Internet Message Access Protocol (IMAP4)
A server that supports IMAP clients receives and stores messages
addressed to its users. IMAP keeps the messages in the mailboxes on the
server, unless they are deleted by the user. IMAP4 listens for client
requests on port 143.

Email and Messaging
Text Messaging
• Enables users to communicate or chat over the
internet in real-time
• May also be called instant messages, direct
messages, private messages, and chat messages.
• Text messaging software is built into many
online applications, smart phone apps, and social
media sites.
Text messaging services on a computer are usually
accessed through a web-based client that is integrated into a social media or information sharing site.
There are also a number of standalone text message clients such as Cisco Webex Teams, Microsoft Teams, WhatsApp,
Facebook Messenger, and many others that support the transfer of documents, video, music, and audio files.

Email and Messaging
Internet Phone Calls
An internet telephony client uses peer-to-peer technology similar to that used by instant messaging.
• Protocols and destination ports used by internet telephony applications can vary.
IP telephony makes use of Voice over IP (VoIP) technology, which converts analog voice signals into digital data.
• Voice data is encapsulated into IP packets which carry the phone call through the network.
When the IP phone software has been installed, the user selects a unique name.
• A unique name allows calls to be received from other users.
• Calls are made to other users of the same service by selecting the username from a list.
A call to a regular telephone (landline or cell phone) requires using a gateway to access the Public Switched
Telephone Network (PSTN) and depending on the service, there may be charges associated with this type of call.

Module 13: Build a Home Network

13.1 Home Network Basics

Home Network Basics
Connecting Home Devices
Wireless technology enables networks to
be easily expanded, without the
limitations of cabled connections.
One of the main advantages of wireless
is the ability to provide anytime,
anywhere connectivity.
Wireless technology is fairly easy and
inexpensive to install. New and visiting
users can join the network quickly and
easily.

Home Network Basics
Components of a Home Network
In addition to an integrated router,
there are many different types of
devices that might be connecting to a
home network. Examples include:
• Desktop computers
• Gaming systems
• Smart TV systems
• Printers
• Scanners
• Security cameras
• Telephones
• Climate control devices

Home Network Basics
Typical Home Network Routers
Small business and home routers
typically have two primary types of
ports:
Ethernet Ports - Usually labeled
“Ethernet” or “LAN”, these ports
connect to the internal switch portion
of the router.
Internet Port - Used to connect the
device to another network such as the
internet through a cable or DSL
modem.
Many home routers include a radio
antenna and a built-in wireless access
point.

13.2 Network Technologies in the Home

Network Technologies in the Home
The Electromagnetic Spectrum
Wireless technologies use electromagnetic waves
to carry information between devices.
The electromagnetic spectrum includes such things
as radio and television broadcast bands, visible
light, x-rays and gamma-rays.
Each of these has a specific range of wavelengths
and associated energies
Some frequencies are set aside for public use.
These unlicensed sections of the spectrum are
incorporated into consumer products, including the
Wi-Fi routers found in most homes.

LAN Wireless Frequencies
The wireless technologies most frequently
used in home networks are in the unlicensed
2.4 GHz and 5 GHz frequency ranges.
Blue tooth for example uses the 2.4GHz
band.
Other technologies that use the 2.4 GHz and
5 GHz bands are the modern wireless LAN
technologies that conform to the various
IEEE 802.11 standards.

Wired Network Technologies
Category 5e Ethernet cable is
the most common wiring used
in a LAN. The cable is made
up of 4 pairs of wires that are
twisted to reduce electrical
interference.
Coaxial cable has an inner
wire surrounded by a tubular
insulating layer, that is then
surrounded by a tubular
conducting shield. Most coax
cables also have an external
insulating sheath or jacket.
With Ethernet of Powerline
existing power lines in a house
can be used to connect devices
to an Ethernet LAN.

13.3 Wireless Standards

Wireless Standards
Wi-Fi Networks
The main organization responsible for the creation of wireless technical standards is the IEEE.
The IEEE 802.11 standard governs the WLAN environment.
Wireless standards for LANs use the 2.4 GHz and 5 GHz frequency bands. Collectively these
technologies are referred to as Wi-Fi.
Another organization, known as the Wi-Fi Alliance, is responsible for testing wireless LAN devices
from different manufacturers.
Wireless standards are constantly improving the connectivity and speed of Wi-Fi networks.

Wireless Standards
Wireless Settings
Network mode - Determines the type of technology that
must be supported. For example, 802.11b, 802.11g,
802.11n or Mixed Mode.
Network Name (SSID) - Used to identify the WLAN. All
devices that wish to participate in the WLAN must have the
same SSID.
Standard Channel - Specifies the channel over which
communication will occur. By default, this is set to Auto to
allow the AP to determine the optimum channel to use.
SSID Broadcast - Determines if the SSID will be
broadcast to all devices within range. By default, set to
Enabled.

13.4 Wireless Traffic Controls

Wireless Traffic Controls
Wireless Channels
Wireless Channels are created by dividing up the available RF spectrum. Each channel is capable
of carrying a different conversation.
Multiple APs can function in close proximity as long as they use different channels for
communication.
Some 5 GHz wireless technologies combine multiple channels to create a single wide channel,
which provides more bandwidth and increases the data rate.

Wireless Traffic Controls
Wireless as a Shared Media
• Collisions occur on shared media occur when two or more
devices attempt to communicate at the same time.
• Ethernet protocols detect the collisions using, Carrier Sense
Multiple Access with Collision Avoidance (CSMA/CA).
• CSMA/CA creates a reservation on the channel for a
specific conversation between devices.
• First, a device asks permission from the AP with a
Request to Send (RTS) message.
• If the channel is available, the AP responds with a CTS
message which is broadcast to all devices within the
network.
• When the conversation is complete, the device that
requested the channel sends a broadcast ACK
message indicating the channel can be released.

13.5 Set Up a Home Router

Set Up a Home Router
First Time Setup
Many wireless routers designed for home use have an automatic setup utility that can be used to
configure the basic settings on the router.
To connect to the router using a wired connection, plug an Ethernet patch cable into the network
port on the computer. Plug the other end into a LAN port on the router.
The Internet port will connect to the DSL or cable modem.
After confirming that the computer is connected to the network router and the link lights on the NIC
indicate a working connection, the computer needs an IP address.
Most network routers are set up so that the computer receives an IP address automatically from a
local DHCP server automatically configured on the wireless router.

Design Considerations
There are several design considerations that should be made
before entering the configuration utility, or manually configuring the
router.
• What should the network be called?
• The SSID should not give away information about the
network or the device.
• What types of devices will connect to the network?
• Devices will need to operate with a compatible standard
to the access point.
• For example: if a device only has the necessary radio for
802.11 b/g, it will not connect if the wireless router or
access point is configured to only accept 802.11n or
802.11ac standards.

MAC Address Filtering
MAC address filtering can be configured on some
routers to identify which hosts are allowed on the
wireless network.
For example, the two top devices in the figure are
allowed to connect, but not the device at the lower
right.

Module 14: Connect to the Internet

14.1 ISP Connectivity Options

ISP Connectivity Options
ISP Services
• An Internet Service Provider (ISP) provides the link between the
home network and the internet.
• An ISP can be the local cable provider, a landline telephone
service provider, the cellular network, or an independent provider
who leases bandwidth on the physical network infrastructure of
another company.
• An ISP may offer additional services to their customers, such as
email accounts, network storage, website hosting, and automated
backup or security services.
• ISPs are critical to communications across the global internet.
Each ISP connects to other ISPs to form a network of links that
interconnect users all over the world.

ISP Connections
• The interconnection of ISPs that forms the backbone of the internet is a complex web of fiber-optic
cables with expensive networking switches and routers that direct the flow of information between
source and destination hosts.
• However, the connection to an ISP from a house or SOHO can be just a connection through a
modem or use a router in between to provide additional security configurations.

Cable and DSL Connections
Most home and SOHO customers use cable or DSL to connect to an ISP.
• Cable - Typically offered by cable television
service providers, the internet data signal is
carried on the same coaxial cable that delivers
cable television. A special cable modem
separates the internet data signal from the other
signals carried on the cable
• DSL - like cable, Digital Subscriber Line provides
a high bandwidth, always on, connection to the
internet. DSL runs over a telephone line, with the
line split into three channels. One channel is for
voice and the other two channels are for data
downloading and uploading.

Additional Connectivity Options
Other ISP connection options for home users include:
• Cellular - Cellular internet access uses a cell phone network to connect. Performance will be
limited by the capabilities of the phone and the cell tower to which it is connected.
• Satellite - Satellite service is a good option for homes or offices that do not have access to DSL or
cable. Satellite dishes (see figure) require a clear line of sight to the satellite and so might be
difficult in heavily wooded areas or places with other overhead obstructions.
• Dial-up Telephone - An inexpensive option that uses any phone line and a modem. To connect to
the ISP, a user calls the ISP access phone number. The low bandwidth provided by a dial-up
modem connection is usually not sufficient for large data transfer.
The choice of connection varies depending on geographical location and service provider availability.

14.2 Network Virtualization

Network Virtualization
Cloud Computing
• Cloud computing is one of the ways that we access and store data.
• Cloud computing allows us to store personal files, even backup an entire drive on servers over
the internet.
• Applications such as word processing and photo editing can be accessed using the cloud.
• Cloud computing is possible because of data centers.
• Data centers house servers, storage devices, and other network infrastructure equipment.

Types of Clouds
There are four primary cloud models:
• Public clouds - Applications and services offered in a public cloud
are available to the general population. Services may be free or are
offered on a pay-per-use model.
• Private clouds - Applications and services offered in a private cloud
are intended for a specific organization or entity, such as the
government.
• Hybrid clouds - A hybrid cloud is made up of two or more clouds
(example: part private, part public), where each part remains a
separate object, but both are connected using a single architecture.
• Community clouds - A community cloud is created for exclusive use
by a specific community. The functional needs have been customized
for the community. For example, healthcare organizations.

Cloud Services
The three main cloud computing services defined by the National Institute of Standards and Technology (NIST)
in their Special Publication 800-145 are:
• Software as a Service (SaaS) - The cloud provider is responsible for access
to applications and services, such as email, communication, and Microsoft
365, that are delivered over the internet.
• Platform as a Service (PaaS) - The cloud provider is responsible for
providing users access to the development tools and services used to deliver
the applications.
• Infrastructure as a Service (IaaS) - The cloud provider is responsible for
giving IT managers access to the network equipment, virtualized network
services, and supporting network infrastructure.
Cloud service providers have extended this model to also provide IT support for each of the
cloud computing services (ITaaS).

Cloud Computing and Virtualization
• Difference between “cloud computing” and “virtualization”:
• Cloud computing is one of the ways that we access and store data.
• Virtualization is using technology to create virtualized version of computing resources.
• Virtualizing technology enables a host OS to support one or more client OSs.
• The transformation of dedicated servers to virtualized servers is being rapidly implemented in
data center and enterprise networks.
• A major problem of using dedicated servers is that they
are underused because they often sit idle for long
periods of time.
• Virtualization addresses this issue.

Advantages of Virtualization
One major advantage of virtualization is overall reduced cost:
• Less equipment is required - Virtualization enables server consolidation, which requires fewer
physical devices and lowers maintenance costs.
• Less energy is consumed - Consolidating servers lowers the monthly power and cooling costs.
• Less space is required - Server consolidation reduces the amount of required floor space.
A few additional benefits of virtualization include:
• Easier prototyping - Self-contained labs, operating on isolated networks, can be rapidly created.
• Faster server provisioning - Creating a virtual server is far faster than provisioning a physical server.
• Increased server uptime - Most server virtualization platforms offer advanced redundant fault
tolerance features.
• Improved disaster recovery - Most enterprise server virtualization platforms have software that can
help test and automate failover before a disaster happens.

Hypervisors
• The hypervisor is a program, firmware, or hardware that adds an abstraction layer on top of the physical hardware.
• The abstraction layer is used to create virtual machines which have access to all the hardware of the physical machine such as
CPUs, memory, disk controllers, and NICs.
Type 2 Hypervisor - “Hosted” Approach
• A Type 2 hypervisor is software that creates and runs
VM instances on a host computer.
• A Type 2 hypervisor is installed on top of the existing
OS on the host.
• One or more additional OS instances are installed on
top of the hypervisor.
Type 1 Hypervisor - “Bare Metal” Approach
• Type 1 hypervisors is installed directly on the server or
networking hardware.
• Type 1 hypervisors have direct access to the hardware
resources. They are more efficient than hosted
architectures.
• Instances of an OS are installed on the hypervisor.

• Virtualization separates the operating system (OS) from the hardware.
• Server virtualization takes advantage of idle resources and consolidates the number of required
servers. It allows for multiple operating systems to exist on a single hardware platform.
• Network virtualization combines traditional networking hardware and software network resources
into a software-based entity, a virtual network.
• Network virtualization combines traditional networking hardware and software network resources
into a software-based entity, which is a virtual network.

Control Plane and Data Plane
A network device contains two planes:
Control plane - It is used to make data forwarding decisions. The
control plane contains Layer 2 and Layer 3 route forwarding
mechanisms, such as the IPv4 and IPv6 routing tables, and the ARP
table. Information sent to the control plane is processed by the CPU.
Data plane - Also called the forwarding plane, this plane is typically the
switch fabric connecting the various network ports on a device. The data
plane of each device is used to forward traffic flows. Routers and
switches use information from the control plane to forward incoming
traffic out the appropriate egress (outgoing) interface. Information in the
data plane is typically processed by a special data plane processor
without the CPU getting involved.

Network Virtualization and SDN
• Network virtualization combines networking
hardware and software network resources into a
software-based entity which is a virtual network.
• Software-Defined Networking (SDN) is a network
architecture that virtualizes the network.
• SDN is the separation of the control plane and data
plane. The control plane function is removed from
each device and is performed by a centralized
controller.
• The centralized controller communicates control
plane functions to each device.
• Each device can focus on forwarding data while the
centralized controller manages data flow.

SDN Architecture
• In a traditional router or switch architecture, the control plane and data plane functions occur in
the same device.
• In SDN, management of the control plane is moved to a centralized SDN controller.
• The SDN controller is a logical entity that enables network administrators to manage and dictate
how the data plane of switches and routers should handle network traffic.

14.3 Mobile Device Connectivity

Mobile Device Connectivity
Mobile Devices and Wi-Fi
• A mobile device may be equipped with multiple wireless connection options, such as Cellular,
Wi-Fi, and Bluetooth.
• For data communication, it is advisable to connect to Wi-Fi networks when possible because
data used over Wi-Fi does not count against the cellular data plan.
• Wi-Fi radios use less power than cellular radios, connecting to Wi-Fi networks conserves
battery power.
Precautions should be taken to protect Wi-Fi communications on mobile devices:
• Never send login or password information using unencrypted text (plaintext).
• Use a VPN connection when possible if you are sending sensitive data.
• Enable security on home networks.
• Use WPA2 or higher encryption for security.

Wi-Fi Settings
To connect an Android or iOS device when it is within the coverage range of a Wi-Fi network, turn on
Wi-Fi and the device then searches for all available Wi-Fi networks and displays them in a list. Touch
a Wi-Fi network in the list to connect. Enter a password if needed.
Android Wi-Fi Switch iOS Wi-Fi Switch

Configure Mobile Wi-Fi Connectivity
• If a mobile device does not prompt to connect to a Wi-Fi
network, the network SSID broadcast may be turned off, or the
device may not be set to connect automatically.
• You can manually configure the Wi-Fi settings on the mobile
device.
• Remember that SSIDs and passphrases must be typed exactly
as entered on the wireless router setup or the device will not
connect properly.
• The detail configuration procedural on an Android device is
slightly different from an iOS device.

Configure Cellular Data Settings
• Mobile devices are preprogrammed to use a Wi-Fi network
for internet if one is available and the device can connect to
the access point and receive an IP address.
• If no Wi-Fi network is available, the device uses the cellular
data capability if it is configured.
• Cellular data plans are offered by cell phone carriers.
• The bandwidth limitations and charges for usage vary
widely by carrier and by plan within carriers.
• Most of the time, transitions from one network to another
are performed automatically.
Cellular Data Network Connection
Android Device iOS Device

Simple Connectivity with Bluetooth
• Bluetooth technology provides a simple way for mobile devices to connect to each other and to wireless
accessories.
• Bluetooth is wireless, automatic, and uses very little power.
• Up to eight Bluetooth devices can be connected to a host at any one time.
A few examples of how devices use Bluetooth:
• Hands-free headset - A small earpiece with a microphone can be used for phone calls.
• Keyboard or mouse - A keyboard or mouse can be connected to a mobile device to make input easier.
• Stereo control - A mobile device can connect to a home or car stereo to play music.
• Car speakerphone - A device that contains a speaker and a microphone can be used for making and
receiving calls.
• Tethering - A mobile device can connect to another mobile device or computer to share a network
connection. Tethering can also be performed with a Wi-Fi connection or USB.
• Mobile speaker - Portable speakers can connect to mobile devices to provide high-quality audio.

Bluetooth Pairing
• Bluetooth pairing occurs when two Bluetooth devices establish a connection to share resources.
• For the devices to pair, the Bluetooth radios are turned on, and one device begins searching for
other devices.
• Other devices must be set to discoverable mode, also called visible, so that they can be detected.
• When a Bluetooth device is in discoverable mode, it transmits the following information when
another Bluetooth device requests it:
• Name
• Bluetooth class
• Services that the device can use
• Technical information, such as the features or the Bluetooth specification that it supports
• During the pairing process, a personal identification number (PIN) may be requested to
authenticate the pairing process.
• The PIN is often a number but can also be a numeric code or passkey.

Module 20: Troubleshoot Common
Network Problems

20.1 The Troubleshooting Process

The Troubleshooting Process
Network Troubleshooting Overview
Troubleshooting is the process of identifying, locating, and correcting problems. Documentation is part
of the troubleshooting process and should include the following:
• A detailed description of the problem
• Steps taken to determine the cause of the problem
• Steps used to correct the problem

Gather Information
When gathering information, talk to the user and try to determine how much of the network is affected
by the issue. Some things you might check for include the following:
Nature of problem
• End-user reports
• Problem verification report
Equipment
• Manufacturer
• Make / model
• Firmware version
• Operating system version
• Ownership / warranty information
Configuration and Topology
• Physical and logical topology
• Configuration files
• Log files
Previous Troubleshooting
• Steps taken
• Results achieved

Structured Troubleshooting Methods – Bottom-Up
• Start with the physical layer and the physical
components of the network and move up
through the layers of the OSI model until the
cause of the problem is identified.
• A good approach to use when the problem is
suspected to be a physical one.
• Most networking problems reside at the
lower levels, so implementing the bottom-up
approach is often effective.
• A disadvantage is it requires that you check
every device and interface on the network
until the possible cause of the problem is
found. It is also difficult to determine which
devices to start examining first.

Structured Troubleshooting Methods (Cont.) – Top-Down
• Start with the end-user applications and
move down through the OSI layers.
• End-user applications of an end system are
tested before tackling the more specific
networking pieces.
• Use this approach for simpler problems or
when you think the problem is with a piece
of software. The challenge is to determine
which application to start examining first.
• Disadvantage is it requires checking every
network application until the possible cause
of the problem is found.

Structured Troubleshooting Methods (Cont.) – Divide-and-Conquer
• Select a layer and test in both directions.
• Start by collecting user experiences of the problem,
document the symptoms and then, using that
information, make an informed guess as to which
OSI layer to start your investigation.
• When a layer is verified to be functioning properly, it
can be assumed that the layers below it are
functioning.
• Work up the OSI layers. If an OSI layer is not
functioning properly, the administrator can work
down the OSI layer model. For example, if users
cannot access the web server, but they can ping the
server, then the problem is above Layer 3. If pinging
the server is unsuccessful, then the problem is likely
at a lower OSI layer.

Structured Troubleshooting Methods (Cont.) – Follow-the-Path and Substitution
Follow-the-Path
• One of the most basic troubleshooting techniques.
• First discover the traffic path all the way from source
to destination.
• The scope of troubleshooting is reduced to just the
links and devices that are in the forwarding path.
• The objective is to eliminate the links and devices
that are irrelevant to the troubleshooting task at
hand.
• This approach usually complements one of the other
approaches.
Substitution
• Also called swap-the-component because you
physically swap the problematic device with a
known, working one. If the problem is fixed, then the
problem is with the removed device. If the problem
remains, then the cause may be elsewhere.
• Can be an ideal method for quick problem resolution,
such as with a critical single point of failure. For
example, a border router goes down. It may be more
beneficial to simply replace the device and restore
service, rather than to troubleshoot the issue.
• If the problem lies within multiple devices, it may not
be possible to correctly isolate the problem.

Structured Troubleshooting Methods (Cont.) – Follow-the-Path and Substitution
Comparison
• Also called the spot-the-differences approach and
attempts to resolve the problem by changing the
nonoperational elements to be consistent with the
working ones
• You compare configurations, software versions,
hardware, or other device properties, links, or
processes between working and nonworking
situations and spot significant differences between
them.
• The weakness of this method is that it might lead to
a working solution, without clearly revealing the root
cause of the problem.
Educated Guess
• Also called the shoot-from-the-hip troubleshooting
approach
• A less-structured troubleshooting method that uses
an educated guess based on the symptoms of the
problem.
• Success of this method varies based on your
troubleshooting experience and ability.
• Seasoned technicians are more successful because
they can rely on their extensive knowledge and
experience to decisively isolate and solve network
issues.
• With a less-experienced network administrator, this
troubleshooting method may too random to be
effective.

Guidelines for Selecting a Troubleshooting Method
• Take the time to select the most
effective network troubleshooting
method.
• Software problems are often solved using a
top-down approach.
• Hardware-based problems are solved using
the bottom-up approach.
• New problems may be solved by an
experienced technician using the divide-
and-conquer method. Otherwise, the
bottom-up approach may be used.

20.2 Physical Layer Problems

Physical Layer Problems
Common Layer 1 Problems
• A large proportion of networking problems are related to physical components or problems with the
physical layer.
• Physical problems are concerned mainly with the hardware aspects of computers and networking devices,
and the cables that interconnect them.
• Physical problems do not include the logical (software) configuration of devices.
Some of the more common Layer 1 problems include the following:
• Device receiving power? (turned off or unplugged)
• Loose network cable connection
• Incorrect cable type
• Faulty network cable
• Faulty wireless access point
Ensure there are no errors showing on any LEDs that display the connectivity status. If on-site, visually inspect all
network cabling and reconnect cables to ensure a proper connection. If using wireless, verify that the device is
operational and settings are configured correctly.

Common Layer 1 Problems (Cont.)
The Sense of Sight
• Cables which are not connected
• Cables connected to the wrong port
• Loose cable connections
• Damaged cables and connectors
• Use of the wrong type of cable
• View condition and function of various
network devices with LEDs.
The Senses of Smell and Taste
• Smell can detect components which are overheating.
• Burning insulation or components is very distinct.
• Taste is directly related to the sense of smell because
both use the same receptors such as tasting the
acridness of something burning.
The Sense of Touch
• Feel for overheated components as well as to
detect mechanical problems with devices
such as cooling fans.
• Devices create a small vibration in the
component that can be detected using touch.
The Sense of Hearing
• Used to detect major problems such as electrical issues
and the proper operation of cooling fans and disk drives.
• All devices have characteristic sounds and any change
from the normal sounds usually indicate a problem of
some sort.

Wireless Router LEDs
• Examine LEDs (link lights) that indicate the current state or activity of a piece of equipment or connection.
• The exact configuration and meaning of LEDs varies between manufacturers and devices.
• Typical LEDs include ones for power, system, WLAN, wired ports, and internet (labeled WAN in the figure), USB, and
Quick Security Setup (QSS, also known as Wi-Fi Protected Setup [WPS] that is a security risk).
• A normal condition is for these LEDs to flash indicating that traffic is flowing through the port.
• A solid green light typically indicates that a device is plugged into the port, but no traffic is flowing.
• No light typically indicates one or more of the following:
• Nothing is plugged into the port.
• There is an issue with the wired or wireless connection.
• A device or port has failed.
• There is a cabling issue.
• The wireless router is improperly configured, for example, a port was administratively shut down.
• The wireless router has a hardware fault.
• The device does not have power.

Cabling Problems
• Be sure to use the correct type of cable.
• Check UTP cables (straight-through or crossover). Using the
wrong type of cable may prevent connectivity.
• Improper cable termination is one of the main problems
encountered in networks. Terminate using the T568A or the
T568B standard. Avoid untwisting too much of the wire
pairs during termination. Crimp connectors on the cable
jacket to provide strain relief.
• Check maximum cable run lengths.
• Verify that the correct port is being used between devices.
• Protect cables and connectors from physical damage.
Support cables to prevent strain on connectors and run
cable through areas that will not be in the way.

20.3 Troubleshooting Commands

Troubleshooting Commands
Overview of Troubleshooting Commands
• Most of these utilities are provided by the operating system as command line interface (CLI) commands.
• The syntax for the commands may vary between operating systems.
• Some of the available utilities include:
• ipconfig - Displays IP configuration information.
• ping - Tests connections to other IP hosts.
• netstat - Displays network connections.
• tracert - Displays the route taken to the destination.
• nslookup - Directly queries the name server for information on a destination domain.

The ipconfig Command
ipconfig
Used to display IP configuration
information such as IP address,
subnet mask, and default gateway
ipconfig /all
Includes MAC
address, DNS
server(s), and
DHCP
information

The ipconfig Command (Cont.) - /release and /renew
/release - used to let go of the current DHCP bindings /renew - used to obtain new DHCP bindings

The ping Command
• Most used network utility
• Tests whether or not network devices are
reachable
• Echo request message used to send the packet
• Echo reply verifies connectivity
• Request timed out or general failure is an
indication of failure
• A ping to a name like www.cisco.com verifies not
only connectivity, but DNS as well.

Ping Results
• If neither a ping to an IP address, nor a ping to
the name is successful, then network
connectivity along the path to the destination
is most likely the problem.
• Try to ping the default gateway.
• If the ping to the default gateway is successful,
the problem is not local.
• If the ping to the default gateway fails, the
problem resides on the local network.
• A ping may fail due to the firewall on the
sending or receiving device, or a router along
the path that is blocking the pings.

Divide and Conquer with ping
• Use a divide-and-conquer technique to
isolate the problem to either the wired or
the wireless network.
• Ping from a wired or wireless client to the
default gateway. This verifies if the client is
connecting as expected.
• Ping from the wireless client to a wired
client. This verifies if the wireless router is
functioning as expected.
253

The tracert Command
• The ping command does not indicate where a connection
drops if it fails.
• Use traceroute (Microsoft and Linux) or tracert (Cisco and
other OSes) to provide connectivity information about the
path a packet takes to reach the destination and about
every router (hop) along the way.
• Indicates how long a packet takes to get from the source
to each hop and back (round trip time).
• Used to identify where a packet may have been lost or
delayed due to bottlenecks or slowdowns.
• Note: Notice in the output that the 2nd hop failed. This is
most likely due to a firewall configuration on that device
which does not permit responding packets from
the tracert command. However, the device does forward
the packets to the next hop.

The netstat Command
• The netstat command is used to verify active
TCP connections and lists the protocol in use,
the local address and port number, the foreign
address and port number, and the state of the
connection.
• Unexplained TCP connections can pose a major
security threat because they can indicate that
something or someone is connected to the local
host.
• Unnecessary TCP connections can consume
valuable system resources thus slowing down
the host.

The nslookup Command
• When a network device is being configured, one or more
DNS server addresses are provided that the DNS client can
use for name resolution.
• Usually the ISP provides the addresses to use for the DNS
servers.
• When a user application requests to connect to a remote
device by name, the requesting DNS client queries the name
server to resolve the name to a numeric address.
• Nslookup allows the user to manually query the name
servers to resolve a given host name.
• Can also be used to troubleshoot name resolution issues and
to verify the current status of the name servers.
• When issued, the default DNS server configured for your
host is displayed. The name of a host or domain can be
entered at the nslookup prompt.
Type exit
to return
to the
prompt

20.4 Troubleshoot Wireless Issues

Troubleshoot Wireless Issues
Causes of Wireless Issues
• The 802.11ac (5 GHz band) is not compatible with
the 802.11b/g/n standards (2.4 GHz band). Within
the 2.4 GHz band, each standard uses different
technology.
• Unless specifically configured, equipment that
conforms to one standard may not function with
equipment that conforms to another.
• In the figure, the 2.4 GHz network is configured
to support legacy devices.
• Each wireless conversation must occur on a
separate, non-overlapping channel that sometimes can be configured.
• The strength of an RF signal decreases with distance. Low signal strength causes devices to not connect or drop signals.
• Use the NIC client utility to display the signal strength and connection quality.
• RF signals are susceptible to interference from outside sources, including other devices functioning on the same
frequency. Do a site survey to detect for this.
• APs share the available bandwidth between devices. As more devices associate with the AP, the bandwidth for each
individual device will decrease causing network performance problems. The solution is to reduce the number of
wireless clients using each channel.

Troubleshoot Wireless Issues
Authentication and Association Errors
• The SSID is a case-sensitive, alphanumeric string that
is up to 32-characters.
• The SSID must match on both the AP and client.
• If the SSID is not broadcast, it must be manually
entered onto the client.
• If another AP is present that has broadcasted the SSID,
the client may automatically associate to it.
• On most APs, open authentication is configured by
default, allowing all devices to connect. If a more
secure form of authentication is configured, a key is necessary.
• Both the client and the AP must be configured with
the same key. If the keys do not match, authentication
will fail, and the devices will not associate.
• If encryption is enabled, the same encryption key must
be configured on both the AP and the client.

20.5 Common Internet Connectivity
Issues

Common Internet Connectivity Issues
DHCP Server Configuration Errors
• The IP configuration can have a major impact on the ability for
a host to connect to the network.
• A wireless router can act as a DHCP server for local wired and
wireless clients and provides IP configuration, including the IP
address, subnet mask, default gateway, and commonly the IP
addresses of DNS servers.
• The client table information should match the local host
information, which you can see using the ipconfig
/all command.
• If the client configuration information does not agree with
information in the client table, the address should be released
(ipconfig /release) and renewed (ipconfig /renew) to form a
new binding.

Check Internet Configuration
If hosts on the wired and wireless local network can connect to the wireless router and with other hosts on the local
network, but not to the internet, the problem may be in the connection between the router and the ISP.

Check Firewall Settings
• If all clients are obtaining the correct IP
configuration, and can connect to the wireless
router but are unable to ping each other or
cannot access a remote server or application,
the problem may be with rules on the router.
• Check all settings on the router to ensure no
security restrictions could be causing the issue.
• Verify that the local firewalls on the client
devices are not preventing network
functionality.
263

Networking Essentials jsdsdcjsdcdscdscsdc

More Related Content

Similar to Networking Essentials jsdsdcjsdcdscdscsdc (20)

Recently uploaded (20)

Networking Essentials jsdsdcjsdcdscdscsdc