Monday, April 6, 2020

Networking Fundamentals

Networking Fundamental

Objectives

  • Describe the function and operation of a hub, a switch and a router 
  • Describe the function and operation of a firewall and a gateway 
  • Describe the function and operation of Layer 2 switching, Layer 3 switching, and routing 
  • Identify the layers of the OSI model 
  • Describe the functionality of LAN, MAN, and WAN networks
  • Identify the possible media types for LAN and WAN connections

What is a Network?

  • A network refers to two or more connected computers that can share resources such as data, a printer, an Internet connection, applications, or a combination of these resources.


Types of Networks

Local Area Network (LAN)










Metropolitan Area Network (MAN)










Wide Area Network (WAN)









WAN Technologies 

Leased Line

Circuit-switched

Frame-Relay

Broadband Access


Network Topologies:

Bus Topology 

Star Topology


Extended Star Topology

The OSI Model— Why a Layered Network Model?




• Reduces complexity 
• Standardizes interfaces 
• Facilitates modular engineering 
• Ensures interoperable technology 
• Accelerates evolution
• Simplifies teaching and learning









The Seven Layers of the OSI Model



Application Layers (Upper Layers): 

• Network Processes to Applications 
• Data Representation 
• Inter Host Communication













End To End Connections:



• Handles transportation issues between hosts
• Ensures data transport reliability
• Establishes, maintains and terminates virtual circuits
• Provides reliability through fault detection and recovery
• Information flow control











Data Delivery:


• Provides connectivity and path selection between two host systems
• Routes data packets
• Selects best path to deliver data
• The Network layer prioritizes data known as Quality of Service (QoS)












Access to Media:





• Defines how data is formatted for transmission and how access to the network is controlled













Binary Transmission:


• Defines the electrical, mechanical, procedural, and functional specifications for activating, maintaining, and deactivating the physical link














Physical Media Types


Physical Media Comparison



     Twisted Pair        Coaxial        Fiber Optic       Wireless LAN   
Bandwidth Up to 1 Gbps10- 1-- MbpsUp to
10 Gbps
or Higher		Up to
54 Mbps
Distance Up to 100 mUp to 500 mUp to 60 kmUp to 100 m
Price Least
expensive		InexpensiveMost
expensive		Moderate

Hub or Repeater

A hub (concentrator) is a device that repeats the signals it
receives on one port to all other ports. It is a central
connection point for several network devices.



Network Interface Card




WAN—Physical Layer Implementations


• Physical layer implementations vary
• Cable specifications define speed of link



Cisco     PPP        Frame
Relay    
    ISDN BRI (with
PPP)  
    DSL Modem     Cable
Modem  
EIA/TIA-232
EIA/TIA-449
X.21 V.24 V.35
HSSI		 Up to 1 GbpsfgRJ-48
Note: ISDN BRI cable
pinouts are different than
the pinouts for Ethernet.
The RJ-48 and RJ-45
look the same, but the
pinouts are different.		RJ-11
Note: Works
over telephone
line		 BNC
Note: Works
over Cable
TV line

WAN


Data Link Layer

  • Data Link layer protocols create, transmit, and receive packets. This layer is also responsible for logical MAC addressing and LLC processing, creating logical topologies, and controlling media access.

MAC Address

  • The network interface card address, called the hardware address, is protocol-independent and is usually assigned at the factory. This address is technically called the media access control address (MAC) because it is found on the MAC sub layer of the Data Link layer.

Data Link Devices

  • The Data Link layer is manipulated by two devices: bridges and switches. These are more complex and more expensive than their Physical layer counterparts, but they do have advantages.

Switch

  • When a switch receives data the switch examines the data link header for the MAC address of the destination station and forwards it to the correct port. This opens a path between ports that can use the full bandwidth of the topology.

Network Layer

  • The network layer provides connectivity and path selection between two host systems that may be located on geographically separated networks
  • IP is a standard that defines the manner in which the network layers of two hosts interact. IP addresses are 32 bit long, hierarchical addressing scheme

Network Layer Devices

The devices that operate at the Network layer are routers and Layer 3 Switches


Routers

Routers facilitate communication within this internet work. It decides how to send packets within the network so that they arrive at their destination.

Layer 3 Switches

The Layer 3 switch functions at the Network layer and performs the multiport, virtual LAN, data pipelining functions of a standard Layer 2 switch. It can also perform basic routing functions between virtual LANs.

Multilayer Switching


Combines functionality of:
– Layer 2 switching
– Layer 3 switching
– Layer 4 switching
• High-speed scalability
• Low latency compared to routers




Transport Layer Implementations

The Transport layer is charge of the reliable/unreliable transport of data. It can be implemented as TCP or UDP.

Gateway

A gateway is a combination of hardware and software that connects dissimilar network environments. It performs translations at multiple layers of the open system interconnection (OSI) model.

Firewalls

A firewall is a system or group of systems that manages access between two or more networks

Summary


This lesson covered the following main topics:
• The function and operation of a hub, a switch, and a router
• The function and operation of Layer 2 switching, Layer 3 switching, and routing
• The OSI model
• Functionality of LAN, MAN and WAN networks
• Possible media types for LAN and WAN connections
• The function and definition of firewalls and gateways


Posted by at 3 comments:

Thursday, April 2, 2020

Domain Name System


Domain Name System

DNS Port Number – What is Domain Name System – How DNS Works

DNS (Domain Name System) is the system that translates an Internet or Host name (that is easier for people to remember) to an IP address. In this article we’ll describe how DNS works, what port numbers are used for DNS protocol etc so keep reading for all info below.

Table Of Contents
What is DNS
How DNS Works
What is DNS Port Number
How to allow DNS through Firewall
What are Zone Transfers
Different DNS Server Software

What is DNS

A Domain Name could be for example https://www.networkstraining.com (i.e the website you are reading right now) that the DNS translates to an IP address (example 74.54.219.242).
Keep in mind that every domain name on the Internet must be associated with an IP address (either IPv4 or IPv6). This is required in order to reach this domain (i.e the webserver hosting the domain) over the Internet. Note that all TCP/IP communication is based on IP addresses.
If the address is registered in a reverse lookup zone, the IP address is translated back to the DNS name and it is called “reverse DNS lookup” or simply r-DNS.
A DNS system consists of two parts: a server and a resolver. The server keeps information about which DNS names correspond to which IP addresses. A Resolver is the software on the DNS client who is asking the server for information.
Therefore, a DNS server contains mappings/associations of Domain Names to IP addresses. If a specific DNS server does not know the IP address of a domain, it will ask a different DNS server (the authoritative server) to find out the correct IP-to-Domain mapping.
A DNS name consists of a host (e.g www means it is a webserver) and domain (e.g networkstraining.com). Domains are unique and are recorded in global databases.

How DNS Works

The image above shows a simple operation of how domain name system works to provide the IP address of a website.
Let’s see that below:
  • A user (shown as computer host on the top left) opens a browser and wants to visit website abcd.com/index.html
  • Every computer as we know has some network settings configured. These network settings (configured to its Ethernet card or WiFi card) include the IP address of the computer itself and also the IP address of the DNS server (for example this DNS server address can be given to you from your ISP or you can use well known Internet DNS servers such as the Google server which is 8.8.8.8)
  • The computer that wants to visit the above website does not know yet the IP address of abcd.com.  Therefore, it will ask its DNS server “what is the IP address of abcd.com ?” as shown on the picture above.
  • The DNS server will reply back to the computer with an answer “The IP address of abcd.com is 156.1.2.3” for example.
  • Therefore, now the user’s computer will start sending packets to the above IP address which corresponds to the website that the user wants to visit.
  • Note that if the DNS server above does not know the IP address of the specific domain, it will ask other DNS servers on the Internet (authoritative servers) to learn the address and then forward it to the end user.

What is DNS Port Number

DNS uses both TCP and UDP port 53
The most frequently used port for DNS is UDP 53. This is used when a client device (e.g a computer, smartphone etc) communicates with a DNS server in order to resolve a specific domain name (as described above). Keep in mind that when using UDP 53 for DNS, the maximum size of the query packet is 512 bytes which might not be enough as we will see below. 
TCP 53 is used mainly for Zone Transfers (see explanation below) and also when the query exceeds 512 bytes. This is valid when DNSSEC is used which adds extra overhead to the DNS query (cryptographic keys, signatures etc). Also, now with IPv6, the query reply packets can also get bigger than 512 bytes.

How to allow DNS through Firewall

From the internal network, you should allow outbound traffic on both TCP and UDP ports 53 towards a trusted external DNS server (e.g the server provided by your ISP).
 If you manage a firewall protecting a DNS server, you should allow UDP 53 from your clients and restrict TCP 53 only from other trusted DNS servers that you want to have zone transfers.

What are Zone Transfers

A Zone Transfer is replication of DNS records from one DNS server to another. This communication uses TCP port 53. Basically it is a fast way to replicate the DNS database of one server across to other servers. The DNS query type used for zone transfer is AXFR.
For security reasons, you must configure the DNS server (e.g BIND) to allow only zone transfers from other trusted servers ONLY. If you allow zone transfers from anyone, a hacker can request a zone transfer to your server and replicate all of its database to itself.

Different DNS Server Software

Here are the most popular DNS server software used in networks:
  • BIND (open source and free)
  • Microsoft DNS
  • Big-IP DNS (from F5)
  • CNR DNS (from Cisco)
  • PowerDNS
  • etc
Posted by at No comments:

Install and Configure Active Directory Domain Services


Explain how to install AD on server 2012 r2.

 

Requirement: -

Minimum: 1.4 Ghz 64-bit processor
Minimum: 512 MB RAM
Minimum: 32 GB or greater
The first step is to get server 2012 install on a server. it is very similar to server 2008 install and in one of my previous posts i have discribe how to do the install in details.

  • Next thing we need to do is get network interfaces configured. it is obvious to use static ip address for the server. Since the server will be act as DNS server, for DNS server field you can use local host address 127.0.0.1 (10.0.0.1) 
IP Address –     10.0.0.1
Subnet Mask – 255.0.0.0
DNS sever –     10.0.0.1

  • It is recommend to use meaning full name as the server name. in demo i renamed it as "CHNM" Select Server Manager on task bar, then choose local server then choose computer name.

  • After this we are ready to start on the AD install. As per my next step i will start DNS role install first. This is not must to do, you also can install dns during the AD install. But as per best practice i always prefer to add DNS role first. To do this we need to start "Server Manager" it can opne using shortcut on task bar or from Start > Server Manager.

  •  Then in Server Manager window click on option "Add roles and features" option.
  •  Then it will load the "Add roles and features" wizard. click on next to continue.
  •  In next window keep "Role-based or feature-based installation" default selection and click on next.
  •  In next window we can select which server to install role. in our case it will be local. so keep the default selection and click on next.
  •  In next window it gives option to select the roles. select and click on tick box "Active Directory Domain Services"
  •  Then it will prompt window to indicate the additional feature installations related to selected role. click on "Add Features" to continue.
  • Then in next window click on next to continue
  • In next window it will give option to select additional feature to install. but i will keep the default selection. click next to install.

  •  In next window it give brief description about the AD service. click on next to continue.
  •  In next window it gives brief about the installation. click on "install" to start the installation.
  •  In next window it will begins the service install and we have to wait till it finish.
  • Once it finish click on "close" to exit from the wizard. then next step is to reboot the server to complete the installation.
  •  After that completes we need to start on the DC setup. to start that open the "Server Manager" and click Task flag on right hand corner. then it will list option as below picture. click on "promote this server to a domain controller" option ( highlighted with yellow in picture).
  •  Then it starts the DCPROMO wizard. on the first window since its going to be new forest i have selected option "Add a new forest" and i typed the domain name "contoso.com" which i will be using on the forest. once fill the info click on "next" to continue.
  •  In next window we can select the forest and domain functional levels. i will keep it default. then in domain controller capabilities its by default selected DNS server and Global Catalog as its first DC in the forest. then we need to defined password to use in DC recovery. click on next to continue.
  •  In next window it will give following error but it can be ignore. click on next to continue.

  •  In next window it ask for the netbios name. we can keep it default and click on next to continue.
  •  In next window it give option to change file paths for AD database, log files and SYSVOL files. we can change the paths or keep them defaults. once changes are done click on next to continue.
  •  In next window it gives description about the installation. click on next to continue.
  • In next window it will run system check and verify system is compatible with the selected installation. once test completes successfully click on install button to begin the installation. if its passes any critical errors those needs to be address before the installation begin.
  •  Then it will start the install and we need to wait till it finishes.
  •  Once its complete the install it will automatically reboot the server.
  • Once server is rebooted log in to server using domain admin credentials. In our demo it will be in format of
user : contoso\Administrator
password : XXXXXXXXX

  • Once login, load the "Server manager" and click on "AD DS" option in right hand list. then select and right click as showed in screenshot to start with AD configuration.

Read more »
Posted by at No comments:
Subscribe to: Comments (Atom)