COMPUTER NETWORKS
EXAMPLES OF TEST
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
TEST 1 - 20 questions - Duration: 1h30
Question 1- What is the definition of ISO? What is ISO? What is the definition of OSI? What are the names of the OSI layers?
Question 2- What is the name of the information in OSI layer 1? And in OSI layer 2? What are the two possible names of the information in OSI layer 3?
Question 3- Give 8 examples of what we can find in OSI layer 1.
Question 4- Give 8 examples (hardware, protocols) of what we can find in OSI layer 2.
Question 5- Give 8 examples (hardware, protocols) of what we can find in OSI layer 3.
Question 6- What are the names and the roles of the sub-layers of OSI layer 2?
Question 7- What is the definition of a VLAN? What are the different possibilities to set up a VLAN? What are the three main advantages of a VLAN?
Question 8- What are the two roles of the OSI layer 3? Describe the two different methods of this layer for sending the information on internet.
Question 9- What is the definition of NAT? What is the goal of using NAT? How does NAT work? What is the definition of LSNAT? In which case NAT and LSNAT are useless?
Question 10- What is the definition of a firewall? Why installing a firewall? How does a firewall work? In which OSI layer(s) a firewall is it?
Question 11- Give two examples of a layer 3 protocol encapsulated in a layer 2 protocol.
Question 12- What is the definition of a switch? How does it work? Give 3 kinds of switch.
Question 13- What is ATM? What are the characteristics of ATM frames (size, path to follow, flow)?
Question 14- What is the definition of CSMA/CD? What is it used for?
Question 15- What is MPLS? What is his goal? How does MPLS work for transferring the data?
Question 16- What are routers? How do they work? Give 2 examples of router.
Question 17- What are the main differences between IPv4 and IPv6 addresses? What are the two main differences between IP v4 and IP v6 protocols headers?
Question 18- ‘Everything over IP’: give 4 examples. ‘IP over everything’: give 4 examples.
Question 19- What is the definition of IPsec? In which OSI layer is it? What is it used for?
Question 20- What is ICMP? In which OSI layer is it? What is it used for? How does it work?
TEST 2 - 40 questions - Duration: 3h
Question 1- What is the definition of ISO? What do you know about ISO?
Question 2- What is the definition of OSI? What is the goal of OSI?
Question 3- What are the names of the seven OSI layers?
Question 4- Give the name of the information in each OSI layer (from layer 1 to layer 7).
Question 5- What can we find in OSI layer 1? Give five examples.
Question 6- What can we find in OSI layer 2? Give five examples.
Question 7- What are the names of the sub-layers of OSI layer 2?
Question 8- What are the roles of the sub-layers of OSI layer 2?
Question 9- What can we find in OSI layer 3? Give five examples.
Question 10- What are the two main roles of OSI layer 3?
Question 11- What can we find in OSI layer 4? Give five examples.
Question 12- What are the three main roles of OSI layer 4?
Question 13- What are the three main roles of OSI layer 5?
Question 14- What are the three main roles of OSI layer 6?
Question 15- What can we find in OSI layer 7? Give eight examples.
Question 16- What is a hub? In which OSI layer is it?
Question 17- In which OSI layer(s) is ethernet? Why?
Question 18- In which OSI layer(s) is WiFi? Why? Give the name of a WiFi security protocol.
Question 19- What is a MAC address?
Question 20- Write ten DOS commands.
Question 21- Give the name of four network topologies.
Question 22- What is a PAN? What is a LAN? Give an example of each.
Question 23- What is a MAN? What is a WAN? Give an example of each.
Question 24- What is a switch? In which OSI layer is it?
Question 25- What is a VLAN? Give three possibilities to set up a VLAN.
Question 26- What is ATM? What are the characteristics of ATM frames (size; path; flow)?
Question 27- What is a VPN? What is the main goal to set up a VPN?
Question 28- What are routers? How do they work? Give two examples of router.
Question 29- ‘Everything over IP’ and ‘IP over everything’: give 4 examples of each.
Question 30- What is the definition of IPsec? In which OSI layer is it? What is it used for?
Question 31- What are the main differences between IP version 4 and IP version 6 addresses?
Question 32- What is a firewall? Why installing a firewall? How does a firewall work?
Question 33- What are TCP and UDP? Which is the most reliable? What is TCP/IP protocol?
Question 34- What is a web proxy server? Give four roles of a web proxy server.
Question 35- What is the definition of DHCP? What is DHCP goal? What’s DHCP lease time?
Question 36- What is the definition of DNS? What is the goal of DNS? Why is DNS useful?
Question 37- What is a malware? Give five kind of malware.
Question 38- Write five security protocols.
Question 39- What is a DMZ? What is the main goal of a DMZ?
Question 40- Write five security rules to follow for protecting a computer.
COURSE
----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
NETWORKS:
PAN= Personal Area Network (only few meters). Example of PAN: two smartphones connected with Bluetooth technology.
LAN= Local Area Network (up to 1 km). Example of LAN: all computers, servers, printers and network devices of a bank or a university in only one site.
MAN= Metropolitan Area Network (up to 10 km). Example of MAN: the radio broadcasted in a city like Paris or Phnom Penh.
WAN= Wide Area Network (up to thousands of km). Example of WAN: the network of Google company on earth.
WPAN= Wireless PAN. Ex: Bluetooth.
WLAN= Wireless LAN. Ex: WiFi
WMAN= Wireless MAN. Ex: Boucle locale radio.
WWAN= Wireless WAN. Ex: GSM (Global System for Mobile communication); GPRS (General Packet Radio Service); UMTS (Universal Mobile Telecommunication System); EDGE; 3G, 4G and 5G.
INTERNET= INTERnational NETwork= some (LAN, MAN and WAN) + emails + webpages + chat + FTP + P2P + VoIP + DNS + videos + newsgroups + …
WEB= World Wide Web= WWW= a part of internet about pages (with documents & photos). So it's better to say ''website'' instead of ''internet site''.
COMPUTERS (laptops and desktops):
Some components of computers:
-Motherboard, also called mainboard:
Examples of manufacturers: ASUS, MSI, ACER and INTEL.
Some electronic components of motherboard are: resistors; diodes; condensers; transistors; integrated circuits.
The chipset of the mainboard is an electronic device managing the digital data flow between the CPU, RAM and peripherals.
-CPU (Central Processing Unit) also called processor:
Examples of manufacturers: INTEL (Core i7 with 3.6 GHz; Core i3 with 4.0 GHz; Pentium; Celeron; Avoton…) and AMD (Phenom; Opteron; Athlon, Duron, Sempron, Ryzen 1 and Ryzen 9 with 3.8 GHz).
The AMD Ryzen Core i9 has 18 cores and 36 threads: these 18 cores work in parallel, each core has 2 threads which means that each core execute 2 tasks in the same time (it's the Hyper-Threading).
The socket is the receptacle of the processor managing the communication between the processor, video card and HDD.
-RAM (Random Access Memory):
Example of RAM capacity: 8 GB; 16GB; 32 GB.
Examples of RAM: DDR4 (Double Data Rate 4) for desktop. DDR5 (Double Data Rate 5) for desktop and SO-DIMM for laptop.
-FSB (Front-Side Bus) is an electronic bus which connects the CPU to the RAM and to the other mainboard components.
-HDD (Hard Drive Disk):
Examples of HDD capacity: 500 GB, 1 TB, 2 TB, 3 TB, 4 TB, 6 TB, 8 TB, 10 TB, 16 TB and 18 TB (example: Seagate SkyHawk 16 TB costs 700 USD in 2022).
Examples: HDD SATA 3,5'' for desktops; HDD SATA 2,5'' for laptops; eHDD with USB cable.
Examples of HDD manufacturers: IBM; Maxtor; Seagate; Western; Intel; Samsung; Dell; Fujitsu; Sandisk; Iomega; Toshiba; ASUS; Cisco; Adata...
-SDD (Solid State Drive): faster (access time) and more expensive than HDD.
Examples of SDD capacity: 250 GB, 500 GB, 1 TB, 2 TB.
Examples of SDD manufacturers: Crucial; Textorm; Kingston; Samsung; Western...
-Network card:
Examples of manufacturers: INTEL, REALTEK, ASUS, TP-LINK, D-LINK, BROADCOM and QLOGIC.
More information about network cards are written below.
-Graphic card or video card:
Examples of manufacturers: ATI; NVidia; AMD; ASUS; MSI; Gigabyte.
An example of graphic card is MSI GeForce RTX 2080 Ti GAMING X TRIO with 11 GB.
GPU (Graphic Processing Unit) is the CPU of a graphic card.
-Power supply:
The power supply is a hardware device that converts alternating current electricity to low-voltage regulated direct current electricity for the internal components of a computer.
-Fan:
The fan's goal is to cool down the temperature of the computer's components.
Examples of FAN’s location: on CPU; on GPU; on power supply; on HDD; on RAM.
-Operating Systems (OS):
Examples of OS for computers: Windows 11, Linux Mandrake and OS X.
SERVERS:
A server is a powerful computer
Example of server’s configuration:
-2 CPU of 4 GHz.
-5 HDD of 2 TB with RAID technology (RAID is Redundant Array of Independent Disks).
-RAM of 128 GB.
-Operating System: Windows 2019 Server, or IBM-AIX, or HP-UX, or Sun-Solaris, or Linux Debian.
EXAMPLES OF SERVER ROLES:
-Files server (need huge HDD capacities).
-Domain controller (ex: with Active Directory).
-DNS server.
-DHCP server.
-Emails server (ex: Microsoft Exchange).
-Printing server.
-Databases server (ex: Microsoft SQL Server).
-Web server (Microsoft IIS or Apache open source).
-Web proxy server.
-Blade server (a blade can have 20 servers, a blade contains processor, RAM, HDD and network interface. The blade does not have fans, power supply and cables which are on the main server).
-Remote server (dedicated to users located outside the LAN whom need a remote access to it for example to files servers and printers).
Some definitions:
BIT= Binary digiT= 0 or 1.
1 Byte= 8 bits.
K= 1000= 10 exp. 3 (example: 1 KB= 10 exp. 3 Bytes).
M= 1 000 000= 10 exp. 6 (example: 1 MB= 10 exp. 6 Bytes).
G= 1 000 000 000= 10 exp. 9 (example: 1 GB= 10 exp. 9 Bytes).
T= 1 000 000 000 000= 10 exp. 12 (example: 1 TB= 10 exp. 12 Bytes).
REPEATER:
it's an electronic device that receives a signal and retransmits it, so that the signal can cover longer distances.
HUB:
it's a repeater with several ports. Several computers can be connected to a hub and communicate altogether.
HUB uses half-duplex communication (each machine sends a message to everybody), so sometimes there are data collisions.
Each hub has only one collision domain and only one broadcast domain.
In order to limit the number of collisions in the network, HUB uses Carrier Sense Multiple Access / Collision Detection (CSMA/CD), "Jam signal" and "Backoff algorithm".
NETWORK CARD:
-some manufacturers: Intel; Realtek; Broadcom; Qlogic; Group; Mellanox; Marvell…
-example of network cards: ethernet card and HBA card
HBA card (Host Bus Adapter) is the interface which connects a host to a SAN (Storage Area Network) with FCP (Fiber Channel Protocol).
-example of speed: 10Mbit/s; 100Mbit/s; 1Gbit/s; 10Gbit/s; up to 160 Gbit/s
-connected to: ethernet; WiFi; ATM; Fibre Channel; FDDI; Token Ring.
-on motherboard, it's possible to be connected to USB port, firewire, PCI connector, ISA connector, Thunderbold, or to be integrated.
MODEM:
it's MOdulator-DEModulator: it’s a device which converts a stream of digital bits to analog signal, and reciprocally.
TWISTED PAIR:
two insulated copper wires are twisted together in a helical form.
-Category 5e and 6 support 1 Gbps.
-Category 7 supports 10 Gbps.
OPTICAL FIBER:
very fast (internet; MAN; WAN; interconnection of LANs).
COAXIAL CABLE:
it's a stiff copper wire.
BLUETOOTH:
It’s a wireless technology standard for exchanging data over short distances, using radio waves.
Bluetooth can be used by: computer, tablet, smartphone, printer, mouse, keyboard, scanner...
Some physical NETWORK TOPOLOGIES:
bus, ring, star, tree, mesh and hybrid.
CIRCUIT SWITCHING:
Circuit-switched is a type of network in which a physical path is obtained for and dedicated to a single connection between two end-points in the network for the duration of the connection.
Ordinary voice phone service is circuit-switched:
the telephone company reserves a specific physical path to the number you are calling for the duration of your call. During that time, no one else can use the physical lines involved.
PACKET SWITCHING:
In a packet switched network, the information are broken down into packets and sent through routers.
Each packet of information travels through a different route.
Message addressing and transmission methods:
-UNICAST: one-to-one.
-MULTICAST: one-to-a-group.
-BROADCAST: one-to-everybody.
-ANYCAST: one-to-the-closest.
MAC ADDRESS:
it's a 48-bit address that is encoded on each network device by its manufacturer.
-MAC is Media Access Control.
-MAC address format is hexadecimal (figures from 0 to 9, letters from A to F).
-Each MAC address is unique.
-Check your MAC address with the following prompt command: ipconfig /all
-Example of MAC addresses: C1:2D:C4:A9:DE:13
-Each MAC address has two parts: OUI (24 bits) + NIC (24 bits too):
OUI is Organization Unique Identifier; this code is provided by the Institute of Electrical and Electronics Engineers (IEEE) who gives it to the network card manufacturer.
NIC or NIC Identifier is Network Interface Card ID, it is randomly generated. It will be possible to modify the NIC number with a prompt command so the MAC address will be modified too.
PROTOCOL:
In information technology, a protocol defines rules for communication between a network of computers.
Examples: Internet Protocol (IP); Transmission Control Protocol (TCP); Border Gateway Protocol (BGP); Open Shortest Path First (OSPF).
MPLS:
MPLS is MultiProtocol Label Switching.
-it’s a protocol (on the top of OSI layer 2).
-the goal of MPLS network is to transfer the data quickly and with quality.
-how? a label is added to each data frame, and
the routers recognize this label, then transfer the data frames in the shortest path called LSP (or tunnel).
-“Multiprotocol” because MPLS can support different protocols as ATM, Frame Relay, IP and Ethernet.
-There are different levels of priority in MPLS network:
*P1: for videos (the highest priority).
*P2: for voice (very high priority).
*P3: for other data with a high priority.
*P4: for data with a normal priority.
*P5: for data with a low priority.
-MPLS may not use internet.
-MPLS ensures quality while VPN (on internet) ensures confidentiality of the data.
ATM:
ATM is Asynchronous Transfer Mode.
-it’s a protocol (of OSI layer 2).
-it's a network too.
-the data transfer is fast with quality (video, voice…).
-all data frames have 53 bytes (and are called "cells").
-all cells follow the same path on the network.
-the cells are sent in asynchronous manner.
-ATM network is based on ATM protocol, ATM network cards for routers, or ATM switches.
FRAME RELAY:
-it’s a protocol (of OSI layer 2).
-it's a network too.
-A Frame Relay network is made with Frame Relay switches and based on Frame Relay protocol.
-it’s possible to encapsulate of lot of protocols over Frame Relay (ex: IP over Frame Relay).
-the maximum size of each frame is of 4096 bytes.
-Frame Relay is useful for interconnecting some LANs through a WAN.
-A Frame Relay network is not expensive if it’s composed of few LANs only.
CSMA/CD:
CSMA/CD is Carrier Sense Multiple Access / Collision Detection.
It’s the method used in ethernet networks for controlling the access to the physical media by network nodes.
CSMA/CD goal is to avoid data collision on Ethernet networks.
CSMA/CD process can be described as follows:
-listen to see if the wire is being used.
-if the wire is busy, wait.
-if the wire is quiet, send.
-if a collision occurs while sending, stop and wait a specific amount of time, and send again.
SWITCH:
-A switch connects several computers altogether.
-a switch performs "error checking" before forwarding data.
-the previous name of switch was bridge.
-a switch belongs to OSI layer 2. But some switches belong to OSI layer 3 too, in this case they can support both OSI layer 2 (based on MAC addresses) and OSI layer 3 (based on IP addresses).
-different kinds of switches: Ethernet switch; ATM switch; Frame Relay switch; Fiber Channel switch...
-some manufacturers of switch: Cisco; Netgear; TP-Link; DLink...
-a switch uses a MAC address for redirecting the data.
-each switch has a "CAM table" which stores the association between MAC address and port number for each computer. CAM is Content Addressable Memory.
-if a switch belongs to OSI layer 3, then it has also an "ARP table" which stores the association between IP address and MAC address for each computers.
ARP is Address Resolution Protocol; ARP resolves IP address to MAC address.
-a switch can interconnect several LANs.
-a switch is also called a "smart hub" because it finds immediatly the relevant port (after consulting the CAM Table) where to send the data.
-a network of switches can have problems because of loops of frames ("broacast storm" and "flapping CAM table")!
SPANNING-TREE Protocol (STP) solves theses problems by avoiding loops. By default, STP is activated on switches.
There are different kinds of STP: the traditional spanning-tree; the per Vlan spanning-tree (PVST); the rapid spanning-tree (RSTP); the rapid per Vlan spanning-tree (RPVST); the multiple spanning-tree (MSTP).
But if there are several physical links between switches (for example 3 gigabit ethernet links), then STP will block two of them in order to avoid loops!
ETHERCHANNEL is a protocol used to fix that by transforming these physical links in one logical link only! The logical interface is called "port-channel".
These physical links must belong to the same VLAN, must have the same speed, must have the same mode (both of them in Access mode or both of them in Trunk mode),
and must have the same communication (both of them in full-duplex or both of them in half-duplex.
There are two channeling protocols: Port AGgregate Protocol (PAGP) (for Cisco switches only) and Link Aggregate Control Protocol (LACP) (for all switches).
All the physical links between switches will be used despite of the logicial link, and there is load-balancing between these links.
VLAN:
VLAN is Virtual Local Area Network
-it’s a logical and independent LAN.
-the goal of VLAN is too split a big LAN into several virtual LAN.
-the computers of a VLAN are connected to one or several ethernet switches.
-a VLAN can be based on computers MAC addresses, or on IP addresses, or on switches ports, or on protocols (ex: TCP/IP; IPX; AppleTalk).
-advantages of a VLAN: more security, more flexibility for managing the LAN, and separation of the data flow.
-example: the LAN of a company can be splitted in three VLAN: one VLAN with all Windows machines, one VLAN with all Linux machines and one VLAN with Sall un-Solaris machines.
-VLAN belongs to OSI layer 2 (which is data-link layer).
-a VLAN ID can belong to [1;4096]-{1002,1003,1004,1005}.
-a VLAN can be created on the interface of a switch only if this interface is in Access mode (but by default the switches interfaces are on Dynamic mode).
-a huge network of switches with a lot of VLANs can create problems, for example if 50 VLANs communicate through only one switch. TRUNKING technology solves this mess.
*Trunking technology can be used with trunk mode only: on the port of a switch, the mode should be changed from Access mode to Trunk mode.
*Trunking technology uses Dynamic Trunking Protocol (DTP) to activate/desactivate the trunk mode of a port.
*Trunking protocols are ISL and dot1Q used for the communication of several VLANs on the same port of a switch. ISL is Inter-Switch Link belongs is for Cisco switches only; dot1Q can be used for all switches.
*There is also VLAN Trunking Protocol (VTP), for Cisco switches only, used to reduce the configurations if a lot of switches are interconnected.
For example, if 50 switches are interconnected, configure only one switch, then VTP will configure automatically the others 49 switches.
-Router On A Stick (ROAS) is a technique to connect a router with a single physical link to a switch and perform IP routing between VLANs.
FIREWALL:
-A firewall is a network security system that monitors and controls the incoming and outgoing network traffic based on predetermined security rules.
-A firewall establishes a barrier between a secure internal network and another outside network not secured and/or not trusted, as internet.
-A firewall analyzes the header of each IP packet:
*the IP address of the destination computer.
*the IP address of the source computer.
*the type of transport protocol: TCP or UDP.
*the type of service or application (email; web…).
-A firewall belongs to network, transport and applications OSI layers (3, 4 and 7).
-A firewall can be a software or hardware.
-The protection is really useful only if:
*the firewall configuration is well done, and
*all network traffic passes through the firewall only.
-Examples of firewall: ZoneAlarm and the firewall of Windows.
NAT:
-NAT is Network Address Translation.
-Definition: NAT translates private IP addresses to public IP addresses.
-Reminder: the private IP v4 addresses are:
In class A: from 10.0.0.0 to 10.255.255.255
In class B: from 172.16.0.0 to 172.31.255.255
In class C: from 192.168.0.0 to 192.168.255.255
These private IP addresses can not go on internet. But with NAT, it will be possible.
-NAT modifies/changes the IP address source of the IP packet header
-NAT routers allow computers of LAN with private addresses to receive public addresses and to access internet.
-There are static NAT, dynamic NAT and PAT.
*Static NAT:
Each private IP address is translated into a public IP address by routers, so N private addresses will receive exactly N public addresses;
it’s a problem because of the lack of IPv4 addresses.
*Dynamic NAT:
It's done automatically by routers.
*PAT (Port Address Translation):
Only one public IP address is shared between several private IP addresses.
-There is also LSNAT which is Large Scale NAT: for huge networks.
With LSNAT, thousand users with private IP addresses can go on internet.
-NAT and LSNAT are useless with IP version 6.
-Possible problems of IPsec packets to go through NAT routers if data only are secured.
Solution: secure IPsec packet entirely, encapsulate it in a new IP packet with a new IP header.
ICMP:
-ICMP is Internet Control Message Protocol
-Internet is monitored closely by the routers: when something unexpected occurs during packet processing at a router, the event is reported to the sender by an ICMP message.
-Each ICMP message is encapsulated in an IP packet.
-ICMP is also used to test internet links.
-ICMP messages are sometimes called PING.
-For IP version 6, there is ICMP v6 protocol.
ARP:
ARP is Address Resolution Protocol. It belongs to OSI layer 3.
Definition: ARP protocol resolves IP address to MAC address.
ARP is useful if a computer of a LAN wants to communicate with another computer of this LAN without knowing his MAC address, but his IP address only.
RARP:
RARP is reverse ARP. RARP resolves MAC address to IP address.
RARP is less used than ARP, only for a workstation without having HDD which wants to know his IP address.
ROUTERS:
-Definition: a router is a networking device that forwards data packets (or datagrams) between computer networks.
-A router analyzes the contents of the head of each data packet and checks the IP addresses source and destination.
The router uses a "Routing table" for choosing the relevant path to forward data packets.
-There are wireless (Wi-Fi) routers and routers with cables.
-Some manufacturers of routers: Cisco; Juniper; Hewlett-Packard; Alcatel-Lucent; IBM; Enterasys; 3Com; TP Link; D-Link; ASUS; Linksys; TK; Google-WiFi;…
-Some routers have multiple network cards, so multiple IP addresses too. Each network card is connected to a different network.
-A computer can be transformed in a router, with:
*at least 2 network cards.
*UNIX operating system, and
*a specific software like Coyote Linux or GNU Zebra.
-Some routing protocols: BGP (Border Gateway Protocol); RIP (Routing Information Protocol); OSPF (Open Shortest Path First); IS-IS (Integrated Intermediate System to Intermediate System);
EIGRP (Enhanced Interior Gateway Routing Protocol); EGP (Exterior Gateway Protocol); IGP (Interior Gateway Protocol).
-Most of Cisco and Juniper commands are SHOW... and CLEAR... (ex: show isis database - clear arp - clear arp cache - show clock - show system uptime).
QoS:
-QoS is Quality of Service.
-Congestion is a network state when a huge traffic of data creates speed reduction and saturation. For example if someone downloads a lot of big files all the times.
-Vocabulary: congestion; delay; loss (packets or frames lost); jitter (big variation of time between packets which troubles the communication).
-Quality of Service is a technology used by switches and routers in order to manage / reduce /avoid network congestions.
-How? By giving a level of priority to each packet (data, text, photo, voice, video), so that routers will handle high-priority packets first.
But by default, routers do not use QoS but use First In First Out (FIFO) technology.
-To do this level of priorities, QoS uses the following tools: classification, NBAR, marking, DSCP, queuing, policing and shaping.
"Classification" identifies the source IP addresses, destination IP addresses, ports numbers of each packet.
NBAR is Network Based Application Recognition, it belongs to Cisco and checks each OSI layer (from layer 1 to layer 7), it's better than Classification tool.
"Marking" uses Class Of Service (COS) for switches, Type Of Service (TOS) for routers, IPP protocol (IP Precedence), DSCP (Differentiated Service Code Point) protocol.
"Queuing": this tool uses 4 schedulers: round-robin scheduler, weighted round-robin, Classed Based Weighted Fair Queuing (CBWFQ) and Low Latency Queuing (LLQ).
-Rule: do not use QoS if there is not a congestion. For example, MPLS network works well without using QoS.
VPN:
-VPN is Virtual Private Network.
-The goal of a Virtual Private Network is to secure data transfers between two sites.
-In a VPN, all data packets follow the same and unique path.
-In a VPN, the data are encrypted, for example with IPsec.
-The following protocols can be used by a VPN: IPsec, PPTP, L2F, L2TP, SSL/TLS and SSH.
WEB PROXY SERVER:
It is an intermediate server between the computers and internet.
Web proxy server roles are:
-to share the internet access between computers;
-to make "web cache";
-to block some websites access;
-to prevent some computers from accessing internet;
-to prevent from downloading files from internet;
-to protect the LAN by blocking access to some virtual ports.
A web proxy server belongs to OSI layers 4 and 7.
WIRELESS NETWORKS:
-IEEE 802.11 is the standard for wireless networks (IEEE 802.3 is the standard for ethernet cable networks).
This standard was improved with: IEEE 802.11b (2.4 GHz, max 54 Mpbs), IEEE 802.11g (2.4 GHz, max 54 Mpbs), IEEE 802.11a (5 GHz, max 54 Mbps), IEEE 802.11n (2.4 GHz and 5 GHz, max 600 Mbps),
IEEE 802.11ac (5 GHz, max 6.23 Gbps), IEEE 802.11ax (2.4 GHz and 5 GHz, max 24 Gbps).
-CSMA/CA= Carrier Sense Multiple Access/Collision Avoidance: it's a protocol used in order to avoid interference within a wireless network.
-SSID= service Set IDentifier: it's the name of your wireless network.
-AP= Access Point, or WAP (Wireless Access Point): it's a networking device which allow wireless devices to be connected.
-Examples of wireless networks: Bluetooth (2.4 GHz) and WiFi (Wireless Fidelity). WiFi is both in OSI layer 1 and layer 2 because:
WiFi devices (router, access point...) are in layer 1 and WiFi security protocols are in layer 2.
-There are several Services Set Wireless: IBSS, BSS and ESS:
*Independent Basic Service Set (IBSS): it's an old method, for example at home with several computers interconnected without AP.
*Basic Service Set (BSS): it's a simple topology with an AP and several devices connected all around it. The AP MAC-address is called BSSID, the AP signal area is called BSA.
*Extended Service Set (ESS): it's a network composed of 2 AP interconnected with cables to a switch. This switch is called "Distributed System", and a Roaming Profile allows a user of AP1 to go in AP2 network and still be connected.
-The Access Point (AP) can work in several modes:
*Repeater mode: extends the signal and shares it with more devices.
*Workgroup bridge mode (Cisco only) and Universal workgroup bridge mode (for all): devices without WiFi card and antenna can connect to the workgroup bridge with a cable, afterwards these devices will use the AP.
*Outdoor bridge mode: extends the signal between two sites with antennas (one per site).
-There are several architectures of wireless LAN: Autonomous AP architecture, Split MAC-architecture, Cloud based architecture.
*Autonomous AP architecture: it's a 3-tier architecture (PCs, APs, Access layer, Distribution layer, Core layer, internet), it's difficult because each AP has to be configured.
*Split MAC-architecture: it's a 3-tier architecture (PCs, APs, Access layer, Distribution layer, Core layer, internet), using a WLC and a CAPWAP.
WLC= Wirelass LAN Controller: it's a device connected to a distribution switch that configures each AP through a virtual tunnel called CAPWAP.
CAPWAP= Control and Provisionning of Wireless Access Point, CAPWAP used UDP on ports 5246 and 5247.
*Cloud based architecture: the WLC is connected directly to internet in the cloud.
-Security of wireless networks is split in two parts: AUTHENTICATION and ENCRYPTION.
Authentication protocols are: WEP, EAP, LEAP, EAP-FAST, PEAP and EAP-TLS.
WEP= Wired Equivalent Privacy; EAP= Extensible Authentication Protocol; LEAP= Light EAP; EAP-FAST= EAP-Flexible Authentication by Secure Tunneling; PEAP= Protected EAP; EAP-TLS= EAP-Transport Layer Security.
Encryption protocols are: WAP, WAP2, WAP3, TKIP, CCMP, GCMP.
WAP= WiFi Protected Access; WAP2; WAP3; TKIP= Temporal Key Integrity Protocol; CCMP= Counter Mode CBC-MAC Protocol; GCMP= Galois Counter Mode Protocol.
CLOUD-COMPUTING:
What can be put in the cloud? For example:
-Applications.
-Data.
-Servers.
-Hard Drive Disks.
-Computers.
Some big companies providing cloud-computing:
-Google.
-Microsoft.
-IBM.
-Amazon.
-Apple….
Some kinds of cloud-computing:
-Private cloud (example: an IBM datacenter shared through VPN in internet with private companies in order to store their data).
-Public cloud (examples: Gmail and Google Drive whom can be used by everybody).
-Hybrid cloud: it’s a mixed of private cloud and public cloud (example: Microsoft Azure).
Three elements of cloud-computing:
-Saas is Software as a Service (for example the applications Google Docs, Google Sheets and Google Slide).
-Paas is Platform as a Service.
-Iaas is Infrastructure as a Service.
Some disadvantages of cloud-computing:
-Security (problems with malware and hackers on internet?).
-Confidentiality (problems with some employees working for the cloud company?).
-Availability/performance (problems with the internet connection?).
Some advantages of cloud-computing:
-Cost (free or cheap).
-Accessibility (from everywhere if there is an internet connection).
-Capacity (huge).
Information about some IT network protocols are available by clicking on the following red link: OSI.htm
Back to IT courses page
Back to website main page