CCNA Notes 1

Download as pdf or txt
Download as pdf or txt
You are on page 1of 11

NETWORK FUNDAMENTALS

Roles and Functions of Important Network Components:-


Routers:
Routers are networking devices that operate at the network layer of the OSI model. Their
primary role is to connect different networks together and route data packets between them.
Routers determine the best path for data to travel from one network to another based on
factors such as network congestion, speed, and cost. They have three main functions:
• Packet Forwarding: Routers forward packets between networks by examining the
destination IP address of each packet and using routing tables to make decisions.
• Network Address Translation (NAT): Many routers can perform NAT, which allows
multiple devices on a local network to share a single public IP address.
• Firewall Functionality: Routers often include basic firewall capabilities to filter incoming
and outgoing traffic based on rules.

Switches:
A switch is networking hardware that connects devices on a computer network by using packet
switching to receive and forward data to the destination device. A network switch is a multiport
network bridge that uses MAC addresses to forward data at the Data-Link layer of the OSI model.
There are two main types of switches, which are L2 and L3 switches:
• L2 switches primarily forward Ethernet frames between connected devices within the same
network segment (LAN). They use MAC addresses to make forwarding decisions and
typically operate within a single broadcast domain.
• L3 switches combine the functions of a traditional L2 switch with routing capabilities found
in routers. They can route packets between different IP subnets within the same network,
providing faster routing performance compared to routers for intra-network
communication.

Next-generation Firewalls (NGFW):


Next-generation firewalls are advanced versions of traditional firewalls, operating at the
network layer (L3) and sometimes higher layers. They incorporate additional features such as
application awareness, deep packet inspection, and intrusion prevention systems (IPS). NGFWs
can enforce security policies based on applications, users, and content.

Intrusion Prevention System (IPS):


Intrusion Prevention Systems are dedicated devices or software applications that monitor
network traffic for suspicious activity or known attack patterns. IPS systems actively block or
mitigate potential threats by inspecting packets in real-time, detecting anomalies, and applying
predefined security rules.
Access Points (AP):
Access points are devices that provide wireless connectivity to client devices within a wireless
local area network (WLAN). APs broadcast wireless signals and allow devices such as laptops,
smartphones, and tablets to connect to the network. APs manage multiple SSIDs (Service Set
Identifiers), allowing different groups of devices to access different parts of the network or
segregate guest access. They enforce security protocols such as WPA2 or WPA3 to secure
wireless communications.

Controllers:
Cisco DNA Centre is a centralized network management platform designed for managing
enterprise networks. Wireless LAN Controller (WLC) are devices that manage multiple access
points (APs) in a wireless LAN (WLAN) environment. They centralize the configuration and
management of APs, enforce wireless policies, and optimize wireless performance.
Endpoints:
Endpoints refer to devices connected to a network that originate or terminate data
transmissions. Endpoints such as computers, smartphones, printers, and IoT devices generate
and consume data within the network. They communicate with other devices over the
network, accessing resources and services provided by servers and other network components.

Servers:
Servers are powerful computers or software applications that provide services or resources to
clients on a network. Servers host and provide access to files, applications, databases, and
other resources that clients can access. They centralize and manage network resources, user
authentication, and data storage. Servers can perform specialized functions such as web
hosting, email services, database management, and virtualization.

Describe characteristics of Network Topology Architectures:-


2-Tier Architecture:
In a 2-tier architecture, also known as two-layer or two-tier architecture, network devices are
divided into two distinct layers or tiers, Access Layer and Distribution Layer. The Access Layer
connects end devices (such as computers, printers) to the network. It often involves switches
that provide connectivity for devices within a local area network (LAN). The Distribution Layer
aggregates the data received from the access layer and forwards it to the core layer. It also
provides policies and controls between different access layer devices.

3-Tier Architecture:
A 3-tier architecture expands on the 2-tier model by adding a dedicated layer for handling
communication between the access and core layers. Similar to the 2-tier architecture, Access
Layer connects end devices to the network. Here the Distribution Layer serves as an
intermediary between the access and core layers, managing traffic routing and implementing
policies. Finally, the Core Layer is responsible for high-speed packet switching within the
network. It connects distribution layers of different parts of the network or between different
sites.
Spine-Leaf Architecture:
Spine-leaf is a modern data center network architecture that provides high bandwidth, low
latency, and scalability by using leaf switches that connect to every spine switch in a full-mesh
topology. Spine Switches act as the core layer and connect to all leaf switches. Leaf Switches
connect servers and other devices to the network. Each leaf switch connects to every spine
switch, ensuring multiple paths and redundancy.

Wide Area Network (WAN):


A WAN is a network that spans a large geographic area, connecting multiple LANs and other
types of networks together. WANs often use technologies like leased lines, MPLS (Multiprotocol
Label Switching), or VPNs (Virtual Private Networks) to connect geographically dispersed
locations. WANs require robust security measures and reliability due to their expansive nature
and connection of diverse networks.

Small Office/Home Office (SOHO):


SOHO networks are typically small-scale networks used in home offices or small businesses.
Often consists of a single router or modem-router combination providing internet access and
local network connectivity. Includes wireless access points for connecting devices like laptops,
smartphones, and printers wirelessly. It is designed for smaller environments with fewer
devices compared to larger enterprise networks.

On-premises and Cloud:


This architecture distinguishes between networks hosted locally (on-premises) and those
hosted in cloud environments. On-premises are Networks hosted locally within an
organization's physical location. Typically, these networks require infrastructure maintenance
and management by the organization's IT team. The Cloud is a Network hosted and managed
by cloud service providers (CSPs). Cloud networks offer scalability, flexibility, and often lower
upfront costs, with services accessed via the internet.

Compare Physical Interface and Cabling:-


Single-mode fiber:
▪ Core Size: Smaller core (typically 9 microns).
▪ Bandwidth: Higher bandwidth and longer transmission distances.
▪ Light Source: Uses a laser as the light source.
▪ Applications: Ideal for long-distance, high-bandwidth applications such as
telecommunications and data centers.

Multimode fiber:
▪ Core Size: Larger core (typically 50 or 62.5 microns).
▪ Bandwidth: Lower bandwidth and shorter transmission distances compared to s-m fiber.
▪ Light Source: Typically uses LEDs or VCSELs (Vertical Cavity Surface Emitting Lasers).
▪ Applications: Suitable for shorter distances within buildings or campuses, generally used
for LANs, video surveillance, and backbone cabling.
Copper:
▪ Medium: Uses copper wires.
▪ Bandwidth: Generally lower bandwidth compared to fiber optics.
▪ Distance: Limited distance (up to 100 meters for Ethernet).
▪ Applications: Commonly used for Ethernet networks, telephone lines, and traditional
LAN connections within buildings.

Ethernet Shared Media Connection Point-to-Point Connection


Topology: Uses a shared medium (like a bus or hub) Topology: Direct connection between two devices,
where all devices on the network share the same typically facilitated by switches or routers.
bandwidth.
Collision Domain: Devices must contend for access Dedicated Bandwidth: Each connection has its own
to the network, which can lead to collisions and dedicated bandwidth, ensuring consistent
decreased efficiency. performance.

Example: Traditional Ethernet networks using hubs Example: Most modern Ethernet networks are
or early Ethernet switches in a shared configuration. point-to-point connections between switches,
routers, and end devices, providing efficient data
transmission without contention.

Power over Ethernet (PoE):


• Definition: Technology that allows Ethernet cables to carry electrical power, enabling the
simultaneous transmission of data and power to devices over the same cable.
• Benefits: Simplifies installation (no need for separate power cables), reduces costs, and
provides flexibility in device placement.
• Standards: Defined by IEEE standards such as 802.3af, 802.3at (PoE+), and 802.3bt (PoE++).
• Applications: Commonly used for VoIP phones, wireless access points, IP cameras, and other
IoT devices where power sources may be inconvenient or costly to provide separately.

Identify Interface and Cable Issues:-


Collisions:
Collisions occur in Ethernet networks when two devices attempt to transmit data
simultaneously, resulting in data loss and performance degradation. To identify collisions,
monitor the network interface statistics. A high number of collisions indicates network
congestion or duplex mismatches. Use network monitoring tools like Wireshark or SNMP-based
tools to capture and analyse traffic patterns and collision counts on the network interfaces.

Errors:
Errors on network interfaces can indicate problems such as corrupted data packets, frame
errors, or physical layer issues. Check interface error counters (available in network
management tools or by using CLI commands on network devices). Look for CRC errors,
input/output errors, and other error types. Analyse syslog messages or logs from network
devices to identify recurring error patterns that could point to specific issues.
Mismatch Duplex:
Duplex mismatch occurs when two connected devices (e.g., switch and workstation) have
different duplex settings (e.g., one is set to full duplex, the other to half duplex).
Symptoms include performance degradation, packet loss, and intermittent connectivity issues.
To identify duplex mismatches, check the duplex settings configured on each device (usually
visible in network interface settings). Use network diagnostic tools to verify communication and
duplex negotiation between devices.

Mismatch Speed:
Speed mismatches occur when connected devices operate at different transmission speeds
(e.g., one at 100 Mbps and the other at 1 Gbps). This can lead to connectivity issues or network
instability. Check the speed settings configured on each device's network interface. Ensure they
are set to the same speed (e.g., 100 Mbps, 1 Gbps). Use network monitoring tools to confirm
the negotiated speed between connected devices.

Compare TCP and UDP:-

Transmission Control Protocol User Datagram Protocol


Provides reliable, ordered, and error-checked Does not guarantee reliable delivery of data and
delivery of data. It ensures that all packets are does not perform retransmissions. It's a "best effort"
received in the correct order by retransmitting lost protocol where packets may arrive out of order or go
or corrupted packets and managing flow control. missing without notice.
Connection-oriented protocol. Before data exchange Connectionless protocol. It does not establish a
begins, a connection must be established between dedicated end-to-end connection before sending
the sender and receiver. It includes a handshake data. Each UDP packet is handled independently.
(three-way handshake) to set up the connection.
Has a larger header size (20 bytes minimum) Has a smaller header size (8 bytes) as it includes only
compared to UDP due to additional control basic information such as source and destination
information needed for reliability (e.g., sequence ports, length, and a checksum.
numbers, acknowledgment, window size).
Used when reliable delivery and ordered data Used when speed and lower overhead are more
transmission are necessary, such as in web browsing, important than reliability, such as in real-time
email, file transfer (FTP), and most common communication (VoIP, video conferencing), online
applications that require error-free data gaming, DNS lookups, and streaming media where
transmission. some packet loss is acceptable.

Implements flow control and congestion control Does not have built-in mechanisms for flow control
mechanisms to manage the rate of data transmission or congestion control, relying instead on the
and prevent network congestion. application to handle these aspects if needed.
HTTP (web browsing), FTP (file transfer), SMTP DNS (Domain Name System), DHCP (Dynamic Host
(email), SSH (secure shell), Telnet. Configuration Protocol), VoIP (Voice over IP), online
gaming, streaming media (audio, video).
Describe the need for private IPv4 addressing:-
Private IPv4 addressing is necessary primarily due to the limited number of public IPv4 addresses available and
the need to conserve them. Here are the key reasons for using private IPv4 addresses:

1. Scarcity of Public IPv4 Addresses:


o There is a finite pool of public IPv4 addresses (approximately 4.3 billion), which has
been exhausted in many regions due to the rapid growth of the internet and connected
devices.
o Private IPv4 addresses allow organizations to create their own internal networks
without requiring unique public IP addresses for each device.

2. Cost Efficiency:
o Acquiring and maintaining public IPv4 addresses can be costly. By using private IPv4
addresses internally, organizations can save money and reduce operational expenses.

3. Security and Isolation:


o Private IPv4 addresses are not routable on the internet, which inherently provides a
level of security by isolating internal networks from the public internet.
o Devices with private IP addresses are not directly accessible from the internet without
network address translation (NAT) or proxy servers.

4. Flexibility and Scalability:


o Private IPv4 addresses can be reused across different internal networks, facilitating
network restructuring, mergers, or expansions without needing additional public IP
address allocations.
o It allows organizations to scale their internal networks efficiently without relying solely
on the availability of public IP addresses.

5. Regulatory Compliance:
o Some regulatory requirements and security policies mandate the use of private IP
addressing to maintain data privacy and security standards within an organization.
Example of Private IPv4 Address Ranges:
The Internet Assigned Numbers Authority (IANA) has reserved the following IPv4 address ranges
specifically for private use (as defined in RFC 1918):
• 10.0.0.0 - 10.255.255.255 (10.0.0.0/8)
• 172.16.0.0 - 172.31.255.255 (172.16.0.0/12)
• 192.168.0.0 - 192.168.255.255 (192.168.0.0/16)
These address ranges are not routed on the public internet and can be freely used within private networks.
In summary, private IPv4 addressing is essential for optimizing the use of public IPv4 addresses,
ensuring network security, reducing costs, and facilitating flexible network design and expansion. It enables
organizations to maintain efficient and secure internal communication without relying solely on public IP
resources.
Compare IPv6 address types:-

Global unicast addresses:


o Scope: These addresses are globally unique and routable on the IPv6 internet.
o Usage: Used for communication between devices over the internet.

Unique local addresses:


o Scope: Similar to IPv4's private addresses (like 10.0.0.0/8), unique local addresses are used
within a specific site or organization.
o Usage: Intended for local communication that does not need to be routed over the internet.

Link local addresses:


o Scope: Limited to a single network segment (link).
o Usage: Automatically assigned to interfaces for communication within the same network
segment.

Anycast addresses:
o Scope: Represents a group of devices, where a packet sent to an anycast address is
delivered to the nearest device in the group.
o Usage: Often used for load balancing or to provide services from multiple locations in a
network.

Multicast addresses:
o Scope: Represents a group of devices, where packets sent to a multicast address are
delivered to all devices in the group.
o Usage: Efficiently distributes data to multiple recipients simultaneously, commonly used in
multimedia streaming and network protocols.

Modified EUI-64 addresses:


o Scope: These are derived from the interface's 48-bit MAC address, typically used in the
creation of IPv6 addresses. o Usage: Simplifies address assignment and configuration on
IPv6 networks, ensuring uniqueness and routability.

Each type of IPv6 address serves specific purposes based on the scope and requirements of
communication within and between networks.
Describe Wireless Principles:-

Nonoverlapping Wi-Fi channels


Wi-Fi channels refer to the frequency bands used for wireless communication. In the 2.4 GHz band
(commonly used by Wi-Fi networks), there are 14 channels designated. However, only channels 1,
6, and 11 are nonoverlapping. This means that they can be used in close proximity to each other
without significant interference. Using nonoverlapping channels is crucial in dense Wi-Fi
environments to minimize interference and optimize network performance.

SSID (Service Set Identifier)


An SSID is the name of a wireless network. It serves as an identifier that allows devices to connect
to a specific Wi-Fi network. Users see SSIDs when they search for available networks on their
devices. It's important to configure SSIDs with unique names to differentiate one network from
another and to enhance security by avoiding default or easily guessable SSIDs.

RF (Radio Frequency)
RF refers to the range of electromagnetic frequencies above the audio range and below infrared
light. In the context of wireless communication, RF refers specifically to the frequencies used by
wireless signals to transmit data between devices. Wi-Fi operates in the RF spectrum, typically in
the 2.4 GHz and 5 GHz bands, which are regulated for communication purposes.

Encryption
Encryption in wireless communication refers to the process of encoding data transmitted over a
wireless network to prevent unauthorized access. Wi-Fi networks commonly use encryption
protocols such as WPA2 (Wi-Fi Protected Access 2) or WPA3, which encrypt data and require
authorized devices to have a pre-shared key (password) to access the network. Encryption helps
protect sensitive information from being intercepted or accessed by malicious entities.

Explain Virtualization Fundamentals:-

Virtualization refers to the creation of a virtual (rather than actual) version of something, such as a server,
operating system, storage device, or network resources. In the case of virtual machines, it involves
creating a virtual environment that behaves like a separate physical computer, complete with its own
virtual CPU (vCPU), memory (RAM), storage, and network interfaces. Components of Virtual
Machines
1. Hypervisor: Also known as a Virtual Machine Monitor (VMM), the hypervisor is software that
enables the creation and management of virtual machines on a physical host machine. It allocates
physical resources such as CPU, memory, and storage to each VM and manages their access to
these resources.
2. Guest Operating Systems: Each virtual machine runs its own guest operating system. These can
be different from the host operating system running on the physical machine. The guest OS
interacts with the virtual hardware provided by the hypervisor as if it were running on a physical
machine.

3. Virtual Hardware: The hypervisor presents virtual hardware components to each VM. These
include virtual CPUs (vCPUs), virtual RAM, virtual disk drives, and virtual network interfaces.
These components are created and managed by the hypervisor and abstracted from the physical
hardware.

Benefits of Virtualization
• Resource Utilization: Virtualization allows for better utilization of physical hardware
resources by running multiple virtual machines simultaneously on a single physical
server. This consolidation can lead to cost savings and improved efficiency.
• Isolation: Each virtual machine operates independently of others, providing a level of
isolation. This isolation enhances security and stability because issues within one VM
are less likely to affect others or the host system.
• Flexibility and Scalability: VMs are flexible and scalable. They can be easily created,
moved, or deleted without affecting other VMs or the physical hardware. This flexibility
supports dynamic allocation of resources based on workload demands.
• Testing and Development: Virtual machines are widely used for software testing and
development. They provide a sandbox environment where developers can test
applications on different operating systems and configurations without needing multiple
physical machines.

Types of Hypervisors:
There are two main types of hypervisors:

1. Type 1 (bare-metal): Installed directly on the physical hardware of the host


machine, Type 1 hypervisors manage VMs directly without needing a separate
host operating system. Examples include VMware ESXi, Microsoft Hyper-V, and
Citrix XenServer.

2. Type 2 (hosted): Installed on top of a host operating system, Type 2 hypervisors


create and manage VMs as software applications. They rely on the host OS for
management and resource allocation. Examples include VMware Workstation,
Oracle VirtualBox, and Parallels Desktop.

Use Cases
Virtualization is used in various scenarios, including:
• Server Consolidation: Running multiple server workloads on a single physical server.
• Desktop Virtualization: Delivering virtual desktops to end-users from centralized
servers.
• Disaster Recovery: Providing failover and recovery capabilities by replicating VMs.
• Cloud Computing: Enabling the infrastructure-as-a-service (IaaS) model where VMs can
be provisioned and managed remotely.
Describe Switching Concepts:-

MAC Learning and Aging


MAC learning is the process by which a switch builds and maintains a table that maps MAC
addresses to the physical ports on the switch. This table is known as the MAC address table or
the CAM (Content Addressable Memory) table.
• Process: When a switch receives a frame from a device, it examines the source MAC
address of the frame and records it along with the port from which it was received in its
MAC address table.
• Purpose: This allows the switch to quickly and efficiently forward frames to the correct
destination without broadcasting to all ports, which improves network efficiency.
MAC aging involves the removal of MAC addresses from the MAC address table after a certain
period of inactivity.
• Reason: Devices on a network may move or change, and MAC addresses associated
with old devices should not continue to occupy table space indefinitely. Aging ensures
that the table remains accurate and up-to-date.

Frame Switching
Frame switching is the process by which a switch forwards data frames from one port to
another based on the destination MAC address.
• Operation: Upon receiving a frame, the switch examines the destination MAC address in
the frame's header.
• Decision: Using its MAC address table, the switch determines the appropriate outgoing
port (or ports, in the case of VLANs or multicast) through which to forward the frame.
• Efficiency: Frame switching enables the switch to selectively forward frames only to the
intended recipient, reducing unnecessary network traffic compared to hubs, which
broadcast frames to all connected devices.

Frame Flooding
Frame flooding occurs when a switch receives a frame with a destination MAC address that is
not listed in its MAC address table.
• Scenario: If the destination MAC address is unknown to the switch (perhaps because it
hasn't learned it yet or the entry has expired due to aging), the switch will forward the
frame out of all ports except the one from which it was received.
• Purpose: This ensures that the frame reaches its destination if the destination device is
on the network, albeit at the cost of potentially increased network traffic.

MAC Address Table


The MAC address table (or CAM table) is a critical component of a switch's operation. It
contains entries mapping MAC addresses to the physical ports on the switch. The switch
consults this table to determine where to forward incoming frames based on their destination
MAC addresses. Entries in the MAC address table are dynamically updated through MAC
learning and are removed after a certain period of inactivity (aging) to maintain accuracy.

You might also like