Monday, 20 August 2012

Networking Basics - Part 1

This is the Basic Tutorial About Networking.....
Hope you all will be benefited form this.... 
Contents
1. Ressources used for that tutorial
2. IP addresses (ipv4) and TCP/IP -> part one
3. Subnetting (the basics) -> part one
4. NAT (the basics) -> part one
5. VLANs -> part one
6. Link Aggregation -> part two
7. Spanning Tree (the basics) -> part two
8. IP Routing (the basics) -> part two
9. Something about network design -> part two

1. Ressources used for that tutorial
- HP Networking student guides
- HP Networking configuration guides
- Cisco student guides
- HP and Cisco website
- various other websites

2. IP addresses (ipv4)
A IP address is an address in computer networks which are based on the Internet Protocol (IP). For making a device reachable on the network it has to have a ip address.
Basically you can say it like this (I like this explanation so I just copied it from an nmap book):
At its most basic level, IP is a truck-for-hire that carries data shipments across the roads of the network. IP doesn't care what's in the back of the truck; its only goal is to
make sure that the truck and its cargo of data get safely from one side of the network to the other.

Just like a real truck, every IP truck needs a starting address to pick up the shipment and a final destination address where the data will be unloaded. In the real world, we think of
these as street addresses. In the TCP/IP world, these addresses are usually represented as four decimal numbers between 0 and 255, such as 192.168.0.1 or 10.155.232.17. Before a
station can communicate across the network, the IP address of the destination station must be identified so the IP truck will know where to drive. You wouldn't take a trip
without knowing where you were going!

TCP/IP

To move data across the network, simply knowing the IP address of the end station isn't enough to complete the transfer. The cargo in the IP truck must be loaded on one end,
and unloaded on the other. The originating station must also identify who will be unloading the truck on the other end, and add that information to the shipment manifest.
Instead of names, networks use numbers called ports to represent the entity that will be loading or unloading the data cargo from the IP packet.

A port is a number between 1 and 65,535, and port number references are usually specific to an application. In many cases, an application's port number is a commonly known port
number. For example, nearly every web server on the Internet uses port 80 to receive web traffic.

You can find a list of well known ports here: Here

How is TCP working

As you know there are many Firewalls or Packet filters out there. If the IP packet is droped by such a device you will never notice because IP has no verification of arrivement.
IP doesn't even check if the destination is reachable. There comes the tcp three-way-handshake into play. Before TCP/IP sends data to the destination address (defined in the ip header) it sends out some 
Synchronisation packets to make sure the destination is reachable and is listening on the specific TCP port (defined in the tcp header).

1. the source sends a Synchronisation packet called SYN frame (The SYN frame includes initial sequence numbers and the port that will be used for the conversation, as well as other initialization parameters.)
2. The destination station receives the SYN frame. If everything is in agreement, it sends an acknowledgement to the SYN (called an ACK) and its own SYN parameters.
3. The soruce station receives the ACK to its original SYN, as well as the SYN from the destination device. Assuming everything is in order, the source station sends an ACK to the destination station's SYN

This handshake occurs every time a TCP session is established.

Ok, this one is not really important to know but I will tell it anyway ;-)
TCP, in my opinion was made for a local network and not for the internet. Just imagine you have connected to companies via MPLS or Site to Site VPN. 
One is located in China and the other one is located somewhere in Europe. You will have a high latency link with a round trip time of 200ms (it's maybe a bit high but I want to make that somewhat clearer). Someone from china wants to open a file located on a fileserver in the datacenter in europe. Let's think about Windows file sharing which is SMB protocol (tcp/445). 
So it takes 600ms for the three-way-handshake to complete and the file is not tranfered until this is through. By the way... SMB is one of the worst protocols I have seen for the WAN as it consumes all
bandwidth which is free at the beginning of a file transfer. If you ever have problems like this you will need to look at WAN Optimization Appliances like Riverbed Steelhead. 
They can deal with this problem. They are very impressive and it's a lot of fun to work with these boxes. 


Different types of IP addresses
As you may have heared there are different types of IP addresses called public and private range.
The public range is reserved for devices on the internet and should not be used in your private network as this can cause trouble in your local network.

CIDR address rangeaddress rangeDescriptionRFC
0.0.0.0/80.0.0.0 to 0.255.255.255actual network (only valid as source address)RFC 3232 (replaced RFC 1700)
10.0.0.0/810.0.0.0 to 10.255.255.255Range for private use (in your LAN)RFC 1918
100.64.0.0/10100.64.0.0 to 100.127.255.255multiple used address space for provider-NATRFC 6598
127.0.0.0/8127.0.0.0 to 127.255.255.255localnetRFC 3330
169.254.0.0/16169.254.0.0 to 169.254.255.255ZeroconfRFC 3927
172.16.0.0/12172.16.0.0 to 172.31.255.255Range for private use (in your LAN)RFC 1918
192.0.0.0/24192.0.0.0 to 192.0.0.255reserved for public use
192.0.2.0/24192.0.2.0 to 192.0.2.255documentation and samplecode (TEST-NET-1)RFC 5737 (replaced RFC 3330)
192.88.99.0/24192.88.99.0 to 192.88.99.2556to4 Anycast (for redirecting)RFC 3068
192.168.0.0/16192.168.0.0 to 192.168.255.255Range for private use (in your LAN)RFC 1918
198.18.0.0/15198.18.0.0 to 198.19.255.255Network benchmark testsRFC 2544
198.51.100.0/24198.51.100.0 to 198.51.100.255documentation and samplecode (TEST-NET-2)RFC 5737
203.0.113.0/24203.0.113.0 to 203.0.113.255documentation and samplecode (TEST-NET-3)RFC 5737
224.0.0.0/4224.0.0.0 to 239.255.255.255Multicast Network (formerly class D network)RFC 3171
240.0.0.0/4240.0.0.0 to 255.255.255.255reserved (formerly class E network)RFC 3232 (replaced RFC 1700)
255.255.255.255255.255.255.255Broadcast
                    

As you may have noticed there are some ranges missing. The missing ranges are for public use on the internet. If you planed scanning the internet you should leave the above ranges.        

What does CIDR mean
CIDR is short for classless inter domain routing and is a type of subnet notation. I will explain it in the subnetting part

3. Subnetting (the basics)
Everyone of you has seen a subnetmask before. But what is the meaning of such an address. One little sample:
Lets assume you have a network 192.168.1.0/24. /24 is the CIDR subnet notation and means 255.255.255.0
A subnetmask is devided into a network part and a host part. the network part must be the same for all hosts on the same subnet. The host part describes how many host can be located in that subnet.
To understand this you need to write the subnetmask in binary form 255.255.255.0 in binary is 11111111.11111111.11111111.00000000
Ok all 0's are the host part and all 1's are the network part. You may have recognized that the count of 1's is 24 which is the CIDR notation for that subnet.
Just one example more on CIDR: 255.255.255.128 in binary is: 11111111.11111111.11111111.10000000 CIDR would be /25.

How to calculate binary to decimal
This is not as hard as you may think ;-) 1 byte consists of 8 bit. 1 byte can be any number between 0 (all bits are 0) and 255 (all bits are 1) which are 256 possibilities.
Let's say you have one byte which looks like this 00000011. every one is counted and set as potence to 2. This means in this case you have to calculate 2 to the power of 2 which is 4. 
for example you have 255.255.255.224 which is 11100000 in CIDR /27. You can now invert this to 00011111. Count the 1's and you have 2 to the power of 5 which is 32. This means you have 32 addresses in that subnet. But you can only use 30 addresses of this space as the first and the last address is reserved. You can take this subnet 192.168.1.0/27. 192.168.1.0 would be the network address and 192.168.1.31 would be the broadcast address. So you can use the range of 192.168.1.1 - 192.168.1.30

To make that somewhat clearer I copy something from the cisco learner network:
Here is how binary octets convert to decimal: The right most bit, or least significant bit, of an octet holds a value of 2 to the power of 0. The bit just to the left of that holds a value of 2 to the power of 1. This continues until the left-most bit, or most significant bit, which holds a value of 2 to the power of 7. So if all binary bits are a one, the decimal equivalent would be 255 as shown here:

        1  1  1  1 1 1 1 1
      128 64 32 16 8 4 2 1 (128+64+32+16+8+4+2+1=255)

Here is a sample octet conversion when not all of the bits are set to 1.

      0  1 0 0 0 0 0 1
      0 64 0 0 0 0 0 1 (0+64+0+0+0+0+0+1=65)

And this sample shows an IP address represented in both binary and decimal.

            10.       1.      23.      19 (decimal)
      00001010.00000001.00010111.00010011 (binary)



separte a class c network (/24) into subnets (this is from cisco. One question you will always find on a CCNA Certification test)
we take a subnet of 192.168.1.0/24 and seperate that into five subnets. Here are the requirements:
Subnet A: has 14 hosts
Subnet B: has 28 hosts
Subnet C: has 2 hosts
Subnet D: has 7 hosts
Subnet E: has 28 hosts

Is this possible with our class C network of 192.168.1.0/24? 
You can start by looking at the subnet requirement. In order to create the five needed subnets you would need to use three bits from the Class C host bits. Two bits would only allow you four subnets (2 to the power of 2 which is 4 (2x2)).
Since you need three subnet bits, that leaves you with five bits for the host portion of the address. How many hosts does this support? 2 to the power of 5 = 32 (30 usable). This meets the requirement.

your subnets may look like this:
Subnet A: 192.168.1.0/27      host address range 1 to 30
Subnet B: 192.168.1.32/27     host address range 33 to 62
Subnet C: 192.168.1.64/27     host address range 65 to 94
Subnet D: 192.168.1.96/27     host address range 97 to 126
Subnet E: 192.168.1.128/27    host address range 129 to 158

As this exapmle told you need three bits of your subnet host part. The host part was 00000000 and if you need three bits as explained above the subnetmask for each host looks like 11100000 which is 224 in decimal. So your subnetmasks are 255.255.255.224

As I know this is difficult if you read this for the first time I have another example
We want wo seperate the class C network 192.168.1.0/24 into 4 subnets. Each subnet should be able to have 50 clients. 2 to the power of 2 is 4 which means you need two bits from your host part for the network part. 8-2 is 6 and 2 to the power of 6 is 64 (62 usable). Ok now we know that this is possible. Lets take our host part which is 00000000 and change it to our requirements 11000000.
This is given us a subnet mask of 255.255.255.192 (which is calculated by 256-64=192 or 128+64=192)

Subnet A: 192.168.1.0/26    host address range 1 to 62
Subnet B: 192.168.1.64/26    host address range 65 to 126
Subnet C: 192.168.1.128/26    host address range 129 to 190
Subnet D: 192.168.1.192/26    host address range 193 to 254

Ok... I think this should fit for now. If you want to you can try to seperate this subnet into 8 pieces with at least 25 host per subnet. Is this possible? you can post the answer if you want to ;-)

4. NAT
As this is widley used I want to tell you a bit about what is NAT and what it is doing. NAT is short for network address translation and everyone of you is using NAT at home.
NAT is a collective term of methods which are automating the process of changing network adddress information of network packets. This is used to connected different networks with each other and for this it is typically used on routers.

Types of NAT
NAT is seperated into two different types: Source-NAT and Destination-NAT. With Source-NAT the address information of the client which is establishing the connection is beeing replaced. 
With Destination-NAT the address information of the destination client is beeing translated.
So everyone of you is using Source-NAT on your ISP Router to access the internet. As seen on the list of IP address ranges you should all be using privat IP addresses in your home network.
Your ISP assigns a public IP address to you that you can access the internet. Your router will allways translate your internal ip address to the public one which is assigned to you.
So nobody on the internet will see your internal ip address. NAT and also PAT (Port address translation) is always taking place when you try to reach the internet. 
As NAT is a very complex area which could fill a Thread on it's own I will be leaving that for now. If someone is interested in that and want's to know more about it like how it is configured on a cisco device like ios router and firewall just give me a sign and I will write something about that. 

5. VLANs
VLANs is a very widley used type of implementing different subnets on one network hardware. In the very old days you needed to have network hardware for every subnet and you needed extra routers for connecting them. Today you can use VLANs for that task. VLAN is short for (virtual local area network). The main reason for using vlans is to have less network hardware and of course the same reason why you should do subnetting. One of the main reasons is to hold the broadcast domain as small as possible. If there is a client on the network which is configured to use DHCP it will send out a broadcast message with a DHCP-Request. As you know broadcast messages are sent to all clients in that broadcast domain (subnet). So if you have a subnet with thousands of usable ip addresses the traffic will be much higher then in a Network with 254 usable addresses. The second reason is that you want to put together what belongs together (subnet for printers, servers, different clients in different departments of your company). If these types of hardware are seperated you have the possibility to only allow connections to subnets which are required for the specific network with routing everything through an internal firewall or by implementing ACLs (Access Control Lists) on the switches (mainly on the routing switch).

How is a vlan configured on a hp/cisco switch

After you logged in to the switch you first need to get into a higher privileged account (manager account)
On HP switches by default you have two users called operator and manager. The operator is only allowed to do some basic show commands.
The manager is like the root user and can do everything. If you are the operator you will see this sign at the end of the promt of the command line >
The manager level has this sign #
Then you need to enter the configuration mode

Code:
hpswitch> enable
password manager:
hpswitch# configure terminal
hpswitch(config)#

Cisco doesn't have manager or operator accounts. Cisco is working with privilege levels 1 is the lowest and 15 is the highest. So you have to make sure you use a account with a higher privilege then 12

Code:
ciscoswitch> enable
enable password:
ciscoswitch# configure terminal
ciscoswitch(config)#

Then you can start creating your VLAN. You need to assign a number to your vlan which can be 1 - 4096 (depending on your switch and software version)
VLAN 1 is always the default vlan and should not be used. You can add interfaces to a vlan and if you aren't careful you can erase a port from a vlan which is not member of any other vlan.
This could lead to some orphan ports. Anytime you do this the switch will assign this port to the default vlan to take care about this problem.

Code:
hpswitch(config)# vlan 5
hpswitch(vlan-5)# name "Sales_department"
hpswitch(vlan-5)# ip address 10.10.10.1 255.255.255.0
hpswitch(vlan-5)# untagged 1-22
hpswitch(vlan-5)# tagged 23-24
hpswitch(vlan-5)# exit
hpswitch(config)# write memory


Code:
ciscoswitch(config)# interface vlan 5
ciscoswitch(config-subif)# name "Sales_department"
ciscoswitch(config-subif)# ip address 10.10.10.1 255.255.255.0
ciscoswitch(config-subif)# exit
ciscoswitch(config)# interface gigabitethernet 1/0/1
ciscoswitch(config-if)# switchport mode access
ciscoswitch(config-if)# switchport access vlan 5
ciscoswitch(config-if)# exit
[repeat that for every interface which should be untagged member of that vlan]
[you can also define interface ranges interface range gigabitethernet 1/0/1 - 1/0/22]
ciscoswitch(config)# interface gigabitethernet 1/0/23
ciscoswitch(config-if)# switchport encapsulation dot1q
ciscoswitch(config-if)# switchport mode trunk
ciscoswitch(config-if)# switchport trunk allowed vlans 5
ciscoswitch(config-if)# exit
[repeat that for every interface which should be tagged member of that vlan]
[you can also define interface ranges interface range gigabitethernet 1/0/23 - 1/0/24]
ciscoswitch(config)# write memory
[on old devices this is copy running-config startup-config]

You should know that everything you enter on command line is working at the time you hit enter.
If the switch reboots all changes are gone until you write them to the flash memory.

What is that tagged and untagged mean?
There is a ethernet standard for that called 802.1q. keeping this simple: a network packet leaving a 802.1q port will be extended by the switch with additional 14 bytes.
This place is used to put in some vlan informations. This field is also used for QoS DSCP or IP Precedence values.
A untagged port (or access port in cisco language) can only be a member of one vlan. If you want do make the vlans on one switch available on another you need to configure the uplinkport as tagged member of every vlan you want to share (or make a trunk port in cisco language).

You can configure vlans with no ip address. A ip address on a vlan is only needed on the routing switches. A vlan without an ip address can't be routed. You can use this for isolating vlans such as guestnets.

As you may have recognized there are many differences in the way things are called in cisco "language" and the "rest of the world" language. If you talk with somebody about networks you should decide which language you want to talk. For example a trunk port in cisco "language" is a tagged port in the "rest of the world" language. A trunk in the "rest of the world language" means that a link aggregation was made. Cisco calls this an etherchannel or portchannel.



Enjoy :)

No comments:

Post a Comment