Sunday, November 8, 2009

Configuring Email POP3 and SMTP


You may now use your domain's mail server for outgoing mail rather than your ISP's if you configure your email client correctly. One of the two choices below should work.

POP Before SMTP

If your POP3 Login name is the same as the email address to the left of the '@' symbol you may use "POP Before SMTP" which opens a window for you to send out through our server.

SMTP Authentication

If you are not able to use "POP Before SMTP" you may use SMTP Authentication by configuring your email client. Check the box for "My outgoing server (SMTP) requires authentication"

In the example below from Outlook 2003 you would check the box "My outgoing server (SMTP) requires authentication:



SMTP SERVER

Best SMTP Server is a high-performance SMTP/POP3 server program. It can be used as a local POP3/SMTP server for your corporation or as a desktop application on your laptop. It will accept mail on behalf of your users and store it, until your users will retrieve it using POP3. Our main purpose in developing this server was to deliver the easiest possible configuration, while allowing you to be able to tweak any advanced features you want. We have completely redesigned the internal engine of the server, and made every possible effort to make it as fast and robust as possible. This way you will be able to concentrate on your day to day tasks instead of trying to tweak your mail server. This server can be used along with virtually any mailer or email client program that is compliant with SMTP protocol. It is simple, light-weight, powerful and absolutely bullet-proof. It has a lot of security features and options that allow you to protect the server from DDoS attacks as well as safely block most of the SPAM and spammers. SMTP and POP3 servers work as NT services therefore they will keep working even when no users are logged in. For software debugging and testing purposes, the program has a testing mode you can use to check if your email clients work correctly. All messages will be accepted, but will not be sent further. They will be immediately discarded so that you can check if your mail client works correctly according to SMTP protocol. You can have multiple SMTP gateways in your server if you travel a lot with your laptop. This way, even if you cannot deliver your email directly to the destination, you will be able to still send it using one of the gateways. Newly added feature is advanced, parameterized mailing list management. This is not present in any of the other SMTP servers. Using this feature you can actually use this server as a mass mailer. You can create as many parameterized mailing lists as you like and customize each message that is sent to the member of the mailing list with up to 50 string parameters.

Best SMTP Server offers the following features:

Local and Internet delivery of email messages for your users.
Easy and intuitive configuration without lots of complicated configuration files. Everything is configured through the standalone GUI interface.
Works well as corporate server and as a personal SMTP relay that you can take with you on the road. No need to reconfigure.
Delivers email directly or using a gateway in cases where direct delivery is not possible.
High-performance multithreaded engine for mail sending and mail receiving.
Anti-spam and anti-DDoS attack prevention mechanism built into the server.
Encryption of messages in the message queue and in local user's directories for added protection of privacy.

Thursday, October 22, 2009

Classful vs. Classless Routing

Classful vs Classless routing protocols=

Classful routing protocols do not send subnet mask information with their
routing updates. A router running a classful routing protocol will react in one
of two ways when receiving a route:

• If the router has a directly connected interface belonging to the same
major network, it will apply the same subnet mask as that interface.

• If the router does not have any interfaces belonging to the same major
network, it will apply the classful subnet mask to the route.
Belonging to same “major network” simply indicates that they belong to the
same “classful” network. For example:

• 10.3.1.0 and 10.5.5.0 belong to the same major network (10.0.0.0)
• 10.1.4.5 and 11.1.4.4 do not belong to the same major network
• 192.168.1.1 and 192.168.1.254 belong to the same major network
(192.168.1.0)
• 192.168.1.5 and 192.167.2.5 do not belong to the same major
network.
Take the following example (assume the routing protocol is classful):
If Router B sends a routing update to Router A, it will not include the subnet
mask for the 10.2.0.0 network. Thus, Router A must make a decision.
If Router A has a directly connected interface that belongs to the same major
network (10.0.0.0), it will use the subnet mask of that interface for the route.
For example, if Router A has an interface on the 10.4.0.0/16 network, it will
apply a subnet mask of /16 to the 10.2.0.0 network.
If Router A does not have a directly connected interfacing belonging to the
same major network, it will apply the classful subnet mask of /8. This can
obviously cause routing difficulties.
When using classful routing protocols, the subnet mask must remain
consistent throughout your entire network.

The Difference Between Traceroute and Ping

When data is sent over the Internet, it's sent in small blocks of data, called packets. Messages are divided into packets before they are sent, and each packet is then transmitted individually and can even follow different routes to its destination. Once all the packets forming a message arrive at the destination, they are recompiled into the original message.

Sometimes when you are trying to send or receive data over the Internet you may experience timeouts, or a Web server may be down, which prevents you from accessing services and Web sites. There are two common programs that can be used to test your Internet connection and even help you diagnose congestion between your computer (your ISP) and the destination server you're trying to reach. The programs you can use are called Ping and Traceroute.


Ping =

Ping (also written as PING or ping) is a utility that you use to determine whether or not a specific IP address is accessible. Ping works by sending a packet to a specified address and waiting for a reply. Ping is used primarily to troubleshoot Internet connections and there are many freeware and shareware Ping utilities available for download.

On a Windows PC you can run Ping using a command prompt. To do this, go to the Windows Start button, choose Programs, then MSDOS Prompt. When you get the C: prompt, type ping followed by the destination server name or an IP address, for example, ping google.com.

Ping will test the speed of your connection to the server and will tell you how long a packet (32 bytes in size) takes to go from your computer to the host and back to your computer again.



Ping Localhost
When setting up a network you can use the ping command to make sure all of the computers are "alive" (at least in the TCP/IP sense). To do this, go to the Windows Start button, choose Programs, then MSDOS Prompt. When you get the C: prompt, type ping 127.0.0.1

If everything is OK, you should get the following response (or something similar):


Pinging 127.0.0.1 with 32 bytes of data

Reply from 127.0.0.1: bytes=32 time<10ms ttl="32
Reply from 127.0.0.1: bytes=32 time<10ms ttl="32
Reply from 127.0.0.1: bytes=32 time<10ms ttl="32
Reply from 127.0.0.1: bytes=32 time<10ms ttl="32

This means that TCP/IP is working on the machine that you are typing on. 127.0.0.1 is a special address that "loops back" to the machine you are pinging from. You can also type ping localhost and receive a similar response, since localhost and 127.0.0.1 mean the same thing.


Traceroute=


Traceroute is a utility that traces a packet from your computer to an Internet host, but it will show you how many hops the packet requires to reach the host and how long each hop takes. If you're visiting a Web site and pages are appearing slowly, you can use traceroute to figure out where the longest delays are occurring. Traceroute utilities work by sending packets with low time-to-live (TTL) fields. The TTL value specifies how many hops the packet is allowed before it is returned. When a packet can't reach its destination because the TTL value is too low, the last host returns the packet and identifies itself. By sending a series of packets and incrementing the TTL value with each successive packet, traceroute finds out who all the intermediary hosts are.

The original traceroute is a UNIX utility, but nearly all platforms have something similar. Windows includes a traceroute utility called tracert. On a Windows PC you can run traceroute using a command prompt To do this, go to the Windows Start button, choose Programs, then MSDOS Prompt. When you get the C: prompt, type tracert followed by the destination server name or an IP address, for example: tracert google.com




If any of the hops come back with * Request timed out, this denotes network congestion and a reason for slow loading Web pages and dropped connections.



You can basically use Ping and Traceroute to self-diagnose problems with your Internet connection. When you view the results this shows you where the problem lies &$151; with your own computer, on the network, or to see if it is the server you are trying to reach that is experiencing issues.

So, What's the Difference Again?
The main difference between the common Ping and Traceroute commands is that Ping is a quick and easy way to tell you if the destination server is online and estimates how long it takes to send ands receive data to the destination. Traceroute tells you the exact route you take to reach the server from your computer (ISP) and how long each hop takes.




Monday, September 28, 2009

Routing, Routed and Non-RoutableProtocols

ROUTING PROTOCOLS

ROUTING PROTOCOLS are the software that allow routers to dynamically advertise and learn routes, determine which routes are available and which are the most efficient routes to a destination. Routing protocols used by the Internet Protocol suite include:

Routing is the process of moving data from one network to another network. Within a network, all hosts are directly accessable and do not need to pass data through a default gateway. All hosts on the same network are directly connected and can communicate directly with each other.



ROUTED PROTOCOLS

ROUTED PROTOCOLS are nothing more than data being transported across the networks. Routed protocols include:

  • Internet Protocol
    • Telnet
    • Remote Procedure Call (RPC)
    • SNMP
    • SMTP
  • Novell IPX
  • Open Standards Institute networking protocol
  • DECnet
  • Appletalk
  • Banyan Vines
  • Xerox Network System (XNS)

Outside a network, specialized devices called ROUTERS are used to perform the routing process of forwarding packets between networks. Routers are connected to the edges of two or more networks to provide connectivity between them. These devices are usually dedicated machines with specialized hardware and software to speed up the routing process. These devices send and receive routing information to each other about networks that they can and cannot reach. Routers examine all routes to a destination, determine which routes have the best metric, and insert one or more routes into the IP routing table on the router. By maintaining a current list of known routes, routers can quicky and efficiently send your information on it's way when received.

There are many companies that produce routers: Cisco, Juniper, Bay, Nortel, 3Com, Cabletron, etc. Each company's product is different in how it is configured, but most will interoperate so long as they share common physical and data link layer protocols (Cisco HDLC or PPP over serial, Ethernet etc.). Before purchasing a router for your business, always check with your Internet provider to see what equipment they use, and choose a router which will interoperate with your Internet provider's equipment.

NON-ROUTABLE PROTOCOLS

NON-ROUTABLE PROTOCOLS cannot survive being routed. Non-routable protocols presume that all computers they will ever communicate with are on the same network (to get them working in a routed environment, you must bridge the networks). Todays modern networks are not very tolerant of protocols that do not understand the concept of a multi-segment network and most of these protocols are dying or falling out of use.
  • NetBEUI
  • DLC
  • LAT
  • DRP
  • MOP

What you mean by RIP v1,v2,OSPF,IGRP,EIGRP?

What you mean by RIP v1,v2,OSPF,IGRP,EIGRP?


What you mean by RIP v1,v2,OSPF,IGRP,EIGRP?

76
rate or flag this page

By karthickjck


ROUTING PROTOCOL

 

RIP V1: It is a simple distance vector protocol. It has been enhance with various techniques, including Split Horizon and Poison Reverse in order to enable it to perform better in complicated network

The longest path cannot exceed 15 hops.

RIP uses static metrics to compare routes.

ADMINISTRATIVE DISTANCE:120

METRIC:HOB COUNT

What you mean by RIP v2?

RIP V2: It added several new features.

External route tags.

Subnet masks

Next hop router addresses.

Authentication.

Multicast support.

METRIC:SAME AS RIP V1

Explain about OSPF?

OSPF: Open Shortest Path First is a dynamic routing protocol for use in Internt Protocol(IP networks).It is a link state routing protocols. It falls into the group of interior gateway protocols, operating within an autonomous system(AS). Link-State routing protocol that calls for the sending of link-state advertisements (LSAs) to all other routers within the same hierarchial area. Information on attached interfaces, metrics used, and other variables is included in OSPF LSAs. As OSPF routers accumulate link-state information, they use the SPF algorithm to calculate the shortest path to each node.

METRIC: COST=bandwidth/interface bandwidth

AD:110

Explain about EIGRP?

EIGRP: EIGRP is a Cisco proprietary routing protocol derived from IGRP. EIGRP can be called as hybrid protocol or an advanced distance-vector routing protocol, with optimizations to minimize both the routing instability incurred after topology changes, as well as the use of bandwidth and procession power in the router. Routers that support EIGRP will automatically redistribute route information to IGRP neighbors by converting the 32 bit EIGRP metric to the 24 bit IGRP metric. Most of the routing optimizations are based on the Diffusing update Algorithm(DUAL).

MERIC: Load, delay,bandwidth, reliability and MTU

Explain about IGRP?

IGRP:IGRP is a distance vector Interior Gateway Protocol(IGP). Distance vector routing protocols mathematically compare routes using some measurement of distance. This measurement is know as distance vector. Routers using a distance vector protocol must send all or a portion of their routing table in a routing-update message at regular intervals to each of their neighboring routers. As routing information proliferates through the network, routers can identify new destinations as they are added to the network, learn of failures in the network, and, most improtanly, calculate distances to all know destinations. IGRP uses a composite metric that is calculated by factoring weighted mathematical values for internetwork delay, bandwidth, reliability, and load. Network administrators can set the weighting factors for each of these metrics. Default metrics are Reliability and load.

Administrative Distance:100

MERIC: Load, delay,bandwidth, reliability and MTU


Thursday, September 3, 2009

What is CDMA?

CDMA=

CDMA stands for Code Division Multiple Access. It is a technique used for digital communication, and wireless technology in particular, that involves multiplexing. Whereas conventional communication systems use constant frequencies, CDMA uses multiple access, or multiplexing. Multiplexing, in this case accomplished through the specific type known as spread spectrum, uses varied frequencies to transmit audio signals. This, coupled with code division which requires a certain code to send and receive the frequency, further protects CDMA communications from interference.

Radio systems, one of the earliest forms of telecommunication, required users to have distinct frequencies. Two earlier forms of wireless communication illustrated the limits of methods previous to CDMA. Frequency Division Multiple Access or FDMA only allowed users to operate on a single frequency. For instance, when tuning in to a radio to get sound, a listener must select one frequency or the other. The listener must also tune the frequency to filter out noise in the spectrum that is not associated with one frequency or the other.

The other form of early radio communication was Time Division Multiple Access or TDMA. In this case, users could not share a frequency and each user had to coordinate his or her turn on that frequency in order to communicate. Both FDMA and TDMA posed restrictions for early users, particularly the military. As early as World War II, the military needed to communicate across vast distances that required wireless technology. That was also the case for their adversaries. Military communication units did not have time to wait their turn to transmit sound, or to find a frequency.

Previous telecommunication systems allowed military communication units to transmit sound into the same spectrum their adversaries used. The military’s signals needed a unique identification through a distinct code to avoid interference from enemy communication. The receiver of that message on the other end could similarly retrieve the message based on its unique code in the spectrum.

Just as the radio moved from military use to commercial use, so too was the case with the wireless technology. CDMA became the early choice for personal communication because it could allow multiple users to communicate within the spectrum, avoiding interference or blocking among users. In 1999, CDMA became the standard technology for the telecommunications industry for its growing wireless systems. Since there are large numbers of users in the system communicating at the same time, code division ensures that each user’s signal remains separate in the spectrum.

What is Firewall?

Firewall=
A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.

There are several types of firewall techniques:

  • Packet filter: Looks at each packet entering or leaving the network and accepts or rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP spoofing.
  • Application gateway: Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose a performance degradation.
  • Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.
  • Proxy server: Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses.
  • In practice, many firewalls use two or more of these techniques in concert.

    A firewall is considered a first line of defense in protecting private information. For greater security, data can be encrypted.





    what is VPN?

    What is a virtual private network (VPN)?

    A virtual private network (VPN) is a network that uses a public telecommunication infrastructure, such as the Internet, to provide remote offices or individual users with secure access to their organization's network. A virtual private network can be contrasted with an expensive system of owned or leased lines that can only be used by one organization. The goal of a VPN is to provide the organization with the same capabilities, but at a much lower cost.

    A VPN works by using the shared public infrastructure while maintaining privacy through security procedures and tunneling protocols such as the Layer Two Tunneling Protocol (L2TP). In effect, the protocols, by encrypting data at the sending end and decrypting it at the receiving end, send the data through a "tunnel" that cannot be "entered" by data that is not properly encrypted. An additional level of security involves encrypting not only the data, but also the originating and receiving network addresses.



    Tuesday, September 1, 2009

    ping command

    he ping command is useful for determining the status of the network and various foreign hosts, tracking and isolating hardware and software problems, and testing, measuring, and managing networks

    Some ping command options relevant to performance tuning are as follows:

    -c
    Specifies the number of packets. This option is useful when you get an IP trace log. You can capture a minimum of ping packets.
    -s
    Specifies the length of packets. You can use this option to check fragmentation and reassembly.
    -f
    Sends the packets at 10 ms intervals or immediately after each response. Only the root user can use this option.
    If you need to load your network or systems, the -f option is convenient. For example, if you suspect that your problem is caused by a heavy load, load your environment intentionally to confirm your suspicion. Open several aixterm windows and run the ping -f command in each window. Your Ethernet utilization quickly gets to around 100 percent. The following is an example:
    # date; ping -c 1000 -f 192.1.6.1 ; date
    Thu Feb 12 10:51:00 CST 2004
    PING 192.1.6.1 (192.1.6.1): 56 data bytes
    .
    --- 192.1.6.1 ping statistics ---
    1000 packets transmitted, 1000 packets received, 0% packet loss
    round-trip min/avg/max = 1/1/23 ms
    Thu Feb 12 10:51:00 CST 2004
    Note: The ping command can be very hard on a network and should be used with caution. Flood-pinging can only be performed by the root user.

    In this example, 1000 packets were sent within 1 second. Be aware that this command uses IP and Internet Control Message Protocol (ICMP) protocol and therefore, no transport protocol (UDP/TCP) and application activities are involved. The measured data, such as round-trip time, does not reflect the total performance characteristics.

    When you try to send a flood of packets to your destination, consider several points:

    • Sending packets puts a load on your system.
    • Use the netstat -i command to monitor the status of your network interface during the experiment. You may find that the system is dropping packets during a send by looking at the Oerrs output.
    • You should also monitor other resources, such as mbufs and send/receive queue. It can be difficult to place a heavy load onto the destination system. Your system might be overloaded before the other system is.
    • Consider the relativity of the results. If you want to monitor or test just one destination system, do the same experiment on some other systems for comparison, because your network or router might have a problem.

    Telnet

    A terminal emulation program for TCP/IP networks such as the Internet. The Telnet program runs on your computer and connects your PC to a server on the network. You can then enter commands through the Telnet program and they will be executed as if you were entering them directly on the server console. This enables you to control the server and communicate with other servers on the network. To start a Telnet session, you must log in to a server by entering a valid username and password. Telnet is a common way to remotely control Web servers.

    DHCP

    Short for Dynamic Host Configuration Protocol, a protocol for assigning dynamic IP addresses to devices on a network. With dynamic addressing, a device can have a different IP address every time it connects to the network. In some systems, the device's IP address can even change while it is still connected. DHCP also supports a mix of static and dynamic IP addresses.

    Dynamic addressing simplifies network administration because the software keeps track of IP addresses rather than requiring an administrator to manage the task. This means that a new computer can be added to a network without the hassle of manually assigning it a unique IP address. Many ISPs use dynamic IP addressing for dial-up users.

    Difference in Hub, Switch, Bridge, & Router

    Difference in Hub, Switch, Bridge, & Router


    Hub
    A hub is the simplest of these devices. Any data packet coming from one port is sent to all other ports. It is then up to the receiving computer to decide if the packet is for it. Imagine packets going through a hub as messages going into a mailing list. The mail is sent out to everyone and it is up to the receiving party to decide if it is of interest.

    The biggest problem with hubs is their simplicity. Since every packet is sent out to every computer on the network, there is a lot of wasted transmission. This means that the network can easily become bogged down.

    Hubs are typically used on small networks where the amount of data going across the network is never very high.

    Bridge
    A bridge goes one step up on a hub in that it looks at the destination of the packet before sending. If the destination address is not on the other side of the bridge it will not transmit the data.

    A bridge only has one incoming and one outgoing port.

    To build on the email analogy above, the bridge is allowed to decide if the message should continue on. It reads the address bob@smith.com and decides if there is a bob@smith.com on the other side. If there isn’t, the message will not be transmitted.

    Bridges are typically used to separate parts of a network that do not need to communicate regularly, but still need to be connected.

    Switch
    A switch steps up on a bridge in that it has multiple ports. When a packet comes through a switch it is read to determine which computer to send the data to.

    This leads to increased efficiency in that packets are not going to computers that do not require them.

    Now the email analogy has multiple people able to send email to multiple users. The switch can decide where to send the mail based on the address.

    Most large networks use switches rather than hubs to connect computers within the same subnet.

    Router
    A router is similar in a switch in that it forwards packets based on address. But, instead of the MAC address that a switch uses, a router can use the IP address. This allows the network to go across different protocols.

    The most common home use for routers is to share a broadband internet connection. The router has a public IP address and that address is shared with the network. When data comes through the router it is forwarded to the correct computer.

    This comparison to email gets a little off base. This would be similar to the router being able to receive a packet as email and sending it to the user as a fax.

    What is LAN, MAN,WAN and SAN

    LAN - Local Area Network

    A LAN connects network devices over a relatively short distance. A networked office building, school, or home usually contains a single LAN, though sometimes one building will contain a few small LANs (perhaps one per room), and occasionally a LAN will span a group of nearby buildings. In TCP/IP networking, a LAN is often but not always implemented as a single IP subnet.

    In addition to operating in a limited space, LANs are also typically owned, controlled, and managed by a single person or organization. They also tend to use certain connectivity technologies, primarily Ethernet and Token Ring.


    WAN - Wide Area Network

    As the term implies, a WAN spans a large physical distance. The Internet is the largest WAN, spanning the Earth.

    A WAN is a geographically-dispersed collection of LANs. A network device called a router connects LANs to a WAN. In IP networking, the router maintains both a LAN address and a WAN address.

    A WAN differs from a LAN in several important ways. Most WANs (like the Internet) are not owned by any one organization but rather exist under collective or distributed ownership and management. WANs tend to use technology like ATM, Frame Relay and X.25 for connectivity over the longer distances.

    LAN, WAN and Home Networking

    Residences typically employ one LAN and connect to the Internet WAN via an Internet Service Provider (ISP) using a broadband modem. The ISP provides a WAN IP address to the modem, and all of the computers on the home network use LAN (so-called private) IP addresses. All computers on the home LAN can communicate directly with each other but must go through a central gateway, typically a broadband router, to reach the ISP.

    Other Types of Area Networks

    While LAN and WAN are by far the most popular network types mentioned, you may also commonly see references to these others:
    • Wireless Local Area Network - a LAN based on WiFi wireless network technology
    • Metropolitan Area Network - a network spanning a physical area larger than a LAN but smaller than a WAN, such as a city. A MAN is typically owned an operated by a single entity such as a government body or large corporation.
    • Campus Area Network - a network spanning multiple LANs but smaller than a MAN, such as on a university or local business campus.
    • Storage Area Network - connects servers to data storage devices through a technology like Fibre Channel.
    • System Area Network - links high-performance computers with high-speed connections in a cluster configuration. Also known as Cluster Area Network.


    The OSI Model vs. The Real World

    The OSI Model vs. The Real World


    The most major difficulty with the OSI model is that is does not map well to the real world!

    The OSI was created after many of todays protocols were already in production use. These existing protocols, such as TCP/IP, were designed and built around the needs of real users with real problems to solve. The OSI model was created by academicians for academic purposes.

    The OSI model is a very poor standard, but it's the only well-recognized standard we have which describes networked applications.

    The easiest way to deal with the OSI model is to map the real-world protocols to the model, as well as they can be mapped.

    LayerNameCommon Protocols
    7ApplicationSSH, telnet, FTP
    6PresentationHTTP, SMTP, SNMP
    5SessionRPC, Named Pipes, NETBIOS
    4TransportTCP, UDP
    3NetworkIP
    2Data LinkEthernet
    1PhysicalCat-5

    The difficulty with this approach is that there is no general agreement as to which layer of the OSI model to map any specific protocol. You could argue forever about what OSI model layer SSH maps to.

    A much more accurate model of real-world networking is the TCP/IP model:

    TCP/IP Model
    Application Layer
    Transport Layer
    Internet Layer
    Network Interface Layer

    What is the OSI Model?

    What is the OSI Model?

    The OSI model is a reference model which most IT professionals use to describe networks and network applications.

    he OSI model was originally intended to describe a complete set of production network protocols, but the cost and complexity of the government processes involved in defining the OSI network made the project unviable. In the time that the OSI designers spent arguing over who would be responsible for what, TCP/IP conquered the world.

    The seven layers of the OSI model are:

    LayerName
    7Application
    6Presentation
    5Session
    4Transport
    3Network
    2Data Link
    1Physical

    The easiest way to remember the layers of the OSI model is to use the handy mnemonic "All People Seem To Need Data Processing":

    LayerNameMnemonic
    7ApplicationAll
    6PresentationPeople
    5SessionSeem
    4TransportTo
    3NetworkNeed
    2Data LinkData
    1PhysicalProcessing

    The functions of the seven layers of the OSI model are:


    Layer Seven of the OSI Model

    The Application Layer of the OSI model is responsible for providing end-user services, such as file transfers, electronic messaging, e-mail, virtual terminal access, and network management. This is the layer with which the user interacts.

    Layer Six of the OSI Model

    The Presentation Layer of the OSI model is responsible for defining the syntax which two network hosts use to communicate. Encryption and compression should be Presentation Layer functions.

    Layer Five of the OSI Model

    The Session Layer of the OSI model is responsible for establishing process-to-process commnunications between networked hosts.

    Layer Four of the OSI Model

    The Transport Layer of the OSI model is responsible for delivering messages between networked hosts. The Transport Layer should be responsible for fragmentation and reassembly.

    Layer Three of the OSI Model

    The Network Layer of the OSI model is responsible for establishing paths for data transfer through the network. Routers operate at the Network Layer.

    Layer Two of the OSI Model

    The Data Link Layer of the OSI model is responsible for communications between adjacent network nodes. Hubs and switches operate at the Data Link Layer.

    Layer One of the OSI Model

    The Physical Layer of the OSI model is responsible for bit-level transmission between network nodes. The Physical Layer defines items such as: connector types, cable types, voltages, and pin-outs.



    Monday, August 31, 2009

    What is a Collision Domain?

    A computer network can be segmented physically but also logically. A collision domain is one of the logical network segments in which the data packets can collide to each other. One of the most common protocols used when referring to a collision domain is the Ethernet protocol. Collision domains are often referred as 'Ethernet segments'.

    The term of 'collision domain' is also used when describing the circumstances in which a single network device sends packets throughout a network segment and forces every other device in that network segment to pay attention to those packets.

    CSMA/CD and Collision Domains

    A collision domain can also be a group of Ethernet/Fast Ethernet devices in a Local Area Network running on the Carrier Sense Multiple Access/Collision Detection (CSMA/CD) feature and being connected through repeaters, thus competing for network access. Since only one device in the same collision domain can transmit data at a certain point, the other devices in the network simply listen in order to avoid data collisions.

    CSMA/CD is a set of rules telling each network devic-e when to transmit and when to stop transmitting data. When someone in the network wants to transmit something, it "listens" to the network at first in order to see if anyone else is using the channel. If no one else is transmitting, the device will go forward with its own transmission.

    The usage of CSMA/CD is an efficient way of avoiding network collisions, but it's not foolproof. It's obvious that if two devices follow the exact same procedure at the exact same time, their transmissions will 100% collide, and they will both become unusable. A jam signal will be sent in order to let everyone else know that a collision took place and they should not send any data. The hosts that collided will each start a random timer, and when that ends, each host will begin to listen on the network again.

    Of course, the more collisions in a network, the less efficient the network is.

    'Collision domain' sometimes reffers to a system where a unique identifier is open for multiple interpretations over different layers. The analogy to our ethernet collision domain is very clear if not obvious.

    A collision occurs when two or more network devices are trying to transmit packets at the exact same time.

    How to reduce the size of the collision domain?

    Reducing the collision domain size can be the result of installing network devices (usually switches and/or network bridges) that use microsegmentation.

    Unlike network hubs and regular repeaters that usually broadcast every single packet, LAN switches are able to filter and forward packets by their MAC address (Media Access Control). The switch basically reads the 48-bit MAC address from the network card and is able to filter or stop frames inside the LAN or a certain network domain.

    A switch or network bridge will forward frames with addresses that are not in its domain, and will duplicate and broadcast frames to the devices inside its network.

    A router can also filter, forward or drop packets based on the MAC addresses, but it can also act based on the Internet Protocol (IP). Routers also act on reducing the collision domain by broadcasting to the LAN only packets that have addresses on that certain network. These network devices are able to route or redirect packets not only by the IP or MAC addresses, but also by the data type (email, graphics, plain text), function or port used (FTP, HTTP, SMTP, POP3) and other variables and functions (acting like a firewall) in order to improve the performance and also reduce the number of collisions and control/limit users.

    What is a Broadcast Domain?

    Definitions of a Broadcast Domain

    A broadcast domain is a logical part of a network (a network segment) in which any network equipment can transmit data directly to another equipment or device without going through a routing device (assuming the devices share the same subnet and use the same gateway; also, they must be in the same VLAN).

    A more specific definition of the broadcast domain is that certain area of the computer network that's composed by every single computer or network equipment that can be reached directly by sending a simple frame to the data link layer's broadcast address.


    Details on Broadcast Domains

    While any layer 2 device is able to divide the collision domains, broadcast domains are only divided by layer 3 network devices such as routers or layer 3 switches.

    Frames are normally addressed to a specific destination device on the network. While all devices detect the frame transmission on the network, only the device to which the frame is addressed actually receives it. A special broadcast address consisting of all 1s is used to send frames to all devices on the network.

    The VLAN (Virtual Local Area Network) technology can also create a so-called "virtual" broadcast domain. A network built with switching devices could see each network devices as an independent system. These groups of independent systems can be joined into one broadcast domain, even if the computers are not physically connected to each other. This is very useful when administrating large networks where there's the need for better network management and control.


    How to restrict the broadcast domain?

    Since a broadcast domain is the area where broadcasts can be received, broadcasts are restricted by routers. If a router receives a broadcast signal, it simply drops it. In other words, the edge or border router connected to the Internet will not up-broadcast or will not relay that broadcast message. This is problematic and not foolproof either. Supposing two networks exist and they're connected to each other through a router. The first network has a running DHCP server that offers IP addresses to networked systems. On the other side, there is no valid DHCP server running on the second network. Offering IP addresses from the first network's DHCP server to the second network's systems can be a difficult task to accomplish since DHCP is a broadcast, and the router that joins the networks drops the broadcast traffic. This leaves any DHCP request in the second network, unanswered. Many router manufacturers provide capabilities for DHCP forwarding to solve this problem. This can be bypassed by connecting the two networks with a well configured, Linux-based, purpose-oriented software router. That will handle the job properly and without further issues.

    Examples of Broadcast Domain Implementation

    A broadcast domain can be perceived as a portion of a network that is reachable by network broadcast (an address resolution request of some sort of an announcement of availability. Messages like "Can I have the address of that network node?" or "I'm here, a part of this network". Again, unlike collision domains, broadcast domains can be started at several protocol layers, therefore the broadcast domain as a whole can be within a single LAN segment but it can be routed over other segments as well.

    What is IP?

    What is IP?

    IP (Internet Protocol) is the main network layer protocol utilized on the Internet.

    P is responsible for addressing and fragmentation.

    IP works with another network layer protocol, ICMP.

    Transport layer protocols which utilize IP include TCP and UDP.


    IP Addresses

    IP addresses are four octets (32 bits) long and are usually seperated by periods. Some example IP addresses are:

    IP addresses are using in routing packets through the Internet.

    Diagram of the IP Header

                            IP Header Format
    -----------------

    0 1 2 3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    |Version| IHL |Type of Service| Total Length |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    | Identification |Flags| Fragment Offset |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    | Time to Live | Protocol | Header Checksum |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    | Source Address |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    | Destination Address |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
    | Options | Padding |
    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

    IP Versions

    The version of IP in current use is IPv4. IPv6 has been defined, but is not yet in common use.

    Additional Reading on IP

    The IP protocol is defined in RFC 791: Internet Protocol.

    What is 127.0.0.1?

    127.0.0.1 is the standard IP address used for a loopback network connection.

    This means that if you try to connect to 127.0.0.1, you are immediately looped back to your own machine.

    What is a Broadcast Address?

    A broadcast address is an IP address that you can you to target all systems on a specific subnet instead of single hosts. The broadcast address of any IP address can be calculated by taking the bit compliment of the subnet mask, sometimes referred to as the reverse mask, and then applying it with a bitwise OR calculation to the IP address in question.

    Some systems which are derived from BSD use zeros-broadcasts instead of ones-broadcasts. This means that when you create a broadcast address, you fill the host area of the IP address while displayed using binary values with zeros instead of ones. Most operating systems use ones-broadcasts. Changing systems to use zeros-broadcasts will break some communications in the wrong environments, so understand your needs before changing your broadcast address or its type.

    Math example

    If you have a system with IP address 192.168.12.220 and a network mask of 255.255.255.128, what should the broadcast address for the system be? Remember, to do this calculation, you need to convert all numbers to binary values. For bitwise OR, remember that any two values where at least one value is "1", the result will be "1", otherwise the result is "0".


    IP Address: 11000000.10101000.00001100.11011100
    Reverse Mask: 00000000.00000000.00000000.01111111
    bitwise OR: -----------------------------------------------
    Broadcast: 11000000.10101000.00001100.11111111

    Convert the binary value back to octal, and you have your resulting value of 192.168.12.255. You can use the tech-faq.com subnet calculator to assist you in calculating network IP address values.

    Setting up a broadcast address

    In most cases the broadcast address will be properly set up by modern operating system once you enter the IP address and subnet mask. In some older unix systems that use classful definitions of subnets, the broadcast address is improperly formed, and you will need to change it.

    Changing windows systems broadcast addresses

    Windows systems do not allow you to change the broadcast address by hand. You can, however, choose whether the system uses zeros-broadcasts or ones-broadcasts. To change a windows system to use zeros-broadcasts, use the following procedure:

    • Log into the windows system with an account with administrator rights.
    • Open your registry editor. If you are not knowledgable in using the registry editor for windows, please do not perform these steps. A mistake can make your system unusable.
    • Find the registry key "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ Tcpip\Parameters\Interfaces\[Adapter ID]". Replace [Adapter ID] with the actual adapter ID you want to change the broadcast address for. You can get a list of all the adapter IDs in your windows system by opening a command line prompt, and executing a "ipconfig /all" command.
    • Create a new DWORD value called "UseZeroBroadcast". Set its inital value to "1". You can use a hex or binary value in this case, since 1 is the same for both numbering systems.
    • Reboot your system for the changes to take effect.
    • You have enabled zeros-broadcast for that adapter.

    Changing unix systems broadcast addresses

    Unix systems give the administrator a method to change the broadcast address to whatever value that they see fit to change it to. Ensure you know what you are doing before changing your broadcast address. In some cases, when using ifconfig from the command line, the broadcase address gets set to a classful based broadcast instead of the proper broadcast. You can check your results using the "ifconfig" command. Unfortunately, every unix system has differing syntax for the ifconfig command, and not all command options are available for every unix system. Check your ifconfig man page if you get hung up. The sample procedure below is the process you would use on a linux system to change a system broadcast address.

    • Open a terminal window, telnet, or ssh into the unix system in question, and log into the system.
    • "Su" or "sudo" commands properly to get root priviledges.
    • Determine which adapter you want to change the broadcast address on the system by checking the output of "ifconfig -a".
    • Execute "ifconfig broadcast ". Replace and with the proper values.
    • Test your configuration.


    VLSM

    VLSM - A Very Brief History

    You read in the subnetting section that we were about to run out of IP addresses. One way to preserve IP addresses was to allocate certain ranges of IP address which can be used for free on your network so long as you don't use them to get out to the internet. If you want to get out to the internet using them then your router can just swap it for a routable address using a technique called Network Address Translation (NAT).

    Free addresses to use are:

    10.0.0.0 - anything starting with a 10

    172.16.0.0 to 172.31.0.0 - inclusive

    192.168.0.0 - any address starting with these two numbers

    Using VLSM

    Say you are using the following number:

    192.168.1.0 which if you have read the subnetting section you know lets you use 254 hosts on your network. If you only have 20 hosts on your network it means you have wasted 204 addresses. Now imagine if you are paying for each block of addresses, you are going to waste a huge amount of money as well.

    VLSM lets you cut your network into smaller chunks which are called subnets. All you have to do it add some numbers to the end of your subnet mask and your network will see that you are subnetting it down. Please see the easy way to subnet section for more information on how to actually do it.

    How VLSM Works

    If you change your subnet mask from 192.168.1.0 255.255.255.0 to 255.255.255.224 your network device will see the change and let you break down your network into smaller parts. That actual number tells the network to chunk your network down into subnet blocks of 32. If you use the subnetting cheat chart you will see how this actually works.

    The subnet mask 255.255.255.224 gives you 8 subnets with 32 available addresses. Each subnet must start with a subnet number and end with a broadcast number so technically that leaves you with 30 host addresses per subnet. This is still plenty if you only needed 20 per subnet.

    We have gone from one subnet with 255 addresses:

    To 8 subnets with 32 IP addresses per subnet.

    A RFC (request for comment) was submitted which suggested that we could allocate numbers to hosts on networks instead of hostnames. The current implementation of this scheme is IP version 4 although IPv6 is now replacing this.

    The idea is that every address would be made up from four groups of eight binary numbers. Each group of eight binary numbers is known as an octet. Because we struggle to write numbers out in binary we usually convert them into decimal but computers and network devices still see all numbers in binary because they can only recognise on and off signals so either a 0 or a 1.

    Binary Math 101

    Binary maths - what you need to know in order to subnet

    Here is a Secret

    Technically you can get away with not knowing binary mathematics if you want to just be able to subnet your network. So long as you understand that all IP addresses are in binary and that each octet can only go from 0 to 255 then you should be fine. If you have any IT exams coming up, especially Cisco or Microsoft then you may well be asked to work out binary numbers and convert them to decimal or even hex!

    How Binary Works

    We use the decimal counting system as humans because we have ten digits on our hands so that is how mankind learned to count. Computers only have electrical currents so they can only see a current or no current. No current is 0 and current is 1. The only numbering system that can cater for this is binary.

    Binary numbering starts with a 1 and then doubles in columns. You can count from 0 to infinity and beyond with this numbering system. Just keep adding columns (from right to left). A 0 means don't use that number and a 1 means do use that number.

    Numbers

    2

    1
    Binary 1 0

    Here you have a1 or 'on' number in the 2 column and a 0 or 'off' in the 1 column so your number is 0.

    Numbers

    4

    2 1
    Binary 1 0 1

    This time we have a 1 in the 1 and the 4 columns so we simply add that together to get 5 as the answer.

    Numbers

    8

    4 2 1
    Binary 1 1 0 1

    And this time we have a 1 in the 8,4 and 1 columns so adding them together we have 13.

    We could keep going here but we should stop at 8 columns because current IP addresses use eight binary places or an octet. In fact an IP version 4 address uses 4 octets.

    Numbers 128 64 32 16

    8

    4 2 1
    Binary 1 0 0 1 1 1 0 1

    In the above example we add 128+16+8+4+1 to get 157.

    An IP address in binary would look like this to a computer or router:

    11010010.11101101.11000010.11110110 which is four octets.

    Convert Binary to Decimal

    This is a very simple process. Just write out the binary number putting it into the above chart. Add the numbers together and you have your answer.

    Convert Decimal to Binary

    A little more tricky. Write out the above chart again and put a 1 in the numbers which add up to your required binary number. So if you wanted to work out 203 in binary you would tick the 128 and 64 columns (192), ticking the 32 column would give it too much, tick the 8 column (200) and then the 2 and 1 columns. If you prefer you can start from the other end adding 1 to 2 to 4 and so on but it does work better from the left to right.

    Your answer would look like this:

    Numbers 128 64 32 16

    8

    4 2 1
    Binary 1 1 0 0 1 0 1 1

    Class C Subnetting

    You can recognise a Class C address because the first octet is a number from 192 to 223 inclusive. So any of the below IP addresses are Class C.

    192.1.2.4

    200.2.3.5

    223.1.2.3

    Network devices recognise a Class C address as such because the numbers are checked in binary and the first number in the first octet always begins with the binary number 110. Check the binary section for more info on that.

    Class C addresses lock the first three octets for network numbers. The remaining three octets can be used for host numbers. It works like this:

    Network Network Network Host
    223 23 2 4

    In the above example 223.23.2 is the network number and .4 is a host on that network.

    Please note that Class A, B and C addresses are only called such for historical purposes now and you may find that your company could be allocated a Class A address or even one for your home IP address for your broadband connection. VLSM means that we don't have to concern ourselves with Classes of address anymore.

    Class B Subnetting

    You can recognise a Class B address because the first octet is a number from 128 to 191 inclusive. So any of the below IP addresses are class B.

    128.1.2.4

    177.2.3.5

    191.1.2.3

    Network devices recognise a Class B address as such because the numbers are checked in binary and the first number in the first octet always begins with the binary number 10. Check the binary section for more info on that.

    Class B addresses lock the first two octets for network numbers. The remaining three octets can be used for host numbers. It works like this:

    Network Network Host Host
    129 23 2 4

    In the above example 129.23 is the network number and 2.4 is a host on that network.

    Please note that Class A, B and C addresses are only called such for historical purposes now and you may find that your company could be allocated a Class A address or even one for your home IP address for your broadband connection. VLSM means that we don't have to concern ourselves with Classes of address anymore.

    Class A Subnetting

    All IP addresses were divided into classes when they were first devised. The idea was that Class A addresses were allocated to large companies. Class B to medium sized companies and Class C to any other company who needed an IP address. Class D is for multicasting such as streaming media and Class E is reserved for experimental use.

    You can recognise a Class A address because the first octet is a number from 1 to 126 inclusive. So any of the below IP addresses are class A.

    10.1.2.4

    120.2.3.5

    125.1.2.3

    Network devices recognise a Class A address as such because the numbers are checked in binary and the first number in the first octet always begins with the number 0. Check the binary section for more info on that.

    Class A addresses lock the first octet for network numbers. The remaining three octets can be used for host numbers. It works like this:

    Network Host Host Host
    20 23 2 4

    In the above example 20 is the network number and 23.2.4 is a host on that network.

    Please note that Class A, B and C addresses are only called such for historical purposes now and you may find that your company could be allocated a Class A address or even one for your home IP address for your broadband connection. VLSM means that we don't have to concern ourselves with Classes of address anymore.

    Subnet Zero

    Subnet Zero

    IP subnet zero questions seem to pop up on various network discussion groups every few days. Some people are not clear about what it is and how it will affect them in interviews and exams.

    What is Subnet Zero?

    When you are calculating subnet masks the result of your calculations generates various subnets. Each subnet starts with a number so if you use the example in easy way to subnet you will see that your subnet addresses are:

    192.168.1.0

    192.168.1.64

    192.168.1.128

    192.168.1.192

    Subnet zero is the subnet which has all binary 0's in the address. So for the number 192.168.1.0 you have in the last octet eight zeros for the subnet number or 00000000. The last octet has all 1's in the subnet part. Please re-read the easy way to subnet section again but remember that we are stealing three bits from the last octet to make a subnet. If you write out the address 192 for the last subnet above you would see that the first three bits of the last octet are binary 1's or 11100000.

    The same actually goes for the first subnet. I know I said that there were eight binary 0's in it but only the first three count for the subnet, the last five are for the hosts on that subnet. If subnet zero is not allowed you will always lose two subnets so in the below example if your subnet mask is 255.255.255.224:

    192.168.1.0 - You can't use this subnet as it is all 0's in the subnet

    192.168.1.64

    192.168.1.128

    192.168.1.192 - You can use this subnet as it is all 1's in the subnet

    If you can use subnet zero you get this:

    192.168.1.0 - You can use this subnet

    192.168.1.64 - You can use this subnet

    192.168.1.128 - You can use this subnet

    192.168.1.192 - You can use this subnet

    So Can You Use Subnet Zero?

    The answer is 'yes you can.' Unless you are told otherwise you should presume that subnet zero is always allowed. In an IT exam it will usually tell you if you are not permitted to use it but to prevent it's use is a bit old fashioned.