1.7 Select the appropriate cabling type based on implementation requirements

Cost, transmission speed and data link distance between points will dictate which types of cabling that are required.

For example in a small office Ethernet cabling would be the best choice, as fiber optic cabling would be too expensive and most end devices would not have the required interface.

Transmission speeds would dictate the minimum cable specification:

Screen Shot 2015-03-16 at 6.03.14 PM.png

Cable specifications dictate the cable type and the number of pins:

Ethernet Types, Media and Segment Length Per IEEE

For running cabling over a long distances (100m+) fiber optic is preferred.

For connecting site offices over long distances leased-lines can be used which using CSU/DSU. In that case the service provider will install cabling.

1.6 Compare and contrast network topologies

1.6.a Star

A star topology refers to a central device that each device centrally connects to. It resembles a star because the central device resembles a star with the connected devices radiating from the center.

1.6.b Mesh

A mesh topology is where each device connects to every other device. This results in a large fault tolerance as each node is interconnected to every other node but requires more connections as the network grows making it inefficient.

A partial mesh is where only some devices are fully interconnected. A full mesh refers to where every device is fully interconnected.

1.6.c Hybrid

A design which combines aspects of the star and mesh topologies.

1.5 Compare and contrast collapsed core and three-tier architectures

Collapsed core architectures differ from 3 tier design by combining the function of the Core and Distribution layers. The wording on this subject is very precise and I failed several times to put it as well as it is described below, so I have just copy and pasted it from Cisco’s website.

From Cisco’s website:

A typical hierarchical enterprise campus network design includes the following three layers:

  • Core layer: Provides optimal transport between sites and high-performance routing. Due the criticality of the core layer, the design principles of the core should provide an appropriate level of resilience that offers the ability to recover quickly and smoothly after any network failure event with the core block.
  • Distribution layer: Provides policy-based connectivity and boundary control between the access and core layers.
  • Access layer: Provides workgroup/user access to the network.

The two primary and common hierarchical design architectures of enterprise campus networks are the three-tier and two-tier layers models.

Three-Tier Model

This design model, illustrated in Figure 3-1, is typically used in large enterprise campus networks, which are constructed of multiple functional distribution layer blocks.

Figure 3-1Figure 3-1 Three-Tier Network Design Model

Two-Tier Model

This design model, illustrated in Figure 3-2, is more suitable for small to medium-size campus networks (ideally not more than three functional disruption blocks to be interconnected), where the core and distribution functions can be combined into one layer, also known as collapsed core-distribution architecture.

Figure 3-2Figure 3-2 Two-Tier Network Design Model

 

 

1.4 Describe the effects of cloud resources on enterprise network architecture

1.4.a Traffic path to internal and external cloud services

From the NIST website:

“The NIST definition lists five essential characteristics of cloud computing: on-demand self-service, broad network access, resource pooling, rapid elasticity or expansion, and measured service. It also lists three “service models” (software, platform and infrastructure), and four “deployment models” (private, community, public and hybrid) that together categorize ways to deliver cloud services.”

Access to public and private cloud happens in the following broad ways:

  1. Private WAN
  2. VPN tunnel over the internet

1.4.b Virtual services

There are a few major types of cloud services, they are broadly grouped according to the type of offering.

  1. Infrastructure as a Service
    • Offers storage, network, RAM and CPU as a virtual service which can be created and destroyed rapidly. Often the “Virtual PCs” can be small ( ie 1 CPU, 512MB RAM, 15GB disk) or scale up to incredibly high sizes.
  2. Software as a Service
    • Offers a functioning software service that is pre-configured and runs on the vendors own private infrastructure. The vendor takes care of the maintenance and upgrades of the software.
    • Examples of these are Dropbox, Gmail, Microsoft Exchange and WordPress.
  3. Platform as a Service
    1. Offers an IaaS but with added software tools pre-configured. Examples are Jenkins continuous integration and Google’s App Engine.

1.4.c Basic virtual network infrastructure

Cloud services run inside Virtual Machines. Virtual Machines emulate all aspects including a machines network connections, creating Virtual Network Interfaces.

Virtual network infrastructure is required to connect the virtual machines or “instances” inside the VM similar to a real network. This involves the use of Virtual Switches, Routers and Firewalls often called “cloud firewalls/routers/switches”.

Virtual networks may actually become larger than their real life counterparts due to the popularity and convenience of cloud services both private and public.

1.3 Describe the impact of infrastructure components in an enterprise network

1.3.a Firewalls

Firewalls have some router line features – such as packet forwarding, packet filtering, NAT, PAT and redirection. Firewalls also behave similar to ACLs with a set of rules (and macros in more advanced software) to restrict traffic flow.

Firewalls use the following rules to make decisions:

  • router IP ACLs – matching source and destination IP addresses
  • router IP ACLs – matching source and destionation TCP/UDP ports
  • monitoring application flows to allow additional TCP and UDP
  • match the text in the URI of HTTP request
  • keep state information and make decisions about filtering future packets based on historical state information
  • type of traffic (ICMP, TCP/IP)

Firewall rules may restrict the flow of network protocols causing intermittent or hard to diagnose faults in a network. This may lead to difficulty in diagnosing faults if not taken into account.

Firewalls may also separate the network into separate zones. Multiple interfaces may be grouped into the same zones, these interfaces would have the same rules applied to them. Network zoning allows for the simplification of firewall rules and increases security by segregating traffic.

For example a DMZ may be set up to allow for public access to web servers. The DMZ traffic would be segregated from other internal traffic to prevent public internet traffic from gaining access to the private LAN.

1.3.b Access points

Wireless access points act as 3 separate devices:

  1. switches
  2. routers
  3. wireless access points

When running a large wireless network multiple access points will be required due to the large area covered. To overcome the problem of multiple SSIDs and connecting to multiple wireless networks in a corporate network the access points are separated into:

  1. Wireless LAN Controller – controls and manages AP functions
  2. Lightweight AP – forwards data between the wired and wireless LAN

Separating the access points into multiple parts allows the client to seamlessly connect to the wireless network while roaming throughout the coverage area.

1.3.c Wireless controllers

Wireless LAN controllers as discussed above manage the access point functions such as authentication, roaming, WLANS etc. Wireless LAN controllers manage multiple LWAP (Lightweight Access Points) allowing a user to stay on the same network whilst connecting to different LWAP.

1.2 Compare and contrast TCP and UDP protocols

Transmission Control Protocol and User Datagram Protocol are completely different protocols.

TCP is connection oriented, supports windowing and has inbuilt error detection and recovery.

UDP does not support any of these features and UDP packets are effectively thrown over the wall.

UDP is useful in cases where either software take care of errors, or where resending data would not be useful. Let’s take two examples.

DNS uses UDP. Typically speaking a host will send a DNS request to two servers simultaneously, and use the first result that is received discarding the second. In this case the overhead required by TCP (3 way connection hand shake, and 4 way disconnection handshake) would require too much overhead. If there were packets discarded and the DNS query failed, the host would just retry the query.

Here is a packet capture of a DNS query. Notice how efficient exchange is:

 

Lets consider anther example – voice and data calls. If packets are dropped during a phone call those packets are not useful if sent again as they relate to data from the past.

Places where you would use TCP is where you require error detection and recovery (at Layer 4) and security. For example when you visit a website the HTTP GET requests are sent to port 80 or 443 via TCP. It is important to use TCP for secure connections as it is not possible with UDP ensure the Layer 3 identity of the sender (UDP packet headers can be spoofed).

Features of UDP:

  • Multiplexing using ports: this allows the OS to allow many services to use the same IP address by using port numbering.

Features of TCP:

  • Multiplexing using ports
  • Error recovery – Process of numbering and acknowledging data with Sequence and Acknowledgment header fields
  • Flow control using windowing – Process that uses windows sizes to protect buffer space and routing devices from being overloaded with traffic
  • Connection establishment and termination – Process used to initialize port numbers and Sequence and Acknowledgment fields
  • Ordered data transfer and data segmentation – Continuous streams of bytes from an upper layer process that is “segmented” for transmission and delivered to upper-layer processes at the receiving device with the bytes in the same order.

 

 

1.1 Compare and contrast OSI and TCP/IP models

OSI was a rival to the TCP/IP model originally. But now the protocol is defunct and TCP/IP dominates the market. However the terminolgy used to describe OSI has survived and is still used to describe the networking and the TCP/IP model even though it doesn’t directly translate.

The OSI layers are:

  1. Physical
  2. Data Link
  3. Network
  4. Transport
  5. Session
  6. Presentation
  7. Application

Contrast this to the TCP/IP model layers:

  1. Link
  2. Internet
  3. Transport
  4. Application

Most people refer to the TCP/IP by the corresponding OSI layers. Often referring to a “Layer 2 Switch” or “Layer 3 Switch”. Meaning a switch that can only switch Ethernet frames (Layer 2) or do packet forwarding (Layer 3 – IP routing).

The below image shows a table of how the TCP/IP model maps over to the OSI model:

TCP-IP-model-vs-OSI-model.png

“Please Do Not Throw Sausage Pizza Away” is a neat way to remember the format of the OSI model.

Here is a quick breakdown of the original OSI layers and their function (from the CCNA Official Cert Guide):

7.) Application Layer. Provides an interface from the application to the network by suppling a protocol with actions meaningful to the application, for example, “get web page object”.

6.) Presentation Layer. This layer negotiates data formats, such as ASCII text, or image types like JPEG.

5.) Session Layer. This layer provides methods to group multiple bidirectional messages into a workflow for easier management and easier back out of works that happened if the entire workflow fails.

4.) Transport Layer. In function, much like TCP/IP’s transport layer,. This layer focuses on data delivery between the two endpoint hosts (for example, error recovery).

3.) Network layer. Like the TCP/IP network (Internet) layer, this layer defines logical addressing, routing (forwarding), and the routing protocols used to learn routes.

2.) Data link layer. Like the TCP/IP data link layer, this layer defines the protocols for delivering data over a particular single type of physical network (for example, the Ethernet data link protocols)

1.) Physical Layer. This layer defines the physical characteristics of the transmission medium, including connectors, pins, use of pins, electrical currents, encoding, light modulation and so on.

Here is an example of how the OSI model applies to the TCP/IP model:

Application, presentation and session (Layers 5-7): Telnet, HTTP, FTP, POP3, VoIP, SNMP

Transport (Layer 4): TCP, UDP

Network (Layer 3): IP

Data Link (Layer 2): Ethernet (IEEE 802.3), HDLC

Physical (Layer 1): RJ45, Ethernet (IEEE 802.3)