Networking Notebook

SSH stands for Secure Shell and is mostly used on UDP port 22. SSH is a protocol that is used to remotely access network devices such as routers, switches, APs and many more devices. These SSH sessions are mostly for management and provide a convenient way to manage and verify configuration states without having to…

Hi, today I am going to dive into the syslog monitoring locations. Syslog is one of the major logging protocols that allow network devices such as routers, switches, APs, or firewalls to generate, store, and send event notifications to a centralized logging or external server. Syslog is versatile in where these messages can be displayed…

Today I am going to talk about syslog. Syslog is a UDP (port 514) protocol that is the standard for logging where it allows network devices to generate, store and send event based notifications to a centralized server. If you have been doing any type of labs, you have definitely seen a syslog message as…

In recent blogs, I’ve written about SNMP and how it works. SNMP is a great protocol for monitoring network devices on an IP network. There are currently 3 versions of SNMP and all of them have different ways of implementing security. The latest version of SNMP which is version 3 is the most secure, with…

SNMP is a network management protocol used to manage and monitor network devices on an IP network. It is an application layer protocol that is run in an agent-manager model. SNMP communication is initiated by both the manager and the agent, depending on the type of operation. Today I am going to discuss the various…

Today I am going to talk about SNMP which stands for Simple Network Management Protocol. This is an application-layer protocol that is used to monitor, configure, and manage network devices on an IP network. This protocol is an agent-manager model, where both the agent and the manager communicate to each other exchanging information that is…

DHCP is a protocol used to automatically assign IP addresses to devices on a network. There are two DHCP features that I want to talk about today which are “release” and “renew.”  Release- When a client sends a DHCP release, the host is prematurely relinquishing its IP address lease. When IP address leases are assigned…

DHCP is a network management protocol that is used to automatically assign IP addresses to devices on a local network. This is done through broadcasting DHCP messages so the DHCP server can respond. But what if the DHCP server is located on another subnet? This is where a DHCP relay agent takes over. Relay Agent–…

DORA- Today I am going to talk about DHCP which stands for Dynamic Host Configuration Protocol. DHCP is a network management protocol that is used to dynamically assign IP addresses and other network configuration parameters to devices automatically. DHCP reduces manually having to assign device after device. DHCP is stateful, meaning that every IP address…

Today I am going to talk about DNS which stands for Domain Name System. DNS is a system that allows for users to access web servers or websites via human-readable domain names instead of an IP number. An IP address consists of 32 bits, and is formatted in dotted decimal format to make it more…

Today I am going to talk about ACL which means Access Control Lists. ACLs are used to filter traffic based on a certain kind of criteria which are usually found in IP headers. ACLs can be used on their own but can also be used with protocols such as NAT and NTP. NAT uses ACLs…

Today I am going to talk about DAD which is Duplicate Address Detection. DAD is widely used in IPv6 networks to prevent multiple devices from having a duplicate address on the local link.  When a device is assigned an IPv6 address, the device uses DAD to ensure that the IPv6 address is not already in…

With the introduction of IPv6 came different ways for the same things to get done. For example address resolution can now be done with NDP which stands for Neighbor Discovery Protocol. NDP not only can perform address resolution but also perform DAD (Duplicate Address Detection) and router discovery. These functions are carried out by ICMPv6…

When it comes to IPv6 as you probably know multicast is used a lot! It essentially replaces functions that operate on broadcasts and replaces it with multicast instead. One of the ways that multicast is more efficient than broadcast is its ability to target a specific amount of people rather than every single person on…

Today I am going to talk about the IPv6 header and the purpose of each field inside of the header. The IPv6 header unlike the IPv4 header is fixed meaning it will always remain 40 bytes. It consists of similar fields as IPv4 but with different names. (PIC)  Version- The IPv6 header starts off with…

Today I am going to talk about the presentation layer. The presentation layer is the 6th layer of the OSI model and plays a crucial role in computer communication. It is capable of performing multiple functions such as translating between data formats, encryption and decryption, and compression.  How Computers Talk- Depending on the protocol encryption…

Today I am going to talk about EUI-64 (Extended Unique Identifier 64-bit). IPv6 is a little different from IPv4 because not only does it have DHCPv6, it also has a feature called SLAAC (Stateless Address Autoconfiguration) which can use EUI-64. SLAAC is used to automatically generate an IPv6 address, and EUI-64 is used to automatically…

Today I am going to talk about multicast scopes. Multicast is a message type that is used to transmit a single stream of data to a group of interested recipients who have displayed interest in receiving that data by joining a “multicast group.” The original data stream is only transmitted once, and network devices such…

Today I am going to talk about the different types of IPv6 addresses used. Although IPv6 is just supposed to be another IP protocol with sufficient addresses, the design of IPv6 is very different when it comes to addresses. The types of addresses I will get into today are ULA (Unique Local Addresses), GUA (Global…

When it comes to networking and communication, there are many different ways network devices can talk to each other. Different processes utilize different communication types depending on the context. The most common message types are unicast, broadcast, multicast, and anycast. IPv4 utilizes unicast, broadcast, and multicast. IPv6 supports unicast, multicast, and anycast. IPv6 does not…

Today I am going to talk about IPv6 which is another Internet Protocol that was created to address the exhaustion of IPv4 addresses. IPv6 was created in hopes of going from IPv4 to the internet being completely IPv6, but never fully took over because of mechanisms such as NAT and RFC 1918 private addressing that…

Every IP-capable network device has an interface called a loopback interface. A loopback interface can be found in PCs, switches, and routers. A loopback interface is an address that when pinged or routed to is processed internally by the device and not tied to any physical interface. It is a virtual interface when configured with…

In these past few blog posts, I’ve discussed TCP and everything it entails, but even though it is the most used protocol by applications, others transport data via UDP (User Datagram Protocol.) UDP is used for applications such as SNMP, DHCP, TFTP, and Syslog. Unlike TCP, UDP is connectionless meaning it doesn’t need to form…

TCP is known for its reliability compared to UDP, and one of the ways that it does this is by sequence numbers and acknowledgements. Retransmissions are also a big factor in its reliability as well. There is a timer called “retransmission timeout timer” and when the segment is sent the retransmission timer starts for it….

TCP is one of the main transport layer protocols that is used for many applications such as HTTPS, FTP, SMTP, and SSH. It is a very reliable protocol providing sequencing and acknowledgements unlike its counterpart UDP. Another important feature of TCP is flow control. Flow control is a mechanism used by TCP to avoid the…

Today I am going to talk about TCP (Transmission Control Protocol), and all of its features that it provides layer 4. TCP is a transport layer protocol that is widely used for the bulk of the applications used today such as FTP, SMTP, POP3, Telnet, SSH, HTTP, and HTTPS. Connection-Orientated- TCP is a transport layer…

Today I am going to discuss multiplexing and demultiplexing. These are crucial mechanisms operating at layer 4 that allows computer users to use multiple applications at the same time. A typical user working in a corporate environment is most likely using email, the web browser, VoIP (Voice over IP), SSH, FTP, DNS and so much…

Today I am going to talk about GLBP (Gateway Load Balancing Protocol), which is another FHRP but this time with major differences on how it functions. GLBP is another Cisco proprietary protocol that provides gateway redundancy but also provides load balancing on top of it. Instead of having the typical FHRP master/active router with a…

HSRP- Another FHRP protocol is HSRP which is a Cisco proprietary protocol. This protocol functions in the same way as VRRP does for the most part with a few differences, so let’s dive into it. The main router that is responsible for forwarding traffic for the HSRP group is called the “active” router. The active…

Hi today I am going to talk about FHRP (First Hop Redundancy Protocol), and the protocols within it such as VRRP (Virtual Router Redundancy Protocol), HSRP (Hot Standby Redundancy Protocol), and GLBP (Gateway Load Balancing Protocol). FHRP is a default gateway redundancy protocol that provides a backup for the main default gateway. In setups like…

Today I am going to talk about serial interfaces. Serial interfaces are a point-to-point connection that is mostly used for WAN links or connections. By WAN connections, I mean T1/E1 circuits, DSL (digital subscriber lines), or leased lines. This WAN connection is most commonly from an ISP to a customer. Serial interfaces function very differently…

Today I am going to talk about LSA types. As you probably already know, OSPF routers in the same area have a database (LSDB) full of LSAs. This LSDB serves as the network topology map from which routes are created. LSAs can also extend to inter-areas and certain LSAs are meant for the entire OSPF…

OSPF is a very versatile dynamic routing protocol, not only does it provide redundancy, fast convergence, scalability, automatic failover but it works with all types of network types as well. Today I am going to talk about broadcast and point-to-point OSPF networks and how they function.Broadcast- Broadcast OSPF network is one of the most common…

In order for OSPF to keep its topology current and up to date with any changes or failures, it has some important timers. Three timers I am going to talk about today are the hello interval timer, dead interval timer, and the retransmission timer.  Hello Timer- The hello timer is a timer that dictates how…

Today I am going to dive into OSPF router adjacency roles. In broadcast/non-broadcast multi-access network topologies, OSPF elects routers to maintain a certain role within the topology to provide redundancy, and make communication/updates more efficient. The roles that make OSPF broadcast network types run smoothly are the DR (Designated Router), BDR (Backup Designated Router), and…

Today I am going to talk about OSPF neighbor states and what goes on under the hood when a new OSPF topology first comes online. Before a link reaches a full state and the network is fully converged with a complete identical topology map. For broadcast and non-broadcast multi-access topologies, link neighbors must go through…

Today I am going to talk about the types of messages that can be sent when OSPF is enabled. Every message type is unique in its own way and allows OSPF to function as smoothly as it does. These message types each serve their purpose in their own way from discovering neighbors to providing reliability….

Hi, today I am going to talk about OSPF routers and the role of each router. Since OSPF is a vast protocol with a lot going on, different routers carry different duties to make sure that the OSPF AS functions the way that it is supposed to. Without these routers and their role OSPF would…

Today I am going to begin to talk about OSPF and OSPF areas. OSPF is short for Open Shortest Path First, and is an IGP link-state protocol. OSPF operates with routers all having the same identical topology map and from that identical map, every router calculates the shortest path possible using Dijkstra’s algorithm. The shortest…

Today I am going to talk about floating static routes. Floating static routes are backup routes that are strategically configured on a router that serves as a redundancy mechanism in case a primary dynamic route fails. These static routes are invisible to the eye, meaning when they are configured if you look at the routing…

Today I am going to be talking about EIGRP which stands for Enhanced Interior Gateway Protocol. EIGRP is an dynamic IGP that is an advanced distance-vector protocol. EIGRP is viewed as a “hybrid” protocol because it has features of both distance-vector and link-state protocols. EIGRP has an AD of 90 and uses a composite metric…

Today I am going to talk about RIP which is Routing Information Protocol. This is a dynamic protocol and is mostly obsolete because there are other protocols that converge much more quickly like OSPF and EIGRP. RIP has a 30 second update timer and a 180 second invalid timer making convergence very slow compared to…

Today we are going to talk about AD and metrics. If you’ve ever seen a routing table you’ve probably seen something like this [110/65]. Here’s a picture of it below: AD- The number to the left is AD which stands for administrative distance and the number to the right stands for metrics. Ever wondered when…

Static Routing- When it comes to routing, there are two options that can be done which are dynamic or static routing. Each has their own pros and cons, let’s break it down. Static routes are routes that are manually installed in the routing table by an IT member. These routes are “dumb” routes meaning that…

Today we are going to talk about etherchannel. As you know redundancy is huge when it comes to networking, and building a network that can stay online through many failures. Eliminating a single point of failure is one of the best ways to provide redundancy and etherchannel does just that. Etherchannel is a technology in…

So now that we’ve talked all about STP all in my last couple posts, we are still not done lol. STP has been upgraded to RSTP which stands for Rapid Spanning Tree Protocol. This basically functions the same as STP meaning it prevents layer 2 loops while providing redundant back paths, but the difference in…

STP not only provides redundancy and prevents layer 2 loops but it comes jam packed with a ton of additional options that can make a network more secure and functional. Today we are going to dive into all the features that can be enabled on STP.  Portfast- The first feature that I will be talking…

In recent blogs I’ve talked about port roles which are designated and root ports. But today we are going to talk about port states which are blocking, listening, learning, and forwarding. Every port, no matter which role they are, is either blocking or forwarding. During a topology change, ports can be seen listening or learning….

Today we are going to talk about STP timers. STP consists of three timers that include a hello timer, max age timer, and a forward delay timer. These timer values are determined and set by the root bridge and the non-root bridges adapt to those timers.  Hello Timer – A hello timer is the interval at…

Today, we are going to talk about the root bridge and port roles in STP. STP is a protocol that provides a loop free topology so that networks can have redundant links without it causing a broadcast storm. In order for STP to provide redundancy while preventing layer 2 loops, switches and ports need to…

Hi, today I am going to talk about STP (Spanning Tree Protocol). STP is a layer 2 redundancy mechanism widely used to control layer 2 loops and broadcast storms logically. STP is an amazing protocol because not only does it prevent broadcast storms, but it provides redundancy so if something in the topology fails an…

There are certain types of traffic that require no VLAN tags at all when traversing a trunk link, and the switch will still know who the ethernet frame belongs to. An ethernet frame that travels trunk links without any VLAN tag belongs to the Native VLAN. By default the native VLAN is 1 but the…

Hi, today I am going to be talking about DTP (Dynamic Trunking Protocol) and VTP (VLAN Trunking Protocol). These are features that are not really used in modern networks because of security reasons but they are a part of the CCNA exam which I am currently studying for so why not. DTP is a protocol that…

During the past few articles I have talked about VLANs, VLAN tagging and all the good layer 2 things. But I didn’t discuss how hosts on different VLANs communicate, so let’s dive into it. The process of a host in one VLAN communicating with a host on another VLAN is interVLAN routing. This is the…

Hi, today I am going to dive into VLAN tagging and how it works. First let’s break down what access and trunk ports are. Access ports are ports that are connected to end devices such as PCs or laptops. When a switch port  is configured as an access port, it carries traffic for one VLAN…

Hi, today I am going to talk about VLANs (Virtual Local Area Network). In order to understand what VLANs are we need to know what a broadcast domain, and a LAN (Local Area Network) is. A broadcast domain is a set of devices that will receive a broadcast frame when any device in that set…

Hi, today I am going to dive into the classful addressing and classless addressing and their differences. Before classless IP addressing, there was rigid classful addressing. By classful, I mean that there is a block of fixed addresses per network, and the leading decimal had to be within a certain range as well. Let’s start…

Hi, today I am going to talk about the life of a packet which means the process that happens when an IP packet needs to arrive at a destination that must pass through intermediate routers. This is one of the most important topics to truly understand networking.  When a PC on one subnet wants to…

Today we are going to talk about default gateway and default routes. These two are vital when it comes to internetworking and external communication. A default gateway is a router that serves as the “exit door” into subnets that hosts are not currently in. Lets break it down, picture a topology with 10 PCs connected…

Today we are going to talk about connected and local routes. Routes are instructions/rules on a routing table that tells the router where to forward data. A router relies on routes on the routing table to know how to forward a packet. A routing table is populated with routes that tell the router the destination…

Today we are going to dive into the IPv4 header that is added when data is being encapsulated. The IPv4 header is vital for network communication, and gives instructions on how to deal with data. Although the IPv4 header can look daunting at first, after you are familiar with the concepts it makes sense as…

Today we are going to talk about subnet masks, network addresses and broadcast addresses. A subnet mask is very important when it comes to the world of networking and logical addressing. Without a subnet mask, IP addressing would be chaotic and unorganized. A subnet mask is a DDN that divides the network portion from the…

Today we are going to talk about IPv4 which stands for internet protocol version 4. An IP is a logical address that is used in layer 3 to identify host addresses, default gateways, loopback interfaces, and router interfaces. An IP address is much like a home address, where it represents where to send something to…