8/22/2019 report on computer networking
1/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
SUMMER TRAINING REPORT
ON
COMPUTER NETWORKING
8/22/2019 report on computer networking
2/71
Guidance Of
Under Guidance of Prepared ByMr. M.D.Mishra Pawan Sharma
B.Tech. Third Year(Information Tech & Engg.)
GHEC Kumarhatti
Solan (shimla)
Summer Training Report OnComputer Networking
8/22/2019 report on computer networking
3/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
TABLE OF CONTENT
i Acknowledgement2 Certificate3 Table of Content4 About the Company
1. Introduction toNetworking DefinitionRequirement of Networking
2. Types of NetworkLAN (Local Area Network)WAN (Wide Area Network)
3. Network
Models OSI Model
4. CablesTwisted CableCoaxial CableFibre Optic
5. NetworkingDevices NetworkInterface Card HubSwitch
Router
6. IP Addressing
Introduction Private
IP
Masking
Summer Training Report On Computer Networking
8/22/2019 report on computer networking
4/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
SubnettingExample
7. LAN Solution
Requirement
SolutionSpecification Sheet
8. RouterInternal ComponentsNetwork InterfacesConfiguringConfiguring using ConsoleRouting Protocols
RIPIGRPAccess List
9. Firewall
Introduction
Technologies
Configuring
10. WLANStandards
TopologiesInfrastructure Network
Adhoc Network
11. Intrusion Detection System (IDS)HIDS NIDS
Techniques
12. Integrated Services Digital Network(ISDN) ChannelsInterfaces
Functional Group
Reference Points
13. WAN Solution14. Self Evaluation
Summer Training Report OnComputer Networking
8/22/2019 report on computer networking
5/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
Summer TrainingReport On ComputerNetworking
8/22/2019 report on computer networking
6/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
INTRODUCTION TO NETWORKING
Definition :-
A network is a system that transmits any combination of voice, video and/or data
between users. A network can be defined by its geographical dimensions and bywhich the users PC access it.
A network consists of a:
1 The network operating system (Windows NT/2000TM
/Xp) on the usersPC (client) and server.
2 The cables connecting all network devices (users PC, server, peripherals,etc.).
3 All supporting network components (hubs, routers and switches, etc.).Computer Network means an interconnected collection of
autonomous computers.
Requirement of NetworkingResource sharing - To make all programs, equipment, and especially data
available to anyone on the network without regard to the physical location of the
resource and the user.
High reliability- As all files could be replicated on two or three machines, so if
one of them is unavailable (due to hardware failure), the other copies could be
used.
Scalability- It is the ability to increase system performance gradually as theworkload grows just by adding more processors.A computer network can provide a powerful communication medium along
widely separated employees.
The use of networks to enhance human-to-human communication will probably
prove more important than technical goals such as improved reliability.
These are the requirement with respect to companies but computer networking is
required even in the normal day to day life as we have to access the internet to
get information about what all new happening in the world, to have
communication with people staying far away using the e mail service.
These are the reasons that forced the inventerors to invent the networking
devices, models and protocols etc.
And the birth of Networking took place in 1844 when for the first time Samuel
Morse send the first telegraph message.
Summer Training Report On Computer Networking
8/22/2019 report on computer networking
7/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
TYPES OF NETWORKS
LAN (LOCAL AREA NETWORK)
These are privately owned networks within a single building or campus of up to a
few a kilometers in size.LANs are distinguished from other networks by three characteristics:1) Their size.2) Their transmission technology.3) Their topology.
LANs are restricted in size, which means that the worst-case transmission timeis bounded and known in advance.LANs often use a transmission technology consisting of a single cable to whichall the machines are attached.LANs run at speeds of 10 to 100 Mbps, have low delays, and make very few
errors.
8/22/2019 report on computer networking
8/71
LAN SETUP
IEEE has produced several standards for LANs. These standards collectively known as IEEE 802 .IEEE802.3 (Ethernet), IEEE802.4 (Token Bus), IEEE802.5 (Token Ring)
Summer Training Report OnComputer Networking
8/22/2019 report on computer networking
9/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
WAN (WIDE AREA NETWORK)
It is a Computer network that spans a relatively large geographical area, often acountry or continent. Typically a WAN consists of two or more Local AreaNetwork.
Computers connected to WAN are often connected through public networks suchas telephone systems. They can also be connected through leased lines orsatellites. The largest WAN in existence is Internet.WANs run at speed of maximum 2 to 10 Mbps.
WAN SETUP
For most WANs, the long distance bandwidth is relatively slow: on the order of
8/22/2019 report on computer networking
10/71
kilobits per second (kbps) as opposed to megabits per second (Mbps) for local-
area networks (LANs). For example, an Ethernet LAN has a 10 Mbps bandwidth;
a WAN using part or all of a T1 carrier has a bandwidth of 1.544 Mbps .
Three types of approaches are used to connect WANs:
1) Circuit switching, which provides a fixed connection (at least for the duration of
a call or session), so that each packet takes the same path. Examples of thisapproach include ISDN, Switched 56, and Switched T1.
2) Packet switching, which establishes connections during the transmissionprocess so that different packets from the same transmission may take differentroutes and may arrive out of sequence at the destination. Examplesof this approach are X.25, frame relay, and ATM.
3) Leased lines, which can provide a dedicated connection for private useSummer Training Report OnComputer Networking
8/22/2019 report on computer networking
11/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
NETWORK MODELS
Layering Concepts and Benefits
Many benefits can be gained from the process of breaking up the functions ortasks of networking into smaller chunks, called layers, and defining standardinterfaces between these layers. The layers break a large, complex set ofconcepts and protocols into smaller pieces, making it easier to talk about, toimplement with hardware and software, and to troubleshoot.The following list summarizes the benefits of layered protocol Specifications:
Humans can more easily discuss and learn about the many details of a protocol
specification.
Standardized interfaces among layers facilitate modular engineering.
A better environment for interoperability is created. One vendor can write
software that implements higher layersfor example, a Web browserand
another can write software that implements the lower layersfor example,
Microsofts built-in TCP/IP software in its operating systems.
Reduced complexity allows easier program changes and faster product
evolution.
One layer uses the services of the layer immediately below it. Therefore,
remembering what each layer does is easier. (For example, the network layerneeds to deliver data from end to end. To do this, it uses data links to forward
data to the next successive device along that end-to-end path.)
OSI NETWORK MODEL
The OSI model describes how information makes its way from application
programs through a network medium to another application program in other
computer. It divides one big problem in to seven smaller problems . Each
problem is addressed by one of the seven layers of the OSI model.
Summer Training Report OnComputer Networking
8/22/2019 report on computer networking
12/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
8/22/2019 report on computer networking
13/71
Functions of Network Layers in Brief:
APPLICATION LAYER
1 Used for applications specifically written to run over the network2 Allows access to network services that support applications;3 Directly represents the services that directly support user applications4 Handles network access, flow control and error recovery5 Example apps are file transfer, e-mail, Net BIOS-based applications
PRESENTATION LAYER
1 Translates from application to network format and vice-versa2 All different formats from all sources are made into a common uniform
format that the rest of the OSI model can understand3 Responsible for protocol conversion, character conversion, data
encryption / decryption, expanding graphics commands, data compression4 Sets standards for different systems to provide seamless communication
from multiple protocol stacks5 Not always implemented in a network protocol
Summer Training Report OnComputer Networking
8/22/2019 report on computer networking
14/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
SESSION LAYER
1 Establishes, maintains and ends sessions across the network2 Responsible for name recognition (identification) so only the
designated parties can participate in the session
3 Provides synchronization services by planning check points in the datastream => if session fails, only data after the most recent checkpoint needbe transmitted
4 Manages who can transmit data at a certain time and for how long5 Examples are interactive login and file transfer connections, the session
would connect and re-connect if there was an interruption; recognize
names in sessions and register names in history
TRANSPORT LAYER
1 Additional connection below the session layer2 Manages the flow control of data between parties across the network3 Divides streams of data into chunks or packets; the transport layer of the
receiving computer reassembles the message from packets4 "Train" is a good analogy => the data is divided into identical units5 Provides error-checking to guarantee error-free data delivery, with on
losses or duplications6 Provides acknowledgment of successful transmissions;
requests retransmission if some packets dont arrive error-free7 Provides flow control and error-
handling TCP, ARP, RARP;
NETWORK LAYER
1 Translates logical network address and names to their physical address(e.g. computer name ==> MAC address)
2 Responsible for addressing and determining routes for sending3 Managing network problems such as packet switching, data
congestion and routing4 If router cant send data frame as large as the source computer sends, the
network layer compensates by breaking the data into smaller units. At thereceiving end, the network layer reassembles the data
5 Think of this layer stamping the addresses on each train car
IP; ARP; RARP, ICMP; RIP; OSFP;
Summer Training Report OnComputer Networking
8/22/2019 report on computer networking
15/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
DATA LINK LAYER
1 Turns packets into raw bits 100101 and at the receiving end turns bits intopackets.
2 Handles data frames between the Network and Physical layers3 The receiving end packages raw data from the Physical layer into data
frames for delivery to the Network layer4 Responsible for error-free transfer of frames to other computer via
the Physical Layer5 This layer defines the methods used to transmit and receive data on the
network. It consists of the wiring, the devices use to connect the NIC to
the wiring, the signaling involved to transmit / receive data and the abilityto detect signaling errors on the network media
Logical Link Control
1 Error correction and flow control2 Manages link control and defines SAPs
PHYSICAL LAYER
1 Transmits raw bit stream over physical cable2 Defines cables, cards, and physical aspects3 Defines NIC attachments to hardware, how cable is attached to NIC
4 Defines techniques to transfer bit stream to cable
IP ADDRESSING
Every machine on the internet has a unique identifying number, called an IPAddress. A typical; IP address looks like this:216.27.61.45
IP ADDRESS is a 32-bit number, usually written in dotted decimal form, that
uniquely identifies an interface of some computer. This 32 -bit number is dividedinto 4 octets each separated by a decimal. Out so many values certain values
are restricted for use as typical IP address. For example, the IP address 0.0.0.0
is reserved for the default network and the address 255.255.255.255is used forbroadcast.
Each IP address is split into 2 sections:
1) Network address
2) Host address
Summer Training Report OnComputer Networking
8/22/2019 report on computer networking
16/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
Individual IP address in same network all have a different value in the host part of
address, but they have identical value in network part, just as in town there are
different street address but same ZIP code.
There are five IP classes:
Class A This class is for very large networks, such as a major international
company. IP addresses with a first octet from 1 to 126 are part of this class. Theother three octets are each used to identify each host.
Net Host or Node
54. 24.54.43
Loopback- The IP address 127.0.0.1 is used as the loopback address. This
means that it is used by the host computer to send a message back to itself. It is
commonly used for troubleshooting and network testing.
Class B- Class B is used for medium-sized networks. A good example is a largecollege campus. IP addresses with a first octet from 128 to191 are part of this
class. Class B addresses also include the second octet as part of the Net
identifier. The other two octets are used to identify each host.
NetHost orNode
145.24 53.198
Class C- Class C addresses are commonly used for small to mid-size business.
IP addresses with a first octet from192 to 223 are part of this class. Class Caddresses also include the second and third octets as part of Net identifier. The
last octet is used to identify each host.
Net Host or Node
196.54.34 86
Class D- It is used for multicast. It has first bit value of 1, second bit value of 1,
third bit value of 1 and fourth bit value of 0. The other 28 bits are used to identify
the group of computers the multicast messages is intended for.
Net Host or Node
224 24.54.145
Class E- It is used for experimental purpose only.
Net Host or Node
240. 23.45.105
Summer Training Report On Computer Networking
8/22/2019 report on computer networking
17/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
Private IP
It is not necessary that every time we make a network we are connected to some
ISP (Internet Service Provider). So in that case we require some private IP also
which can be used in indigenous networks .In each class a range of IPaddresses have been defined for this purpose
CLASS A 10.0.0.1 to 10.255.255.244
CLASS B 172.16.0.1 to 172.34.255.254
CLASS C 192.168.0.0/16
MASKING
Computers use a mask to define size of network and host part of an address.
Mask is a 32-bit number written in dotted decimal form. It provides us the network
address when we perform a Boolean AND of mask with the IP address. It also
define number of host bits in an address.
Class Size of Size of Default Mask
ofnetwork Host for Each
addres Part of Part of Class of
saddress,
address, Network
in bits in bitsA 8 24 255.0.0.0B 16 16 255.255.0.0
C 24 8255.255.255.0
SUBNETTING
Basically it is a process of subdividing networks into smaller subnets.In case we have 2-3 small networks but we cant buy IP address for each and
8/22/2019 report on computer networking
18/71
every network. So here we use the basic concept of SUBNETTING i.e using one
public IP address we will give them IP address and make them independent
networks. For this we take some bits of host address and use them for network
address so we have different independent networks
Address Format when Subnetting Is Used (class A,B,C resp.):
8 24-x x
Network Subnet Host
1616-x x
Network Subnet Host
24 8-x x
NetworkSubnet Host
And due to this mask changes to subnet mask and now the network address also
includes subnet address.
Summer Training Report On Computer Networking
8/22/2019 report on computer networking
19/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
Example
If subnet mask is 255.255.240.0And an IP address for a computer is given as142.16.52.4 142.16.0.0 is network address
0.0.48.0 is the subnet address0.0.4.4 is the host address of the computer
10001110.00010000.00110100.00000100 is ANDed with11111111.11111111.11110000.00000000and output is 10001110.00010000.00110000.00000000here first two octets represents Network address and third octet representssubnet address.It can be compared with a postal address as there is only one ZIP code (Network
address), different streets (Subnet address), and different house number (Host
address).
Some terminologies those are used with
Networking models:
Collision Domain- It is the group of PCs in which collision will occur
when two PC will transmit data simultaneously.
Broadcast Domain- It is the group of PCs those will receive same
broadcast message.
CSMA/CD (Carrier Sense Multiple Access/ Collision Detection)- In
this protocol when a PC wants to transmit any packet it sense the
carrier i.e the path ,if no other PC is using the carrier then only it sends.
If two PCs starts sending data simultaneously collision will occur. Both
PCs will wait for some random time and then initiate the same process.
MAC (Media Access Control) . The IEEE 802.3 (Ethernet) and802.5
(Token Ring) are the MAC sub layers of these two LAN data-link
protocols.
Burned-in address: The 6-byte address assigned by the vendormakingthe card. It is usually burned in to a ROM or EEPROM on the LAN
card and begins with a 3- byte organizationally unique identifier (OUI)
assigned by
Summer Training Report On Computer Networking
8/22/2019 report on computer networking
20/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
the IEEE.
Locally administered address: Through configuration, anaddress
that is used instead of the burned-in address.
Unicast address: Fancy term for a MAC that represents asingleLANinterface.
PASSIVE COMPONENTS
Passive components are those devices which are used to provideconnectivity between different networking devices.
It includes1 Cables2 Patch Panel3 Patch Cord4 I/O box5 Racks6 RJ-45 Connectors
CABLES
There are different Cabling options depending on the access method :
8/22/2019 report on computer networking
21/71
Twisted pair
The wires are twisted around each other to
minimize interference from other twisted pairs in the cable.
Twisted pair cables are available unshielded (UTP)
or shielded (STP). UTP is the most common type
and uses a RJ-45 Connector.
Typical lengths are up to 100m.
Twisted pair network uses a star topology.
Summer Training Report OnComputer Networking
8/22/2019 report on computer networking
22/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
Coaxial
Coaxial cable uses BNC connectors.
The maximum cable lengths are around 500m.
Coaxial networks use a single bus topology
Fiber Optic
UTP and Co-axial cables are not capable for driving the data signals for long
distance i.e. UTP is capable of transmitting up to a distance 100 meters only By
using the Fiber cables it is possible to send the data about 10 kilometers. Fiber
optic cable uses SC, ST, LC connectors (most common in use is SC connector)
In fiber cables the data is converted to light signals and the signal is made topropagate through the fiber cable. There are two types of Fibre optic cable
available.
1. Single mode: In this mode typical length is up to 12km and data rate is
1000Mbps. The core diameter is about 9.25 nm cable is known as 1000 base LX
cable.
2. Multi mode: This mode is further categorised in two:
1) SX: Typical length is up to 500m and data rate is 1000Mbps.
8/22/2019 report on computer networking
23/71
2) FX: Typical length is up to 220m and data rate is 100Mbps.
Summer Training Report OnComputer Networking
8/22/2019 report on computer networking
24/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
PATCH PANEL
A patch panel provides a convenient place to terminate (connect) all of the cablecoming from different locations into the wiring closet. We connect the cables
coming from various locations willing to connect to switch through the patch
panel.
NEED OF PATCH PANELWe can label the patch panel so we know that which wire belongs to which
location. Without a patch panel, it is chaotic. If we want to disconnect a station
from the switch, it's a lot easier if there's a label.
Most cabling is wired "straight-through" from end to end. But sometimes weneed to cross-wire some of the pairs between switch and station, like with a
cable modem, or cross-wire to connect two switches. With a patch panel, all of
this cross-wiring is done in the patch cable. If you have to make any changes,like moving a station or switch, you just move the patch cable with it, instead of
having to reterminate the cable run.
8/22/2019 report on computer networking
25/71
Summer Training Report OnComputer Networking
8/22/2019 report on computer networking
26/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
PATCH CORD
RACKWe have to mount the patch panel somehow. The best way is to buy a rack.Basically, a rack is a pair of vertical rails with holes drilled in them so that we can
mount patch panels, hubs, and other network equipment. This made it easy to
access the back of the patch panel and other networking components.
Cabling Guidelines
The RJ-45 ports on the switch support automatic MDI/MDI-X operation, so wecanuse standard straight-through twisted-pair cables to connect to any other networkdevice (PCs, servers, switches, routers, or hubs).We use only twisted-pair cables with RJ-45 connectors that conform to FCC
standards.
Connecting to PCs, Servers, Hubs and Switches
1. Attach one end of a twisted-pair cable segment to the devices RJ-45connector.
8/22/2019 report on computer networking
27/71
Making Twisted-Pair Connections
2. The port where we are connecting the RJ-45 is a network card, attach the
other end of the cable segment to a modular wall outlet that is connected
Summer Training Report On Computer Networking
8/22/2019 report on computer networking
28/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
to the wiring closet . Otherwise, attach the other end to an available porton the switch.
Make sure each twisted pair cable does not exceed 100 meters (328 ft) in length.
Wiring Closet Connections
Today, the punch-down block is an integral part of many of the newer equipmentracks. It is actually part of the patch panel. Instructions for making connectionsin the wiring closet with this type of equipment follow.
1. Attach one end of a patch cable to an available port on the switch, and theother end to the patch panel.
2. If not already in place, attach one end of a cable segment to the back ofthe patch panel where the punch-down block is located, and the other endto a modular wall outlet.
3. Label the cables to simplify future troubleshooting.
8/22/2019 report on computer networking
29/71
NETWORKING DEVICESSummer Training Report OnComputer Networking
8/22/2019 report on computer networking
30/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
Networking devices do various kind of jobs like transferring the data to signals,providing connectivity to different network devices, transferring the data in form ofpackets or frames form one device to other. These are the central connectionsfor all the network equipments and handles a data type known as frame or
packet. Actually frames/ packet contain data and the destination address ofwhere it is going. When a frame is received, it is amplified and then transmittedon to port of destination PC. But different networking components do this job in
diff form at diff layers.
NETWORK INTERFACE CARD
A Network Interface Card (NIC) is a circuit board that plugs into both clients andservers and controls the exchange of data between them (A specific softwaredriver must be installed depending on the make of the NIC. A physicaltransmission medium, such as twisted pair or coaxial cable interconnects all
network interface cards to network hubs or switches. Ethernet and Token Ringare common network interface cards. Todays cards supports 10baseT and
100baseT with automatic recognition.
HUB
When the need for interconnecting more then 2 devices together then a deviceknown as hub comes to picture. Basically hub is a layer one device. i.e. itoperates on the physical layer of the OSI model. It is designed to dobroadcasting i.e when it gets any frame it broadcasts it to every port irrespective
that whether it is destined for that port or not. Hub has no way of distinguishingwhich port a frame should be sent. Broadcasting results in lot of traffic on thenetwork which lead to poor network response. If two PC simultaneously transmitthere data packets and both are connected to a HUB, then collision will occur, sowe can say, it creates a single collision domain. On the other hand all PCsconnected to a hub will get a same message so a single broadcast domain willbe created.
A 100/1000 Mbps hub must share its bandwidth with each and every one of its
ports. So when only one PC is broadcasting, it will have access to the max
available bandwidth. If, however, multiple PCs are broadcasting, then that
bandwidth will need to be divided between all of these systems, which will
degrade the performance. They are usually Half-Duplex in nature.
Summer Training Report OnComputer Networking
8/22/2019 report on computer networking
31/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
SWITCH
Hubs are capable of joining more than two PC but having some demerits like iftwo PC would want to communicate at a time then there would be a collision and
the both PC would have to send the data once again. This shortcoming of Hub isovercame by Switches. Switches are intelligent devices which work on theLayer2 of the OSI model. Basically a switch keeps a record of MAC addresses ofall the devices connected to it. Using this information, it builds a MAC addresstable. So when a frame is received, it knows exactly which port to send it to,which increases the network response time.
Basic Working Principle of Switch.
1. At the time of initializing the switch the MAC address table is yet to be builtup. When a frame is send by some of the PC, it recognises the source
MAC address and update the MAC address table.2. If the destination is available in the MAC table then forward to the
corresponding PC.3. If the destination MAC address is not present in the table then forwards in
all the port available expect the incoming one. The designated PC will
respond for the data and it will send the acknowledge for the data
received. This acknowledged data will be examined by the switch and the
MAC address table would be up dated accordingly.
If two PC simultaneously transmit there data packets and both are connected to
a SWITCH, then collision will not occur, so we can say, it creates a multiple
collision domain.
The switch supports broadcast. Hence we can call switches create single
broadcast domain and multiple collision domains.
A 100/1000Mbps switch will allocate a full 100/1000 Mbps to each of its ports. So
regardless of the no of PCs transmitting user will always have access to max
amt of bandwidth. They are usually Full-Duplex in nature.
Switches are of two types
1) Managed
2) Unmanaged
Managed switch supports SNMP (Simple Network Management Protocol)
Summer Training Report On Computer Networking
8/22/2019 report on computer networking
32/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
Different switching Principles:-
1. Store-and-forward:- The switch fully receives all bits in the frame (store)
before forwarding the frame (forward). This allows the switch to check the FCS
before forwarding the frame. (FCS is in the Ethernet trailer.)
2. Cut-through:- The switch performs the address table lookup as soon as the
destination address field in the header is received. The first bits in the frame can
be sent out the outbound port before the final bits in the incoming frame are
received. This does not allow the switch to discard frames that fail the FCS
check. (FCS is in the Ethernet trailer.)
3. Fragment Free:- This performs like cut-through switching, but the switch waits
for 64 bytes to be received before forwarding the first bytes of the outgoing
frame. According to Ethernet specifications, collisions should be detected during
the first 64 bytes of the frame; frames in error because of a collision will not beforwarded. The FCS still cannot be checked.
Bridge is another device like switch which also operates basing on the MAC
address. But the Basic difference between the bridge and the switch is that
bridge works on software bases, but the switch works on hardware basic. The
Switch works on ASICs ( Application Specific Integrated Circuits)
ROUTER
Switch and the Hub can only interconnect devices in a single LAN. For
interconnecting two LAN or two or more different networks anther device knownas router is used. Its main job is to route ( sends ) packets to other networks andto do the routing ( establishing paths between networks ) it uses the IP address.
A router is typically connected to at least two networks, commonly two LANs orWANs or a LAN and its ISPs network. Routers are located at gateways, theplaces where two or more networks connect. Routers to determine the best pathfor forwarding the packet are using forwarding tables.
It is a layer 3 device i.e it operates at network layer of OSI model. The workingprinciple of the router is totally different from a switch. Router makes a tableknown as routing table, which contains all the IP address in the network, theinformation for IP address router obtains directly ( all configured IP address on it )or indirectly ( from neighbour routers ). When a packet is received it comparesthe destination IP address of the packet with the available IP addresses in itsRouting table. If the IP address is not available in the routing table then it simplydiscard the packet instead of flooding in all the ports like a switch.(DetailedInformation about router in chap )
Summer Training Report OnComputer Networking
8/22/2019 report on computer networking
33/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
Comparison between Hub, Bridge, Switch & Router
Feature Hub Bridge Switch Router Number of 1 perbroadcast router
domains Segment 1 1 interfaceNumber of 1 per 1 per collision bridge 1 per switch router
domains 1 port portinterface
Forwards LAN
broadcasts? 1 Yes Yes NoYes; can be
Forwards LANoptimized forless
multicasts N/A Yes forwarding NoOSI layer usedwhen makingforwarding
decision N/A Layer 2 Layer 2 Layer 3Store-and-
Internalforward, cut-
Store- through, Store-processing and- FragmentFre and-
variants N/A forward e forwardFrame/packetfragmentation
allowed? N/A No No YesMultipleconcurrentequal-costpathsto samedestination
allowed? N/A No No Yes
Summer Training Report On
8/22/2019 report on computer networking
34/71
Computer Networking
8/22/2019 report on computer networking
35/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
LAN SOLUTION
CUSTOMER REQUIREMENT
There is a company, which has 2 offices. And the offices are 200 meters apart.The connectivity between these two offices is the main requirement to be fulfilled.
In each office there are three different departments each department at different
floor.
In building Ist
At each floor there are 20 users and also at 3rd floor there are 2 Servers.
In building IInd
At floor 1st and 2nd there are 20 users each. And at 3rd floor there are 40 users.
The bandwidth requirement of each user is 100 Mbps while the bandwidthrequirement for the server is 1 Gbps.
All floors must be connected to a central switch to be placed at IInd floor in office
2nd. And connectivity should be via optical fiber.
Everywhere there should be structured cabling.
Every switch should be provide with one GBIC slot for future connectivity ofserver.Every where smart and managed switch should be used.
Summer Training Report OnComputer Networking
8/22/2019 report on computer networking
36/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
SOLUTION
By looking at the requirement it is clear that we require a switch that has got 20
ports and also 2 GBIC slots (one for optical fiber connectivity and one free slot isdemanded for future use).
Keeping this point into consideration we can use HCL 24 Port ManagedStackable Switch as this switch has got 24 ports and 2 GBIC slots and this switchis managed switch also.
And with this 24 port switch we will use 24 port HCL made Patch PanelAnd for connectivity of patch panel with switch we require 3 ft Patch Cord. Asstructured cabling is must so we require UTP cable and I/O box and to connectPCs with I/O box we require 7ft Patch Cord.Here we will use Cat5e UTP cable because bandwidth requirement is 100 Mbps
This trend of connecting the users to the switch will be followed at each andevery floor but at floor 3rd of building IInd there are 40 user so here instead of 1
switch we require 2 switches.
At 3rd floor of building 1st 2 servers are also present whose bandwidth
requirement is 1Gbps. So now we have two options either to connect with UTPcable or Fiber optic cable. But here we will use fiber optic as we are alreadyusing it so thee is no need to waste money on UTP Cat 6 Cable. So here we willsimply use the fiber optic patch cord to connect the server to switch.
Now only one thing is left i.e. connection of switches to a central switch placed at
2
nd
floor of IInd building.As the connection requirement is via optical fiber so we at central location we
require a switch having all its ports as GBIC slots and no of ports should not be
more than 8 as there are only 7 24 port switches in use (one optical cable line
from each switch)
Now here as the distance between the two offices is only 200 meters so here we
will use multimode optical fiber and that too FX type and as the cable is to be laid
in open so outdoor armored cable will be use.
Summer Training Report On Computer Networking
8/22/2019 report on computer networking
37/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
The connectivity diagram, the bill of material and the specification sheet for the
solution is given in the following pages.
SPECIFICATION SHEET
HCL-24TMS-2S-W
HCL 24 Port Managed Stackable Switch
STANDARDS- IEEE802.3 (Ethernet) , IEEE802.3a (Fast Ethernet),IEEE802.2ab (Gigabit Ethernet), IEEE802.3z(1000Base SX/LX)
PORTS- 24 port auto negotiation 10 base T/100 base TX2optional modular expansion ports (1000 base-T, 1000 baseLX/SX/FX)
MAC Addresses- 4K
BANDWIDTH- 12Gbps
SWITCHING RATE- 6.6Mbps
SNMP(Simple Network Management Protocol)- Yes, and supportsRFC1157
WEB MANAGEABLE- Yes
PC-C305-E
CAT 5 e CABLE
Enhanced CAT 5 350 MHzUTP Bulk Cable4 PairsSolid GreyLength: 305 Meters
PC-JP24-ESummer Training Report OnComputer Networking
8/22/2019 report on computer networking
38/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
PATCH PANEL
Unshielded 24 Port RJ-45 jack for performance @ rated 100 MbpsFully Complied to e CAT 5 T568A/B standards1.6mm metallic Patch Panel 19'' Rack Mount frame 1U Fully powder coated
Black
PC-MC3-GE
3 ft. patch cord
3 ft. Enhance CAT.5 350 MHzGrey Patch Cord
UTP twisted pair with Black Snagless Flange Boot
PC-MC7-GE
7 ft. patch cord
7 ft. Enhance CAT.5 350 MHzGrey Patch Cord
UTP twisted pair with Black Snagless Flange Boot.
PF-CM6-A-OM2
outdoor armoured Fiber optic cable - Multimode
Construction: Corrugated steel tape armoured cableconstructionMultimode 62.5/125m cable
No of Cores 6 fibre core cables.
Length- 1 meter
PF-PMSC-SC-3D-50
SC-SC Duplex Patch cord Multimode
Patch Cords cable 50/125m Multi modePatch Cords connectors SC/ST Connectors MM patch cords
Summer Training Report On Computer Networking
8/22/2019 report on computer networking
39/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
OFC Patch cord is duplex type of 3mtrs length
PF-COSC-M
SC Connector Multi mode
Easy connection & disconnection Pull -- Push type
PF-CPSC-M
SC Coupler mm (Included in the Fiber Patch Panel)
Low Insertion loss
Type SC - SC type
PF-LIU-12U
12 Core LIU ( Line Insertion Unit )
Wall mount 12 way Fibre Jack PanelBase Unit + 12 MM SC couplers with panel
PF-LIU-6U
6 Core LIU (Line Insertion Unit)
Wall mount 6 way Fibre Jack PanelBase Unit + 6 MM SC couplers with panel.
Summer Training Report OnComputer Networking
8/22/2019 report on computer networking
40/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
ROUTER
ROUTER INTERNAL COMPONENTS
Like a computer, a router has a CPU that varies in performance and capabilities
depending upon router platform. It has typically 4 types of memory in it.:
ROM- It is used to store the routers bootstrap startup program, operating system
software, and power-on diagnostic tests programs. We can also upgrade our
ROM
FLASH MEMORY- It holds operating systems image(s). Flash memory is
erasable, reprogrammable ROM. Our IOS software is present in this memory and
we can upgrade it also. Flash content is retained even when we switch off or
restart the router.RAM- It is used to store operational information such as routing tables, routers
running configuration file. RAM also provides caching and packet buffering
capabilities. Its content is lost when we switch off or restart the router. When we
configure the router at that time actually we are writing in RAM.
NVRAM- It is used to store the routers startup configuration file. It does not lose
data when power is switched off. So the contents of startup configuration files are
maintained even when we switch off or restart the router.
ROUTERS NETWORK INTERFACES
8/22/2019 report on computer networking
41/71
Summer Training Report OnComputer Networking
8/22/2019 report on computer networking
42/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
Ethernet or Token Ring interface are configured to allow connection to a LAN.
Synchronous serial interfaces are configured to allow connections to WANs.
ISDN BRI interfaces are configured to allow connection to an ISDN WAN.
All cisco routers have a console port that provides an EIA/TIA-232
asynchronous serial connection. Console port can be connected to computers
serial connection to gain terminal access to router.
Most routers also have an auxiliary port that is very similar to console port but,
is typically used for modem connection for remote router management.
CONFIGURING THE ROUTER
8/22/2019 report on computer networking
43/71
There are three methods for configuring the router:
1) Through console port:- The console port is used for configuring a router
locally with the help of a PC or a Laptop. The console port of the router is
connected to the serial i.e COM port of the router. The detailed
configuration is given in the section.
2) Through the AUX port:- The aux ( auxiliary ) port is accessed from a
modem located faraway from a router through the PSTN ( Public Switched
Telephone Network ) and the configuration is done.
3) Through Telnet:- Line vty ( virtual terminal ) 0 to 4 are used for theconfiguring the router by telnet.
Summer Training Report On Computer Networking
8/22/2019 report on computer networking
44/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
Configuring Router through Console port
We use HyperTerminal Program to open a console session and log into therouter locally. This console connection allows to connect to and to communicatewith router without having to connect to the network to which it belongs. Now, thePC becomes the console that allows to enter commands and communicatedirectly with the router. To set up a console session, we use the workstationsWindows HyperTerminal (terminal emulation) program. Now first of all weconfigure the COM port settings, then log into the router to interact with the IOScommand line interface (CLI). These are the com port settings:
96008N1On/off
After pressing enter or OK to accept these settings, we came across a blank
window. This is a session window.
The Following steps are adopted to access a router through the console port witha Windows based PC.
Access Hyper terminal:- Start Menu Programs Accessories Communication
Hyperterminal
8/22/2019 report on computer networking
45/71
Connect to the device of the PC
Summer Training Report OnComputer Networking
8/22/2019 report on computer networking
46/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
COM 1 Setting
8/22/2019 report on computer networking
47/71
Hyper terminal Screen
Summer Training Report OnComputer Networking
8/22/2019 report on computer networking
48/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
8/22/2019 report on computer networking
49/71
After connecting the router that will boot and after booting the followingprocedures will be adopted.Router> enable
Now automatically prompt asking for password will appear on the screen like this:
Password:Now write password over here. This is done to secure access to router. After this
Router#will appear on the screen this shows that we are in privileged mode and now we
try to enter in configuration mode.
Router# configure terminal
This is done to enter configuration mode.Now starts the configuration of routerNow we will assign IP address to each and very interface connected to router.
Subnet mask should be given with a proper care. Following steps are to be
followed:
For configuring ethernet interface:
Router# config terminalRouter (config)# interface ethernet 0
Summer Training Report On Computer Networking
8/22/2019 report on computer networking
50/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
Router (config-if)# ip address 223.8.151.1 255.255.255.0Router (config-if)# no shutdownRouter (config-if)#exit
For configuring serial interface:
Router (config)# interface serial 0Router (config-if)# ip address 204.204.7.1 255.255.255.0Router (config-if)# no shutdownRouter (config-if)#exitRouter (config)# interface serial 1Router (config-if)# ip address 199.6.13.2 255.255.255.0Router (config-if)# no shutdownRouter(config-if)# exit
ROUTING PROTOCOLS
ROUTING INFORMATION PROTOCOL (RIP)RIP is a dynamic, distance vector routing protocol. RIP uses UDP port 520 forroute updates. RIP calculates the best route based on hop count. This makesRIP very fast to convergeRIP sends full table updates at regular intervals specified by the route-update
timer (30 seconds is the default). This means that a RIP router summarizes all
routes it knows along classful boundaries and sends the summary information to
all other RIP routing devices. RIP updates can contain up to 25 messages.
RIP TIMERS
TIMERDEFAULT CONTROLS
update 30 sec. Interval between route update advertisementstimeout 180 sec. Interval a route should stay 'live' in the routing table.
This counter is reset every time the router hears an update forthis
Flush
route.
240 sec.How long to wait from the time the routewas
received to delete a route (60 seconds after timeout).
The routing-update timer controls the time between routing updates. Default isusually 30 seconds, plus a small random delay to prevent all RIP routers fromsending updates simultaneously.The route -timeout timer controls when a route is no longer available. The defaultis usually 180 seconds. If a router has not seen the route in an update during thisspecified interval, it is dropped from the router's announcements. The route ismaintained long enough for the router to advertise the route as down (hop countof 16).The route-flush timer controls how long before a route is completely flushed from
the routing table. The default setting is usually 120 seconds.
8/22/2019 report on computer networking
51/71
Summer Training Report On Computer Networking
8/22/2019 report on computer networking
52/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
BASIC RIP CONFIGURATION
According to the recollection of InetDaemon, configuring a Cisco router for a
basic RIP configuration would look something like this:
router> enable
Password:router# conf t
router(config)#interface ethernet 0router(config-if)# ip address192.168.42.1 router(config-if)# interfaceethernet 1 router(config-if)# ip address192.168.43.1 router(config-if)# exitrouter(config)# router rip router(config-router)# network 192.168.42.0router(config-router)# network192.168.43.0 router(config-router)# exit
router(config-router)# ^zrouter#
The example above assumes that the interfaces that will be running RIP have IP
addresses on them that fall within the 192.168.42.0, and 192.168.43.0 class C
ranges.
IGRP
IGRP is a distance-vector routing protocol that considers a composite metricwhich, by default, uses bandwidth and delay as parameters instead of hop count.IGRP is not limited to the 15-hop limit of RIP. IGRP has a maximum hop limit of
100, by default, and can be configured to support a network diameter of 255.With IGRP, routers usually select paths with a larger minimum-link bandwidthover paths with a smaller hop count. Links do not have a hop count. They areexactly one hop.IGRP is available only on Cisco routersIGRP will load-balance traffic if there are several paths with equal cost to the
destination
IGRP sends its routing table to its neighbors every 90 seconds. IGRP's defaultupdate period of 90 seconds is a benefit compared to RIP, which can consumeexcessive bandwidth when sending updates every 30 seconds. IGRP uses an
invalid timer to mark a route as invalid after 270 seconds (three times the updatetimer). As with RIP, IGRP uses a flush timer to remove a route from the routingtable; the default flush timer is set to 630 seconds (seven times the update periodand more than 10 minutes).If a network goes down or the metric for the network increases, the route is
placed in holddown. The router accepts no new changes for the route until the
holddown timer expires. This setup prevents routing loops in the network. The
default holddown timer is 280 seconds (three times the update timer plus 10
seconds).
Summer Training Report On Computer Networking
8/22/2019 report on computer networking
53/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
IGRP Timer Default Time
Update 90 seconds
Invalid 270 seconds
Holddown 280 seconds
Flush 630 seconds
IP ACCESS LIST
IP access lists cause a router to discard some packets based on criteria definedby the network engineer. The goal of these filters is to prevent unwanted traffic in
the networkwhether to prevent hackers from penetrating the network, or just toprevent employees from using systemsthat they should not be using.
Key features of access lists:1 Packets can be filtered as they enter an interface, before the routing
decision.2 Packets can be filtered before they exit an interface, after the routing
decision.3 Denyis the term used in Cisco IOS software to imply that the packet will befiltered.
4 Permitis the term used in Cisco IOS software to imply that the packet willnotbe filtered.5 The filtering logic is configured in the access list.6At the end of every access list is an implied deny all traffic statement.
Therefore, if a packet does not match any of your access list statements, it is
blocked.
Access lists have two major steps in their logic: matching and action. Matchinglogic examines each packet and determines whether it matches theaccess -list statement. As soon as an access-list statement is matched, there
are two actions to choose from: deny and permit. Deny means to discard the
8/22/2019 report on computer networking
54/71
packet, and permit implies that the packet should continue on its way.
Summer Training Report OnComputer Networking
8/22/2019 report on computer networking
55/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
FIREWALL
As the limits of networking is increasing unfolded so the danger of informationleaking in and leaking out increases. So a mechanism is required to keep good
bits in and bad bits out. And for this we use FIREWALL.A firewall is a device of some kind that separates and protects our network - inmost cases, from the Internet. It restricts traffic to only what is acceptable, andmonitors that what is happening. Every firewall has at least two networkinterfaces, one for the network it is intended to protect, and one for the network itis exposed to. A firewall sits at the junction point or gateway between the twonetworks, usually a private network and a public network such as the Internet.It may be a hardware device or a software program running on a secure hostcomputer.Hardware device means a physical devise connected at the gateway whichchecks every incoming or outgoing packet.
Software program means that software is loaded in computer that determines aswhat to allow and what to reject.
A firewall examines all traffic routed between the two networks to see if it
meets certain criteria. A firewall filters both inbound and outbound traffic.
Technologies
There are three different types of firewall technologies:1) Packet Filtering2) Proxy3) Stateful Inspection
Packet FilteringA packet filtering firewall simply inspects incoming traffic at the transport layer ofthe OSI model. The packet filtering firewall analyzes TCP or UDP packets andcompare them to a set of established rules called as Access Control List (ACL).Packet filtering inspects packet nly for following elements
1 Source IP address2 Source Port
3 Destination IP address4 Destination Port5 Protocol
Proxy
Summer Training Report On Computer Networking
8/22/2019 report on computer networking
56/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
When a firewall is installed then no PC makes direct connection to the outside
world. In that case they use proxy i.e each PC first of all sends request to proxy
which then forwards the request to the internet or outside world for connection or
data transfer.
Stateful Inspection
It is a combination of Packet filtering and proxy services. This is the most securetechnology and provides the most functionality because connections are not only
applied to ACL, but are logged into a static table. After a connection isestablished, all session data is compared to the static table. If the session data
does not match the state table information for that connection, then connection is
dropped.
CONFIGURING THE FIREWALL
Five basic commands are used to do a basic configuring of the firewall.
1 interface
2 nameif3 ip-address4 nat5 global
Interface CommandThe interface command identifies the interface hardware card, sets the speed ofthe interface and enables the interface all in one command.SYNTAX: interface hardware_id hardware _speed [shutdown]hardware_idindicates interfaces physical location on the firewall.Hardware_speedindicates connection speed. There are various options providedto us by the firewall regarding speed.
1000sxfullSets full-duplex Gigabit Ethernet. 1000basesxSets half-duplex Gigabit Ethernet 1000autoAutomaticallydetects ands negotiates full/half duplex 10fullSets 10Mbpsfull-duplex Ethernet100fullSets 100Mbps full-duplex Ethernet.Shutdown This parameter administratively shuts down the interface.
nameif commandIt is used to name an interface and assign security level from 1 to 99.The outside and inside interfaces are named by default and have default security
values of 0 and 100, respectively. By default, the interfaces have their hardware
ID. Ethernet 0 is the outside interface, and Ethernet 1 is the inside interface
SYNTAX: nameif hardware_id if_name security_levelhardware_idIndicates the interfaces physical location on the Firewall.if_name The name by which we refer to this interface.security_levelA numerical value from 1 to 99 indicating the security level.Examples:nameif ethernet0 outside security0
Summer Training Report On Computer Networking
8/22/2019 report on computer networking
57/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
nameif ethernet1 inside security100nameif ethernet2 dmz security20We can see the configuration by using show nameifcommand.
ip address CommandAll the interfaces must be configured with an IP address. The ip address
command is used to configure IP addresses on the interfaces. The ipaddress command binds a logical address (IP address) to the hardware ID.
SYNTAX: ip address if_name ip_address [netmask]if_name The interface name that was configured using the nameifcommand. ip_address The interfaces IP address.netmask The appropriate network mask. If the mask value is not entered, the
firewall assigns a classful network mask.
Example: ip address inside 10.10.10.14 255.255.255.0We can see the configuration by using show ip command.
nat CommandThe nat (Network Address Translation) command translates a set of IPaddresses to another set of IP addresses.SYNTAX: nat ( if_name) nat_id local_ip [netmask]
(if_name) The internal network interface name.
nat_idThe ID number to match with the global address pool.local_ip The IP address that is translated. This is usually the inside networkIP address.netmask Network mask for the local IP address.
There are two types of NATing:1) Static: For ex. There is a google server and we dont want to make its IPaddress public so we change its IP address using nat command in firewalland now user will logon to this new IP . This results in more security asevery time it has to pass through firewall.
2) Dynamic: If there are lots of PCs in a network and all want to access the
internet , it is not easy that every PC is being provided with independent
public IP so at firewall level we change every PCs pvt Ip with public IP.
Examples:nat (inside) 1 10.10.10.0 255.255.255.0
nat (inside) 1 172.16.1.0 255.255.255.0
global Command
Summer Training Report On Computer Networking
8/22/2019 report on computer networking
58/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
The global command is used to define the address or range of addresses that
the addresses defined by the nat command are translated into. It is important
that the nat_idbe identical to the nat_idused in the nat command. The nat_id
pairs the IP address defined by the global and nat commands so that network
translation can take place.
SYNTAX: global ( if_name) nat_id global_ip | global_ip-global_ip [netmask](if_name) The external network where you use these global addresses. nat_idIdentifies the global address and matches it with the natcommanditis pairing with.global_ipA single IP address. When a single IP address is specified, the firewallautomatically performs Port Address Translation (PAT).global_ip-global_ip Defines a range of global IP addresses to be used by thefirewall to NAT.netmask The network mask for the global IP address(es).
INTRUSION DETECTION SYSTEM (IDS)
An IDS is a security counter measure. It monitors network traffic and monitors forsuspicious activity and alerts the system or network administrator. In some casesthe IDS may also respond to anomalous or malicious traffic by taking action suchas blocking the user or source IP address from accessing the network
A firewall simply blocks openings into your network/system, but cannot
distinguish between good/bad activity. Therefore, if you need to allow an opening
to a system (like a web-server), then a firewall cannot protect against intrusion
attempts against this opening. In contrast, intrusion detection systems can
monitor for hostile activity on these openings.
HIDSHost Intrusion Detection Systems run on individual hosts or devices on the
network. A HIDS monitors the inbound and outbound packets from the device
only and will alert the user or administrator of suspicious activity if detected
NIDSNetwork Intrusion Detection Systems are placed at a strategic point or points
within the network to monitor traffic to and from all devices on the network.
Ideally you would scan all inbound and outbound traffic, however doing so might
create a bottleneck that would impair the overall speed of the network.
When an unauthorized user logs in successfully, or attempts to log in, they arebest tracked with host-based IDS. However, detecting the unauthorized userbefore their log on attempt is best accomplished with network-based IDS.There are four basic techniques used to detect intruders:
1) Anomaly detection2) misuse detection (signature detection)3) target monitoring
Summer Training Report On Computer Networking
8/22/2019 report on computer networking
59/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
Anomaly DetectionDesigned to uncover abnormal patterns of behavior the IDS establishes abaseline of normal usage patterns, and anything that widely deviates from it getsflagged as a possible intrusion.
An example of this would be if a user logs on and off of a machine 20 times a day
instead of the normal 1 or 2. Also, if a computer is used at 2:00 AM whennormally no one outside of business hours should have access, this should raise
some suspicions. At another level, anomaly detection can investigate user
patterns, such as profiling the programs executed daily. If a user in the graphicsdepartment suddenly starts accessing accounting programs or compiling code,
the system can properly alert its administrators.
Misuse Detection or Signature Detectionthis method uses specifically known patterns of unauthorized behavior to predict
and detect subsequent similar attempts. These specific patterns are calledsignatures. For host-based intrusion detection, one example of a signature is
"three failed logins."
Target MonitoringThese systems do not actively search for anomalies or misuse, but instead lookfor the modification of specified files. This is more of a corrective control,designed to uncover an unauthorized action after it occurs in order to reverse it.One way to check for the covert editing of files is by computing a cryptographichash beforehand and comparing this to new hashes of the file at regularintervals. This type of system is the easiest to implement, because it does not
require constant monitoring by the administrator. Integrity checksum hashes canbe computed at whatever intervals you wish, and on either all files or just themission/system critical files
Passive IDSA passive IDS simply detects and alerts. When suspicious or malicious traffic is
detected an alert is generated and sent to the administrator or user and it is up to
them to take action to block the activity or respond in some way.
Reactive IDSA reactive IDS will not only detect suspicious or malicious traffic and alert the
administrator, but will take pre-defined proactive actions to respond to the threat.Typically this means blocking any further network traffic from the source IP
address or user.
IDS is required to be properly configured to recognize what is normal traffic on
your network vs. what might be malicious traffic and you, or the administrators
responsible for responding to IDS alerts, need to understand what the alerts
mean and how to effectively respond.
Summer Training Report On Computer Networking
8/22/2019 report on computer networking
60/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
WAN SOLUTION
REQUIREMENT
There is one CBC (Central Billing Center) which is required to be connected with
28 BGC (Bill Generation Center). As with each BGC location further locations are
connected so it is required to use a router at each location.
CBC Router must have these specifications:
1 4 numbers of10/100 fast Ethernet interfaces.2 20 number of V.35 interface to receive the data from coming BGC Via
optical fiber/ Lease line3 2 numbers of ISDN BRI ports.4 Four numbers of synchronous serial interfaces for 64 kbps lease line
connectivity.
BGC Router must have these specifications:
1 2 port 10/100 Mbps Ethernet Interface.2 Sufficient port Serial WAN Interfaces.
Al the BGC locations are to be connected to the central location having a point to
point connectivity. The BGC location are having a leased line connectivity of 128
Kbps which can be up gradable to 2 Mbps. The leased Line connectivity is to be
provided BY a ISP.
SOLUTION
As per the requirement the proposed solution is to have point to pointconnectivity between the central location and the 28 BGC locations. There is aCisco 1841 Router at each of the BGC location. They are connected to a 2Mbps Leased Line Modem Pair., HCL-Gateway 2M-2W, through the serial port.The modem at the customer end is connected to a modem at the ISP side. Likethis way the central location having a Cisco 3845 Router is connected to 28 nosof 2 Mbps Leased Line modem pair.The connectivity diagram and the bill of material required for the solution is
given in the following pages.
Summer Training Report OnComputer Networking
8/22/2019 report on computer networking
61/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
WLAN (WIRELESS LAN)
In a traditional LAN each computer physically connects to the network via wiresand a network port. A Wireless Local Area Network (WLAN) is a network thatprovides the same services but without the need for physical connectionsbetween the computers and the network. Wireless LANs offer many advantagesover traditional wired networks, such as mobility, flexibility, scalability and speed,simplicity and reduced cost of installation. A WLAN typically uses radio waves,which allow network PC cards plugged into a PC/laptop to connect to a traditionalEthernet LAN.IEEE developed the 802.11 standards to provide wireless networking technology
like the wired Ethernet.
STANDARDS
IEEE developed the 802.11 standards to provide wireless networking technology.
With time-to-time development in the field of technology three standards has
been finalized. 802.11(a), 802.11(b), 802.11(g)
802.11(b) 802.11(a) 802.11(g)Max. bit rate/Raw 11Mb/s 54 Mb/s 54 Mb/s
net 5.5Mb/s 22-26 Mb/s 17-22 Mb/sFrequency Band 2.4 GHZ 5 GHZ 2.4 GHZRange @ Max. 57 m 12m 19m
rateUnit Cost 100% 120% 110%
Coverage Cost 100% 2000% 500%
No. of channels 3 8 4
IEEE 802.11a standard is the most widely adopted one because it operates at
licensed 5 GHZ band while other are unlicensed and also it provides max. nof
channels and max. bit rate than any other standards.
TOPOLOGIES
There are two topologies on which WLAN works:1) Infrastructure Network2) Ad hoc Network
INFRASTRUCTURE NETWORK
Summer Training Report On Computer Networking
8/22/2019 report on computer networking
62/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
It is useful for providing wireless coverage of building or campus areas. Thisis a topology used when there are many access points in a single location. Bydeploying multiple Access Points (APs) with overlapping coverage areas,organizations can achieve broad network coverage . . A laptop or other mobiledevice may move from AP to AP while maintaining access to the resources of
the LAN. Each client is equipped with wireless network interface card (NIC)that consists of the radio transceiver and the logic to interact with the clientmachine and software. While the AP is essentially a radio transceiver on oneside and the wired backbone on the other.
8/22/2019 report on computer networking
63/71
ADHOC NETWORK
Summer Training Report On Computer Networking
8/22/2019 report on computer networking
64/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
This topology is used when we have to interconnect mobile devices that are in
the same area (e.g., in the same room). In this architecture, client stations are
grouped into a single geographic area and can be Internet-worked withoutaccess to the wired LAN (infrastructure network). The ad hoc configuration is
similar to a peer-to-peer office network in which no node is required to function
as a server. In ad hoc there is no need of any AP as all devices are wirelesslyconnected to each other.
8/22/2019 report on computer networking
65/71
Summer Training Report OnComputer Networking
8/22/2019 report on computer networking
66/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
Integrated Services Digital Network (ISDN )
ISDNs primary goal is the integration of voice and nonvoice services.ISDN is actually a set of communication protocols proposed by telephone
companies that allows them to carry a group of digital services thatsimultaneously convey data, text, voice, music, graphics, and video to end users,
and it was designed to achieve this over the telephone systems already in place.
There are two types of channels:1) B channel2) D channel
B channelBearer channels (B channels) are used to transport data. B channels are called
bearer channels because they bear the burden of transporting the data. B
channels operate at speeds of up to 64 kbps.
1D channel2D channels are used for signaling. They are used to establish the session
before the data is actually transfer.
ISDN INTERFACES
Types of ISDN interfaces:1) Basic Rate Interface (BRI)2) Primary Rate Interface (PRI).
Both BRI and PRI provide multiple digital bearer channels over which temporaryconnections can be made and data can be sent.
BRI: ISDN Basic Rate Interface (BRI, also known as 2B+1D) service provides
two B channels and one D channel. The BRI B-channel service operates at
64Kbps and carries data, while the BRI D-channel service operates at 16Kbps
and usually carries control and signaling information.
PRI: According to American standards , the ISDNPrimary Rate Interface (PRI,also known as 23B+D1) service delivers 23 64Kbps B channels and one 64KbpsD channel for a total bit rate of up to 1.544Mbps.
And according to European standards, ISDN provides 30 64Kbps B channelsand one 64Kbps D channel for a total bit rate of up to 2.048Mbps.
ISDN Function Groups and Reference PointsSummer Training Report On
8/22/2019 report on computer networking
67/71
Computer Networking
8/22/2019 report on computer networking
68/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
1 Function groupA set of functions implemented by a device andsoftware
2 Reference pointThe interface between two function groups, including
cablingdetails
8/22/2019 report on computer networking
69/71
Router A is ordered with an ISDN BRI U reference point, referring to the I.430reference point defining the interface between the customer premises and theISP.Router B is bought with an ISDN BRI S/T interface, implying that it must becabled to a function group NT1 device. An NT1 function group device must beconnected to the ISP line through a U reference point; the S/T interface definesthe connection to Router B. Router B is called a TE1 (Terminal Equipment 1)function group device.
Non-ISDN equipment is called a TE2 (Terminal Equipment 2) device and isattached using the R reference point to a terminal adapter (TA) function groupdevice.
Alternatively, a TE1 can connect using an S reference point to an NT2 function
group,
Summer Training Report On
Computer Networking
8/22/2019 report on computer networking
70/71
www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/
Function Groups:
1) TE1 (Terminal Equipment 1) ISDN -capable four-wire cable. Understandssignaling and 2B+D. Uses an S reference point.
2) TE2 (Terminal Equipment 2): Equipment that does not understand ISDN
protocols and specifications (no ISDN awareness). Uses an R reference point,
typically an RS-232 or V.35 cable, to connect to a TA
3) TA (Terminal adapter): Equipment that uses R and S reference points. Can
be thought of as the TE1 function group on behalf of a TE2.
4) NT1 (Network Termination): Connects with a U reference point (two-wire) to
the ISP. Connects with T or S reference points to other customer premises
equipment.
Reference Points:
R between TE2 and TA.S between TE1 or TA and NT2.T between NT2 and NT1.U between NT1 and ISP..
8/22/2019 report on computer networking
71/71
Summer Training Report OnComputer Networking