1 Syllabus for Interview 1) Hardware 2) Networking 3) CCNA 4) Redhat 5) It Security Hardware 1) Motherboard a) North Bridge (MCH (memory controller hub)) b) South Bridge (ICH (I/O controller Hub)) Motherboard has to very important component North Bridge and south bridge. Both have different –different work. Both are chips on the mother board. Another Name of North Bridge is MCH/IMCH (memory controller hub/integrated memory controller hub). It is used to manage communication between RAM, CPU, AGP, and chach memory. Another Name of south bridge is ICH. Rest of the component which is not handled by the north bridge. Like PCI SLOT, USB, ISA IDE BIOS LEGACY.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
1
Syllabus for Interview
1) Hardware
2) Networking
3) CCNA
4) Redhat
5) It Security
Hardware
1) Motherboard
a) North Bridge (MCH (memory controller hub))
b) South Bridge (ICH (I/O controller Hub))
Motherboard has to very important component North Bridge and south bridge.
Both have different –different work. Both are chips on the mother board.
Another Name of North Bridge is MCH/IMCH (memory controller hub/integrated
memory controller hub). It is used to manage communication between RAM, CPU, AGP,
and chach memory.
Another Name of south bridge is ICH. Rest of the component which is not
handled by the north bridge. Like PCI SLOT, USB, ISA IDE BIOS LEGACY.
2
ZERO LEVEL FORMATTING
1) For Zero level formatting you have to insert windows 98 cd in cdrom and restart
system boot via cd rom
2) You find command prompt and go to cd rom
3) A:\> G: suppose A is default prompt and G is 98 prompt
4) G:\> dir
5) G:\>cd Dm
6) G:\DM>dir
7) G:\DM>cd DmSam
8) G:\DM\DMSAM>DIR
9) G:\DM\DMSAM>DM /X/M
RAID (redundant array of independent disks; originally redundant array of
inexpensive disks)
RAID is a way of storing the same data in different places (thus, redundantly) on multiple
hard disk . By placing data on multiple disks, I/O (input/output) operations can overlap in
a balanced way, improving performance.
RAID-0: This technique has striping but no redundancy of data. It offers the best
performance but no fault-tolerance.
RAID-1: This type is also known as disk mirroring and consists of at least two
drives that duplicate the storage of data. There is no striping. Read performance is
improved since either disk can be read at the same time. Write performance is the
same as for single disk storage. RAID-1 provides the best performance and the
best fault-tolerance in a multi-user system.
RAID-2: This type uses striping across disks with some disks storing error
checking and correcting (ECC) information. It has no advantage over RAID-3.
RAID-3: This type uses striping and dedicates one drive to
storing parity information. The embedded error checking (ECC) information is
used to detect errors. Data recovery is accomplished by calculating the exclusive
OR (XOR) of the information recorded on the other drives. Since an I/O operation
addresses all drives at the same time, RAID-3 cannot overlap I/O. For this reason,
RAID-3 is best for single-user systems with long record applications.
RAID-4: This type uses large stripes, which means you can read records from any
single drive. This allows you to take advantage of overlapped I/O for read
operations. Since all write operations have to update the parity drive, no I/O
overlapping is possible. RAID-4 offers no advantage over RAID-5.
RAID-5: This type includes a rotating parity array, thus addressing the write
limitation in RAID-4. Thus, all read and write operations can be overlapped.
RAID-5 stores parity information but not redundant data (but parity information
Token Passing (in brief) : Token contains a piece of information which along with data
is sent by the source computer. This token then passes to next node, which checks if the
signal is intended to it. If yes, it receives it and passes the empty to into the network,
otherwise passes token along with the data to next node. This process continues until the
signal reaches its intended destination.
The nodes with token are the ones only allowed to send data. Other nodes have to wait
for an empty token to reach them. This network is usually found in offices, schools and
small buildings.
RING AND TOKEN RING
Advantages of Ring Topology
1) This type of network topology is very organized. Each node gets to send the data
when it receives an empty token. This helps to reduces chances of collision. Also in ring
topology all the traffic flows in only one direction at very high speed.
2) Even when the load on the network increases, its performance is better than that
of Bus topology.
3) There is no need for network server to control the connectivity between workstations.
4) Additional components do not affect the performance of network.
5) Each computer has equal access to resources.
Disadvantages of Ring Topology
1) Each packet of data must pass through all the computers between source and
destination. This makes it slower than Star topology.
2) If one workstation or port goes down, the entire network gets affected.
13
3) Network is highly dependent on the wire which connects different components.
4) MAU‘s and network cards are expensive as compared to Ethernet cards and hubs.
4) MASH TOPOLOGY =In a mesh network topology, each of the network node,
computer and other devices, are interconnected with one another. Every node not only
sends its own signals but also relays data from other nodes. In fact a true mesh topology
is the one where every node is connected to every other node in the network. This type of
topology is very expensive as there are many redundant connections, thus it is not mostly
used in computer networks. It is commonly used in wireless networks. Flooding or
routing technique is used in mesh topology.
Types of Mesh Network topologies:-
1)FULL MESH TOPOLOGY:
In this, like a true mesh, each component is connected to every other component. Even
after considering the redundancy factor and cost of this network, its main advantage is
that the network traffic can be redirected to other nodes if one of the nodes goes down.
Full mesh topology is used only for backbone networks.
2)PARTIAL MESH TOPOLOGY:
This is far more practical as compared to full mesh topology. Here, some of the systems
are connected in similar fashion as in mesh topology while rests of the systems are only
connected to 1 or 2 devices. It can be said that in partial mesh, the workstations are
‗indirectly‘ connected to other devices. This one is less costly and also
reducesredundancy.
Mesh Topology Diagram
Advantages of Mesh topology
1) Data can be transmitted from different devices simultaneously. This topology can
withstand high traffic.
2) Even if one of the components fails there is always an alternative present. So data
transfer doesn‘t get affected.
14
3) Expansion and modification in topology can be done without disrupting other nodes.
Disadvantages of Mesh topology
1) There are high chances of redundancy in many of the network connections.
2) Overall cost of this network is way too high as compared to other network topologies.
3) Set-up and maintenance of this topology is very difficult. Even administration of the
network is tough.
5) TREE TOPOLOGY = Tree Topology integrates the characteristics of Star and Bus
Topology. Earlier we saw how in Physical Star network Topology, computers (nodes) are
connected by each other through central hub. And we also saw in Bus Topology, work
station devices are connected by the common cable called Bus. After understanding these
two network configurations, we can discuss tree topology better. In Tree Topology, the
number of Star networks are connected using Bus. This main cable seems like a main
stem of a tree, and other star networks as the branches. It is also called Expanded Star
Topology. Ethernet protocol is commonly used in this type of topology. The diagram
below will make it clear.
Advantages of Tree Topology 1. It is an extension of Star and bus Topologies, so in networks where these topologies
can't be implemented individually for reasons related to scalability, tree topology is the
best alternative.
2. Expansion of Network is possible and easy.
3. Here, we divide the whole network into segments (star networks), which can be easily
managed and maintained.
4. Error detection and correction is easy.
5. Each segment is provided with dedicated point-to-point wiring to the central hub.
6. If one segment is damaged, other segments are not affected.
Disadvantages of Tree Topology 1. Because of its basic structure, tree topology, relies heavily on the main bus cable, if it
breaks whole network is crippled.
2. As more and more nodes and segments are added, the maintenance becomes difficult.
3. Scalability of the network depends on the type of cable used.
15
6) HYBRIDE TOPOLOGY = Before starting about Hybrid topology, we saw that
a network topology is a connection of various links and nodes, communicating with each
other for transfer of data. We also saw various advantages and disadvantages
of Star, Bus, Ring, Mesh and Tree topologies. Now lets discuss what Hybrid Network
topology is and why it finds its application in Wide Area Networks. Hybrid, as the name
suggests, is mixture of two different things. Similarly in this type of topology we
integrate two or more different topologies to form a resultant topology which has good
points(as well as weaknesses) of all the constituent basic topologies rather than having
characteristics of one specific topology. This combination of topologies is done according
to the requirements of the organization.
For example, if there exists a ring topology in one office department while a bus topology
in another department, connecting these two will result in Hybrid topology. Remember
connecting two similar topologies cannot be termed as Hybrid topology. Star-Ring and
Star-Bus networks are most common examples of hybrid network.
Let's see the benefits and drawbacks of this networking architecture
Hybrid Network Topology Image
Advantages of Hybrid Network Topology
1) Reliable : Unlike other networks, fault detection and troubleshooting is easy in this
type of topology. The part in which fault is detected can be isolated from the rest of
network and required corrective measures can be taken, WITHOUT affecting the
functioning of rest of the network.
2) Scalable: Its easy to increase the size of network by adding new components, without
disturbing existing architecture.
3) Flexible: Hybrid Network can be designed according to the requirements of the
organization and by optimizing the available resources. Special care can be given to
16
nodes where traffic is high as well as where chances of fault are high.
4) Effective: Hybrid topology is the combination of two or more topologies, so we can
design it in such a way that strengths of constituent topologies are maximized while there
weaknesses are neutralized. For example we saw Ring Topology has good data reliability
(achieved by use of tokens) and Star topology has high tolerance capability (as each node
is not directly connected to other but through central device), so these two can be used
effectively in hybrid star-ring topology.
Disadvantages of Hybrid Topology
1) Complexity of Design: One of the biggest drawback of hybrid topology is its design.
Its not easy to design this type of architecture and its a tough job for designers.
Configuration and installation process needs to be very efficient.
2) Costly Hub: The hubs used to connect two distinct networks, are very expensive.
These hubs are different from usual hubs as they need to be intelligent enough to work
with different architectures and should be function even if a part of network is down.
3) Costly Infrastructure: As hybrid architectures are usually larger in scale, they
require a lot of cables, cooling systems, sophisticate network devices, etc.
CABLES (PHYSICAL MEADIA)
There are three types of cable
1) COAXIAL CABLE
2) TWISTED PAIR CABLE
3) FIBER OPTIC CABLE
1) COAXIAL CABLE = A type of wire that consists of a center wire surrounded by
insulation and then a grounded shield of braided wire. The shield minimizes electrical
EMI (Electromagnetic interference) and radio frequency interference.
Coaxial cabling is the primary type of cabling used by the cable television industry and is
also widely used for computer networks, such as Ethernet. Although more expensive than
standard telephone wire, it is much less susceptible to interference and can carry much
more data.
There two types of coaxial cable:-
A) Tinnet coaxial cable( RG58)
B) Tick net coaxial cable (RG 8)
17
CABLE = TINNET CABLE = TICK NET
10 BASE 2 10 BASE 2
SINGNAL = BASEBAND / DIGITAL SINGNAL = BASEBAND/DIGITAL
SPEED = 10 MBPS SPEED = 10 MBPS
LENGTH = 18.5 METER LENGTH =500 METERS
CONNECTOR = BNC CONNECTOR = AUI, VAMPIRE
DIAMETER = 0.25 CM DIAMETER = 0.96 CM
BNC =British novel connector
AUI = Attachment User interface
RG = Radio Government
2) TWISTED PAIR CABLE= A type of cable that consists of two independently
insulated wires twisted around one another. The use of two wires twisted together helps
to reduce crosstalk and electromagnetic induction. While twisted-pair cable is used by
older telephone networks and is the least expensive type of local-area network
(LAN) cable, most networks contain some twisted-pair cabling at some point along the
network. Connector RJ45, RJ11. RJ stands for Register jack.
There are two types of Twisted Pair Cable
1) UTP (UNSHIELDED TWISTED PAIR CABLE)
2) STP (SHIELDED TWISTED PAIR CABLE)
1) UTP = UTP stands for Unshielded Twisted Pair cable. UTP cable is a 100 ohm copper
cable that consists of 2 to 1800 unshielded twisted pairs surrounded by an outer jacket.
They have no metallic shield. This makes the cable small in diameter but unprotected
against electrical interference. The twist helps to improve its immunity to electrical noise
and EMI.
2) STP= a type of copper telephone wiring in which each of the two copper wires that are
twisted together are coated with an insulating coating that functions as a ground for the
wires. The extra covering in shielded twisted pair wiring protects the transmission line
from electromagnetic interference leaking into or out of the cable. STP cabling often is
used in Ethernet networks, especially fast data rate Ethernets.
18
CROSSOVER CABLE COLOR CODDIGN 13 26
FIRST END LAST END
T568B T568A
ORANGE-WHITE GREEN –WHITE
ORANGE GREEN
GREEN WHITE ORANGE-WHITE
BLUE BLUE
BLUE-WHITE BLUE-WHITE
GREEN ORANGE
BROWN-WHITE BROWN-WHITE
BROWN BROWN
CROSS CABLE USE:- 13 AND 26
FIRST END =T568B AND SECOND END = T568A
IT is used to connect similar devices like PC to PC, HUB TO HUB, SWITCH TO
SWITCH and ROUTER TO PC.
STRIGHT THROUGH CABLE:-
FIRST END =T568B AND SECOND END T568B
It is used to connect dissimilar devices like pc to hub, switch to pc, ROUTER TO
SWITCH, MODEM TO PC , SWITCH TO MODEM
ROLLEDOVER CABLE:- It is used to connect router‘s console port to pc . And
router‘s console port is used to configure router.
First end =T568B and second end= just opposite T568B
19
3) FIBER OPTIC CABLE =Fiber Optic Cable Transmit digital signals using the light
impulse rather then analog signals. It is save from EMI. Optical fiber consists of
a core and a cladding layer, selected for total internal reflection due to the difference in
the refractive between the two. In practical fibers, the cladding is usually coated with a
layer of acrylate polymer or polyimide. This coating protects the fiber from damage but
does not contribute to its optical waveguide properties. Individual coated fibers (or fibers
formed into ribbons or bundles) then have a tough resin buffer layer and/or core tube(s)
extruded around them to form the cable core. Several layers of protective sheathing,
depending on the application, are added to form the cable. Rigid fiber assemblies
sometimes put light-absorbing ("dark") glass between the fibers, to prevent light that
leaks out of one fiber from entering another. This reduces cross-talk between the fibers,
or reduces flare in fiber bundle imaging applications.
There are two types of Fiber optic cable-
A)Single Mode Fiber Optic Cable
B) Multi Mode Fiber Optic Cable
Single Mode Fiber Optic Cable can transmit only single light rays while
multimode Fiber optic cable can transmit multiple light Signal.
Multimode Fiber optic cable is used for short distance application and Single
mode fiber optic cable is used for long distance
Fiber optic cable can transmit up to 40 Kilometers .
It support bandwidth 100Mbps 1Gbps and 10Gbps.
Connectors for Fiber Optic cable ST(straight Tip) and SC(Subscriber Connector)
and the SC connector is developed by AT&T.
Fiber optic cable is very costly and it is difficult to install, it is required a bigger
investment in installation.
20
Wi-Fi: - Wi-Fi is a popular technology that allows an electronic device to exchange
data wirelessly (using radio wave) over a computer network, including high-
speed Internet connections. IEEE STANDRAD 802.11
PROTOCOL: - A uniform set of rules that enable two devices to connect and transmit
data to one another. Protocols determine how data are transmitted between computing
devices and over networks. They define issues such as error control and data compression
methods.
OSI (OPEN SOURCE INTERCONNECTION) MODEL
OSI model is seven layer conceptual models that define the communication method of
computer network. It defines the communication process in 7 layers. OSI model was
developed by ISO (international standard organization) in 1977(in some web site it
should be 1984 1980 and 1974). First network is developed by IBM and it works only
IBM devices. That‘s by OSI model was develop that a common platform can be given to
all devices that dissimilar devices can communicate.
Seven Layer of OSI model :-
21
1) PHYSICAL LAYER
2) DATA LINK LAYER
3) NETWORK LAYER
4) TRANSPORT LAYER
5) SESSION LAYER
6) PRESENTATION LAYER
7) APPLICATION LAYER
The upper layers (application, presentation and session) of the OSI model represent
software that implements network services like encryption and connection management.
The lower layers (transport, network, data link and physical) of the OSI model
implement more primitive, hardware-oriented functions like routing, addressing, and flow
control.You can remember OSI layer by All People Seem To Need Data Processing.
LAYER 1- PHYSICAL LAYER:-
It is layer first of OSI model. Physical layer defines the cable or physical medium itself,
e.g., thinnet, thicknet, unshielded twisted pairs (UTP). All media are functionally
equivalent. The main difference is in convenience and cost of installation and
maintenance. It define electrical and optical signaling, voltage levels, data transmission
rate, as well as mechanical specifications such as cable lengths and connectors, the
amount of pins and their Functions. Converters from one media to another operate at this
level.
Data unit = bit
Devices = Hub, Repeater, cable, connectors, NICs, WAPs, LAN, WAN, Interface such as
RS-232 ,OC-3, BRI And Antennas.
It received data from data link layer in the form of Frame then converts it into bit.
LAYER 2- DATA LINK LAYER:-
It is second layer of OSI model
Data Unit = Frame
Devices = Switch, Bridge
Protocol = STP, VTP, HDLC, PPP, FRAM RELAY.
It takes data from network layer in the form of Packet than attached header and trailer on
this packet now it becomes frame. Its header has the information about source Mac,
destination Mac, Ether type, ant it trailer has information about FCS.
FCS=FCS apply algorithm on data and generate 4Byte code and at the receiving end
Again FCS apply Algorithm and Generate 4 Byte code. If code is same then no error and
no modification while transmission otherwise again send data it gives flow control.
The Maximum Transmission Unit (MTU). The data link layer handles the physical
and logical connections to the packet's destination, using a network interface. A host
connected to an Ethernet would have an Ethernet interface to handle connections to the
outside world, and a loop back interface to send packets to it. Layer two Broadcast
address FF:FF:FF:FF:FF:FF . 802.5 For token ring
TWO sub layer of data link layer is-
A) LLC(logical link control layer)
B) MAC(media access control layer)
22
A) LLC= The uppermost sub layer, LLC, multiplexes protocols running a top the data
link layer (Network layer), and optionally provides flow control, acknowledgment, and
error notification. The LLC provides addressing and control of the data link. It specifies
which mechanisms are to be used for addressing stations over the transmission medium
and for controlling the data exchanged between the originator and recipient machines.
Standard 802.2
B)MAC=MAC may refer to the sub layer that determines who is allowed to access the
media at any one time (usually CSMA/CD). Other times it refers to a frame structure with
MAC addresses inside. There are generally two forms of media access control:
distributed and centralized. Both of these may be compared to communication between
people. In a network made up of people speaking, i.e. a conversation, we look for clues
from our fellow talkers to see if any of them appear to be about to speak. If two people
speak at the same time, they will back off and begin a long and elaborate game of saying
"no, you first".
The Media Access Control sub layer also determines where one frame of data ends and
the next one starts – frame synchronization. There are four means of frame
synchronization: time based, character counting, byte stuffing and bit stuffing. IEEE
Standers Of data link (MAC Sublayer) layer 802.3,802.4,802.5 and 802.11.
23
LAYER3-NETWORK LAYER It is layer 3 of OSI model
Data Unit = Packet
Devices =Router
Protocol= Routed and Routing Protocol
Layer three Broadcast address 255.255.255.255
Routed Protocol=It is define the method of Packet Transmission in Internetwork
Example =IP, IPx, AppleTalk
Routing Protocol=It select the best path for packet Transmission example RIP IGRP
EIGRP OSPF.
It received data from transport layer in the form of segment then attach header on
segment now it become packet. Its header has information about source ip address and
destination ip address. Router understands the ip address and it creates routing tables.
Routing tables has information about best path for packet transmission.
The network layer is the layer at which IP (Internet protocol) operates. Other
protocols in the TCP/IP suite of protocols, which forms the basis of the Internet and most
other networks, that also operate in this layer are ICMP, IPsec, ARP, RIP, OSPF and
BGP.The network layer is responsible for routing, which is moving packets (the
fundamental unit of data transport on modern computer networks) across the network
using the most appropriate paths. It also addresses messages and translates logical
addresses (i.e., IP addresses) into physical addresses (i.e., MAC addresses).
LAYER4-TRANSPORT LAYER
It is layer 4 of OSI model
Data Unit = Segment
Protocol = TCP, UDP
24
It received data from session layer in the form of data and divided it into
segments, Each and every segment has a header, its header has information about source
port no, destination port no, sequence no and Acknowledgement number and window etc.
The Transport layer is responsible for end-to-end (source-to-destination) data delivery. The Transport layer ensures the reliable arrival of messages and provides error checking
mechanisms and data flow controls. The Transport layer provides services for both
"connection-mode" transmissions and for "connectionless-mode" transmissions. For
connection-mode transmissions, a transmission may be sent or arrive in the form of
packets that need to be reconstructed into a complete message at the other end.
Header format of Transport Layer
LAYER 5- SESSION LAYER
It is fifth layer of OSI model
Data Unit = Data
It creates session between different communication process and it is responsible
for the mechanism for opening, closing and managing a session between end-user
application processes, i.e., a semi-permanent dialogue. Communication sessions consist
of requests and responses that occur between applications. Session-layer services are
commonly used in application environments that make use of remote procedure
25
calls (RPCs). These layers also provide the dialog control between devices or nodes. It is
also control communication mode. Three are three types of communication mode.
A) Simplex
B) Half Duplex
C) Full Duplex
A) Simplex =In simplex operation, a network cable or communications channel can only
send information in one direction; it's a ―one-way street‖. In simple way only one way
communication.
B) Half Duplex=A half-duplex (HDX) system provides communication in both
directions, but only one direction at a time (not simultaneously). Typically, once a party
begins receiving a signal, it must wait for the transmitter to stop transmitting, before
replying (antennas are of trans-receiver type in these devices, so as to transmit and
receive the signal as well). Example cordless, Hub.
C) Full Duplex= A full-duplex (FDX), or sometimes double-duplex system, allows
communication in both directions, and, unlike half-duplex, allows this to happen
simultaneously. Land-line telephone networks are full-duplex, since they allow both
callers to speak and be heard at the same time. A good analogy for a full-duplex system
would be a two-lane road with one lane for each direction. Example mobile call, Switch.
LAYER 6-PRESENTATION LAYER
It is layer 6 th of OSI model.
Data Unit=data
The Presentation layer ‗represent‘ the data in particular format of The Application layer.
It defines encryption, Compression, Conversion and coding Function. Data are passed
from the application layer services. These data must then be formatted into agreed-upon
codes. The codes can be alphanumeric, numeric, video, audio, or program instruction
codes. The presentation layer may also be responsible for data compression and
encryption. The three most common types of translation methods are bit order, byte
order, and character code translation. Encryption services provided by the OSI
presentation layer protocols include transposition, substitution, and algebraic methods
ENCRIPTION = Encryption is the conversion of data into a form, called a cipher text,
that cannot be easily understood by unauthorized people. Decryption is the process of
converting encrypted data back into its original form, so it can be understood able.
COMPRESSION= Compression is the process of reducing the size of a file by encoding
its data information more efficiently. By doing this, the result is a reduction in the
number of bits and bytes used to store the information. In effect, a smaller file size is
generated in order to achieve a faster transmission of electronic files and a smaller space
required for its downloading.
TRANSLATION= The presentation layer serves as the data translator for the network.
This layer on the sending computer translates the data sent by the application layer into a
26
common format. At the receiving computer, the presentation layer translates the common
format to a format known to the application layer. Character-code translation, such as
from ASCII to EBCDIC.
LAYER 7- APPLICATION LAYER
It is layer 7 of OSI model
Data Unit = data
Protocol = Http, Telnet, Ftp, Tftp, Smtp, Ntp
The application layer provider different services to the application. Examples of services
provided by this layer are file transfer, electronic messaging e-mail, virtual terminal
access and network management. Data is often encoded using different schemes, such as
ASCII, EBCIDC or UNICODE. It is provide interface for different Application like ms-
word, ms-outlook, Http.
ASCII = American standard code for information interchange
Dynamic Host Configuration Protocol enables you to automatically assign reusable IP
addresses (IP address, Default Gateway, subnet mask, and DNS server IP) to DHCP
clients. It use UDP services .DHCP server port no. is 67 and client port no is 68.
DISCOVER: When a client is configured with the IP setting to obtain Ip address
automatically. Then the client will search for DHCP server and the UDP Broadcast to the
server about the DHCP discover.
OFFER: DHCP Server will offers a scope of IP address available in the pool.
REQUEST: In response to the offer, the Client will requests for an IP address.
ACKNOWLEDGE: In response to the request, server will responds with all IP address, Mask, Gateway, DNS and wins info along with the acknowledgment packet.
Technical info of DORA Process = When the term "broadcast" is used, there are two
types of broadcasts: 1) Network Layer broadcast and 2) Datalink Layer broadcast. For
Internet Protocol, the standard broadcast DESTINATION address is 255.255.255.255.
For Ethernet, the broadcast DESTINATION address is FF:FF:FF:FF:FF:FF. You have to
think of the DORA process in terms of encapsulation and decapsulation, as well as switch
behavior with frames it receives.
So let's say you've got two computers, a client host and a server host. The client
host is the DHCP client and the server host is the DHCP server. Let's call the client host
PC and the DHCP server DHCP.
Now, when the PC is turned on, the NIC has a MAC address but no IP address.
So the PC tries to "Discover" the DHCP server by sending out a "Discover" packet. In
that packet, the destination IP address is 255.255.255.255 and source IP address of
0.0.0.0 (because the PC doesn't have an IP address yet). That Discover packet is
encapsulated into an Data Link layer Ethernet Frame. That Ethernet Frame has a
destination address of FF:FF:FF:FF:FF:FF and the source address of whatever the MAC
address of the PC's nic is, let's call it PC:MA:CA:DD:RR:SS (I know this is not a valid
MAC address). Now, since the destination address is FF:FF:FF:FF:FF:FF, the first switch
that receives the frame will, by definition, send that frame out of every single switch port,
except the switch port that received the frame. Since the switch doesn't know (from it's
CAM table), who FF:FF:FF:FF:FF:FF is, it forwards the Discover packet out of every
37
single switch port, except the switch port that received the frame. Let's say the DHCP
server is directly connected to the switch. So the DHCP server first receives the Ethernet
frame with the destination address of FF:FF:FF:FF:FF:FF (which by definition, means
itself), and a source address of PC:MA:CA:DD:RR:SS. So when the DHCP server
receives that Discover Packet, it replies to it by sending the Offer Packet. Since the
DHCP server has no idea who was contacting them (since PC currently has an IP address
of 0.0.0.0), the Offer packet has the destination address of 255.255.255.255. But the
DHCP server remembered the MAC address of whoever it was trying to contact them, so
the DHCP server sends out the Offer packet in a frame with a destination address of
PC:MA:CA:DD:RR:SS and uses it's own source address of DH:CP:SE:RV:ER:MC
(again, I know this is not a valid MAC address). So the Offer packet is sent from the
DHCP server to the PC as a unicast not a broadcast. So the switch receives the frame
from the DHCP server and forwards it to the PC which receives the Offer packet. Then
the rest of the DHCP process of R and A occurs.
So that's why the "...the first two messages in the DHCP are broadcast messages..." refers
to Network Layer IP broadcast messages (destination IP address of 255.255.255.255).
Then "...only the first message (the Discover message) is a LAN Broadcast..." because
only the Discover packet's frame had the Ethernet destination address of
FF:FF:FF:FF:FF:FF (therefore a LAN broadcast) and the Offer packet's frame had the
Ethernet destination address of PC:MA:CA:DD:RR:SS (therefore a LAN unicast).
DHCP RELAY AGENT
The DHCP Relay Agent makes it possible for DHCP broadcast messages to be sent over
routers that do not support forwarding of these types of messages. The DHCP Relay
Agent is therefore the routing protocol that enables DHCP clients to obtain IP addresses
from a DHCP server on a remote subnet, or which is not located on the local subnet. If
you have no configured DHCP Relay Agent, your clients would only be able to obtain IP
addresses from the DHCP server which is on the same subnet. To enable clients to obtain
IP addresses from a DHCP server on a remote subnet, you have to configure the DHCP
Relay Agent on the subnet that contains the remote clients, so that it can relay DHCP
broadcast messages to your DHCP server.
38
9)BOOTP = (PORT NO 67=server,68=client /UDP) It stands for Boot Strap Protocol.
In computer networking, the Bootstrap Protocol, or BOOTP, is a network protocol used
by a network client to obtain an IP address from a configuration server. The BOOTP
protocol was originally defined in RFC 951.
BOOTP is usually used during the bootstrap process when a computer is starting up. A
BOOTP configuration server assigns an IP address to each client from a pool of
addresses. BOOTP uses the User Datagram Protocol (UDP) as a transport
on IPv4 networks only.
Historically, BOOTP has also been used for Unix-like diskless workstations to obtain the
network location of their boot image in addition to an IP address, and also by enterprises
to roll out a pre-configured client (e.g., Windows) installation to newly installed PCs.
Originally requiring the use of a boot floppy disk to establish the initial network
connection, manufacturers of network cards later embedded the protocol in the BIOS of
the interface cards as well as system boards with on-board network adapters, thus
allowing direct network booting.
The Dynamic Host Configuration Protocol (DHCP) is a more advanced protocol for the
same purpose and has superseded the use of BOOTP. Most DHCP servers also function
as BOOTP servers.
10) HTTP = (PORT NO. =80 /TCP) It stands for Hyper Text Transfer Protocol. It is the
protocol used to convey information of World Wide Web (WWW). HTTP is an
application protocol for distributed, collaborative, hypermedia information
systems. HTTP is the foundation of data communication for the World Wide Web.
Hypertext is a multi-linear set of objects, building a network by using logical links (the so
called hyperlinks) between the nodes (e.g. text or words). HTTP is the protocol to
exchange or transfer hypertext.
11) HTTPS = (PORT NO 443 /TCP) It stands for Hyper Text Transfer Protocol Secure. HTTPS is a combination of the Hypertext Transfer Protocol (HTTP) with the
SSL/TLS protocol. It provides encrypted communication to prevent eavesdropping and
secure identification of a network web server to know which web server you are really
talking to. Historically, HTTPS connections were primarily used for payment transactions
on the World Wide Web, e-mail and for sensitive transactions in corporate information
systems. In the late 2000s and early 2010s, HTTPS has began to see widespread use for
protecting page authenticity on all types of websites, securing accounts and keeping user
communications, identity and browsing history private.
During connecting to a website HTTPS makes it possible to know whether you are
talking to the right server and protects from passive and active network attacks such
as Man-in-the-middle attacks. During a session it can protect against eavesdropping and
tampering with the contents of the site or with the information you send to the site. As an
example HTTPS can protect from an adversary replacing downloadable content on a site
with malware.
HTTPS is especially important over unencrypted Wi-fi as it is completely insecure
by design and attacks on unencrypted Wi-fi networks are relatively common.
Note that when a client sends an HTTPS request, the hostname and port of the