Syllabus for interview

1

Syllabus for Interview

1) Hardware

2) Networking

3) CCNA

4) Redhat

5) It Security

Hardware

1) Motherboard

a) North Bridge (MCH (memory controller hub))

b) South Bridge (ICH (I/O controller Hub))

Motherboard has to very important component North Bridge and south bridge.

Both have different –different work. Both are chips on the mother board.

Another Name of North Bridge is MCH/IMCH (memory controller hub/integrated

memory controller hub). It is used to manage communication between RAM, CPU, AGP,

and chach memory.

Another Name of south bridge is ICH. Rest of the component which is not

handled by the north bridge. Like PCI SLOT, USB, ISA IDE BIOS LEGACY.

2

ZERO LEVEL FORMATTING

1) For Zero level formatting you have to insert windows 98 cd in cdrom and restart

system boot via cd rom

2) You find command prompt and go to cd rom

3) A:\> G: suppose A is default prompt and G is 98 prompt

4) G:\> dir

5) G:\>cd Dm

6) G:\DM>dir

7) G:\DM>cd DmSam

8) G:\DM\DMSAM>DIR

9) G:\DM\DMSAM>DM /X/M

RAID (redundant array of independent disks; originally redundant array of

inexpensive disks)

RAID is a way of storing the same data in different places (thus, redundantly) on multiple

hard disk . By placing data on multiple disks, I/O (input/output) operations can overlap in

a balanced way, improving performance.

RAID-0: This technique has striping but no redundancy of data. It offers the best

performance but no fault-tolerance.

RAID-1: This type is also known as disk mirroring and consists of at least two

drives that duplicate the storage of data. There is no striping. Read performance is

improved since either disk can be read at the same time. Write performance is the

same as for single disk storage. RAID-1 provides the best performance and the

best fault-tolerance in a multi-user system.

RAID-2: This type uses striping across disks with some disks storing error

checking and correcting (ECC) information. It has no advantage over RAID-3.

RAID-3: This type uses striping and dedicates one drive to

storing parity information. The embedded error checking (ECC) information is

used to detect errors. Data recovery is accomplished by calculating the exclusive

OR (XOR) of the information recorded on the other drives. Since an I/O operation

addresses all drives at the same time, RAID-3 cannot overlap I/O. For this reason,

RAID-3 is best for single-user systems with long record applications.

RAID-4: This type uses large stripes, which means you can read records from any

single drive. This allows you to take advantage of overlapped I/O for read

operations. Since all write operations have to update the parity drive, no I/O

overlapping is possible. RAID-4 offers no advantage over RAID-5.

RAID-5: This type includes a rotating parity array, thus addressing the write

limitation in RAID-4. Thus, all read and write operations can be overlapped.

RAID-5 stores parity information but not redundant data (but parity information

3

can be used to reconstruct data). RAID-5 requires at least three and usually five

disks for the array. It's best for multi-user systems in which performance is not

critical or which do few write operations.

RAID-10: Combining RAID-0 and RAID-1 is often referred to as RAID-10,

which offers higher performance than RAID-1 but at much higher cost. There are

two subtypes: In RAID-0+1, data is organized as stripes across multiple disks,

and then the striped disk sets are mirrored. In RAID-1+0, the data is mirrored and

the mirrors are striped.

Small Computer System Interface (SCSI)

Internal memory

Ram (Random access memory)

Rom (Read only memory)

1. ROM - Read Only Memory

2. PROM - Programmable Read Only Memory

3. EPROM - Erasable Programmable Read Only Memory (UV RAYS)

4. EEPROM - Electrically Erasable Programmable Read Only Memory (high

voltage of electric)

5. Flash EEPROM memory

BIOS=It stands for Basic input output system. It is also known as ROM (Read Only

Memory). It is the boot firmware program on a PC, and controls the computer from the

time you start it up until the operating system takes over. When you turn on a PC, the

BIOS first conduct a basic hardware check, called a Power-On Self Test (POST), to

determine whether all of the attachments are present and working. Then it loads the

operating system into your computer's random access memory, or RAM.

The BIOS also manages data flow between the computer's operating system and

attached devices such as the hard disk, video card, keyboard, mouse, and printer.

The BIOS stores the date, the time, and your system configuration information in

a battery-powered, non-volatile memory chip, called a CMOS (Complementary Metal

Oxide Semiconductor) after its manufacturing process.

Although the BIOS is standardized and should rarely require updating, some older

BIOS chips may not accommodate new hardware devices. Before the early 1990s, you

couldn't update the BIOS without removing and replacing its ROM chip. Contemporary

BIOS resides on memory chips such as flash chips or EEPROM (Electrically Erasable

Programmable Read-Only Memory), so that you can update the BIOS yourself if

necessary.

POST= It stands of Power on self test. The POST is a test the computer must complete

to verify all hardware is working properly before starting the remainder of the boot

process. If the computer passes the POST the computer will often return a single beep

and if unsuccessful will create a beep code that indicates the error.

4

Networking

What is network?

A network consists of two or more computers that are linked in order to share

resources (such as printers and CDs), exchange files, or allow electronic communications.

The computers on a network may be linked through cables, telephone lines, radio waves,

satellites, or infrared light beams. Wired and wireless both are called communication

media.

Communication media – there are two types of communication media.

1) Wired

2) Wireless

1) Wired- in wired communication media

Angina three types

A) Coaxial cable (connector BNC=births novel connector)

I) thin net coaxial cable (RG 58)

ii) Thick net coaxial cable (RG 8)

B) Twisted pair cable (RJ45)

I) UTP (unshielded twisted pair cable)

ii) STP (shielded twisted pair cable)

c) Fiber optic cable (SC=subscriber connector, ST=straight tip connector)

i) Single mode fiber optic cable

ii) Multimode fiber optic cable

Some important terms of networking -:

1) MAC Address

2) IP Address

3) NIC

4) HUB

5) SWITCH

6) ROUTER

7) BRIDGE

8) MODEM

9) ACCESS POINT

10) COLLISION DOMAIN

11) BROADCAST DOMAIN

12) VPN (VITUAL PRIVATE NETWORK)

13) NODE

14) HOST

15) FIREWALL

16) TRANSCIVER

1) MAC Address:- (Media access control) It is also known as hardware address or

physical address of a devices. It is 12 digit hexadecimal number and 48 bit binary

number. It is representing in hexadecimal number. Broadcast Mac address FF: FF: FF:

5

FF: FF: FF(layer two Broadcast address). First 6 digits are manufacture id and another six

digit are client id which is maintained by manufacturer. MM:MM:MM:SS:SS:SS

2) IP ADDRESS:- (Internet protocol ) It is logical address of a device . It is 32 bit binary

number which is represent in decimal format and it is divided into 4 octets and each octet

is separated by each other by dot (.). In a single network any ip address should not be

same otherwise ip conflicted error will come. Broadcast Ip address 255.255.255.255

(layer three Broadcast address).

3) NIC:-It stands for network interface card . In computer networking, a NIC provides

the hardware interface between a computer and a network. A NIC technically is network

adapter hardware in the form factor of an add-in card such as a PCI or PCMCIA card.

This is the card that physically makes the connection between the computer and the

network cable.

4) HUB:- Hub is a network connectivity device and it is work on layer one of osi model

devices. It is work in half duplex mode. Hub received data packet from a computer and

Broadcast it to all devices. In a hub one collision domain and one broadcast domain.

Collision domains are found in a hub environment where each host segment connects

to a hub that represents only one collision domain and only one broadcast domain.

Collision domains are also found in wireless network such as wi-fi.

5) SWITCH:-Switch is also network connectivity devices; it is work on layer two of osi

model. It works on full duplex mode. A switch has 1 collision domain per interface. And

one broadcast domain. Switch create Mac table by using hardware chip ASIC

(Application Specific Integrated Circuit)

6) ROUTER:- A router is a internet work connectivity device that is used to

communicate one network to another network. Routers operate at the network layer (OSI

Model's layer 3). The primary function of a router is to connect networks together and

keep certain kinds of broadcast traffic under control. There are several companies that

make routers: Cisco (Linksys), Juniper, Nortel (Bay Networks), Redback, Lucent, 3com,

and HP just to name a few.

Restrict network broadcasts to the LAN

Act as the default gateway.

Move data between networks

Learn and advertise loop free paths

Router works two types of protocol Routed and Routing protocol. A routed protocol can

be routed by a router, which means that it can be forwarded from one router to another.

A routed protocol contains the data elements required for a packet to be sent outside of its

host network or network segment. In other words, a routed protocol can be routed.

Routed protocols are IP and IPX.

Routing protocol select the best path for packet transmission of remote network. example

rip eigrp ospf is routing protocol.

6

7) BRIDGE:-It is used to connect two different network segment in a Lan.

A bridge device filters data traffic at a network boundary. Bridges reduce the amount of

traffic on a LAN by dividing it into two segments. Bridges operate at the data link layer

(Layer 2) of the OSI model. Bridges inspect incoming traffic and decide whether to

forward or discard it. An Ethernet bridge, for example, inspects each incoming Ethernet

frame - including the source and destination MAC addresses, and sometimes the frame

size - in making individual forwarding decisions.

8) MODEM:- It is called modulator-demodulator. It is convert digital signals into analog

signals it is called modulation and transmits it. At the receiving end angina it convert

analog signal into digital signal it is called demodulation.

9) ACCESS POINT :- Wireless access points (APs or WAPs) are specially configured

nodes on wireless local area networks (WLANs). Access points act as a central

transmitter and receiver of WLAN radio signals.Access points used in home or small

business networks are generally small, dedicated hardware devices featuring a built-in

network adapter, antenna, and radio transmitter. Access points support Wi-Fi wireless

communication standards.

10) COLLISION DOMAIN:- A collision domain is an area on the network where two

devices may attempt to transmit at the same time. A hub has 1 collision domain overall.

A switch has 1 collision domain per interface.

11) BROADCAST DOMAIN:- A broadcast domain is a logical division of a computer

network, in which all nodes can reach each other by broadcast at the data link layer. A

broadcast domain can be within the same LAN segment or it can be bridged to other

LAN segments. In a switch one broadcast domain.

If any switch has 12 ports then one Broadcast domain and 12 collision domain in

it. If any hub has 12 ports then single collision domain and single broadcast domain.

12)VPN:- A Virtual Private Network (VPN) is a network technology that creates a secure

network connection over a public network such as the Internet or a private network

owned by a service provider. Large corporations, educational institutions, and

government agencies use VPN technology to enable remote users to securely connect to a

private network.

13) NODE:- In networks, a processing location. A node can be a computer or some

other device, such as a printer. Every node has a unique network address, sometimes

called a Data Link Control (DLC) address or Media Access Control (MAC) address.

A node can be a computer and terminal and any other devices.

14) HOST:-In a computer network host has a unique ip address. And it has some data. A

computer that is connected to a TCP/IP network, including the Internet. Each host has a

unique IP address.

7

15) FIREWALL:-Firewall is both hardware and software devices. A system designed to

prevent unauthorized access to or from a private network. Firewalls can be implemented

in both hardware and software, or a combination of both. Firewalls are frequently used to

prevent unauthorized Internet users from accessing private networks connected to the

Internet, especially internet. All messages entering or leaving the intranet pass through

the firewall, which examines each message and blocks those that do not meet the

specified security criteria.

16) TRANSCIVER =Network Transceivers, short for transmitter-receiver, are devices

that both transmit and receive analog or digital signals. The term is used most frequently

to describe the component in a local-area network (LAN) that actually applies signals

onto the network wire and also detects signals passing through the same wire. For many

LANs, the transceiver is built directly into the network interface card (NIC). Some types

of networks, however, require an external transceiver.

Network transceivers are available in three main configurations: chip, board, or

module style. Chip style network transceivers are the smallest type. They can easily be

inserted into or removed from a network system. Board style devices are built directly

into a network board or card. Module transceivers are external to the network, and are

installed and function similarly to other computer peripherals, or they may function as

stand-alone devices.

TYPES OF NETWORK:

Basically there are three types of network:-

1) LAN

2) WAN

3) MAN

1) LAN:-LAN stands for local area network. It is a computer network which is connoted

with each other and shair their resources and information but not connected to the internet

is called LAN.

2) WAN:-WAN stands for wide are network. A WAN spans a large geographic area,

such as a state, province or country. WANs often connect multiple smaller networks,

such as local area networks (LANs) or metro area networks (MANs).

The world's most popular WAN is the Internet. Some segments of the Internet, like VPN-

based extranets, are also WANs in themselves. Finally, many WANs are corporate or

research networks that utilize leased lines.

WANs generally utilize different and much more expensive networking equipment than

do LANs. Key technologies often found in WANs include SONET, Frame Relay,

and ATM.

3)MAN:- Man stand for Metropolitan area network. A network spanning a physical area

larger than a LAN but smaller than a WAN, such as a city. A MAN is typically owned an

operated by a single entity such as a government body or large corporation.

8

NETWORK MODEL:-

There are three types of network model

1) Peer to peer

2) Server client

3) Central computing

1) PEER TO PEER =Peer-to-peer (abbreviated to P2P) refers to a computer network in

which each computer in the network can act as a client or server for the other computers

in the network, allowing shared access to files and peripherals without the need for a

central server. P2P networks can be set up in the home, a business or over the Internet.

Each network type requires all computers in the network to use the same or a compatible

program to connect to each other and access files and other resources found on the other

computer. P2P networks can be used for sharing content such as audio, video, data or

anything in digital format.

2) SERVER CLIENT =The client/server model is a computing model that acts

as distributed application which partitions tasks or workloads between the providers of a

resource or service, called servers, and service requesters, called clients. Often clients and

9

servers communicate over a computer network on separate hardware, but both client and

server may reside in the same system. A server machine is a host that is running one or

more server programs which share their resources with clients. A client does not share

any of its resources, but requests a server's content or service function. Clients therefore

initiate communication sessions with servers which await incoming requests.

3) CENTRAL COMPUTING =Centralized computing is computing done at a central

location, using terminals that are attached to a central computer. The computer itself may

control all the peripherals directly (if they are physically connected to the central

computer), or they may be attached via a terminal server. Alternatively, if the terminals

have the capability, they may be able to connect to the central computer over the

network. The terminals may be text terminals or thin clients, for example. In this type of

model a machine process all the data and other computer in network work like as dump

terminal they can only provide the input and see the output.

NETWORK TOPOLOGYES -

The specific physical, i.e., real, or logical, i.e., virtual, arrangement of the elements of a

network. Note 1: Two networks have the same topology if the connection configuration

is the same, although the networks may differ in physical interconnections, distances

between nodes, transmission rates, and/or signal types. Note 2: The common types of

network topology are illustrated and defined in alphabetical order below. There are two

type of network topology. 1) logical and 2) physical topology .

10

1)LOGICAL TOPOLOGY =Logical topology (also referred to as signal topology) is a

network computing term used to describe the arrangement of devices on a network and

how they communicate with one another.

Logical topologies are bound to network protocols and describe how data is

moved across the network. There are attempts to study the logical topology of

the Internet by network scientists such as Albert-László Barabási.

2) PHYSICL TOPOLOGY =The shape of the cabling layout used to link devices is

called the physical topology of the network. This refers to the layout of cabling, the

locations of nodes, and the interconnections between the nodes and the cabling. The

physical topology of a network is determined by the capabilities of the network access

devices and media, the level of control or fault tolerance desired, and the cost associated

with cabling or telecommunications circuits.

1. Bus Topology

2. Star Topology

3. Ring Topology

4. Mesh Topology

--> Full Mesh

--> Partial Mesh

5. Tree Topology

6. Hybrid Topology

1)BUS TOPOLOGY =In local area networks where bus topology is used, each node is

connected to a single cable. Each computer or server is connected to the single bus cable.

And it is terminated at both ends. bus topology consists of only one wire, it is rather

inexpensive to implement when compared to other topologies. However, the low cost of

implementing the technology is offset by the high cost of managing the network.

Additionally, since only one cable is utilized, it can be the single point of failure. If the

network cable is terminated on both ends and when without termination data transfer stop

and when cable breaks, the entire network will be down.

Advantages:

A)Failure of one of the station does not affect others.

B)Good compromise over the other two topologies as it allows relatively high rate of data

tansmittion.

C)Well suited for temporary networks that must be set up in a hurry.

D)Easy to implement and extend.

Disadvantage:

A)Require a network to detect when two nodes are transmitting at the same time.

B)Does not cope well with heavy traffic rates

C)Difficult to administer/troubleshoot.

E)Limited cable length and number of stations.

F)A cable brake can disable the entire network; no redundancy.

G)Maintenance cost may be higher in the long run.

H)Performance degrade as additional computers are added.

11

2) STAR TOPOLOGY =In local area networks with a star topology, In Star topology,

all the components of network are connected to the central device called ―hub‖ which

may be a hub, a router or a switch. Unlike Bus topology (discussed earlier), where nodes

were connected to central cable, here all the workstations are connected to central device

with a point-to-point connection. So it can be said that every computer is indirectly

connected to every other node by the help of ―hub, Switch‖.

All the data on the star topology passes through the central device before

reaching the intended destination. Hub acts as a junction to connect different nodes

present in Star Network, and at the same time it manages and controls whole of the

network. Depending on which central device is used, ―hub‖ can act as repeater or signal

booster. Central device can also communicate with other hubs of different network.

Unshielded Twisted Pair (UTP) Ethernet cable is used to connect workstations to central

node. Advantages :

1)New system can be added easily and quickly.

2)A single cable fail no break down entire network.

3)It is easy to troubleshoot.

Disadvantages :

1)It is costly because of large amount of cable is required.

2)It has single point of fail ( Hub, Switch and Access Point)

3) RING TOPOLOGY =In Ring Topology, all the nodes are connected to each-other in

such a way that they make a closed loop. Each workstation is connected to two other

components on either side, and it communicates with these two adjacent neighbors. Data

travels around the network, in one direction. Sending and receiving of data takes place by

12

the help of TOKEN.

Token Passing (in brief) : Token contains a piece of information which along with data

is sent by the source computer. This token then passes to next node, which checks if the

signal is intended to it. If yes, it receives it and passes the empty to into the network,

otherwise passes token along with the data to next node. This process continues until the

signal reaches its intended destination.

The nodes with token are the ones only allowed to send data. Other nodes have to wait

for an empty token to reach them. This network is usually found in offices, schools and

small buildings.

RING AND TOKEN RING

Advantages of Ring Topology

1) This type of network topology is very organized. Each node gets to send the data

when it receives an empty token. This helps to reduces chances of collision. Also in ring

topology all the traffic flows in only one direction at very high speed.

2) Even when the load on the network increases, its performance is better than that

of Bus topology.

3) There is no need for network server to control the connectivity between workstations.

4) Additional components do not affect the performance of network.

5) Each computer has equal access to resources.

Disadvantages of Ring Topology

1) Each packet of data must pass through all the computers between source and

destination. This makes it slower than Star topology.

2) If one workstation or port goes down, the entire network gets affected.

13

3) Network is highly dependent on the wire which connects different components.

4) MAU‘s and network cards are expensive as compared to Ethernet cards and hubs.

4) MASH TOPOLOGY =In a mesh network topology, each of the network node,

computer and other devices, are interconnected with one another. Every node not only

sends its own signals but also relays data from other nodes. In fact a true mesh topology

is the one where every node is connected to every other node in the network. This type of

topology is very expensive as there are many redundant connections, thus it is not mostly

used in computer networks. It is commonly used in wireless networks. Flooding or

routing technique is used in mesh topology.

Types of Mesh Network topologies:-

1)FULL MESH TOPOLOGY:

In this, like a true mesh, each component is connected to every other component. Even

after considering the redundancy factor and cost of this network, its main advantage is

that the network traffic can be redirected to other nodes if one of the nodes goes down.

Full mesh topology is used only for backbone networks.

2)PARTIAL MESH TOPOLOGY:

This is far more practical as compared to full mesh topology. Here, some of the systems

are connected in similar fashion as in mesh topology while rests of the systems are only

connected to 1 or 2 devices. It can be said that in partial mesh, the workstations are

‗indirectly‘ connected to other devices. This one is less costly and also

reducesredundancy.

Mesh Topology Diagram

Advantages of Mesh topology

1) Data can be transmitted from different devices simultaneously. This topology can

withstand high traffic.

2) Even if one of the components fails there is always an alternative present. So data

transfer doesn‘t get affected.

14

3) Expansion and modification in topology can be done without disrupting other nodes.

Disadvantages of Mesh topology

1) There are high chances of redundancy in many of the network connections.

2) Overall cost of this network is way too high as compared to other network topologies.

3) Set-up and maintenance of this topology is very difficult. Even administration of the

network is tough.

5) TREE TOPOLOGY = Tree Topology integrates the characteristics of Star and Bus

Topology. Earlier we saw how in Physical Star network Topology, computers (nodes) are

connected by each other through central hub. And we also saw in Bus Topology, work

station devices are connected by the common cable called Bus. After understanding these

two network configurations, we can discuss tree topology better. In Tree Topology, the

number of Star networks are connected using Bus. This main cable seems like a main

stem of a tree, and other star networks as the branches. It is also called Expanded Star

Topology. Ethernet protocol is commonly used in this type of topology. The diagram

below will make it clear.

Advantages of Tree Topology 1. It is an extension of Star and bus Topologies, so in networks where these topologies

can't be implemented individually for reasons related to scalability, tree topology is the

best alternative.

2. Expansion of Network is possible and easy.

3. Here, we divide the whole network into segments (star networks), which can be easily

managed and maintained.

4. Error detection and correction is easy.

5. Each segment is provided with dedicated point-to-point wiring to the central hub.

6. If one segment is damaged, other segments are not affected.

Disadvantages of Tree Topology 1. Because of its basic structure, tree topology, relies heavily on the main bus cable, if it

breaks whole network is crippled.

2. As more and more nodes and segments are added, the maintenance becomes difficult.

3. Scalability of the network depends on the type of cable used.

15

6) HYBRIDE TOPOLOGY = Before starting about Hybrid topology, we saw that

a network topology is a connection of various links and nodes, communicating with each

other for transfer of data. We also saw various advantages and disadvantages

of Star, Bus, Ring, Mesh and Tree topologies. Now lets discuss what Hybrid Network

topology is and why it finds its application in Wide Area Networks. Hybrid, as the name

suggests, is mixture of two different things. Similarly in this type of topology we

integrate two or more different topologies to form a resultant topology which has good

points(as well as weaknesses) of all the constituent basic topologies rather than having

characteristics of one specific topology. This combination of topologies is done according

to the requirements of the organization.

For example, if there exists a ring topology in one office department while a bus topology

in another department, connecting these two will result in Hybrid topology. Remember

connecting two similar topologies cannot be termed as Hybrid topology. Star-Ring and

Star-Bus networks are most common examples of hybrid network.

Let's see the benefits and drawbacks of this networking architecture

Hybrid Network Topology Image

Advantages of Hybrid Network Topology

1) Reliable : Unlike other networks, fault detection and troubleshooting is easy in this

type of topology. The part in which fault is detected can be isolated from the rest of

network and required corrective measures can be taken, WITHOUT affecting the

functioning of rest of the network.

2) Scalable: Its easy to increase the size of network by adding new components, without

disturbing existing architecture.

3) Flexible: Hybrid Network can be designed according to the requirements of the

organization and by optimizing the available resources. Special care can be given to

16

nodes where traffic is high as well as where chances of fault are high.

4) Effective: Hybrid topology is the combination of two or more topologies, so we can

design it in such a way that strengths of constituent topologies are maximized while there

weaknesses are neutralized. For example we saw Ring Topology has good data reliability

(achieved by use of tokens) and Star topology has high tolerance capability (as each node

is not directly connected to other but through central device), so these two can be used

effectively in hybrid star-ring topology.

Disadvantages of Hybrid Topology

1) Complexity of Design: One of the biggest drawback of hybrid topology is its design.

Its not easy to design this type of architecture and its a tough job for designers.

Configuration and installation process needs to be very efficient.

2) Costly Hub: The hubs used to connect two distinct networks, are very expensive.

These hubs are different from usual hubs as they need to be intelligent enough to work

with different architectures and should be function even if a part of network is down.

3) Costly Infrastructure: As hybrid architectures are usually larger in scale, they

require a lot of cables, cooling systems, sophisticate network devices, etc.

CABLES (PHYSICAL MEADIA)

There are three types of cable

1) COAXIAL CABLE

2) TWISTED PAIR CABLE

3) FIBER OPTIC CABLE

1) COAXIAL CABLE = A type of wire that consists of a center wire surrounded by

insulation and then a grounded shield of braided wire. The shield minimizes electrical

EMI (Electromagnetic interference) and radio frequency interference.

Coaxial cabling is the primary type of cabling used by the cable television industry and is

also widely used for computer networks, such as Ethernet. Although more expensive than

standard telephone wire, it is much less susceptible to interference and can carry much

more data.

There two types of coaxial cable:-

A) Tinnet coaxial cable( RG58)

B) Tick net coaxial cable (RG 8)

17

CABLE = TINNET CABLE = TICK NET

10 BASE 2 10 BASE 2

SINGNAL = BASEBAND / DIGITAL SINGNAL = BASEBAND/DIGITAL

SPEED = 10 MBPS SPEED = 10 MBPS

LENGTH = 18.5 METER LENGTH =500 METERS

CONNECTOR = BNC CONNECTOR = AUI, VAMPIRE

DIAMETER = 0.25 CM DIAMETER = 0.96 CM

BNC =British novel connector

AUI = Attachment User interface

RG = Radio Government

2) TWISTED PAIR CABLE= A type of cable that consists of two independently

insulated wires twisted around one another. The use of two wires twisted together helps

to reduce crosstalk and electromagnetic induction. While twisted-pair cable is used by

older telephone networks and is the least expensive type of local-area network

(LAN) cable, most networks contain some twisted-pair cabling at some point along the

network. Connector RJ45, RJ11. RJ stands for Register jack.

There are two types of Twisted Pair Cable

1) UTP (UNSHIELDED TWISTED PAIR CABLE)

2) STP (SHIELDED TWISTED PAIR CABLE)

1) UTP = UTP stands for Unshielded Twisted Pair cable. UTP cable is a 100 ohm copper

cable that consists of 2 to 1800 unshielded twisted pairs surrounded by an outer jacket.

They have no metallic shield. This makes the cable small in diameter but unprotected

against electrical interference. The twist helps to improve its immunity to electrical noise

and EMI.

2) STP= a type of copper telephone wiring in which each of the two copper wires that are

twisted together are coated with an insulating coating that functions as a ground for the

wires. The extra covering in shielded twisted pair wiring protects the transmission line

from electromagnetic interference leaking into or out of the cable. STP cabling often is

used in Ethernet networks, especially fast data rate Ethernets.

18

CROSSOVER CABLE COLOR CODDIGN 13 26

FIRST END LAST END

T568B T568A

ORANGE-WHITE GREEN –WHITE

ORANGE GREEN

GREEN WHITE ORANGE-WHITE

BLUE BLUE

BLUE-WHITE BLUE-WHITE

GREEN ORANGE

BROWN-WHITE BROWN-WHITE

BROWN BROWN

CROSS CABLE USE:- 13 AND 26

FIRST END =T568B AND SECOND END = T568A

IT is used to connect similar devices like PC to PC, HUB TO HUB, SWITCH TO

SWITCH and ROUTER TO PC.

STRIGHT THROUGH CABLE:-

FIRST END =T568B AND SECOND END T568B

It is used to connect dissimilar devices like pc to hub, switch to pc, ROUTER TO

SWITCH, MODEM TO PC , SWITCH TO MODEM

ROLLEDOVER CABLE:- It is used to connect router‘s console port to pc . And

router‘s console port is used to configure router.

First end =T568B and second end= just opposite T568B

19

3) FIBER OPTIC CABLE =Fiber Optic Cable Transmit digital signals using the light

impulse rather then analog signals. It is save from EMI. Optical fiber consists of

a core and a cladding layer, selected for total internal reflection due to the difference in

the refractive between the two. In practical fibers, the cladding is usually coated with a

layer of acrylate polymer or polyimide. This coating protects the fiber from damage but

does not contribute to its optical waveguide properties. Individual coated fibers (or fibers

formed into ribbons or bundles) then have a tough resin buffer layer and/or core tube(s)

extruded around them to form the cable core. Several layers of protective sheathing,

depending on the application, are added to form the cable. Rigid fiber assemblies

sometimes put light-absorbing ("dark") glass between the fibers, to prevent light that

leaks out of one fiber from entering another. This reduces cross-talk between the fibers,

or reduces flare in fiber bundle imaging applications.

There are two types of Fiber optic cable-

A)Single Mode Fiber Optic Cable

B) Multi Mode Fiber Optic Cable

Single Mode Fiber Optic Cable can transmit only single light rays while

multimode Fiber optic cable can transmit multiple light Signal.

Multimode Fiber optic cable is used for short distance application and Single

mode fiber optic cable is used for long distance

Fiber optic cable can transmit up to 40 Kilometers .

It support bandwidth 100Mbps 1Gbps and 10Gbps.

Connectors for Fiber Optic cable ST(straight Tip) and SC(Subscriber Connector)

and the SC connector is developed by AT&T.

Fiber optic cable is very costly and it is difficult to install, it is required a bigger

investment in installation.

20

Wi-Fi: - Wi-Fi is a popular technology that allows an electronic device to exchange

data wirelessly (using radio wave) over a computer network, including high-

speed Internet connections. IEEE STANDRAD 802.11

PROTOCOL: - A uniform set of rules that enable two devices to connect and transmit

data to one another. Protocols determine how data are transmitted between computing

devices and over networks. They define issues such as error control and data compression

methods.

OSI (OPEN SOURCE INTERCONNECTION) MODEL

OSI model is seven layer conceptual models that define the communication method of

computer network. It defines the communication process in 7 layers. OSI model was

developed by ISO (international standard organization) in 1977(in some web site it

should be 1984 1980 and 1974). First network is developed by IBM and it works only

IBM devices. That‘s by OSI model was develop that a common platform can be given to

all devices that dissimilar devices can communicate.

Seven Layer of OSI model :-

21

1) PHYSICAL LAYER

2) DATA LINK LAYER

3) NETWORK LAYER

4) TRANSPORT LAYER

5) SESSION LAYER

6) PRESENTATION LAYER

7) APPLICATION LAYER

The upper layers (application, presentation and session) of the OSI model represent

software that implements network services like encryption and connection management.

The lower layers (transport, network, data link and physical) of the OSI model

implement more primitive, hardware-oriented functions like routing, addressing, and flow

control.You can remember OSI layer by All People Seem To Need Data Processing.

LAYER 1- PHYSICAL LAYER:-

It is layer first of OSI model. Physical layer defines the cable or physical medium itself,

e.g., thinnet, thicknet, unshielded twisted pairs (UTP). All media are functionally

equivalent. The main difference is in convenience and cost of installation and

maintenance. It define electrical and optical signaling, voltage levels, data transmission

rate, as well as mechanical specifications such as cable lengths and connectors, the

amount of pins and their Functions. Converters from one media to another operate at this

level.

Data unit = bit

Devices = Hub, Repeater, cable, connectors, NICs, WAPs, LAN, WAN, Interface such as

RS-232 ,OC-3, BRI And Antennas.

It received data from data link layer in the form of Frame then converts it into bit.

LAYER 2- DATA LINK LAYER:-

It is second layer of OSI model

Data Unit = Frame

Devices = Switch, Bridge

Protocol = STP, VTP, HDLC, PPP, FRAM RELAY.

It takes data from network layer in the form of Packet than attached header and trailer on

this packet now it becomes frame. Its header has the information about source Mac,

destination Mac, Ether type, ant it trailer has information about FCS.

FCS=FCS apply algorithm on data and generate 4Byte code and at the receiving end

Again FCS apply Algorithm and Generate 4 Byte code. If code is same then no error and

no modification while transmission otherwise again send data it gives flow control.

The Maximum Transmission Unit (MTU). The data link layer handles the physical

and logical connections to the packet's destination, using a network interface. A host

connected to an Ethernet would have an Ethernet interface to handle connections to the

outside world, and a loop back interface to send packets to it. Layer two Broadcast

address FF:FF:FF:FF:FF:FF . 802.5 For token ring

TWO sub layer of data link layer is-

A) LLC(logical link control layer)

B) MAC(media access control layer)

22

A) LLC= The uppermost sub layer, LLC, multiplexes protocols running a top the data

link layer (Network layer), and optionally provides flow control, acknowledgment, and

error notification. The LLC provides addressing and control of the data link. It specifies

which mechanisms are to be used for addressing stations over the transmission medium

and for controlling the data exchanged between the originator and recipient machines.

Standard 802.2

B)MAC=MAC may refer to the sub layer that determines who is allowed to access the

media at any one time (usually CSMA/CD). Other times it refers to a frame structure with

MAC addresses inside. There are generally two forms of media access control:

distributed and centralized. Both of these may be compared to communication between

people. In a network made up of people speaking, i.e. a conversation, we look for clues

from our fellow talkers to see if any of them appear to be about to speak. If two people

speak at the same time, they will back off and begin a long and elaborate game of saying

"no, you first".

The Media Access Control sub layer also determines where one frame of data ends and

the next one starts – frame synchronization. There are four means of frame

synchronization: time based, character counting, byte stuffing and bit stuffing. IEEE

Standers Of data link (MAC Sublayer) layer 802.3,802.4,802.5 and 802.11.

23

LAYER3-NETWORK LAYER It is layer 3 of OSI model

Data Unit = Packet

Devices =Router

Protocol= Routed and Routing Protocol

Layer three Broadcast address 255.255.255.255

Routed Protocol=It is define the method of Packet Transmission in Internetwork

Example =IP, IPx, AppleTalk

Routing Protocol=It select the best path for packet Transmission example RIP IGRP

EIGRP OSPF.

It received data from transport layer in the form of segment then attach header on

segment now it become packet. Its header has information about source ip address and

destination ip address. Router understands the ip address and it creates routing tables.

Routing tables has information about best path for packet transmission.

The network layer is the layer at which IP (Internet protocol) operates. Other

protocols in the TCP/IP suite of protocols, which forms the basis of the Internet and most

other networks, that also operate in this layer are ICMP, IPsec, ARP, RIP, OSPF and

BGP.The network layer is responsible for routing, which is moving packets (the

fundamental unit of data transport on modern computer networks) across the network

using the most appropriate paths. It also addresses messages and translates logical

addresses (i.e., IP addresses) into physical addresses (i.e., MAC addresses).

LAYER4-TRANSPORT LAYER

It is layer 4 of OSI model

Data Unit = Segment

Protocol = TCP, UDP

24

It received data from session layer in the form of data and divided it into

segments, Each and every segment has a header, its header has information about source

port no, destination port no, sequence no and Acknowledgement number and window etc.

The Transport layer is responsible for end-to-end (source-to-destination) data delivery. The Transport layer ensures the reliable arrival of messages and provides error checking

mechanisms and data flow controls. The Transport layer provides services for both

"connection-mode" transmissions and for "connectionless-mode" transmissions. For

connection-mode transmissions, a transmission may be sent or arrive in the form of

packets that need to be reconstructed into a complete message at the other end.

Header format of Transport Layer

LAYER 5- SESSION LAYER

It is fifth layer of OSI model

Data Unit = Data

It creates session between different communication process and it is responsible

for the mechanism for opening, closing and managing a session between end-user

application processes, i.e., a semi-permanent dialogue. Communication sessions consist

of requests and responses that occur between applications. Session-layer services are

commonly used in application environments that make use of remote procedure

25

calls (RPCs). These layers also provide the dialog control between devices or nodes. It is

also control communication mode. Three are three types of communication mode.

A) Simplex

B) Half Duplex

C) Full Duplex

A) Simplex =In simplex operation, a network cable or communications channel can only

send information in one direction; it's a ―one-way street‖. In simple way only one way

communication.

B) Half Duplex=A half-duplex (HDX) system provides communication in both

directions, but only one direction at a time (not simultaneously). Typically, once a party

begins receiving a signal, it must wait for the transmitter to stop transmitting, before

replying (antennas are of trans-receiver type in these devices, so as to transmit and

receive the signal as well). Example cordless, Hub.

C) Full Duplex= A full-duplex (FDX), or sometimes double-duplex system, allows

communication in both directions, and, unlike half-duplex, allows this to happen

simultaneously. Land-line telephone networks are full-duplex, since they allow both

callers to speak and be heard at the same time. A good analogy for a full-duplex system

would be a two-lane road with one lane for each direction. Example mobile call, Switch.

LAYER 6-PRESENTATION LAYER

It is layer 6 th of OSI model.

Data Unit=data

The Presentation layer ‗represent‘ the data in particular format of The Application layer.

It defines encryption, Compression, Conversion and coding Function. Data are passed

from the application layer services. These data must then be formatted into agreed-upon

codes. The codes can be alphanumeric, numeric, video, audio, or program instruction

codes. The presentation layer may also be responsible for data compression and

encryption. The three most common types of translation methods are bit order, byte

order, and character code translation. Encryption services provided by the OSI

presentation layer protocols include transposition, substitution, and algebraic methods

ENCRIPTION = Encryption is the conversion of data into a form, called a cipher text,

that cannot be easily understood by unauthorized people. Decryption is the process of

converting encrypted data back into its original form, so it can be understood able.

COMPRESSION= Compression is the process of reducing the size of a file by encoding

its data information more efficiently. By doing this, the result is a reduction in the

number of bits and bytes used to store the information. In effect, a smaller file size is

generated in order to achieve a faster transmission of electronic files and a smaller space

required for its downloading.

TRANSLATION= The presentation layer serves as the data translator for the network.

This layer on the sending computer translates the data sent by the application layer into a

26

common format. At the receiving computer, the presentation layer translates the common

format to a format known to the application layer. Character-code translation, such as

from ASCII to EBCDIC.

LAYER 7- APPLICATION LAYER

It is layer 7 of OSI model

Data Unit = data

Protocol = Http, Telnet, Ftp, Tftp, Smtp, Ntp

The application layer provider different services to the application. Examples of services

provided by this layer are file transfer, electronic messaging e-mail, virtual terminal

access and network management. Data is often encoded using different schemes, such as

ASCII, EBCIDC or UNICODE. It is provide interface for different Application like ms-

word, ms-outlook, Http.

ASCII = American standard code for information interchange

EBCIDC= Extended binary coded decimal interchange code

UNICODE= Unique Universal and Uniform character encoding

Types of Transmission

Unicast

Unicast packets are sent from host to host. The communication is from a single host to

another single host. There is one device transmitting a message destined for one receiver.

In simple word one to one communication.

Broadcast

27

Broadcast is when a single device is transmitting a message to all other devices in a given

address range. This broadcast could reach all hosts on the subnet, all subnets, or all hosts

on all subnets. Broadcast packets have the host (and/or subnet) portion of the address set

to all ones. By design, most modern routers will block IP broadcast traffic and restrict it

to the local subnet. In word one to all communication.

Multicast

Multicast is a special protocol for use with IP. Multicast enables a single device to

communicate with a specific set of hosts, not defined by any standard IP address and

mask combination. This allows for communication that resembles a conference call.

Anyone from anywhere can join the conference, and everyone at the conference hears

what the speaker has to say. The speaker's message isn't broadcasted everywhere, but

only to those in the conference call itself. A special set of addresses is used for multicast

communication. In simple word One to many communication.

TYPES OF SWITCHING

PACKET SWITCHING= Packet-switched networks move data in separate, small

blocks -- packets -- based on the destination address in each packet. When received,

packets are reassembled in the proper sequence to make up the message. Packet-switched

networks handled data.

CIRCUIT SWITCHING=Circuit-switched networks require dedicated point-to-point

connections during calls. Circuit-switched networks and packet-switched networks have

traditionally occupied different spaces within corporations. Circuit-switched networks

were used for phone calls.

MESSAGE SWITCHING =Sometimes there is no need for a circuit to be established

all the way from the source to the destination. Consider a connection between the users

(A and D) in the figure below (i.e. A and D) is represented by a series of links (AB, BC,

and CD).

A connection between two systems A & D formed from 3 links

For instance, when a telex (or email) message is sent from A to D, it first passes over a

local connection (AB). It is then passed at some later time to C (via link BC), and from

there to the destination (via link CD). At each message switch, the received message is

stored, and a connection is subsequently made to deliver the message to the neighboring

message switch. Message switching is also known as store-and-forward switching since

the messages are stored at intermediate nodes en route to their destinations.

28

TCP/IP MODEL

TCP/IP =Transmission Control Protocol/Internet Protocol

A) It is developed by DOD (Department OF Defiance) in 1970

B) It present the data integrity while means of data transmission

C) It is four Layer Model

The Four Layer‘s of TCP/IP

The Transmission Control Protocol (TCP) is one of the core protocols of the Internet

Protocol Suite. TCP is one of the two original components of the suite, complementing

the Internet Protocol (IP), and therefore the entire suite is commonly referred to

as TCP/IP. TCP provides reliable, ordered delivery of a stream of bytes from a program

on one computer to another program on another computer. TCP is the protocol used by

major Internet applications such as the World Wide Web, email, remote

administration and file transfer. Other applications, which do not require reliable data

stream service, may use the User Datagram Protocol (UDP), which provides

a datagram service that emphasizes reduced latency over reliability. TCP/IP is a Protocol

suit it means collection of protocols. TCP/IP protocols map to a four-layer conceptual

model known as the DARPA model, named after the U.S. government agency that

initially developed TCP/IP. The four layers of the DARPA model

1) LAYER 1 – NETWORK LAYER /LINK LAYER

Link layer is the lowest layer in the Internet Protocol Suite (TCP/IP), the networking

architecture of the Internet (RFC 1122, RFC 1123). It is the group of methods

or protocols that only operate on a host's link. The link is the physical and logical

network component used to interconnect hosts or nodes in the network and a link

protocol is a suite of methods and standards that operate only between adjacent network

29

nodes of a Local area network segment or a wide area network connection. TCP/IP and

OSI, the link layer is often described as a combination of the data link layer and the

physical layer in the OSI protocol stack. However, TCP/IP's layers are descriptions of

operating scopes (application, host-to-host, network, and link) and not

detailed prescriptions of operating procedures, data semantics, or networking

technologies. RFC 1122 exemplifies that local area network protocols such as Ethernet

and IEEE 802, and framing protocols such as Point-to-Point Protocol (PPP), ARP,RARP

belong to the link layer.

2) LAYER 2 – INTERNET LAYER

The Internet layer in the TCP/IP reference model is responsible for transferring data

between the source and destination computers. The Internet layer accepts data from the

Transport layer and passes the data to the Network Interface layer. The following are the

functions of the Internet layer: Transmitting data to the Network Interface layer. Routing

the data to the correct destination. This layer takes care of sending the data through the

shortest route if more than one route is available. In addition, if a route through which a

datagram is to be sent has problems, the datagram is sent through an alternate route. IP

encapsulates data into IP datagram‘s, which in turn are encapsulated inside Network

Interface layer frames. IP datagram‘s are the basic units of information that are passed

across a Transmission Control Protocol/Internet Protocol (TCP/IP) network. The

datagram header contains information, such as the source IP address and the destination

IP address. The header also contains information about which protocol will receive data

from IP. These protocols are the User Datagram Protocol (UDP), the Transmission

Control Protocol (TCP), and ICMP. IP IPv4, IPv6, ICMP, ICMPv6, ECN, IGMP , IPsec

IP DATA GRAM

HEADER

30

3) LAYER 3- TRANSPORT LAYER

The Transport layer transports data to and from the correct application. This process is

known as end-to-end communication. In TCP/IP the Transport layer provides a transport

service for application data. The Transport layer header includes a destination port

number that identifies the destination application program on the remote machine and a

source port number that identifies the application on the originating machine. In addition,

the Transport layer handles error detection, can handle recovery problems, and regulates

the flow of information. The way, in which the Transport layer handles error detection,

the sequence of data, and flow regulation depends on which protocol is used. There are

two main protocols that operate at the Transport layer, TCP and UDP. The TCP/IP

protocol stack features two Transport layer protocols, TCP and UDP:

Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)is a

transportation protocol that is one of the core protocols of the Internet protocol suite.

Both TCP and UDP work at transport layer TCP/IP model and both have very different

usage.

Difference between TCP and UDP

TCP UDP

Reliability: TCP is connection-oriented

protocol. When a file or message send it will

get delivered unless connections fails. If

connection lost, the server will request the

lost part. There is no corruption while

transferring a message.

Reliability: UDP is connectionless

protocol. When you a send a data or

message, you don't know if it'll get there, it

could get lost on the way. There may be

corruption while transferring a message.

Ordered: If you send two messages along a

connection, one after the other, you know the

first message will get there first. You don't

have to worry about data arriving in the

wrong order.

Ordered: If you send two messages out, you

don't know what order they'll arrive in

i.e. no ordered

Heavyweight: - when the low level parts of

the TCP "stream" arrive in the wrong order,

resend requests have to be sent, and all the

out of sequence parts have to be put back

together, so requires a bit of work to piece

together.

Lightweight: No ordering of messages, no

tracking connections, etc. It's just fire and

forget! This means it's a lot quicker, and the

network card / OS have to do very little

work to translate the data back from the

packets.

Streaming: Data is read as a "stream," with

nothing distinguishing where one packet

ends and another begins. There may be

multiple packets per read call.

Datagrams: Packets are sent individually

and are guaranteed to be whole if they

arrive. One packet per one read call.

Examples: World Wide Web (Apache TCP

port 80), e-mail (SMTP TCP port 25 Postfix

MTA), File Transfer Protocol (FTP port 21)

Examples: Domain Name System (DNS

UDP port 53), streaming media

applications such as IPTV or movies, Voice

31

and Secure Shell (OpenSSH port 22) etc. over IP (VoIP), Trivial File Transfer

Protocol (TFTP) and online multiplayer

games etc

Basic UDP information

UDP is a connectionless, stateless, and unreliable protocol. It is faster and more efficient

for many lightweight or time-sensitive purposes. Also, its stateless nature is useful for

servers that answer small queries from huge numbers of clients. UDP is required

for broadcast (send to all on local network) andmulticast (send to all subscribers).

With UDP, the application is responsible for handling message loss, duplication,

sequence (delivery out of order), and loss of connection. UDP receives incoming data

from the application and encapsulates the data into UDP datagrams. UDP datagrams have

a leading header section hat contains the source and destination port numbers, followed

by the data section.

16 32 bits

Source port Destination port

Length Checksum

Data

Basic TCP Information

TCP is a connection-oriented, state full , and reliable protocol. TCP is suited for

situations where large volumes of data must travel between systems, particularly across

multiple routers and gateways. TCP has four main features:

Virtual circuit connection

Full-duplex connection

Unstructured stream orientation

Buffered transfer

The TCP segment header has more fields then UDP header. The TCP header structure is

as follows:

32

16 32 bits

Source port Destination port

Sequence number

Acknowledgement number

Offset Reserved U A P R S F Window

Checksum Urgent pointer

Option + Padding

Data

TCP header structure

4) LAYER 4- APPLICATION LAYER

In TCP/IP, the application layer contains all protocols and methods that fall into the

realm of process-to-process communications across an Internet Protocol (IP) network.

Application layer methods use the underlying transport layer protocols to establish host-

to-host connections. In the OSI model, the definition of its application layer is narrower

in scope, explicitly distinguishing additional functionality above the transport layer at two

additional levels, the session layer and the presentation layer. OSI specifies strict modular

separation of functionality at these layers and provides protocol implementations for each

layer. Remote login category (Telnet), File transfer category (FTP, TFTP), Electronic

mail category (SMTP, IMAP, POP), Support services category (DNS, RARP, BOOTP,

SNMP, CMOT)

33

APPLICATION LAYER PROTOCOLS =

1) TELNET = (PORT NO 23 /TCP) Telnet is used to access a system form remote

location via command line. We can use telnet when it configures both sides. It is

unsecured because it sends user name and password in plan text format.

Example: - c :\> telnet 192.168.1.25

2) FTP = (PORT NO 20=DATA 21=CONNETION /TCP) FTP stands for file transfer

protocol. It is just not a protocol it is a program and Application that allow to access

directory and files.

Port number 20 is used to transfer data and port no 21 is used to maintain

connection (creating, managing and establishing).this protocol is used to download and

upload files. FTP is built on client-server architecture and uses separate control and data

connections between the client and the server.[1]

FTP users may authenticate themselves

using a clear-text sign-in protocol, normally in the form of a username and password, but

can connect anonymously if the server is configured to allow it. For secure transmission

that hides (encrypts) your username and password, as well as encrypts the content, you

can try using a client that uses SSH File Transfer Protocol.

FTPS=(PORT NO DATA=989/TCP/UDP, CONTROL=990 TCP/UDP) It stands for File

Transfer Protocol Secure. FTPS (also known as FTP Secure and FTP-SSL) is an

extension to the commonly used File Transfer Protocol (FTP) that adds support for

the Transport Layer Security (TLS) and the Secure Sockets Layer (SSL) cryptographic

protocols.

FTPS should not be confused with the SSH File Transfer Protocol (SFTP), an

incompatible secure file transfer subsystem for the Secure Shell (SSH) protocol. It is also

different from Secure FTP, the practice of tunneling FTP through an SSH connection.

3) TFTP= (PORT NO 69/UDP) Trivat File Transfer Protocol. TFTP is used to UDP

that‘s by it is unsecured, unreliable. It is also used to download and upload files. It is

faster then FTP. TFTP has no login feature (it does not prompt for user name and

password). original versions of TFTP only allowed transferring files up to 32 megabytes

in size (some newer TFTP servers remove this restriction).

4) SMTP = (PORT NO 25/TCP SMTPS=587) Simple Mail Transfer Protocol, a

protocol for sending e-mail messages between servers. Most e-mail systems that send

mail over the Internet use SMTP to send messages from one server to another By using

MTA(Mail transfer agent); the messages can then be retrieved with an e-mail client using

either POP or IMAP. In addition, SMTP is generally used to send messages from a mail

client to a mail server. This is why you need to specify both the POP or IMAP server and

the SMTP server when you configure your e-mail application. SMTP connections

secured by SSL are known by the shorthand SMTPS, though SMTPS is not a protocol in

its own right. SMTPS PORT NO 587.

34

5) IMAP =(PORT NO 143/TCP IMAPS=993) This protocol is used to accessing e-mail

from your local server. IMAP is a client/server protocol in which e-mail is received and

held for you by your Internet server. In other words, it permits a "client" email program to

access remote message stores as if they were local. For example, email stored on an

IMAP server can be manipulated from a desktop computer at home, a workstation at the

office, and a notebook computer while traveling, without the need to transfer messages or

files back and forth between these computers. IMAP over SSL (IMAPS) is assigned

well-known port number 993. 6) POP = (PORT NO POP2=109/TCP, POP3=110/TCP, POP3S=995) There are two

types of Post Office Protocol (POP2, POP3). Post Office Protocol (POP) is

an application-layer Internet standard protocol used by local e-mail clients to retrieve e-

mail from a remote server over a TCP/IP connection. POP and IMAP are the two most

prevalent Internet standard protocols for e-mail retrieval. Virtually all modern e-mail

clients and servers support both. The POP protocol has been developed through several

versions, with version 3 (POP3) being the current standard. Most web mail service

providers such as Hotmail, Email and Yahoo! Mail also provide IMAP and POP3 service.

POP3 can be used with or without SMTP. Encrypted communication for POP3 is either

requested after protocol initiation, using the STLS command, if supported, or by POP3S,

which connects to the server using Transport Layer Security (TLS) or Secure Sockets

Layer (SSL) on well-known TCP port 995 (e.g. Google Gmail).

7) DNS = (PORT NO 53 /TCP/UDP) It stands for Domain Name System. It is a

database system that translates a computer's fully qualified domain name into an IP

address. To send information it uses TCP, and for Zone Transfer it uses UDP for named

function like to reduce the query of DNS Client. DNS server resolves Name to IP address

and IP to Name. DNS automatically converts the names we type in our Web browser

address bar to the IP addresses of Web servers hosting those sites. DNS implements a

distributed database to store this name and address information for all public hosts on the

Internet. DNS assumes IP addresses do not change (are statically assigned rather than

dynamically assigned).

The DNS database resides on a hierarchy of special database servers. When

clients like Web browsers issue requests involving Internet host names, a piece of

software called the DNS resolver (usually built into the network operating system) first

contacts a DNS server to determine the server's IP address. If the DNS server does not

contain the needed mapping, it will in turn forward the request to a different DNS server

at the next higher level in the hierarchy. After potentially several forwarding and

delegation messages are sent within the DNS hierarchy, the IP address for the given host

eventually arrives at the resolver, that in turn completes the request over Internet

Protocol. Internet Service Providers (ISPs) maintain their own DNS servers and

use DHCP to automatically configure clients, relieving most home users of the burden of

DNS configuration.

Each domain name registered with NTC Hosting comes with a complete set of DNS

records: A, NS, MX, which you can easily manage from the user-friendly web

hosting Control Panel. Along with these records, you can easily

35

set AAAA, TXT, SRV and CNAME records for your domain name from the Control

Panel.

Recursive Query = With a recursive name query , the DNS client requires that the DNS

server respond to the client with either the requested resource record or an error message

stating that the record or domain name does not exist. The DNS server cannot just refer

the DNS client to a different DNS server.

Thus, if a DNS server does not have the requested information when it receives a

recursive query; it queries other servers until it gets the information, or until the name

query fails.

Recursive name queries are generally made by a DNS client to a DNS server, or by

a DNS server that is configured to pass unresolved name queries to another DNS server,

in the case of a DNS server configured to use a forwarder.

Iterative Query = An iterative name query is one in which a DNS client allows the DNS

server to return the best answer it can give based on its cache or zone data. If the queried

DNS server does not have an exact match for the queried name, the best possible

information it can return is a referral (that is, a pointer to a DNS server authoritative for a

lower level of the domain namespace). The DNS client can then query the DNS server for

which it obtained a referral. It continues this process until it locates a DNS server that is

authoritative for the queried name, or until an error or time-out condition is met.

This process is sometimes referred to as "walking the tree," and this type of query

is typically initiated by a DNS server that attempts to resolve a recursive name query for

a DNS client.

36

8) DHCP= (PORT NO 67= DHCP SERVER, 68= DHCP CLIENT /UDP)

Dynamic Host Configuration Protocol enables you to automatically assign reusable IP

addresses (IP address, Default Gateway, subnet mask, and DNS server IP) to DHCP

clients. It use UDP services .DHCP server port no. is 67 and client port no is 68.

DISCOVER: When a client is configured with the IP setting to obtain Ip address

automatically. Then the client will search for DHCP server and the UDP Broadcast to the

server about the DHCP discover.

OFFER: DHCP Server will offers a scope of IP address available in the pool.

REQUEST: In response to the offer, the Client will requests for an IP address.

ACKNOWLEDGE: In response to the request, server will responds with all IP address, Mask, Gateway, DNS and wins info along with the acknowledgment packet.

Technical info of DORA Process = When the term "broadcast" is used, there are two

types of broadcasts: 1) Network Layer broadcast and 2) Datalink Layer broadcast. For

Internet Protocol, the standard broadcast DESTINATION address is 255.255.255.255.

For Ethernet, the broadcast DESTINATION address is FF:FF:FF:FF:FF:FF. You have to

think of the DORA process in terms of encapsulation and decapsulation, as well as switch

behavior with frames it receives.

So let's say you've got two computers, a client host and a server host. The client

host is the DHCP client and the server host is the DHCP server. Let's call the client host

PC and the DHCP server DHCP.

Now, when the PC is turned on, the NIC has a MAC address but no IP address.

So the PC tries to "Discover" the DHCP server by sending out a "Discover" packet. In

that packet, the destination IP address is 255.255.255.255 and source IP address of

0.0.0.0 (because the PC doesn't have an IP address yet). That Discover packet is

encapsulated into an Data Link layer Ethernet Frame. That Ethernet Frame has a

destination address of FF:FF:FF:FF:FF:FF and the source address of whatever the MAC

address of the PC's nic is, let's call it PC:MA:CA:DD:RR:SS (I know this is not a valid

MAC address). Now, since the destination address is FF:FF:FF:FF:FF:FF, the first switch

that receives the frame will, by definition, send that frame out of every single switch port,

except the switch port that received the frame. Since the switch doesn't know (from it's

CAM table), who FF:FF:FF:FF:FF:FF is, it forwards the Discover packet out of every

37

single switch port, except the switch port that received the frame. Let's say the DHCP

server is directly connected to the switch. So the DHCP server first receives the Ethernet

frame with the destination address of FF:FF:FF:FF:FF:FF (which by definition, means

itself), and a source address of PC:MA:CA:DD:RR:SS. So when the DHCP server

receives that Discover Packet, it replies to it by sending the Offer Packet. Since the

DHCP server has no idea who was contacting them (since PC currently has an IP address

of 0.0.0.0), the Offer packet has the destination address of 255.255.255.255. But the

DHCP server remembered the MAC address of whoever it was trying to contact them, so

the DHCP server sends out the Offer packet in a frame with a destination address of

PC:MA:CA:DD:RR:SS and uses it's own source address of DH:CP:SE:RV:ER:MC

(again, I know this is not a valid MAC address). So the Offer packet is sent from the

DHCP server to the PC as a unicast not a broadcast. So the switch receives the frame

from the DHCP server and forwards it to the PC which receives the Offer packet. Then

the rest of the DHCP process of R and A occurs.

So that's why the "...the first two messages in the DHCP are broadcast messages..." refers

to Network Layer IP broadcast messages (destination IP address of 255.255.255.255).

Then "...only the first message (the Discover message) is a LAN Broadcast..." because

only the Discover packet's frame had the Ethernet destination address of

FF:FF:FF:FF:FF:FF (therefore a LAN broadcast) and the Offer packet's frame had the

Ethernet destination address of PC:MA:CA:DD:RR:SS (therefore a LAN unicast).

DHCP RELAY AGENT

The DHCP Relay Agent makes it possible for DHCP broadcast messages to be sent over

routers that do not support forwarding of these types of messages. The DHCP Relay

Agent is therefore the routing protocol that enables DHCP clients to obtain IP addresses

from a DHCP server on a remote subnet, or which is not located on the local subnet. If

you have no configured DHCP Relay Agent, your clients would only be able to obtain IP

addresses from the DHCP server which is on the same subnet. To enable clients to obtain

IP addresses from a DHCP server on a remote subnet, you have to configure the DHCP

Relay Agent on the subnet that contains the remote clients, so that it can relay DHCP

broadcast messages to your DHCP server.

38

9)BOOTP = (PORT NO 67=server,68=client /UDP) It stands for Boot Strap Protocol.

In computer networking, the Bootstrap Protocol, or BOOTP, is a network protocol used

by a network client to obtain an IP address from a configuration server. The BOOTP

protocol was originally defined in RFC 951.

BOOTP is usually used during the bootstrap process when a computer is starting up. A

BOOTP configuration server assigns an IP address to each client from a pool of

addresses. BOOTP uses the User Datagram Protocol (UDP) as a transport

on IPv4 networks only.

Historically, BOOTP has also been used for Unix-like diskless workstations to obtain the

network location of their boot image in addition to an IP address, and also by enterprises

to roll out a pre-configured client (e.g., Windows) installation to newly installed PCs.

Originally requiring the use of a boot floppy disk to establish the initial network

connection, manufacturers of network cards later embedded the protocol in the BIOS of

the interface cards as well as system boards with on-board network adapters, thus

allowing direct network booting.

The Dynamic Host Configuration Protocol (DHCP) is a more advanced protocol for the

same purpose and has superseded the use of BOOTP. Most DHCP servers also function

as BOOTP servers.

10) HTTP = (PORT NO. =80 /TCP) It stands for Hyper Text Transfer Protocol. It is the

protocol used to convey information of World Wide Web (WWW). HTTP is an

application protocol for distributed, collaborative, hypermedia information

systems. HTTP is the foundation of data communication for the World Wide Web.

Hypertext is a multi-linear set of objects, building a network by using logical links (the so

called hyperlinks) between the nodes (e.g. text or words). HTTP is the protocol to

exchange or transfer hypertext.

11) HTTPS = (PORT NO 443 /TCP) It stands for Hyper Text Transfer Protocol Secure. HTTPS is a combination of the Hypertext Transfer Protocol (HTTP) with the

SSL/TLS protocol. It provides encrypted communication to prevent eavesdropping and

secure identification of a network web server to know which web server you are really

talking to. Historically, HTTPS connections were primarily used for payment transactions

on the World Wide Web, e-mail and for sensitive transactions in corporate information

systems. In the late 2000s and early 2010s, HTTPS has began to see widespread use for

protecting page authenticity on all types of websites, securing accounts and keeping user

communications, identity and browsing history private.

During connecting to a website HTTPS makes it possible to know whether you are

talking to the right server and protects from passive and active network attacks such

as Man-in-the-middle attacks. During a session it can protect against eavesdropping and

tampering with the contents of the site or with the information you send to the site. As an

example HTTPS can protect from an adversary replacing downloadable content on a site

with malware.

HTTPS is especially important over unencrypted Wi-fi as it is completely insecure

by design and attacks on unencrypted Wi-fi networks are relatively common.

Note that when a client sends an HTTPS request, the hostname and port of the

39

URL are unencrypted (and thereby visible to an eavesdropper) because this information is

needed to establish and maintain the connection. This means that an eavesdropper can see

the sites you connect to, the amount of time you spend using a site, and the amount of

information you upload or download on the particular site . However, all other parts of

the HTTPS request, including the URL path and query parameters, can only be decrypted

by the destination site or by an interposing intermediary that terminates the HTTPS

connection on behalf of the site.

A site must be completely hosted over HTTPS, without having some of its contents

loaded over HTTP or the user will be vulnerable to some attacks and surveillance.[

12) SNMP = (PORT NO 161/UDP, 162=/TCP/UDP=SNMP trap) Simple Network

Management Protocol (SNMP) is a popular protocol for network management. It is used

for collecting information from, and configuring, network devices, such as servers,

printers, hubs, switches, and routers on an Internet Protocol (IP) network. Large networks

with hundreds or thousands of nodes are difficult to manage without a large staff to

monitor every computer. SNMP, which is widely used in local area networks (LANs),

lets you monitor network nodes from a management host. You can monitor network

devices such as servers, workstations, printers, routers, bridges, and hubs, as well as

services such as Dynamic Host Configuration Protocol (DHCP) or Windows Internet

Name Service (WINS). Use SNMP management software to monitor any network device

on which you install SNMP agent software. The SNMP agent, which is an optional

component of Windows Server 2003, interacts with third-party SNMP management

software to enable the sharing of network status information between monitored devices

and applications and the SNMP management system that monitors them. The following

figure shows this process.

Asynchronous notification from agent to manager. Includes

current sysUpTime value, an OID identifying the type of trap and optional variable

bindings. Destination addressing for traps is determined in an application-specific manner

typically through trap configuration variables in the MIB. The format of the trap message

was changed in SNMPv2 and the PDU was renamed SNMPv2-Trap.

13)WINS=(PORT NO 42/TCP/UDP) Although NetBIOS and NetBIOS names can be

used with network protocols other than TCP/IP, WINS was designed specifically to

support NetBIOS over TCP/IP (NetBT). WINS is required for any environment in which

users access resources that have NetBIOS names. If you do not use WINS in such a

network, you cannot connect to a remote network resource by using its NetBIOS name

unless you use Lmhosts files, and you might be unable to establish file and print sharing

connections.

The following figure illustrates the role of WINS for computers that use NetBIOS names.

Typically, DHCP is used to assign IP addresses automatically.

WINS AND DNS =WINS and DNS are both name resolution services for TCP/IP

networks. While WINS resolves names in the NetBIOS namespace, DNS resolves names

in the DNS domain namespace. WINS primarily supports clients that run older versions

of Windows and applications that use NetBIOS. Windows 2000, Windows XP, and

40

Windows Server 2003 use DNS names in addition to NetBIOS names. Environments that

include some computers that use NetBIOS names and other computers that use domain

names must include both WINS servers and DNS servers.

WINS Name Registration and Resolution

In a typical scenario, the following occurs:

1. ClientA, which uses NetBIOS and is a WINS client, sends a name registration

request to its configured primary WINS server (WINSA) when it starts up and

joins the network. WINSA adds ClientA's NetBIOS name and IP address to the

WINS database.

2. When ClientB needs to connect to ClientA by its name, it requests the IP address

from the WINS server.

3. The WINS server locates the corresponding entry in its database and replies with

ClientA's IP address.

Summary of WINS Benefits

WINS provides the following benefits over other NetBIOS name resolution methods:

WINS name resolution reduces NetBIOS name query broadcast traffic because

clients can query a WINS server directly instead of broadcasting queries.

WINS enables the Computer Browser service to collect and distribute browse lists

across IP routers.

The WINS dynamic name-to-address database supports NetBIOS name

registration and resolution in environments where DHCP-enabled clients are

configured for dynamic TCP/IP address allocation.

The WINS database also supports centralized management and replicates name-

to-address mappings to other WINS servers.

41

WINS and DNS can be used in the same environment to provide combined name

searches in both namespaces.

14)SSH=( PORT NO 22/TCP) It stands for Secure Shell/Secure Socket Shell. Secure

Shell (SSH) is a network protocol for secure data communication, remote shell services

or command execution and other secure network services between two networked

computers that it connects via a secure channel over an insecure network: a server and a

client (running SSH server and SSH client programs, respectively).The protocol

specification distinguishes two major versions that are referred to as SSH-1 and SSH-2.

The best-known application of the protocol is for access to shell accounts on Unix-

like operating systems. It was designed as a replacement for Telnet and

other insecure remote shell protocols such as the Berkeley rsh and rexec protocols, which

send information, notably passwords, in plaintext, rendering them susceptible to

interception and disclosure using packet analysis.The encryption used by SSH is intended

to provide confidentiality and integrity of data over an unsecured network, such as

the Internet.

SSH is actually a suite of three utilities - slogin, ssh, and scp - that are secure versions

of the earlier UNIX utilities, rlogin, rsh, and rcp. SSH commands are encrypted and

secure in several ways. Both ends of the client/server connection are authenticated using

a digital certificate, and passwords are protected by being encrypted.

SSH uses RSA public key cryptography for both connection and authentication.

Encryption algorithms include Blowfish, DES, and IDEA. IDEA is the default.

SSH2, the latest version, is a proposed set of standards from the Internet Engineering

Task Force (IETF).

15) TLS/SSL =(Transport Layer Security (TLS) and its predecessor, Secure Sockets

Layer (SSL), are cryptographic protocols that provide communication securityover

the Internet.[1]

TLS and SSL encrypt the segments of network connections at

the Transport Layer, using asymmetric cryptography for key exchange,symmetric

encryption for privacy, and message authentication codes for message integrity.

Several versions of the protocols are in widespread use in applications such as web

browsing, electronic mail, Internet faxing, instant messaging and voice-over-IP (VoIP).

16)NNTP =(PORT NO 119/TCP) NNTP, the Network News Transfer Protocol, is the

protocol used to send Usenet news messages between servers and from a news server to

newsreader clients. It is a fairly simple protocol, similar in many ways to POP3 or SMTP

and is of interest in part because of its simplicity (it's a lot easier to write one's own

NNTP implementation for fun than it is to write one's own IMAP implementation for

fun). These pages attempt to gather information about the protocol that may be useful to

implementers.

17)NTP = (PORT NO 123/UDP) The Network Time Protocol (NTP) is a networking

protocol for synchronizing the clocks of computer systems over packet-switched,

variable-latency data networks.

42

18) NFS = Network File System (NFS) is a distributed file system protocol originally

developed by Sun Microsystems in 1984, allowing a user on a client computer to access

files over a network in a manner similar to how local storage is accessed. NFS, like many

other protocols, builds on the Open Network Computing Remote Procedure Call (ONC

RPC) system. The Network File System is an open standard defined in RFCs, allowing

anyone to implement the protocol.

19) ONC RPC = (PORT NO 111 /TCP/UDP) Open Network

Computing (ONC) Remote Procedure Call (RPC) is a widely deployed remote

procedure call system. ONC was originally developed by Sun Microsystems as part of

their Network File System project, and is sometimes referred to as Sun ONC or Sun

RPC. ONC is considered "lean and mean", but has limited appeal as a generalized RPC

system for WANs or heterogeneous environments.

Systems such as DCE, CORBA and

SOAP are generally used in this wider role.

ONC is based on calling conventions used in Unix and the C programming language.

It serializes data using the XDR, which has also found some use to encode and decode

data in files that are to be accessed on more than one platform. ONC then delivers the

XDR payload using either UDP or TCP. Access to RPC services on a machine are

provided via a port mapper that listens for queries on a well-known port (number 111)

over UDP and TCP.

20) RPC = (PORT NO 111/TCP/UDP) It stands for Remote Procedure Call. In computer

science, a remote procedure call (RPC) is an inter-process communication that allows

a computer program to cause a subroutine or procedure to execute in another address

space (commonly on another computer on a shared network) without the programmer

explicitly coding the details for this remote interaction. That is, the programmer writes

essentially the same code whether the subroutine is local to the executing program, or

remote. When the software in question uses object-oriented principles, RPC is

called remote invocation or remote method invocation.

21) LPD =( PORT NO 515 TCP) The Line Printer Daemon protocol/Line Printer

Remote protocol (or LPD, LPR) is a network protocol for submitting print jobs to a

remote printer. The original implementation of LPD was in the Berkeley printing

system in the BSD UNIX operating system; the LPRng project also supports that

protocol. The Common Unix Printing System (or CUPS), which is more common on

modern Linux distributions, supports LPD as well as the Internet Printing Protocol (IPP).

Commercial solutions are available that also leverage Berkeley printing protocol

components, where more robust functionality and performance is necessary than is

available from LPR/LPD (or CUPS) alone (such as might be required in large corporate

environments). The LPD Protocol Specification is documented in.

22) X-WINDOWS = (PORT NO 6000/TCP) X Windows is the predominate windowing

system on UNIX computers, developed by the X Consortium, lead by M.I.T. An

X server manages the display on the workstation. Clients can connect to server via

43

TCP/IP and perform graphics operations. This makes X Windows much more network

capable than Microsoft Windows, for example, which can only be accessed via a local

API.

X Windows operates over TCP, typically using server port numbers starting with 6000.

The X server for a system's first display listens on port 6000; if the system has a second

display, its server listens on port 6001; a third display would listen on 6002; etc. The

protocol used over this reliable stream connection is essentially request/reply, and it's

reputation is as a fat protocol that consumes a lot of bandwidth. Lightweight X (LWX),

introduced in X11R6, attempts to reduces X's bandwidth needs to the point where it can

be run over dialup modem connections.

The X Protocol, documented in a postscript file, defines dozens of messages that can be

exchanged between a client and a server. They can generally be classified into four

categories: Requests, Replies, Events, and Errors. Typical requests include Draw

PolyLine, Draw Text, Create Window, Fill. Replies are matched to particular Requests.

Events are asynchronous occurances such as keystrokes and mouse clicks. Errors are

matched to particular Requests.

If a window is partially or fully obscured by another, overlapping window, the server has

two options available to it. The server can allocate additional memory, called backing

store, to record to contents of the obscured window. This is purely optional, however.

The server can simply ignore the obscured part of the window. Later, when that part of

the window becomes visible again, the server sends an Expose event to the client, which

must then redraw the affected area. The client, therefore, must be prepared to redraw any

part of its windows at any time.

Applications do not need to access the X Windows protocol directly. X Windows

supports several APIs. The most basic of these is Xlib, which interfaces fairly directly to

the underlying network protocol. Most X client applications are linked against Xlib,

which allows them to operate on either a local or remote X server, simply by adjusting

either an environment variable or a command-line argument.

Widgets layer on top of Xlib and provide X Windows with an object-oriented

programming model. A widget is an X window capable of handling most of its own

protocol interaction. The most popular widget sets are Athena Widgets (aw) and Motif.

X Window's security model is all-or-nothing. Either an application can perform any

operation on an X desktop, or it can perform none. There is no concept of limiting an

application to a single top-level window, for example. Although there is power in this

model, such as allowing the window manager to be a normal X client, there are also

serious performance implications. A hostile X client could connect to an X server and

arrange to capture any screen image, or even to capture keystrokes as a password is being

typing in one of the windows. For this reasons, X servers are typically fairly restrictive

about which clients they will accept connections from. Two major security models are

available. Host-based security (traditionally controlled by the xhost program), permits or

44

denies connections based on their source IP addresses. Authentication (traditionally

controlled by the xauthprogram), requires the connecting program to possess a secret

password, typically stored in a UNIX file and subject to standard UNIX access

controls. Kerberos-based authentication is also available.

23) THREE WAY HANDSHAKE METHOD =This method is work in TCP. TCP's

three way handshaking technique is often referred to as SYN, SYN-ACK, ACK because

there are three messages transmitted by TCP to negotiate and start a TCP session between

two computers. The TCP handshaking mechanism is designed so that

two computers attempting to communicate can negotiate the parameters of

the network TCP socket connection before transmitting data such as SSH and HTTP web

browser requests.

Below is a (very) simplified diagram of the TCP 3-way handshake process. Have a look

at the diagram on the right as you examine the list of events on the left.

EVENT DIAGRAM

Host A sends a TCP SYNchronize packet to Host

B

Host B receives A's SYN

Host B sends a SYNchronize-ACKnowledgement

Host A receives B's SYN-ACK

Host A sends ACKnowledge

Host B receives ACK.

TCP socket connection is ESTABLISHED.

TCP Three Way Handshake

(SYN,SYN-ACK,ACK)

SYNchronize and ACKnowledge messages are indicated by a either the SYN bit, or the

ACK bit inside the TCP header, and the SYN-ACK message has both the SYN and the

ACK bits turned on (set to 1) in the TCP header.

TCP knows whether the network TCP socket connection is opening, synchronizing,

established by using the SYNchronize and ACKnowledge messages when establishing

a network TCP socket connection.

When the communication between two computers ends, another 3-way communication is

performed to tear down the TCP socket connection. This setup and teardown of a socket

connection is part of what qualifies TCP a reliable protocol. TCP also acknowledges that

data is successfully received and guarantees the data is reassenbled in the correct order.

Note that UDP is connectionless. That means UDP doesn't establish connections

as TCP does, so UDP does not perform this 3-way handshake and for this reason, it is

referred to as an unreliable protocol. That doesn't mean UDP can't transfer data, it just

doesn't negotiate how the conneciton will work, UDP just transmits and hopes for the

best.

45

First of all Client sends a SYN packet to the server then server reply with ACK + SYN

packet and the again client sends ACK packet then CONNECTION STABLISHED.

24) X. 25 = X.25 is an ITU (International Telecommunication Union) protocol standard

for WAN communications. X.25 protocol standard defines interface between DTE(data

terminal equipment: terminals, personal computers, networked hosts, bank ATM

machines, payment terminals) and Data Circuit-terminating Equipment (DCE) for

terminals operating in the packet mode and connected to public data networks by

dedicated circuit. Hillstone Software's HS X.25 C Source Library fully implements ITU-

T X.25 protocol.

25) LDAP = (PORT NO 389/TCP/UDP) The Lightweight Directory Access Protocol is

an application protocol for accessing and maintaining distributed directory information

services over an Internet Protocol (IP) network. LDAP is defined in terms of ASN.1 and

transmitted using BER.

Directory services may provide any organized set of records, often with a hierarchical

structure, such as a corporate electronic mail directory. Similarly, a telephone directory is

a list of subscribers with an address and a phone number.

LDAP (Lightweight Directory Access Protocol) is a software protocol for enabling

anyone to locate organizations, individuals, and other resources such as files and devices

in a network, whether on the public Internet or on a corporate intranet. LDAP is a

"lightweight" (smaller amount of code) version of Directory Access Protocol (DAP),

which is part of X.500, a standard for directory services in a network. LDAP is lighter

because in its initial version it did not include security features. LDAP originated at the

University of Michigan and has been endorsed by at least 40 companies. Netscape

includes it in its latest Communicator suite of products. Microsoft includes it as part of

what it calls Active Directory in a number of products including Outlook Express.

46

Novell's NetWare Directory Services interoperates with LDAP. Cisco also supports it in

its networking products.

In a network, a directory tells you where in the network something is located.

On TCP/IP networks (including the Internet), the domain name system (DNS) is the

directory system used to relate the domain name to a specific network address (a unique

location on the network). However, you may not know the domain name. LDAP allows

you to search for an individual without knowing where they're located (although

additional information will help with the search).

An LDAP directory is organized in a simple "tree" hierarchy consisting of the

following levels:

The root directory (the starting place or the source of the tree), which branches out to

Countries, each of which branches out to

Organizations, which branch out to

Organizational units (divisions, departments, and so forth), which branches out to

(includes an entry for)

Individuals (which includes people, files, and shared resources such as printers)

An LDAP directory can be distributed among many servers. Each server can have a

replicated version of the total directory that is synchronized periodically. An LDAP

server is called a Directory System Agent (DSA). An LDAP server that receives a request

from a user takes responsibility for the request, passing it to other DSAs as necessary, but

ensuring a single coordinated response for the user.

26)KERBEROS =(PORT NO 88/TCP/UDP) Kerberos is a computer

network authentication protocol which works on the basis of "tickets" to

allow nodes communicating over a non-secure network to prove their identity to one

another in a secure manner. Its designers aimed primarily at a client–server model, and it

provides mutual authentication—both the user and the server verify each other's identity.

Kerberos protocol messages are protected against eavesdropping and replay attacks.

Kerberos builds on symmetric key cryptography and requires a trusted third party, and

optionally may use public-key cryptography by utilizing asymmetric key

cryptography during certain phases of authentication. Kerberos uses port 88 by default.

When a user logs in, the client transmits the username to the authentication server,

along with the identity of the service the user desires to connect to, for example a

fileserver. The authentication server constructs a ticket, which contains a randomly

generated session key, encrypted with the fileserver's secret key, and sends it to the client

as part of its credentials, which includes the session key encrypted with the client's secret

key. If the user typed the right password, then the client can decrypt the session key;

present the ticket to the fileserver, and use the shared secret session key to communicate

between them. Tickets are time stamped, and typically have an expiration time on the

order a few hours. In practice, the load on the authentication server is further reduced by using a ticket-

granting server (TGS). The first service requested by the user is typically the TGS, which

then grants additional tickets for additional servers. Thus, the passwords are localized on

the authentication server, while the trust relationships are maintained by the TGS.

47

Kerberos also supports realms, a management domain roughly analogous to a Windows

NT domain. Cross-realm authorizations can be maintained by establishing an inter-realm

key between two TGSs, allowing each one to issue tickets valid on the other realm's TGS.

27) ARP = It stands for Address Resolution Protocol. It is link layer protocol. IP

addresses are virtual and maintained by software. Before a datagram can be sent across a

physical network, the IP software must translate the IP address of the destination host

into an equivalent hardware address. This process is known as address resolution. One

host can resolve the address of another host only if both hosts are attached to the same

physical network - a host never resolves the address of a host on another network.

28) RARP = It stands for Reverse Address Resolution Protocol. It is link layer Protocol.

It is used to translate MAC address into IP address. RARP is a protocol by which a

physical machine in a local area network can request to learn its IP address from a

gateway server's Address Resolution Protocol (ARP) table or cache. A network

administrator creates a table in a local area network's gateway router that maps the

physical machine (or Media Access Control - MAC address) addresses to corresponding

Internet Protocol addresses. When a new machine is set up, its RARP client program

requests from the RARP server on the router to be sent its IP address. Assuming that an

entry has been set up in the router table, the RARP server will return the IP address to the

machine which can store it for future use.

RARP is available for Ethernet, Fiber Distributed-Data Interface, and token ring LANs.

29) PING = It stands for Packet Internet Gopher. PING is used to check the state of a

remote machine via the TCP/IP protocol. ICMP (Internet Control Message Protocol) is

48

used by PING statement. ICMP messages are only sent by a router or a destination node

in response to a Packet Internet Gopher (PING) request. If there is a problem and the

computer or router cannot functioning properly, it will send back a response giving it's

current state. If the router/computer is not up or function properly the ICMP response

would send back a "No Response" or "Request Timed Out" statement to the users letting

them know that the router/computer is not responding.

30) ICMP = It stands for Internet Connection Message Protocol. ICMP is a network

protocol useful in Internet Protocol (IP) network management and administration. ICMP

is a required element of IP implementations. ICMP is a control protocol, meaning that it

does not carry application data, but rather information about the status of the network

itself. ICMP can be used to report: errors in the underlying communications of network

applications, availability of remote hosts, network congestion.

Bits 0–7 8–15 16–23 24–31

0 Type Code Checksum

32 Rest of Header

Type – ICMP type as specified below.

Code – Subtype to the given type.

Checksum – Error checking data. Calculated from the ICMP header+data, with value 0

for this field. The checksum algorithm is specified in RFC 1071.

Rest of Header – Four byte field. Will vary based on the ICMP type and code.

Each ICMP message contains three fields that define its purpose and provide a

checksum. They are TYPE, CODE, and CHECKSUM fields. The TYPE field identifies

the ICMP message, the CODE field provides further information about the associated

TYPE field, and the CHECKSUM provides a method for determining the integrity of the

message.

ICMP packet

Bit 0 - 7 Bit 8 - 15 Bit 16 - 23 Bit 24 - 31

IP Header

(20 bytes)

Version/IHL Type of service Length

Identification flags and offset

Time To Live (TTL) Protocol Checksum

Source IP address

Destination IP address

ICMP Payload

(8+ bytes)

Type of message Code Checksum

Quench

Data (optional)

49

TYPE Description

---- -----------

0 Echo Reply

3 Destination Unreachable

4 Source Quench

5 Redirect Message

8 Echo Request

11 Time Exceeded

12 Parameter Problem

13 Timestamp Request

14 Timestamp Reply

15 Information Request (No Longer Used)

16 Information Reply (No Longer Used)

17 Address Mask Request

18 Address Mask Reply

Type 3

Code

Value Description

----- -----------

0 Networks Unreachable

1 Host Unreachable

2 Protocol Unreachable

3 Port Unreachable

4 Fragmentation needed and DF (Don't Fragment) set

5 Source route failed

6 Destination Network unknown

7 Destination Host unknown

8 Source Host isolated

9 Communication with Destination Network Administratively Prohibited

10 Communication with Destination Host Administratively Prohibited

11 Network Unreachable for Type Of Service

12 Host Unreachable for Type Of Service

13 Communication Administratively Prohibited by Filtering

14 Host Precedence Violation

15 Precedence Cutoff in Effect

31) IP/IPX = IPX/SPX (IPX): Short for Internet work Packet Exchange, a networking

protocol used by the Novell NetWare operating systems. Like UDP/IP, IPX is a datagram

protocol used for connectionless communications. (SPX): Short for Sequenced Packet

Exchange, a transport layer protocol (layer 4 of the OSI Model) used in Novell Netware

networks. The SPX layer sits on top of the IPX layer (layer 3) and provides connection-

oriented services between two nodes on the network. SPX is used primarily by

client/server applications.

NetBEUI: Pronounced net-booey, NetBEUI is short for NetBios Enhanced User

Interface. It is an enhanced version of the NetBIOS protocol used by network operating

50

systems such as LAN Manager, LAN Server, Windows for Workgroups, Windows 95

and Windows NT.

32) VTP = VLAN Trunk Protocol (VTP) reduces administration in a switched network.

When you configure a new VLAN on one VTP server, the VLAN is distributed through

all switches in the domain. This reduces the need to configure the same VLAN

everywhere. VTP is a Cisco-proprietary protocol that is available on most of the Cisco

Catalyst series products.

33) STP = Spanning Tree Protocol (STP) is a Layer 2 protocol that runs on bridges and

switches. The specification for STP is IEEE 802.1D. The main purpose of STP is to

ensure that you do not create loops when you have redundant paths in your network.

Loops are deadly to a network.

34) EIGRP = Enhanced Interior Gateway Routing Protocol - (EIGRP) is

a Cisco proprietary routing protocol loosely based on their original IGRP. EIGRP is an

advanced distance-vector routing protocol, with optimizations to minimize both

the routing instability incurred after topology changes, as well as the use of bandwidth

and processing power in the router. Routers that support EIGRP will automatically

redistribute route information to IGRP neighbors by converting the 32 bit EIGRP metric

to the 24 bit IGRP metric. Most of the routing optimizations are based on the Diffusing

Update Algorithm (DUAL) work from SRI, which guarantees loop-free operation and

provides a mechanism for fast convergence.

35) IGRP = Interior Gateway Routing Protocol (IGRP) is a distance vector interior

routing protocol (IGP) invented by Cisco. It is used by routers to exchange routing data

within an autonomous system.

IGRP is a proprietary protocol. IGRP was created in part to overcome the limitations

of RIP (maximum hop count of only 15, and a single routing metric) when used within

large networks. IGRP supports multiple metrics for each route,

including bandwidth, delay, load, MTU, and reliability; to compare two routes these

metrics are combined together into a single metric, using a formula which can be adjusted

through the use of pre-set constants. The maximum hop count of IGRP-routed packets is

255 (default 100), and routing updates are broadcast every 90 seconds (by default).

IGRP is considered a class full routing protocol. Because the protocol has no field for

a subnet mask, the router assumes that all subnet work addresses within the same Class

A, Class B, or Class C network have the same subnet mask as the subnet mask configured

for the interfaces in question. This contrasts with classless routing protocols that can

use variable length subnet masks. Class full protocols have become less popular as they

are wasteful of IP address space.

36)OSPF = Open Shortest Path First (OSPF) is an adaptive routing protocol for Internet

Protocol (IP) networks. It uses a link state routing algorithm and falls into the group of

interior routing protocols, operating within a single autonomous system (AS). It is

defined as OSPF Version 2 in RFC 2328 (1998) for IPv4. The updates for IPv6 are

specified as OSPF Version 3 in RFC 5340 (2008).

51

OSPF is perhaps the most widely-used interior gateway protocol (IGP) in large enterprise

networks. IS-IS, another link-state dynamic routing protocol, is more common in large

service provider networks. The most widely-used exterior gateway protocol is the Border

Gateway Protocol (BGP), the principal routing protocol between autonomous systems on

the Internet.

37) BGP = It stands for Border Gateway Protocol. BGP (Border Gateway Protocol) is

a protocol for exchanging routing information between gateway hosts (each with its

own router) in a network of autonomous systems. BGP is often the protocol used between

gateway hosts on the Internet. The routing table contains a list of known routers, the

addresses they can reach, and a cost metric associated with the path to each router so that

the best available route is chosen.

Hosts using BGP communicate using the Transmission Control Protocol (TCP) and send

updated router table information only when one host has detected a change. Only the

affected part of the routing table is sent. BGP-4, the latest version, lets administrators

configure cost metrics based on policy statements. (BGP-4 is sometimes called BGP4,

without the hyphen.)

BGP communicates with autonomous (local) networks using Internal BGP (IBGP) since

it doesn't work well with IGP. The routers inside the autonomous network thus maintain

two routing tables: one for the interior gateway protocol and one for IBGP.BGP-4 makes

it easy to use Classless Inter-Domain Routing (CIDR), which is a way to have more

addresses within the network than with the current address assignment scheme. BGP is a

more recent protocol than the Exterior Gateway Protocol (EGP). Also see the Interior

Gateway Protocol (IGP) and the Open Shortest Path First (OSPF) interior gateway

protocol. BGP is an exterior gateway protocol (EGP), which means that it performs

routing between multiple autonomous systems or domains and exchanges routing and

reach ability information with other BGP systems.

38) FRAM RELAY = Frame Relay is a high-performance WAN protocol that operates

at the physical and data link layers of the OSI reference model. Frame Relay originally

was designed for use across Integrated Services Digital Network (ISDN) interfaces.

Today, it is used over a variety of other network interfaces as well. This article focuses on

Frame Relay's specifications and applications in the context of WAN services.

39) PPP = It stands for Point to Point Protocol. The PPP originally emerged as an

encapsulation protocol for transporting IP traffic over point-to-point links. PPP also

established a standard for the assignment and management of IP addresses, asynchronous

(start/stop) and bit-oriented synchronous encapsulation, network protocol multiplexing,

link configuration, link quality testing, error detection, and option negotiation for such

capabilities as network layer address negotiation and data-compression negotiation. PPP

supports these functions by providing an extensible Link Control Protocol (LCP) and a

family of Network Control Protocols (NCPs) to negotiate optional configuration

parameters and facilities. In addition to IP, PPP supports other protocols, including

Novell's Internetwork Packet Exchange (IPX) and DECnet.

There are two types of authentication in PPP :-

52

A) PAP = It stands for Password Authentication Protocol. Point-to-Point Protocol (PPP)

currently supports two authentication protocols: Password Authentication Protocol (PAP)

and Challenge Handshake Authentication Protocol (CHAP). Both are specified in RFC

1334 and are supported on synchronous and asynchronous interfaces.

PAP provides a simple method for a remote node to establish its identity using a

two-way handshake. After the PPP link establishment phase is complete, a

username and password pair is repeatedly sent by the remote node across the link

(in clear text) until authentication is acknowledged, or until the connection is

terminated.

PAP is not a secure authentication protocol. Passwords are sent across the link in

clear text and there is no protection from playback or trial-and-error attacks. The

remote node is in control of the frequency and timing of the login attempts.

For more information on troubleshooting PPP authentication (using either PAP or

CHAP), refer to Troubleshooting PPP (CHAP or PAP) Authentication for a complete,

step-by-step flow chart for troubleshooting the PPP authentication phase. For more

information on troubleshooting all the PPP phases (LCP, Authentication, NCP), refer to

document PPP Troubleshooting Flowchart for a complete flowchart for step-by-step

troubleshooting of all related PPP phases and negotiated parameters.

B) CHAP =It stands for Challenge Handshake Authentication Protocol. The Challenge

Handshake Authentication Protocol (CHAP) (defined in RFC 1994 ) verifies the

identity of the peer by means of a three-way handshake. These are the general steps

performed in CHAP:

1. After the LCP (Link Control Protocol) phase is complete, and CHAP is negotiated

between both devices, the authenticator sends a challenge message to the peer.

2. The peer responds with a value calculated through a one-way hash function

(Message Digest 5 (MD5)).

3. The authenticator checks the response against its own calculation of the expected

hash value. If the values match, the authentication is successful. Otherwise, the

connection is terminated.

This authentication method depends on a "secret" known only to the authenticator and the

peer. The secret is not sent over the link. Although the authentication is only one-way,

you can negotiate CHAP in both directions, with the help of the same secret set for

mutual authentication.

40) HDLC = High-Level Data Link Control. Bit-oriented synchronous data link layer

protocol developed by ISO. Derived from SDLC, HDLC specifies a data encapsulation

method on synchronous serial links using frame characters and checksums. Often

described as being a proprietary extension, the workings of CHDLC (Cisco High Level

Data Link Control Protocol) have in fact been openly and widely distributed, and the

protocol has been implemented by many different network equipment vendors.

53

APPLICATION LAYER PROTOCOL = FTP, FTPS, HTTP, HTTPS, TELNET, DNS,

DHCP, TFTP, POP3, IMAP, SMTP, SNMP, LPD, X-WINDOW, NTP, NNTP, LDAP,

KERBEROS, WINS, BOOTP, TLS/SSL,

HOST TO HOST LAYER PROTOCOL = TCP, UDP, DCCP, SCTP, RSVP

INTERNET LAYER PROTOCOL = ICMP, IP (IPV4, IPV6), IGMP (INTERNET

GROUP MESSEGE PROTOCOL), RIP, EIGRP, IGRP, OSPF

LINK LAYER PROTOCOL =ARP, RARP, PHYSICAL TOPOLOGY LIKE FDDI,

TOKEN RIGN, OSPF, X.25, Fram Relay, PPP, HDLC(WAN PROTOCOLS).

See Number conversion

1) Decimal to Binary

2) Binary to octet

3) Octets to Hexadecimal

and combination of each other.

IP ADDRESS

(Internet protocol) It is logical address of a device. It is 32 bit binary number which is

represent in decimal format and it is divided into 4 octets and each octet is separated by

each other by dot (.). In a single network any IP address should not be same otherwise IP

conflicted error will come. Broadcast IP address 255.255.255.255 (layer three Broadcast

address. Four regional Internet registries -- ARIN, RIPE NCC, LACNIC and APNIC

-- assign Internet addresses from the following three classes.

It is divided into Five Classes.

x.x.x.x

CLASS A (1 TO 126)

CLASS B (128 TO 191)

CLASS C (192 TO 223)

CLASS D (224 TO 239)

CLASS E (240 TO 255)

IANA-reserved private IPv4 network ranges

Start End No. of addresses

24-bit block (/8 prefix, 1 × A) 10.0.0.0 10.255.255.255 16777216

20-bit block (/12 prefix, 16 × B) 172.16.0.0 172.31.255.255 1048576

16-bit block (/16 prefix, 256 × C) 192.168.0.0 192.168.255.255 65536

54

ARIN = American Registry for Internet Numbers.

(https://www.arin.net/knowledge/ip_blocks.html)

RIPE NCC = Réseaux IP Européens Network Coordination Centre

(http://www.ripe.net/ripe/docs/ripe-504)

LACNIC = Latin American and Caribbean Internet Addresses

(http://lacnic.net/en/sara/shepp-examples.html)

APNIC = Asia Pacific Network Information Centre

(http://www.apnic.net/publications/research-and-insights/ip-address-trends/apnic-

resource-range)

DTE And DCE Devices

A) DTE = It stands for Data Terminal Equipment. DTE is an end instrument that

converts user information into signals or reconverts received signals. These can

also be called tail circuits. We will not run Clock Rate on DTE devices. A DTE

device communicates with the data circuit-terminating equipment (DCE).

B) DCE = It stands for Data Communicative Equipment / Data Circuit-Terminating

Equipment. Data circuit-terminating equipment (DCE) is a device that sits

between the data terminal equipment (DTE) and a data transmission circuit. It is

also called data communications equipment and data carrier equipment.

Usually, the DTE device is the terminal (or computer), and the DCE is a modem.

In a data station, the DCE performs functions such as signal conversion, coding,

and line clocking and may be a part of the DTE or intermediate equipment.

Interfacing equipment may be required to couple the data terminal equipment

(DTE) into a transmission circuit or channel and from a transmission circuit or

channel into the DTE.

CSU/DSU= A CSU/DSU (Channel Service Unit/Data Service Unit) is a digital-interface

device used to connect a Data Terminal Equipment device or DTE, such as a router, to

a digital circuit, such as a T1 line. The CSU/DSU implements two different functions.

The CSU is responsible for the connection to the telecom network while the DSU is

responsible for handling the interface with the DTE. A CSU/DSU is the equivalent of the

modem for an entire LAN. A CSU/DSU (Channel Service Unit/Data Service Unit) is a hardware device

about the size of an external modem that converts a digital data frame from the

communications technology used on a local area network (LAN) into a frame appropriate

to a wide-area network (WAN) and vice versa. For example, if you have a Web business

from your own home and have leased a digital line (perhaps a T-1 or fractional T-1 line)

to a phone company or a gateway at an Internet service provider, you have a CSU/DSU at

your end and the phone company or gateway host has a CSU/DSU at its end.

The Channel Service Unit (CSU) receives and transmits signals from and to the

55

WAN line and provides a barrier for electrical interference from either side of the unit.

The CSU can also echo loopback signals from the phone company for testing purposes.

The Data Service Unit (DSU) manages line control, and converts input and output

between RS-232C, RS-449, or v.xx frames from the LAN and the time-division

multiplexed (TDM) DSX frames on the T-1 line. The DSU manages timing errors and

signal regeneration. The DSU provides a modem-like interface between the computer as

Data Terminal Equipment (DTE) and the CSU.

CSU/DSUs are made as separate products or are sometimes part of a T-1 WAN

card. A CSU/DSU's Data Terminal Equipment interface is usually compatible with

the V.xx and RS-232C or similar serial interface. Manufacturers of separate unit or

integrated CSU/DSUs include Adtran, Cisco, and Memotec.

The CSU originated at AT&T as an interface to their non switched digital data

system. The DSU provides an interface to the data terminal equipment (DTE) using a

standard (EIA/CCITT) interface. It also provides testing capabilities.

SUBNETTING, SUPERNETTING(CIDR)

http://www.patmoss.com/cisco/subnet32.htm

Subnetting of class C

Suppose we have IP address 192.168.1.0/27

So subnet mask 255.255.255.224

Network bet which is increased = 3

Number of sub network = 2incresed network bit

=23=2*2*2=8

Number of host bit =5

Number of host each sub network =2hot bit

—2

= 25—2= (2*2*2*2*2)—2=32-2=30

Block size=magic number – subnet mask

=256-224=32

So the network distribution is :- We have to add block size then subnetwork will be make

S.NO NETWORK

ADD.

BROADCAST

ADD

VALID HOST =30 SUBNETMASK

1 192.168.1.0 192.168.1.31 192.168.1.1 TO

192.168.1.30

255.255.255.224

2 192.168.1.32 192.168.1.63 192.168.1.33 TO

192.168.1.62

255.255.255.224

3 192.168.1.64 192.168.1.95 192.168.1.65 TO

192.168.1.94

255.255.255.224

4 192.168.1.96 192.168.1.127 192.168.1.97 TO

192.168.1.126

255.255.255.224

5 192.168.1.128 192.168.1.159 192.168.1.129 TO

192.168.1.158

255.255.255.224

6 192.168.1.160 192.168.1.191 192.168.1.161 TO

192.168.1.190

255.255.255.224

56

7 192.168.1.192 192.168.1.223 192.168.1.193 TO

192.168.1.222

255.255.255.224

8 192.168.1.224 192.168.1.255 192.168.1.225 TO

192.168.1.254

255.255.255.224

Wildcard mask:- we know that wildcard mask is just opposite then subnet mask suppose

if subnet mask 255.255.255.224 then wildcard mask will be 0.0.0.31 but how

Subnet mask 255.255.255.224

in bit 11111111.11111111.11111111.11100000

Opposite in bit 00000000.00000000.00000000.00011111

Wildcard mask 0.0.0.31

Formula for wildcard mask =255-subnetmask =255-224=31

Where 0= shows check bit it means it means entire zero should match

Subnetting in Class B

Suppose we have IP address 172.16.0.0/18

So subnet mask 255.255.192.0

Network bet which is increased = 2

Number of sub network = 2incresed network bit

=22=2*2=4

Number of host bit =14

Number of host each sub network =2host bit

—2

= 214

—2= (210

*24)—2=4096-2=4094

Block size=magic number – subnet mask

=256-192=64

So the network distribution is: - We have to add block size then subnetwork will be make

but we have to add block size in That octet in which we add network bit.

S.NO NETWORK

ADD

BROADCAST

ADD

VAILED HOST

ID

SUBNETMAS

K

1 172.16.0.0 172.16.63.255 172.16.1.0 TO

172.16.63.254

255.255.192.0

2 172.16.64.0 172.16.127.255 172.16.64.1 TO

172.16.127.254

255.255.192.0

3 172.16.128.0 172.16.191.255 172.16.128.1 TO

172.16.191.254

255.255.192.0

4 172.16.192.0 172.16.255.255 172.16.192.1 TO

172.16.255.254

255.255.192.0

Wildcard mask:- we know that wildcard mask is just opposite then subnet mask suppose

if subnet mask 255.255.255.224 then wildcard mask will be 0.0.0.31 but how

Subnet mask 255.255.192.0

in bit 11111111.11111111.11000000.00000000

Opposite in bit 00000000.00000000.00111111.11111111

57

Wildcard mask 0.0.63.255

Formula for wildcard mask =255-subnetmask =255-192=63

Subnetting in Class B

Suppose we have IP address 172.16.0.0/26

So subnet mask 255.255.255.192

Network bet which is increased = 10

Number of sub network = 2incresed network bit

=210

=1024

Number of host bit =6

Number of host each sub network =2host bit

—2

= 26—2= (2

6)—2=64-2=62

Block size=magic number – subnet mask

=256-192=64

So the network distribution is: - We have to add block size then subnetwork will be

making but we have to add block size in that octet in which we add network bit.

S.NO. NETWORK ADD BROADCAST

ADD

VALID HOST

1 172.16.0.0 172.16.0.63 172.16.0.1 TO

172.16.0.62

172.16.0.64 172.16.0.127 172.16.0.65 TO

172.16.0.126

------- ---- ------ -----

172.16.1.0 172.16.1.63 172.16.1.1 TO

172.16.1.62

17216.1.64 172.16.1.127 172.16.1.64 TO

172.16.1.126

----- ----- ----- ----

------ ----- ------ ----

1021 172.16.255.0 172.16.255.63 172.16.255.1 TO

172.16.255.62

1022 17216.255.64 172.16.255.127 172.16.255.65 TO

17216.255.126

1023 172.16.255.128 172.16.255.191 172.16.255.129 TO

172.16.255.190

1024 172.16.255.192 172.16.255.255 172.16.255.193 TO

172.16.255.254

Formula for wildcard mask =255-subnetmask =255-192=63

Like Class B Class C ‗s Subnetting also same

Subnetting in Class A

58

Suppose we have IP address 10.0.0.0/9

So subnet mask 255.128.0.0

Network bet which is increased = 1

Number of sub network = 2incresed network bit

=21=2

Number of host bit =25

Number of host each sub network =2host bit

—2

= 225

—2= (225

)—2=33554432-2=33554430

Block size=magic number – subnet mask

=256-128=128

So the network distribution is: - We have to add block size then subnetwork will be

making but we have to add block size in that octet in which we add network bit.

S.NO NETWORK ADD BROADCAST

ADD

VAILED HOST ID

1 10.0.0.0 10.127.255.255 10.0.0.1 TO

10.127.255.254

2 10.128.0.0 10.255.255.255 10.128.0.1 TO

10.255.255.254

Formula for wildcard mask =255.255.255.255-subnetmask

=255.255.255.255-255.128.0.0=0.127.255.255

Subnetting in Class A

Suppose we have IP address 10.0.0.0/17

So subnet mask 255.255.128.0

Network bet which is increased = 9

Number of sub network = 2incresed network bit

=29=512

Number of host bit =15

Number of host each sub network =2host bit

—2

= 215

—2= (215

)—2=32768-2=32766

Block size=magic number – subnet mask

=256-128=128

So the network distribution is: - We have to add block size then subnetwork will be

making but we have to add block size in that octet in which we add network bit.

S.NO NETWORK ADD BROADCAST

ADD

VALID HOST ID

1 10.0.0.0 10.0.127.255 10.0.0.1 TO

10.0.127.254

2 10.0.128.0 10.0.255.255 10.0.128.1 TO

10.0.255.254

3 10.1.0.0 10.1.127.255 10.1.0.1 TO

10.1.127.254

59

4 10.1.128.0 10.1.255.255 10.1.128.1 TO

10.1.255.254

------ -------- -------- ---------

511 10.255.0.0 10.255.127.255 10.255.0.1 TO

10.255.127.254

512 10.255.128.0 10.255.255.255 10.255.128.1 TO

10.255.255.254

http://www.techrepublic.com/article/subnet-a-class-a-network-with-ease/5034153

http://www.omnisecu.com/tcpip/internet-layer-ip-subnetting-part6.htm

http://www.subnet-calculator.com/subnet.php?net_class=A

Subnetting in Class A

Suppose we have IP address 10.0.0.0/25

So subnet mask 255.255.255.128

Network bet which is increased = 17

Number of sub network = 2incresed network bit

=217

=131072

Number of host bit =15

Number of host each sub network =2host bit

—2

= 26—2= (2

6)—2=64-2=62

Block size=magic number – subnet mask

=256-128=128

So the network distribution is: - We have to add block size then subnetwork will be

making but we have to add block size in that octet in which we add network bit.

S.NO. NETWORK ADD BROADCAT ADD VAILED HOST ID

1 10.0.0.0 10.0.0.127 10.0.0.1 TO

10.0.0126

10.0.0.128 10.0.0.255 10.0.0.129 TO

10.0.0.254

---- ------ -------- -------

10.0.1.0 10.0.1.127 10.0.1.1 TO

10.0.1.126

10.0.1.128 10.0.1.255 10.0.1.129 TO

10.0.1.254

------ ------ ------- -------

60

10.0.255.0 10.0.255.127 10.0.255.1 TO

10.0.255.126

10.0.255.128 10.0.255.255 10.0.255.129 TO

10.0.255.254

----- ------- ------ ------

10.1.0.0 10.1.0.127 10.1.0.1 TO

10.1.0.126

10.1.0.128 10.1.0.255 10.1.0.129 TO

10.1.0.254

----- ------ ------- ------

10.1.255.0 10.1.255.127 10.1.255.1 TO

10.1.255.126

10.1.255.128 10.1.255.255 10.1.255.1.129 TO

10.1.255.254

------- ------ ------ -----

131071 10.255.255.0 10.255.255.127 10.255.255.1 TO

10.255.255.126

131072 10.255.255.128 10.255.255.255 10.255.255.129 TO

10.255.255.254

Formula for wildcard mask =255.255.255.255-subnetmask

=255.255.255.255-255.255.255.128=0.0.0.127

CIDR = It stands for Class Less Interdomain Routing. It is the method of IP

representation in this method we write network bit after slash ‗/‘ notation.

We can do subnetting in Class A to /9 to /30 and in Class B /17 to /30 and in

Class C /25 to /30

Table A lists all the available Class A subnet masks:

Mask Prefix

CIDR VALUE Subnets Hosts

255.0.0.0 (/8) 1 network with 16,777,214 hosts

61

255.128.0.0 (/9) 2 subnets with 8,388,606 hosts each

255.192.0.0 (/10) 4 subnets with 4,194,302 hosts each

255.224.0.0 (/11) 8 subnets with 2,097,150 hosts each

255.240.0.0 (/12) 16 subnets with 1,048,574 hosts each

255.248.0.0 (/13) 32 subnets with 524,286 hosts each

255.252.0.0 (/14) 64 subnets with 262,142 hosts each

255.254.0.0 (/15) 128 subnets with 131,070 hosts each

255.255.0.0 (/16) 256 subnets with 65,534 hosts each

255.255.128.0 (/17) 512 subnets with 32,766 hosts each

255.255.192.0 (/18) 1,024 subnets with 16,384 hosts each

255.255.224.0 (/19) 2,048 subnets with 8,190 hosts each

255.255.240.0 (/20) 4,096 subnets with 4,094 hosts each

255.255.248.0 (/21) 8,192 subnets with 2,046 hosts each

255.255.252.0 (/22) 16,384 subnets with 1,022 hosts each

255.255.254.0 (/23) 32,768 subnets with 510 hosts each

255.255.255.0 (/24) 65,536 subnets with 254 hosts each

255.255.255.128 (/25) 131,072 subnets with 126 hosts each

255.255.255.192 (/26) 262,144 subnets with 62 hosts each

255.255.255.224 (/27) 524,288 subnets with 30 hosts each

255.255.255.240 (/28) 1,048,576

subnets with 14 hosts each

255.255.255.248 (/29) 2,097,152

subnets with 6 hosts each

255.255.255.252 (/30) 4,194,304

subnets with 2 hosts each

VLSM =It stands for Variable Length Subnetmask. In VLSM we divided a large network

into multiple subnetworks by using different-different subnet mask.

Q ) In a network we have the IP 172.168.0.0 but we need only 500 valid host , another

100 valid host and 2 valid host ?

Ans =

For 500 Valid Host = now start IP 172.168.0.0

We need 500 valid host so

Valid host = 2host bit

-2=29-2=512-2=510

So subnet mask = 2increased network bit

=27=128

62

So subnet mask = 255.255.128.0

Block Size = 256-252=4

So network address =172.168.0.0

And Broadcast add = 172.168.3.255

Valid host Range =172.168.0.1 TO 172.168.3.254

For 100 Valid Host = now start IP 172.168.4.0

We need 100 valid host so

Valid host = 2host bit

-2=27-2=128-2=126

So subnet mask = 2increased network bit

=29=255.128

So subnet mask = 255.255.255.128

Block Size = 256-128=128

So network address =172.168.4.0

And Broadcast add = 172.168.4.127

Valid host Range =172.168.4.0 TO 172.168.4.127

For 2 Valid Host = now start IP 172.168.4.128

We need 2 valid host so

Valid host = 2host bit

-2=22-2=4-2=2

So subnet mask = 2increased network bit

=214

=255.252

So subnet mask = 255.255.255.252

Block Size = 256-252=4

So network address =172.168.4.128

And Broadcast add = 172.168.4.131

Valid host Range =172.168.4.129 TO 172.168.4.130

New start IP 172.168.4.132