Active Network Monitoring Tools

The first step in monitoring a network is to use active network monitoring tools such as port scanners. Port scanners are used to scan a network for open ports and protocols. The information gathered by a port scanner is vital in hardening the network, as it helps identify vulnerabilities that can be plugged before they become security breaches. However, it's essential to note that you should only use a port scanner on a network or system that you are authorized to scan. Port scanning is a possible sign of someone trying to breach a system and can lead to problems if you're not authorized to scan the system.

Using a port scanner without proper authorization can result in difficulties explaining your actions to an information security specialist, which could be a significant issue. On the other hand, using a port scanner as an active network monitoring tool allows for an in-depth look at what traffic is on the network and may reveal security issues that the network administrator can then mitigate.

In contrast to traditional port scanners, applications that use interface monitor or packet flow monitoring are often deployed as an active software tool to monitor and analyze network traffic within a network segment. These tools allow for an in-depth analysis of network traffic and may be referred to as "packet sniffers" or protocol analyzers. They enable the identification of top talkers on a network segment, which are nodes or applications that generate the most amount of traffic, packet sniffers can help identify top listeners on a network segment.

A top listener is an interface or interfaces that receive the most network traffic or utilize the most bandwidth for receiving packets. This information can be crucial in determining if load balancing might be needed on the network. Microsoft Message Analyzer and Wireshark are examples of free packet flow monitoring tools that can aid administrators in identifying potential issues before they become significant problems.

Wireless Monitoring Tools

The next step is to use wireless monitoring tools, which include Wi-Fi analyzers and wireless survey tools. A Wi-Fi analyzer is a similar tool to a protocol analyzer but specifically designed for wireless networks. It sniffs out packets on wireless networks and provides statistics on those packets it sees. This includes checking for bandwidth usage, channel usage, top talkers, and top listeners.

Wi-Fi analyzers can also identify networks by passively scanning the radio frequencies to determine where traffic is coming from. Given enough time, a Wi-Fi analyzer can even identify hidden networks or those that are not known about. Additionally, Wi-Fi analyzers can infer non-beaconing networks based on data traffic over the radio frequencies. However, they may not be able to discover the SSID but can tell the network administrator that something is passing traffic in that area.

Another type of wireless monitoring tool used as a design tool for setting up high-quality wireless networks are wireless survey tools. These tools help establish the required amount of access points to get proper coverage, ideal antenna placement, and optimal channel overlap. Wireless survey tools can also identify possible sources of radio frequency interference (RFI) that may cause issues with network performance or security.

It's essential to use these tools in conjunction with mapping tools to avoid potential problems. By doing so, administrators can identify areas where adjustments are needed before any issues arise. Furthermore, wireless survey tools help eliminate wireless network performance and security issues before they become a problem.

Environmental Monitoring

A network's health is affected not only by equipment failures or security breaches but also by environmental factors such as the quality and quantity of electrical power being supplied to the system. Network administrators must also be concerned about the heat levels in the rooms that equipment is kept in, as well as humidity levels.

Power monitoring tools are often deployed with or alongside an uninterruptible power supply (UPS). These monitors will issue alerts when issues with electrical power have been identified, allowing network or system administrators to rectify problems before any equipment has been damaged. Electrical components are designed to operate within a specific heat range and generate some heat while in operation.

The harder the equipment works, the more heat it generates. This is where heat monitors come into play. Heat monitors allow administrators to control temperature levels before they become an issue. Humidity, on the other hand, increases the risk of electrostatic discharge (ESD) if too little humidity is present but also causes condensation issues if there's too much.

Humidity monitors aid in ensuring that the environment remains suitable for equipment and electrical components by detecting potential issues early on.

"WEBVTTKind: captionsLanguage: enHi, I'm Bo with Free Code Camp. This networkengineering course was developed by BrianFarrell, and instructor with Edmonds college.It will prepare you to configure, manage andtroubleshoot computer networks. Also, thecourse is a great way to prepare for a compTia's network plus exam. So let's start. Hello,I'm Brian ferrill. And welcome to pace I t'ssession on the introduction to network devices,part one. Today we're going to be talkingabout layer one devices, layer two devices.And then we're going to conclude with layerthree devices. There's a fair amount of informationto cover. So let's go ahead and dive intothis session. Of course, I'm going to beginwith layer one devices. Well, before I starttalking about the layer one devices, we needto talk about the open system interconnectionmodel, the OSI model, it was developed asa way to help disparate computing systemsto communicate with each other. The OSI referencemodel has seven layers. layer one is the physicallayer, layer two is data link. layer threeis network layer four is transport layer fiveis session. Layer six is presentation andlayer seven is application. We're going tobe discussing the bottom three layers layersOne, two and three today. Now most devicesdo function at more than one layer of theOSI reference model. But when it comes timeto determining where they fit into the model,you must first determine the highest levelat which they operate, because that's wherethey fit into the OSI model. To do that, youmust know what they do and how that relatesto the OSI model. And with that, let's talkabout analog modems. The word modem is actuallyderived from a contraction of modulator demodulator.modems were developed to take a digital signalcoming from a digital node and convert itto an analog signal modulating the signaland placing it on a wire. In return, it wouldaccept an analog signal from the wire andconvert it demodulating the signal back toa digital signal that the node can understand.modems were developed to create a connectionbetween network segments via the public switchedtelephone network using the plain old telephonesystem. Now modems provide for a single connectionto a network. And they're only concerned aboutthe wire in the wire resides on the physicallayer layer one of the OSI model, it doesn'tcare where the signal comes from, it justdoes its job. Then there's the hub. A hubfunctions as a concentrator or repeater inthat it doesn't care where the signal comesfrom, or where the signal is going. Kind oflike the modem, it takes an electrical signalthat arrives on a port and replicates thatsignal out all of its other ports. hub mayhave just a few ports, or it may have manyports in for a variety of reasons the hubis not very common anymore in the modern network.So now let's move on to layer two devices.The first layer two device that we're goingto talk about is the switch. A switch utilizesan application specific integrated circuitchip and a basic chip. The ASIC chip has specificprogramming that allows the switch to learnwhen a device is on the network and whichports it is connected to via that deviceslayer two MAC address. That's what makes aswitch a layer two device, a switch may havejust a few ports or it may have many ports,kind of like the hub. And although a switchessmarter than a hub, it can still be very simple,or it can be highly complex and programmable.A switch can only communicate with local networkdevices. another layer two device that weneed to talk about our wireless access points.The whap whap is a specific type of networkbridge that connects or bridges, wirelessnetwork segments with wired network segments.The most common type of web bridges and 802dot 11 wireless network segment with an 802dot three Ethernet network segment just likea switch a wire Access Point will only communicatewith local network devices. Now let's moveon to layer three devices. And First up isthe multi layer switch. A multi layer switchprovides normal layer two network switchingservices, but it will also provide layer threeor higher OSI model services. The most commonmulti layer switch is a layer three switch,it not only utilizes an async chip for switching,but that async chip is also programmed tohandle routing functions. This allows thedevice to communicate and pass data to nonlocal network devices. A multi layer switchis a highly programmable and complex networkdevice. A multi layer switch may have justa few ports, or it may have a lot of ports.They're not very common in the small officehome office network. Because they're reallyreally expensive, you're more likely to findthem in an enterprise local area network.Now let's move on to the router. A routeris the most common network device for connectingdifferent networks together, utilizing theOSI models layer three logical network information.That's what makes a router a layer three device.The router uses software programming for decisionmaking, as compared to the switches use ofan ASIC chip. The router uses this programmingto keep track of different networks in whatit considers to be the best possible routeto reach those networks. A router can communicatewith both local and non local network devices.In most cases, a router will have fewer ports,then a switch. Now that concludes this sessionon the introduction to network devices. PartOne, we talked about layer one devices. Wetalked about layer two devices. And we concludedwith a couple of layer three devices. Goodday. I'm Brian ferrill. And welcome to paceeyeties session on introduction to networkdevices, part two. Today we're going to discusssome security network devices. And then we'llmove on to some optimization and performancedevices. And with that, let's go ahead andbegin this session. And we will begin by talkingabout security devices. First up is the firewall.Now a firewall can be placed on routers orhosts in that it can be software based orit can be its own device. A firewall functionsat multiple layers of the OSI model, specificallyat layers 234 and seven. A firewall can blockpackets from entering or leaving the network.And it does this through one of two methodsit can do it through stateless inspection,in which the firewall will examine every packetthat enters or leaves the networks againsta set of rules. Once the packet matches arule, the rule is enforced in the specifiedaction is taken, or it may use state fullinspection. This is when a firewall will onlyexamine the state of a connection betweennetworks. Specifically, when a connectionis made from an internal network to an externalnetwork. The firewall will not examine anypackets returning from the external connection.It only cares about the state of the connection.As a general rule, external connections arenot allowed to be initiated with the internalnetwork. Now firewalls are the first lineof defense in protecting the internal networkfrom outside threats. You can consider thefirewall to be the police force of the network.Then there is the intrusion detection system.The IDs and IDs is a passive system designedto identify when a network breach or attackagainst the network is occurring. They'reusually designed to inform a network administratorwhen a breach or attack has occurred. Andit does this through log files, text messagesand are through email notification Friends,and IDs cannot prevent or stop a breach orattack on its own. The IBS receives a copyof all traffic and evaluates it against aset of standards. The standards that it usedmay be signature based. This is when it evaluatesnetwork traffic for known malware or attacksignatures, or the standard may be anomalybased. This is where it evaluates networktraffic for suspicious changes, or it maybe policy base. This is where it evaluatesnetwork traffic against a specific declaredsecurity policy. An IDs may be deployed atthe host level when it's deployed at the hostlevel. It's called a host based intrusiondetection system, we're hids more potent thanthe intrusion detection system is the intrusionprevention system. The IPS an IPS is an activesystem designed to stop a breach or attackfrom succeeding and damaging the network.They're usually designed to perform an actionor set of actions to stop the malicious activity.They will also inform a network administratorthrough the use of log files, SMS, text messaging,and or through email notification. For anIPS to work. All traffic on the network segmentneeds to flow through the IPS as it entersand leaves the network segment. Like the IDSall of the traffic is evaluated against aset of standards and they're the same standardsthat are used on the IDs. The best placementon the network segment is between a routerwith a firewall hopefully, and the destinationnetwork segment. That way all the trafficflows through the IPS. IPS are programmedto make an active response to the situation,they can block the offending IP address, theycan close down vulnerable interfaces, theycan terminate network sessions, they can redirectthe attack. Plus there are more actions thatan IPS can take. The main thing is is thatthey are designed to be active to stop thebreach or attack from succeeding and damagingyour network. Let's move on to the virtualprivate network concentrator the VPN concentrator.Now this will allow for many secure VPN connectionsto a network. The concentrator will provideproper tunneling and encryption dependingupon the type of VPN connection that is allowedto the network. Most concentrators can functionat multiple layers of the OSI model. Specifically,they can operate at layer two, layer threeand layer seven. Now outside of internet transactions,which use an SSL VPN connection at layer seven,most concentrators will function at the networklayer or layer three of the OSI model, providingIPsec encryption through a secure tunnel.Now let's talk about optimization and performancedevices. We will begin by talking about theload balancer. a load balancer may also becalled a content switch or a content filter.It's a network appliance that is used to loadbalance between multiple hosts that containthe same data. This spreads out the workloadfor greater efficiency. They're commonly usedto distribute the requests or workload toa server farm among the various servers inthe farm, helping to ensure that no singleserver gets overloaded with work requests.Then there's the proxy server. A proxy serveris an appliance that requests resources onbehalf of a client machine. It's often usedto retrieve resources from outside untrustednetworks on behalf of the requesting client.It hides and protects that requesting clientfrom the outside untrusted network. It canalso be utilized to filter allowed contentback into the trusted network. It can alsoincrease network performance by caching orsaving commonly requested web pages. Now thatconcludes this session on the introductionto network devices, part two We talked aboutsome security devices that you may find onyour network. And we concluded with optimizationand performance devices that may also be present.Hello, I'm Brian ferrill. And welcome to paceI t's session on networking services and applicationspart one. Today I'm going to be discussingthe basics of the virtual private network.And then I'm going to move on to protocolsused by virtual private networks. Now, there'sa whole lot of stuff to cover. So let's goahead and begin this session. Of course, I'mgoing to begin by talking about the basicsof the virtual private network. A virtualprivate network or VPN is used by remote hoststo access a private network through an encryptedtunnel through a public network. Once theVPN connection is made, the remote host isno longer considered remote is actually seenby the private network as being a local host.There are many advantages to that, but I'mnot going to cover them right now. Even thoughthe network traffic may pass through manydifferent routes or systems, it's seen byboth ends as being a direct connection. Theuse of the VPN can help to reduce networkingcosts. For organizations and business. Thecost reduction is partially achieved, becausethe VPN doesn't require the use of a dedicatedleased line to create that direct connection.There are several different types of VPNsthere is the site to site VPN, which allowsa remote sites network to connect to the mainsites network and be seen as a local networksegment. VPN concentrators on both ends ofthe VPN will manage that connection. Thenthere's the remote access VPN, which is alsocalled a host to site VPN. It allows selectremote users to connect to the local network.A VPN concentrator on the local network willmanage the connection coming in from the remoteusers. The remote system making the connectionuses special software called VPN client softwareto make that connection. The third type ofVPN is the host of host VPN, which is oftencalled an SSL VPN. It allows us secure connectionbetween two systems without the use of VPNclient software. A VPN concentrator on thelocal network manages the connection. Thehost seeking to connect uses a web browserthat supports the correct encryption technology,which is either SSL or more likely TLS. Tomake the connection to the VPN concentrator.It's time to discuss some protocols used bythe virtual private network. The big protocolfor VPN is called Internet Protocol securityIPsec, which isn't actually a protocol initself, but a whole set of protocols. IP secworks at layer three of the OSI model or above.It's the most common suite of protocols usedto secure a VPN connection. IP sec can beused with the authentication header protocolor the H protocol. h only offers authenticationservices, but no encryption. So it authenticKate's the user but there is no encryptionof the session, or ipset can be used withencapsulating security payload protocol orthe ESP protocol. ESP both authenticates andencrypts the packets. It is the most popularmethod of securing a VPN connection, bothH and ESP will operate in one of two modes.The first mode is transparent mode, that isbetween two devices as in a host to host VPN,or they can be used in tunnel mode, whichis between two endpoints as in a site to siteVPN, IP sec implements Internet Security Associationand key management eisah camp by default eisahcamp provides a method for transferring securitykey and authentication data between systemsoutside of the security key generating process.It is a much more secure process. Then wehave generic routing encapsulation. gra Gis a tunneling protocol that is capable ofencapsulating a wide variety of other nutslayer protocols, it's often used to createa sub tunnel within an IP sec connection.Why is that? Well, IP sec will only transmitunicast packets, that's one to one communication.In many cases, there is a need to transmitmulticast, which is one to some communication,or broadcast, which is one to many communicationpackets across an IP set connection. By usingGRP we can get that accomplished. Then there'sPoint to Point tunneling protocol pptp. Thisis an older VPN technology that supports dialup VPN connections. on its own, it lackednative security features, so it wasn't verysecure. But Microsoft's implementation includedadditional security by adding gr E. Two pointto point tunneling protocol. Transport LayerSecurity is another common VPN protocol. TLSis a cryptographic protocol used to createa secure encrypted connection between twoend devices or applications. It uses asymmetricalcryptography to authenticate endpoints andthen negotiates a symmetrical security key,which is used to encrypt the session TLS haslargely replaced its cousin, secure socketlayer protocol, and TLS works at layer fiveand above of the OSI model. Its most commonusage is in creating a secure encrypted internetsession or SSL VPN. All modern web browserssupport TLS now I just mentioned secure socketlayer or SSL. SSL is an older cryptographicprotocol that is very similar to TLS. Themost common use is in internet transactions.Why? Because all modern web browsers supportSSL. But due to issues with earlier versionsof the protocol, it has largely been replacedby TLS. SSL version 3.3 has been developedto address the weaknesses of earlier versions.But it may never again catch up to its cousin,the TLS protocol. Now that concludes thissession on networking services and applicationspart one, I talked about the basics of thevirtual private network. And then I talkedabout the protocols used by the VPN network.Good day, I'm Brian ferrill. And welcome topace I t's session on networking servicesand applications part two. Today we're goingto be discussing network access services.And then we're going to move on to other servicesand applications. As always, there's a fairamount of ground to cover. So let's go aheadand dive into this session. I will begin withnetwork access services. The first networkaccess service that I'm going to discuss isactually a piece of hardware, the networkinterface controller or Nic, it can also becalled the network interface card. The Nicis how a device connects to a network. Thenetwork interface controller works at twolayers of the OSI model at layer two whichis the data link layer. It provides the functionalmeans of network communication by determiningwhich networking protocols will be used asin a Nic that will provide Ethernet communicationor Nic that will provide Point to Point protocol.It also provides the local network node addressthrough its burned in physical media accesscontrol address at layer one the physicallayer, the network interface controller determineshow the network data traffic will be converteda bit at a time into an electrical signalthat can traverse the network media beingused, ie it provides the connection to thenetwork. Most modern computers come with atleast one built in Ethernet Nic routers andother network devices may use separate modulesthat can be inserted into the device to providethe proper network interface controller forthe type of media they're connecting to inthe networking protocols that are being used.Another network access service is radius remote,authentic dial in user service radius is aremote access service that is used to authenticateremote users and grant them access to authorizednetwork resources. It is a popular tripleA protocol that's authentication, authorizationand accounting protocol. It's used to helpensure that only authenticated end users areusing the network resources they are authorizedto use. The accounting services of radiusare very robust. The only drawback to radiusis only the requesters the end users passwordis encrypted. Everything else gets sent inthe clear terminal access controller accesscontrol system plus or TAC x plus terminalaccess controller access control system pluspoint what a mouthful, it sure is easier tosay. TAC x plus is a remote access servicethat is used with authenticate remote devicesand grant them access to authorized networkresources. It is also a popular triple A protocolused to help ensure that only authenticatedremote network devices are using the networkresources that they are authorized to use.With TAC x plus the accounting features arenot as robust as those found in radius. Butall network transmissions between devicesare encrypted with TAC x plus, let's moveon to other services and applications. Firstup is our AAS Remote Access Services. Now,RS is not a protocol, but a roadmap. Rs isa description of the combination of softwareand hardware required for remote access connection.A client requests access from an RS server,which either grants or rejects that access.Then we have web services, creating a meansof cross communication. Web Services providesthe means for communication between softwarepackages or disparate platforms. It's usuallyachieved by translating the communicationinto an XML format, or Extensible Markup Languageformat. It is becoming more popular as systemsdiverged. Last up is unified voice services.This is creating a better voice communicationsystem. It's a description of the combinationof software and hardware required to integratevoice communication channels into a networkas in Voice over IP. That concludes this sessionon networking services and applications. PartTwo. I began by talking about network accessservices. And I concluded with other servicesand applications. Hello, I'm Brian ferrill.And welcome to pace eyeties session on DHCPin the network. Today, we're going to be talkingabout static versus dynamic IP addressing.Then we're going to move on to how DHCP works.And then we will conclude with componentsand processes of DHCP. And with that, let'sgo ahead and begin this session. And of course,we begin by talking about static versus dynamicIP addresses. So how does a computer knowwhat its IP configuration is? Well, more thanlikely a computer received its IP configurationfrom a Dynamic Host Configuration Protocolserver. Not only did the server give the PCan IP address, but it also told the PC wherethe default gateway was, and more than likelyhow to find a DNS server, a computer willreceive its IP configuration in one of twoways. Either statically, which means manuallyset or dynamically, which means through aservice like DHCP static IP address assignmentworks fine for very small and stable networks,but quickly becomes unwieldly and error proneas the network grows and more nodes come onto the network. So let's talk a little bitmore about static IP addresses. The administratorassigned An IP number and subnet mask to eachhost in the network, whether it be a PC, routeror some other piece of electronic equipment.Each network interface that is going to beavailable to connect to the network requiresthis information. The administrator also assignsa default gateway location and DNS serverlocation to each host in the network. Nowthese settings are required if access to outsidenetworks is going to be allowed, that wouldbe through the default gateway. And if humanfriendly naming conventions are going to beallowed, and that way, you can more easilyfind network resources, and that would bethrough a DNS server. Now each time a changeis made, as in a new default gateway is established,each IP configuration on each host must beupdated. That's why it becomes rather cumbersomeand complicated as the network grows. Nowwith dynamic IP addressing the administratorconfigures, a DHCP server to handle the assignmentprocess, which actually automates the processand eases management. The DHCP server listenson a specific port for IP information requests.Once it receives a request, the DHCP serverresponds with the required information. Nowlet's move on to how DHCP works. Here is thetypical DHCP process. Upon boot up a PC thatis configured to request an IP configurationsends a DHCP discovery packet. Now the discoverypacket is sent to the broadcast address 255255255255on UDP port 67. The DHCP server is listeningto that port. It's listening for that discoverypacket. When the DHCP server receives thediscovery packet, it responds with an offerpacket, basically saying hey, I'm here tohelp. Now the offer packet is sent back tothe MAC address of the computer requestinghelp, and it's sent on port 68. Once the computerreceives that offer packet from the DHCP server,if it's going to use that DHCP server, itreturns a request packet. That means it'srequesting the proper IP configuration fromthat specific DHCP server. Once the DHCP serverreceives the request packet, it sends backan acknowledgment packet. Now this acknowledgementpacket contains all of the required IP configurationinformation. Once the PC receives the acknowledgmentpacket, the PC changes its IP configurationto reflect the information that it receivedfrom the DHCP server. And that's the typicalDHCP process in a nutshell. Now let's talkabout components and the process of DHCP.We're going to begin by talking about theport's use. Now, I already mentioned thisonce, but I'm going to mention it again becauseyou need to know this. The PC sends its discoverypacket out on the broadcast address 255255255255on port 67. That's UDP port 67. When the DHCPserver responds, it responds to the PCs MACaddress, Media Access Control address on UDPport 68. That's important. Remember the PCuses UDP port 67. The DHCP server respondson UDP port 68. Then there's the address scope.The address scope is the IP address rangethat the administrator configures on the DHCPserver. It is the range of addresses thatthe DHCP server can hand out to individualnodes. There's also what are called addressreservations. Now these are administratorconfigured reserved IP addresses. The administratorreserves specific IP addresses to be handedout to specific MAC addresses. Now these areused for devices that should always have thesame IP address. As in servers and routers.If you did Do that there is the possibilitythat your default gateways IP address mightchange. Now the reason we use address reservationis this allows these addresses to be changedfrom a central location, instead of havingto log into each device and change the IPconfiguration separately. Now part of theDHCP process are what are called leases. TheDHCP server hands out that IP configurationinformation, but it sets a time limit forhow long that IP configuration is good. Thisis called the lease. So the parameters areonly good for a specified amount of time.Now the administrator can configure how longthe leases are, there are also options thatthe administrator can configure. The firstone that's pretty obvious is the default gatewaylocation. There's also the DNS server address,and the administrator can configure more thanone DNS server location. And administratorcan also configure an option for the PC tosynchronize with a time server. So the administratorcan configure a time server address. Thereare many more additional options, but thoseare the big three that you should remember.Now when a PC boots up, it does have a preferredIP address, that would be the IP address thatit had the last time it booted up. Now hecan request that same IP configuration fromthe DHCP server. Now the administrator canconfigure the DHCP server to either honorthat preference or to ignore it. Now underthe right circumstances, a DHCP server isn'trequired to reside on the local network segment.Now as a general rule, broadcast transmissionscannot pass through a router. But if there'snot a DHCP server on the local network segment,the router can be configured to be a DHCPrelay. When a DHCP relay, also called an IPhelper receives a discovery packet from anode, it will forward that packet to the networksegment on which the DHCP server resides.This allows for there to be fewer configuredDHCP servers in any given network, reducingthe amount of maintenance that an administratorneeds to perform. Now that concludes thissession on DHCP in the network, we startedwith static versus dynamic IP addressing.And then we moved on to how DHCP works. Andwe concluded with components and processesof DHCP. Hello, I'm Brian ferrill, and welcometo pace it session on the introduction tothe DNS service. Today we're going to be talkingabout DNS servers, DNS records, and we willconclude with a brief discussion on dynamicDNS. And with that, let's go ahead and beginthis session. We're going to begin this sessionwith a talk about DNS servers. Now DNS isthe process that maps human friendly namesas in www.google.com, to their appropriateIP addresses. Without DNS we would have tomemorize all of the IP addresses that we wishedto visit. Now, DNS stands for Domain NameSystem, and it's very structured in nature.If the local DNS server apparatus doesn'tcontain the needed record, it sends the requestup the DNS chain until the positive responseis received back. Now this positive responsegets passed back down to the original requester.Now DNS does require that an F q dn fullyqualified domain name is used in order forit to function properly known Fq dn is thewww.google.com it's that naming conventionright there. The www is the specific servicethat's being requested. The Google portionis the local domain that contains the specificservice. And the calm is the top level thatcontains the Google that contains the specificservice that is an F q dn. Now that we'vegot that covered, let's talk about the differentlevels of DNS servers. First off, there canbe a local DNS server. This is the serveron the local network that contains the hostsfile that map's all of the Fq DNS to theirspecific IP addresses in the local sub domain,it may be present or it may not be present.Then there are top level domain servers, theTLD server. Now, these are the servers thatcontain the records for the top level domains,examples of top level domains are.com.orgdotnet.edu, so on and so forth. Now, eachof these servers contains all of their informationfor their respective domains kind of in whatdo I mean by kind of, well, the TLD serversdo delegate down to second level servers,their information, they do that to ease theload so that the TLD server is not overloaded.But the TLD server is the server that is responsiblefor maintaining the record. Then there's theroot server. This is the server that containsall of the records for the TLD servers. Soif you're looking for a TLD, that is kindof unknown, you will actually go to the rootserver, which will then pass you on to theappropriate TLD. Then there are authoritativeservers and non authoritative servers. Andauthoritative DNS server is one that respondsto a request. And that authoritative serverhas been specifically configured to containthe requested information. an authoritativeresponse comes from a DNS server that actuallyholds the original record. So an authoritativeresponse comes from the name server that'sbeen specifically configured to contain thatrecord, then there are non authoritative DNSservers. Now a non authoritative DNS serveris one that responds to to a request withDNS information that it received from anotherDNS server. A non authoritative response isnot a response from the official name serverfor the domain. Instead, it is a second orthird hand response that's given back to therequester. In most cases, when we send a DNSrequest, we get a non authoritative responseback. Now let's move on to the various DNSrecord types. The first record that we'regoing to talk about is the a record. Now thea record maps host names are Fq DNS to theirrespective ipv4 addresses. closely associatedwith the a record is the a record or quadruplea record this maps that Fq dn to its respectiveipv6 address. Then there's the C name record.Now, this maps a canonical name or alias toa hostname. What that means is that you canhave edcc.edu be the same as EDC dot o r gwithout having to maintain two sites, theEDC c dot o r g can be the canonical namefor EDC c.edu. This works in part becauseof the pointer record the PTR record. It'sa pointer record that points out to DNS thatthere is a canonical name. And finally, wehave the MS record. Now, this record mapsto the email server that is specified fora specific domain. It is the record that determineshow email travels from sender to recipient.And now let's move on to dynamic DNS. Nowdynamic DNS or DNS permits lightweight inimmediate updates to a local DNS database.This is very useful for when the Fq dn orhostname remains the same, but the IP addressis able to change on a regular basis. DynamicDNS is implemented as an additional serviceto DNS and it's implemented through DD nsupdating. Now this is a method of updatingtraditional names. without the interventionof an administrator, so there's no manualediting or inputting of the configurationfiles required. A ddns provider supplies softwarethat will monitor the IP address of the referencesystem. Once the IP address changes, the softwaresends an update to the proper DNS server.DNS is useful for when access is needed toa domain whose IP address is being supplieddynamically by an ISP or internet serviceprovider. That way the IP address can changeBut people can still get to the service thatthey're looking for. Now, that concludes thissession on the introduction to the DNS service.We talked about DNS servers, we moved on toDNS records. And then we concluded with avery brief discussion about dynamic DNS. Hello,I'm Brian ferrill, and welcome to pace itsession introducing network address translation.Today, we're going to be talking about thepurpose of network address translation. Andthen we're going to discuss how network addresstranslation works. And with that, let's goahead and begin this discussion. Of course,we're going to begin by talking about thepurpose of network address translation. networkaddress translation, or Nat solves a veryserious problem of how to route non routableIP addresses. As a partial effort to conservethe ipv4 address space, the private ipv4 addressingspaces were developed, these address spaceswere removed from the public ipv4 addressspace and made non routable across publicipv4 networks. And this led to the problembeing non routable prevents that private ipv4address from communicating with remote publicnetworks. NAT very simply solves this problem.A router with Nat enabled will translate aprivate IP address into a routable publicIP address. When the response returns to therouter, it passes the response back to thedevice that requested it. So now that we'vecovered the purpose, let's talk about hownetwork address translation works. In Firstoff, we get to talk about the fact that thereare two categories of Nat. First up is staticNat. With static Nat each private IP addressis assigned to a specific routable publicIP address this relationship is kept and maintainedby the NAT enabled router. When a device needsaccess outside of the local network. The routertranslates the local IP address to the assignedpublic IP address. And when the response comesback, the router will translate the publicIP address back into a local one. Static Natis not flexible in leads to some scalabilityissues. An individual routable IP addressmust be kept for every device that requiresaccess outside of the local network. So asthe network grows, you need to increase theamount of public IP addresses that are underyour control. That gets kind of expensiveand kind of complicated. They developed dynamicNat to resolve some of that issue. With dynamicNat the NAT enabled router dynamically assignsa routable IP address to devices from a poolof available IP addresses. When a device needsaccess outside of the local network. The routerperforms the NAT function only the publicIP address comes from a reusable pool of publicIP addresses. That private IP address is assignedthe public IP address from the pool and onceoutside accesses stop the routable IP addressgoes back into the pool to be reused. As initiallydesigned dynamic Nat was more flexible thanstatic Nat, but it still led to some scalabilityissues. As more network traffic required accessto outside networks. The pool of availablepublic IP addresses needs to increase or outsideAccess cannot be achieved. But thankfully,there is a solution to this. And that solutionis called port address translation, or inCisco terms, that would be net with Pat. Patis a type of dynamic Nat that was developedto increase the scalability of network addresstranslation. When a local network device requiresaccess to a public network, the net enabledrouter dynamically assigns the public IP addressto the device. With the addition of dynamicallyassigning a port number to the end of thepublic IP address. The router tracks the IPaddresses important numbers to ensure thatnetwork traffic is routed to and from theproper devices. Pat still requires a poolof public IP addresses. But the pool may onlycontain one public IP address, or it may containseveral for a large private network. Thisis the preferred method of implementing networkaddress translation for two reasons. Firstoff, there's less public IP addresses thatare required. And it makes it easier for anadministrator to maintain. Now let's talkabout Nat terminology, specifically aboutthe types of addresses. And we begin withthe inside a local address, which is a privateIP address on the local network. It is theprivate IP address assigned to a specificdevice. Then there's the inside global addressa public address referencing an inside device.The inside global address is the public IPaddress assigned to the inside device by theNAT enabled router allowing access outsideof the network. Then there's the outside globaladdress, which is a public IP address referencingan outside device. It is the public IP addressassigned to a device outside of the localnetwork. Then there's the outside local address,which is the private IP address assigned toan outside device. This is the private IPaddress assigned to the outside device bythe NAT enabled router on the interior ofthe local network so that the inside devicecan communicate correctly with the outsidedevice. Now that concludes this session onintroducing network address translation. Wetalked about the purpose of network addresstranslation. And then we talked about hownetwork address translation works. Good day.I'm Brian ferrill. And welcome to pace eyetiessession on wind technologies part one. TodayI'm going to be talking about the public switchedtelephone network. Then I'm going to moveon to broadband cable. And I'm going to concludewith a brief section on fiber optics. Andwith that, let's go ahead and begin this session.Of course, we begin with the public switchedtelephone network. Before I begin with thepublic switched telephone network, let's talkabout what makes a win a win as opposed toa LAN. Well, as a general rule, if you ownand control the line that the data is usingto get from one place to another, you arenot using a wide area network or when technology.On the other hand, if you are using a formof transmission that you don't own, as inyou're leasing a line or you're paying forthe use of it, then you are likely using whentechnology. One of the most common physicalinfrastructures used in wind technology isthe public switched telephone network, thePSTN due to its widespread availability, justabout everybody has a telephone line beingrun to their house or to their building. Anolder technology but still somewhat validtoday for when technology is dial up. No dialup utilizes the PSTN to transmit network trafficas an analog signal. dial up does requirean analog modem to format the network trafficcorrectly so it can be transmitted. Your maximumtheoretical speed on dial up is 56 kilobitsper second. It's not very fast. Then there'sISDN integrated service. Digital Network ISDNis a digital point to point when technologythat utilizes the PSTN. It's a completelydigital service, it requires the use of aterminal adapter or ta to make the connectionto the end nodes. This ta is often calleda digital modem, but it's not it's a terminaladapter ISDN can use a primary rate interfaceor pri. Now the PRI is composed of 2364 kilobitper second B channels and once 64 kilobitper second D channel that D channel is usedfor call setup in link management. A pri canachieve 1.544 megabits per second speed, andthat is commonly referred to as a T one leasedline. The most commonly implemented form ofan ISDN though is the Bri the basic rate interface,it uses only two B channels and one D channel,and the Bri can achieve speeds of up to 128kilobits per second. Now ISDN is not as capableas a digital subscriber line or DSL, but itcan often be implemented where DSL cannotbe installed. Speaking about DSL, let's moveon to it. xx DSL is the term for generic DSL.DSL is a digital wind technology that utilizesthe PSTN DSL does require the use of a digitalmodem. It uses a dedicated digital line betweenthe endpoint in a class five central officeor CEO. Now in order for the most basic formsof DSL to be installed, you have to be within18,000 feet of the CEO. DSL is capable ofcarrying voice and data. When it does carryboth filters are put in place in order forthe voice signal to come through without anyinterference. Now let's move on to the differenttypes of DSL. In First up is symmetric DSLor sdsl. symmetric DSL is synchronous in nature.That means that the upload and download speedsare the same as DSL does not carry voice communication.So if you need voice service, an additionalline is going to be needed. As DSL is usedby businesses that don't quite need the performanceof a T one leased line, but they do requirethe symmetrical upload and download speeds.more common than sdsl is ADSL or asymmetricDSL, it's asynchronous in nature. That meansthat the upload speed is slower than the downloadspeed. ADSL can carry data and voice commonupload speeds for ADSL are 768 kilobits persecond, with download speeds of up to ninemegabits per second. It is the most commonimplementation of DSL, in the small officehome office environment. Last up for DSL isVDSL are very high bitrate DSL, it's asynchronousin nature as well. It's used when high qualityvideo in Voice over IP is necessary. VDSLis commonly limited to download speeds of52 megabits per second with an upload speedof 12 megabits per second. That's a wholelot faster than ADSL. But VDSL is only possiblewhen you're located within 4000 feet of acentral office. There is an exception to whatI just told you though, the current standardsdo allow for up to 100 megabits per secondspeed over the PSTN using VDSL. But in orderto achieve that, you must be within 300 metersof the central office. Now that the PSTN isout of the way, let's move on to broadbandcable. Broadband cable is coaxial cable networking.It's a broadband connection to a locationdelivered by the cable company. Broadbandcable can deliver voice data and televisionall through the same connection. And the wayit works is the digital signal is deliveredto the head and this is where all the cablesignals are received. The signal is then processedin format added and then transmitted to thedistribution network. The distribution networkis a smaller service area served by the cablecompany. The distribution network architecturecan be composed of fiber optic cabling, orcoaxial cabling, and or a hybrid fiber coaxialcabling or HFC. Unlike DSL, the bandwidthof the distribution network is shared by allof those who connect to it. This can leadto increase latency in congestion during busytimes. The final distribution to the premiseis usually through a coaxial cable. The otherthing that you need to know about broadbandcable is that all cable modems and similardevices must measure up to the ISP is requireddata over cable service interface specificationsor DOCSIS specification. If it doesn't measureup, you're not going to achieve the speedsthat you expect. Now let's conclude with fiber.Fiber Optic networking is using light to transmitdata and voice. This allows for more bandwidthover greater distances. Fiber Optic networkingis more expensive to install, but it's alsoless susceptible to line noise. The fibersynchronous data transmission standard inthe United States is called the synchronousoptical network or sonnet standard. The internationalstandard is called the synchronous digitalhierarchy are SDH. Both sonet and SDH definedthe base rates of transmission over fiberoptic cabling, which are known as opticalcarrier levels. Dense wavelength divisionmultiplexing is a method of multiplexing severaloptical carrier levels together, up to 32of them into a single fiber optic cable, effectivelyincreasing the bandwidth of that single opticalfiber. Instead of dw dm you could use CW dm,course wavelength division multiplexing. It'ssimilar to dw dm, but it only allows for upto eight channels on a single fiber. Whenfiber optic is delivered to the premise, it'susually delivered over a passive optical networkor upon upon is a point to multipoint technologythat uses a single optical fiber that usedto connect multiple locations to the internet.The passive optical network uses unpoweredoptical splitters. Now that concludes thissession on wind technologies. Part One, Italked about the public switched telephonenetwork. Then we moved on to broadband cable,and I briefly ran through fiber optic networking.Good day, I'm Brian ferrill. And welcome topace I t's session on web technologies, parttwo. Today we're going to be discussing GSMand CDMA when connections, then we're goingto move on to why max when connections andwe're going to conclude with satellite widearea network connections. There's a fair amountof information to cover. So let's go aheadand begin this session. And of course, I'mgoing to begin with the GSM and CDMA widearea network connections. All cellular carriersuse one of two methods for connecting devicesto their networks, and those methods are notcompatible. Currently in the United States,at&t and T Mobile use the global system formobile or GSM standard to connect their devicesto their networks. Both sprint and Verizonuse code division multiple access, also knownas cvma, as their method of connecting tonetworks. In those two standards are not compatible.The majority of the rest of the world utilizesGSM as the method for cellular network access.Let me speak briefly about cellular networking.Cellular networking involves using the cellularphone system for more than just phone calls.Cellular networking has been around for awhile and it originally wasn't known as this,but the first version of it is first G orone g cellular and it was only capable ofvoice transmissions as improvements came along.We got to GE that is cellular with simpledata transmission capabilities, as in textmessaging, 2g edge offered some basic cellularnetworking connectivity and was a stopgapmeasure between 2g in third generation cellular.3g cellular is the beginning of cellular winnetworking, it's giving way to 4g cellular,which is still an emerging technology. 4gcurrently consists of both LTE and y max.As a special mention, we need to talk aboutevolved high speed Packet Access, which isHSPA. Plus, it was a stop gap between 3g and4g networking. It's still available today.The current standard for HSPA plus allowsfor up to a maximum data rate of 84 megabitsper second. Now it's not quite as good asLTE, which is Long Term Evolution. LTE usesan all IP based core with high data rates.Now LTE is compatible with both 3g ny Max,the current standard for LTE allows for upto 300 megabits per second in download speeds,and up to 75 megabits per second in uploadspeeds. Now let me introduce you to why maxwhen connections, why max stands for worldwideinteroperability for microwave access. That'sa mouthful. That's why we say y max. y maxwas originally developed as a last mile alternativeto use when DSL or cable was not available.It can provide an alternative broadband connectionto a fixed location. It uses microwave transmissionsas an over the air method to transmit voiceand data. It does require line of sight betweenrelay stations, but why max can be used tocover significant geographic distances. Also,many municipalities are exploring the useof y max as a means of providing reasonablypriced broadband to their citizens withouthaving to wire every household. y max is oftenconsidered to be a type of 4g technology,because it is compatible with LTE networks.But why Max is not compatible with third generationcellular networks. It is time for us to concludewith satellite when connections. SatelliteWang connections are a type of microwave satellitenetworking. It uses microwave transmissionsas an over the air method of transmittingvoice and data just like y mx, it can be aneffective means of extending networks intoplaces that are hard to reach. It does usemicrowave radio relay as the method of transmittingdata through the atmosphere. Just like whitemat, it requires line of sight relay stations,but it can cover even more distances thany max. Why is that? That's because it utilizesa satellite network. By the way, because ofthe distances that satellite transmissionscan cover. This can lead to latency problems,think about it, the signals got to go froma terrestrial location, up to the satellite,probably over to another satellite and thendown to another terrestrial station. That'sa significant amount of distance. And there'sgoing to be some lag. I just talked aboutthe communication satellite there also knownas comsats. These do form part of the microwaverelay network. COMM sets can use a varietyof orbits, including the millennia. geostationarylow polar or polar orbits. The low polar andpolar orbits are used to boost microwave signalsbefore sending the signal back to Earth. Nowthat concludes this session on wind technologiespart two. I briefly talked about GSM and CDMAwhen connections, then I moved on to why maxwin connections and then we concluded withsatellite wind connections. Hello, I'm Brianferrill. And welcome to pace eyeties sessionon wind technologies part three. Today I'mgoing to briefly discuss Metro Ethernet whenconnections. Then I'm going to move on toleased line when connections and we're goingto conclude with some common standards. Withthat, let's go ahead and begin this session.Of course, I'm going to begin by discussingMetro Ethernet when connections. A Metro Ethernetconnection is when the service provider connectsto the customer's site through an RJ 45 connector.The customer will view that when connectionas an Ethernet connection while in realitythe type of connection will be dependent uponthe level of service that has been purchased.The service provider may also use a varietyof different wide area network technologiesbehind the scenes, but the customer will alwaysview it as being an Ethernet connection. MetroEthernet is commonly deployed as a wide areanetwork technology by municipalities at theMetropolitan Area Network or man level. Asin at the municipal level, it's time for usto discuss leased line when connections. Aleased line is a dedicated circuit or connectionbetween two endpoints used for communication.When we're talking about it. A leased lineis usually a digital Point to Point connection.A leased line can utilize either a plain oldtelephone service line, a Potts line on thepublic switched telephone network, or it canbe a fiber optic circuit provided by a telecommunicationscompany. leased lines tend to be more expensivefor the customer, as the circuit can't beutilized by any other entity. So the wholecost is borne by the customer because they'rethe only ones who get to use it. Most often,the speed of a leased line is limited by whatthe customer is willing to pay. There aresome multiplexing technologies out there thatcan be used to increase the amount of channelsthat are provided on the connection. One ofthe leased line technologies that you needto know about is point to point protocol PPP.It is a common data link layer or layer twoprotocol that's used with leased line networks,PPP can simultaneously transmit multiple layerthree protocols. It can transmit IP and IPx and appletalk, all at the same time, throughthe use of control protocols, which are actuallyspecific to the layer three protocol that'sbeing transmitted. PPP can include a featurecalled multi link PPP, which allows for multiplephysical interfaces to be bonded togetherand act as a single logical interface. Thiseffectively increases the available bandwidthto that system. There are different typesof leased line connections. In the UnitedStates, Japan and South Korea, there are tcarrier lines. Each t line is composed of24 Digital Signal channels. These are oftencalled digital signals, zero channels areDSO channels, each channel is capable of carrying64 kilobits per second, the 24 dsos make upwhat is called a DS one channel. In Europe,we have e carrier lines, each line is composedof 30 Digital Signal channels. These are alsocalled DSO channels, the 30 DSL channels alsomake up what is called a DS one channel. Whenwe're talking about fiber optic speeds, weoften talk about optical carrier lines, orOSI lines. The OSI data rates per channelare established by both the sonnet and SDHnetworking standards. Sonnet is the UnitedStates standard, and SDH is the internationalstandards. Interestingly enough, the OSI ratesare the same across the two standards, it'spossible to multiplex multiple channels intothe same fiber using different methods. Thefirst method is dense wavelength divisionmultiplexing dw dm, it allows for up to 32separate channels on a single fiber cable,or you could use coarse wavelength divisionmultiplexing, which allows for up to eightseparate channels on a single fiber opticcable. Let's conclude with common standards.The standards I'm going to be talking aboutare the speeds We begin with ti lines. A Tone is composed of 24 DSO channels, whichare also known as a DS one, and it's capableof achieving speeds of up to 1.544 megabitsper second. If that's not fast enough foryou, you can lease a T three line. It's composedof 28 T one lines. Now a T three line is alsoknown as a DS three, and it can achieve speedsof up to 44.736 megabits per second. If you'rein Europe, you might lease an E one line,an E one line which is composed of 30 DSLchannels can achieve speeds of up to 2.048megabits per second. Just as with the UnitedStates, if that's not fast enough for you,you can lease an E three line which is composedof 16 e one lines, which gives you up to 34.368megabits per second speed. Well, if T oneis slower than an E one, a T three is fasterthan any three. For all c lines. We have theOSI one, it's capable of 51 point 84 megabitsper second in speed, then there is the OSIthree, which gives you up to 155.52 megabitsper second speed. It's becoming more commonnow to see OC twelves. With those you getup to 622.08 megabits per second. If you wantgigabit type speed, you might consider leasingan OC 48 that gives you up to 2.488 gigabitsper second in bandwidth. Currently at thetop of the line is the OSI 192. That givesyou up to 9.953 gigabits per second speed.So essentially 10 gigabits per second worthof bandwidth. Now that concludes this sessionon web technologies. Part Three, I brieflydiscussed Metro Ethernet when connections,and then I went on to a discussion about leasedline Wang connections. And then I brieflymentioned some common standards. Hello, I'mBrian ferrill, and welcome to pace it sessionon web technologies Part Four. Today I'm goingto be discussing the difference between circuitswitched and packet switch networks. ThenI'm going to move on to a discussion comparingframe relay versus Asynchronous Transfer Mode.And then we're going to conclude with multiprotocol Label Switching. There's a wholelot of ground to cover, not a whole lot oftime. Let's go ahead and begin the session.Let's begin this session by talking aboutcircuit switched and packet switched networks.Circuit switch networks have a dedicated circuitbetween two endpoints that is used for communication.While set up the circuit can only be usedfor communication between those ends. Circuitswitch networks are most common in networkswith leased line communication channels. They'rebest used when there needs to be a fair amountof continuous data traffic between the twoendpoints. In what circuit switch networks,there is only one path for the data to take.On the other hand, in packet switch networksdata is broken up into smaller chunks andmove through the network only to be reassembledat the other end. The data is routed usingthe destination address and the data may takedifferent paths through the network that it'straveling through. As a general rule, packetswitch networks are less expensive to maintain.Why? Because the user doesn't have to maintaina dedicated circuit 24 seven, they're onlypaying for what they're using. Now let's talkabout the differences between frame relayand Asynchronous Transfer Mode. Frame Relayis a wind technology in which variable lengthpackets are switched across the network. FrameRelay is less expensive than leased lines.But frame relay can be made to look like aleased line through virtual circuits or VCs.A frame relay network will track a VC usinga Data Link connection identifier to identifythe end of the VC. There are two terms associatedwith frame relay that you should be awareof. The first is access rate. That is themaximum speed of Frame Relay interface. Theother term is the committed information rate,the cir, that's the guaranteed bandwidth thata customer receives. So that's the minimumspeed of that frame relay network, the accessrate may be higher, but the customer is alwaysguaranteed the committed information rate.Now let's talk about Asynchronous TransferMode, also known as ATM. ATM is a wind technologyin which fixed length cells are switched acrossthe network. These cells are always 53 byteslong. ATM can handle real time voice and video,because it's very fast, but it has poor bandwidthutilization. The small cell size reduces theefficiency of the technology. But ATM is veryfast even if it is inefficient. Common speedson an ATM network are 51 point 84 megabitsper second and 155.52 megabits per second.Let's conclude with multiprotocol Label Switching.The acronym for multi protocol Label Switchingis MPLS. MPLS is a topology that's growingin popularity. Why? Because it's scalable.Also it is protocol independent MPLS can beused to replace both frame relay switchingand ATM switching. It can be used to packetswitch both frame relay and ATM network traffic.This allows MPLS to be used with both framerelay and ATM technologies. MPLS is oftenused to improve quality of service and flowof network traffic. It uses a label edge routerto add MPLS labels to incoming packets ifthey don't have them. The label edge routerthen passes those packets on to a Label Switchingrouter or LSR router. The LSR forwards thosepackets based on their MPLS labels to theirfinal destination. Now that concludes thissession on when technologies Part Four, Italked about the differences between a circuitswitched and packet switch network. Then wemoved on to frame relay versus AsynchronousTransfer Mode. And we concluded with the briefdiscussion on multi protocol Label Switching.Hello, I'm Brian ferrill. And welcome to paceit session on network cabling part one. Todaywe're going to be talking about twisted pairnetwork cabling. Then we're going to talkabout twisted pair network connectors. Andthen we will conclude with categories of twistedpair. I have a whole lot of information tocover and I need to get through this quickly.So let's go ahead and begin the session. Andwe'll begin by talking about twisted pairnetwork cabling. Most people are familiarwith twisted pair cables because they arethe standard in the modern LAN they are whatyou see most often when you're looking atnetwork cable. twisted pair cables are composedof four pairs of wires contained within aninsulating sheath. Each pair of wires is twistedtogether to reduce electromagnetic interference,which is called EMI. The twist rates differbetween the pairs to reduce cross talk betweenthe pairs which is a type of EMI. The colorsof the pairs of wires are always white, orange,orange, white, blue, blue, white, green, green,and white brown, brown. Twisted pair networkcabling comes in either unshielded or shieldedtwisted pair that would be UTP or STP. Thedifference is that STP has an additional shieldthat is either wrapped around each pair ofwires are around all four pairs of wires.That shielding reduces the opportunity forEMI or cross talk, but it is more expensiveand a little harder to work with. Becauseit's not as flexible UTP or unshielded twistedpair is deployed in the network much moreoften than STP. There are also plenum andnon plenum types of twisted pair. Most twistedpair cabling is non plenum grade, but buildingcodes often call for plenum grade cable tobe run in plenum spaces. No a plenum spaceis that area that is designed to assist inthe air flow of a building for HVDC purposesand most often the planet Is that space betweenthe false ceiling and the actual ceiling.plenum cable is jacketed in either a fireretardant cover or in a low smoke PVC jacket.plenum cables often have a polymer or nylonstrand woven into the cabling or into thejacket to help take the weight of hangingcables. This reduces the chance for the cableto stretch which can cause the pair or pairsof wires inside the jacket to break. Twistedpair is usually either a straight throughcable or a crossover cable, but it can alsobe used to create a rollover or console cable.A straight through cable is used to connectdifferent types of devices together, as ina computer to a switch or switch to a router.Well a crossover cable is used to connectsimilar devices together, as in a PC to aPC or a switch to a switch the straight throughin crossover cable use different pin outsto achieve their connections. A rollover orconsole cable is often required to connectto the console port on a switch or a router.It is quite common for one end of the rollovercable to use an RJ 45 connector, while theother end utilizes an RS 232, also calleda DB nine connector. So now that I've mentionedthose connectors, let's go on to twisted pairnetwork connectors. And we're going to beginwith the rj 11. You don't see these very muchin what we think of as networking, but youdo see them all the time. The rj 11 uses asixth position for a contact modular connector.That's a six p four c modular connector. Itcan carry data or voice and it's common usageis voice communication, telephony, all ofyour telephone jacks are our j elevens. Thenthere's the rj 45. This is the one that wealways think about when we think about networkingwith twisted pair of cabling. It uses an eightposition eight contact or eight p eight cmodular connector. It can carry data or voiceand it's common usage is data networking,Ethernet, then there's the rj 48 C, it alsouses an eight position eight contact modularconnector eight p eight c just like the rj45 is a matter of fact, it's often thoughtof as being an RJ 45. But it's used as theterminating connector at the demark pointfor T one lines. And as I said just a momentago, it's often confused with the rj 45 butthe active pins are different. Then we havethe UTP coupler, the unshielded twisted paircoupler. It's used to connect UTP cables backto back and still maintain adherence to industrystandards, you might still come across the66 block being used for network connections,but probably not. It's a punch down blockthat was initially developed to terminatein distributed telephone lines in an enterprisenetwork. So you might still see it for telephony,but it's getting a little bit harder to findit. It was also used in slower speed networksas it can handle data traffic that's ratedfor cat three cabling, much more likely you'llfind a 110 block. Now this is a punch downblock that was developed to terminate anddistribute twisted pair network cabling. It'scapable of handling the signaling requirementsof the modern network. I mentioned the DBnine or rs 232 connector earlier. Well herewe go. It is a nine pin D sub miniature connectordeveloped for asynchronous serial communicationbetween nodes. It was a common type of connectorbetween a computer and an external modem.And as I said earlier, it often makes up oneend of the rollover cable, you might comeacross the dbx 25 also known as an Ei a 232,or rs 232 serial connector. It is a 25 pinD sub miniature connector developed for asynchronousserial communication between nodes just likethe DB nine only it was larger it to provideda type of connection between a computer andan external analog modem. And it's even lesscommon than the DB nine. Now let's move onto categories of twisted pair. And we beginwith cat three cat three was rated for upto 10 megabits per second speed, that's 10base t networking and it had a maximum delaydistance of 100 meters. By the way, unlessI specify all twisted pair cabling has a maxdistance of 100 meters, that 10 megabits persecond wasn't quite fast enough. So then wegot cat five cat five is rated for up to 100megabits per second speed, that's 100 baset networking. And that still wasn't fast enough.So they developed cat five E to cat five,he is rated for up to one gigabits per second,that's 1000 base t. Now we have cat six, catsix is rated for up to 10 gigabits per second,that's 10 Gigabit Ethernet, or 10 gb E. Andwith cat six, you can only get that 10 gigabitsper second over a max distance of 55 meters.For some reason they thought they needed togo more distance than 55 meters. So they developedcat six a, it has the same speed readingsas cat six, but it has a max distance of 100meters and you can still achieve that 10 gigabitsper second networking. Now that concludesthis session on network cabling part one.I talked about twisted pair cabling. ThenI talked about twisted pair network connectors,and I concluded with the categories of twistedpair cabling. Hello, I'm Brian ferrill, andwelcome to pace eyeties session on networkcabling part two. Today we're going to betalking about coaxial cabling, and fiber opticcabling. There's a fair amount of ground tocover so let's go ahead and begin this session.And of course we're going to begin by talkingabout coaxial cabling. coaxial or co x cablingis one of the oldest Ethernet standards fornetwork cabling. It was standardized in 1973.It's been used for baseband carries just asingle digital signal and it has been usedfor broadband carrying multiple digital signals.It is composed of a central conductor thatis covered by an insulating layer, which iscovered by an outer mesh or foil layer, whichis then finished off with an outer insulatinglayer. That inner metal mesh layer helps toprotect against electromagnetic interferenceEMI, there are several different types ofCO x cable. There is rG 58. It was used in10 base two networking, it could span a maximumdistance of 185 meters and had a 50 ohms impedancevalue. It's no longer commonly found in themodern network. Then there's rG 59. It's commonlyused to provide a broadband connection betweentwo devices over a short distance and it hasa 75 ohms impedance value. And it's only usedfor short distances because it leaks its signalit can't span very far. Then we have RG six,which is used for cable TV or broadband. Nowthe distance that RG six can span varies,but it still has a 75 ohms impedance value,and it's commonly used to make the connectionto a cable modem by the cable company. Thereare two basic types of CO x cable connectors.There is the BNC also known as the bayonetmeal Councilman connector. You can also callit a bayonet connector. It is used with COx cabling, but is now considered obsolete.The connection from the cable to the devicewas achieved through a spring loaded twistlock type of connector. A BNC coupler canalso be used to connect to coax cable segmentsback to back much more common is the F connector.It's a threaded bayonet connector, and it'salso used with CO x cable. An f connectorcoupler can be used to connect to coax cablesegments back to back. Now let's move on tofiber optic cabling. So now let me describefiber optic cabling. First off, it's relativelyexpensive and harder to work with than withother types of network cabling. It's not ascommon as other types either co x or twistedpair in the land environment. But it can resistall forms of electromagnetic interferenceand it cannot be easily tapped into. Thatmeans it's harder for people to ease dropon your network. missions. It also can coverlong distances at high speed. Fiber Opticcabling is designated by fiber type claddingsize. By the way, the cladding is what thelight bounces down, and it's jacket size thatouter jacket that covers the cable. The sizeof the cladding and the size of the jacketare listed in micrometres. Most applicationsof fiber optic cabling require that the cablesbe run in pairs, one cable to send transmissionsone cable to receive transmissions. The typeof connector used on fiber optic cabling canimpact the performance of the transmission.There are two basic categories of connectorsthere is the UPC the ultra physical contact.This connector has a back reflection ratingof around a negative 55 decimal loss. Thenthere's the AAPC the angle the physical connector,which has a back reflection rating of arounda negative 70 decibel loss, making it thebetter performing connector. Now let's talkabout fiber types. There's multimode fiber,which uses an infrared LED system to transmitlight down to the fiber. It sends multiplerays of lights down the cable at the sametime. It is used for shorter fiber runs undertwo kilometers. It is less expensive thanthe other type of fiber cable and then wehave single mode fiber SMF it uses a laserdiode arrangement to transmit light down thefiber. It only sends a single ray of lightdown the cable. Even though my diagram depictsit is going straight, it still bounces downthe cladding but there's only one of them.It's used for longer runs that require highspeed and it can span more than 40 kilometers.So now let's talk about fiber optic cablesand connectors. In First up is the SC thatis the subscriber connector or this squareconnector. You can also call it a standardconnector. An easy way to remember it is stickin click it's a push pull type connector.Then we have the st the straight tip. Youcan also think of this as stick and twist.It is a spring loaded twist lock type of connector.There is also the LC which can be called thelocal connector or loosened connector or littleconnector. It's a type of connector that usesa locking tab to secure the connection. Similarto the LC is the mtrj the mechanical transferregister jack. It's a small form factor connectorthat contains two fibers. And that also utilizesa locking tab to secure the connection. Youmight also find a fiber optic coupler guesswhat it does, it's used to connect to fiberoptic cables back to back. Now that concludesthis session on network cabling part two,I talked about coaxial cabling, and I concludedwith fiber optic cabling. Good day, I'm Brianferrill, and welcome to peace I t's sessionon network cabling, part three. Today I'mgoing to be talking about media converters,and then I'm going to talk about some cablingtools that you should know about. And withthat, let's go ahead and begin today's session.I will begin by discussing media converters.It is not uncommon to be in a situation wherenetwork contains more than one type of cabling.This can lead to a situation where there'sa desire to connect different types of mediatogether in order to make a cohesive or singlenetwork. Thankfully, media converters arereadily available. The issue of trying toconnect these disparate types of transmissiontogether mostly comes into play when you'retrying to join a fiber optic transmissionto a copper wire infrastructure. And that'sactually represented in the types of readilyavailable media converters that are out there.The most common media converters will connectsingle mode fiber to Ethernet, or multimodefiber to Ethernet or single mode fiber tomultimode fiber. And finally, there is a fiberto coaxial cabling media converter. You needto be aware that these devices are out thereto help you create a solid network. Now let'smove on to cabling tools. So every technicianshould put some thought into the tools thatare in his or her toolbox. It is often saidthat you get what you pay for. And that isvery true with tools. While a good techniciancan get away with buying the most inexpensivetools, by spending a little more money fora better tool that can often make the taskeasier and ultimately make the technicianmore efficient. But you also need to be awarethat you can spend more money than is necessaryand not utilize all of the features in a giventool. So you need to find that balance pointbetween spending too much money and not spendingenough money to become a really efficienttechnician. Now let's move on to the toolsthemselves. And we'll begin with crimperscrimpers are used to place cable ends on cables.They can be designed to work with a singletype of cable, as in twisted pair wire withmultiple types of cable. I've seen some crimpersthat have been able to work with RJ elevensrj 45 and with a coaxial f connector, nextstep or wire strippers. wire strippers areused to remove the insulating covers on wiresand cables. Many are designed to just cutthrough the insulation without damaging thecable contained within that insulation. Butsome are also designed to cut all the waythrough the cable so that excess cabling canbe trimmed. When you're using those to cutinsulation, you need to be careful that youdon't cut the underlying cable. Then thereare punchdown tools. These are used to securecable wires in it punch down blocks. A goodpunch down tool will trim the ends at thesame time as it places the wire in the punchdown block. Then there are cable testers.These are used to test cables for common problemsas in mis configuration of the ends or incorrectpin outs. Cable testers will often test forthe cable standard used either the T 568 Aor the T 560 a b or they can tell you whetheror not you've created a crossover cable. Cabletesters will test for shorts or breaks inthe continuity of the cable. Some types oftesters can also test for cable length andquality. These type of testers are calledcable certifiers. Then we have the TDR thetime domain reflectometer. Now this is a cabletester for copper cabling that can determinethe length of a segment and the electricalcharacteristics of the cable. Also, a TDRcan tell you where break is in a segment.A TDR is capable of performing all of thesame tests that a cable tester can. But theyare much more expensive than a standard cabletester. This is where you can spend too muchmoney and not utilize all of the featuresavailable in the tool. Let's conclude thiswith the OTDR the optical time domain reflectometer.It performs all of the same functions thata TDR can but it is specifically used forfiber optic cabling. Now that concludes thissession on network cabling, part three. Ibriefly talked about media converters, andthen I brought up some cabling tools thatyou need to know about. Hello, I'm Brian ferrill,and welcome to pcit session on network topologies.Today we're going to discuss what a topologyis. Then we're going to discuss peer to peerand client server networking. And then we'regoing to talk about some common network topologies.And with that, let's go ahead and begin thissession. So what is a topology? Well, a topologyis basically a map that can be used to describehow a network is laid out or how a networkfunctions. A network topology can be describedas either being logical or physical. a logicaltopology describes the theoretical signalpath, while the physical topology describesthe physical layout of the network. And youshould know that a logical and physical topologydon't need to match. And with that, let'smove on to peer to peer versus the clientserver networks. So are these really topologies?No, not really. They don't describe the signalpath or the physical layout of the network.But yes, they are topologies because theydo describe how the network function. So that'swhy they're here in this discussion. Now ina peer to peer topology, the nodes controland grant access to resources on the network.No one node or group of nodes controls accessto a single specific type of resource. There'sno real server present. Each node is responsiblefor the resources it's willing to share. Noclient server topology differs. Network resourceaccess is controlled by a central server orservers. A server determines what resourcesget shared, who is allowed to use those resources.And even when those resources can be used.Now, in the small office home office, it'scommon to find a hybrid topology. That's wherea combination of peer to peer and client servernetworking is, you know, let's move on tosome common network topology models. The firstone we're going to discuss is the bus. Theoriginal Ethernet standard established a bustopology for the network, both logically andphysically. And what I mean by a bus topologyis the signal traveled along a predeterminedpath from end to end, it went from one directionto the other direction, and then it couldcome back. Now as time went on, the bus developedsome mechanical problems that led to the developmentof different physical topologies. But thelogical topology remained the same in orderto maintain backward compatibility. So whenwe discuss Ethernet networks, the logicaltopology is always a bus topology, while thephysical topology can be different. So let'stalk about the bus. Again, the signal traversesfrom one end of the network to the other,no break in the line breaks the network, theends of the bus line needed to be terminatedin order to prevent signal bounce. And whatthat means is that if there was a break orthe ends of the line were not terminated,when the signal got to the end, it would bounceback through and create a storm. In a bustopology, the network cable is the centralpoint. Now kind of related to the bus is thering, it's a bus line with the endpoint connectedtogether, a break in the ring breaks the ring.In a ring topology, it's common to use tworings multiple rings that can rotate the safeguardsagainst a break in one ring bringing downthe whole network. Now ring topologies arenot very common anymore in the land. But they'restill used in the wide area network, especiallywhen sonet or SDH is used. Moving on fromthe ring we have the star, the nodes radiateout from a central point. Now when a startopology is implemented with a hub, a breakin a segment brings down the whole bus, becausethe hub retransmits out all ports. Now whenit's implemented with a switch of braking,the segment only brings down that segment,it is the most common implementation in themodern LAN. Then there's the mesh. A truemesh topology is when all nodes are connectedto all other nodes, that's a full mesh. Now,those aren't very common because they areexpensive and difficult to maintain. But it'scommon to find partial meshes. That's wherethere are multiple paths between nodes. Noweveryone knows at least one partial mesh networkand that would be the internet. Now let'smove on to the point to point topology. That'swhere two nodes or systems are connected directlytogether. Now if you're talking about twoPCs, that's when they use a crossover cableto create a point to point topology. There'sno central device to manage the connection.Now this is still a common topology when implementedacross a LAN connection utilizing a T oneline. We also need to discuss point to multipoint.In a point to multipoint topology a centraldevice controls the paths to all other devices.This differs from the star in that the centraldevice is intelligent. Now wireless networksoften implement point to multipoint topologies.When the wireless access point sends all deviceson the network receive the data. But whena device sends its messages only passed alongto the destination. It's also a common topologywhen implementing a win across a packet switchnetwork. Now let's discuss MPLS MPLS is multiprotocolLabel Switching and it is a topology that'sused to replace both frame relay switchingin ATM switching. It's a topology becauseit specifies a signal path in layout. MPLSis used to improve the quality of serviceand flow of network traffic. It uses labeledge routers, le RS which is MPLS labels toincoming packets if they don't already havethem know the Le RS and the labels and passthe packets along to lsrs Label Switchingrouter, these forward packets based on theirMPLS labels. That's what makes this a topology.Now that concludes this session on networktopologies. We discussed what a topology is.Then we discussed the differences betweenpeer to peer and client server networking.And then I brought up some common networktopology models that you should know. Goodday. I'm Brian ferrill, and welcome to paceI t's session on network infrastructure implementations.Today I'm going to be talking about designversus function. And then I'm going to talkabout categories of different networks. Inwith that, let's go ahead and begin the session.Let's begin this session by talking aboutthe difference between design and function.when describing a network, you have a coupleof different options are you describing itsdesign or its function? If you are going todescribe its design, then the first placeto start is to describe its topology? Is ita bus network is it a star network or a pointto point but if you're going to describe howthe network functions, then the first placeto start is to describe the category or infrastructureimplementation of that network. And with that,let's move on to categories of networks. Firstup is the local area network or the LAN. Mostlands are encompassed by a single networkaddress range, that address range may be brokenup into subgroups. Through the use of virtuallocal area networks. VLANs. A LAN can spananywhere from a small area like a single roomto a whole building or a small group of buildings,the land tends to be the highest speed network,it is becoming more common to see 10 gigabitsper second networking on the land. The mostcommon types of network on the land are the802 dot three or Ethernet and or the 802 dot11 or wireless local area network. These arethe most common types of network found onthe LAN then there is the Metropolitan AreaNetwork or the man, it is larger than land.Most often it contains multiple local areanetworks. mans or Metropolitan Area Networksare often owned by municipalities. When aman is owned by a private entity, it is sometimescalled a campus Area Network, then there isthe win the wide area network. Now a win spanssignificant geographic distances, they canbe described as a network of networks in thebest example of a win is the internet. Sohow do you tell when a man becomes a win?Well, as a general rule, if all of the infrastructureimplementation has a single owner, then itis not a win. If it's large, it'll be a man.And if it's not quite so large, it'll be aLAN. But it's really easy to tell a personalArea Network a pan. Why, because they areextremely distance and size limited. Mostoften a pan is a connection between only twodevices. Common examples include a Bluetoothconnection between a keyboard and a computerthat's a pan, then there are infrared or IRconnections between a smartphone and a printer.That's a pan. Another example of a pan isnear field communication, which is now becomingseen between a smartphone and a payment terminal.The pan tends to have low throughput of dataand low power output, they don't consume awhole lot of power. As the distance betweendevices increase, the throughput on a panwill decrease. Now a couple of special categoriesof networks in first is the supervisory controland data acquisition network, the scatternetwork. Now a scatter network is a type ofindustrial control system or ICS that is designedto control large scale deployments of equipment.The control equipment is usually at more thanone sight. Scatter is often deployed in energydistribution systems by utility companies.Scatter uses a distributed control systemor DCs to communicate with programmable logiccontrollers, PLCs and or remote terminalsto control the equipment and processes froma central location. So they have a centrallocation to control equipment that's at remotelocations. Scattered networks are often proprietary,and often require additional training to understandthem and operate them. The last special mentionon categories of networks is the media net.It's a network designed and implemented specificallyto handle voice and video. They are designedand implemented to remove quality of serviceissues like latency, or jitter that can occurin other types of infrastructure. A videoteleconference network, or VTC is an exampleof a media net. They are often implementedas its own infrastructure, or as a sub infrastructureof a larger network. That concludes this sessionon network infrastructure implementations.I talked about the differences between designand function of networks. And I concludedwith a discussion on the different categoriesof networks. Hello, I'm Brian ferrill, andwelcome to peace I t's session on the introductionto ipv4, part one. Today we're going to betalking about the purpose of IP addressing.And then we're going to move on to some ipv4address properties. There's a whole lot ofground to cover, and we need to do it quickly.So let's go ahead and begin this session.Of course, we're going to start with the purposeof IP addressing. When Bob on network a wantsto view a webpage hosted on a server on networkC, how does Bob's computer know where to sendhim? Well, somehow Bob has gotten that server'sIP address, either an ipv4 format, or ipv6.IP addresses are the location of a PC or serveror some other network device that identifiesit by both its network location and host locationwithin that network. IP addressing providesa logical addressing scheme for our computers,so that they can communicate on networks.Being logical means that the IP address canbe changed with minimal fuss at any time.Unlike the MAC address, or the media accesscontrol address, which is physically embeddedinto the device. On the other hand, IP addressesare programmed and are easily change. Nowthat we know the purpose of IP addressing,let's move on to sum ipv4 address properties.ipv4 is made up of a 32 bit binary number.That means there are two to the 32nd power,possible address combinations. That givesus 4,294,967,296. Possible address combinations.With all of these possibilities, a processneeded to be developed to keep everythingneat and tidy. And most of all, find doublethe implementation of a subnet mask was theanswer. And I'll get to that subnet mask injust a moment. Something that you will finduseful is learning how to convert from binaryto decimal. Now decimal is base two, thatmeans there are only zeros and ones, as opposedto the base 10 that we're all used to dealingwith. If you would like more information onhow to convert from decimal to binary or binaryto decimal, you can go to that website that'slisted under this heading. So now let's talkabout the initial properties of ipv4. It isa 32 bit binary number. As I said before,it's divided into four sets of eight calledoctets. These are separated by periods ordecimals. Each octet is eight bits which equalsone byte. We often represent ipv4 addressesin a human friendly format. That's calleddotted decimal. Now when we look at this address192 dot 168 dot 1.9. That is an IP address,but we don't know which portion is the networkor which portion is the host. To be able toresolve this, it requires the use of a mask,which determines or defines which portionis which this mask is called the subnet mask.And the subnet mask has the same format asthe IP address, as in it's 32 bits, and it'srepresented in dotted decimal format. So let'stake a look at how an IP address and subnetmask operate together. So we're going to beginwith 192 dot 168 dot 1.9 with a subnet maskof 25525525 5.0. Now the 192 dot 168 dot nineis the IP address. Like I said, in the otherportion, the 25525525 5.0 is the subnet mask.And it's easiest to show how the subnet masksby converting that dotted decimal back intobinary. So we can do that by deconstructingthe IP address. So the first octet would beone, one, followed by six zeros, that equals192. The second octet is 10101, followed bythree zeros, that equals 168. That third octetsreally easy. It's seven zeros followed bya one. And then we have the fourth octet,which is four zeros, a one, two zeros anda one that equals nine. Now if we deconstructthe subnet mask, what we have is we have threeoctets that are full of ones and one octetthat's full of zeros that represents that25525525 5.0. Now if we put the subnet maskunder the representation of the IP address,anything that's not covered by a one in thesubnet mask is a part of the host address.Everything that is covered by a one is thenetwork address. So what we have for thatIP address is that 192 dot 168 dot one isthe network portion of the address. And thenode portion of the address is the nine. Andthat's how the IP address and subnet maskwork together to define the network and thenode. Now that concludes this session on theintroduction to ipv4 part one, we talked aboutthe purpose of IP addressing and then we movedon to some ipv4 address properties. Hello,I'm Brian ferrill. And welcome to peace It's session on the introduction to ipv4 parttwo. Today we're going to talk about classesof ipv4 addresses. And then we're going tomove on to Classless ipv4 addressing and wewill conclude with a brief discussion on subnettingipv4 addresses. There's a whole lot of technicalinformation to cover, so let's go ahead andbegin the session. Let's begin by talkingabout classes of ipv4 addresses. InternetProtocol Version four ipv4 is a binary addressingscheme that's used for networking. It wasinitially finalized as a standard in 1981.ipv4 is a common network addressing schemethat is still being deployed today. Thereis an issue though with ipv4. Because of itsstructure and the growth and popularity ofthe internet. Most of the world has run outof assignable ipv4 addresses. But thanks tosome forethought, it's still a valid scheme.Today, we need to talk about classes of ipv4addresses and we begin with a class a networkaddress. Class A networks have an addressrange of zero to 127 in the first octet, thatgives us addresses from 0.0 dot 0.0 up to127.255255255. The first octet on the lefthas a binary representation that always beginswith a zero. This gives us a possible 16,777,214host addresses and the subnet mask with aclass a network is always 255 dot 0.0 dotzero then there are classes B network addresses,they have an address range of 128 to 191 inthe first octet, that means that class B networkscan have a range of 128.0 dot 0.0 up to 191.255255255.The first octet on the left always has a binaryrepresentation that begins with a one zero.Now Class B network addresses give us a possible65,534 hosts in the subnet mask used witha Class B network is always 255255 dot 0.0.Then there are Class C network addresses andthey have an address range in the first octetof 192 up to 223. That means that we havean address range of 192.0 dot 0.0, up through223.255255255. And that first octet on theleft always begins with a one zero. ClassC network addresses give us a possible 254post addresses or node addresses and the subnetmask with a Class C is always 25525525 5.0.The last class of address that you need toconcern yourself with is the Class D networkaddress. It has an address range of 224 upthrough 239 in the first octet, which meansthat it can range from 220 4.0 dot 0.0 upthrough 239.255255255. In that first octeton the left has a binary representation of1110. So the first four bits are always takenand they are always 1110. Now subnet masksare not defined for class the networking classthe network addresses are used for multicastcommunication. And finally, we have a specialclass of addresses Well, kind of a class ofaddresses, and that involves automatic privateIP addressing up PIPA. In some cases, theDynamic Host Configuration Protocol DHCP processmay fail. In these cases, a node or host willself configure an IP PIPA address. Now withina PIPA address, the first two octets are always168.2 54. And if you see that in your IP configuration,you know that you have a DHCP problem. Soone of the first methods that they use toconserve the ipv4 address space was they brokethem out into public and private IP addresses.public IP addresses are routable. And beingroutable means that each public IP addressis unique. There can only be one. Now publicIP addresses are not flexible, you are assignedto your network space, you're not really givena choice what your public IP address is goingto be. And then there are the private IP addresses.These are non routable. They do not need tobe completely unique throughout the world.They only have to be unique on their network.The first one that we're going to discussis the class a license, there is only oneclass a license, you have a possible addressrange of 10.0 dot 0.0 up through 10.255255255.Next up is the class B license. There are16 possible network addresses, not networkingO's, but just network addresses availablein a class B license. They have an addressrange of 172 dot 16 dot 0.0 up through 172dot 31.255255. And last but not least is theclass C license. There are 256 Class C licenseswith a possible address range of 192.1 68dot 0.0 up through 192.1 68.255255. Now privateIP addresses is highly flexible. You get toassign the network space it's not assignedto you. Now let's move on to Classless ipv4.Addressing Now the classes of addresses actuallylimited the flexibility of ipv4. Part of thereason for that was that the first routingprotocols required the class structure. Andyou would think that with over 4 billion possibleIP addresses that we'd still have flexibility,but we really didn't. classless addressing,which is called classless inter domain routingor cider was developed to slow the growthof routing tables. It also slowed the exhaustionof ipv4 addresses, it also created much moreflexibility, the subnet mask becomes fluid,it's not rigid with cider addresses. It doesnot affect the private address space rangesthough, even though the subnet mask is nowfluid, you still only have those range ofaddresses available in with the introductionof classless addressing subnetting is nowpossible, and it's highly desirable. So let'stake a look at how cider notation works. Andwe'll begin with 190 2.1 68 dot nine witha subnet mask of 25525 5.0. With that becomesis 190 2.1 68 dot 0.9 slash 24. That slash24 represents all of the ones in the subnetmask. And that's those first three octetson the left that 255255255. And if you lookat that address, it's a Class C address, whichalways has a 25525525 5.0 subnet mask, butit now becomes fluid with cider, we can takeit and we can make it a 190 2.1 68.1 28.0slash 23. And what that really representsthat slash 23 is a subnet mask of 25525 5.128.0. And that gives us a network of 190 2.168.1 28.0 which actually gives us a host rangeof 190 2.1 68.1 28.1 through 190 2.1 68.129.2 54. That gives us 512 host addressesas opposed to the possible 254. Now the broadcastaddress for that network would be 190 2.168.1 29.2 55. So now let's move on to subnettingipv4 addresses. So what is subnetting? Well,subnetting cuts address spaces into smallerpieces. It takes one range of addresses andsplits it. This creates flexibility and networkdesign and creates efficiency in address spaceutilization. So let's take a look at an exampleof subnetting. This will involve a small officenetwork. So originally, we have a networkaddress of 223 dot 15 dot 1.0 slash 24. Thisis a Class C private network and it givesus a possible 254 hosts available. Why only254 will because a host cannot be assignedto the network address which is 223 dot 15dot 1.0. And it can't use the broadcast addresswhich is 223 dot 15 dot 1.255. In this example,with this network address, all the hosts inthe network can see all the other nodes. Nowlet's say that for security considerations,you want to split this into two networks.Well, you can do this using sub netting. Sowhat you do is you take that slash 24 networkand you create two slash 25 networks. Andthose would be 223 dot 15 dot 1.0 slash 25and 223 dot 15.1 dot 128 slash 25. In thissituation, the first networks host addressrange would be 223 dot 15 dot 1.1 up throughto 23 dot 15.1 dot 126. And why is that? Well,because you can't use the network addresswhich is 223 dot 15 dot 1.0. And you can'tuse the broadcast address which is 223 dot1.1 27. The second address range that wouldbe created through this subnetting processwould give us a host range of 223 dot 15.1dot 129 up through 223 dot 15.1 dot 254. That'sbecause you can't use the network addresswhich is 223 dot 15.1 dot 128. And you can'tuse the broadcast address which is 223 dot15 dot 1.255. Each of those subnets wouldhave 126 possible host addresses. So you tookyour possible 254 hosts available in one network,and you broke it down so that you now havetwo separate networks, each that's capableof having 126 hosts. And that's an exampleof subnetting an ipv4 address. Now, that concludesthis session on the introduction to ipv4 parttwo, I talked about classes of ipv4 addresses.I then moved on to Classless ipv4 addressingand we concluded with a brief discussion onsubnetting ipv4 addresses. Good day. I'm Brianferrill. And welcome to pace IITs sessionon the introduction to ipv6. Today, we'regoing to be talking about the ipv6 addressstructure. And then we're going to move onto ipv6 network transmissions. And with that,let's go ahead and begin this session. Ofcourse, I'm going to begin by talking aboutthe ipv6 address structure. Now, ipv6 is theanswer to the question of what do we do aboutrunning out of ipv4 addresses. Unlike ipv4,ipv6, will provide enough Internet ProtocolIP addresses for the foreseeable future. Now,shortly after the creation of ipv4 and itsimplementation, the IAA na the organizationthat's tasked with assigning routable IP addresses,realized the available ipv4 address spacewould not be enough in very short order ifnothing was done. The IAA na then said aboutcreating the replacement, and they initiallystarted by working on IPv. Five. While theywere working on IPv. Five, they found thatdue to the popularity of the internet, whichwas increasing at that point in time thatit wasn't going to be enough. So they scrappedIPv five and began working on ipv6. Now thei na is confident that ipv6 will functionas the replacement for ipv4 for many decadesto come. Why are they so confident? Well,we'll get to that here in just a moment. Now,ipv6 works at layer three of the OSI modeljust like ipv4 does. layer three of the OSImodel is also known as the network layer,and its major focus is logical network andhost addresses. ipv6, his job is to providelogical network and host addresses to devices.ipv6 is 128 bit binary addressing scheme asopposed to ipv4 is 32 bits. The 128 bits aregrouped together in sets, with each set beingseparated by a colon. Now each of these setsis two bytes long and a byte is a bit forhuman readability kind of the binary ipv6number is converted to hexadecimal that'sbase 16. With each hexadecimal number beingequal to four bits. Now those four bits canactually be referred to as a nibble. Becauseit's half of a bite. An ipv6 address is eightsets of four hexadecimal numbers, each beingseparated by a colon. That means that thereare over 340 undecillion addresses availableto ipv6. That's two to the 120/8 power, whichis roughly equal to 340 times 10 to the 36power. See that number there? I'm not evengoing to begin to read that one to you. Sonow let's talk about ipv6 is local addressstructure for the local address. The first64 bits on the left represent the local networkin the last 64 bits on the right always representthe host. The local address structure followsthe E UI or extended unique identifier format,specifically the UI 64 format for those hoststhat have a 48 bit Mac MAC address that 48bits is actually padded with an extra 16 bitsto make it 64 bits in length, you can alwaystell a local address, which is also calledthe link local address as it always beginswith an F v 80. With ipv6, every device getsboth a local address and it gets a globaladdress. Now the global address is unique,there is only one and every device gets one,the host address is still always the last64 bits. But every device actually gets assignedto a global network. The network portion isactually composed of a routing prefix anda subnet. This portion of the global addressstructure follows the classless inter domainrouting or cider convention, with the numberthat follows the slash denoting the routingprefix. That's the part of the extremely globalnetwork that you belong to. The subnet iscomposed of the bits between the prefix andthe EU I 64 host address. Global ipv6 addressesalways begin in the range of 2000, up through3999 in that first group of numbers on theleft. Now in most cases, the need for DynamicHost Configuration Protocol DHCP has beeneliminated. When implemented, ipv6 will autoconfigure both the local and the global addressesthat are required for their networks. Whena device first comes online, it will use theNeighbor Discovery Protocol NDP to discoverwhat the required network addresses are boththe local and global addresses. This allowsdevices to configure its own ipv6 addresswithout an administrator's intervention. Solet's talk about ipv6 notation. The 128 bitnature of ipv6 makes it cumbersome to writeout and it can take up unnecessary space.Because of this, some rules were developedto ease the burden and save space. When you'relooking at a group of ipv6 numbers. Any leadingzeros in a set can be dropped. The thing toreally remember about ipv6 is that only asingle set of consecutive zeros may be replacedwith the double colon. Why is that? Well,because if you could do it more than once,how would routers and other devices know howmany zeros to pad in there. Even with thisability to shorten it? It's still difficultfor us to remember ipv6 addresses, but itis still easier to write out and it stillconserves space within systems. Now let'smove on to types of ipv6 network transmissions.And we begin with the unicast. unicast isone to one communication. That is where aspecific device is sending network trafficto another specific device. unicast can occuron the local network, which remember alwaysbegins with FC 80 or it can occur on the globalnetwork. Then there's multicast, which isone to a few communication. With multicasta specific device is sending network trafficto a specific group of devices that have registeredreceive that traffic routers registered toreceive multicast transmissions that involvethe routing protocols that they are programmedto use. With ipv6 multicast addresses alwaysbegin with an F F. Both ipv6 and ipv4 useboth unicast and multicast transmissions.A unique type of transmission to ipv6 is anycast. Any cast is one to the closest communication.This is where a specific device is sendingnetwork traffic to a specific ipv6 addressthat has been assigned to multiple devices.The router only sends the communication tothe closest one, at least from its perspective.Any cast transmission involves implementingDHCP v six. Earlier I said we really don'tneed to worry about DHCP anymore, but that'sonly partially true. While ipv6 is capableof auto configuring its own local and globaladdresses in certain situations. That's notalways desirable. DHCP v six version sic canbe configured to hand out specific ipv6 addressesOr duplicate ipv6 addresses when necessary.That's useful for when load balancing a networkor when network and redundancy has been created.Or when you have a user that has a tablet,a cell phone and a laptop, and you want todeliver the transmission to the closest devicethe devices using at that point in time. Thatis where DHCP v six comes in handy. ipv6 andipv4 are not compatible. But we can do what'scalled a dual stack configuration. That'swhere the network and devices on the networkreceive both an ipv6 configuration and anipv4 configuration. Or we can use what's calledtunneling. There's six to four tunneling,which is used to encapsulate an ipv6 datapacket and an ipv4 datagram, allowing thatipv6 packet to travel across or through anall ipv4 network. 64 tunneling can also becalled teredo tunneling. Now, that concludesthis session on the introduction to ipv6,I talked about the ipv6 address structure.And then I talked about ipv6 network transmissions.Hello, I'm Brian ferrill, and welcome to paceit session on special IP networking concepts.Today I'm going to be talking about the mediaaccess control address. And then I'm goingto talk about the difference between collisiondomains and broadcast domains. And we're goingto conclude with types of network transmissions.There's a whole bunch of technical informationto cover. So let's go ahead and begin thissession. Let's begin the formal part of thissession by discussing the media access controladdress. All networking interfaces come withtheir own special address already configured,that would be the media access control addressthe MAC address, the MAC address is oftenreferred to as the physical address or theburned in address of the interface. WhileMAC addresses may be changed or spoofed. Mostoften it's set by the manufacturer and neveractually changes. Now switches and other OSIlayer two devices rely upon that MAC addressin order to get network packets to their correctdestinations. The MAC address has a specificformat. Actually it has two specific formats.One is 48 bits in length, and the other is64 bits in length. And both of them are representedby hexadecimal numbers. Both formats can bebroken down into two parts, the organizationallyunique identifier or all UI, in the extendedunique identifier, the EU II, the Instituteof Electrical and Electronic Engineers, theI triple E assigns all electronic manufacturerstheir own Bo UI, which always makes up thefirst portion of the MAC address. Each manufacturerthen assigns its own t UI to each device thatis produced. Usually it is the serial numberof that device. Theoretically, no two interfaceswill have the same MAC address, I need tomention the EU I 64 format. ipv6 requiresthat the node address or the MAC address bein an EU ii 64 format. So that MAC addresshas to be 64 bits in length. If the EU IIof the interface is only 24 bits in length,it is actually split into two parts in 16bits of padding are added to create the EUI 64 format. Now let's discuss the differencebetween collision domains and broadcast domains.Before I can talk about collision domainsand broadcast domains, I need to talk aboutcarrier sense multiple access with collisiondetection. All Ethernet networks use thistechnology also called csma. With CD whentransmitting data in an Ethernet network,all Ethernet devices have equal access tothe network media and are capable of transmittingdata at any time. This can lead to data collisionWith csma CD, a device listens to the carriersignal on the network media. If no other deviceis transmitting, the device is free to senddata. If another device sends data at thesame time, a collision is possible, whichcan corrupt the data. The devices listen forcollisions. That's the collision detectionpart. If a collision occurs, the devices willstop transmitting and wait a random periodof time before attempting to transmit again.To do this, they use what is called a backoff algorithm. With that out of the way, nowlet me explain what collision domains are.Collision domains are an area of the networkwhere packets or network traffic can collide.There are some devices that break up collisiondomains, they can be broken up by switches,bridges and routers, but not by hubs. On theother hand, a broadcast domain is definedas all the nodes that can be reached by abroadcast transmission. all the nodes thatcan be reached reside in the same network.Broadcast traffic cannot pass routers. Sothe domain is also defined by the subnet maskin that subnet mask defines the network. Here'sa special note. Technically, ipv6 does notuse broadcast transmissions. ipv6 replacesbroadcast transmissions with multicast transmissions.In what do you know, that's a good segue forus to discuss types of network transmissions.We're going to begin this section by talkingabout types of ipv4 network transmissionsin First up is unicast. unicast is a specificsource address transmission going to a specificsource destination address, it can be thoughtof as one to one communication, it's onlytwo devices transferring data between eachother, then there's multicast transmission.This is where a specific source address transmissionis going to a set of registered destinationaddresses. This is one to a few communication.routers often use multicast transmissionsto track their routes and to make changesto the routing tables. In finally their broadcasttransmissions. This is where a specific sourceaddress transmission is going to all addresseson the local network. This can be consideredas one to all communication because all deviceson the local network are going to be ableto receive this broadcast transmission. Solet's move on to types of ipv6 network transmissions.In ipv6 uses unicast just like ipv4 does.ipv6 also uses multicast, just like ipv4,where ipv6 differs is with any cast transmission.Any cast is where a specific source addresstransmission is going to a specific ipv6 addressthat has been assigned to multiple devices.The router uses an algorithm to determinewhich MAC address that has that speciallyconfigured ipv6 address is closest in onlythat device receives the anycast transmission,any caste can be considered as one to theclosest communication. That concludes thissession on special IP networking concepts.I talked about the MAC address, I talked aboutthe differences between a collision domainand a broadcast domain. And then I concludedwith a discussion on the types of networktransmission. Hello, I'm Brian ferrill, andwelcome to peace I t's session on introductionto routing concepts, part one. Today I'm goingto talk about the purpose of routing. Andthen I'm going to move on to some basic routingconcepts. There's a fair amount of groundto cover, so let's go ahead and begin thissession. First up is the purpose of routing.The basic purpose of routing is to connectdifferent networks together to allow themto communicate and pass data traffic betweenthem. Most often routing protocols are hownetworks determine where to send network traffic.That's the routes that they will take. Inthese routing protocols build maps. Actually,they build routing tables that we'll get tothat later, that they use for directing networktraffic. routing is what makes this interconnectedworld function as well as it does. Networkingwould be pure chaos without it as we'd haveno idea where to send traffic. Now let's moveon to some basic routing concepts. First upis static routing. Static routing uses administratordefined routes. Each router in a static routingconfiguration must contain the route. A staticroute from router a to router B requires thatrouter B has a static route back to routera, in order for two way communication to takeplace. If we had a static route from A toB, and B didn't have one back to a, a couldsend traffic to B but b could not send trafficback to A. Now static routing is easy to setup in small networks. But it's not so easyto maintain. Networks change all the time.With static routing. When a change occursin routers, the administrator has to go aroundto each router and implement that change.Then there's dynamic routing. This is whererouters use protocols in order to determinethe best route between two networks. The administratordetermines which protocols will be used onthe routers. In order for the routers to communicate,they must all be using the same protocols.There is an exception to that. And that'sroute redistribution. An administrator canconfigure a router to take one dynamic protocoland transform it into a different routingprotocol to be used from that point on. Thisis the only case when routing protocols canbe different across the network. routing protocolscan be stacked within a router that meansthat there can be more than one dynamic routingprotocol programmed into a router. dynamicrouting is very fluid and dynamic in it'swhat makes possible today's interconnectedworld. The next concept is the default route.The default route is the direction that arouter will send network traffic when thereis no known route in the routing table. Thedefault route is assigned by an administrator,it is usually a designated interface on therouter or it is the next designated next hopinterface. Then there is the routing table.The routing table is a list of known routesto all known networks. From the routers perspective,it is established by an administrator whenstatic routing is used. It is dynamicallybuilt by routing protocols when dynamic routingis employed. Each routing protocol maintainsits own routing table. Different routing protocolsmay have different routes to the same network.The loopback interface is an administrativelyconfigured logical number assigned to a routerto ease administrative functions or routingprocesses. Often the loopback interface isa sign in an ipv4 address format, even whenipv4 isn't used on the router. Many routingprotocols have been designed to take the loopbackinterface into account when performing administrativefunctions. The loopback interface may be completelylogical or a physical interface may be assignedto be the loopback interface. Let's move onto routing loops. A routing loop is a possibleproblem that can be created if interconnectedrouters have a breakdown in their routingalgorithms. When a routing loop occurs. networktraffic keeps looping through the routersuntil some system or mechanism breaks thecycle. routing loops can create network congestion,or even bring down a network. routing protocolsuse multiple methods to prevent routing loopsfrom occurring. One of the main methods thatthey use is what's called the time to livefield for the TTL field. The TTL field keepstrack of how long that packet has been inexistence and how far it is traveled. Andafter a specified amount of time or distance,it will inform the next router to drop it.This helps to prevent routing loops. Thatconcludes this session on the introductionto router concept, part one, I talked aboutthe purpose of routing. And then I moved onto some basic routing concepts. Hello, I'mBrian ferrill, and welcome to peace I t'ssession on introduction to routing conceptspart two. Today I'm going to be talking aboutrouting metrics, routing aggregation, andthen I'm going to conclude with a brief discussionon high availability, we have a fair amountof ground to cover, not a whole lot of time.So let's go ahead and begin the session. Ofcourse, I'm going to begin by talking aboutrouting metrics. It is quite common for thereto be more than one route available to a remotenetwork. routing protocols use metrics todetermine which route is the best route toreach those remote networks. Each routingprotocol will use its own set of metrics indetermining which routes to which networksare placed in its routing table. The samebasic metric may be used by different routingprotocols. But when this occurs, the metricis usually implemented in a different mannerthrough the use of different algorithms. Thefirst metric that we're going to discuss isthe hop count. The hop count is the numberof routers between two endpoints. This isdetermined from the sending routers perspective,the maximum transmission unit, or MTU, isanother metric that is used by routing protocols.The MTU is the maximum allowed size of a packetmeasured in bytes that's allowed through aninterface. The standard MTU for Ethernet is1500 bytes. packets that exceed the MTU mustbe fragmented into smaller pieces, leadingto more packets leading to a slower connection.bandwidth is another common routing metricbandwidth is a measure of the speed of thenetwork connection, the speed is commonlymeasured in either kilobits per second, megabitsper second, or gigabits per second. Anothercommon metric is latency. latency is a measureof time that a packet takes to traverse alink. When latency is implemented by routingprotocols. The total amount of latency ordelay to go into in between two points iswhat is used in the metric the administrativedistance, or ad as probably the most importantmetric that's used on routers. The administrativedistance is the believability of a routingprotocols advertised routes, different routingprotocols are considered to be more believable,or trustworthy than others. routers use thead to help determine which routing protocolto use when more than one protocol is installedon the router. The lowest ad of an advertisedroute will determine the protocol that's used.There are some common standard administrativedistance. First up is the directly connectedroute. That's a direct link between two routersthat has an ad of zero in it is the most believableor trustworthy routes. Next is the staticallyconfigured route. It has an ad of one externalBorder Gateway Protocol has an ad of 20. It'sstill fairly trustworthy. Internal II II GRPhas an ad of 90 it's not as trustworthy asBGP, but it is more trustworthy than OSPFopen shortest path first, which has an adof 110. i s i s has an ad of 115. So not quiteas believable as OSPF but more believablethan rip, which has an ad of 120. ExternalAIG RP has an ad of 170 in internal BGP, andI've never seen internal BGP use has an adof 200. Now if you see an administrative distanceof 255 that means that that route is not believableat all. As a side note, the ad can be setby an administrator. So if you are runningboth OSPF and is is on a router But you wantis is to be used you could actually set OSPFad to a higher number than is is and thenis is would always be used before OSPF. Nowlet's move on to route aggregation. withoutsome mechanism put in place, routing tableswould soon become very large and highly inefficient.through careful planning network administrator'suse a process called route aggregation tocondense the size of routing tables, theydo so through the use of classless inter domainrouting cider. To summarize routes to differentnetworks, route aggregation is common in networking.Let's take a look at an example of Route aggregation.Suppose we have a router that has the followingnetworks on its serial zero slash one interface.It has 10.1 dot 1.0 slash 24 known on thatinterface 10.1 dot 17.0 slash 24 10.1 dot32.0 slash 24 and 10 dot 1.1 28.0 slash 24.All of those networks are known to that interfacethat s slash zero slash one interface. Theseroutes are what are known as contiguous routes,they're all in line, they can be summarizedare aggregated by a common sider entry inthe routing table. They could all be summarizedby the following entry 10.1 dot 0.0 slash16. Now there is a warning about route aggregation.Route aggregation takes careful planning duringthe network design phase. That above examplewould not work if the serial interface oneslash one on that same router was connectedto network 10.1 dot 2.0 slash 24. Becausethat new network makes those networks on onthe zero slash one interface, non contiguousnetworks, all the known networks are no longerall in a row. This leads to the fact thatthe routes could no longer be aggregated orsummarize. Let's conclude with a discussionon high availability. part of a network administrator'sjob is to ensure that networks remain up andactive for the maximum amount of time. Inan effort to ensure that networks don't godown. Administrators often remove single pointsof failure. A single point of failure in anetwork is the point where a single failurewill cause the network to cease functioning.Network administrator's often use high availabilitytechniques in order to remove those singlepoints of failure. An example of a high availabilitytechnique is the use of redundant links tooutside networks. Hot standby router protocolhsrp is a specific example of a high availabilitytechnique. hsrp is a proprietary Cisco methodof creating a fault tolerant link using twoor more routers, with connections outsideof the local subnet. The two routers are connectedtogether as well as having connections outsideof the local network. A virtual IP addressis created and shared between the two routers.devices on the network are configured to usethat virtual IP address as their default gatewayfor packets leaving the network. If a singlerouter goes down, the link outside of thenetwork is still available. Another high availabilitytechnique is virtual router Redundancy Protocolvrrp. It is an IETF Internet Engineering TaskForce standard that is similar in operationto hsrp. That concludes this session on theintroduction to routing concepts. Part Two,I discussed some routing metrics. Then I movedon to route aggregation. And I concluded witha brief discussion on high availability. Hello,I'm Brian ferrill, and welcome to peace itsession on the introduction to routing protocols.Today we're going to be talking about someof the differences between interior and exteriorgateway routing protocols. We will introducesome more routing concepts And then we willend with routing protocols in themselves.There's a whole lot of stuff to cover. Solet's go ahead and jump into this session.Let's begin with the comparison between interiorand exterior gateway protocols. Interior gatewayprotocols, or igps are a category of protocolsused within autonomy networks. Autonomousnetworks are networks that you control orthat are under the control of a single organization.The most popular IGP protocols are OSPF, openshortest path first and rip version two. That'srouting information protocol version two.Now there is a special mention here. And that'sis is which is intermediate system to intermediatesystem is is is popular with extremely largeautonomous networks. Like an ISP. These areInternet Service Providers network. Exteriorgateway protocols, on the other hand, area category of protocols used between non autonomousnetworks. So eg peas are used between networksthat are controlled by different organizationsor entities. The most popular EGP protocolis Border Gateway Protocol. No, it's not uncommonfor organizations to have more than one networkthat they are routing traffic between. Theseare called autonomy networks. Some IGP routingprotocols use an administrator defined autonomoussystem number or AAS number as one means ofidentifying which networks can directly communicatewith each other. The autonomous system numberis not a metric, but a means of identifyinga network that might possibly accept anothernetworks traffic. Something to remember isthat the AAS is only significant within autonomousnetworks, and has no relevance outside ofthem. Now let's move on to more routing concepts.routing protocols can be classified by howthey perform thorough routing, interior gatewayand EGP. routing protocols can be broken outinto three other categories of protocols,which is designated by their main method ofdetermining routes between networks. The firstclass of routing protocols are distance vectorrouting protocols. With distance vector routingprotocols, the routes are determined by howmany routers exist between the source andthe destination, the efficiency of the linksin the selected route is not taken into considerationwith distance vector protocols. Periodically,the whole routing table is broadcast out ontothe network, then there are link state routingprotocols, metrics are used to determine thebest possible route between destinations doesn'treally matter how many hops there are, oncethe route has been established. These protocolsthen only monitor the state of directly connectedlinks and only make changes to their routingtables. When changes to the links occur. Withlink state routing protocols, only changesin the link status are broadcasted in finallythere are hybrid routing protocols. Theseuse aspects of both the distance vector andlink state routing protocols. Let's talk aboutthe next hop. The next hop is the next routerin the path between two points. The next hopis often designated by an interface addressof the device that is receiving the data orby that routers name or by that routers location.The routing table is the database table thatis used by a router to determine the bestpossible route between two points. Differentrouting protocols use different algorithmsto place routes in the routing table. Thenext concept is convergence. Convergence canbe thought of as steady state. convergenceis measured in the amount of time that ittakes all of the routers in an autonomoussystem to learn all of the possible routeswithin that system. Faster convergence timesare desirable as that steady state allowsrouting to occur more quickly. Now let's moveon to the routing protocols themselves. Firstup is routing information protocol. versiontwo rip version two. Rip is an IGP distancevector protocol. For a route to be placedin the routing table, it can be no more than15 hops away. A hop count of 16 is consideredunreachable. It uses various methods includingthe hop count to reduce the chances of a routingloop occurring. Rip version two uses multicastaddress 220 4.0 dot 0.9. to advertise itsrouting table. Open shortest path first OSPFis the most popular IGP that's currently beingused. It is a link state routing protocol.It uses the Dijkstra algorithm to determinethe shortest path to a network. after itsinitial startup, it only advertises changesto its routing table making convergence muchfaster. It uses different types of link stateadvertisements or lsats to announce differentchanges or different operations. OSPF usestwo multicast addresses 220 4.0 dot 0.5 or220 4.0 dot 0.6 depending upon the type ofLSA, that it's transmitting, next up intermediatesystem to intermediate system or is is isis is a link state routing protocol like OSPFand similar to OSPF it to uses the Dijkstraalgorithm, but it uses different metrics todetermine the best path is is is highly scalableand offers fast convergence is is is oftenfound within networks under the control ofan internet service provider. Then there'sBorder Gateway Protocol BGP, it's an exteriorgateway protocol. That's also a hybrid routingprotocol. It is considered the routing protocolof the internet. And as a hybrid protocol,it is often considered a path vector protocol,which makes it a hybrid. One of the metricsused is the number of autonomous systems thatmust be crossed, not individual routers, BGPis highly scalable, but has a very slow convergencetime when changes do occur. As a special mention,I'm going to talk about enhanced interiorgateway routing protocol, ie eigrp. It isan advanced distance vector or hybrid IGProuting protocol developed by Cisco in 2013.Cisco made AIG RP, an open source routingprotocol and an effort to increase its usein autonomous networks. It uses aspects ofboth the distance vector protocol and thelink state protocol to build its routing table.Ei GRP has a very fast convergence time. Butit's not as popular as OSPF because OSPF hasbeen open source longer than EEI GRP Ei GRPuses a neighbor table, which is directly connectedrouters, and a topology table to build itsrouting table. The protocol only announceschanges to the routing table on multicastaddress 224 dot 0.0 dot 10 in order to reducebandwidth consumption. That concludes thissession on the introduction to routing protocols.I talked about the differences between interiorand exterior gateway protocols that I mentionedsome more routing concepts, and we concludedwith the routing protocols themselves. Hello,I'm Brian ferrill, and welcome to pace itsession on basic elements of unified communications.Today I'm going to be talking about unifiedcommunications. And then I'm going to moveon to some Unified Communication concepts.And then I'm going to end with voice overIP. And with that, let's go ahead and beginthe session. Of course, I will begin thissession by talking about Unified Communication.Now, unified communications is not encompassedby a single product or device. It's a growingcategory in the enterprise network. UnifiedCommunication or you see is the set of productsand services that Attempts to provide a consistentsingle user interface and experience acrossdifferent media types in different devices,you see allows a user to send a message fromone type of media, as in email, and have thatmedia received as a different type of media.That email could become a text message ora voicemail. So now let's talk about someunified communication devices. First up isthe UCS server. These are specialized servers,which quite often are virtual in nature thatare designed to implement Unified Communicationsolutions in the workplace. The UC serverswork in conjunction with UC gateways. A UCgateway is a network device that is designedto translate between different signaling methods,as in a voice over IP gateway, which willtranslate an analog public switched telephonenetwork voice signal into a signal that canbe understood on The Voice network. Thereare some other UC devices. any device thatcan be used in the implementation of a unifiedcommunication solution is considered a UCdevice. They may include but are not limitedto voice phones, email systems, video conferencingsystems, and instant messaging networks. Nowlet's move on to some unified communicationsconcepts. The first concept that we're goingto discuss is presence. Now presence is anindicator that is used to communicate thewillingness or ability of a user to acceptcommunication. Common present statuses includeavailable online offline busy and do not disturb.Present services are an important serviceprovided in UC solutions, as they will trackthe individual users across multiple devicesand networks in real time through the useof multicast transmissions. Once a communicationsession has been established, multicast communicationis dropped in unicast network transmissionsare used. Another UCX concept that you needto grasp is quality of service. Quality ofService techniques are implemented to improveUnified Communication by managing networktraffic. The most common implementation ofquality of service is class of service CEOs.Seo S is a quality of service technique that'sused to manage network traffic by groupingsimilar types of traffic and assigning a networkpriority to that traffic. As in Unified Communicationtraffic is given a higher priority than email,a six bit differentiated service code pointdscp is used in the IP header to establishthe CEOs or class of service. Now let's moveon to voice over IP voice is one of the mostcommon implementations in a unified communicationssolution. Through the use of a presence service.Calls can be routed to the correct locationfor where the user is out to important protocolsused in voiceover IP are Session InitiationProtocol, sip, and real time Transport ProtocolRTP. sip has two purposes. First, it is usedto establish a communication session betweentwo endpoints. The other purpose is that oncethe session is completed, sip tears down thatconnection between the two endpoints duringthe communication session RTP is used as thetransport call, helping to provide that qualityof service through SEO s to the endpoints.Now that concludes this session on the basicelements of Unified Communication. I talkedabout unified communications. Then I movedon to some Unified Communication concepts,and I concluded with a brief discussion onVoice over IP. Good day. I'm Brian ferrill,and welcome to pace it session on virtualizationTechnologies. Today I'm going to be discussingthe difference between a hypervisor in VirtualMachine Manager, then I'm going to move onto components of virtualization, and thenI'm going to have a brief demo discussionon software defined networking, I have a wholelot of information to impart not a whole lotof time. So let's go ahead and begin thissession. Of course, I'm going to begin withhypervisors and virtual machine managers.So what is the difference between a hypervisorin a Virtual Machine Manager, the differencecould be nothing or the difference could beeverything. Some people use the term hypervisor,very broadly, they use it to refer to anyof the software that is used to manage virtualmachines. Others will differentiate betweenthe two terms in this way, a hypervisor doesnot need a host operating system, while avirtual machine manager or VMM requires ahost operating system, such as Microsoft Windows,Apple OS X, or a Linux operating system. Well,the hypervisor can operate as its own operatingsystem. With that covered, let's talk aboutsome of the components of virtualization.First up is the virtual desktop. A virtualdesktop is a virtual machine or VM that functionsas a desktop. Now, any modern operating systemcan be run inside of a VM desktop, multiplevirtual desktops may be hosted on or froma single host system. Then there are virtualservers, which surprisingly, is a virtualmachine that functions as a server. Any modernserver operating system can be used in a virtualserver environment. multiple virtual serversmay be hosted on or from a single host, guesswhat there are then virtual switches, firewalls,and routers. These are virtual machines thatfulfill the functions of the switch firewalland router. Virtual firewalls and routersare particularly effective when they're combinedwith virtual network interface controllers,or virtual NICs, and virtual switches to createvirtual networks. Speaking of virtual networksan important consideration for when designinga virtual network is how that virtual networkis going to pass traffic to remote networksor networks outside of the host system. virtualizationby its nature leads to either an open andhighly scalable network or a closed self containedsystem, it is possible to create a completelyself contained network with all of the virtualcomponents and never have network trafficleave the host machine. But if there is adesire or need for that network traffic topass beyond the host system, then that functionneeds to be specifically granted. A connectionmust be created between the host systems physicalneck, and the virtual networking equipmentto allow network traffic to pass through thephysical host system. Next up software definednetworking. Software Defined Networking orSDN is the process of allowing the administrationand configuration of a network to be donedynamically. With SDN, the administrator usesa front end program to make adjustments tothe network. This program sends the instructionsto the networking equipment, which is thenreconfigured to perform as the administratordesires. SDN can allow network administratorsto dynamically adjust network performancewithout the need to log into each individualdevice that needs to be adjusted to achievethe desired performance. SDN is consideredto still be an emerging technology. But SDNalso works well for virtual networks and cloudcomputing. Now, that concludes this sessionon virtualization technology. I talked abouthypervisors and virtual machine managers.Then I moved on to a brief discussion on somecomponents of virtualization, and I concludedwith another brief discussion on softwaredefined networking. Hello, I'm Brian ferrill,and welcome to pace eyeties session on storagearea networks. Today I'm going to discussthe justification for storage area networks.And then I'm going to talk about storage areanetwork technology. And with that, let's goahead and begin This session, of course, I'mgoing to begin with justifications for storagearea networks. There have been several factorsthat have led to the increased demand fordata storage. One of them has been the dramaticdecrease in the actual cost of data storage,it actually costs us less now for storageon a per gigabyte basis than it has in thepast. What has happened is that as the costof storage has decreased, the demand for storagehas increased dramatically. Businesses arenow generating and analyzing huge amountsof data in an effort to create a competitiveadvantage. Think Big Data, I'm sure you'veheard about big data recently, or this increasein data collection has led to an increaseddemand for storage capacity. Another factoris that as the demand for data has increased,it is needed to be more available, which meansthat there has been a need to be able to accessthat data from anywhere in the accessibilityas needed to be increased as well, includingfrom non standard devices. A storage areanetwork or sand can be a solution to the needfor both storage capacity, and high availability.There are several advantages to the storagearea network. First off is scalability, theamount of data that is being generated todayis huge. This has led to a need to store thatdata, the sin is more scalable than otheroptions. As your storage needs increase, thecapacity of the sin can be easily increasedto meet that storage need. Then there's dataavailability, the demand has also increasedfor that data to be available at any timefrom anywhere. And a sand can play a vitalrole in creating that accessibility. One ofthe most popular implementations of a sandis to deploy it as part of a cloud computingsolution. This increases the availabilityof that data that's being stored on the sand.And finally, there's optimization. As therequirements to store data are removed fromapplication servers, those servers can thenbe optimized to run those applications muchmore efficiently. At the same time, data storageis also optimized. It's time now to discusssome sand technology. The storage area networkor sand, and the network attached storageor NAS often get confused with one another,but they are different. The sin is an actualnetwork of devices that have the sole purposeof storing data efficiently. On the otherhand, the NAS is a specifically designed networkappliance that has been configured to storedata more efficiently than standard storagemethods. The difference is that a NAS is adata storage appliance that is placed on anetwork. Well as San is a network of datastorage devices. It is not uncommon for aSan to contain multiple NAS devices. Withall of that data storage capabilities, severaltechnologies have been developed to ease thetransmission of that data. The first one thatwe're going to discuss is fiber channel, orFC fiber channel is a high speed network technologythat was originally developed to operate overfiber optic cables only. since its introduction,the standards have been modified to allowthe use of copper cabling, in conjunctionwith fiber optic cabling. fiber channel iscommonly used to connect to sands. When FibreChannel is implemented. It uses the FibreChannel protocol RF CP, as its transport protocolto transmit scuzzy commands, so it transmitssmall computer system interface commands tostorage devices, as in the NAS appliances,so a sin implements FCP as opposed to TCPas its Transport Protocol when Fibre Channelis used. Another technology that was developedwas internet scuzzy, or I scuzzy, I scuzzyis an IP based networking standard that isused to connect data storage facilities insans. I scuzzy allows for scuzzy commandsand processes to take place over longer distances.Then the original scuzzy implementation, jumboframes are also allowed within the San environment.jumbo frames allow for greater throughputof data by allowing up to 9000 bytes of datato be in a single frame. This can greatlyincrease the efficiency of a sin. As a comparison,the standard frame on an Ethernet network,it can only be a maximum of 1500 bytes. Nowthat concludes this session on storage areanetworks. I talked about the justificationfor storage area networks, and then I concludedwith a brief discussion on some sand technology.Hello, I'm Brian ferrill, and welcome to paceit session on basic cloud concepts. Today,we're going to be talking about cloud classifications.And then we will conclude with different typesof cloud computing. There's a fair amountof information to cover. So let's go aheadand dive right in. I will begin our sessionwith a discussion about cloud classifications.Cloud computing is where the resources onthe network are not actually physical in nature,they are provided to the end user. Virtually,cloud computing can lead to a very fluid anddynamic environment, as the required resourcesare normally only provisioned or suppliedas needed, and are decommission or shut downonce their use is done. Most often. Thesevirtual resources are not owned by the companyor user that uses them, but are provided bya service provider. While cloud computingis highly configurable and changeable, itdoes have some basic structures that are usedin the classification of the type of cloudthat is in use. The first classification ofcloud computing that we're going to talk aboutis the public cloud. This is where systemscan interact with services, and devices withinthe public cloud and on public networks, likeover the Internet, and possibly with otherpublic clouds. The public cloud is where theservices that are provided are not just providedto a specific user, but are open for the publicto purchase in use, then there are privateclouds. This is where system only communicatewith services and devices within a specificprivate cloud. A private cloud is essentiallyjust that private. The only users who haveaccess to it are ones who are authorized touse it. The cloud classification can be hybrid,it can combine aspects of both the publicand private clouds. And last up, there arecommunity clouds. This is where cloud servicesare used by private individuals, organizationsor groups that have a common interest. Nowlet's move on to different types of cloudcomputing. Because of the nature of cloudcomputing, it is very configurable to theneeds and desires of the purchaser of thecloud services. purchasers have many optionsbeyond the type of cloud services that theywant to provision, they must also determinewhat type of service they are going to require.From the most basic of services to the mosthighly complex of services, the purchaserneeds to have a plan going into Cloud computing,in order for it to be efficient and effectivefor them. So now let's move on to some ofthose services that cloud computing can offer.First up is Software as a Service. The EndUser purchases the rights to use an applicationor software without the need to configurethe virtual servers that will deliver theapplication to them. It is usually deliveredas a web app or web application, open thenews from within a web browser. But not always.If you have a subscription to Microsoft Office365 you are utilizing software as a service.Then there is platform as a service or P asthe user is provided with a development platformfor the creation of software packages withoutthe need to configure the virtual serversand the infrastructure that delivers it. Youare essentially renting server or computingpower in order to develop your software packages.Pa is more complex than software as a service.In Finally we have Infrastructure as a Service.This is where the end user is provided withaccess to virtual servers configurable bythe customer, and other virtual network resources,their infrastructure is actually virtuallyprovided to them. This creates a highly configurableenvironment in which customers can createthe resources and the performance that theyrequire. The End User supplies the softwarethat's going to be used on the IaaS network,or they purchase it as an additional softwareas a service service. As you could have guessedfrom that last statement, it's not uncommonfor the type of cloud computing being utilizedby an organization to be a mix. Some departmentsmay rely upon in use Infrastructure as a Service.While the development team will only utilizea platform as a service service. Part of theadvantage of cloud computing is that the purchaseronly needs to initialize and pay for resourcesas they are needed. In a private cloud situation,it is possible for an organization that isusing it to actually own the cloud resources.If they do own the cloud resources, they mayhave it on site, or they may pay to have thoseresources hosted off site. That way they canoffload the maintenance cost of maintainingthose resources. Now, that concludes thissession on basic cloud concepts. I talkedabout different cloud classifications. Andthen I concluded with a brief discussion ontypes of cloud computing. Good day, I'm Brianferrill, and welcome to peace I t's sessionon implementing a basic network. Today we'regoing to discuss plan the network and thenconfigure the network. There's a fair amountof ground to cover. So let's go ahead anddive into this session. Of course, I'm goingto begin with plan the network. So you needa simple small office home office network,Craig just plugged two PCs into a single hub,and you have a very basic network. But doesit achieve what you want? How do you knowif you don't have a plan? A network plan isvital when implementing any network more complicatedthan the most very basic of networks. Thatplan should cover what you are hoping to achieveand how you are going to get there. In additionto your expertise, you are also going to needinput from your end users. Nothing is quiteso frustrating as delivering the network thatyou've planned and built, and having the customertell you that it is not what they wanted,or needed. Let's talk about that network planin a little bit more detail. The first thingthat you should do is create a list of requirements.Now in order to make that list, you need todefine why the network is needed. That willhelp you to define what network features arerequired, then you need to define the scopeor size of the network. Once you have those,they will help to establish a budget to implementthat network. Once you know why the networkis needed, and what features are requiredthen you can work on network design. In networkdesign, you need to determine what equipmentis needed to implement that network. Partof the design is also how the network willbe organized and how shared resources willbe placed on the network. When you're planningthe network something that you should alsoconsider are compatibility issues. You needto know what standards are in use now in whatstandards will there be in the future. Includedin those compatibility issues our does anycurrent equipment that is required, needsspecific cabling or connectors in order tobe installed. That is something that oftengets overlooked. Your network plan also needsto deal with network cabling runs your internalconnections, how many node connections willbe required and where How will you plan forfuture expansion? that future expansion ismore than likely going to require more internalconnections you should build in some tolerancefor future expansion. Then you need to considerexternal connections. How will the networkconnect to the outside. Where will that whenconnection come into your building? And wherewill your equipment be placed so that it canreach those wind connections. That is alsopart of the network equipment placement plan.Part of that plan also needs to consider ifthere is a wiring or equipment closet andwhere it's going to be located. If you dohave a wiring or equipment closet, are thereenvironmental considerations about placingthe equipment in there? Is it too hot? Isit too cold? Is it too humid? Or is it toodry? You need to think about those thingswhen you're placing your network equipment.Your plan should also cover how network securitywill be implemented. Are there specific typesof firewall emplacement considerations forthose firewalls? Will virtual local area networksbe required? And if so, how many? Also, howwill your switch port security be implemented?All of these go into a successful networkplan. Now let's talk about configuring thenetwork. Here are some network configurationconsiderations for you. First up, how willyour clients receive their internet protocoladdresses their IP addresses, using staticIP address configuration creates a higherlevel of security. But it's harder to manage,you could use Dynamic Host Configuration ProtocolDHCP to automatically assign IP addressesfrom a pre configured pool. But your securitymay be a little bit lower If you do so, ifyou do use DHCP, you might want to considerusing MAC filtering. MAC filtering will onlyallow specified MAC addresses that physicalburned in address onto the network. It isan effective security measure that kind oflike static IP addressing, it can be difficultto control and manage especially as the networkgrows. Something else to consider is thatif a server will be hosted on the networkthat needs to be accessed from outside ofthat network, as in you're hosting a web server,then you're going to need a demilitarizedzone a DMZ. the DMZ is an area of the networkin which outside connections are allowed.While the internal network remains protectedfrom that outside traffic. A DMZ will requirea custom configuration of the firewall. Inmost implementations, two firewalls are used.But it's not necessary to use two firewalls.Talking about firewalls, firewall placementand configuration considerations. Our nextmost small office home office when connectiondevices, as in their cable modems or DSL modemsinclude firewall services that are sufficientin most cases for those small simple networks.But if a DMZ needs to be deployed, the bestmethod is to introduce an additional routerin firewall into the network with the DMZresiding between the wind equipment, and thenew router firewall combination. Another aspectof deploying a DMZ is that port forwardingshould also be used at the router firewalllevel. Port Forwarding is used to direct requestsfor specific resources, like a request fora web page to the computer that has the resource.Let's move on to wireless network configurationconsiderations. The first thing to considerin a wireless network is the name of the wirelessnetwork. That's the service set identifier,the SSID. Now the SSID can be set to broadcastin the clear. Alternatively, the SSID canbe set for the broadcast to be hidden. Somepeople consider hiding the SSID broadcastas a security measure. But it really doesn'twork that way. It doesn't stop the broadcast.It only hides the broadcast. A packet sniffercan easily see those broadcasts and thosebroadcast packets can be easily interpreted.So hiding the SSID is not an effective securitymeasure. But it does make things a littlebit more difficult. The next aspect of wirelessnetwork configuration that you need to consideris encryption. First off, I will say you needto have encryption on your wireless network.Not only that, but you need to turn it on.By default wireless routers and wireless accesspoints why apps do not have encryption enableit Add the minimum. Your encryption type shouldbe WPA to personal. That's at the minimum.Some wireless network equipment comes witha service that is called why five ProtectedSetup, WPS. And if it does, it's enabled bydefault, this should be turned off and notused as it creates a weakness in the wirelessnetwork. Why is that? Well, because WPS canbe easily exploited by an attacker, the networkthat you implement may not be exactly whatyou planned. So document any changes to theplan. undoubtably, during the process of implementingthat plan, some changes will be introducedsome by you in some by request of the enduser. Always document those changes to theplan and have the end user sign off on them,then be sure to incorporate those changesinto the final network documentation. Now,that concludes this session on implementinga basic network. I talked about plan the network,and then I talked about configure the network.Good day. I'm Brian ferrill. And welcome topace I t's session on analyzing monitoringreports. Today I'm going to talk about baselinereports. And then I'm going to move on tojust reports in general, I have a fair amountof ground to cover not a whole lot of time.So let's go ahead and jump into this session.And of course, I'm going to begin by talkingabout baselines. How do you know what constitutesgood network performance and what indicatesthat an issue is about to happen. This iswhere baseline documentation comes into play.baseline documentation provides a snapshotof the network when it is running efficiently,at least hopefully, when it's running efficiently.baselines are usually kept as a log file.At the minimum baselines should be establishedon CPU utilization, and network bandwidthutilization. You may also base Mark otherfunctions as you deem them to be relevant.network administrators should perform periodictests against the baseline to check to seeif the baseline is changed, they will changeover time. And in order for network administratorsto know what constitutes good performanceon their network, their baselines need tobe current, you can use Windows performancemonitor to help establish the baselines foryour network. Let's talk about some of theitems that should be considered for baselinereports. First up is network device CPU utilization.Knowing the CPU utilization on a piece ofequipment can help to determine when a networkdevice is going to fail. If your CPU utilizationis constantly at 100%, you know, there's aproblem. That problem may be that it's goingto fail. Or it may be that you need to installmore network devices to take care of a growingnetwork. But you won't really know that ifyou're not baselining the CPU utilizationnetwork device memory utilization should alsobe baseline. It can help to determine whenit is time to expand the memory of a networkdevice. A good item for baselining is bandwidthutilization. This can help to determine theoverall health of a network, it can help todetermine when network segmentation shouldoccur. It can also help to determine if anetwork device is about to fail, particularlyif it's creating a storm of data. baselineutilization reports can help identifying whena security breach has occurred, you mightwant to consider baselining your storage deviceutilization This can help to determine whenstorage utilization has become a bottleneckon the network, where your storage devicesactually causing the network to slow downbecause there's too much data being pushedinto it. Which means that baselining yourstorage utilization can help determine whento increase the storage capacity of that network.You might also want to baseline your wirelesschannel utilization. This can help to determinehow saturated the wireless channels have become.Once it's been determined that your wirelesschannels are saturated, a new wireless accesspoint can be installed to alleviate the pressureand then you need to create a new baselinefor wireless channel utilization. This baselinecan also help to determine if there is unauthorizedwireless access occurring on your wirelessnetwork, especially if there is utilizationon a channel that is not supposed to haveany utilization. Now let's move on to analyzingreports. Before we talk about analyzing reports,let's talk about log file management. logfiles can accumulate data quickly. And unfortunately,some administrators only review log filesafter a major problem has occurred. In mostsituations, this is a case of too much informationat the wrong time. Good administrators willset the proper reporting levels with theirlogging software, they won't be logging allthat debug information that level seven information,unless of course, they're actively debugginga system or application. Good administratorswill review log files and compare them againsttheir baseline documentation. They do thisto find issues while the issues are stillminor and before they become major. log filesshould also be kept and archived in case thereis a need for historical data. When you doarchive your log files, you should followthe organization's data storage policy. somethingto consider is that you may want to createrunning graphs of important metrics that arecaptured by log files. graphing the data givesa quick visual reference making it easierto spot issues and trends. Many logging applicationsgive the administrator the option of creatingthose graphs easily and quickly. But thenagain, they don't do you any good if you don'treview them on a regular basis. If you'rehaving an issue with a router or link, oneof the first things that you want to do isyou want to run an interface report. Now whenyou're reviewing the output from the interfacereport, the first line is usually a reporton the status of the link or that interface.If it says something like Fast Ethernet isup line protocol is up that's all good. Thatmeans that interface is up and active anda link has been established. If it says FastEthernet zero slash zero is up line protocolis down, guess what all is not good. The interfaceis administratively set up, but it is notable to communicate with the other end ofthe link. And there are several differentissues that may be the cause there. If thatfirst line says Fast Ethernet zero slash zerois down line protocol is up all is not good.This down up status indicates that there isan issue on your end of the connection. Inmost cases, that's going to be a cable issueor with the physical port itself. In yourfinal status option is Fast Ethernet is downline protocol is down. If you see that allis not good. But also all is not bad, at leastnot yet. The issue here is that the interfacehas been administratively shut down. If youwant that interface up, you need to issuethe command to bring that interface up andthen check the status report again. If thelink status of the interface indicates thatthere are no problems, as in it's in an upin up state, but something is not operatingcorrectly, then it's time to dig a littlebit deeper into that interface monitoringreport. There are a lot of things that canhappen on a network devices interface to causeissues. In most cases, you will be requiredto log into the device and run the device'sreport to determine the cause of any problemson that interface. One of the main culpritsfor creating an issue on an interface arespeed and duplex settings. If there is a speedmismatch, the devices will not connect. Andit's highly likely that your status will bein an up line protocol down state. If a duplexmismatch has occurred. This will cause intermittentissues, you will need to look at the errorscounter in the output or input reports. Youalso need to look at the counter for droppedpackets. If the device is discarding incomingpackets, then more than likely the device'sCPU is being over utilized. So you may needanother device or that device is about tofail. If the device is dropping outgoing packets,then there is a bandwidth congestion issueon that interface. If the interface resetscounter keeps going up, that means that theinterface keeps resetting itself, the mostlikely cause is a communications issue betweenthe two endpoints that's forcing that interfaceto reset Now that concludes this session onanalyzing monitoring reports. I briefly talkedabout baseline reports. And then I moved onto other reports that you should be analyzingto take care of problems before they occur.Hello, I'm Brian ferrill. And welcome to peaceI t's session on network monitoring, partone. Today we're going to be talking aboutthe why of monitoring. And then we're goingto talk about tools to monitor the network.There's a fair amount of ground to cover.So let's go ahead and jump into this session.I'm going to begin with the why of networkmonitoring. How do you know what is goingon in your network? Is it healthy? Or is itabout to crash? network administrator's reallyhate to be surprised by failures in theirnetworks, especially ones that could havebeen foreseen and therefore kept from happening?How do they keep from being surprised? Well,they enact a plethora of procedures and toolsto monitor their networks. And to keep trackof how those networks are behaving. They dothis to reduce the surprise element. Now thatwe've covered the why of network monitoring,let's talk about tools that you can use tomonitor the network. One of the main toolsthat network administrators use to monitortheir networks are log files. all operatingsystems offer a means of viewing events thatoccurred to that specific machine. That alsoincludes networking equipment. There havebeen some applications that have been developedto monitor systems and networks that alsogenerate log files, among other actions thatthey can take. log files can be used to helppinpoint when a problem occurred, and helpnarrow down the possible causes of that problem.log files can also be used to help createa baseline of network behavior so that youknow what to expect from your network. logfiles can usually be classified as being systemslogs, General logs, or history logs. As ageneral rule, log files are an after the factmeans of monitoring the network, and they'renot very good at real time analysis. That'spartially due to the sheer amount of informationthat log files can generate. It's just toodifficult to keep track of that in real time.Now let's talk about some specific loggingtools that you can use. The first one thatI'm going to talk about is Event Viewer. It'snot really a log file in itself. It comeswith Windows Server in most other Windowsoperating systems, and this tool can be usedto review windows log files. The most importantlog files that you can view from Event Viewerare application security and systems logs.Application logs containing events that aretriggered by the actions of an application.For example, if you have live update enabled,it will create log entries based on actionstaken by live update. Then there are securitylogs. These contain events that are triggeredby security events. For example, some logsare created for successful and unsuccessfullogon attempts. Then there are systems logs.These contain events triggered by Windowssystems components, for example, it will createan entry for when a driver starts or failsto start in either situation in log entrywill be created. Now let's talk about a nonMicrosoft log. And that would be syslog. syslog,was developed in the 1980s. And it providesdevices that normally would not be able tocommunicate with a means of delivering performanceand problem information to systems administrators.This permits there to be separation betweenthe software that generates the message, thestorage of that message in the software thatanalyzes the generated message. This separationof function allows syslog to be highly configurable,and this allowed it to continue to be a vitaltool for monitoring networks, even today.As a matter of fact, the Internet EngineeringTask Force the IETF, like syslog so much thatthey standardized it in 2009 syslog can generatelog messages based on the types of servicesthat are running And includes a severity levelthat ranges from zero the most severe, upthrough seven, the least severe syslog cangenerate a lot of log messages. Most networkadministrators configure it so that they onlyget alerted when a minimum severity levelhas been reached. As a matter of fact, youalmost never want to capture debug log eventsunless you are actively debugging an applicationor service. Just because it generates so muchinformation. syslog can be configured so thatnetwork administrators receive their alertsvia text message or SMS message or by email,or they may even receive a voicemail message.Well, syslog is a cool tool. It's not theonly one that's out there. There's also simpleNetwork Management Protocol SNMP. SNMP isan application layer protocol used to monitorand manage a networks Health Network or systemsadministrators configure monitors. These areoften called traps. on devices that view theoperation of a specific item. As in is thatrouters interface up or is that routers interfacedown, the monitors periodically communicatewith a network management station or NMS throughget messages. That's g t messages that theNMS sends out. The response from the monitorsis stored in a management information base,or MIB, which is a type of log file. Thatadministrator can custom configure the monitorswith set messages sent from the network managementstation. When an event occurs, as in the interfacegoes down, the trap is tripped and the eventis logged SNMP. Just like syslog can be configuredto just log the event or it can be configuredto contact the network administrator SNMPgives network and systems administrators theability to provide more real time monitoringof a network's performance and health thantheir security information and event managementcm. It's a term for software products andservices that combined security informationmanagement or sim and security event managementSam, si e m may be provided by a softwarepackage network appliance or as a third partycloud service. It is used as a means of monitoringand providing real time analysis of securityalerts. That is an example of the securityevent management function the sim function,it can also be used as a tool to analyze longterm data in log files. That's an exampleof the sim function or the security informationmanagement function. Si m can be highly configuredto the needs of the individual network. Nowthat concludes this session on network monitoringpart one, I talked about the why of networkmonitoring. And then I briefly touched onsome tools for monitoring the network. Hello,I'm Brian ferrill. And welcome to pace 80ssession on network monitoring part two. Todaywe're going to be talking about active networkmonitoring tools. Then I'm going to move onto wireless monitoring tools. And we're goingto conclude with environmental monitoring.We have a fair amount of ground to cover nota whole lot of time. So let's go ahead andbegin the session. Of course I'm going tobegin by talking about active network monitoringtools. Port scanners are used to scan a networkfor open ports and protocols. The informationthat a port scanner gathers is vital informationif you want to harden the network. Port scannersare a great method of finding vulnerabilitiesin the network infrastructure, allowing thenetwork administrator to plug those vulnerabilitiesbefore they become a security breach. I dohave to issue a word of caution. You shouldonly use a port scanner on a network or systemthat you are authorized to scan. Port scanningis a possible sign of someone trying to breacha system in can lead to problems if you'renot authorized to scan that system. You don'twant to have to try and explain to an informationsecurity specialist why you were scanningtheir network if you're not authorized toscan it. A little bit different than a portscanner are applications that use interfacemonitor Or packet flow monitoring. These areusually deployed as an active software toolto monitor and analyze network traffic withina network segment. They're commonly calledpacket sniffers or protocol analyzers. Theyallow for an in depth look at what trafficis on the network, and may reveal securityissues that the network administrator canthen mitigate. They help to identify top talkerson a network segment. Top talkers are thosenodes or applications that generate the mostamount of traffic, packet sniffers can helpto identify top listeners on a network segment.A top listener is that interface or the interfacesthat are receiving the most network traffic.Or put another way those interfaces that areutilizing the most bandwidth for receivingpackets. This can help an administrator whenthey have determined that load balancing mightbe needed on the network. Microsoft messageanalyzer and Wireshark are examples of freepacket flow monitoring tools. Now let's moveon to wireless monitoring tools. And we'regoing to begin with the Wi Fi analyzer. AWi Fi analyzer is a similar tool to a protocolanalyzer, but only for wireless networks.It sniffs out packets on wireless networksand gives you statistics on those packetsthat it sees. It can check for bandwidth usage,channel usage, top talkers, top listeners,etc. Just like a packet sniffer can. Wi Fianalyzers can also identify networks by passivelyscanning the radio frequencies to determinewhere traffic is coming from. Given enoughtime, a Wi Fi analyzer can also identify hiddennetworks, or those that you don't know about.A Wi Fi analyzer can also infer non beaconingnetworks. based on data traffic over the radiofrequencies, they may not be able to discoverthe SSID but they can tell the network administratorthat something is passing traffic there. Anothertype of wireless monitoring tool are wirelesssurvey tools. They're most commonly used asa design tool for setting up high qualitywireless networks. When used in conjunctionwith mapping tools, the survey tools can helpto establish the required amount of accesspoints to get the proper amount of coverage,the ideal antenna placement and the optimumamount of channel overlap. Wireless surveytools can also help to identify possible sourcesof radio frequency interference, or RFI. Wirelesssurvey tools are often used to eliminate wirelessnetwork performance and security issues beforethey ever have a chance to occur. Let's moveon to environmental monitoring. A network'shealth can be affected by more than just anetwork interface failing or a possible securitybreach. Network and systems administratorsalso need to be concerned about environmentalfactors. Some of those factors include thequality and quantity of electrical power beingsupplied to their equipment, in the amountof heat in the rooms that equipment is kept.And also with that the humidity level powermonitoring tools or systems and tools thatcan be used to evaluate the amount of in thequality of the electrical power being deliveredto the system, they're often deployed withor alongside an uninterruptible power supplyor ups. The monitor will issue an alert whenan issue with electrical power has been identified,giving the network or System Administratora chance to rectify the problem before anyequipment has been damaged. All electricalcomponents are designed to operate withina specific heat range. Not only are they designedto operate within that heat range, but allelectrical equipment will generate some heatwhile they're in operation. And the harderthat equipment works, the more heat they willgenerate. This is where heat monitors comeinto play. The heat monitor allows an administratorto control the temperature levels before theybecome an issue. humidity is another itemthat network administrators need to keep inmind. Too little humidity increases the riskof electrostatic discharge or ESD. But toomuch humidity increases the risk of condensationon equipment and your electrical componentsdo not like that condensation. Humidity monitorsallow administrators\n"