Networking Fundamentals

Question 1

What is the 7 Layer OSI Model?

Answer 1

o The OSI Networking Model is a standard used by networking manufacturing globally. It was created in 1984 and splits all network communications up into 7 layers; each layer uses the layer below, and adds capabilities to it
o A Layer n device has all layers from 1 to n, and data is encapsulated as it navigates through the layers

Question 2

What is the acronym to remember the 7 layers of the OSI Model?

Answer 2

Please, Do Not Throw Sausage Pizza Away!

Question 3

What are the 7 layers of the OSI Model?

Answer 3

o Layer 7: Application – is where protocols such as HTTP, SSH, FTP are added
o Layer 6: Presentation – adds data conversion, encryption, compression and standards which L7 can use
o Layer 5: Session – adds the concept of sessions so that request and reply communication streams are viewed as a single ‘session’ of communication between Client and Server
o Layer 4: Transport – adds TCP (reliable transport) and UDP (speed). TCP uses segments to ensure that data is received in the correct order, adds error checking and ports, allowing different streams of communication to the same host (e.g. tcp/22 and tcp/80)
o Layer 3: Network – adds IP addresses, and therefore allows device to device communication over interconnected networks (by using Layer 2). Each device has its unique IP address
o Layer 2: Data Link – adds MAC addresses (unique addresses for physical devices) which can be used for named communication between 2 devices on a local network; it also adds control over the media, avoid cross-talk and allowing retransmission. Uses frames (src to dst mappings of MAC addresses)
o Layer 1: Physical – manages the physical transfer of raw unstructured physical data over a shared medium

Question 4

What is IPv4?

Answer 4

o IPv4 addresses are how 2 devices can communicate at Layer 4 and above of the OSI 7-Layer model
o IP Addresses are actually 32-bit binary values, but are represented in dotted-decimal notation (i.e. 192.168.10.5) to make them easier to read and understand
o IPs are split in a network part and a node/host part. The netmask (e.g. 255.255.255.0) or prefix (e.g. /24) shows where this split occurs

Question 5

What are the Reserved or Special IPs?

Answer 5

 0.0.0.0 & 0.0.0.0/0: Represents all IP addresses
 255.255.255.255: Historically used to broadcast to all IPs, now filtered and not passed between networks
 127.0.0.1: Localhost
 169.254.0.1 to 126.254.255.254: Range of IPs which a device can auto-configure with, if failing to get an IP from a DHCP server

Question 6

What are the (historical) IP Classes?

Answer 6

 Class A (/8): 1.0.0.0 to 126.255.255.255. 126 networks, 16M nodes in each + 2 reserved (allocated to large organisations)
 Class B (/16): 128.0.0.0 to 191.255.255.255. 16,382 networks, 65,534 nodes in each + 2 reserved (allocated to medium organisations)
 Class C (/24): 192.0.0.0 to 223.255.255.255. 2M networks, 254 nodes in each + 2 reserved (allocated to small organisations)

Question 7

How does CIDR work?

Answer 7

o	CIDR (Classless Inter-Domain Routing) superseded the Class system
	Represented as network/prefix (e.g. 10.0.0.0/16)
	Network = starting point; prefix = #bits used by the network; remaining bits = node
	10.0.0.0/16 = 10.0.0.0 to 10.0.255.255 (net part is 10.0)
	10.0.0.0/24 = 10.0.0.0 to 10.0.0.255 (net part is 10.0.0)

Question 8

What is subnetting?

Answer 8

o Subnetting is the process of breaking a network down into smaller sub-networks
o A 10.0.0.0/16 VPC (Virtual Private Cloud) is a single network from 10.0.0.0 to 10.0.255.255 and offers 65,536 addresses
o Increasing the prefix by 1 creates 2 smaller sized networks; increasing again, creates 4 even smaller networks, and so on.

Question 9

How does IP Routing work?

Answer 9

o IP Routing enables network to network communication, and it happens at Level 3 of the OSI Layer
o The method depends on if the 2 devices are (a) local, (b) in a known remote network or (c) in an unknown network
o (a) Local: e.g. phone to phone on the same network. IP to IP communication, which happens locally with no need for a router. IP packet created at L3, passed to L2 where it is encapsulated inside a frame, which is then sent to the destination MAC address at L1
o (b) Know remote network: e.g. 2 devices on networks connected by a router
o (c) Unknown remote network: e.g. 2 devices on networks not directly connected by a router. Makes use of Border Gateway Protocol (BGP) that provides the route (i.e. how many and which hops to do to get to target)

Question 10

What is a Firewall?

Answer 10

o A Firewall is a device which historically sits at the border between different networks, and monitors traffic flowing between them. A firewall can read packet data and either allow or deny traffic, based on that data
o The kind of data the firewall can read depends on the OSI Layer the firewall operates at:
 L3 (Network): Source/Destination IP addresses or ranges
 L4 (Transport): Protocol (TCP/UDP) and Port Numbers
 L5 (Session): As layer 4, but understands response traffic
 L7 (Application): Application specifics, e.g. HTML paths, images

Question 11

What is a Proxy Server?

Answer 11

o A Proxy Server is a type of gateway that sits between a private and a public network (e.g. the internet). It generally needs application support – a proxy server is configured in the OS, web browser or other application
o The Client connects to the Proxy, and the Proxy connects to the destination server: it provides filtering (child safety, malware, removing adult content) and/or act as a web cache, speeding up web access for a large organisation
o Proxy Servers can also choose to pass or block traffic based on things network layer appliances can’t (username, department, security privileges, or the DNS name rather than IP