SECTION 6 : ETHERNET FUNDAMENTALS

Question 1

What were the first Ethernet networks ?

Answer 1

10BASE2 ThinNet 200m
10BASE5 ThickNet 500m

At the beginning ethernet was one standard among others competitors. It ended up winning.

Question 2

What was the new type of network ?

Answer 2

10BASE-T allows up to 10 Mbps of speed but only covers a distance of up to 100 meters. CAT3

Question 3

What is a deterministic network ?

Answer 3

Very organized and orderly and requires an electronic token to transmit. Each device waits its turns. Token ring or bus network. Zero collisions because they wait their turn.

Question 4

What is a contention based network ?

Answer 4

Very chaotic and can transmit whenever possible. You speak when you hear a gap. Contention based access is chaotic and can cause collisions. Ethernet used contention-based network access.

Question 5

What is the main drawback of deterministic ?

Answer 5

You don’t use all the bandwidth because you have to leave some for the other devices. The efficiency of the network is not maximized.

Question 6

What is CSMA/CD ,

Answer 6

Carrier Sense Multiple Access With Collision Detection.

It prevents collisions by using carrier-sensing to defer transmissions until no other stations are transmitting.

CS = ethernet needs to listen to the network and determine the sender of the data. When there is a gap the MA intervenes.
If the CD detects a collision allows to determine who waits or not. If a collision is detected Both Ethernet will stop transmitting and then retransmits. They take a random number and count to it (for instance 150 ms backoff and the other 30ms)

Question 7

What is Collision Domain ?

Answer 7

Each are of the network that shares a single segment. The more devices communicating on a single network segment the more collision there is. That’s why devices operate in half-duplex mode when connected to a hub (layer 1devices) because they have to listen before communicating. You need to keep collision domains small inside your networks. The entire bandwidth is minimized. You have to segment your network.

Question 8

What are the purpose of Ethernet switches when it comes to collision domain ?

Answer 8

It increases scalability of network by creating multiple collision domains. Each port is a collision domain. Besides switch ports can operate on full duplex. One computer connected to one switch avoids every trouble so full duplex.

Question 9

What is the bandwidth ?

Answer 9

Measures how many bits the network can transmit per second. Types of cables determine the bdwdth of cable.

Question 10

What are the standards when it comes to Ethernet and fibers ?

Answer 10

Number BASE - T —> ethernet
Nimber BASE - FX / SX / LX / SR / LR

Question 11

Needs to memorize when it comes to distances

Answer 11

1. Copper cables have a maximum distance of 100 meters
2. Using CAT 6 at 100 meters will limit the speed from 10Gbps to 1Gbps
3. Using CAT 6 at under 55 meters can reach 10 Gbps of speed
4. MMF deal with shorter distances between 200-500 meter range
5. SMF for long distances (kilometers)

If you need short distances with fiber use MMF or else copper.

Question 12

What are the primary devices on network ?

Answer 12

Router
switches
hubs
bridges

Question 13

What are hubs ?

Answer 13

Also known as a multiport repeater it is a L1 device that connects multiple network devices and workstations.

Question 14

What are the three different types of hubs ?

Answer 14

Passive : repeats signal with no amplification.
Active : repeats signal with amplification. Take the signal and boosts it. Try to reach the 100 meter limit of the TPC. Good to overcome the distance limit.
Smart : active hub with enhanced feature like SNMP

Question 15

What about collision domains when it comes to hub?

Answer 15

Multiple network segments connected together by hubs. Hubs increase the probability of collision domains because it broadcasts the signal.

Question 16

How does a bridge reduce collision domain ?

Answer 16

You can split a network in two with a hub and reduce the collision domain.
It retransmits data based on MAC adresses.

Question 17

What is a switch ?

Answer 17

L2 device just like a bridge.
Also known as a multiport bridge, it is a L2 device that connects multiple network segments together.
It has a bridge on every port that allows to minimize collision domain to each port. But everything on the switch is part to the same broadcasting domain.
Switches make forwarding decisions just like a bridge, based on MAC adresses.

Question 18

What is the cinematic of connection ?

Answer 18

When there are two switches, devices will send an ARP request to the switch.
The switch will forward to every devices connected on each of its port.
If it doesn’t find eat it will redirect to another switch.
Every one got the question who is the device. But when they know it the keep in memory.
Besides, switches support full duplex so every PC can produce ARP requests.

Question 19

What is a router ?

Answer 19

L3 device that connects multiple networks and makes forwarding decisions based on logical network information.
Router allows to reduce the traffic and the noise because they split the broadcast domain.

Question 20

What is a L3 switch ?

Answer 20

Makes L3 routing decisions and then interconnects entire networks not just segments. Hubs and bridges are combined to make a switch.
L2 switch and a router are combined to make a L3 switch.
They can do routing decisions and can connect network segments. Each port acts as its own broadcast and collision domain. With a small office a L3 switch can be convenient.

Question 21

What is the specificity of a home router ?

Answer 21

Usually it combines different functions such as Ethernet CAT 4 cable, WAP, router and so on.
It’s like a big media converter that converts data from CAT4 for instance to WAP.

Question 22

What are the other switch features ?

Answer 22

VLANs,
Trunking
Spanning tree protocol
Link aggregation
Power over Ethernet
Port monitoring
User authentification

Question 23

What is link aggregation ?

Answer 23

IEEE 802.3ad standard

Combines multiple physical connections into a single logical connection to minimize or prevent congestion.

Question 24

When does congestion occur ? I

Answer 24

When ports all operate at the same speed. Switches are full duplex so every port can operate at 100Mb/s. But the switch need to send out the total amount. We solve that with link aggregation. It’s rare that every PC uses full bandwidth to the switch.

Question 25

Concrete example of link aggregation

Answer 25

When three PCs are connected to a switch with a bandwidth of 100 MB/s the switch can operate link aggregation to another router or switch by combining the different physical links coming from the computers.

Question 26

What is Power over Ethernet ?

Answer 26

802.3af and Poe + 802.3 at

Supplies electrical power over Ethernet and requires CAT 5 or higher copper cable

Question 27

What is the different electrical capabilities of PoE 802.3af and PoE+ 802.3at?

Answer 27

PoE 802.3af —> up to 15.4 watts
PoE+ 802.3 at—> up to 25.5 watts

Question 28

What are the different devices concerned with PoE ?

Answer 28

The Power sourcing équipment will provide the power (normally the switch) and the powered device will receive it.
Etg will occur over a RJ-45 connector.

Question 29

What is port monitoring or mirroring ?

Answer 29

Makes a copy of all traffic destined for a port and sends it to another port. Each switch port has its own collision domain. Port mirroring must be configured to send the traffic of port 1 and 23 to port 24. Port mirroring must also be set up on the targeted computer.

It replicates traffic passing through a switch.

Question 30

What is user authentication ?

Answer 30

802.1x
Requires users to authenticate themselves before gaining access to the network.

Question 31

Work flow of user authentication ?

Answer 31

The supplicant (pc1) will talk to the switch and ask for permission to join the network. The authentication server will send the key to the switch that will send it back to PC1.

Question 32

What is management access and authentication ?

Answer 32

You can use SSH and Console Port

Question 33

What is DSH ?

Answer 33

Remote administration program that allows connection to the switch over a network

Question 34

What is console port ?

Answer 34

Allows for local administration of the switch using a separate laptop and a rollover cable (DB9 to RJ45).

Question 35

Which what is Out of band management ?

Answer 35

Keeps all network configuration devices on a separate network. You create another network dedicated to management. It gives additional security.

Question 36

What is first hop redundancy ?

Answer 36

It has to do with L3.
Uses hot standby router protocol (HSRP) to create virtual IP and MAC addresses to provide active and standby routers.

Question 37

Concrete workflow of first hop redundancy ?

Answer 37

The HSRP protocol creates a new virtual router besides the active and standby router. It creates redundancy.

Question 38

What are the first hop redundancy protocol ?

Answer 38

HSRP (hot standby router protocol) —> most important
GLBP (gateway load balancing protocol)
Virtual router redundancy protocol (VRRP)
Common address redundancy protocol (CARP)

Question 39

What is MAC filtering ??

Answer 39

L2 function
Permits or denies traffic based on a device’s MAC address. When you connect devices to MAC address you can tell the switch to block a specific devices.

Question 40

What is traffic filtering ?

Answer 40

Permits or denies traffic based on IP addresses or application ports. L3 function. It’s on the logical layer. It can occur on L4. It can occur from the multilayer switch. You can évén block from ports (l4).

Question 41

What is Quality of Service ! I

Answer 41

Forwards traffic based on priority markings.
A MLSWITCH has three devices including a phone. You can give priority to a phone over computers. Phones are dealing with UDP voice traffic so they get priority. You can tell a switch or a router what is the most important.

Question 42

how much nines of availability ?

Answer 42

99.999% —> 5 minutes a year

Question 43

What is the purpose of the Spanning Tree Protocol ?

Answer 43

It allows to avoid broadcast storm or loops by electing a root bridge and by activating several states (blocking, listening, learning, forwarding, disabled) on ports.
Switches and devices exchange BPDUs (bridge protocol data units) in order to adjust ports (designated or block).

Question 44

Which switch become the root bridge in the Spanning tree protocol ?

Answer 44

The one with the lowest MAC Adress.

Question 45

Why does a port shut down in the spanning tree protocol ?

Answer 45

When it provides the farthest link to the root bridge.

Question 46

What happens if we add another segment ?

Answer 46

The spanning tree protocol adapts to designate another non-designated port.

Question 47

What is a VLAN ?

Answer 47

Allows different logical networks to share the same physical hardware and provides added security and efficiency. Before that, we had different routers and switches. It is integrated inside different L3 Switches.

Question 48

What about cable management when it comes to VLAN ?

Answer 48

When it comes to VLAN, cables can be the same, but on the logical topology, they must be distinct. This is VLAN trunking (802.1q).

Question 49

What is a trunk ?

Answer 49

A trunk occurs when you merge all the data onto a single cable.

Question 50

How to identify the different VLAN going over a trunk cable ?

Answer 50

We use a 4 byte identifier which is an electronic tag. It is constitude of a Tag Protocol Identifier (TPI) and Tag Control Identifier (TCI).

Question 51

What is a VPN concentrator ?

Answer 51

Creates a secure VPN or virtual tunnel over an untrusted network like the internet. The device that terminates VPN tunnels and allows for multiple VPN connections in one location is a VPN concentrator (frequently integrated in a firewall).

Question 52

What is a VPN headend ?

Answer 52

It is a specific type of VPN concentrator used to terminate IPSec VPN tunnels within a router or other device.

Question 53

What is a firewall ?

Answer 53

Network security appliance placed at the boundary of a network.

Question 54

What are NGFW ?

Answer 54

Conducts deep packet inspection at Layer 7 and can look through traffic to detect and prevent attacks. Much more powerful than basic stateless or stateful.

Question 55

What is a proxy server ?

Answer 55

Specialized device that makes requests to an external network on behalf of a client. It’s a go-between. Two functions :
- security because it can perform content logging and filtering.
- keeps requests in cache in order to save bdwth and resources.

Question 56

What is a content engine ?

Answer 56

Dedicated appliance that performs the caching function of a proxy server. Very useful to save resources and bandwidth. Useful inside a remote branch office.

Question 57

What is a content switch/load balancer ?

Answer 57

Distributes incoming requests across various servers in a server farm. Send the request and distribute the workload across all different servers in order to provide the best response time.

Question 58

What is a VoIP phone ?

Answer 58

Hardware device that connects to your IP network to make a connection to a call manager within your network. The call manager is used to perform the call processing for hardware and software-based IP phones. The call manager is useful for transmitting data to non-IP phone network.

Question 59

What are physicall access control devices ?

Answer 59

Doors, cards and so on. Not connected to your corporate network. or they must be in their own VLAN. Same for cameras because they are very insecure devices.

Question 60

What are HVAC ?

Answer 60

Should be placed in their own VLANs. Not a lot of security built-in.

Question 61

What is ICS ?

Answer 61

Describes the different types of control systems and associated instrumentation => automate and operate industrial processes. SCADA is one type of ICS.