Networking A Beginner's Guide pdf pdf
Except as permitted under the Copyright Act of 1976, no part of this publication may be reproduced or distributed in any form or by any means, or stored in a database or retrieval system, without the prior written permission of publisher, withthe exception that the program listings may be entered, stored, and executed in a computer system, but they may not be reproduced for publication. However, because of the possibility of human or mechanical error by our sources, McGraw-Hill Education, or others, McGraw-Hill Educationdoes not guarantee the accuracy, adequacy, or completeness of any information and is not responsible for any errors or omissions or the results obtained from the use of such information.
1 The Business of Networking . . . . . . . . . . . . . . . . . . . . . . . 3
This leaves the networking beginner in the difficult position of having to learn aboutnetworks by Reading an endless number of books and articles■ Attending classes■ Building small experimental networks at home, using cobbled-together■ and/or borrowed parts and software This book is designed for people who understand computers and the rudiments of computer science, but who want to begin an education about networks and networking. I assume you understand and are comfortable with the following topics: How bits and bytes work■ The notion of binary, octal, decimal, and hexadecimal notation■ How basic PC hardware works, and how to install and replace PC peripheral■ components Two or three desktop operating systems in detail, such as Windows, Mac OS,■ Linux, or UnixDetailed knowledge of a wide variety of application software ■The purpose of this book is both to educate and familiarize.
6 Are there capabilities that you could add to the network that would provide
Understanding Networking Jobs If you’re planning on entering the field of networking (and this book is designed as a good start for that), it’s important to have some understanding of the various networkingjobs that you’re likely to encounter and what they typically require. Network engineers are also usually the troubleshooters of last resort, who arebrought in to diagnose and fix the most vexing problems that surpass the ability of the network administrator to resolve.
8 Network Architect/Designer
Section 404 of the act places new requirements on public companies to annually assess their system of internal controls, and on their outside auditors to examine thecompany’s internal controls and to attest to the effectiveness of the company’s internal controls over the company’s use and reporting of financial information. Ifyou already know about different numbering systems and about how data rates are measured, you can probably skip the next chapter and move on to the networkingtopics that follow, although be warned that you need a strong grasp of how binary numbers work to understand some of the discussion surrounding network protocolsin Chapter 6.
14 Decimal numbers should use commas as you were taught in school. So, the
For example, you might host the application and data files for anaccounting system on a single workstation and not use that computer for typical workstation tasks, such as word processing, so that all of the computer’s performance is available for the accountingsystem. The server is responsible for responding to data requests from the clients and supplyingthem with the appropriate data, while the clients are responsible for formatting, displaying, and printing that data for the user.
18 Bob’s computer Betty’s computer
Thedisadvantages include the following: Might impact user’s performance If some workstations have frequently ■ used resources on them, the use of these resources across the network mightadversely affect the person using the hosting workstation. Difficult to back up Reliably backing up all the data scattered over many ■ workstations is difficult, and it is not wise to delegate this job to the user ofeach machine.
20 Pros for Client/Server Networks
Provided thatgood security and administration practices are in place, the servers cannot be easily “hacked.” Better performance While dedicated server computers are more expensive ■ than standard computer workstations, they also offer considerably betterperformance, and they are optimized to handle the needs of many users simultaneously. Learning Network Features Now that you know the two basic ways computers on a network can interact with each other, let’s look at the types of tasks you can do with a network.
22 Network operating systems that perform file sharing also administer the security
Through the use of a dedicated network print server, which is a box about the■ size of a deck of cards that connects to the printer’s parallel or Universal Serial Bus (USB) port (or even a wireless 802.11 protocol connection), on one end and the network on the other end. Connections required from a file-based e-mail system and the outside(say, to the Internet) are usually accomplished with a stand-alone computer—called a gateway server—that handles the e-mail interface between the two systems by usinggateway software that is part of the file-based e-mail system.
26 Network Security
Network security is provided by a combination of factors, including features of the network operating system, the physical cabling plant, the network connection to othernetworks, the features of the client workstations, the actions of the users, the security policies of management, and how well the security features are implemented andadministered. (Most networks use a serial stream of bits, but the OSI model allows for both serial and parallel transmission.) The specification for the physical layer alsodefines the cable used, the voltages carried on the cable, the timing of the electrical signals, the distance that can be run, and so on.
28 Data-Link Layer
Note that breaking the network layer (also known as the packet layer) into a separate layer from the physical and data-link layers means the protocols defined in this layercan be carried over any variations of the lower layers. Presentation Layer The presentation layer, Layer 6, takes the data supplied by the lower-level layers and transforms it so it can be presented to the system (as opposed to presenting thedata to the user, which is handled outside the OSI model).
30 Understanding How Data Travels Through the OSI Layers
As mentioned earlier in this section, data flows from an application program or the operating system and then goes down through the protocols and devices that makeup the seven layers of the OSI model, one by one, until the data arrives at the physical layer and is transmitted over the network connection. Networking servers, which can provide a host of different network services.■ Examples of these services include the automatic assignment of TCP/IP addresses 31 (DHCP servers), routing of packets from one network to another (routing servers), encryption/decryption and other security services, and VPN access.■ Internet servers, which provide web, Usenet News (NNTP), and Internet e-mail services.■ Remote access servers, which provide access to a local network for remote users.
Chapter 3 provides more information about network cabling. Workstation Hardware Any computer on a network that is used by people is usually referred to as a network
Usually, a network client is an Intel-based PC running some version of Windows, which has aNIC and network client software installed, allowing the workstation to participate on the network. You then learned about how computers on a network relate to one another, how the different parts of a network connection are logically broken down in the OSInetwork model, and how this model is useful in understanding networks.
CHAPTER 3 Network Cabling
Different types of bus networks have different specifications, which include the following factors:How many nodes can be in a single segment ■How many segments can be used through the use of repeaters ■How close nodes can be to each other ■The total length of a segment ■Which cable type is required ■How the ends of the bus must be terminated ■Bus topology networks usually use coaxial cable, described later in this chapter. Each computer is connected to the network through the use of a BNC T-connector (called thatbecause it’s shaped like the letter T), which allows the network to continue its bus and lets the computer connect to it.
38 Bus network topologies are by far the least expensive to install because they use
Because all the subcables that make up the segment and run from node to node must be connected at all times, and becausea failure in any part of the segment will cause the entire segment to fail, bus networks are prone to trouble. However, remember that extending a cable with a repeater means that all the network traffic on one side of the repeater is echoed to the cable onthe other side of the repeater, regardless of whether that traffic needs to go on that other cable.
A star topology network All the network traffic used on any of the network connections to the hub is echoed to all the other connected nodes on that particular hub. 1000Base-T over Cat-5 networks have these characteristics: Require eight actual wires (four twisted pairs in a single sheath)■ Must use Cat-5 cable or better■ Are limited to a length of 100 meters (328 feet) for each node connection■ Are not limited in the number of nodes in a single logical segment■ Use RJ-45 connectors for all connections■Compared to bus networks, star topology networks are more expensive.
44 DEFINE-IT! Physical vs. Logical
The fact that the signals physically travel from the node to the MAU and back to the next node is usuallyunimportant when thinking about the logical circular arrangement of the Token Ring network.somewhere around 35 Mbps (about one-third of the 100 Mbps theoretical maximum that one node could achieve sending a stream of data to one other node). Next, after adding the data to be sent and the destination address to the token packet, the nodesends the packet on to the next node.
46 Twisted pairs
As shown in Figure 3-7, thecabling starts at the hub, where a patch cable (usually 6 to 10 feet long, or 2 to 3 meters) connects a port on the hub to a patch panel, using RJ-45 connectors on each end. Onthe other side of the patch panel, the twisted-pair cable is hard-wired to the patch panel connection and then runs continuously to a wall jack (in an office, for instance) towhich it is also hard-wired.
48 Pin Number Wire Base Color Wire Stripe Color 10/100Base-T Use
If you were to hold the connector in your left hand, with the pins in the connector facing up andpointed forward, pin 1 of the connector is the one farthest away from you (see Figure 3-8). You’ll have to check the documentation for the switches you have to see if this is the case, and sometimes it’s not the case for all of the portson a particular switch.
50 Level or Category Rated Performance
Thin Ethernet cabling is wired in a bus arrangement, where each network segment starts with a terminator that connects to the end of the cable, runs to each node in turn,and ends with another terminator on the other end. Because most office buildings reuse the air in the plenum space, the last thing you would want to happen is to have the cables causing toxic fumes if a firebroke out somewhere in the building’s roof or plenum space that are then spread throughout the building through the air handling system.
You also need a crimper that can crimp both the central BNC pin onto thecentral conductor of the cable and the metal sleeve that holds the entire connector onto the wire. (This is so that people adding to thenetwork in the future can make sure to match these selections.)Complete labeling of all parts of the network, which should include the wall ■ plates, cables, patch panel ports, patch cables, and hub port assignments.
54 Solving Cable Problems
(A server must be available in the same segment; otherwise, you can use the PING command, if you’re using the TCP/ IP protocol on your computers, and try to ping another workstation in the complete segment.) If they can log in, then you know the problem is further on along the cable. While the mobile troubleshooter maps out parts of the segment with theterminator, the stationary person can quickly test to see if any individual parts of the segment prove to be a source of the problem (communicating via a cell phone orportable radio).
Before going to the trouble of pulling a new section of cable through the wall or replacing various cables and connectors, try simply running an extra cable from one location to another, suchas out the door of one room, down the hallway, and into the room of another. For coaxial cable systems, troubleshooting is made moredifficult because a lot of network users are breathing down your neck while you’re trying to concentrate and find the problem.
CHAPTER 4 Network HardwareNetworking: A Beginner’s Guide
By limiting the connections made, switches help eliminate network Switches form fast point-to-point connections for all the devices connected ■ Routers can intelligently route network traffic in a variety of important ways.■ Bridges are basically intelligent repeaters that direct traffic from one network segment to another only when the traffic is destined for the other segment. You must connect the network’s various devices in aconfiguration that enables the network to pass signals among the devices as efficiently as possible, taking into account the type of network and the different connectivityrequirements for the network.
60 Hubs and Concentrators
This allows all the traffic being generated by each of the ten hubs tocontinue to run at about a 100 Mbps connection speed to the servers, even though all the hubs are sharing the backbone. When you use the TRACERT command to trace the route from a node to a destination, most of the addresses that appear for thehops are actually different routers, each one forwarding the packet to the next until it reaches its destination.
66 The primary use for gateways today is for handling e-mail. Post Office Protocol 3
A firewall is a hardware device (which can be a computer set up for the task that runs firewall software or a dedicated firewall device that contains a computer within it) thatsits between two networks and enforces network security policies. There are basically two different types of firewalls:■ A network-based firewall operates at the network level (Layer 3) and usually implements a technique called packet filtering, where packets betweennetworks are compared against a set of rules programmed into the firewall before the packets are allowed to cross the boundary between the twonetworks.
For example, maybe the company’s accounting system runs at the headquarters building where the accounting and Information Technology (IT) staff are M located, but the warehouse across town still needs access to the accounting system for inventory-picking tickets, data entry, and other order fulfillment and inventory tasks. If you fail to take into account all the uses that the company might have for the WAN, you could find that you’ve invested a lot of money in a solution that doesn’t meet all ofyour needs.
72 Modem Modem
The advantages of a private network are that the data is secure, the network usage and capacity can be managed, and you can predict how much bandwidth you have available. (Technologies such as Virtual Private Networks orsome types of data encryption can provide such security.) WAN Transmission Quality There are several terms that refer to the quality of WAN network transmissions with which you should be familiar: Latency refers to the amount of time it takes for any given packet to ■ traverse the network from its source to its destination.
74 Use a private network under these conditions: Data security is of utmost concern
■ You have a large, experienced staff to set up and maintain the private network.■ Cost is unimportant relative to the benefits that the network brings.■ You need full, reliable control over the network’s bandwidth use.■ Comparing WAN Connection Types Now that you understand some basics of WAN links, the remainder of this chapter provides an overview of the available WAN technologies, ranging from telephoneconnections to very high-speed, high-bandwidth connections. At each end of the connection, the sending system’s modem modulates the digital data into an analogsignal and sends the signal over the telephone line as a series of audible sounds.
76 ISDN pricing changes occur regularly. Prices also vary considerably in different
The available flavors include the following: ADSL Asymmetric DSL is so named because the speed for transmission ■(called the upstream direction) and receiving (called the downstream direction) are not the same. IDSL is used■ for data almost exclusively because it’s an always-on connection to a singledestination (as discussed earlier, ISDN can be used to place calls to other ISDN connections).xDSL has become ubiquitous, in part because the cost per megabyte of data transmitted is far less than POTS and is even considerably less expensive than ISDN.
78 Why Asymmetric DSL?
Usually,ATM is used only by relatively large companies that need ATM’s speed for their WAN links, or by companies that need to send enormous amounts of data through a network 79 Corporate WAN Networking In this section you’ll learn about corporate WAN networking in practice, including the components of a WAN connection, quality of service and class of service, redundantWAN links, and the cost components of WAN network links. Within a POP building are installed various routers andswitches that aggregate all of the connections coming in from CO buildings, and that serve as the interface between the carrier’s private network and the connections to theircustomers.
82 The different carriers have different terminology that they use to describe their
TIP If you elect to use a single POP (in some regions of the world, depending on the carrier, you may be forced to), it is important to ensure that the carrier has each WAN circuit connected todifferent provider equipment (PE) within the POP itself. Or, you might divide up a particular location’s bandwidth usage between two circuits in a load-sharing arrangement, such that normally eachcircuit carries half of the bandwidth for the location, and if one fails, the site continues at 50% bandwidth until the failed circuit is restored.
CHAPTER 6 Networking Protocols
Datagrams, Frames, and Packets A packet is any collection of data sent over a network, and the term is usually used generically to refer to units of data sent at any layer of the OSI model. If there is a routing configuration error on the path to the destination that causes thepacket to go into an endless loop between routers, this is the feature that will stop it after a period of time.
90 Version (4 bits)
It is needed in case a packet must be retransmitted to tell the receiving node (or, in some cases, a router) from which node to request a retransmission.■ Destination IP address This field contains the address of the receiving node.■ Options and padding These final two fields of the header of the IP packet are used to request any required specific routing instructions or to specify the time that the packet was sent.■ Data The final field of an IP packet is the actual data being sent. Addresses on the Internet are guaranteed to be unique through the use of an address registration service, presently administered by the Internet Corporation forAssigned Names and Numbers (ICANN).
92 ICANN assigns three major classes of addresses, called Class A, B, and C, as follows: For a Class A address, ICANN assigns the owner a number in the first octet
Changing ISPs, even for a company that has a valid Class C address, means changing the company’s address from a Class C address available through the first ISP to a ClassC address available from the new ISP. The netid identifies the network, while the hostid identifies each node on that network.(In IP parlance, every node is called a host, regardless of whether it’s a server, client computer, printer, or whatever.) For a Class C address, for instance, the netid is set inthe first three octets, and the hostids use the fourth octet.
94 Subnet Masks
While certain implementations of IP do allow all0’s, such a configuration is not part of the accepted standard IP rules, and thus using such a hostid address is risky because some devices on the network might not understand it. What if the company could divide a single Class C address so that each building could useits own portion, and the routers connecting the buildings would understand which transmissions should be forwarded to the other buildings and which ones should not?
96 Domain Name System (DNS)
Upon being presentedwith valid trademark information and notice of the domain name that infringes on that trademark, ICANN goes through a process to assess the truth of the claim and, if necessary, takes a domain name away from its present holder and transfers the name to its rightful owner. Addresses from a DHCP server are said to be leased to the client that uses them, meaning they remain assigned to a particular node for a set period of time before they expire and become available for another node to use.
98 DEFINE-IT! Host
TheHTTP protocol transparently makes use of DNS and other Internet protocols to form connections between the web client and the web server so the user is aware of only theweb site’s domain name and the name of the document itself. When you connect to an FTP server to transfer a file, you log in to the FTP server 99anonymous FTP, where you enter the user name anonymous and then enter your e-mail address as the password.
Chapter 6: Understanding Networking Protocols 101 HELO
Add all of this up, and each voice conversation is likely to use only one- third to one-half of the available bandwidth on a single DS0 circuit. For a real-time voice conversation, however, the loss of packets directly inhibits theconversation, and you can’t go back in time to retransmit missing packets.(Over a private WAN, however, delivery can be guaranteed.) Out-of-sequence packets Not only can IP packets simply fail to arrive at ■ their destination on occasion, but sometimes they arrive out of sequence due toother Internet traffic and other reasons.
Chapter 6: Understanding Networking Protocols 103 Comparing Important Proprietary Protocols While Microsoft-based, Novell-based, and Apple-based networks can work with TCP/IP and all the previously discussed protocols, each type of network got its start
While typically considered a “chatty” protocol that requiresa lot of send/acknowledgment transactions, IPX/SPX has been enhanced with burst- mode capabilities, which increase the size of packets destined for a WAN and decreasethe number of back-and-forth communications required. In a more complex Windows-based network that also uses TCP/IP, however, the NetBIOS namesresolve to TCP/IP addresses through the use of Windows Internet Name Service (WINS).
CHAPTER 7 Directory Services
With directory services becoming more and more central to the administration of networks,learning this information becomes an increasingly important part of designing, deploying, and managing networks. Most organizations started with just a file server and a print server or two,so knowing which files, printers, and other services were in which locations on the LAN was easy.
Chapter 7: Exploring Directory Services 107 This is only a short list. Larger organizations have multiple servers sharing in each
Instead of using a name to look up an address and phone number in a phone book, you query the directory service for a service name(such as the name of a network folder or a printer), and the directory service tells you where the service is located. One important advantage of directory services is that they eliminate the need to manage duplicates of anything on the network because the directory is automaticallyshared among all of the servers.
Chapter 7: Exploring Directory Services 109 All the objects in a directory tree have attributes (sometimes called properties), which
You arrange the partitions (and set the scheduled replication times) to make the best use of the WAN’s performance, which usually is slower than that of a LAN. Using a single directory service with different network operating systems often happens becausean organization starts out favoring a particular network operating system and then later finds itself forced to support additional ones, but the organization still wants tomaintain a coherent, single directory service to manage the network operating systems.
X. 500 Directory Access Protocol (DAP) is an international standard directory
service that is full of features. However, X.500 provides so many features that its overhead makes deploying and managing it prohibitive.
Chapter 7: Exploring Directory Services 111 The Lightweight Directory Access Protocol (LDAP) was developed by a consortium
You can use a graphical tool designed to manage thetree, such as Novell Identity Manager, or other tools that mimic the look and feel of the operating system on which they run and that are also available from Novell. Multiple master domain This is a slight variation on the master domain model, ■ in which users might exist in multiple master domains, all of which trust oneanother, and in which resources are located in resource domains, all of which trust all the master domains.
Chapter 7: Exploring Directory Services 113
(Some other RFCs also describe aspects of LDAP.) The LDAP standarddescribes not only the layout and fields within an LDAP directory, but also the methods to be used when a person logs in to a server that uses LDAP, or queries or updates theLDAP directory information on an LDAP server. (Because directory services might fulfill many simultaneous authentications, run simultaneous queries, and acceptsimultaneous updates, it is important that these methods be clearly defined to avoid collisions and other potentially corrupting uses of the directory by client applicationsand administrative tools.) NOTE Many of the standards on the Internet are controlled by documents called Requests forComments (RFCs).
Chapter 7: Exploring Directory Services 115 Security model This model defines how to keep the data in the directory
One nice feature of LDAP is that an organization can build a global directory structure using a feature called referral, where LDAP directory queries that are managedby a different LDAP server are transparently routed to that server. Implementing a good remote access system that everyone is happy with is one of the most difficult things to do—especially for largeorganizations with many different needs—so a variety of approaches are discussed.
CHAPTER 8 Remote Network Access
One of the big problems with remote access is that it can seem as though all the remote users have different requirements, the various solutions address differentneeds, and none of those solutions takes care of all the needs. The server for a monolithic applicationserves up only the files needed for the application to run and the data files that the application manipulates.
Chapter 8: Connections from Afar: Remote Network Access 119 What Types of Remote Users Do You Need to Support? Users who require remote access generally fall into one of the following four categories: Broad traveler
The user might normally use a desktopcomputer on the LAN but have a notebook computer for traveling, might use a single notebook both on the LAN and when traveling, might check out notebook computersfrom a shared pool when travel needs arise, or might even rent a notebook computer for an occasional travel need. For instance, you might have a way for the user to log in to the distribution center’s LAN and access e-mail and files at the headquarterslocation through an existing WAN link, as shown in Figure 8-2.
Chapter 8: Connections from Afar: Remote Network Access 123
For example, a remote user at a single location can fairly easily set up a high-speed link to the corporate LAN, while a traveling remote user might be limited to using cellular modems and even dial-up telephone connections in some parts of the world. (One exception to this rule is a highly graphical application, such as a computer-aided design program.) Remote control connections also have waysto transfer files back and forth from the remote computer to the controlled computer, so files can still be downloaded from the LAN to the remote computer and vice versa.
Chapter 8: Connections from Afar: Remote Network Access 125 How do you know whether to choose remote node or remote control connections? Consider these points: When a remote user needs only LAN file access and e-mail access, a remote
A few applications might be able to run reasonably well overa remote node connection, provided the application itself is already installed on the remote computer and the application must access only relatively smallamounts of data through the remote link. If you need to maintain an application directly for the users, remote control■ might be the way to go because it leaves the application on the LAN-connectedmachine, where you can easily access it to make configuration changes or perform other maintenance.
Chapter 8: Connections from Afar: Remote Network Access 127 VPN connections are used in two important ways: To form WAN connections using VPN technology between two networks that
The main difference for a WAN VPN connection is that it connectstwo networks together, rather than a user and a network, and relies on different hardware (typically) than a remote access connection uses. In such cases, the sensitivenetwork can be separated from the corporate LAN, except for a firewall that allows VPN connections from the sensitive LAN to the corporate LAN, but not vice versa.