Layer 2 technologies
Network segmentation
Why segment a network?
Ethernet is a shared media, which means only one node can transmit data at a time. By increasing the number of nodes on a single segment, the probability of collisions increases, resulting in more retransmissions. A solution to the problem is to break the large segment into parts and separate it into isolated collision domains.
How do layer 1, 2 and 3 devices segment a network?
Layer 1 devices (repeaters and hubs) do not break up collision domains.
Layer 2 devices (bridges and switches) break up a LAN into multiple collision domains but do not break up a broadcast domain.
Layer 3 devices (routers) break up a LAN into multiple collision domains and broadcast domains as well.
How to define the broadcast domain and the collision domain?
Collision domains are the connected physical network segments where collisions can occur.
A broadcast domain includes all of the collision domains that process the same broadcast frame. This includes all the nodes that are part of the network segment bounded by a Layer 3 device.
Bridge operations
What is the technology of bridging?
Bridging refers to a technology in which a device known as a bridge connectstwo or more LAN segments. The primary benefit of bridging is that it limits traffic to certain network segments.
How does a switch build and maintain the switching table?
Each time a new address is stored, it is time stamped. When an address is referenced, it receives a new time stamp. When addresses are not referenced during a set period of time, they are removed from the list. The records of switching table is storied in the CAM (content-addressable memory), which allows a switch to directly find the port that is associated with a MAC address without using search algorithms.
What is the differences between the switching modes of store-and-forward, fast-forward, and fragment-free?
Store-and-forward – The entire frame is received before any forwarding takes
place. The destination and source addresses are read and filters are applied before the frame is forwarded. Latency occurs while the frame is being received. Fast-forward – With this transmission mode, the switch reads the destination address before receiving the entire frame. The frame is then forwarded before the entire frame arrives. This mode decreases the latency of the transmission but has poor LAN switching error detection.
Fast-forward is the term used to indicate a switch is in cut-through mode.
Fragment-free – This mode of switching reads the first 64 bytes of an
Ethernet frame and then begins forwarding it to the appropriate port or
ports. Fragment-free is a term used to indicate the switch is using
modified cut-through switching.
Layer 3technologies
Routing
What are the differences between layer 2 switching and layer 3 routing?
Switching is the process of receiving an incoming frame on one interface and delivering that frame out another interface.
Routing occurs at Layer 3 of the OSI model. Routing is the process of finding the best path from one device to another and then direct packets to the appropriate output port and network.
This distinction means layer 3 routing and layer 2 switching use different information in the process of moving data from source to destination. Another difference between switched and routed networks is switched networks do not block broadcasts.
What are differences between static routing, dynamic routing, and default routing?
Static routing
Routes are configured manually by administrator. Any network topology changes require the network administrator to add and delete static routes to account for the changes. Dynamic routing
Routes are learned dynamically by using routing protocols. Routers use routing protocols to updates routing tables with other routers when topology changes.
Default routing make it possible for routers to forward packets destined to any
Internet host without having to maintain a table entry for every Internet network.
Understand how to configure correct routing information on the router.
Routing protocol
What are the differences between routed protocol and routing protocol?
Routed protocols (routable protocols) are protocols used at the network layer that transfer data across a network.
Routing protocols allow routers to choose the best path for data from source to destination. Routers use routing protocols to exchange routing tables and share routing information. In other words, routing protocols enable routers to route routed protocols.
n Which protocol is routed protocol, which is routing protocol?
Routed protocol: IP IPX Apple Talk
Routing Protocol: RIP OSPF IGRP BGP EIGRP
n Which routing protocol is IGP or EGP?
EGP: BGP
IGP: RIP, IGRP, EIGRP, OSPF, IS-IS.
n Which routing protocol is distance-vector, link state, or balanced-hybrid?
For example, routing protocols such as, RIP, IGRP, OSPF, EIGRP, IS-IS,
BGP, and etc.
distance-vector: RIP IGRP EIGRP
link state: OSPF IS-IS
balanced-hybrid: EIGRP
Routing table
n What information is stored in the routing table?
Routing tables contain the information necessary to forward data packets across connected networks. This information varies based on the routing protocol used.
Protocol | Destination network | Metrics | Next-hop | Outbound interface
n What are metrics and administrative distance? What are they used for?
Routing metrics are values used in determining the advantage of one route over another.
What metrics are used in RIP and IGRP? How do RIP and IGRP use the metrics to select the best path?
RIP: hop count
IGRP: bandwidth delay load reliability
Data transmission between networks
How IP addresses and MAC addresses change during the transmission between networks.
Why Address Resolution Protocol (ARP) and default gateway is necessary in data transmission?
ARP which determines the data link layer address for known ip address.
What will the router do, if there is no routing information of the destination network for a packet?
Transport protocol (TCP and UDP)
n Which transport protocol is connect-oriented?(TCP) Which is connectionless?(UDP)
n What are the differences between these two transport services?
In connectionless system, the destination is not contacted before a packet is sent.
In connection-oriented system, a connection is established between the sender and the recipient before any data is transferred.
n Which application layer protocols use TCP or UDP to transport data?
TCP: FTP HTTP SMTP DNS Telnet
UDP: TFTP SNMP DHCP DNS
n What is the port number? How to assign the port number to the application on the server site and client site?
Port numbers are used to keep track of different conversations that cross the network at the same time.
Application software developers agree to use well-known port number that is controlled by IANA. Ftpè 21. Originally, source port numbers are assigned dynamically by the source host with some number greater than 1023.
n Connection-oriented services involve which three phases? (Connection establishment, data transfer, connection termination)
n What is three-way handshake?
TCP establishes a connection-oriented session using a three-way handshake, which synchronizes a logical connection between the endpoints of a network.
n How is sliding window used in flow control?
For example, when windows size = 3, how many packets can be sent without a received ACK?
Router (1)
n What information is stored in RAM, NVRAM, flash, and ROM?
RAM: running configuration file, ARP cache, fast switching cache, routing table information
NVRAM: startup configuration file
Flash: full Cisco IOS software image;
ROM: bootstrap program, scaled down version of the IOS
n What types of interfaces does the router have? (LAN, WAN, and
Management interfaces)
For example, interfaces such as, Fast Ethernet, FDDI, Token Ring; ISDN
PRI, ISDN BRI, ADSL, T1 serial, E1 serial; console port, auxiliary port.
Operating mode
n How many operating modes are there in the router? (ROM monitor, Boot ROM, Normal operation.)
n What is the default value of configuration register? (0x2102)
n How does the configuration register change the boot behavior?
The lowest 4 bits (bits 3, 2, 1, and 0) form the boot field. It identifies where to boot Cisco IOS Image
Startup routines
Startup routines includes: Loads bootstrap, loads operating system, loads configuration file.
n Where to load the IOS software?
The operating system image is loaded. The image can be found in one of several places: flash, TFTP server or ROM. The location is determined by the boot field of the configuration register.
n How boot system commands is used to load the IOS software?
Examine the configuration register setting in NVRAM to see if a particular source for the IOS has been designated.
2. If the default configuration register settings (0x2102) has been used, then the router look for the configuration in NVRAM. the configuration file may contain boot system commands. These commands can be used to identify the source of the desired IOS boot image.
3. If NVRAM lacks boot system commands that the router can use, the system by default uses the Cisco IOS software in flash memory.
4. If loading the IOS from flash fails or flash memory is empty, the router then attempts to use TFTP to load an IOS image from the network. The router uses the configuration register value to form a filename from which to boot a default system image stored on a network server.
5. If these fail, the router uses a limited version of IOS from ROM.
Router trouble shooting
n How to find out the problem from the outputs of show commands.
Use the dir flash: command to identify why the IOS image did not load from
flash.
If an image is located that appears to be valid, use the boot flash: command with a image name to boot from that image.
If the router properly boots, determine why the router booted to the ROMmon instead of using IOS from flash.
First, use the show version command to check the configuration register to ensure that it is configured for the default boot sequence.
If the configuration register value is correct, use the show startup-config command to see if there is a boot system command instructing the router
to use the IOS for ROM monitor.
Distance vector routing protocols
n What are the features of distance routing protocols?
When the topology changes, routing table updates must occur. It passes periodic copies of a routing table from router to router. Distance-vector algorithms call for each router to send its entire routing table to each of its directly connected neighboring routers.
The algorithm eventually accumulates network distances so that it can maintain a database of network topology information.
Distance-vector algorithms do not know the exact topology of an
internetwork.
n Periodic updates, send entire routing table, do not know the exact topology.
RIP: hop count is greater than 15, the packet is discarded. Routing updates are broadcast every 30 seconds.
n What is the differences between distance vector and link-state routing protocol?
Distance vector - The distance vector routing approach determines the direction (vector) and distance to any link in the internetwork. Distance vector based routing algorithms are also known as Bellman-Ford algorithms. For example, RIP, IGRP.
Link-state - The link-state approach recreates the exact topology of the entire internet work (or at least the portion in which the router is situated).
Link-state algorithms are also known as shortest path first or Dijkstras algorithm. For example, OSPF.
n What is the problem with distance vector routing protocol? What solutions can be used to prevent the routing loop in distance routing protocol?
Rooting loops can occurs if a network experiences slow convergence as the result of changes in the network or routing topology causing inconsistent routing entries.
Split horizon poison reverse hold-down timer triggered updates
ICMP
ICMP message
n What are ICMP error messages? What are ICMP control messages?
ICMP error messages report errors for IP. When datagram delivery errors occur, ICMP is used to report these errors back to the source of the datagram.
Echo Request/Reply message
Destination Unreachable message
Time Exceeded message
Parameter Problem message
ICMP control messages, unlike error messages, are not the results of lost packets or error conditions which occur during packet transmission. Instead, they are used to inform hosts of conditions such as network congestion or the existence of a better gateway to a remote network.
Redirect/Change message
Timestamp Request/Reply message
Information Request/Reply message
Address Mask Request/Request message
Router Advertisement/Solicitation message
Source Quench message
ICMP operations
n What happens when an ICMP packet itself is not deliverable?
Errors created by ICMP message don’t generate their own ICMP messages.
n When and how to use the ICMP messages according to different
situations?
For example, if TTL = 3, how far will this packet go from the source host?
What message will be sent by the intermediate router? Which host will this ICMP message destined to? Time Exceeded message
For example, if there is no routing information for a received packet on the router, which ICMP message will be sent by this router? Network unreachable
ACLs
Types of ACLs
n Standard ACLs and extended ACLs.
ACLs operations
n What is the structure of statements in ACLs?
The ACL parameters that can be defined include source and destination addresses, protocols, and upper-layer port numbers
n ACL statements operate in sequential, logical order. If a condition match is true, the rest of the ACL statements are not checked. If all of the ACL statements are unmatched, what happens to the packet?
If the packet does not match any of the written ACL statements, then the packet will match the final implicit "deny any" statement
How to use the wildcard mask to define a group of hosts?
n What is the maximum number of ACLs that can be placed on the router interfaces?
ACLs are created for all routed network protocols on a per-protocol, per-port, and per-direction basis. One ACL controls traffic in one direction on an interface for one routed protocol.
来源:http://blog.chinaunix.net/u/21684/showart_312636.html
