1

2- Network Reference Model

MAN is a computer communication network established within a city.
PAN → personal area network

Address Resolution Protocol (ARP): used to map IP addresses to MAC addresses within a local network .

Twisted pairs:
▫ STP: shielded twisted pairs
▫ UTP: unshielded twisted pairs
 2

3- Huawei VRP Basics

Versatile Routing Platform (VRP): Huawei's proprietary network operating system
File types:
● System Software: extension is .cc
● Configuration File: extension is .cfg, zip, and .dat
● Patch File: to fix bugs in system software - extension is .pat
● PAF File: controls product features and resources - extension is .bin

Storage Media
● SDRAM: It stores the system running information and parameters
● Flash: store system software & configuration files - avoid data loss in case of power-off.
● NVRAM: used to store log buffer files.
● SD Card: used to store system files, configuration files, log files, and so on.
● USB: for device upgrade and data transmission.

Boot Read-Only Memory (BootROM): firmware stored in ROM, contains the initial instructions executed by
the processor when a device is powered on or reset.

Internet Packet Exchange (IPX): protocol, specifically a network layer protoco l

4- Network Layer Protocols and IP Addressing

TTL Time to Live: hop limit is a mechanism that limits the lifetime of data in a computer or network.

variable length subnet mask (VLSM)

 3

Private IP add

When multiple routes exist to the same destination, routers use a "preference" to determine which route to use.
A lower preference value is always better and considered as a primary route.

Cost is always calculated from the perspective of the outbound interface on the router forwarding the traffic.

The cost of the path from Router A (port cost=10) to Router B (port cost=10) is the cost of Router A's outbound
interface, which is 10(Not 20).
 4

5- IP Routing Basics

Classless Inter-Domain Routing (CIDR): utilize IP add, by replacing the older classful addressing system.

6- OSPF Basics
Open Shortest Path First (OSPF)
Link State Advertisements (LSAs).
link state database (LSDB)
Shortest Path First (SPF)
Default cost value = 100 Mbit/s / Interface bandwidth
Cost of an OSPF route is the sum of costs of all inbound interfaces along a path from the destination
network segment to the local router.
Each OSPF router uses the SPF algorithm to calculate the shortest path to a specific destination.

OSPF network types DR & BDR Neighbor Default Hello / Sec Default Dead Interval
Election Discovery ( 4X hello interval)

Broadcast Broadcast Multiple Access (BMA) Yes Yes 10 Sec 40 Sec

NBMA Non-Broadcast Multiple Access Yes No 30 Sec 120 Sec

P2MP Point-to-Multipoint No Yes 30 Sec 120 Sec

P2P Point-to-Point No Yes 10 Sec 40 Sec

OSPF has four network types:

Designated Router (DR) Election Criteria:
1. Highest Router Priority, value from 0 to 255, The default = 1.
2. Then, Highest Router ID:
a. Highest IP address on an active loopback interface.
b. Then, Highest IP address on an active physical interface.

Backup Designated Router (BDR)

Router with a priority of 0 will never be elected as a DR or BDR

Types of OSPF Routers

● Internal router
● Area border router (ABR)
● Backbone router
 5

● AS boundary router (ASBR)

OSPF Packet Types

Multi-access (MA)
Autonomous System (AS)

OSPF provides entries in three important tables:

● OSPF neighbor table
● LSDB table
● OSPF routing table

OSPF adjacency relationship establishment involves four steps:

● Establishing a neighbor relationship, (Hello Msg & 2way)
● Negotiating the master/slave status,
● Exchanging LSDB information,
● Synchronizing LSDBs.

The neighbor status (When the protocol status of all routers is stable)
● Full → with the DR and the BDR
● 2-Way → with other DROther routers

The key factors that must match between the OSPF router interfaces from becoming neighbors are:
1. Area ID
2. Stub Area Flag
3. Subnet Mask
4. OSPF Network Type: (e.g., Broadcast, Point-to-Point)
5. Hello and Dead Timers:
a. The Hello interval dictates how often a router sends Hello packets (default Hello timer is 10 seconds.)
b. and Dead interval specifies how long a router waits to hear from a neighbor before declaring it down.
6. Authentication type: (e.g., plaintext or MD5) and the same password/key.
OSPF Authentication Types Area Authentication Interface Authentication

Scope A specific OSPF area A specific interface

Configuration View OSPF Area View Interface View

Flexibility Lower (applies to all interfaces by default) Higher (specific to one interface)
Scalability High (configure once per area) Low (configure one by one)
The authentication modes (Area or Interface) of two OSPF neighbors does not have to be identical. but the
authentication parameters (method and key) on the link must be the same.
 6

7- Ethernet Switching Basics

Carrier sense multiple access/collision detection (CSMA/CD)
Network interface card (NIC)

Type field: (2 bytes) ▪ 0x0800 → IPv4 ▪ 0x0806 →ARP

Logical link control (LLC) = the destination service access point (DSAP) + source service access point
(SSAP) + Control field. → These fields are essential for directing data frames to the correct upper-layer
protocol and managing communication within the data link layer.

Organizationally unique identifier (OUI): identify a vendor, manufacturer in MAC add.

 7

A switch processes frames in three ways: Flooding, Forwarding, and Discarding.

8- VLAN Principles and Configuration

virtual local area network (VLAN)

VLAN IDs: Value range: 1–4094 can be used and VLAN1 cannot be deleted.

Ethernet Interface Types: Access interface, Trunk interface, Hybrid interface.

Port VLAN ID (PVID)
Tag protocol identifier (TPID)

Virtual Routing and Forwarding (VRF): allows a single physical router to operate as multiple virtual routers,
each with its own routing table and forwarding instance.
Port Type Can Carry Multiple VLANs? How is PVID Set?

Access No port default vlan

Trunk Yes (tagged) port trunk pvid vlan

Hybrid Yes (tagged + untagged) port default vlan or first untagged

8
 9

9- STP Principles and Configuration

Spanning Tree Protocol (STP)
Bridge ID (BID) selection criteria (Root bridge)
● Smallest Bridge Priority (16 bits) - default 32768 - The value must be a multiple of 4096 (0, 4096,...)
● Then, Smallest MAC Address
A typical Cost formula = 100,000,000 / bandwidth

A higher port bandwidth indicates a smaller cost.

The root path cost (RPC)

Port ID (16 bits) = Port priority + Port number.

Bridge Protocol Data Unit (BPDU), 2 types:

➢ Configuration BPDU
➢ Topology Change Notification TCN BPDU

Topology Change (TC)

STP selects the optimal configuration BPDU in the following sequence:

1. Smallest BID of the root bridge - Bridge ID
2. Smallest RPC - Root Path Cost
3. Smallest BID of the network bridge - Bridge Identifier
4. Smallest PID - Port Identifier

How can identify the Root port/Designation Port

1- Root Bridge ID (BID) = priority value + bridge's MAC address.
2- Root path Cost (RPC) → cumulative cost of the links from a given port to the root bridge.
3- Sender BID
4- Sender Port ID (PID)
5- Receiver PIDRapid STP (RSTP)
 10

Feature Bridge ID Port ID

Primary Role Elects the Root Bridge. Selection of Root Ports and Designated Ports.

Components 16-bit Priority + 48-bit MAC Address. 4-bit Priority + 12-bit Port Number.

Level Switch-level Port-level

Default Values Priority: (default is: 32768) Priority: (default is: 128)
+ MAC: Unique to switch. + Port Number: Assigned sequentially.

Decision-Making The lowest BID wins the Root The lowest PID wins tie-breakers for port roles.
Bridge election.

STP port Roles:

Root Port (RP): always in the Forwarding state.
Designated Port (DP): always in the Forwarding state.
Blocking state: put into a blocking state to prevent a loop.

RSTP defines four port Roles:

● Root port
● Designated port
● Alternate port acts as a backup of the Root port
● Backup port backs up a Designated port
❖ Edge port is directly connected to a user terminal.

Received Send Learn Forward

RSTP Port Role BPDUs BPDUs MAC MAC

Root Port Yes No Yes Yes

Designated Port Yes Yes Yes Yes

Alternate/Backup Yes No No No

VLAN-based Spanning Tree (VBST) - Tree Concept → Huge processor resources (Huawei Protocol)
Multiple Spanning Tree Protocol (MSTP) - Improve VBST & provide multiple paths to make load balance.
Multiple spanning tree instance (MSTI) - MSTP tree paths

10- Inter-VLAN Communication

Intelligent Stack (iStack) enables multiple iStack-capable switches to function as a logical device.

Smart Link is a network redundancy feature on switches that provides fast failover between redundant links. It
uses a master and backup link within a Smart Link group.

A router on a stick is a networking setup that allows routing between multiple VLANs using a single physical
router interface

VLAN interface (VLANIF): Layer 3 logical interface on L3 SWs.

 11

The VLANIF interface determines whether to perform Layer 2 or Layer 3 forwarding based on the destination
MAC address
Layer 2→ destination MAC address exist on the switch's MAC address table
Layer 3 → destination MAC address matches the MAC address of the switch's own VLANIF interface

Layer 2 Ethernet Interface: The interface Sub-Interface: The interface connecting the switch to the
connecting the switch to the router is set to a router is set to a trunk interface
Access interface

11- Eth-Trunk, iStack, and CSS

Eth-Trunk interface - For Switches Not Routers - a
Layer 2 and a Layer 3 interface.

Link aggregation group (LAG): logical grouping of multiple physical network connections (Ethernet
interfaces) into a single logical connection

Link aggregation can be classified into manual mode and LACP mode.
Link Aggregation Control Protocol (LACP)
Link Aggregation Control Protocol Data Units (LACPDUs)

The following parameters must be the same for member interfaces in an Eth-Trunk:
▫ Interface rate
▫ Duplex mode
▫ VLAN configurations (access, trunk, or hybrid)

Based on the LACP system priority. Actor (Master) Switch (Not

Actor interface) selected by Highest Device Priority
1- Smallest System priority
2- Smallest Bridge MAC address

If the master switch has more available ports than the configured maximum number of active ports, it
will select the ports with
● Smallest Port priority value first. (A lower number indicates a higher priority).
● Then, Smallest Port number.
By default, the LACP interface priority of an interface is 32768.
 12

Cluster switch system (CSS)

12- ACL Principles and Configuration

Access control lists (ACLs)
Wildcard → in OSPF & ACLs

A wildcard mask specifies which bits of an IP address must match the network address.

● A 0 in the wildcard mask means must match.

● A 1 in the wildcard mask means does not matter "don't care".

13- AAA Principles and Configuration

Authentication, Authorization, and Accounting (AAA)
network access server (NAS): a device or software that provides remote access to a network acting as a
gateway
ACL matching modes:
● Configuration mode: (Default): The rule with the smallest ID is processed first.
● Auto mode: based on "precision" or "specificity.

Authentication modes:
● non-authentication,
● local authentication
● remote authentication (RADIUS or HWTACACS).
● 802.1X: for network access control (AC) at the port level

Authorization information includes the user group, VLAN ID, and ACL number.
 13

Accounting modes: non-accounting and remote accounting. ex: Users can access the Internet for free or
not.

Both RADIUS and HWTACACS servers can authorize users, but they differ in their approach and capabilities.
- RADIUS combines authentication and authorization. (Commonly used)
- while HWTACACS allows for separation of these functions

RADIUS uses the User Datagram Protocol (UDP) as the transmission protocol and uses UDP ports
● 1812 for authentication
● 1813 for accounting

14- Network Address Translation

Network Address Translation(NAT)
● Static NAT → One-to-one Manually
● Dynamic NAT → Many(n)-to-Many(n)
● Network Address and Port Translation (NAPT) → many(n)-to-many(m) which n>m
● Easy IP → Many-to-One (uses an interface address as a public address for NAT)
● NAT Server → Allow An external host proactively accesses the the internal server (Also Static NAT)
DHCP: Dynamic Host Configuration Protocol

15- Network Services and Applications

File Transfer Protocol (FTP)
FTP uses different transfer modes based on the file type
● ASCII mode: When a text file (in TXT, LOG, or CFG format)
● Binary mode: Non-text files (in CC, BIN, EXE, or PNG format)

Trivial File Transfer Protocol (TFTP) - for small files transfer

● Using UDP (port 69) for transmission
● Authentication not required
● Packet Formats: PRQ (Read), WRQ (Write), DATA, ACK, ERROR.

Virtual Type Terminal (VTY): is a virtual interface on network devices like routers and switches that allows
remote access via protocols like Telnet or SSH

Network Time Protocol (NTP): is a networking protocol that synchronizes the clocks of computer systems
over a network.

FTB Modes Active Mode Passive Mode

Way of connection The server initiates the data connection to the client. The client initiates the data connection to the server.
Client connects to a random server port (specified by
Ports Used Server port 20 connects to a random client port. the server).

Firewall Often blocked by firewalls Firewall-friendly

 14

16- WLAN Overview

Fat AP: (autonomous network): Without AC. AP directly like in home
Fit AP: applies to medium- and large-sized enterprises. managed and configured by the AC
Cloud AP: applies to small- and medium-sized enterprises. Cloud APs are managed and configured by a
cloud management platform

Access Controller (AC)

Power over Ethernet (PoE)
Control And Provisioning of Wireless Access Points (CAPWAP)

▫ CAPWAP data and control packets are transmitted on different UDP ports:
▪ UDP port 5246 for transmitting control packets
▪ UDP port 5247 for transmitting data packets

AC Connection Mode
● In-Path Networking
● Off-Path Networking

Modulation and Coding Schemes (MCSs): define how data is transmitted over a wireless medium by
combining modulation techniques and channel coding

Basic service set (BSS): An area covered by an AP.

Basic service set identifier (BSSID): The AP's MAC address.

Service set identifier (SSID): WLAN name

 15

Virtual Access Points (VAPs).

An Extended Service Set (ESS)

A VAP profile typically has:

● An SSID profile, which defines the name of the wireless network (SSID).
● A security profile, which defines the authentication and encryption methods.
● A traffic profile, which defines QoS and other service-related policies.
● A radio profile, which defines physical layer parameters like the channel and power.

The STA access process consists of six phases:

● scanning (Active scanning & Passive scanning)
● link authentication (Open System Authentication & Shared Key Authentication)
● association
● access authentication
● DHCP
● user authentication

APs can be upgraded on an AC in the following modes:

▪ AC mode: small number of APs are deployed.
▪ FTP mode: file transfer without high security and file copied from an FTP server.
▪ SFTP mode: high network security

Only 802.11ax. standard corresponding to Wi-Fi 6.

AP Link Authentication ways:

 16

iMaster NCE →

17- WAN Technologies

 17

WAN devices: customer edge (CE), provider edge (PE), and provider (P)

Point-to-Point Protocol PPP provides two authentication negotiation modes

● the Password Authentication Protocol (PAP) - 2way handshake - plain text (Insecure)
● Challenge Handshake Authentication Protocol (CHAP) - 3way handshake - More Secure.

Link Control Protocol (LCP): used to establish, configure, and test data-link connections.

Maximum Transmission Unit (MTU): defines the largest data packet size, measured in bytes, that a network
device can handle without needing to fragment it.

Maximum Receive Unit (MRU): the largest packet size a network interface can receive without needing to
fragment it.

Network Control Protocols (NCPs): a set of protocols (ex: IPCP) used within PPP to negotiate and configure
different network layer protocols for communication.

IP Control Protocol (IPCP): is a NCP Protocol used within PPP to configure and manage the transmission of
IP (Internet Protocol) data over a PPP link.

Point-to-Point Protocol over Ethernet (PPPoE): is a link layer protocol that encapsulates PPP frames into
Ethernet frames. PPPoE enables multiple hosts on an Ethernet to connect to a broadband remote access
server (BRAS).

Broadband Remote Access Server (BRAS)

 18

LCP Negotiation Process - Parameter Mismatch

Eth-Type: indicates the protocol type.

● The value 0x8863 indicates that PPPoE discovery packets are carried.
● The value 0x8864 indicates that PPPoE session packets are carried.
 19

Multiprotocol Label Switching (MPLS): is a networking technology that speeds up and optimizes data
forwarding by using labels instead of network addresses to direct traffic.

MPLS labels (instead of IP routes) - 4 Bytes

Segment Routing (SR): routing architecture that simplifies traffic and network by encoding forwarding
instructions directly into packet headers at the ingress node.

Segment IDs (SIDs)

SR using MPLS labels is called SR-MPLS and using IPv6 is called SRv6.

SR can be deployed with or without a controller.

SR with controller (like: iMaster NCE) will use:

• PCEP: Path Computation Element Communication Protocol
• NETCONF: Network Configuration Protoco l
 20

18- Network Management and O&M

Network Management Modes
● Traditional Network Management and O&M (CLI, Web System or SNMP)
● iMaster NCE-based Network Management and O&M

Standard Network Management Protocol (SNMP): protocol used for remotely managing and monitoring NT
devices.

User Security Module (USM): a security framework used in SNMPv3 to authenticate users.

View-based Access Control Model (VACM): a mechanism used in network management protocols like
SNMPv3 to control access to managed objects (MIB objects)

Management Information Bases (MIBs):a database that stores information about managed devices in a
network

Network Management System (NMS):a software application or set of applications that allows network
administrators to monitor, manage, and control the various components of a computer network.

Object identifier (OID):Simple Network Management Protocol to identify managed objects (like network
devices, interfaces, etc.)

The MIB defines the attributes of managed devices in the database.

▫ Object identifier (OID) of an object
▫ Status of an object
▫ Access permission of an object
▫ Data types of an object

Trap: The agent process sends messages to the NMS to notify the NMS of critical or major events.
 21

SNMPv1 defines five core protocol operations (sometimes referred to as PDU types):

1. GetRequest
2. GetNextRequest
3. SetRequest
4. GetResponse
5. Trap

SNMPv2c retains these five operations and adds two more:

6. GetBulkRequest
7. InformRequest

Telemetry: (network telemetry) supports data collection at the level of subseconds.

19- IPv6 Basics

Stateless Address Autoconfiguration (SLAAC): an IPv6 feature that allows devices to automatically
generate their own unique IPv6 addresses without the need for a central server to manage address
assignments.
 22

When more than one extension header is used in the same IPv6 packet, those headers must appear in the
following order:
1. Hop-by-Hop Options header
2. Destination Options header
3. Routing header
4. Fragment header
5. Authentication header (AH)
6. Encapsulating Security Payload (ESP) header.

❖ Global unicast address (GUA) -Globally unique- It is equivalent to a public IPv4 address

❖ Unique local address (ULA) - only on an intranet

❖ Link-local address (LLA) - limited application scope - with the prefix of FE80::/10.

Solicited-Node Multicast Address: This address is used for

● Neighbor discovery - Neighbor Discovery Protocol (NDP)
● Duplicate address detection (DAD).
● valid only on the local link.
 23

IPV6 operations are performed in below order:

Address Configuration: either manually or automatically (e.g., through SLAAC).
Duplicate Address Detection (DAD):
Address Resolution: translates an IP address to a link-layer address (like MAC) vs NS & NA

ICMPv6 RA messages are used to control the mode in which terminals automatically obtain IP addresses.

Router Solicitation (RS): is used to request address prefix information, to discover routers on the local
link - ICMPv6 messages used in IPv6 networks to request immediate Router Advertisement (RA) messages
from routers on the local network.

Router Advertisement (RA): The routers respond with (RA) message - Used to reply address prefix
information, In IPv6's SLAAC it is for dynamically assigning IPv6 addresses to devices.

Neighbor Solicitation (NS):IPv6 host that wants to communicate with another host will send (NS)

Neighbor Advertisement (NA):The target host receives the NS replies with (NA), containing its MAC address.

20- SDN and NFV Overview

Software Defined Networking (SDN): a network architecture that enables flexible and programmable
networks by separating the control plane from the data plane

SDN has three characteristics in initial phase:

● forwarding-control separation,
● centralized control
● Open programmable interfaces.
 24

Southbound Interface (SBI): OpenFlow is a commonly used SBI in SDN,enabling the controller to program
the forwarding tables of the network devices.

Zero Touch Provisioning (ZTP): is an automated process that configures network devices like routers,
switches, and firewalls upon initial startup, eliminating the need for manual, on-site configuration

Network Functions Virtualization (NFV): is a network architecture concept that virtualizes network functions,
traditionally run on dedicated hardware, by using IT virtualization technologies.

Virtualized network functions (VNFs)

The NFV architecture includes

● the network functions virtualization infrastructure (NFVI) (Like HW+OS)
● a virtualized network function (VNF). (Like VM)
● management and orchestration (MANO). (Like Mngt)
● business support system (BSS) or operations support system (OSS). (Like Apps)
 25

Standard NFV Architecture Huawei's NFV Solution

21- Network Programmability and Automation

Programming-based Network Automation: This process can be divided into two steps:
● writing a configuration file
● Then, writing Python code to push the configuration file to a device.

High-level Programming Language

● Compiled Language (C/C++ and Go) need to be compiled before running
● Interpreted language: (Java/Python) do not need to be compiled before running

telnetlib is a module in the standard Python library. It provides the telnetlib.Telnet class for implementing the
Telnet function.

Python Mode:
- Interactive mode: directly into the Python interpreter - Non-interactive: as script file

Python Term What it is Where it is used Example

Module Python file (.py) with code Anywhere (via import) import math, math.sqrt()

Class Blueprint for objects Inside modules or scripts class Person:

Method Function inside a class Inside a class def greet(self):

 26

22- Typical Campus Network Architectures and Practices

A campus network is big local area network (LAN) and has only one management entity
small office home office (SOHO)

Campus Network Project Lifecycle

● Planning and design
● Deployment and implementation
● Network O&M
● Network optimization

DHCP snooping is a security feature in network switches that helps prevent DHCP spoofing attacks
 27

Other Notes

Users authority levels Examples:

● Level 0 (Visit): Basic commands like ping and tracert.

● Level 1 (Monitoring): Commands for system maintenance.
● Level 2 (Configuration): Commands for configuring network services.
● Level 3 (Management): Commands for system operations like file management, user management,
and command level configuration.
● Levels 3-15 (Web): In the web interface, levels 3 and higher grant full administrative access .

Below are select one Router in NT:

● OSPF: DR, BDR and DRother

● STP: Root Bridge (Root, Designated, Blocked port)
● Eth-Trunk (Link aggregation): Actor (Master) Switch