What is a Network?

• In its simplest form, a network is nothing more than “two connected

computers sharing resources with one another.”

• It is composed of two main aspects:

o Physical Connection (wires, cables, wireless media)
o Logical Connection (data transporting across the physical media)
 Computer Networking Protocols

• Computers communicate with each other with network protocols.

• Protocols are rules governing how machines exchange data and
enable effective communication.

• Some Everyday Examples

• When you call somebody, you pick up the phone, ensure there is a
dial tone, and if there is, you dial the number.
• When you drive your car, you obey the rules of the road.
 Protocols Continued
• Physical Protocols: describe the medium (wiring), the
connections (RJ-45 port), and the signal (voltage level on a wire).

• Logical Protocols: software controlling how and when data is

sent and received to computers, supporting physical protocols.

• Computer networks depend on many different types of protocols

in
order to work properly.

• Example Common TCP/IP Suite of Protocols:

o Web Communication: HTTP
o E-mail: POP3, SMTP, IMAP
o File Transfers: FTP
 The OSI
What is it? Model
The Open Systems Interconnection (OSI) Reference Model
• A conceptual framework showing us how data moves
throughout a network.
• Developed by the International Organization for Standardization
(ISO) in 1977.

It’s Purpose
• Gives us a guide to understanding how networks operate.

It’s only a reference model, so don’t get wrapped up in the details.

• Wasn’t implemented in the real world, TCP/IP is.
 The OSI Model
Stack
The OSI Model breaks down the complex task of computer-to-computer
network communications into seven layers.

Upper Layers (Host Layers)

• Handled by the host computer and performs application-specific functions,
such as data formatting, encryption, and connection management.

Lower Layers (Media Layers)

• Provide network-specific functions, such as routing, addressing, and flow
control.
The OSI Model Visualized
OSI Communication
 The TCP/IP
• Model
The TCP/IP suite is the most commonly used
protocol suite in the networking world.
• It’s essentially the protocol suite in which
the Internet was built.
• It’s the standard for computer networking.
• It is based on a 4-layer model that is similar
to the OSI model.
• History of TCP/IP:
o Developed by the United States Department
of Defense (DoD) in the early 1970s.
o In 1982, the DOD declared TCP/IP as the
standard for all military computer networking.
o In 1984, broad adoption of TCP/IP began (IBM,
AT&T, etc.).
TCP/IP & OSI Models Side-by-
Side
 MAC Addresses
Media Access Control (MAC)
• Physical address of the network adapter card
• OSI Layer 2 (Data Link) Layer Address
• TCP/IP Layer 1 (Network Interface) Layer Address

Six bytes (48 bits), Usually Represented Hexadecimal

• First three bytes (24 bits) are assigned by the IEEE to the manufacturer
o Organizationally Unique Identifier (OUI) assigned by IEEE (ex: Dell or
HP)
• Last three bytes (24 bits) are usually assigned sequentially:
o Unique Numbers

00:21:70:6f:06:f2 00-21-70-6F-06-F2

224 = ~16.7 Million Unique Addresses

 IP Addresses
• An IP Address is a logical address used in order to uniquely
identify
a device on an IP network.
• It’s a Network Layer address associated with routing.
o OSI Layer 3: Network Layer
o TCP/IP Layer 2: Internet Layer
• There are two versions:
o IP version 4 (IPv4)
 Example: 192.168.0.1
o IP version 6 (IPv6)
 Example: 2001:DB8:85A3:0:0:8A2E:370:7334
• We’ll be discussing both versions in this course.
 Comparing IP and MAC Addresses
IP Addresses MAC Addresses

• Network (OSI Layer 3) Addresses • Data Link (OSI Layer 2) Addresses

• Logical Addresses
• Physical Addresses
• Assigned in Operating System
• Physically burned on NIC
• Allows network-to-network • Allows internetwork communication
communication via routers via hubs, switches, and routers
• WAN communication • Local LAN communication
 Half vs. Full Duplex Communication

• Network communication will occur in either full or half duplex mode:

o Half Duplex: Can send and receive data, but not at the same time.
o Full Duplex: Can send and receive data simultaneously.
 Network Transmission
• Unicast
Types
• Multicast
• Broadcast
Unicast (One-to-One)
Multicast (One-to-Many)
Broadcast (One-to-All)
 Introduction to Ethernet
• The most popular networking technology in the world!
• Refers to a family of standards that define the physical and
logical
aspects of the world's most popular type of LAN.
• The standard communications protocol for building a local area
network (LAN).

• Physical
o Cabling, Connectors, Equipment, etc.
• Logical
o Network Access Method, i.e., Carrier Sense Multiple Access (CSMA)
 Physical vs. Logical Topologies
Physical topologies describe the placement of network devices
and how they are physically connected.

Logical topologies describe how data flows throughout a

network.
 Wired Network Topologies
• Four Specific Topologies:
o Bus
o Ring
o Star
o Mesh
 Bus Topology
• All devices are connected to a single coaxial network cable.
o Devices are connected via a vampire tap or T-Connector.
o Terminators are required at both ends of the cable to prevent signal bounce.
o Antiquated technology.
• Only one end device can be active on the network at a time.
o Data signals travel in both directions and are received by all devices on the
network.
• A single break in the cable can take down the entire network.
 Ring Topology
• All devices are connected in a circular fashion.
• Each computer is connected to two other
computers.
• Data travels from node-to-node with each
computer handling data, either unidirectional
or bidirectional.
• Each device (node) in the ring regenerates
the
signal, acting as a repeater.
• Failure of a single node can take down
the entire network.
• Fiber Distributed Data Interface (FDDI) uses
two counter-rotating ring topologies for
redundancy.
 Star Topology
• All devices are connected to a central
connecting device, which is usually a switch.
• Devices send data to the switch, which
forwards it to the appropriate destination
device.
• Popular topology in today’s networks.
• Used in most large and small networks.
• Central device is a single point of failure.
 Mesh Topology
• Each device is connected to every
other device by separate cabling.
• Highly redundant and fault-tolerance.
• Expensive to install.
• Commonly used in Enterprise Networks &
WANs.
• Two Types:
o Partial Mesh
o Full Mesh
 Wireless Network Topologies
• Wireless networks utilize radio frequencies (RF) to communicate.

• Three Specific Topologies:

o Ad hoc
o Infrastructure
o Mesh
 Ad hoc
• Peer-to-peer (P2P) wireless
network where no wireless
access point (WAP)
infrastructure exits.
• The devices communicate
directly with one another.
• Personal area networks
(PANs) are a common
example of Ad hoc wireless
networks.
 Infrastructure
• Wireless network that uses a
wireless access point (WAP)
as its central connecting
device.
• Infrastructure wireless
networks (WLANs) are
commonly used in homes and
small offices.
 Mes
•
h
Just like a wired mesh design,
wireless mesh networks utilize
several wireless access points
(nodes) to create a robust
wireless network that is:
o Scalable
o Self-Healing
o Reliable (redundancy)
• Common in larger homes and
businesses.
 Network Interface Card (NIC)
• The network adapter installed on
your network device.
• Provides the physical and
electrical, light or radio frequency
connections to the network
media.
• It can either be an expansion
card, USB devices or built directly
into the motherboard.
 Hub
•
s
Used to Connect Devices Together Within a Network
• Used in Early Networks; Replaced by Switches
• “Multi-Port Repeater”
o Traffic goes in one port and is repeated (broadcasted)
out every other port
o OSI Layer 1 Device
o Dumb Network Device
o Causes increased network collision errors
• Much Less Efficient than a Switch
• Legacy Equipment No Longer Used
 Switches

• Connects Devices Together Just Like a Hub

• Intelligent Network Device (OSI Layer 2)
• Memorizes the MAC Address of Each Device Connected
to It via a MAC Address Table, sometimes called a
Content Addressable Memory (CAM) Table
• Pays attention to Source and Destination MAC
addresses
during Communication Process
• Use Application-Specific Integrated Circuitry (ASIC), which
makes them Extremely Fast
• Breaks up Collision Domains
o Traffic Goes in One Port and Is Repeated out to Only
Destination Port
o Designed for High Bandwidth
o Standard in Today’s Network Infrastructure
 Wireless Access Point (WAP)
• A wireless access point (WAP) is a bridge that extends the wired network to
the wireless network.
• Just like a switch, it’s a Data Link Layer 2 device.
• Note: A WAP is not a router.
 Wireless Ranger Extender
• Extends the range of a wireless network by acting as a wireless repeater.
• Rebroadcasts radio frequencies from the wireless network it is associated
with
 Router
• Used to Connect Different
s
Networks Together
• Routes Traffic Between Networks
using IP Addresses
• Uses Intelligent Decisions
(Routing Protocols) to Find the
Best Way to Get a Packet of
Information from One Network to
Another.
• Break Up Broadcast Domains
• OSI Layer 3 Device
o Layer 3 = Router
o Layer 2 = Switch
o Layer 1 = Hub
 Modems (Modulators/Demodulators)
• Modems modulate one signal to another, such as analog to digital.
• For example, modulating a telephone analog signal into a digital signal that a
router
can understand.
 Small Office Home Office (SOHO) Device
• All-In-One Wireless Router with Expanded Capabilities:
o Router, Wireless Access Point, Firewall, Switch, DHCP Server, NAT Device, File Server, etc.
 Media Converters
• Like its name implies, it converts one media type to another.
• Layer 1 Device: Performs physical layer signal conversion.
• Ethernet to fiber optic media converters are commonly used.
 Firewalls
• Firewalls are the foundation of a defense-in-depth network security strategy.
• They protect your network from malicious activity on the Internet.
• Prevent unwanted network traffic on different networks from accessing your network.
• Firewalls do this by filtering data packets that go through them.
• They can be a standalone network device or software on a computer system,
meaning
network-based (hardware) or host-based (software).
 Types of Firewalls
Packet Filtering Firewalls
• 1st Generation & Most Basic
• Basic Filtering Rules

Circuit-Level Firewalls
• 2nd Generation
• Monitors Valid/Invalid TCP Sessions

Application Layer 7 (NGFW) Firewalls

• 3rd Generation
• Much more Advanced; Covered Later in Course
 DHCP Server
• Dynamic Host Configuration Protocol (DHCP) Server
• Automatically Assigns IP Addresses to Hosts
• Makes Administering a Network Much Easier
• An Alternative is Static IP addressing
• We'll Talk More About DHCP Later in the Course
 Voice over IP (VoIP) Endpoints
• Most phone systems run over IP networks via dedicated protocols, such as the
Session Initiation Protocol (SIP), both in-home and office environments.
• VoIP endpoint devices are hardware devices (phones) or software, such as Cisco
Jabber, that allow you to make phone calls.
 Types of Network
• Coaxial
Cabling
• Twisted Pair
• Fiber Optic
 Ethernet Explained
• Ethernet is a network protocol that controls how data is transmitted over a LAN.
• It’s referred to as the Institute of Electrical and Electronics Engineers (IEEE) 802.3
Standard.
• It supports networks built with coaxial, twisted-pair, and fiber-optic cabling.
• The original Ethernet standard supported 10Mbps speeds, but the latest supports
much faster gigabit speeds.
• Ethernet uses CSMA/CD & CSMA/CA access methodology.
 Ethernet N<Signaling>-X
•
Naming
Ethernet uses an “xx Base T” naming convention: 10Base-
T
o N: Signaling Rate, i.e., Speed of the cable.
o <Signaling>: Signaling Type: Baseband (Base) communication.
o X: Type of cable (twisted pair or fiber).
 Twisted Pair Standards
Cat Network Type Ethernet Standard Speed Max. Distance

Cat 3 Ethernet 10Base-T 10Mbps 100 meters

Cat 5 Fast Ethernet 100Base-TX 100Mbps 100 meters

Cat 5e Gigabit Ethernet 1000Base-T 1Gbps 100 meters

Gigabit 1000Base- 1Gbps 100 meters

Cat 6
Ethernet 10 T 10Gbp 55 meters
Gigabit Ethernet 10GBase- s
T
Cat 6a 10 Gigabit Ethernet 10GBase-T 10Gbps 100 meters

Cat 7 10 Gigabit Ethernet 10GBase-T 10Gbps 100 meters

Cat: Copper Cabling
Standard.
 Roles of
• Twists
Increased twists per inch:
o Reduces Crosstalk
o Increases Signals
o Supports Faster Speeds
 Layer 7 – Application
• Layer
Where users interact with the computer.
• Acts as an interface between an application
and end-user protocols.
• Provides an interface to communicate with
the network (Outlook, Chrome, etc.).
• Applications don’t reside in the application
layer but instead interfaces with application-
layer protocols.
• Example Application Layer Protocols:
o E-Mail: IMAP4, POP3, SMTP
o Web Browsers: HTTP, HTTPS
o Remote Access: SSH, Telnet
 Layer 6 – Presentation
• Layer
Ensures that data transferred from one
system’s Application Layer can be read by
the Application Layer on another one.
• Provides character code conversion, data
compression, and data
encryption/decryption.
• Example: Google Chrome HTML
converted to
ASCII Format.
 Layer 6 – Presentation
• Example LayerLayer
6 File Formats:
o Web Browser: HTML, XML,
JavaScript
o Graphics Files: JPEG, GIF, PNG
o Audio/Video: MPEG, MP3
o Encryption: TLS, SSL
o Text/Data: ASCII, EBCDIC
 Layer 5 - Session
• Layer
Responsible for setting up, managing, and
then tearing down sessions between network
devices.
• Ensures data from different application
sessions are kept separate.
• Utilizes Application Program Interfaces
(APIs)
to communicate with TCP/IP protocols.
• Coordinates communication between
systems.
o Start, Stop, Restart
 Layer 5 - Session
Layer
Can provide three different methods of
communication between devices:
• Simplex: One-way communication
between two devices, like listening to a
radio station.
• Half Duplex: Two-way communication
between two devices, but only one device
can communicate at a time.
• Full Duplex: Two-way communication
between two devices, where both sides can
communicate at the same time.
 Layer 4 - Transport
• Layererror-free and in
Ensures data is delivered
sequence.
• Segments data and reassembles correctly.
• Can be connection-oriented or
connectionless.
• Considered the “Post Office”
Layer
o TCP (Transmission Control
Protocol)
o UDP (User Datagram Protocol)
o Covered in detail in the next
section.
 Layer 4 - Transport
Layer
Responsible for two data flow control measures:
• Buffering
o Stores data in memory buffers until destination
device is available.
• Windowing
o Allows devices in session to determine the
“window” size of data segments sent.
 Layer 3 - Network
• Layer
The “Routing” Layer
• Provides logical addressing (IP Addressing)
and routing services.
• Places two IP addresses into a packet:
o Source Address & Destination IP Address
• Internet Protocol (IP)
o The primary network protocol used on the
Internet, IPv4, IPv6 Logical Addresses
 Layer 3 - Network
Layer
Types of Packets at Network Layer:
• Data Packets
o Routed Internet Protocol (IP) data packets.
• IPv4 & IPv6
• Route-Update Packets
o Routing protocols designed to update
neighboring routers with router information
for path determination.
o RIP, OSPF, EIGRP, etc.

Layer 3 Devices & Protocols:

• Routers & Multi-Layer Switches
• IPv4 & IPv6
• Internet Control Message Protocol (ICMP), i.e., Ping
 Layer 2 – Data Link
• Layer
The “Switching” Layer
• Ensures that messages are delivered to
the proper device on a LAN using
hardware addresses.
o MAC (Media Access Control) Address
o Only concerned with the local delivery of
frames on the same network.
• Responsible for packaging the data into
frames for the physical layer.
• Translates messages from the Network
layer
into bits for the Physical layer.
 Layer 2 – Data Link
Has two Sub-Layers Layer
• Logical Link Control (LLC) Layer
o Error Control and Flow Control
• Detect and correct corrupted data
frames.
• Limits amount of data sent so
devices
aren’t overwhelmed.
• Media Access Control (MAC) Layer
o Physical Addressing (MAC Address)
• 48-Bit MAC Address burned on NIC.
o Logical Topology and Media Access
o Ethernet, Token Ring, etc.
o CSMA/CD & CSMA/CA
 Layer 1 – Physical
Layer
Defines the physical and electrical medium
for
network communication:
• Sending and receiving bits (1 or 0)
• Encoding Signal Types
o Electricity, radio waves, light
• Network Cabling, Jacks, Patch Panels, etc.
o Copper or Fiber
• Physical Network Topology
o Star, Mesh, Ring, etc.
• Ethernet IEEE 802.3 Standard
• Layer 1 Equipment
o Hubs, Media Converters, Modems
It’s responsible for the network hardware and
physical topology.
OSI Encapsulation & De-Encapsulation
OSI Encapsulation & De-Encapsulation
 What is TCP/IP?
• Transmission Control Protocol/Internet
Protocol
• Commonly called the Internet
Protocol suite because it was designed
for the Internet, but LANs use it too.
• First Two Protocols Defined in the Suite
Were:
o TCP & IP, hence TCP/IP
• Similar to the OSI Model, but Simpler:
o OSI is Conceptual
o TCP/IP was Implemented
 TCP/IP Protocols
Layer Protocols
Application FTP, TFTP, DNS, HTTP(S), TLS/SSL, SSH, POP3, IMAP4, NTP, Telnet,
SMTP, SNMP
Transport TCP, UDP and Ports
Internet IP Addressing (Routing), ICMP, ARP
Network Interface Ethernet, Token Ring

These protocols work together to provide communication, management,

diagnostics, and troubleshooting for a TCP/IP network.
 Network Access
CSMA Methods Token Ring
• Carrier Sense • The Token
o Checks network for communication. o Passed between devices on the
• Multiple Access network.
o Multiple devices using the network. o Only devices with the token can send
data.
• Collision Detection o Token prevents network collisions.
o Wired Network
• Collision Avoidance
o Wireless Network
 Address Resolution Protocol (ARP)
• Resolves IP address to MAC Addresses
• Finds the hardware address of a host from a know IP address
o And vice versa (RARP)
ARP Command: arp -a
 ARP
Diagram

If a computer knows a device’s IP address but not its MAC address, it’ll send a
broadcast
message to all devices on the LAN asking which device is assigned that MAC address.
 The Internet Protocol (IP)
• An OSI Layer 3 protocol that defines routing and logical addressing of
packets
that allow data to traverse WANs and the Internet.
• It specifies the formatting of packets and the logical addressing schema
o IP addresses: IPv4 and IPv6
• Its job is to connect different OSI Layer 2 (switched) networks together.
• Provides end-to-end connectivity from one Layer 2 network to another via
routers.
 The Internet Protocol (IP)
• It’s connectionless and, therefore, unreliable (similar to UDP).
o No continued connection.
• Each packet sent is independent of each other packet.
o TCP and other protocols provide a means to reassemble them properly.
o Packets don’t always follow the same path to their destination.
o They’re sent via the most efficient route.
• Doesn’t provide any error recovery or sequencing functionality.
o That’s the job of other protocols.
 Internet Control Message Protocol (ICMP)
• OSI Layer 3 Internet Protocol (IP) companion “error reporting” protocol within
the TCP/IP suite of protocols.
• Just like IP, it’s connectionless.
• Used to generate error messages to the source IP address when network
issues prevent the delivery of a packet.
• Typically used by routers to report packet delivery issues, and, most
importantly, it can report errors but not correct them.
• Commonly used by IT administrators to troubleshoot network connections
with command-line utilities, including ping, pathping, and traceroute.
• For IPv6, it is also used for:
o Neighbor Solicitation and Advertisement Messages (Similar to ARP)
o Router Solicitation and Advertisement Messages
 (Some) ICMP Message Types
• Echo Request, Echo Reply: Tests destination accessibility and status. A host sends an
Echo Request and listens for a corresponding Echo Reply. Commonly done using the ping
command.
• Destination Unreachable: Sent by a router when it can’t deliver an IP packet.
• Source Quench: Sent by a host or router if it’s receiving too much data than it can
handle.
The message requests that the source reduces its rate of data transmission.
• Redirect Message: Sent by a router if it receives a packet that should have been sent
to a different router. The message includes the IP address to which future packets should
be sent and is used to optimize the routing.
• Time Exceeded: Sent by a router if a packet has reached the maximum limit of
routers through which it can travel.
• Router Advertisement, Router Solicitation (IPv6): Allow hosts to discover the
existence of routers. Routers periodically multicast their IP addresses via Router
Advertisement messages. Hosts may also request a router IP address by broadcasting a
Router Solicitation message, then wait for a router to reply with a Router Advertisement.
 Understanding Protocols, Ports, and
Sockets
Protocols
• Computers communicate with each other with network protocols.
• Protocols are rules governing how machines exchange data and
enable effective communication.
• In an operating system (OS), a protocol runs as a process or
service.
Ports
• Ports are logical constructs that bind a unique port number to a
protocol process or service.
Sockets
• Sockets are a combination of an IP address and a port number, for
example, 192.168.1.1:80.
 Why We Need Ports and
• Sockets
Computers require ports because of network
application multitasking.
• Because a computer may have only one IP address,
it needs ports to differentiate network protocols
and services running on it.
• TCP/IP has 65,536 ports available

Port Type Port Numbers Description

Well Known Ports 0 – 1023 Assigned to well-known protocols.

Registered Ports 1024 – 49,151 Registered to specific protocols.

Dynamic Ports 49,152 – 65,535 Not registered and used for any
purpose.
 Protocols & Port Numbers
Service, Protocol, or Application Port Number(s) TCP or UDP
FTP (File Transfer Protocol) 20, 21 TCP

Secure FTP (SFTP) 22 TCP

SSH (Secure Shell Protocol) 22 TCP

Telnet 23 TCP

SMTP (Simple Mail Transfer Protocol) 25 TCP

DNS (Domain Name System) 53 UDP

DHCP (Dynamic Host Configuration Protocol) 67, 68 UDP

TFTP (Trivial File Transfer Protocol) 69 UDP

HTTP (Hypertext Transfer Protocol) 80 TCP

POP3 (Post Office Protocol version 3) 110 TCP

 Protocols & Port Numbers
Service, Protocol, or Application Port Number(s) TCP or UDP
NTP (Network Time Protocol) 123 UDP

IMAP4 (Internet Message Access Protocol version 4) 143 TCP

SNMP (Simple Network Management Protocol) 161 UDP

LDAP (Lightweight Directory Access Protocol) 389 TCP

HTTPS (Hypertext Transfer Protocol Secure) 443 TCP

Server Message Block (SMB) 445 TCP

LDAPS (Lightweight Directory Access Protocol Secure) 636 TCP

RDP (Remote Desktop Protocol) 3389 TCP

ITU Telecommunication Standardization Sector A/V Recommendation 1720 TCP

(H.323)
Session Initiation Protocol (SIP) 5060, 5061 TCP
 TCP vs. UDP
Transport Layer Protocols
• TCP (Transmission Control Protocol): Connection-Oriented
• UDP (User Datagram Protocol): Connectionless

TCP is the most widely used Transport Layer protocol

because it is connection-oriented, which provides packet
delivery reliability, i.e., guaranteed delivery.

UDP, being connectionless, is considered to be unreliable;

however, it is more lightweight than TCP and often used for
streaming or real-time data.
 TCP Reliability
• TCP utilizes the following features to ensure reliable delivery of data.
o 3-Way Handshake creates a virtual connection between the source and
destination before data is sent.
o Acknowledgment is required before the next segment is sent.
o Checksum that detects corrupted data.
o Sequence Numbers that detect missing data and reassemble them
in
the correct order.
o Retransmission that will retransmit lost or corrupt data.

• Note: TCP header is 20 bytes in size, whereas the UDP header is

only
8 bytes.
 TCP Three-Way Handshake
• A connection must be established before data is transmitted, called
the three-way handshake.
o SYN  SYN / ACK  ACK
• Creates a Virtual Connection Between 2 Devices
 “Best Effort” UDP
• A scaled-down, economic version of TCP
o Connectionless & Unreliable
o No Data Retransmissions
o “Best Effort”
• Faster than TCP
o Smaller Header & Connectionless
• Primarily used for protocols that favor:
• Low-Latency, i.e., Faster Speeds
• Can Tolerate Data Loss
 “Best Effort” UDP
• Example UDP Use-Cases
o VoIP Phone Calls
o Live Video Streams
o Live Audio Streams
o Online Gaming
o Certain Network Management Protocols
o DNS
o DHCP
o NTP
 Application Layer Management Protocols
• Domain Name System (DNS)
• Dynamic Host Configuration Protocol (DHCP)
• Network Time Protocol (NTP)
• Simple Network Management Protocol (SNMP)
• Lightweight Directory Access Protocol (LDAP)
• LDAP Secure (LDAPS)
• Server Message Block (SMB)
 Domain Name System (DNS)
Port: 53 Transport Layer Protocol: UDP

• Protocol that is used to resolve a domain name to its corresponding IP address

o InstructorAlton.com  162.0.232.236
• Uses TCP port 53 by default
• We’ll be discussing DNS in detail in the DNS Network Services section of
this course:
o DNS Hierarchy
o DNS Record Types
o Name Resolution
 Dynamic Host Configuration Protocol (DHCP)
Ports: 67, 68 Transport Layer Protocol: UDP

• Protocol that automatically assigns IP address configurations to devices on a

network:
o IP Address
o Subnet Mask
o Default Gateway
o DNS Server
• We’ll be discussing how DHCP works in detail in the Assigning IP
Addresses
section of this course
• Uses two UDP ports 67 and 68 by default
 Network Time Protocol (NTP)
Port: 123 Transport Layer Protocol: TCP

• Protocol that automatically synchronizes a system’s time with a network time server.
o Important for time-dependent network applications and protocols.
o If a system is configured with the incorrect time, it may not be able to access network
services.
o Authentication will often fail if time isn’t properly synchronized between devices.
• Uses TCP port 123 by default.
Simple Network Management Protocol
(SNMP) Port: 161
Protocol: TCP
Transport Layer

• Protocol used to monitor and manage network devices

• Allows admins to monitor and manage network devices and traffic.
• Allows network devices to communicate information about their state:
o Memory
o CPU
o Bandwidth
• Uses TCP port 161 by default
Lightweight Directory Access Protocol
(LDAP) Port: 389 Transport Layer Protocol: TCP

• Protocol that provides a means to access and query directory service

systems:
o Usernames, Passwords, Computer Accounts, etc.
• Typically Unix/Linux-based or Microsoft Active Directory-based
• Uses TCP 389 by default
 LDAP Secure (LDAPS)
Port: 636 Transport Layer
Protocol: TCP

• LDAP over SSL

• A secure version of LDAP that utilizes SSL to encrypt LDAP network
traffic
• Uses TCP port 636 by default
 Server Message Block (SMB)
Port: 445 Transport Layer Protocol: TCP

• Network and file sharing protocol commonly used in Microsoft environments

• Allows systems to share their files and printers with other systems
• Uses TCP port 445 by default
 Application Layer Remote Communication Protocols
• Telnet
• Secure Shell (SSH)
• Remote Desktop Protocol (RDP)
 Telnet
Port: 23 Transport Layer Protocol: TCP

• Legacy protocol used to “insecurely” connect to a remote host

o Data is transferred in clear text, so it’s considered insecure
o Largely replaced by SSH
• Today it’s primarily used to access managed network devices, such as routers
via a
serial connection
• Use TCP Port 23 by default
 Secure Shell (SSH)
Port: 22 Transport Layer
Protocol: TCP

• A cryptographic protocol that’s used to securely connect to a remote

host
o Utilizes a terminal console
o Typically Unix and Linux Machines, but also available on Windows and Mac OS
• Encrypts data with public key infrastructure (PKI), making it secure
o Considered secure replacement for Telnet
• Uses TCP port 22 by default
 Remote Desktop Protocol (RDP)
Port: 3389 Transport Layer Protocol: TCP

• A Microsoft protocol that allows users to remotely connect to, view, and control
a
remote computer from a Windows desktop.
• Built into the Microsoft operating system.
• Uses TCP port 3389 by default
 Application Layer File Transfer Protocols
• File Transfer Protocol (FTP)
• Secure File Transfer Protocol (SFTP)
• Trivial File Transfer Protocol (TFTP)
 File Transfer Protocol (FTP)
Ports: 20, 21 Transport Layer
Protocol: TCP

• Legacy protocol used to transfer files between systems

o Slowly being replaced by Secure FTP (SFTP)
• Can authenticate with a username and password or utilize anonymous logins
• Data is transferred in clear text, so it’s considered insecure
• Full-featured functionality:
o View, list, add, delete, etc. files and folders
• Uses two TCP ports by default:
o Port 20 for Data: Data Transfers
o Port 21 for Control: Commands
 Secure File Transfer Protocol (SFTP)
Port: 22 Transport Layer Protocol: TCP

• A secure cryptographic version of FTP that uses SSH to provide encryption

services.
o Provides file transfer over SSH
• Uses TCP port 22 by default (same port as SSH)
 Trivial File Transfer Protocol (TFTP)
Port: 69 Transport Layer Protocol: UDP

• A bare-bones version of FTP used for simple downloads

o Doesn’t support authentication
o Doesn’t support directory navigation
• Requires that you request the exact file (and location)
• Often used to transfer software images for routers and switches during
upgrades
• Utilizes UDP port 69 by default
 Application Layer Email Protocols
• Simple Mail Transfer Protocol (SMTP)
• Post Office Protocol Version 3 (POP3)
• Internet Message Access Protocol (IMAP)
 Simple Mail Transfer Protocol (SMTP)
Port: 25 Transport Layer Protocol: TCP

• Email protocol that is used to deliver emails from an email client (Outlook) to
a
destination email server
• Can be configured to use encryption (recommended) or plain text
• Uses TCP Port 25 by default
 Post Office Protocol Version 3 (POP3)
Port: 110 Transport
Layer Protocol: TCP

• Email protocol that is used to retrieve emails from an email

server
• Can be configured to use encryption (recommended) or plain text
• Uses TCP Port 110 by default
 Internet Message Access Protocol (IMAP)
Port: 143 Transport Layer Protocol: TCP

• Another email protocol that is quickly replacing POP3

• Allows users to access email on servers and either read the email on the server
or download the email to the client machine
• Popular when a user accesses email from multiple different devices
• Web-based email clients, such as Gmail, use IMAP
• Uses TCP port 143 by default
 Application Layer Web Browser Protocols
• Hypertext Transfer Protocol (HTTP)
• HTTP Secure (HTTPS)
 Hypertext Transfer Protocol (HTTP)
Port: 80 Transport Layer Protocol: TCP

• Protocol that provides browsing services for the World Wide Web (WWW)
o Retrieves the content of a web page from a web server
o Requests are made in hypertext markup language (HTML) and returned to your browser
in that format
• Data is sent in plain text
• Uses TCP Port 80 by default
 HTTP Secure (HTTPS)
Port: 443 Transport Layer
Protocol: TCP

• HTTP over Secure Socket Layer (SSL) or Transport Layer Security (TLS)
• A secure version of HTTP that utilizes SSL/TLS to encrypts HTTP content
• Utilizes Public Key Infrastructure (PKI)
• Uses TCP Port 443 by default
 Understanding IPv4 Addresses
• An IP Address is a logical address used in order to uniquely identify a
device on an IP network.
• It’s a Network Layer Address
• There are Two Versions:
o IP version 4 (IPv4)
o IP version 6 (IPv6)
• This lesson focuses on IPv4, and we’ll discuss IPv6 later in the course.
 IPv4 Address Anatomy
• Made up of 32 binary bits, which can be divided into a network portion
and a
host portion with the help of a subnet mask.
o The 32 binary bits are broken into four octets (1 octet = 8 bits).
o Each octet is converted to decimal and separated by a period (dot).
o For this reason, an IP address is said to be expressed in dotted decimal format.
 IPv4 Address Anatomy

First Second Third Fourth

Octet Octet Octet Octet
192 . 168 . 1 . 131

11000000 . 10101000 . 00000001 . 10000011

8 bits 8 bits 8 bits 8 bits

 Network and Host
• Portion
An IP address is broken down into two parts:
• Network Address
• Uniquely identifies each network
• Your Street Name: 7682 Wilshire Drive
• Host Address
• Uniquely identifies each machine on a network
• Your House Address: 7682 Wilshire Drive

• Network Address + Host Address = IP Address

• Wilshire Drive 7682
 IPv4 Address Components
• Each device on a network is assigned an IP address, subnet mask and
default gateway:
o IP Address: Unique logical address assigned to each device on a network.
o Subnet Mask: Used by the device to determine what subnet it’s on, specifically the
network and host portions of the IP address.
o Default Gateway: The IP address of a network’s router that allows devices on the
local
network to communicate with other networks.
 Public versus Private IP Addresses
Public IP Addresses Private IP
Addresses
• Original Design of Internet • “Unregistered” – Free for Use by
• “Registered” Public IP Addresses Anybody!

• Assigned by an ISP to a Business • Designed for Use within Private

or Home Internal Networks

• Must be Globally Unique • Can Be Used Over and Over

o Web Servers Again
o DNS Servers • Cannot be Used or Routed on a Public
o Routers Network
• Utilizes NAT to “Speak” to Public
• By the Early 1990s, the World was Networks, i.e., the Internet!
Running out of Public IP Addresses
• Private IP Addresses & Network
Address Translation (NAT) were Born!
 Private IP Address Ranges

Class IP Address Range Network ID(s) (CIDR Notation) Number of Addresses

10.0.0.0 /8 16,777,216 IP
A 10.0.0.0 – 10.255.255.255 • 1 Private Class A Network Addresses Per
Network ID
172.16.0.0 – 172.31.0.0 /16 65,534 IP
B 172.16.0.0 – 172.31.255.255 •
16 Private Class B Networks Addresses Per
Network ID
192.168.0.0 – 192.168.255.0 /24 254 IP
C 192.168.0.0 – • 256 Private Class C Networks Addresses Per
192.168.255.255
Network ID