II. Definitions: Client

  1. Client-Server
    1. Distributed application architecture dividing tasks and workloads between the client machine and the network server
  2. Virtualization Host (business servers)
    1. Multiple virtual machines on a single server
  3. Virtual Desktop Infrastructure (VDI)
    1. Serves Operating Systems and software to Thin clients and zero clients
    2. https://en.wikipedia.org/wiki/Desktop_virtualization
  4. Thick Client (Fat Client)
    1. Fully installed operating systems and needed software
    2. https://en.wikipedia.org/wiki/Fat_client
  5. Thin Client (Slim Client)
    1. User device that is smaller, lower cost, limited resource (memory, processing power)
    2. Relies on a networked connection to a more powerful server that performs much of the application functionality
    3. Operating system with deployed applications (e.g. Citrix)
    4. https://en.wikipedia.org/wiki/Thin_client
  6. Zero Client (e.g. Dell Wyse)
    1. Operating system and applications are deployed (e.g. remote desktop in Windows)

III. Background: Network Layouts (network topology)

  1. Mapping software
    1. Microsoft Visio (Windows)
    2. OmniGraffle or Diagrammix (Mac)
  2. Ring Network
    1. Each node is connected to its neighbor on either side, forming a ring of nodes (e.g. Spatial Reuse Protocol)
  3. Mesh Network
    1. Each node is connected to multiple neighbors (e.g. Ethernet switches, Wireless Mesh Networks)
  4. Star Network
    1. All nodes are connected to a single central node (e.g. Wireless LAN)
  5. Fully Connected Network
    1. Each node is connected to every other network node (e.g. military Communication, requires redundancy)
    2. Expensive overhead - requires maximal number of connections = n * (n-1)/2
  6. Tree Network
    1. Hierarchical arrangement of nodes in a parent-child tree organization (e.g. Cable TV signal distribution)
  7. Bus Network
    1. All network nodes are connected along a common thoroughfare (e.g. early Ethernet)
  8. Resources
    1. http://en.wikipedia.org/wiki/Computer_network

IV. Background: Network Types

  1. Local Area Network (LAN)
    1. Single area of high speed connectivity
    2. LAN infrastructure is typically owned by the business (or home) using it
    3. https://en.wikipedia.org/wiki/Local_area_network
  2. Wide Area Network (WAN)
    1. Network of 2 or more typically distant LANs connected by a service provider (e.g. branch office connections)
    2. https://en.wikipedia.org/wiki/Wide_area_network
  3. Metropolitan Area Network (MAN)
    1. Network connecting multiple buildings within the same city
    2. https://en.wikipedia.org/wiki/Metropolitan_area_network
  4. Campus Area Network (CAN)
    1. Network connecting a college or business campus
    2. https://en.wikipedia.org/wiki/Campus_network
  5. Wireless LAN (WLAN)
    1. Wireless access points (hot spots)
    2. https://en.wikipedia.org/wiki/Wireless_LAN
  6. Personal Area Network (PAN)
    1. Includes Near Field Communication (NFC), Bluetooth Communication, and Infrared Communication
    2. https://en.wikipedia.org/wiki/Personal_area_network

V. Background: Internet Connectivity

  1. Analog Modems (dial-up modems)
    1. Rarely used in the U.S. aside from legacy devices that may call in diagnostic data to main servers
    2. May be used in world regions where other connectivity is not available (or too expensive)
    3. https://en.wikipedia.org/wiki/Modem
  2. Digital Subscriber Line (DSL) and asynchronous DSL (ADSL)
    1. Uses digital telephone line (RJ-11) via Point-To-Point (PPPoE) and IP (requires filter on the line)
    2. https://en.wikipedia.org/wiki/Digital_subscriber_line
  3. Broadband Cable
    1. Data transmitted over coaxial cable via DOCSIS protocol
    2. Asymmetric transmission (much faster download than upload)
    3. https://en.wikipedia.org/wiki/Cable_Internet_access
  4. Fiber Internet
    1. Very high speed connectivity (but requires nearby fiber cable)
    2. https://en.wikipedia.org/wiki/Fiber_to_the_x
  5. Satellite Internet
    1. Connectivity for remote locations that requires satellite dish
    2. Data transmission latency is an issue as is interference from weather
    3. https://en.wikipedia.org/wiki/Satellite_Internet_access
  6. Cellular Network (Mobile Broadband)
    1. Standard transmission download speeds approach 50 Mb/s with 4G or LTE Networks
    2. Tethering allows smartphones to become a Wi-Fi hotspot (and NAT router)
    3. https://en.wikipedia.org/wiki/Mobile_broadband
  7. Line of Sight Wireless
    1. Allows for point to point internet between 2 points (e.g. buildings) where physical cable cannot be run
    2. Transmits 5 to 150 Mb/s over up to miles of distance
    3. https://en.wikipedia.org/wiki/Line-of-sight_propagation
  8. Resources
    1. https://en.wikipedia.org/wiki/Internet_access

VI. Background: Cables and Connectors

VII. Background: Routers and related devices

  1. Network Hub (Ethernet Hub, defunct)
    1. Defunct device replaced by the Network Switch
      1. Still used for diagnostics by plugging hub into network and monitoring traffic via sniffer (e.g. Wireshark)
    2. Simple network connection without filtering capability
    3. All data packets are passed through to all connected devices (can slow down the network)
      1. Functions as a multiport repeater
      2. One collision domain
    4. Used for small networks where the inefficiencies of passing all data to all devices would not tax the network
    5. https://en.wikipedia.org/wiki/Ethernet_hub
  2. Network Bridge (defunct)
    1. Defunct device replaced by the Network Switch
    2. Similar to a Network Hub, allows for filtering of data packets based on MAC address
      1. Has only one incoming and outgoing port
    3. Network Bridge has a single incoming LAN port and a single outgoing LAN port
    4. Bridge stores the MAC address table for each connected LAN
    5. The bridge filters traffic based on the data packet MAC address
    6. Indicated for networks that need only intermittent Communication
    7. https://en.wikipedia.org/wiki/Bridging_(networking)
  3. Network Switch (Layer 2)
    1. Similar to a Network Bridge (which it replaces), but has multiple ports
    2. Allows for data packet addressing to either MAC addresses (Layer 2) or IP Addresses (layer 3)
      1. Switch stores a table of all connected device MAC addresses
    3. Data packet forwarding is controlled by hardware known as ASIC (application specific integrated circuits)
      1. Switches route only data specific to the device/target
      2. Provides full, dedicated bandwidth to each connected device/port
        1. Each connection has its own isolated collision domain
      3. However, if switch does not know MAC address of device, it broadcasts (floods) all attached devices with the data
    4. Adds error checking to data packet evaluation (in addition to the address forwarding of a network bridge)
      1. Allows for increased efficiency by only transmitting error-free data packets to the correct LAN address
    5. Originally indicated for connecting large networks at the subnet level (now the default standard for all networks)
      1. Replaces Network Hub and Network Bridge
    6. https://en.wikipedia.org/wiki/Network_switch
  4. Network Router (Layer 3)
    1. Data packet addressing is via IP Address (Layer 3) and controlled by software (contrast with ASIC control on switches)
    2. Machines are connected to switches, which in turn are connected to network routers
    3. Routers support multiple WAN technologies, and separate public internet from private network
    4. Routers also allow for segmenting a network into subnets (one for servers, another for digital phone network...)
    5. Routers are in standard use in business networks
    6. Homes also use routers for broadband internet connection
    7. https://en.wikipedia.org/wiki/Router_(computing)
  5. Wireless Access Point (Hot Spot, Wireless LAN)
    1. Wireless devices can communicate with each other and wired LAN connections
    2. May be powered over ethernet (PoE) with 4.5 Watts of power
    3. LAN Controllers are available to manage all of the individual Wireless Access points
  6. Repeaters
    1. Included in hubs and switches to clean, amplify and re-send data packet signals
    2. Signals may otherwise become weak along long cables (>100 m)
    3. May also provide power to the device on the ethernet (PoE)
  7. Ethernet over Power (Powerline Ethernet)
    1. Ethernet signal is transmitted via AC Power (speeds of 100 to 500 Mb/s)
    2. Ethernet is plugged into a wall power outlet adapter
    3. May be used in areas where additional wired ethernet cable is difficult to run to the target device(s)
  8. Power over Ethernet (PoE, 802.3af)
    1. Device powered over ethernet cable
    2. Indicated where ethernet cable is run to location, but powerline is not (e.g. wireless access point)

VIII. Background: Firewall

  1. Firewall
    1. Screens network traffic from unauthorized access
    2. Protects against malicious users looking for open ports for network access
    3. Best firewall response to a port probe (ping) is no response (invisible port to unauthorized users)
    4. Subtypes
      1. Packet-filtering firewall (standard)
        1. Allows or blocks IP Addresses on certain ports
      2. Stateful packet inspection (preferred in enterprise systems)
        1. Firewall can enforce rules on many data layers including at the application and session layers
    5. Resources
      1. https://en.wikipedia.org/wiki/Firewall_(computing)
  2. Port Forwarding (firewall rule)
    1. Router can be configured to forward specific port inbound traffic to a private IP Address of a device
    2. Some devices (e.g. game platforms) often have specific ports on which they communicate
    3. These ports are often blocked by router firewall by default, and require port forward to receive data traffic
    4. https://en.wikipedia.org/wiki/Port_forwarding
  3. Port Triggering (firewall rule)
    1. Similar to port forwarding (above), but router attempts to forward traffic in a given range to a private IP for device
  4. Precautions
    1. Universal Plug-And-Play (UPnP)
      1. Some routers allow applications to automatically open ports for forwarding external traffic
      2. Convenient, but malware may take advantage of UPnP
      3. Consider disabling UPnP on router
  5. Testing Firewall
    1. See Network Security

IX. Background: Device Communication

  1. DHCP Server
    1. See DHCP Server
    2. Dynamic private IP Addresses "leased" to individual devices on the network
    3. Allows a server with its own public, routable IP Address to distribute data to its clients
  2. Network Address Translation (NAT) or Port Address Translation (PAT)
    1. Shares a few public IP Addresses with a virtually unlimited client devices
      1. Each device has its own private IP (DHCP-assigned)
    2. Router handles the routing to and from the external public IP Address to the internal private addresses
    3. https://en.wikipedia.org/wiki/Network_address_translation
  3. Destination Network Address Translation (DNAT) or inbound NAT
    1. Internal device is discoverable to external internet (e.g. web server with a private IP Address)
    2. Risky! Use with DMZ
  4. Demilitarized Zone (DMZ) or Screened Subnet
    1. Host computers separate from the rest of the network that allows outside access without compromising other systems
    2. Typically used with DNAT (see above)
    3. https://en.wikipedia.org/wiki/DMZ_(computing)
  5. VPN Server
    1. Secure, tunneled connection over an otherwise insecure internet
    2. https://en.wikipedia.org/wiki/Virtual_private_network
  6. Quality of Service (QoS)
    1. Bandwidth reserved for adequate quality of key services (e.g. VoIP)

X. Background: Small Office Home Office (SOHO) Router

  1. Indications
    1. Small number of users (e.g. 10 or less)
  2. Multiple functions of SOHO Integrated Router
    1. Wi-Fi access point and router (OSI layer 3)
    2. DHCP Server with Network Address Translation (NAT, DNAT)
    3. Firewall
    4. Network switch (OSI layer 2)
    5. VPN server
  3. Connections
    1. Uplink to internet or larger network (WAN)
    2. Switch for routing data to wired clients
    3. Antenna for wireless transmission
    4. USB connection for maintenance tasks (e.g. update device firmware via USB key)
  4. Configuration
    1. Exercise caution with firmware upgrades (vet before install)
    2. See Wired Connection Interface for ethernet related physical tools
  5. Security
    1. See Network Security

XI. Background: Open Systems Interconnection Model (OSI Model, ISO Network Communications Model)

  1. Mnemonics
    1. Layer 7 to 1: All People Seem to Need Data Processing
    2. Layer 1 to 7: Please Do Not Throw Sausage Pizza Away
  2. Host Layers
    1. Data: 7. Application Layer
      1. Closest to the end user who interacts directly with the application
      2. FTP (file transfer protocol)
      3. HTTP or HTTPS (web)
      4. SMTP (mail server)
      5. POP3/IMAP4 (mail server)
    2. Data: 6. Presentation Layer (Syntax Layer)
      1. Data representation with encryption and decryption, serialization of objects as needed
    3. Data: 5. Session Layer
      1. Manages connections between local and remote computers
      2. LDAP (Lightweight Directory Access Protocol)
        1. Authenticates users for X.500 Directories
    4. Segment: 4. Transport Layer
      1. Variable-length packets reliably transported between network nodes
      2. Transmission Control Protocol (TCP)
        1. Acknowledgement (secure, reliable, slower)
      3. User Datagram Protocol (UDP)
        1. Connectionless, faster, no Acknowledgement and lost data (e.g. for streaming video)
  3. Media Layers
    1. Packet: 3. Network Layer (Router)
      1. Variable-length packets or data sequences (datagrams) addressed, routed and delivered (may be unreliable)
      2. IPv4, IPv6 (see IP Address)
      3. DHCP (dynamic host control protocol)
        1. Assign IP Address to host (e.g. wireless hotspot)
    2. Frame: 2. Data Link Layer (Switch)
      1. Reliable, point-to-point data connection
        1. Media Access Control Layer (MAC layer, MAC Address)
          1. Controls network data access
          2. Hardware physical hex address specific to each individual device (PC, phone, modem...)
          3. MAC Address is 48 bits: Six hex pairs (8 bits per pair), with last 24 bits (3 hex pairs) vendor specific
          4. Switch is aware of each connected device's MAC address
        2. Logical Link Control Layer (LLC layer)
          1. Controls packet synchronization and error checking
      2. ARP (address resolution protocol)
        1. TCP uses for Communication for cases in which only neighboring Host IP Addresses are known
        2. Resolves hardware addresses
      3. Troubleshooting
        1. Is the switch operational (status light green)
    3. Bit: 1. Physical Layer (Network Internet Card or NIC)
      1. Includes cables, hubs and adapters over which data must travel
      2. Data connection (may be unreliable)
      3. Troubleshooting
        1. Ethernet cable plugged in and functional (or wifi turned on)
  4. Resources
    1. http://en.wikipedia.org/wiki/OSI_model

XII. Differential Diagnosis: Networking Problems

  1. No Connectivity to network
    1. WLAN or Wi-Fi radio turned off on computer or device via hardware switch or internal setting
    2. WLAN settings are not remembered by computer
    3. Ethernet cable is disconnected or has a defect
  2. Limited Connectivity
    1. DNS server offline or unreachable (if can access the host by IP Address, but not by hostname)
  3. Local Connectivity only
    1. Router offline
    2. DHCP issue
  4. Intermittent or Inconsistent Connectivity
    1. Poor WiFi Signal
    2. Defective Ethernet cable or port
  5. Router assigned Link Local Address (Automatic IP Address or APIPA)
    1. Computer unable to connect to DHCP Server
    2. Router not forwarding calls to DHCP from computer (check router forwarding rules)
  6. IP Conflict Error
    1. Duplicate IP Address on network (check DHCP and identify conflicting device)
  7. Slow network transfer speeds
    1. Wi-Fi misconfigured to use slower speed
    2. Half-duplex Internet (confirm high speed full-duplex internet on ethernet card AND network switch settings)
      1. Half-Duplex: Only 1-way communication at a point in time (send or receive but not both)
      2. Correct to Full-Duplex
  8. Low Wi-Fi radiofrequency signal
    1. Inconsistent connection
    2. Poor Wi-Fi coverage (check heat-map survey of signal strengths)
  9. SSID not found
    1. Disabled SSID broadcast on Wireless Access Point
    2. Wi-Fi Radio disabled on client

XIII. Management: Network Utilities

  1. Wire Shark
    1. https://www.wireshark.org/
    2. Visualize network traffic frame-by-frame (data layer 2, switch level)
    3. Use with a network hub (see above) to monitor traffic to another computer on the network
  2. Wireless Locators and Analyzers (e.g. Acrylic WiFi, Ekahau Heat Mapper, inSSIder)
  3. Windows command line (most have been replaced by Powershell commands)
    1. Ipconfig
      1. Ipconfig /all : shows all configuration information
      2. Ipconfig /release : relinquishes DHCP assigned local IP lease
      3. Ipconfig /renew : reassigns an IP lease to the requesting client
    2. Ping
      1. Type "ping" (or ping /?) without any parameters and will give help
      2. Ping localhost : Confirms basic IP stack works on client system (default to IPv6 addresses)
      3. Ping -4 locahost : Same as previous command, except forces use of IPv4
      4. Ping host name
      5. Ping IP_addreess : Bypasses DNS
    3. Pathping
      1. Pathping URL
    4. Trace Route (Tracert)
      1. Shows path that traffic takes from start to finish
      2. Identifies network bottle necks
    5. Netstat
      1. Demonstrates connections both inside and outside network
    6. NBTstat (relatively defunct, replaced by other tools)
      1. Protocol statistics and current TCP/IP statistics
    7. Net
      1. Net use * \\server\share
        1. Allows for interaction with shared folder on network
    8. NsLookup
      1. Interrogate DNS server - enters command line shell
    9. Active Directory tools (active directory must be installed/enabled)
      1. Netdom (command line tool)
      2. Dsa.msc (gui tool)
  4. Windows Utilities
    1. Network Connections (ncpa.cpl)

XV. References

  1. Desai (2014) Systems, Databases and Networks, AMIA’s CIBRC Online Course
  2. Warner (2016) CompTia A+ Networking, Pluralsight, accessed 1/14/2017

Images: Related links to external sites (from Bing)

Related Studies