- Network Monitor – Tracks usage of network resources(good for establishing a network baseline).
- Performance Monitor – Tracks usage of various resources over time(good for establishing a general baseline).
- Tone Generator – Used to test cabling. Identifies which cable or wire is being tested by generating different tones.
- TDR (Time Domain Reflectometer): Sends a signal down a cable and measures the distance that the signal travelled before bouncing back(like sonar). Used to find opens and shorts in cables.
- Oscilloscope – Tests cable by determining where there are shorts, crimps or attenuation.
- Protocol Analyzers – This tool is used to monitor network traffic and display packet and protocol statistics and information.
- Optical Testers – A tool used to monitor and troubleshoot the performance of a fiber optic network.
- Crimping Tools – Crimping tools are used to connect cabling to theirappropriate connectors. There are different crimping tools for different types of connections.
- Punch Down Tool – A punch down tool is used to connect cabling such as telephone and Ethernet to wall jacks.
Posts tagged Network+
This section discusses network management, storage and recovery concepts:
- VLAN – A virtual LAN is a local area network with a definition that maps workstations on some other basis than geographic location (for example, by department, type of user, or primary application). The virtual LAN controller can change or add workstations and manage loadbalancing and bandwidth allocation more easily than with a physical picture of the LAN. Network management software keeps track of relating the virtual picture of the local area network with the actual physical picture.
- Fault Tolerance – Fault-tolerance describes a computer system or component designed so that, in the event that a component fails, a backup component or procedure can immediately take its place with no loss of service. Fault tolerance can be provided with software, or embedded in hardware, or provided by some combination. This is an important component of disaster recovery which is being included more and more in operating system software. For example, Windows 2000 includes RAID and tape backup functions although additional hardware is required.
- Network Attached Storage – Network Attached Storage, or NAS, is a data storage mechanism that uses special devices connected directly to the network media. These devices are assigned an IP address and can then be accessed by clients via a server that acts as a gateway to the data, or in some cases allows the device to be accessed directly by the clients without an intermediary. Some of the big advantages of NAS include the expandability; need more storage space, add another NAS device and expand the available storage. NAS also brings an extra level of fault tolerance to the network. In a direct attached storage environment, a server going down means that the data that that server holds is no longer available. With NAS, the data is still available on the network and accessible by clients. Fault tolerant measures such as RAID can be used to make sure that the NAS device does not become a point of failure.
This section describes some of the various protocols and services used for remote and secure connections.
- RAS – RAS stands for “Remote Access Service”, Microsoft’s term for modem pools. This service provides dial-in access to networks and to the Internet.
- PPP – Point-to-point Protocol (PPP) is a method for connecting a personal computer to the Internet using a standard phone line and a modem. The difference between PPP and other, older dial-up procedures is that a PPP setup will establish a direct Internet connection that allows the PC to use TCP/IP (Internet-based) applications.
- PPTP – The Point to Point Tunneling Protocol (PPTP) provides for the secure transfer of data from a remote client to a private server by creating a multi-protocol Virtual Private Network(VPN) by encapsulating PPP packets into IP datagrams. Setting Up PPTP requires a PPTP Client, PPTP Server and a Network Access Server(NAS). PPTP does not support the Appletalk protocol.
- IPsec – IPSec is a suite of Internet-standard protocols that allow secure, encrypted communications between two computers over an insecure network. IPSec provides end-to-end security, meaning that the IP packets are encrypted by the sending computer, are unreadable en route, and can be decrypted only by the recipient computer.
- L2TP – L2TP creates a tunnel through a public network that is authenticated on both ends, uses header compression, and relies on IPSec for encryption of data passed through the tunnel. L2TP works like PPTP in that it creates a “tunnel”, but uses IPSec encryption in order to support non-IP protocols and authentication.
- SSL – SSL (Secure Sockets Layer) uses a technique called public-key cryptography to provide encrypted connections. This enables you to move information across the Internet with confidence that it will not be intercepted or modified in transit. This is heavily used in e-commerce and can be identified by a URL that begins with HTTPS.
- Kerberos – This form of security has been evolving in the Unix world for a long time and is now becoming a standard. Kerberos provides mutual authentication between a client and a server or between servers before a network connection is opened between them. Rather than sharing a password, computers share a cryptographic key, and they use knowledge of this key to verify each other’s identities. Kerberos security only works with computers running Kerberos security software.
This section outlines some common WAN technologies you will need to know:
- Packet and Circuit Switching – Packet switching refers to protocols in which messages are divided into packets before they are sent. Each packet is then transmitted individually and can even follow different routes to its destination. Once all the packets forming a message arrive at the destination, they are recompiled into the original message. Most modern Wide Area Network (WAN) protocols, including TCP/IP and Frame Relay are based on packet-switching technologies. In contrast, normal telephone service is based on a circuit-switching technology, in which a dedicated line is allocated for transmission between two parties. Circuit-switching is ideal when data must be transmitted quickly and must arrive in the same order in which it is sent. This is the case with most real-time data, such as live audio and video. Packet switching is more efficient and robust for data that can withstand some delays in transmission, such as e-mail messages and Web pages.
- ISDN – Integrated Services Digital Network (ISDN) is comprised of digital telephony and data-transport services offered by regional telephone carriers. ISDN involves the digitalization of the telephone network, which permits voice, data, text, graphics, music, video, and other source materials to be transmitted over existing telephone wires. There are 2 types of ISDN channels:
- B (bearer) – Transfers data at 64Kbps. An ISDN usually contains 2 B channels for a total of 128kbps.
- D (data) – Handles signalling at either 16Kbps or 64Kbps(sometimes limited to 56Kbps) which enables the B channel to strictly pass data
- FDDI – Fiber Distributed Data Interface (FDDI) is an appealing choice for high-speed data networking. Essentially, it is a very high-speed token ring network connected by optical fibers. With a data transfer rate of 100Mbps, the ring can support up to 500 nodes with as much as 2 km of spacing between adjacent nodes.
- ATM – ATM stands for Asynchronous Transfer Mode and is a high-speed, packet-switching technique that uses short fixed length packets called cells. ATM can transmit voice, video, and data over a variable-speed LAN and WAN connections at speeds ranging from 1.544Mbps to as high as 622Mbps. ATM is capable of supporting a wide range of traffic types such as voice, video, image and data.
- Frame Relay – Frame relay is a secure, private network that utilizes a logical path or “virtual circuit” to allocate bandwidth for high performance transmissions. Frame relay is the premier high-speed packet-switching protocol communicating data, imaging, and voice between multiple locations. Frame relay is available in a range of bandwidths from 56 Kbps to full T1 (1.54 Mbps).
- T-1/T-3 – A T-1 is a dedicated phone connection supporting data rates of 1.544Mbps. A T-1 line actually consists of 24 individual channels, each of which supports 64Kbits per second. Each 64Kbit/second channel can be configured to carry voice or data traffic. Most telephone companies allow you to buy just some of these individual channels, known as fractional T-1 access. T-1 lines are a popular leased line option for businesses connecting to the Internet and for Internet Service Providers (ISPs) connecting to the Internet backbone. The Internet backbone itself consists of faster T-3 connections. T-1 comes in either copper or fiber optics.
- SONET – SONET and SDH are a set of related standards for synchronous data transmission over fiber optic networks. SONET is short for Synchronous Optical NETwork and SDH is an acronym for Synchronous Digital Hierarchy. SONET is the United States version of the standard and SDH is the international version. SONET defines a base rate of 51.84 Mbps and a set of multiples of the base rate known as “Optical Carrier levels.” (OCx). Speeds approaching 40 gigabits per second are possible.
TCP/IP offers several tools that are helpful in the troubleshooting process and provide information to help locate and correct problems. Some of these are listed below:
- ARP – Provides a mapping from the logical 32-bit TCP/IP address to the physical 48-bit MAC address (i.e. translates a IP address into MAC address).
- TELNET – Provides a virtual terminal or remote login across the network that is connection-based and handles its own session negotiation. The remote server must be running a Telnet service for clients to connect. Defaults settings are Port 23 VT100 terminal emulation.
- NBTSTAT – Is used to troubleshoot connectivity problems between 2 computers communicating via NetBT, by displaying protocol statistics and current connections. NBTSTAT examines the contents of the NetBIOS name cache and gives MAC address.
- TRACERT – By sending out ICMP packets, it determines the path taken by a data packet to reach it’s destination and can help determine at what point a network connection is now longer active. Can help troubleshoot network response time issues.
- NETSTAT – Displays in-depth detail about TCP/IP protocol status and statistics.
- WINIPCFG – Displays current TCP/IP configurations on Windows workstations(see also IPCONFIG on Windows NT).
- IPCONFIG – Below are the ipconfig switches that can be used at a command prompt.
– ipconfig /all will display all of your IP settings.
– ipconfig /renew forces the DHCP server, if available to renew a lease.
– ipconfig /release forces the release of a lease.
- PING – Uses ICMP to verify a connection to a remote host by sending echo requests and “listening” for reply packets.
- NSLOOKUP – This tool queries a DNS database for information about DNS objects and can be used to troubleshoot name resolution problems.
General troubleshooting strategy includes the following steps:
- Establish the symptoms
- Identify the affected areas
- Establish what has changed
- Select the most probable cause
- Implement a solution
- Test the result
- Recognize the potential effects of the solution
- Document the solution
Basic TCP/IP troubleshooting steps include:
- Ping 127.0.0.1 – This is the loopback address and verifies that the computer that you are pinging from can communicate via TCP/IP with its own ethernet adapter.
- Ping own IP address – Verifies that a valid IP address was entered for this computer.
- Ping default gateway – Typically this would be the near side of a router. If you can ping this address, then you should be able to ping other hosts on your same subnet.
- Ping far side of router – This will verify that the routing table is correct.
- Ping remote host – If this works then it would appear that there are valid communications.
- If you are unable to connect to a host via host or domain name, see if you can connect to it using its IP address. If so, then you are likely having name resolution problems and should check your DNS configuration.
For the exam troubleshooting section, you will need to know how to solve various problems based on information such as PING/TRACERT/IPCONFIG output, topology type, operating system, network configuration, visual indicators (link lights, collision lights), etc. There will most likely be diagrams that you will have to glean information from.
NAT stands for Network Address Translation and is a commonly used IP translation and mapping technology. Using a device (such as a router) or piece of software that implements NAT allows an entire home or office network to share a single internet connection over a single IP address. A single cable modem, DSL modem, or even 56k modem could connect all the computers to the internet simultaneously. Additionally, NAT keeps your home network fairly secure from hackers. NAT is built in to the most common Internet Connection Sharing technologies around. Microsoft’s implementation of NAT is called Internet Connection Sharing (ICS) and is supported by Windows 98SE and Windows 2000. ICS is a NAT based routing application, designed to share an Internet connection among multiple computers connected via a LAN. ICS can handle both dial-up and broadband based Internet connections. ICS can handle networks with clients running any operating system, as long as the OS supports the TCP/IP protocol. The clients can have their TCP/IP information assigned manually or they can run as DHCP clients, obtaining their TCP/IP settings from ICS’ built-in DHCP server.
TCP/IP networks used to use hosts files to resolve IP addresses to host names or domain names. Networks began growing to the point where the administration and the traffic needed to maintain this file became unbearable and DNS was born. A DNS client(aka resolver) sends requests to the DNS nameserver which responds with the requested info, another server to query or a failure message. This process is very similar to calling information. You call them with a name, they check their database and give you the phone number. There are a variety of roles a nameserver can satisfy within the zone that they are responsible for:
- Primary Nameserver – Gathers DNS information from local files and is a focal point for adding hosts and domains.
- Secondary Nameserver – Gathers the data for its’ zone(s) from another DNS server. Secondary nameservers provide redundancy, traffic on primary server and quicker access for locations that are remote in regards to the primary server.
- Caching Only Nameserver – These do not have a zone that they are responsible for. Their databases only contain info that is received from resolutions that it has made since the server was last started.
Nameservers are distributed into tiers called domains.
Microsoft discusses domains in terms of a hierarchical “domain name space” which they refer to as being like a tree structure. There are several different domain levels as listed below:
- Root level domains – The top of the tree.
- Top level domains – These are divided into different categories. Com, net, mil, edu, org and gov are the most common.
- Second level domains – These domains make up the rest of networks as all sub-domains are categorized under this heading. So if you visit Intel’s site, you are visiting the sub-domain intel.com. Within intel.com many other sub-domains may also exist.
- Hosts – Hosts are the final level in the hierarchy as they are the individual computers that occupy or comprise a domain.
Below are some of the common DNS records and their purpose:
- A – The A-record is used for hosts on a network. It is used to translate human friendly domain names such as “www.mcmcse.com” into an IP-addresses such as 18.104.22.168.
- CNAME – CNAME (canonical name) records are used to create aliases. Often computers on the Internet have multiple functions such as web server, FTP server, mail server etc. To mask this, CNAME-records can be used to give a single computer multiple names (aliases). For example computer “xyz.com” may be both a web-server and an ftp-server, so two CNAME-records are defined: “www.xyz.com” = “xyz.com” and “ftp.xyz.com” = “xyz.com”.
- MX – MX (mail exchanger) records identify mail server(s) responsible for a domain name. When sending an e-mail to “email@example.com”, your mail server must first look up the MX record for “xyz.com” to see which mail server actually handles mail for “xyz.com”.
- NS – NS (name server) records identify DNS servers responsible (authoritative) for a zone.
- PTR – PTR (pointer) records map IP addresses to domain names which is the reverse of A-records.