Tuesday, February 24, 2015
Wednesday, September 17, 2014
NAT
-NAT is the process of mapping one IP to another IP
-NAT is used to save public IP
-It provides security by hiding the internal IP
Types of NAT
-Static NAT (one to one)
-Practically what we do is dynamic source or destination NAT which depends on the purpose
-In case of accessing a public hosted web server, we are using a dynamic destination NAT rule, where all the requests coming to the public IP of that web server will be mapped to a internal private IP
-A group of internal users accessing internet can be done using a dynamic source NAT rule, where all the internal requests are mapped to a external public IP
-NAT is used to save public IP
-It provides security by hiding the internal IP
Types of NAT
-Static NAT (one to one)
- One private IP is mapped to one public IP
- Generally used for hosting public servers
- Many private IPs are mapped to many public IPs
- Can only be configured for outbound trafiic
- Many private IPs are mapped to one public IP
- All users can access internet at the same time
- Can only be configured for outbound traffic
-In case of accessing a public hosted web server, we are using a dynamic destination NAT rule, where all the requests coming to the public IP of that web server will be mapped to a internal private IP
-A group of internal users accessing internet can be done using a dynamic source NAT rule, where all the internal requests are mapped to a external public IP
Basic command line and run utilities
cmd utilities :
ipconfig - network configuration details
nslookup - dns details
ping - checks connectivity
wuauclt /detectnow - checks Windows updates from WSUS server
ipconfig /flushdns - flush dns entries
ipconfig /registerdns - register dns entries
gpupdate /force - updates group policies
run utilities :
mstsc - RDP
windowsupdate.log - log file for Windows updates
services.msc - services
gpmc.msc - group policy management
dsa.msc -AD users and computers
inetcpl.cpl - Internet properties
diskmgmt.msc - disk management
compmgmt.msc - computer management
devmgmt.msc - device manager
eventvwr.msc - event viewer
msconfig - system configuration
regedit - registry editor
ipconfig - network configuration details
nslookup - dns details
ping - checks connectivity
wuauclt /detectnow - checks Windows updates from WSUS server
ipconfig /flushdns - flush dns entries
ipconfig /registerdns - register dns entries
gpupdate /force - updates group policies
run utilities :
mstsc - RDP
windowsupdate.log - log file for Windows updates
services.msc - services
gpmc.msc - group policy management
dsa.msc -AD users and computers
inetcpl.cpl - Internet properties
diskmgmt.msc - disk management
compmgmt.msc - computer management
devmgmt.msc - device manager
eventvwr.msc - event viewer
msconfig - system configuration
regedit - registry editor
Router
-Router is a Layer -3 device (i.e, works in network layer)
-Main function of a router is routing/ internetworking
-It can be a dedicated hardware router or a software router
-In a production environment we use dedicated hardware routing devices (eg: CISCO, JUNIPER etc.)
-A router does packet switching, i.e, from one interface to another interface of the same router
-It also does packet forwarding
-It performs best path selection
-Considering the CISCO hierarchical model we have different types of routers
-Main function of a router is routing/ internetworking
-It can be a dedicated hardware router or a software router
-In a production environment we use dedicated hardware routing devices (eg: CISCO, JUNIPER etc.)
-A router does packet switching, i.e, from one interface to another interface of the same router
-It also does packet forwarding
-It performs best path selection
-Considering the CISCO hierarchical model we have different types of routers
- Access layer routers
- Distribution layer routers
- Core layer routers
- Modular router (up-gradable)
- Fixed router ( not up-gradable)
VLAN
-VLAN stands for Virtual LAN
-VLAN provides L2 security
-Divides a single broadcast domain into multiple broadcast domains
-By default all ports of a the switch are in VLAN 1
-VLAN 1 is known as administrative VLAN or management VLAN
-VLAN can be created from 2 - 1001
Static VLAN
-Static VLANs are port based and hence they are also called as port based VLANs
-Ports have to be manually assigned to a VLAN
-A port can be a member of a single VLAN
Dynamic VLAN
-Dynamic VLANs are based on the MAC address of a device
-Switch automatically assigns the port to a VLAN
-Each port can be a member of multiple VLANs
-For dynamic VLAN configuration, a software called VMPS (VLAN Management Policy Server) is needed
-VLAN provides L2 security
-Divides a single broadcast domain into multiple broadcast domains
-By default all ports of a the switch are in VLAN 1
-VLAN 1 is known as administrative VLAN or management VLAN
-VLAN can be created from 2 - 1001
Static VLAN
-Static VLANs are port based and hence they are also called as port based VLANs
-Ports have to be manually assigned to a VLAN
-A port can be a member of a single VLAN
Dynamic VLAN
-Dynamic VLANs are based on the MAC address of a device
-Switch automatically assigns the port to a VLAN
-Each port can be a member of multiple VLANs
-For dynamic VLAN configuration, a software called VMPS (VLAN Management Policy Server) is needed
OSI layers
OSI stands for Open Systems Interconnect is a conceptual model that standardize the communication between networked systems. The 7 layers of OSI model is as follows :
-Physical layer
-Data link layer
-Network layer
-Transport layer
-Session layer
-Presentation layer
-Application layer
-Physical layer
-Data link layer
-Network layer
-Transport layer
-Session layer
-Presentation layer
-Application layer
IP address
IPV4 - 32 bit address
IPV6 - 128 bit address
Public addresses
Format : x.x.x.x (where each 'x' is a 8 bit value)
IPV4 is divided into the following 5 classes, which is based on the decimal value of the first octet
Class A : 0 - 126.x.x.x (first octet forms network ID-NID and last three octets forms host ID-HID)
Class B : 128 - 191.x.x.x (first 2 octets forms NID and last 2 octets forms HID)
Class C : 192 - 223.x.x.x (first 3 octets forms NID and last octet forms HID)
Class D : 224 - 239.x.x.x (used for multicast)
Class E : 240 - 255.x.x.x (used for research purpose)
Private addresses
Class A
Range : 10.0.0.0 - 10.255.255.255
Total number of networks : 1
Class B
Range : 172.16.0.0 - 172.31.255.255
Total number of networks : 16
Class C
Range : 192.168.0.0 - 192.168.255.255
Total number of networks : 256
IPV6 - 128 bit address
Public addresses
Format : x.x.x.x (where each 'x' is a 8 bit value)
IPV4 is divided into the following 5 classes, which is based on the decimal value of the first octet
Class A : 0 - 126.x.x.x (first octet forms network ID-NID and last three octets forms host ID-HID)
Class B : 128 - 191.x.x.x (first 2 octets forms NID and last 2 octets forms HID)
Class C : 192 - 223.x.x.x (first 3 octets forms NID and last octet forms HID)
Class D : 224 - 239.x.x.x (used for multicast)
Class E : 240 - 255.x.x.x (used for research purpose)
Private addresses
Class A
Range : 10.0.0.0 - 10.255.255.255
Total number of networks : 1
Class B
Range : 172.16.0.0 - 172.31.255.255
Total number of networks : 16
Class C
Range : 192.168.0.0 - 192.168.255.255
Total number of networks : 256
Subscribe to:
Posts (Atom)