==============================================================================

( CCNA Network Definitions, Methodologies & Terminologies )

=================================================================================
- [Networking Model]:
==================
- Define (Rules) - (Rule-1) Define How Part-1 of the
(Network) should work.
- (Rule-2) Define How Part-2 of the
(Network) should work.
: : :
: : : :
- (Rule-n) Define How Part-n of the
(Network) should work.
- Define How all the Parts should work together, so that the entire
Network functions correctly.
==============================================================================
- [Network Topologies]:
======================
- The (Layout) of how a (Network) communicates with different
devices is called a (Topology), and here are the different (Types of Topologies):
- (Star Topology):
- In a (Star Topology) all (Nodes), where a [Node is a
(Computer, Bridge, Hub, Switche, or Router)], are connected to a (Central Wiring
Point), such as a (Hub, or Switch),
And all (Data) on a (Star Network) passes
through this (Central Point) before continuing to its (Distenation).
- One of the major benefits of such (Topology) is (If
one Computer fails or there is a (Cable break), the other (Computers) won't be
affected, because each (Computer) has its own (Cable Connection)).
- A (Disadvantage) of this (Topology) is (If the
[Central Point (Hub/Switch)] fails, then the entire (Network) goes down, i.e. all
the (Computers) on that (Central Point) will be affected),
And this is called a (Single Point Failer).

- (Bus Topology):
-
==============================================================================
- [(TCP/IP) and Subnet Masking]:
===============================
- [(TCP/IP) Transmission Control Protocol/Internet Protocol]: Is an
example of a (Network Model) which is the (Standard) and the most widley used
(Networking Model).
` Support for (TCP/IP) can be found on practically every computer
(Operating System) in existence today, from (Mobile phones to Mainframe Computers).
- The (OS) on the computer implements parts of the TCP/IP Model.
The (Ethernet card/Wireless LAN card), built in to the computer implements (Some
LAN standards) referenced by the (TCP/IP model).
In short, the (vendors) that created the (hardware &
software) implemented TCP/IP.
- The [(IP) Protocol] is one of two of the main [(TCP/IP) Protocol
Suite].
- The [(IP) Protocol] deals with such things called [(IP)
addresses, Subnet Mask, Default Gateway, DNS, ... extra].
- The [(IP) Protocol] is what allows (2-Computers) to (figure-out)
where the other one is, so they can start communication.
-
-

==============================================================================
 - [Network (Topology, Components, Devices, or Nodes)]:
=====================================================
- (Hub):
- (Hubs) of course forward (Broadcasts), because (Hubs) do
not even think about the (Electrical signal) as an (Ethernet frame).
- LAN hubs do not place each interface into a separate
collision domain.

- (Bridges):
- (Bridges) Use the same (Forwarding logic) as (Hubs), and
upon do (Flooding LAN Broadcasts).
- LAN (Bridges),Which use the same logic as (Switches),
placed (each Interface) into a (Separate Collision Domain).

- (Switch):
- Is a (Network Device) that Connects Multiple PCs to form a
(Single Local Area Network).
- It (Recieves) a (Requist/Packet) from a (Specific Source
Interface Port) and (Sends) it to a (One Specific Destination Interface Port).
- There are (2-Types) of (Switchs), those are:
- [(Layer-2) Switchs]:
- [Multi-Layer(Layer-2 & Layer-3) Switchs]: It
Contains both devices (Switch & Router) combined in (One device), it also containes
a (Grate Number of Interface Ports) that
Its number can be devided & assigned
optionaly between both entities, the (Switch) & the (Router) in any suitable
(Ratios).
- LAN (Switches) place each (Separate Interface) into a
(Separate Collision Domain).
- (Switches) Use the same (Forwarding logic) as (Hubs), and
upon do the process of (Flooding LAN Broadcasts).

- (Router):
- Is the (Only Network Component) that has the ability to
(Attach Together) more than One (Network) to communicate easily as the case of
being (One Huge Network),
- Although some Networks might be in a different
communication technologies.
i.e. it can keep permenant linkage between different
Networks, even if they are in different technologies.
- It's also the (Only Network Component) that has the ability
to (Recieve) the so called (Packet/Requist) from a (Specific Source Network) and
(reDirect/send it) to a (Specific Distenation Network).
- Each (Interface Port) in the (Router) consider individualy
to be a (Completely Separated individual Network) from any others adjacent
(Interface Port), Hence each (Interface) is a (Broadcast Domain).
- The (Router) is the (Only Network Component) that doesn't
forward a (LAN Boadcast).
- The (Routers), as a side effect of their (Routing logic),
do not forward (Ethernet Broadcast Frames), so they (Separate a Network) into
(Separate Broadcast Domains).
- (Routers) place each (LAN Interface) into a separate
(Collision Domain). (The term (Collision Domain) does not apply to (WAN
Interfaces).
- Routers are networking devices that connect the parts of
the TCP/IP network together for the purpose of [Routing (forwarding)] IP packets to
the correct destination.
- Routers do the equivalent work done by each post office
site:
 They receive IP packets on various physical
interfaces, make decisions based on the IP address included with the packet, and
then physically forward the packet out some other network interface.

- (Modern LANs):
- A (Modern LANs), with all (LAN Switches & Routers), with
(Full Duplex) on each (Link), would not have (Collisions) at all.
- In a modern LAN with all switches and routers, even though
full duplex removes collisions, think of each Ethernet link as a separate collision
domain when the need to troubleshoot arises.
-

==============================================================================
- [(SDN) Software Defined Network]:
- [(Northbound/Southbound) Interfaces]:
- Northbound Interface: Is an [(API) Application Programming
Interface] or [Protocol] that allows a Lower-level Network Component to establish a
communication with a higher-level or more Central Component.
- Southbound Interface: While, conversely, Southbound
Interface allows a Higher-level Component to (Send Commands) to (Lower-level
Network Components].
- The higher-level elements (Control) the Lower-level ones. The
Lower-level elements may be (Ask/Requist) the Higher-level ones.
- Some designs also have east-west interfaces for communication
among peers.
- [(Northbound/Southbound) Interfaces] are most associated with
[(SDN) Software Defined Network] , but can also be used in any (System) that uses a
(Hub & spoke) or (Controller & Nodes) Architectures.
- [(Northbound/Southbound) Data-flow/traffic]:
- [(East/West) Interfaces]:
-
-
-
==============================================================================
(World Wide International, Regional and Local Organizations)
==============================================================================
- [(RIR) Regional Internet Registry]:
- [(RIR) Regional Internet Registry] (Manages the (Allocation &
Registration) of (Internet Number Resources) in a (Particular region) of the world
and (Maintains) a (Unique registry) of all (IP numbers) issued.
- (Internet Number Resources): Include [IP addresses (IPv4 and
IPv6)] and. [(ASN) Autonomous system Numbers].
- [(ASN) Autonomous System Numbers]:
- Is a (Unique Identifier) that is globally available
and allows its (Autonomous System) to (Exchange Routing Information) with other
systems.
- Is a globally unique identifier that defines a group
of one or more IP prefixes run by one or more (Network Operators) that [Maintain a
single, clearly-defined (Routing policy)].
These groups of (IP prefixes) are known as
(Autonomous Systems).
==============================================================================
- [(CSMA/CD) Carrier Sense Multiple Access with Collision Detection]:
- A (Collision Domain): Is the set of NICs and (Device Ports) for
which if the (NICs) sent a (frame) at the same time, the (frames) would (Collide).
==============================================================================
- The [(OSI) (7)-Layers Networking Model]:
- The (Application Layer):
- [(TCP/IP) Application layer Protocols] provide
(Services) to the (Application software) running on a computer.
- The [(TCP/IP) Application layer] doesn't define the
(Application) itself, but it defines (Services) that (Applications) needs.
- In short, the (Application layer) provides an
(Interface) between (Software) running on a computer and the (Network) itself.
- [(TCP/IP) Application layer] has many protocols
exist, The most popular (TCP/IP application) today is the (Web browser), that
mostly use the [(HTTP) Application Layer Protocol].

- The (Representaion Layer):

- The (Session Layer):

- The (Transport Layer):

- Transport layer protocols provide services to the
application layer protocols.
- The [(TCP/IP) Transport layer] includes a smaller
number of protocols. The two most commonly used protocols are the [(TCP)
Transmission Control Protocol] & the [(UDP) User Datagram Protocol].
- [(TCP) Error-Recovery] Services is Provided by the
[(TCP/IP) Transport layer Protocols] to [Application Layer's HTTP Protocol].

- The (Network Layer):

- The [(TCP/IP) Network layer] includes a small number
of (Protocols), but its only one major (Protocol) is the [(IP) Internet Protocol].
- [Real Live Example]:
Just as the (Postal Service)
created the necessary (Infrastructure) to (Deliver letters), i.e. :
- It (Created) the
(Physical resources), such as (Post Offices, Sorting Machines, Trucks, Planes, and
Personnel).
- It (Defined) the
(Logical resources), such as (The Address Format and upon the Letter's Envelope
Stamp neumber and types).
- The [(TCP/IP) Network
layer] also (Defines) the (Details) of the [(TCP/IP) Network Infrastructure] as
follow:
- It Defines
the (Address) [Formats, Types, Categories, ...], Why?
(IP)
Defines addresses for the following important reasons:

- Each device that uses TCP/IP, i.e. (each TCP/IP host), needs a (Unique
Address) so that it can be identified in the network.

- (IP) also defines how to group addresses together, just like the postal
system groups addresses based on postal codes (like ZIP codes).
- It Defines
the (Routing) [Mechanisms, ...]
-
- (IP) provides several (Features), but the (Most-2)
important features are, [Addressing & Routing].
- (IP host) refers to (Any Device), regardless of size
or power, that has an (IP address) and connects to any (TCP/IP Network).
- In sending a (Packet) from an [IP Host Server (Local
Network LAN-src/Router R-src)] to an [IP Host Client (Local Network LAN-dst/Router
R-dst)] Over a set of (N-Routers),
(i.e.): [ (R-src) + [Routers(Rj), j= 1,..., n-2]
+ (R-dst) ],
Where: (IP Host Server): Is the (Source)
from which the (Packet) will be sent.
---(LAN-src)----: Is the Local Area
Network that the (Source Server) belongs to.
----(R-src)-----: Is the (Most
Nearby Router) on the same (LAN—src), with the expectation that (R-src) will know
[How to forward the (Packet)].

===================================================================================
===============================================================
(IP Host Client): Is the
(Distenation) to which the (Packet) will be reached.
---(LAN-dst)----: Is the Local Area
Network that the (Distenation Client) belongs to.
----(R-dst)-----: Is the (Most
Nearby Router) on the same (LAN—dst).

===================================================================================
===============================================================

Then the detailed (Trip) of this (Packet) goes

logically from the (IP Host Source) to the (IP Host Distenation) like this:
- Step(1): - The (Host Server)’s IP
process will choose to send the (Packet) to a nearby (Router) on the same (LAN-
src), that is (R-src) that is expected to know (HowTo) forward the (Packet),
- Here: The
Transmission goes dirctly from: ( [Source (Host Server)] --- To ----> [Most
Nearby Router (R-src)] ).
- (Details):
- [The (Host
Server) encapsulates the (IP packet) between an [(Ethernet header) & (Ethernet
trailer)], creating an (Ethernet frame)],
- Then
(Physically) transmits the [Digital Signal(Bits)] of this (Ethernet frame), as
[Analoge Signal(Electrical wave)] using electricity flowing over the (Ethernet
Cabling).
- Router (R-
src) physically receives the electrical signal over a cable, and re-creates the
same (Bits) by interpreting the (Electrical Signals).

- Step(2): Router (R-src) receives the IP

packet, and (R-src)’s (IP process) makes a (Decision), (R-src) looks at a
destination address (2.2.2.2), compares that address to its known (IP routes),
And chooses to forward the
packet to Router R2. This process of forwarding the (IP packet) is called (IP
routing), or simply (routing).

- Step(3): Router R2 repeats the same kind of

logic used by Router (R-src). R2’s (IP process) will compare the (Packet)’s
(Destination IP address) to R2’s known (IP routes),
And make a choice to forward
the packet to the right next (Router), and so on tel

- The (Data Link Layer):

 -
- The (Ethernet Network), which implements (Link-layer
Protocols), must then be used to deliver that packet from a (Host) over to router
R1.

- The (Physical Layer):

==============================================================================
- [Firewall (Definition & Types)]:
=================================
- (Firewall Definition):
- (Firewall) is a (System) that is designed to (Prevent
Unauthorized Access) from entering a (Private Network) by (filtering) the
(Information) that (Comes In) from the (Internet).
It [(Blocks) Unwanted traffic] and [(Permits) Wanted
traffic], so it (Filters) the (Incoming Data Packets) and (Determinds) by its
(Access Rules) if it's (Allowd) to enter the (Network).
- One Way by which the (Firewall) Controls the (Traffic)
coming (Into & Out) of the (Network) is through its [Access Control List(ACL)],
which is defined as follow:
- [Access Control List(ACL)]: Is a (Set of Rules)
on (What can access the network), i.e. it either [Grant(Allow)] or [Revoke(Deny)]
Network (Access Permissions).
- [(Implicit Deny)]: Most (Firewalls) comes
with a (Default Rule) of an (Implicit Deny), meaning that the (Firewall) only
(Allow) traffic specificaly (Allowed) in the (ACL).
- [Granting/Revoking Permissions] in a (Firewall)
can be done through the following 2-Methods:
- (Totally) : Through
(Granting/Revoking) a (Total Permission) to a (Device) in terms of its (IP
address) in the [Access Control List(ACL)],
- Example: |
=====[Access Contains List]=====| |
===================================================================================
=======================================
|
(162.213.214.140) Allow | | Here, Only (2-Devices) are (Allowed) to
have (Access) to the (Network), (i.e.) (Allow)-- means --> (Get Network Access).
|
(054.021.066.112) Allow | | Here also, (1-Device) is explicitly and
entirly (Denied) to have (Access) to the (Network), both in terms of each (IP
address)],
|
(040.055.130.066) Deny | | Hence the (Access) is (General), not
specific to any [Certain (/Port Numbers/Protocols)].
|
================================| |
===================================================================================
=======================================

- (Partially) : Through
(Granting/Revoking) a (Partial Permission) to a (Device) in terms of a (Specific
Port Numbers) in the [Access Control List(ACL)],
- Example: |
=====[Access Contains List]=====| |
===================================================================================
=======================================
|
Port(80) Allow | | Here on the (ACL), there is Only (1-Rule)
that (Allows) [Port(80)] the (Device) can [Only Access(Web Pages)]
|
Port(xx) Deny | |
|
: : | |

=================================| |
===================================================================================
=======================================
- Firewall Types:
- (Host Based Firewall):
- Network Based Firewall:
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
==============================================================================( Acr
onyms )============================================================================
==
- [(IPS) Intrusion Prevention System]:
- [(DPI) Deep Packet Inspection]:
- [(NGFW) Next Generation FireWalls]: Is a (2) in (1) Solution Network
Device, i.e. it contains both (Firewall & IPS).
-
-
-
-
-
-
-
-
-
-
-