December 5, 2018
Networking Part 3: Routing Metrics, Tables, Broadcast Domains, SPAN Ports
December 5, 2018
“Qualities used to determine best path”• Hop count: how many other routers does a signal need to pass?• Maximum Transmission Unit (MTU): The maximum size of a single packet we can send. Bandwidth and ports limit how much data can be pushed through• Casts: reliability, Roundtrip, cost etc.• Latency: The amount of delay we have on a link. (How long the distance it takes for others to stop responding.)Routers use different protocols to determine the best path:• Link state: COST BASED This is a cost-based protocol.• Distance Vector: HOPS BASED Just based on the number of ‘hops’• Hybrid: A mixture of distance vector and link state, it uses ‘hop’ count and cost
• path vector: maintains the path information and updates it dynamically
Static Routing tables
“Static Routing Tables are manually set routing settings for locations”
Statically configurating the settings in a router can be useful if you don’t want specific devices or settings to interfere with your main network. It is not a protocol, but a manual configuration and selection or network route used to limit choices.
Dynamic Routing Tables
“Dynamic Routing tables will automatically find the best path for location”
The Dynamic Routing table does not send data or transmit packages. They work with IPs and information about the networks to figure out the best path to locations based on the given routing metrics. This is all done automatically if the configuration is set to dynamic routing table. Below is a chart describing the basic protocols used and how they operate.
IGPInside network (The part of the router facing inwards)Distance Vector:RIP less hops (15 max), not handling classless IPsIGRP more hops, not handling classless IPs, CISCORIPv2 more hops, handling classless IPsLink state:OSPF Most common IGP, handling classless IPs, CISCOHybrid of Distance & Link state:EIGRP Enhanced IGRP, handles classless IPs, CISCOEGPConnecting out to the external internet (The part of the router facing outwards)Path-vector:BGP one speaker node per domain of routers “here's my info. Let's share and measure hop counts"
“The part of a network that anything can be broadcasted”
A Broadcast Domain is an area of a network where packets can and will be broadcasted to everyone. These domains are used through HUBs, Switches and Bridges. It operates on the Layer 2 of the OSI model, which means that the data will not pass through a router.
“The ability to make sure the broadcasted packets won’t crash and collide”
Collision domains involve two devices trying to communicate simultaneously and therefore creating data collisions. When a collision domain is set up, only one device is allowed to transmit at one time. Each device sets a random back off timer and will attempt to resend the data after the timer expires and the next device can transmit. HUBs create a larger segments of collision domains since they keep broadcasting packages simultaneously.
Port mirroring (Switched Port Analyzer - SPAN)
“The listening port that sniffs all data traffic”
When setting up a mirrored port you enable data to be copied and directed to one specific port or a VLAN. This is a great way to analyze and monitor network traffic. When using Wireshark, a SPAN port is set up and you’re using port mirroring to capture all data being sent over your network.
Devices can't talk on this port befcause mirrored ports are set up to just get/receive data. Remember the port is not receiveing the original data, only a copy.
>Configure port to have all data mirrored to it>Captures network data>Diagnostics/research
>Intruder Detection System (just sits and watches if something happens)