Networking Part 4: Convergence, STP, Switching Loops, NAT & PAT
«When settings are synchronized in a network»When all routers in the same internetwork have same topology and information, having caught up with each others. Routing tables and the most useful paths are being exchanged along with other information.Also known as the Network routing «Nirvana».
«When loops form and can eventually shut down our network»
A Switching loop or bridge loop occurs when a device is being sent a packet and it broadcasts it back to the same device which is then done in a loop. This could be multiple connections between switches or devices connected to the same port.>Spanning tree protocols helps minigate loops and finding out where they form, blocking them.>Change device>Temporarily change topology
Spanning Tree Protocol
«The protocol used to prevent broadcast loops»
Spanning tree protocol is a network protocol that builds a loop-free logical topology for networks. The basic function of STP is to prevent bridge loops and the broadcast radiation that results from them.
If a computer sends a broadcast message to all other computers which then broadcast around again, it will build a loop. STP offers blocking of sending/recieving of specific devices to stop loops from forming.
Network Address Translation
«The process of assigning private IPs to public IPs»
Is the process where a network device, usually a firewall, assigns a public address to a computer (or group of computers) inside a private network. It translates the requests from a public address ↔ a private address. If a packet is sent to 220.127.116.11 on public address it will be translated to 192.168.1.1 on the private address. The main use of NAT is to limit the number of public IP addresses, for both economy and security purposes.
There are two different types:
«Manually setting permanent IPs»A static NAT allows private and public IP addresses to be «permanently» mapped to each other. For each public address, there is a private address, allowing us to have a one-to-one mapping.Dynamic:
«Maps addresses from a pool of IPs»A dynamic NAT allows private and public address to be automatically mapped from a pool of IP addresses. Each internal device that needs access to the internet can request and select from this pool and connect with the new public IP. It is usually not found within smaller networks, but larger and more complex networks.
Port Address Translation (NAT Overloading)
«The process of assigning more than one device to the same IP address»
PAT allows us to have multiple private IPs mapped to a single public IP. The same devices send same requests to same web server. It divides different ports to the devices and sends the same information on different ports. In other words, the information is sent to the same IP address, but each device gets it from different ports it is listening to. It is useful because we have run out of many IPv4 addresses these days.
Do you like to write about your infosec knowledge, skills, opinions, or exploits?
Publish your original research, tutorials, articles, or other written content on Cybray's blog to be seen by thousands of infosec readers daily!