NetFellas

VPN

VPN (Virtual Private Network)

→ What is VPN?

↪ A VPN (Virtual private network) is a secure connection between two or more endpoints. It can also be seen as an extension to a private network. VPN data is encrypted from one VPN gateway to the other, providing a secure link between two sites over the internet.

Remote Access VPN : - In a remote access VPN scenario which is also known as mobile VPN a secure connection would be made from an individual computer to a VPN gateway. This would enable a user to access their e-mail, files and other resources at work from where ever they may be, providing they have an internet connection.

VPN Networking Protocols

⇨ PPTP (Point-to-Point tunneling Protocols) : - PPTP is a protocol or technology that supports the use of VPN’s. Using PPTP, remote users can access their corporate networks securely using the Microsoft Windows Platforms and other PPP (Point to Point tunneling Protocols) enabled systems. This is achieved with remote users dialing into their local internet security providers to connect securely to their networks via the internet.

⇨ L2TP (Layer 2 tunneling Protocols) : - L2TP is an extension of the PPTP (Point to point tunneling protocol), used by internet service providers to provide VPN services over the internet. L2TP combines the functionality of PPTP and L2F (Layer 2 forwarding protocol) with some additional functions using some of the IPSec functionality. Also L2TP can be used in conjunction with IPSec to provide encryption, authentication and integrity.

⇨ IPSec (IP Security) : - IPSec operates on layer 3 and so can protect any protocol that runs on top of IP. IPSec is a framework consisting of various protocols and algorithms which can be added to and developed. IPSec provides flexibility and strength in depth, and is an almost perfect solution for securing VPN’s. The only drawback is IPSec requires setting up on the corporate network and on the client end and is a complex framework to work with.

⇨ SSL (Secure Socket Layer) : - SSL VPN provides excellent security for remote access users as well as ease of use. SSL is already heavily used such as when you shop online, accessing your bank account online, you will notice an SSL protected page when you see the “https” in your browser URL bar as opposed to “http”.

Multiple Access Protocols in Networking

There are three types of Multiple Access Protocols
1 Random Access Protocols

ALOHA
CSMA (Carrier Sense Multiple Access)
CSMA/CD (Carrier Sense Multiple Access with Collision Detection)
CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance)

2 Controlled Access Protocols

Reservation
Polling
Token Passing

3 Channelization Protocols

FDMA (Frequency Division Multiple Access)
TDMA (Time-Division Multiple Access)
CDMA (Code Division Multiple Access)

1 Random Access Protocols

↪ ALOHA : - Whenever a user has a frame to send, it simply transmits the frame. If collision occurs, it waits for a random period of time and re-sends it again. Sender can always find out if its frame was destroyed by listening to channel. For a LAN, feedback is immediate, while for a satellite there is a long delay of 270 ms before sender knows.

↪ CSMA : - A user wishing to transmit first listens to the medium to see if another transmission is in progress (carrier sense) Detection or sensing delay is determined by receiver hardware: a small detection time means that a user can detect a free channel rapidly.

↪ CSMA/CA : - Carrier-sense multiple access with collision avoidance (CSMA/CA) in computer networking, is a network multiple access method in which carrier sensing is used, but nodes attempt to avoid collisions by transmitting only when the channel is sensed to be "idle".

↪ CSMA/CD : - Carrier-sense multiple access with collision detection (CSMA/CD) is a media access control method used most notably in early Ethernet technology for local area networking.

2 Controlled Access Protocols

↪ Reservation : - In the reservation method, a station needs to make a reservation before sending data. Time is divided into intervals. In each interval, a reservation frame precedes the data frames sent in that interval.

↪ Polling : - Polling works with topologies in which one device is designated as a primary station and the other devices are secondary stations. All data exchanges must be made through the primary device even when the ultimate destination is a secondary device.

↪ Token Passing : - In the token-passing method, the stations in a network are organized in a logical ring. In other words, for each station, there is a predecessor and a successor. The predecessor is the station which is logically before the station in the ring; the successor is the station which is after the station in the ring.

3 Channelization Protocols

↪ FDMA : - Frequency division multiple access or FDMA is a channel access method used in multiple-access protocols as a channelization protocol. FDMA gives users an individual allocation of one or several frequency bands, or channels.

↪ TDMA : - Time-division multiple access (TDMA) is a channel access method for shared-medium networks. It allows several users to share the same frequency channel by dividing the signal into different time slots.

↪CDMA : - Code-division multiple access (CDMA) is a channel access method used by various radio communication technologies. CDMA is an example of multiple access, where several transmitters can send information simultaneously over a single communication channel. CDMA is used as the access method in many mobile phone standards.

Cryptography Components in Networking

Categories of Cryptography
→There are two types of Cryptography
1 Symmetric-key (Secret-key)
2 Asymmetric- key (Public-key)

1 Symmetric-key : - In symmetric-key cryptography, the same key is used by the sender (for encryption) and the receiver (for decryption). The key is shared.

2 Asymmetric-key : - Asymmetric cryptography, also known as public key cryptography, uses public and private keys to encrypt and decrypt data. The keys are simply large numbers that have been paired together but are not identical (asymmetric).

↪ Comparison between two categories of cryptography

⇾ What is Encryption : - Data encryption translates data into another form, or code, so that only people with access to a secret key (formally called a decryption key) or password can read it. Encrypted data is commonly referred to as ciphertext, while unencrypted data is called plaintext.

⇾ What is Decryption : - Decryption is the process of taking encoded or encrypted text or other data and converting it back into text that you or the computer can read and understand. This term could be used to describe a method of un-encrypting the data manually or with un-encrypting the data using the proper codes or keys.

Congestion Control in Networking

⇒ What is Congestion Control

Congestion control efers to techniques and mechanisms that can either prevent congestion ,before it happens, or remove congestion, after it has happened.

There are Two types of Congestion Control

1 Open-Loop Congestion Control (Prevention)

2 Closed-Loop Congestion Control (Removal)

↳ Open-Loop

1 Retransmission Policy : - Retransmission is sometimes unavoidable. If the sender feels that a sent packet is lost or corrupted, the packet needs to be retransmitted. Retransmission in general may increase congestion in the network. However, a good retransmission policy can prevent congestion.

2 Window Policy : - The type of window at the sender may also affect congestion. The Selective Repeat window is better than the Go-Back-N window for congestion control. In the Go-Back-N window, when the timer for a packet times out, several packets may be resent, although some may have arrived safe and sound at the receiver.

3 Acknowledgment Policy : - The acknowledgment policy imposed by the receiver may also affect congestion. If the receiver does not acknowledge every packet it receives, it may slow down the sender and help prevent congestion. Several approaches are used in this case. A receiver may send an acknowledgment only if it has a packet to be sent or a special timer expires.

4 Discarding Policy : - A good discarding policy by the routers may prevent congestion and at the same time may not harm the integrity of the transmission. For example, in audio transmission, if the policy is to discard less sensitive packets when congestion is likely to happen, the quality of sound is still preserved and congestion is prevented or alleviated.

5 Admission Policy : - An admission policy, which is a quality-of-service mechanism, can also prevent congestion in virtual-circuit networks. Switches in a flow first check the resource requirement of a flow before admitting it to the network.

↳ Closed-Loop

1 Back Pressure : - The technique of backpressure refers to a congestion control mechanism in which a congested node stops receiving data from the immediate upstream node or nodes. This may cause the upstream node or nodes to become congested, and they, in turn, reject data from their upstream nodes or nodes.

2 Choke Packet : - A choke packet is a packet sent by a node to the source to inform it of congestion. Note the difference between the backpressure and choke packet methods. In backpresure, the warning is from one node to its upstream node, although the warning may eventually reach the source station.

3 Implicit Signaling : - In implicit signaling, there is no communication between the congested node or nodes and the source. The source guesses that there is a congestion somewhere in the network from other symptoms. For example, when a source sends several packets and there is no acknowledgment for a while, one assumption is that the network is congested.

4 Explicit Signaling : - The node that experiences congestion can explicitly send a signal to the source or destination. The explicit signaling method, however, is different from the choke packet method. In the choke packet method, a separate packet is used for this purpose; in the explicit signaling method, the signal is included in the packets that carry data.

Backward Signaling : - A bit can be set in a packet moving in the direction opposite to the congestion. This bit can warn the source that there is congestion and that it needs to slow down to avoid the discarding of packets.
Forward Signaling : - A bit can be set in a packet moving in the direction of the congestion. This bit can warn the destination that there is congestion. The receiver in this case can use policies, such as slowing down the acknowledgments, to alleviate the congestion.

Addresses in TCP/IP

Types of Addresses TCP/IP Suite

⤹ There are Four types of Addresses

1 Physical Address

2 Logical Address

3 Port Address

4 Specific Address

1 Physical Address : - The physical address in a network model, also known as the link address, is the address of a node as defined by its LAN or WAN. It is included in the frame used by the data link layer. It is the lowest-level address.

2 Logical Address : - Logical Network is a way of representing networks in your data center that have the same connectivity properties (DMZ, public network, Intranet , management).

3 Port Address : - A port number is a way to identify a specific process to which an Internet or other network message is to be forwarded when it arrives at a server. Transmission Control Protocol and the User Datagram Protocol, a port number is a 16-bit integer that is put in the header appended to a message unit.

4 Specific Address : - This address is define of the specific address of network models.

TCP/IP Protocol Suit

TCP/IP Protocol
(Transmission Control Protocol / Internet Protocol)
1 What is TCP?

↪ TCP (Transmission Control Protocol) is a standard that defines how to establish and maintain a network conversation via which application programs can exchange data. TCP works with the Internet Protocol (IP), which defines how computers send packets of data to each other.

2 What is IP?

↪ The Internet Protocol Address (or IP Address) is a unique address that computing devices such as personal computers, tablets, and smartphones use to identify itself and communicate with other devices in the IP network. Any device connected to the IP network must have a unique IP address within the network.

TCP/IP Protocol Suit was defined Four Layers .

1 Network Access : - Network access layer controls of hardware devices and media that make up the network.

2 Internet : - Determines the best path through the network.Internet Protocol, is a suite of communications protocols used to interconnect network devices on the Internet.

3 Transport : - Transport layer is supports communication between diverse devices across diverse networks.

4 Application : - Application layer represents data to the user plus encoding and dialog control.

TCP/IP and OSI Model Protocols and Services

OSI Model in Network (Open System Interconnection)

Seven layers of OSI Model

1 Physical : - Physical layer deals with bit-level transmission between different devices and supports electrical or mechanical interfaces connecting to the physical medium for synchronized communication.

2 Data Link : - Data Link layer is the protocol layer that transfers data between adjacent network nodes in a wide area network (WAN) or between nodes on the same local area network (LAN) segment.

3 Network : - Network layer that provides data routing paths for network communication. Data is transferred in the form of packets via logical network paths in an ordered format controlled by the network layer.

4 Transport : - The transport layer is a conceptual division of methods in the layered architecture of protocols in the network. The protocols of the layer provide host-to-host communication services for applications.

5 Session : - The session layer provides the mechanism for opening, closing and managing a session between end-user application processes, i.e., a semi-permanent dialogue.

6 Presentation : - The presentation layer is layer 6 and serves as the data translator for the network. It is sometimes called the syntax layer.

7 Application : - The Application consists of protocols that focus on process-to-process communication across an IP network and provides a firm communication interface and end-user services.