Wassim

In this article I explain how I am preparing for the Wireshark WCNA exam. Study resources 1- Laura Chappell’s WCNA Official Study Guide ( here ) This is one of the best certification study guides I’ve ever read in IT. I loved Laura’s writing style. She sounds friendly and relaxed. No dry text. It sounds as if she is blogging not writing a technical book, which is nice. 2- Stevens’ TCP/IP Illustrated, Vol.1, 2nd Edition (here ) Preparing for the Wireshark WCNA exam requires solid TCP/IP knowledge. Unfortunately, this is one of missing points in the official study guide. So I searched the internet for a reliable source for TCP/IP knowledge. Richard Stevens is to me the best TCP/IP teacher that ever lived on Earth. He explains the TCP/IP stack to a T, using Unix. Even though I have a basic Linux experience (yet), I had no big difficulties following along with his examples. I was excited and ashamed at the same time. Ashamed because I graduated as a network engineer...

In this article I expose my study notes on the VXLAN technology with the Nexus 9000 product family, in both NX-OS and ACI mode. What is the purpose of VXLAN? Any network engineer can tell that we have a limitation with VLANs: we can have a maximum of 4094 unique VLANs on a single layer 2 domain. And a VLAN stops at the layer 3 boundary, where routing devices take the role to transport packets from one location/datacenter to another. That means, whenever we want to apply Live Migration (or vMotion) to a workload on a datacenter X to swap it to datacenter Y will not possible. In this sense, VXLAN facilitates workload-anywhere strategy, which encompasses workload mobility and reachability. General definition of VXLAN A VXLAN is a layer 2 tunneling scheme (i.e group of virtual tunnels) formed over a layer 3 network that plays the role of (in our case) a transport network . The transport network is usually a regular IP network running static or dynamic routing protocols and is called the ...

I gather in this blog post different networking definitions a network engineer may encounter (or may not, what a shame, LOL) in his journey. It will be a short article but bare with me, there are tricky nuances! Administrative layer 2 domain the layer 2 domain – or part thereof – that a network engineer manages. Layer 2 domain the network formed by the sum total of switches, hubs and any layer 2 devices in a network. The layer 2 domain is delimited by the existence of a device performing a layer 3 (routing) function. Layer 2 segment a portion of the layer 2 domain. It is usually defined by either VLAN or VXLAN technology. VLAN segment the collection of network hosts and nodes that belong to the same VLAN ID. Hosts on one VLAN segment “A” can not communicate inherently with hosts on a VLAN segment “B” unless there is a routing component (a layer 3 gateway) that performs inter-VLAN routing. Multitenant datacenter a datacenter where multiple organisation...

The vPC technology is configured between two and only two Nexus switches. Catalyst switches provide no vPC functionality. The switches bound together in the vPC setting are called vPC peer switches . Unlike other stacking technologies like VSS, Nexus switches in a vPC configuration do not form a single control plane; they maintain their own control plane, and share a common control plane between them. That is why we can ssh into each Nexus switch seperately, while that is not possible in a VSS setup. vPC peer switches are linked together using at least 2*10Gbps links, configured in a port-channel. These links form what is called the vPC peer link . vPC peer switches maintain also what is called a vPC keepalive link. This is NOT a physical link, but rather a logical link that runs across the vPC peer link. Nexus switches in a vPC setup must be configured with something called a vPC domain . two vPC peer switches must have the same vPC domain value. vPC peer switches are taken from this...

Security can be enforced with scalable network design and cryptography. Cryptography, and more precisely cipher suites, help achieve the three pillars of computer and network security: confidentiality, integrity and authenticity. They are also called the security Triad. Confidentiality is achieved through encryption, Integrity is achieved through hash, signatures and MAC, Authenticity is achieved through hash, certificates and MAC. Encryption cryptography is a wonderful world Prior to encrypt and decrypt messages, it is assumed that both the sender and the receiver hold a copy of the encryption key K. They can exchange it by phone, on a CD, on a USB drive,… The way encryption works is by using the mathematical XOR function (its mathematical symbol is ⊕). A message M is XORed with a key K to produce an encrypted message C. At the receiver, the encrypted message C is XORed with the same key K to reproduce the original message M. The input of an encryption algorithm is called the pla...

We’ve seen in a previous post that IEEE ratified wireless networks as 802.11 standards. They are commonly known as WiFi by the general public (for Wireless Fidelity). But this cool name hides some interesting challenges.   Wireless signal concepts Wireless network frequencies operate in the spectrum of microwaves. They explore the electromagnetic signals to transport data. Like other technologies where data is transported by electrical signals (in copper cables) or light (Fiber Optic cables) as carriers, data in WiFi is transported by an electromagnetism carrier signal that flies in the air. WiFi standards use high frequencies. The IEEE 802.11b and 802.11g use a frequency of 2.4GHz. That’s more than two billion oscillations of the waveform per second. In radio communication, higher frequencies mean shorter length of the wave, thus shorter covered distance. The challenges of wireless networks Interference: wireless networks use electromagnetic waves to transport information...

This post is an overview of the most popular LAN technology: Ethernet. A bit of History At first, the DIX group developed Ethernet II, then IEEE 802.3 group adopted Ethernet and added to it some improvements. All Ethernet technologies after Ethernet II are defined by the IEEE 802.3 body, from the early 10Base-5 and 10Base-2 till today. Standards such as Fast Ethernet and Gigabit Ethernet came to existence. And nowadays we are talking about 10Gigabit Ethernet and even 40Gigabit Ethernet. IEEE 802.3 is a working group that standardized wired Ethernet, on both layer 1 layer 2 of OSI model, just like other IEEE working groups. Each IEEE working group specializes in one technology. For example, IEEE 802.11 works on WiFi. Extract from IEEE802.org. We see the list of the IEEE working groups, including the 802.3 working group. All LAN and MAN technologies (such as Broadband, Wimax,…) can be referred to as IEEE 802 LAN/MAN standards . Ethernet Cabling 10Base-T uses category 3 UTP cables th...

We will talk about MAC protocols, Ethernet technology and CSMA/CD, all operating at the lowest two layers of the OSI model, which corresponds to the Link layer in TCP/IP. Shared Ethernet In 10Base-2 and 10Base-5 networks, hosts share the same medium of communication. Shared Ethernet Card – copyright wikipedia.org Hosts on a shared Ethernet network physically connect to the same medium. Questions arise regarding who and when to send data on the medium first. → Medium Access Control protocols -aka MAC protocols- are the protocols that regulate communication on shared medium. MAC protocols There are three main MAC protocol families: Packet-switched radio networks eg. Aloha protocol “whenever I have data to send, I simply send it on the medium” “if there is collision, I send at a later time”  –> the algorithm is simple and has random behavior. with higher loads on the medium, collision rate increases and hosts spend more time re-sending data than sending n...

In this post, we make our neurons work a bit in the world of communication systems. We learn what the communication process is, discover some terms then attack modulation techniques. I remember I learned most of the following theory in my network engineering studies at the university. The communication process The communication process can be summarized in the following diagram: copyright Communication Systems, Haykin. The source of information delivers what is called the signal message . This is the message we want to transmit. It can be text, computer data, sounds, images or video. At the transmitter, level, the message signal is converted into symbols , and symbols are then encoded into a form that is understandable by the communication channel. At the receiver, the received signal is a set of encoded symbols . These are decoded and used to re-generate the original message signal. However, it is only an estimate of the original message signal, and that’s due to the noise in t...