• BGP (Border Gateway Protocol): An exterior gateway protocol that relies on TCP (not UDP) for session establishment between autonomous systems (AS). It functions as a path-vector protocol, exchanging reachability information based on AS counts. BGP communication utilizes five message types: Open (establishes peer sessions), Update (advertises reachable and withdrawn routes), Keepalive (maintains peer relationships periodically), Notification (reports errors and terminates sessions), and Route-Refresh (requests re-advertisement of routing info post-policy changes). When topology shifts occur, Updates are transmitted to adjacent AS peers.
• OSPF (Open Shortest Path First): An interior link-state gateway protocol that employs Dijkstra's shortest path algorithm. To optimize convergence in expansive networks, OSPF partitions the topology into areas. Each area is identified by a 32-bit unsigned integer (0 to 4294967295) and should contain no more than 200 routers. Routers within a specific area maintain an identical link-state database (LSDB) representing that area's topology exclusively—not the entire network. When a link state shifts, the update is flooded to all routers within the area. OSPF metrics encompass cost, delay, bandwidth, and reliability (path count and convergence time are excluded). The LSDB refreshes every 30 seconds to guarantee consistency.
• RIP (Routing Information Protocol): A distance-vector interior gateway protocol characterized by its simplicity. Routers periodically broadcast routing refresh packets composed of (V, D) tuples, where V signifies the destination vector (target network/host) and D indicates the metric distance (hop count). RIPv1 lacks Variable Length Subnet Mask (VLSM) support, deriving masks strictly from classful boundaries, meaning subnet masks are omitted during network address configuration.

Network Security and Intrusion Systems

• IPS (Intrusion Prevention System): Operates inline, fusing firewall and IDS functionalities to actively block threats.
  • AIPS (Application IPS): Deployed directly in front of critical application servers.
  • NIPS (Network IPS): Positioned inline at network egress points (e.g., between the perimeter router and firewall). A false positive in NIPS unintentionally drops legitimate traffic.
  • HIPS (Host IPS): Installed on endpoints to monitor kernel system calls and intercept local attacks.
• IDS (Intrusion Detection System): A passive scanning mechanism. Probes can capture traffic via switch port mirroring, inline network taps, or shared hubs. A purely peer-to-peer (distributed) IDS architecture circumvents single points of failure.
• Network Attacks:
  • DDoS: Overwhelms a target using aggregated traffic from multiple compromised systems.
  • Land: Sends packets where the source and destination IPs match the victim's address.
  • Smurf: Spoofs the victim's IP to broadcast ICMP echo requests, flooding the target with replies.
  • SYN Flooding: Exploits TCP handshake dynamics using spoofed IPs to exhaust target connection resources.
  • Teardrop: Exploits malformed UDP fragment offsets.
  • SQL Injection: Exploits vulnerabilities in host-level application logic.
• TCSEC (Trusted Computer System Evaluation Criteria): Classifies system trust into four groups and seven levels:
  • D: Minimal protection.
  • C1: Discretionary access control with identity authentication.
  • C2: Adds auditing and accountability mechanisms.
  • B1: Introduces mandatory access control and security labels.
  • B2: Structured protection requiring labeled objects and devices.
  • B3: Security domains enforced with hardware assistance and trusted pathways.
  • A1: Formally verified security models and installation processes.

Switching, VLANs, and STP

• Switching Modes: Fast-forward (cuts through after 14 bytes), Fragment-free (filters collisions after 64 bytes), and Store-and-forward (buffers the entire frame before forwarding).
• VLANs: Defined by IEEE 802.1Q, utilizing a 12-bit ID field supporting 4094 distinct VLANs. Ethernet-compatible VLAN IDs range from 1 to 1000. VLAN names can span up to 32 alphanumeric characters. Hubs connected to switches mandate MAC-based VLAN segregation.
• VTP (VLAN Trunking Protocol): Operates in Server, Client, or Transparent modes. Transpaernt switches isolate their configurations, neither synchronizing with VTP servers nor propagating VTP advertisements. A standard VTP domain designates only one VTP Server.
• STP (Spanning Tree Protocol - IEEE 802.1D): Constructs loop-free topologies via BPDUs. Bridge Priority spans 0 to 61440, stepping by 4096; numericaly lower priorities designate the root. Configuration BPDUs are capped at 35 bytes, while Topology Change Notification (TCN) BPDUs are limited to 4 bytes. UplinkFast accelerates convergence upon direct link failures.

# Elevating STP priority by two tiers from 24576 (24576 - 2*4096 = 16384)
Switch-6500>(enable) set spantree priority 16384

# Accelerating edge port initialization
Switch-SW-6500>(enable) set spantree portfast 4/1-24 enable

Cisco Router and Switch Configuration

• ACLs (Access Control Lists): Standard ACLs range from 1-99 and 1300-1999. Extended ACLs range from 100-199 and 2000-2699, filtering based on protocol types and port numbers.

# Extended ACL denying specific UDP/TCP ports
Router(config)#access-list 105 deny tcp any any eq 4445
Router(config)#access-list 105 deny udp any any eq 1435
Router(config)#access-list 105 permit ip any any
Router(config)#interface gigabitethernet 0/1
Router(config-if)#ip access-group 105 in

• DHCP Configuration:

# Excluding static ranges before defining the pool
Router(config)#ip dhcp excluded-address 10.20.50.2 10.20.50.15
Router(config)#ip dhcp pool OFFICE_NET
Router(dhcp-config)#network 10.20.50.0 255.255.255.0
Router(dhcp-config)#default-router 10.20.50.1
Router(dhcp-config)#domain-name corp.local
Router(dhcp-config)#dns-server 10.20.10.5
Router(dhcp-config)#lease 0 12 0

• Trunk Configuration:

# 802.1Q encapsulation and selective VLAN pruning
Switch(config)#interface fastethernet 2/5
Switch(config-if)#switchport mode trunk
Switch(config-if)#switchport trunk encapsulation dot1q
Switch(config-if)#switchport trunk allowed vlan 15-40
Switch(config-if)#switchport trunk allowed vlan remove 28

• Interface Settings: Bandwidth for an E1 link is set as 2048 (in kbps). Port speed is defined in Mbps (e.g., 1000 for 1Gbps).
• Routing Table Metrics: Administrative distance dictates trustworthiness; lower values equate to higher reliability. OSPF defaults to 110. Connected routes display the local exit interface, while static routes point to the next-hop IP.
• ROM/RAM/NVRAM: ROM houses bootstrap and diagnostic firmware. RAM holds acctive routing tables and running configurations (volatile). NVRAM permanently stores the startup configuration. Flash memory retains the OS image.

Wireless and Broadband Access Technologies

• IEEE 802.11 Standards:
  • 802.11a: 5GHz band, 54Mbps max rate.
  • 802.11b: 2.4GHz ISM band, 11Mbps max rate, maximum capacity 33Mbps. Ad-hoc mode supports up to 256 nodes; infrastructure mode supports up to 1024 clients per AP.
  • 802.11g: 2.4GHz ISM band, 54Mbps max rate, maximum capacity 162Mbps.
  • 802.16a: Addressing fixed non-line-of-sight building connections.
• HiperLAN/2: Operates in the 5GHz spectrum employing OFDM modulation. Peak data rate hits 54Mbps. Indoor reach extends to 30m; outdoor reach reaches 150m.
• Bluetooth: Functions within the 2.402–2.480GHz band. Symmetric asynchronous links hit 433.9kbps, asymmetric links reach 723.2/57.6kbps, and synchronous channels sustain 64kbps. Encryption keys scale up to 128 bits.
• ADSL: Asymmetric digital subscriber line delivering varied upstream (64-640kbps) and downstream rates over existing twisted-pair telephone wiring.
• Cable Modem: Bridges computers to CATV coaxial networks, partitioning bandwidth into distinct upstream/downstream frequency channels.
• Wireless APs: Default IP is often 10.0.0.1. Leaving the SSID blank or as "tsunami" by default permits unrestricted client associations.

Network Architecture and Management

• MAN (Metropolitan Area Networks): Structured around a "three platform, one exit" model (Network, Business, Management platforms, plus a city broadband exit). Hierarchical design mandates an uplink-to-downlink bandwidth ratio of 1:20. QoS assurance leverages DiffServ, RSVP, and MPLS. Out-of-band management utilizes IP networks and SNMP protocols, whereas in-band management relies on DCN or PSTN dial-up.
• RPR (Resilient Packet Ring): A dual-ring fiber topology (outer ring clockwise, inner ring counter-clockwise) utilizing statistical multiplexing. Destination nodes strip frames from the ring, unlike FDDI where the source strips them. SRP fairness algorithms govern traffic. Self-healing mechanisms isolate faults within 50ms. Bare fiber spans between nodes can extend up to 100km.
• SNMP: Management stations query agents using GetRequest PDUs with community strings. Agents push Traps to managers asynchronously (UDP port 162). Inform requests mandate manager acknowledgments. Only read-write communities authorize Set operations. Link-status traps notify managers of interface state changes.

# Configuring SNMP trap notifications for link events
Router(config-if)#snmp trap link-status

• Structured Cabling: Twisted pair geometry minimizes EMI. STP offers superior shielding against external radiation compared to UTP but incurs higher costs. Multi-media outlets interface copper and fiber strands. High-speed terminal requirements may necessitate fiber-to-the-desktop runs. ANSI/TIA/EIA 568-B outlines cabling specifications.

Application and Server Services

• Servers: Availability equals MTBF / (MTBF + MTBR). RAID arrays expand storage capacity and I/O speeds, though basic RAID 0 does not augment fault tolerance. Clustering ensures service continuity during host failures, though overall throughput may dip.
• DNS: Root hints are injected automatically during installation, requiring no manual IP configuration. DNS zones accommodate dynamic client updates. PTR records for reverse lookups are auto-generated in forward zones but must be manually inserted in reverse zones.
• DHCP: Client lease renewals are handled autonomously by the OS. Releasing a lease via ipconfig /release resets the local interface to 0.0.0.0. Exclusion ranges do not necessitate MAC address logging.
• WWW: Multi-site hosting is differentiated via host headers, unique IP bindings, or non-standard TCP ports. Permissions encompass Read, Run scripts, Execute, Write, and Browse (Modify is absent).
• FTP (Serv-U): Domains are uniquely identified by an IP and port pair. Dynamic server IPs are accommodated by leaving the IP field blank. Anonymous access requires explicit user creation named "anonymous".
• Mail (Winmail): SMTP governs outbound delivery, while POP3/IMAP/HTTP manage inbound retrieval. Routing necessitates both an A record and an MX record in DNS. Outlook functions strictly as a client interface, lacking administrative capabilities.
• Windows Network Commands: ipconfig /flushdns purges the local resolver cache. nbtstat reveals NetBIOS over TCP/IP statistics. netstat -a enumerates active TCP sessions. pathping traces hop-by-hop latency metrics.

Calculations and Addressing

• System Availability Benchmarks:AvailabilityMax Annual Downtime99.9%<= 8.8 hours99.99%<= 53 minutes99.999%<= 5 minutes
• ITU SONET/SDH Rates:StandardThroughputOC-3155.52 MbpsOC-12622.08 MbpsOC-241.244 Gbps
• Switch Bandwidth Calculation: Full-duplex aggregate bandwidth = (Number of Ports × Port Rate × 2). For a switch with 24 100Mbps ports and 2 1000Mbps ports: (24 × 100 × 2) + (2 × 1000 × 2) = 8800Mbps = 8.8Gbps.
• IP Aggregation: Align binary representations to locate the longest common network prefix. Usable host count equals 2^(host bits) - 2. When merging blocks with divergent masks, consolidate the matching pair first, then sum the remaining block's usable addresses.
• IPv6 Representation: 128-bit addresses displayed as eight 16-bit hexadecimal groups. Leading zeroes within a group compress, but trailing zeroes must remain explicit. The double-colon (::) abbreviation replaces one consecutive sequence of zero-groups, strictly appearing only once per address.