Introducing the Spanning Tree Protocol (STP) : A Loop free environment networking

Cisco® Learning Path

Cisco® > Associate Level Certifications > Network > Routing & Switching> Switching Protocols > Spanning Tree Protocol (STP)> Introduction to the Logical loop free topology

Introduction to the Spanning Tree Protocol (STP)

The spanning tree protocol is a Layer 2 protocol that runs on bridges and switches. The main purpose of STP is to ensure that no loops are created when there are redundant paths available. Spanning Tree Protocol implements the 802.1D IEEE algorithm by exchanging BPDU messages with other switches to detect loops, and then removes the loop by shutting down selected bridge interfaces.  STP can be used efficiently where redundant links are to be used avoiding loops. Without STP, a failure in the primary link can result in a loop.

Switching Loop in a non-Spanning Tree Protocol Environment

Any Layer 2 traffic can be categorized into Unicast (one-to-one), multicast (one-to-many) & broadcast (one-to-all). In case of multicast and broadcast environments, switches need to forward the packet to all ports (known as flooding) except the source port to make sure that the Ethernet frames reaches the destination. 

Workstation III broadcasts a frame destined for Web Server. This frame reaches Switch III which forwards the frame to all the ports except the source port or the port at which the frame has been received. . Both, Switch II & Switch I will receive the frame. These switches will then attempt to search the destination MAC address in their MAC address table. If these switches aren’t able to look up the destination MAC address, they will again broadcast the frame to all the ports except the port at which the fame was received.  This might cause the Ethernet frame to reach Switch III which results into a switching loop.  This might result in an increase in the network overhead and affect network performance.                                                                 

IP Addressing (IPv6 Part-I:Introduction, Differences in IPv4 & IPv6, Advantages of IPv6 over IPv4 & Transition Methods)

In the last post related to IP Addressing, I discussed about IPv4 basics. Now let me turn to the higher version of Internet Protocol-IPv6. As the name suggests, IPv6 succeeds IPv4. Now, every technology in this world comes with "versions".Likewise, Internet Protocol v.6 was developed by the Internet Engineering Task Force (IETF).

As I said in the previous post, IPv4 is a 32 bit address, which means that all over the world, there can be at the maximum 2³² or 4294967296 available addresses. Since the world population is growing drastically, these available addresses are on their way of being exhausted. This difficulty is removed by the use of IPv6 which is a  128-bit address. 

Consequently, there will be billions of addresses, the calculation will go beyond imagination!!!!!!!!!!

Before moving on any further, I will point out the differences between IPv4 and IPv6 and here they go-

As we have discussed the above differences, it is necessary to discuss the advantages of IPv6 over IPv4 and they are as follows:

 (i) Address Assignment Features- IPv6 address assignment allows easier renumbering, dynamic  

     allocation & easier recovery of addresses.

 (ii) Aggregation- IPv6 huge address space makes easier aggregation of blocks of addresses.

 (iii) No need for NAT/PAT- Using publicly unique addresses on all devices removes the need for 

      Network Address Translation (NAT) & Port Address Translation (PAT) which are used for converting

      private addresses into public addresses and vice versa.

 (iv) More Efficient Routing- IPv6 reduces the size of the routing tables and makes routing more efficient

       and hierarchical.

 (v) More Efficient Packet Processing- IPv6's packet header makes packet processing more efficient.

      Compared to IPv4, IPv6 contains no IP-level checksum*, so the checksum need not to be regulated at 

      every router hop. Getting rid of IP-level checksum was possible because most of the link layer 

      technologies today contain error control capabilities. (*checksum refers to simple error detection used

      in the IP header to protect the data against corruption. This checksum value is 16 bits long and is 

      contained only in the header part of the IP address)

 (vi) Directed Data Flows- IPv6 supports multicast rather than broadcast. Multicast allows bandwidth-

       intensive packet flows which allows packets sent to multiple destinations simultaneously. This

       saves the network bandwidth.

 (vii) IPSec Policies- IPSec (IP Security) which provides confidentiality, authentication and data integrity is

        included into IPv6. Since, IPv4 packets have a high potential to carry malware, they are often blocked

        by Internet firewalls. As IPSec is integrated into ICMP v6 packets, they are allowed through the 

        firewalls.

Today, almost every computer connected to the Internet is running on the IPv4 addressing scheme. The IETF has published the IPv4 to IPv6 transition methods in RFC 6144. Transitioning describes the methods

for moving from IPv4 addressing to IPv6 addressing. Following are the transitions methods:

  (i) Intra-Site Automatic Tunnel Addressing Protocol (ISATAP)- ISATAP is used for automatic 

       deployment of IPv6 in IPv4 sites. ISATAP has been defined in RFC 4214. The word "automatic" in

      ISATAP denotes that once the ISATAP server has been set up, only the clients must be configured to

      connect to it. ISATAP uses IPv4 as a non-multicast/ broadcast-capable link layer, therefore, ICMPv6

      Neighbor Discovery cannot be done in a usual manner. Lack of multicast support prevents 

      the use of Automatic Neighbor Discovery, hence, the ISATAP hosts must be configured 

      with "Potential Router List" (PTR).

  (ii) Dynamic 6to4 Tunnels- In this type of transitioning, the system is capable of transmitting IPv6

       packets over an IPv4 network. This transition method is generally useful when IPv6 is deployed in the 

       network for the first time or is in it's initial phases of deployment. When this method is used by a 

       host, there should be an IPv4 address connected. 6to4 transitioning encapsulates IPv6 packets

       inside IPv4 network. An extension to the 6to4 transition method id called as "IPv6 rapid 

       deployment".

  (iii) Teredo Tunneling- In this type of transition, full IPv6 connectivity is given to the IPv6 capable hosts

        which are on the IPv4 network and have no direct connection to the native IPv6 network. Teredo 

        Tunneling uses Platform Independent Tunneling Protocol (PITP) which provide IPv6

        connectivity by encapsulating IPv6 datagram packets into IPv4 datagram packets.

   (iv) Stateless IP/ICMP Translation (SIIT)- SIIT translates packet header formats in IPv4 and IPv6.

   (v) Dual Stack-Lite (DS-Lite)- Due to the exhaustion of IPv4 addresses, DS-Lite was designed to 

        let the Internet Service Providers (ISPs) to omit the deployment of any IPv4 addresses to the 

        Consumer Premises Equipment (CPE).

   (vi) NAT64/DNS64- NAT64 is a transition method where IPv6 hosts are capable of communicating

        with the IPv4 servers. DNS64 is another transition method where the DNS server is asked for the 

        AAAA records but the DNS server finds only the A records. Eventually, the DNS server returns 

        the results for AAAA records on the basis of A records 

The above transition methods are a bit difficult to understand for those who are new to the field of network-
-ing. However, while reading the above transition methods, one must remember that the above methods 
describe how one can move from IPv4 to IPv6. Implementing the above transition methods is a complex 
task that is carried out by network engineers.

Now, I hope you have understood the differences between IPv4 and IPv6, the advantages of IPv6 over IPv4 and the transition methods that can be used. Let me move to more details of the IPv6 concept.
First of all, let me show you how an IPv6 address is written. As you must be knowing by now that IPv6 is an 128-bit address, divided into a group of 4 hexadecimal digits, an example you may take:

   2340:1111:AAAA:0001:1234:5678:9ABC

Another example might be 2001:0ad8:84b3:0000:0000:8a2c:8b3d:8224. Since, IPv6 addresses have a 

considerable length, they can be shortened systematically. There are two conventions that allow the 

shortening of IPv6 addresses:

   (i) Omit the leading zeros (0s) is any given quartet.

   (ii) Represent 1 or more consecutive quartets of all the hex 0s with a double colon (::). However, writing

        :: is allowed only once in an IPv6 address.

Now, if I consider the above IPv6 address and decide to shorten it, then the result will be:

2001:0ad8:84b3::8a2c:8b3d:8224

To conclude with part I of IPv6, please remember that every quartet in an IPv6 address contains 16 bits

i.e. 16 x 8= 128 bits in the whole IPv6 address.

In the next IPv6 article, we will go deeper into the IPv6 concept, so keep in touch with my blog.

Till then, keep reading & thanx a lot!

IP Addressing (Fundamental Concepts & IPv4 Basics)

My come back has been delayed, actually I was unable to keep in touch with my blog for a few weeks.

Anyways, to make it large, let me start with IP Addressing. Now, what is an IP address? If you have gone
through my earlier post titled "OSI, IP Suite & the DoD Model-I (OSI Model)", you must have got a
rough idea about the core concepts of functioning of internet. Again, to revise, if we take a closer look
at the network layer, it describes something called as "logical addressing".

Logical addressing, as the name suggests, describes a process through which addresses are assigned to every host on the network logically and not  physically.

Logical addressing concept is the base on which the process of routing functions. To go into the
depths of this concept, routing is the process of finding, determining and selecting the best path by the
 host to reach another host located generally on another network. Consider two networks- Network A
& Network B. Now Host 1 is located in Network A & Host 2 is located in Network B. If Host 1 is
 trying to reach Host 2, then it is trying to communicate with a host (Host 2) on a different network.
Here, Host 1 will use routing. Routing is done using special networking devices called as routers.

Now, to carry out the process of logical addressing, "IP" is used. IP is an abbrevation for Internet Protocol.
IP is a network layer (Layer 3) protocol in the TCP/IP stack providing routing and logical addressing
standards. IP is one of the most important concepts in the world of networking. Let me first of all explain
you the concept called "IP Packet". An IP Packet is simply a data carrier. When two hosts communicate,
they use IP Packets and these packets are compiled into a specific format.

IP is of two types-IPv4 & IPv6 i.e. Internet Protocol version 4 & version 6.

IPv4 is what we are using since IP was brought into use. You may be knowing concepts called as "bits". Bits, bytes etc. are the units of digital information in computing and telecommunication. Let me show you
some useful conversions

If you have gone through the above conversion chart, then please note that there is a difference between
Kilobits (kb) & Kilobytes (KB) even though I haven't mentioned it in the above chart. The difference is that
1kb=1000 bits while 1KB= 1024 bytes. Similarly, 1mb=1000000 bits while 1MB= 1024 kilobytes or 1048576 bytes or 8388608 bits.


I hope you have got the idea about the conversions. It is important to understand these conversions since they are useful in carrying out important IP calculations. 


Now, there are heaps of differences in IPv4 & IPv6 (and obviously, there must be!). IPv4 is denoted in a 
32 bit format divided into 4 parts. For example, 192.168.100.100 is an IPv4 address. If you convert this address into a binary format, you will arrive at 11000000.10101000.01100100.01100100. You can take a
closer look at the above binary format, then you will see that there are 32 bits divided into 4 blocks of 8 bits each. 


Since we call them "IP Addresses", they are divided into particular blocks and each block called as an "IP
Class". Technically, we should say that IP space can be divided into five classes. IP Classes relate
 to the type of business or network that the computer is associated with. Since the IP address space is divided into different classes, this methodology is termed as "classful network.


Every class in this classful network includes an IP Range. IP Range denotes the number of IP addresses
 that a particular class can hold. Here it goes-

Classes D is reserved for multicasting & Class E is reserved for experimental users.

If you have a closer look at the above table, you will notice that the address 127.0.0.0 is absent. So where has it gone? 127.0.0.0 is known as the loopback address. A loopback address or interface is one where any traffic that is sent to this interface is received by the same interface. The loopback address range goes from 127.0.0.0 to 127.255.255.255. If you are using a web server, you can point your browser to http://localhost/ or http://127.0.0.1/, and you will notice that you have accessed the computer's own website.

Packets sent from a loopback interface (being the source address) in an IP network can cause a hell lot of problems.These are called as the martian packets and the source addresses for these are collectively called as bogons. 

To drift a bit away from the IP concept, let me narrate the concept of pinging. Pinging is a test that may 

 be executed from a computer located in a network to test the reachability to another host located on 

either the same or different network. PING stands for Packet Internet Gopher. If you want to "ping" another host whose IP  or web address is known to you, then simply open the Command Prompt and 

type ping x.x.x.x where "x"s stand for the digits of an IP address. 

Now, to finish off with the basics of IPv4, let me tell you that since IPv4 is a 32-bit address, the number of addresses will be 2³² which will be 4294967296 available addresses.

In the next post, I will be discussing about IPv6, which is one of the most revolutionary concept in the field of networking and the Internet.

World of Internet Security (Phishing)

In these early months of my blog, I will be kick starting with the new aspects of networking and technology.
Gradually, I will be going into the depths of every aspect. I am always commencing my post with these
 lines because the field of networking and technology is so vast and beyond imagination that it is
not  possible to discuss every issue in one and the same post itself.

A couple of days ago, one of friends told me to write something on 'phishing'. Hmmmm, I was about to
draft a post on internet security, and co-incidentally it has happened quite early! Before turning directly
 to phishing, I would like to give you an overview of Internet security and why it is essential in this highly exposed connected world wide web. Actually, Internet security is itself one of the branches of networking. Similar to the wireless technology which I have discussed in my last article, there are many certifications
that are related to security such as Certified Ethical Hacker (CEH), Computer Hacking Forensic Investigator (CHFI), Red Hat Certified Security Specialist (RHCSS) and much more, the details of which you can Google out.

Why do we need Security on the Internet? There's a long answer to this question. As I said earlier, every device connected to the Internet is highly exposed to risks. And these risks may be termed as hackers, penetrators, intruders, middlemen, viruses, malwares, spywares, phishing attacks and many more....
Above all, there are risks related to loss of crucial data, denial of service attacks etc.
How many people (except those from the IT background) in this connected planet know about Internet security and the measures that are available to keep your PCs and systems protected from intrusions and
potential risks? Today, it is really necessary to make yourself educated about this issue.

Now, let's turn to these risks one-by-one. First of all, let me start with phishing because my friend is really awaiting to read an article on it.

Phishing sounds like fishing, isn't it? That's why on most of the websites today that provide related information on phishing put a fish as a 'logo' to denote phishing. Phishing is an illegal activity.
In this process of phishing a perpetrator (one who intends to phish), sends an email which looks out to be
legitimate, but actually isn't. This email is sent with an intention to collect financial information such as credit card numbers.
To put all this in fewer words, phishing is a technique used to gain personal information for the purposes
of theft using sources like emails that appear to come from a legitimate source. Phishing may have alternate names such as carding or brand spoofing.
In the process of phishing, the victim may be asked to provide his confidential information such as passwords or bank account number.

Phishers use a variety of techniques while sending emails-legitimate logos, official signs, polished website designs and styles and all such things that make the victim think that all this has come from a legitimate sender which he believes to be true.

Now, when the user clicks a link that is inside the email, he is redirected to the fake website, where they
are persuaded to enter their personal and financial information. At the phisher's end, the phisher uses a
 set  of  special software to decode the information (such as passwords) entered by the victim. And soon
enough the phishers drain out your resources.

Let us now discuss the various measures that you can take to protect yourself from being a victim of phishing.
The world of Internet security follows one great principle-Prevention is better than cure!!

 Firstly, beware of any website demanding your personal & financial information. Generally, banks and financial institutions do not ask you to provide such information on their websites.

 Secondly, think before you act. Think before clicking on any link that might redirect you to a fake website
that may ask you personal and financial information.

 Thirdly, it is your duty to report any suspicious activity to your bank or financial information.

 Fourthly, make sure that you are using HTTPS (Hyper Text Transfer Protocol Secure) instead of
 HTTP while browsing your bank's website or any other website that requires security.

 Fifthly, always update your browser and make sure that you are running the most latest version of your browser since it may contain critical and really critical security patches.

 Always keep a watch on your banking transactions and confirm whether they are correct and do not involve any suspicious activity.

In the next article, I will be writing about viruses, malwares, spywares & worms that affect your system.
Till then, keep in touch with my blog.

Wireless-World without Cables

It is making me feel really great to write after changing my blog's name. I know, changing your blog's name just after a week is something that makes no sense. But, as I said, the earlier name was something that was not easier to find on the search engines. I think, most people who are technically strong know the word 'encapsulation', so there it came!!! Around the world, people are searching for the concept of encapsulation and it would now be easier to find this blog.

Ok, now let me turn to a revolutionary concept of wireless in the world of technology and networking. Actually, Wireless technology is a vast and a much vast concept and describing the whole of it in one post itself is not a good idea. If you have read my earlier posts like Virtualization, OSI etc., you can mark out that I have divided the posts into parts. Likewise, I will be doing the same for Wireless. First of all let me describe what is wireless. Being from the networking field, I will be discussing wireless in the context of networking only, if you have knowledge of other wireless technologies, it will be great if you share it on this blog.

What do you mean by the term 'Wireless'? Something where wires are absent? Yes, logically correct. Let me elaborate it more technically. Wireless is a concept where two or more devices (wireless technology enabled) are not connected physically but using medium of air and communicate using waves having specific frequency.

Wireless was discovered roughly in the year 1864. Thereafter it was developed for many devices including radio, televisions, cellular devices and now for computers etc. Wireless in the context of networking is also a very very and really very vast concept such that there are globally recognized certifications provided by giants such as Cisco. To start with, let me first of all tell you how two devices connect with each other using wireless technology. Now, in case of computers, you require a Wireless Interface Card or a Wi-fi card as a hardware device. To configure it properly and to make it work on your PC, you require suitable device drivers. These drivers are available on your PC manufacturer's website.

The most important device in the wireless technology is something called as an 'access point' or an AP.
An AP is a device that uses wireless communications to send and receive data or frames with the Wireless LAN (WLAN) enabled clients or computers.

Now, WLANs use radiated energy waves called as the radio waves to transmit data. These waves use air as a medium to get themselves transmitted and there is no need for any physical medium. The presence of walls, metal objects and other such things prove an obstruction for the waves to travel.

In a wireless environment, if more than one device sends radio waves at the same time, neither signal proves to be intelligible & hence a Half Duplex mechanism is used.
Half duplex? It is a concept in which data is transmitted in one way only and it is contrast to something called as full duplex where data is transmitted in a two way direction.

To bring standardization and to make this technology more flexible to the end consumers, many international organizations contributed to the development of WLAN Standards. Most prominent among them are the Institute of Electrical & Electronics Engineers (IEEE), Wi-fi Alliance and Federal Communications Commission (FCC).

There are different modes of 802.11 Wireless Standards. WLANs can use more than two modes-ad hoc mode and the infrastructure mode. 

With the ad-hoc mode, a wireless device can connect with other devices directly i.e. without requiring any intermediary device. I will put this concept into a diagrammatic representation, have a look at it:

Let us turn to the infrastructure mode now. Infrastructure mode uses a device called as an access point (I have discussed this terminology in the earlier paragraphs). 

Again to go into the depths of infrastructure mode, something called as 'service sets' are used. What is a service set? Simply, something that provides services in the wireless topology. The Basic Service 

Set (BSS) uses a single AP in the wireless topology while the Extended Service Set (ESS) uses multiple APs in it's topology.

The ESS WLANs allow roaming, which means that the users can move around freely inside the coverage area and stay connected to the WLANs.

In the next post, I will be going into depth of the Wireless technology

Internet closed on 8th March,2012?

Yes, very true, FBI is closing Internet on 8th March,2012 in more than 100 countries!!

Internet services will be shut down on this very day due to  a disastrous virus that has infected lakhs of computers in more than 100 countries. This virus belongs to the Trojan category and is named as the DNSChanger. When released on the Internet, this virus sends manipulated/fraudulent websites to the web surfers by changing the entries listed in the Domain Name System (DNS).
 Now, Domain Name System (DNS) is a service that converts your domain names (for example, http://www.lifedownloadedfromheavens.blogspot.com into it's IP Address). DNS is the backbone
of the Internet addressing scheme. Imagine, what would be happening if this backbone is affected...

This virus has affected many computers including 500,000 from American continent alone. The FBI
 has shutdown the DNSChanger network, but the solution is only a temporary one. The court has
 ordered a deadline and that's 8th March. Users of Windows & Mac are at a greater risk of this Trojan
since it exploits the browser directly and thereafter your operating system gets infected.

Let me tell you something about rouge DNS Servers. A rouge DNS Server is the one that redirects the
DNS name resolutions to other DNS Servers. This is something difficult to understand, but technical
people would interprete this easily. Imagine that your Mom has given you a 'code' and its meaning is
known to you (that is you are a DNS Server in this case). She has told you to tell that code to your
brother. Now, if you are a rouge DNS Server, you will not tell it to your brother, but you will 'redirect'
that code to your sister. This is also called as DNS Hijacking.

Here's a checklist with the aid of which you can self-check of your computer to make sure you're not infected by comparing your computer's DNS setting to the list of rogue DNS servers:

85.255.112.0 to 85.255.127.255

67.210.0.0 to 67.210.15.255

93.188.160.0 to 93.188.167.255

77.67.83.0 to 77.67.83.255

213.109.64.0 to 213.109.79.255

64.28.176.0 to 64.28.191.25

FBI has also publish an article on this issue and you can read it on this address:

http://www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer-malware.pdf

To brief out the process mentioned in the checklist, you can follow the following steps:
(i) Click Start
(ii) Go to Run and type 'cmd'. This opens the command prompt window
(iii) Type 'ipconfig /all'
(iv) In the Local Area Connection details, check the DNS Server Address.
(v) Match it with the above addresses.

I hope you can now safeguard your PC against the above deadly trojan.

I request you to PLEASE HAVE A BACKUP OF ALL YOUR WORK, FILES & CRUCIAL DATA.

Also, HAVE AN UPDATED ANTIVIRUS PROGRAM INSTALLED ON YOUR COMPUTER.

It is RECOMMENDED THAT YOU TURN ON FIREWALL ON YOUR COMPUTER

How can a Computer 'DIE'....sounds unbelievable, but true!!! (PART-I:Reasons & Causes)

Death of a Computer!

So, have you ever performed a 'funeral' of your computer? This would be the dumbest question you might have heard in your whole life. Actually, its not that your computer dies, but the 'operating system' residing in your computer gets 'corrupted' due to some or the other reason. In simple words, you may call it that your computer 'crashed'. You might have heard many people speaking about a computer 'crash', and it would be rather true to say that this crash is due to a very critical problem arising in the system. Now, mostly and let me say it generally or technically, this 'crash' is called the 'Blue Screen Error' or the 'Death Screen'.

Mostly, these errors pop up on your computer screen as 'STOP ERRORS'. And when you start watching at your screen making an oval of your mouth, this error becomes a great concern for you. Even sometimes these errors may pop up at the ATMs and you may not be able to withdraw money....and then you start cursing that poor ATM machine! To start with, let me discuss the core reasons for these STOP errors.

Actually, in the real life environment, the causes of these errors might be really difficult to be recognized. If you are using Microsoft Windows XP/Vista/7, then you can view the error 'code' on the blue screen that appears.

Well, can you see the highlighted area in the above image? The 0x0000007B is the error code. Now, following may be the most common reasons for the STOP errors:

(i) Hardware & External Devices: This devices such as the CD-ROM, USB Drives etc., may cause
    such types of errors if they are malfunctioning. Detaching these type of devices without using the
   'Safely remove Hardware' command. Removing such external devices suddenly results in corruption
    of the device and sometimes causes damage to the computer.

(ii) Running lot of programs at the same time: Accepted that a computer is a device that is multitask
    enabled. But, this too, has a limit! If you keep on running many programs, the computer will start
    running out of memory. This will cause the Blue Screen error to pop up. In technical terms, this
    condition  is called the Memory Dump.

(iii) Malfunctioning of Device Drivers: First of all, let me make you understand the term 'driver'.A
    driver is a special 'program' that makes your computer communicate with the hardware or
    external hardware such as the printer, CD-ROM etc. And yes, this thing may be the reason for
    the STOP Error. If your device drivers are corrupted due some or the other reasons, BSE may pop
    up.

(iv) Corrupted Startup Files: Now, this is the most concerning reasons of all. If the Operating System
      files are corrupted or are damaged by malicious software or virus attacks, then it may result your
      system to crash unexpectedly. 

(v) BIOS Settings: BIOS (Basic Input/Output System) settings, if configured erroneously, then they
     might result in STOP Errors.

These were the most common reasons for STOP errors to pop up on your computer screen. These
require immediate attention since they are 'critical' and your system cannot function normally due to the damage caused to it.

In the next part, I will be discussing the solutions to the above errors alongwith the error codes,
so stay tuned to my blog!