Need some advice on learning networking

**BillyCarpenter** · 10-13-2021, 03:33 PM

Re: Need some advice on learning networking

It should also be noted that there's a big difference between a production and SOHO network. I mean, if you only have a couple of routers, switches and servers, you need not concern yourself with optimizing spanning tree. But if you're running a lot of virtual servers in a Data Center, that's a different story.

It used to be that in a basic college campus network that 70% of traffic flowed north and south. In other words: From the server to client.

That's not the case these days. It's just the opposite with 70% of traffic flowing from east to west. In other words: From one virtual server to another. The data flow must be super fast and needs to take the best path. Hence: Optimal Spanning Tree.

**BillyCarpenter** · 10-13-2021, 06:16 PM

Re: Need some advice on learning networking

I'm starting to notice a pattern. THE SHORTEST PATH.

The shortest path in OSPF (routing table) and the shortest Spanning Tree (Layer 2).

It makes sense if you think about it. I mean, when we get in our car, we don't take the longest route to our destination do we? Of course not.

When it comes to networking, everything goes back to Math. But this type of math is way over my head. We're talking about algorithms.

**BillyCarpenter** · 10-13-2021, 06:54 PM

Re: Need some advice on learning networking

Here's a question. Let's see if anyone has the answer?

By default, Spanning Tree runs on every port. But if we have a single computer on port 5, it's impossible for a loop to exist. So, why have spanning tree running on that part?

**BillyCarpenter** · 10-13-2021, 08:26 PM

Re: Need some advice on learning networking

Originally posted by BillyCarpenter

I'm gong over port security and it suddenly hit me that there's a lot of networks out there that are highly vulnerable.

When the ports are left open and unprotected, someone could introduce a mac address flooding attack. The switch only has so much memory and it will crash when flooded. There's a couple of different ways of dealing with this but I'm still going over it.

I'm done with port security. It's cool stuff but very easy to configure.

I've heard some of you talk about this. You go to network jack that's working and you plug in your device and it doesn't work. Why? Because the jack (switchport) is configured to work with only one specific mac-address. Actually, we can allow more than 1 mac-address but you get the point. If anyone plugs in a device with an unknown mac address, the port automatically shuts down. We can configure it to cut back on in a certain time or we can configure it so that we manaully have to bring it back up.

There's also Port Filters. I'll save that for now.

**slimslob** · 10-13-2021, 08:48 PM

Re: Need some advice on learning networking

Originally posted by BillyCarpenter

I'm done with port security. It's cool stuff but very easy to configure.

I've heard some of you talk about this. You go to network jack that's working and you plug in your device and it doesn't work. Why? Because the jack (switchport) is configured to work with only one specific mac-address. Actually, we can allow more than 1 mac-address but you get the point. If anyone plugs in a device with an unknown mac address, the port automatically shuts down. We can configure it to cut back on in a certain time or we can configure it so that we manaully have to bring it back up.

There's also Port Filters. I'll save that for now.

The ports can be configured for specific types of devices like say printers. If a printer is connected to a port that is configured for use by a computer, it won't work.

**BillyCarpenter** · 10-13-2021, 08:55 PM

Re: Need some advice on learning networking

Originally posted by slimslob

The ports can be configured for specific types of devices like say printers. If a printer is connected to a port that is configured for use by a computer, it won't work.

I'm pretty sure that is achieved by using an ACL (Access Control List).

Cisco provides basic traffic filtering capabilities with access control lists (also referred to as access lists). You can configure access control lists (ACLs) for all routed network protocols (IP, AppleTalk, and so on) to filter protocol packets when these packets pass through a device. You can configure access lists on your device to control access to a network; access lists can prevent certain traffic from entering or exiting a network. This module provides an overview of access lists.

You can get very specific with an ACL. You can grant or block by protocol, also.

**slimslob** · 10-14-2021, 01:38 AM

Re: Need some advice on learning networking

Sorry I didn't find this earelier bur here is a White Paper Ricoh put out in 2010 on using Wireshark. rfg042515.pdf

**BillyCarpenter** · 11-10-2021, 11:43 AM

Re: Need some advice on learning networking

I have a client (school) that is in a rather large building and their wireless network leaves something to be desired. There are several dead spots and other areas where the the signal is weak.

There's a patchwork system of wireless routers in various classrooms with different names and passwords.

They are wanting a better more efficient solution and I have my own ideas but I'd like to get some advice before making a decision.

Here's what I want to achieve for this customer:

I want them to be able to walk anywhere in the building and never lose connection. I want it to be seamless in that it needs to be able to switch from one wireless access point to another without them even knowing it.

Thoughts?

PS - Does anyone have experience with a Wireless Access Controller?

**rthonpm** · 11-10-2021, 11:50 AM

Re: Need some advice on learning networking

What type of authentication are they using for the network?

Mesh networks have become popular of late but in a larger building it would make more sense to set up an access point and multiple repeaters that, ideally, are wired together so that there's less risk of the concrete, asbestos, and anything else rummaging around in old buildings can eat the signal. Any enterprise style wireless setup will do what they want. Trying to mash something together with SOHO or consumer grade kit won't likely give them the management they need.

Sent from my BlackBerry using Tapatalk

**BillyCarpenter** · 11-10-2021, 12:29 PM

Re: Need some advice on learning networking

Originally posted by rthonpm

What type of authentication are they using for the network?

Mesh networks have become popular of late but in a larger building it would make more sense to set up an access point and multiple repeaters that, ideally, are wired together so that there's less risk of the concrete, asbestos, and anything else rummaging around in old buildings can eat the signal. Any enterprise style wireless setup will do what they want. Trying to mash something together with SOHO or consumer grade kit won't likely give them the management they need.

Sent from my BlackBerry using Tapatalk

Here's the deal. I don't know what authentication they're using and wireless technology is an area where I have plead ignorance. That is one of the last modules in the CCNA course that I'm taking. I wasn't planning on taking any wireless jobs but this came up. I'm gonna have to take a crash course to get this job done.

I have installed a couple of wireless access points here in my office. I believe they are Aruba.

I have a quick question: If I daisy chain several access points together, I'm assuming POE will transfer to all of 'em?

**BillyCarpenter** · 11-10-2021, 01:47 PM

Re: Need some advice on learning networking

I watching the module on Wireless technology and I think I know why rthonpm asked me what type of authentication will be used. I think this has to do with "roaming".

With roaming, devices can roam across multiple access points. If you're walking around the building on your wireless device and you leave the coverage area of the access point and enter the coverage of another access point, it will automatically switch over. However, if you're using authentication (which you should be), because the authentication is handled separately by each access point, you're gonna have a break in service if you're roaming to the new AP.

My understanding is that this break in service can be eliminated if you use a Wireless Access Controller. Do I have that right?

**rthonpm** · 11-10-2021, 02:50 PM

Re: Need some advice on learning networking

Yes. There needs to be a means in place to pass off the authentication from one AP to another. I was also asking in terms of whether or not they were using something like RADIUS or WPA2 Enterprise which are often used with certificate validation: it adds an extra layer of headaches but it can protect you from getting unauthorised devices on your wireless network.

Overall, anything on the scale of a school building is going to fall in the hands of someone that really knows the logic of AP placement and tuning. If you want to try and tackle it, you may want to sub it out to someone willing to have you look over their shoulder as it's set up. I have a couple of arrangements like that with some network engineers where we sub out different things to each other. While the logic of how data is transmitted is identical to a wired network, there's as much art as there is science in performance tuning a wireless network.

**BillyCarpenter** · 11-10-2021, 07:23 PM

Re: Need some advice on learning networking

Originally posted by rthonpm

Yes. There needs to be a means in place to pass off the authentication from one AP to another. I was also asking in terms of whether or not they were using something like RADIUS or WPA2 Enterprise which are often used with certificate validation: it adds an extra layer of headaches but it can protect you from getting unauthorised devices on your wireless network.

Overall, anything on the scale of a school building is going to fall in the hands of someone that really knows the logic of AP placement and tuning. If you want to try and tackle it, you may want to sub it out to someone willing to have you look over their shoulder as it's set up. I have a couple of arrangements like that with some network engineers where we sub out different things to each other. While the logic of how data is transmitted is identical to a wired network, there's as much art as there is science in performance tuning a wireless network.

Man, when rthon tells me that I should consider subbing this job out, I know that's exactly what I need to do. I never doubt what he tells me because he's always been right. But I really want to do this job. Not for the money. I could care less about that. I want to do it for the experience.

**rthonpm** · 11-10-2021, 07:45 PM

Re: Need some advice on learning networking

That's kind of like learning architecture and starting with building Notre Dame instead of a log cabin... If you sub it out, make sure that the sub knows you want to be a part of it to learn how it all gets put together. I do the same with some of the network guys I deal with: I come to them when I need network jobs done, they come to me for servers on their jobs: everybody gets paid, and everybody is happy.

**BillyCarpenter** · 11-10-2021, 08:29 PM

Re: Need some advice on learning networking

Originally posted by rthonpm

That's kind of like learning architecture and starting with building Notre Dame instead of a log cabin... If you sub it out, make sure that the sub knows you want to be a part of it to learn how it all gets put together. I do the same with some of the network guys I deal with: I come to them when I need network jobs done, they come to me for servers on their jobs: everybody gets paid, and everybody is happy.

I decided to sub it out the second I read what you had to say. My mamma didn't raise no fool. lol

Need some advice on learning networking

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment