Need some advice on learning networking

Re: Need some advice on learning networking

These Cisco WLC's are sick. Did you know that they have a built in packet capture tool that is similar to WireShark? It's true. Also, there's a built in statistics page that keeps track of everything under the sun....including what webpage each user visits and for how long. It also tells how much usage each AP gets. I haven't even touched the surface of what the Cisco WLC can do.


But mainly it's used as a central controller for all the access points. In other words, you can go to the WLC and make changes and push it out to all the other AP's.


Also, rthonpm rightly talked about "tuning" the AP's and he was right. However, that's not much of an issue here. The WLC does all of that for us.

Re: Need some advice on learning networking

As I become more knowledgeable with the Cisco Wireless Lan Controller, I discover more cool functions. For instance, if I know the Mac Address of your phone, I can track you anywhere in the building.


Here's what I mean, if you're connected to the wireless network, when you walk through the building, you are roaming from one wireless access point to the next. From the Lan Controller, it shows me what access point that your mac address is on.


I moved my phone from one room to another to test this out. Worked like a charm.

Re: Need some advice on learning networking

I'm still on LAP's and WLC's. The fun is over and I'm now deep into learning the protcols that are used.

One such protocol is CAPWAP. If nothing else, it's fun to say: CAPWAP. lol


Basically after the AP's have found and joined the WLC, a CAPWAP tunnel is formed. This tunnel connects the LAP's to the WLC and this is where the data is encapsulated. There's also a 2nd tunnel that is formed inside the CAPWAP tunnel and this is where the control data is sent.

Client Data is sent on UDP 5247 and control data is sent on UDP 5246.


I think I've about got this baby whipped.

Re: Need some advice on learning networking

When it comes to wireless, I've only talked about Wireless Lan Controllers and Access Points. The reason is because that's the hard stuff to learn.


But there are the basics of wireless technology. Not hard to learn, but important nonetheless.


For starters, everyone needs to know the 802.11 standard. This is usually followed by some letter: a/b/g/n and the latest standard 802.11ac. All of these have to do with speed and the distance of the wireless signal. I won't go into it too much. If you want to know more, there's plenty of information out there.

Then there are security standards: WEP (no longer used), WPA, WPA2, WPA3. All of these security protocols use encryption keys. The later the version, the more secure.

We could get into the 2.4Gz vs. 5Gz range but that all goes back to the 802.11 standard.


Those are the basics.


When it comes to wireless, the really, really cool stuff doesn't happen until you get into a production network. That's where you get introduced to a radius server, link aggregation and how to set up the layer 3 switch and the WLC.

I think I'm about done talking about wireless.

Re: Need some advice on learning networking

Don't use anything less than WPA2. Anything old enough to not support it doesn't need to be connected to the internet.

Some consumer wifi devices also have a feature called WPS, which allows you to connect to a network using a PIN. If your home devices support this: disable it at all costs. There are known security issues with it that are fundamental enough to make the entire feature insecure.



Sent from my BlackBerry using Tapatalk

Re: Need some advice on learning networking

Remember the school that needed wireless?

Well, after talking it over with the powers that be, I decided to go ahead and do the job. They don't need uninterrupted wifi coverage. They aren't gonna be making wifi phone calls so wifi roaming in the halls isn't necessary. What is important to them is coverage in the classrooms and offices.

For that, I decided against installing a WLAN controller and instead installed a mesh wireless network. It took a total of 10 Aruba AP's. Not much to it. It's pretty much plug and play...for the most part. I did have to do a little configuring for the guest network and initial discovery.


A Quick Note: I'm a huge fan of Cisco's WLAN controller and Lightweight Access Points, but that would have been overkill here.

Re: Need some advice on learning networking

You'll also be charging for the occasional visit for any firmware or patches for the equipment as well, right?

Half of the job is always getting it up and running, the rest is keeping it up and running.

Sent from my BlackBerry using Tapatalk

Re: Need some advice on learning networking


This is a non-profit school for troubled kids. I charge them a discounted rate and I volunteer some of my time on occasion. They've given me complete access and let me do what I want and it's been a great place for me to learn.

Re: Need some advice on learning networking

I'm 60% done with the CCNA online course. It's hard to grasp how much information is covered in the CCNA unless you've done it. It's almost overwhelming.


I've learned the hard way that I need to go back and review stuff I've already learned or I will forget. I've designated Saturday as Review Day.


One of the things that I'm reviewing today, is HSRP - Hot Standby Routing Protocol. This is one of the more cool topics that I've learned.

I'm wondering if anyone has any experience with this or have seen it?


Here's the gist of it.

A large company can't afford to not be able to get on the internet so they have 2 internet service providers and ISP routers. If one goes down, all the computers atomically switch over to the other ISP router. I covered how to do this in this thread.

Anyone ever seen it?

Re: Need some advice on learning networking

The last thing that I reviewed over the weekend was DHCP. A simple way to remember the process by which DHCP works is D.O.R.A.


D.iscover
O.ffer
R.equest
A.cknowledge

I learned something new that I missed the first time around. What is that, you ask?


In the DHCP "offer", it has the IP address, mask and default gateway. I thought all of that was replicated in the "acknowledgement", but it also includes the lease time and renew period...which wasn't included in the offer.


Now we know.

Re: Need some advice on learning networking

Who wants to talk NAT? More importantly, who understands NAT? I image quite a few of you understand it. I'm just now learning how it works. Full disclosure, I've been studying this for a few days now as part of CCNA.

In CCNA it takes everything to the extreme...or to a production network level.


With that being said, here's what I've covered.


1. Static NAT - This is used mostly for a server that that has incoming traffic from the internet. It's pretty straight forward. The outside (public) IP address is matched up to the inside (local) IP address.

I can address this further if anyone is interested. No? lol


2. Dynamic NAT - Okay. This used when a company purchases a pool of public IP addresses from the ISP. These are expensive so you'll only have a limited number of public IP addresses. Each PC will be assigned a public IP address to get out to the internet. The problem is that you're most likely gonna have more PC's than you do public IP addresses and when that happens, the remaining PC's won't be able to get internet access. This isn't used much in the real world.


3. PAT - Public Address Translation: This allows an unlimited number of PC's to reach the internet with only one public IP address. It does this by using the private IP address of the PC AND the port number. There's a NAT table that helps keep everything in order so that traffic is routed to the correct PC.


I have a Cisco Router here and I've already set up an edge router that uses PAT and it can be complicated if you don't understand the theory behind the steps involved.

Re: Need some advice on learning networking

I'm on something now that has me really excited. What am I talking about ? ACL or Access Control List.

I first used an ACL in the real world when I configured a Cisco edge router to do NAT. Or in this particular case, PAT. It's all the same principle and that's translating a private IP address to go across the internet.

So, where did the Access Control List come into play?

First we need to understand what an ACL is.


Imagine that we're throwing a big party at the club and we give the bouncer, who's standing at the front door, a list of everyone that is allowed in. If they're not on the list, they don't get in. Period.

Well, that's how a ACL works.

There are different types of ACL's. Let's start with the "standard" access list.

It can only "allow in" according the source IP address. It can be one single source ip address or a range of IP addresses. But that's all it can do.


Now replace the bouncer with a router and replace the names on the list with ip addresses.

If the IP address isn't on the list, it doesn't get in.


More to come...

Re: Need some advice on learning networking

PS - The next type of list is the Extended Access List.

It can block/allow on the source and destination IP address. But wait, it can also allow/block on Layer 4 protocols and even port numbers.


There's many practical applications for this...I just need to learn what they are.

Re: Need some advice on learning networking

As I continue to learn how to properly configure an ACL, I'm reminded of something. And that something is how important it is to master Subnetting. If you want a job working with routers and switches, it is a must to master subnetting. If you don't, you will be fired in short order. There's simply no way to avoid it. And a subnet calculator isn't gonna let you off the hook. You still must master subnetting, wildcard masks, and supernetting.

I'm not gonna lie, I struggled with it for a while. I stuck with it. The minutes turned into hours. The hours into days and the days into weeks. And just when you think you have it, they throw you a curve ball. It seems simple now but everything seems simple after you learn it.

Re: Need some advice on learning networking

PS - Here's an example of what I'm talking about:



10.16.2.0/24

10.16.4.0/24

10.16.6.0/24


That's 3 different subnets and they're all 24 bit. If we wanted to use an ACL to block all 3, how would we write it?

It would be written like this: deny 10.16.0.0 0.0.7.255

The red portion of our network statement is the wildcard mask and I won't go into great detail, but the point is, if you can't subnet and supernet, you can't use an access list. And that's just one example.