Need some advice on learning networking

Re: Need some advice on learning networking

Back to the grindstone.

I'm about to build my lab on Packet Tracer and configure DHCP Snooping + Arp Inspection. I think of these as one single tool because they're usually used together, but there actually 2 separate tools. DHCP Snooping will function as a stand alone tool, but Arp Inspection won't work without DHCP Snooping.


I made a new discovery. If we have DHCP Snooping + Arp Inspection enabled on our switch and a copier is plugged into the switch with a duplicate IP address, it will not be able to communicate with anything on the network. If you try to ping from a PC, it's gonna fail. Why? because the device with the same IP address is part Binding Table in the switch and the copier has a different Mac Address..even though it has the same IP address...thus it will be blocked on the network. Food for thought.

Re: Need some advice on learning networking

I set up my network on Packet Tracer and configured DHCP Snooping and ARP Inspection. I ran several tests and everything worked as advertised. There was nothing difficult about setting it up. The hard work is in understanding the theory in how it works and why. It starts with understanding the OSI model. Everything always seems to go back to the OSI model in the world of networking.

Anyway, when I first started playing around with Cisco switches and routers, I hated the CLI (Command Line Interface), but now it's the thing that I love the most. These are enterprise switches and routers and it blows my mind the things that can be done with them. They are truly "smart".

Re: Need some advice on learning networking

Previously I said that I can't envision a scenario in which a copier company would be setting up VLANS, or inter-vlans on a client's network. I suppose there could be a very special circumstance where that needs to happen but I still believe my statement to be true. If anyone wants to dispute that, I'd like to hear it because I'm very new to all of this and I've been wrong before.

With all of that said, I thought I was wasting my time learning all of this. While I find networking interesting, I'm really not into learning something that I'll never use.

Any time that I've tried to learn something that is really difficult, there comes a time when it hits me like a ton of bricks..."Oh, this is why I need to know this and this is why it's important." That moment happened for me yesterday.


I'm watching videos and reading material about how a rouge attacker can bring down a network. When I say "rouge attacker", I'm not talking about some evil genius sitting in his basement like we see in the movies. No, I'm talking about some kid that has learned how to launch an ARP attack by watching a YouTube video and bringing a Raspberry Pi to school and bringing down the entire network. Or maybe it's an employee that wants to get out of work for the day that does the same thing. It could be anyone.

I've learned that network security starts at the switch. For instance, I learned something new. We can tie every port to a Mac Address. If someone tries to plug into the ethernet jack in their office with another PC or device, the port will shut down automatically and they'll NEVER even get on the network. Only the PC that is authorized will be allowed on that port. I've already discussed other security measures at the switch level.


I have a Cisco Switch here at my office but it doesn't have CLI interface so I couldn't do any of this. I went on EBAY and found one that does and ordered it. It only cost about $30 and it's a 24-port switch. I also ordered a Cisco Enterprise Router for about the same price.

Re: Need some advice on learning networking

I have never had to set up VLANs on a client network but I have had to work with copiers on VLANs already set up either by the customer's IT or by their ISP, so know about them will someday be good.

Re: Need some advice on learning networking


I almost posted something similar to this. I think it will pay off in that I will be able to talk to the IT department with some degree of competence. I never want to come across as an idiot.


I have a quick question for you, slim....


I've been reading up on firewalls. Not software firewalls that are found on the PC or server, but an edge of network physical firewall. What can you tell me about them? Are they worth having?

Re: Need some advice on learning networking

Almost every router on the market has at least some type of firewall builtin. Mostly it is a matter of blocking specific ports that you have to select. Actual hardware firewalls that connect between your internet modem block all ports by default and you have to decide which one to open. That includes port 80, the internet browser port. They can be configured to block incoming traffic, outgoing traffic or both. The one thing that they won't stop is a denial of service attack. The attack can't get through but while the attack is happening, nothing else can get through.

Re: Need some advice on learning networking


I've been meaning to tell you something. Do you remember way back at the beginning of this thread when you mentioned that the OSI model was outdated? I don't think those were your exact words but something to that affect. I was too new to networking at the time to understand what you were talking about. But the internet model is simpler (effectively collapsing the top 3 layers of the OSI model into a single layer) and easier to remember and understand. If you're a pure-bred network engineer that is focused on router/switch, they yes, the 7-layer model is dead.

I don't think I've forgotten much that you taught me, slim.

Re: Need some advice on learning networking

I thought I'd give a quick update on my progress. I'm terrible at trying to explain what I want to say in the written word so bear with me.


I haven't built any new networks. In fact, I had to go back to the networks that I'd already built and address my weak areas before I could move forward. This post has to do with switches, VLANS and inter-vlans.

Switches don't care about IP addresses. They only care about Mac Addresses and VLANs.

Let's address VLANs. When a PC sends a packet to a switch, the PC doesn't know which VLAN it's supposed to go to. There's nothing in the packet about VLANS. The switch knows which VLAN the packet needs to go to but the PC doesn't. Once the switch receives the packet, it adds a VLAN tag to the packet via "encapsulation". The protocol is known as 802.1Q encapsulation. This is created at the trunk line of the switch. Once the switch sends the packet to a fast ethernet port (the port that's connected to the PC) it strips away the VLAN tag and forwards the packet to the PC that it's intended for.


This may sound like a bunch of mumbo-jumbo that's unimportant, but the reason I had to go back and learn it is that I must know this information if I want to know how to trouble shoot the network. It's one thing to configure a network, it's quite another to troubleshoot a problem.

That's all for now.

Re: Need some advice on learning networking

Now let's talk about routers and the role they play in INTER-VLANS.


Keep in mind that VLANS are at the switch level (layer 2) and they are separate networks that can't communicate with each other. But what if you want to communicate between the different VLANS? In order to do this we need a router. Unlike switches, routers care about IP addresses (layer 3). It's important to keep this in mind before I explain how inter-vlans are possible....


....If we have a PC on VLAN 1 it may have an IP address of 192.168.10.2. On VLAN 2 we may have another PC with the IP address of 192.168.20.2. In other words, PC's on different VLAN can't have the same mask, or subnet. That would kind of defeat the purpose.

Anyway, the PC sends the packet to the switch, the switch looks in it's VLAN table and has no way of sending the packet between 2 different VLANs. What happens next is the packet is sent to the router. Keep in mind that the path between the switch and router is connected by a trunk line thusthe VLAN tag (encapsulation 802.1Q) hasn't been stripped away and is still present. Once the packet reaches the router, it has it's own table that it looks at. This table is a different from the table found at the switch. This table binds the VLAN to an IP Address.

I'll admit that's a little confusing and took me a while to grasp.

Re: Need some advice on learning networking

For 2 days I've been trying to get back to my practice lab on sending DHCP addresses across inter-vlans but because I had had weak areas in my knowledge, I had to go back and fill those gaps. This is a lot of information to take in at one sitting. Take my word for this....you don't want any gaps in your understanding of networking because it will come back to bite you. I learned that the hard way. Don't repeat my mistakes if you're trying to learn networking. No detail is unimportant.

There's one more gap that I had to fill before I went back to my practice lab on sending DHCP across inter-vlans and that's DORA.


What is DORA? I'm glad you asked.


DHCP Dora process is handled by a SERVER called DHCP SERVER that dynamically distributes network configuration parameters, such as IP Addresses, gateways, ect. for clients. It is a standardized network protocol used on INTERNET PROTOCOL in the network.

Sound complicated? It's not. Here's how it works.


First the client PC sends out a Discovery Broadcast across the network to see if a DHCP Server is on the network.

Next the DHCP server sends back an Offer that includes the IP address, gateway, ect.

Next the client PC sends back a Request saying that he will take the IP address.

Next the DHCP server sends back an Acknowledgement saying "okay, you I'll make a note of your IP address and you can have this IP address for 4-days (or whatever)...known as the lease time.


Client --------> Discover
......................Offer<-----------Server -
Client --------> Request
......................Ack<-------------Server



I'll explain why these 4 packets are important in a later post.

Re: Need some advice on learning networking

I finally got back around to setting up DHCP services on intervlans. This was no easy task for a beginner like myself. First I had to set up the vlans. Then I had to set up intervlans and make sure the PC's could all communicate. Than I had to set up the DCHP Server. Getting the DHCP server to work on VLAN 10 was simple because I made the DHCP server part of VLAN 10. Now I had to get the server to work on VLAN 20. Just to make it a little harder on myself, I used a multi-layer switch with a built in router....which I had never used before.


Let me just cut this short. The name of the game in this scenario is sub interfaces, sub interfaces, and sub interfaces. Did I mention sub interfaces? Once I got all of the sub interfaces set up the only thing left to do was set up "IP Helper" which is a relay back to the DHCP server for VLAN 20.

I'm tired and my head hurts. That's it for today.

Re: Need some advice on learning networking

what subnet mask would you use for 192.168.10.2 and 192.168.20.2? If you used a 255.255.255.0 would they be able to communicate with each other?

Re: Need some advice on learning networking


To be perfectly honest, I may have used some wrong terminology. This was what I was trying to say:


Take IP address 192.168.10.2 with a 24 bit subnet.

The red portion represents the network portion of the address and the black indicates the host. You can't have the same network portion for two different VLANS as VLANS are, by design, separate networks. Sorry for the confusion.

Re: Need some advice on learning networking

By the way, on several videos that i watched, they kept referring to the network portion of the IP address as the "mask." Is that not correct?

Re: Need some advice on learning networking

192.168.10.2 and 192.168.20.2 are just IP addresses. A subnet mask of 255.255.0.0 will allow communicating with every device on every subnet of 192.168. Changing the value of the third octet would restrict the number of subnets and changing the value of the fourth octet will restrict the devices on each subnet. I would have to look up the proper tables to tell you what each value would yield and I don't feel like doing so right now.