1. Describe basic OSPF features and characteristics.
Ans: Open Shortest Path-First abbreviated as OSPF is simply a routing protocol for Internet
Protocol (IP) networks and is based on the Shortest Path First (SPF) algorithm. It is a link-state
routing protocol that was developed as an alternative to distance vector routing protocol (RIP).
OSPF is an intradomain protocol I.e., used within an area or a network. Herein, each router
contains the information of every domain, and based on that very information, determines the
shortest path.
Feature and characteristics of OSPF are as listed below:
- It provides routing information to the IP section of the TCP/IP protocol suite, the most used
alternative to RIP.
- It is based on SPF (Shortest Path First) algorithm.
- OSPF bases link cost on bandwidth to determine the best route.
- It sends updates to tables only, instead of entire tables, to routers.
- It involves less network traffic.
- It supports unlimited hop count.
- It is a classless protocol therefore, it supports VLSM (Variable Length Subnet Mask) and CIDR
(Classless Inter-Domain Routing).
2. Explain how single-area OSPF operates. Describe the OSPF packet types used in single-
area OSPF.
Ans: OSPF (Open Shortest-Path First) refers to a routing protocol belonging to the group of linkstate routing protocols. It is classified among the best dynamic protocols that exist in networks
today. Using Dijkstra Algorithm, OSPF calculates the shortest path to every router.
We can implement OSPF in two different ways, I.e., Single-Area OSPF and Multi-Area OSPF.
Single Area OSPF is also termed as Area 0. It is the backbone area for OSPF which links all other
smaller areas within the hierarchy. Herein, all routers are contained in one area and are
preferably used in smaller networks where only a few routers are working and the web of router
links is not complex, and paths to individual destinations are easy. OSPF supports hierarchical
routing using areas which make OSPF more efficient and scalable.
To enable single-area OSPF, firstly we are required to enable OSPF. Enabling OSPF is not enough
to activate it. The OSPF process needs to know the networks that are going to be advertised and
the area they reside in. Therefore, the following command is needed to make OSPF operational:
-Router(config-router)# networkaddress_wildcard-mask_area_area-number
Herein, the network command is used to identify the interfaces on the router that are going to
participate in the OSPF process. Adjacencies will be created with these interfaces and the LSAs
will be received and transmitted on these interfaces. The wildcard mask parameter here needs
to be defined for accurately identifying the necessary interfaces. In wildcard mask, 0 bit
indicates a “must” and 1 bit indicates an “any”. And, the area-number specifies the area to be
associated with the specific address and consequently the interfaces to be grouped within that
area. By default, area 0 is used if more than one area is to be created in a network, area 0 is the
first one that needs to be defined.
OSPF packet types used in single-area OSPF are briefly described below:
I. Hello packet – Hello packet is responsible for discovering and creating neighborhood
relationships and checking the network’s reachability. Simply it is used when the connection
between routers needs to be established.
II. Database Description (DBD) – Once the two-way communication is established, database
description packets are sent using the exchange database protocol. Furthermore, it checks for
database synchronization between routers.
III. Link State Request (LSU) – Link state request is sent by router to obtain the information of a
specified router.
IV. Link State Update (LSU) - Link state update if further used by router to advertise the state of
its links.
V. Link State Acknowledgement (LSAck) - Finally, LSAck is responsible for sending
acknowledgement packets to each router, ensuring reliability factor.
3. Describe common network attacks & also describe the best practices for protecting a
network.
Ans: A network attack is an attempt to gain unauthorized access to an organization network
with the objective of stealing data or perform other malicious activity.
There are two main types of network attacks:
• Active: Attackers not only gain unauthorized access but also modify data, either deleting,
encrypting, or otherwise harming it.
• Passive: Attackers gain access to a network and can monitor or steal sensitive information, but
without making any change to the data, leaving it intact.
The common network attacks are as follows: Computer Virus, Malware attacks, DOS attacks,
Brute force attacks & phishing etc.
The best practices for protecting a network are as follows:
1. Create strong passwords and change regularly: Creating a strong password for several types
of network devices such as: Router, Firewall, Switch, etc. to prevent attack. Don’t use easy
passwords to remember such as: birthdate, Iloveyou123, mobile number. Use strong password
by using combine letter numbers, special characters and minimum 10 character in total. For
example: *Hustle@1234
2. Don’t click unwanted email or message: Sometime you will receive an unwanted email from
unknown person with attachment file, that can be a virus or malware which can harmful our
system or network. So, before clicking that file we must beware or sometime deleting that email
will be better.
3. Use Antivirus Software: Antivirus is a program that helps to protect our system, network and
IT system from viruses, malware, worms, and other unwanted threats. It scans our entire system
and scan files from the internet. There are some popular anti-viruses like: Avast, panda, Quick
scan and many more.
4. Use Firewall: We can use firewall to monitor the incoming or outcoming network traffic. The
benefits of firewall are: protecting from hacking, stops virus & malware and promote privacy.
5. Use virtual Private Networks (VPN): The main purpose of using VPN is to hide your personal
online data from others. It helps to hide our IP address, browsing activity and online data from
the network. If we live in Kathmandu but by using VPN, we can change our device's location to
another place like Birganj, Palpa etc. which can be extremely useful.
4. Describe malware types. Explain how TCP and UDP vulnerabilities are exploited by
threat actors.
Ans: Malware abbreviation of malicious software refers to any intrusive files or software
intended to infect, explore, steal, or conduct any harmful activities in our system. Cybercriminals
use it against us to exploit and harm our system for stealing our necessary data and information.
Common malware types include; Viruses, Worms, Ransomware, Bots, Trojan, Spyware, Spam &
Phishing, etc. Some common malware types are briefly discussed below:
• Worms – Worms are spread via software vulnerabilities or phishing attacks. Once a worm is
installed into your computer memory, it starts to infect the entire system and, in some cases,
the overall network too. Depending on the types and your security measures, they can do some
serious damage which are;
I) Modify and delete files
II) Inject malicious software onto computers.
III) Steal your data
IV) Install a convenient backdoor for hackers
• Viruses – Viruses unlike worms require an already infected active operating system to
function. It usually spreads via infected websites, email attachments, file sharing, etc. Once your
system or program is activated, the virus is able to replicate itself and spread throughout your
system. So, accessing any files, email, etc. from untrusted sources should be ignored.
• Trojans: Trojans is a program or file that trick user into downloading and installing them as it
looks trustworthy. Once you install, they take control of the system and inject the system and
work as spies of your system making it an easier approach for hackers.
• Ransomware – It is one of the most used malwares. A ransom-ware is malicious software
that uses encryption to disable a victim’s access to its own data and demands a ransom, usually
in a cryptocurrency in return to decrypt the encrypted data.
Network applications use TCP or UDP ports. Threat actors conduct port scans of target devices
to discover which services they offer. An outbound ACL filters packets after being routed,
regardless of the inbound interface. Incoming packets are routed to the outbound interface and
then they are processed through the outbound ACL.
5. Explain how ACLs filter traffic. Compare standard and extended IPv4 ACLs.
Ans: When we send or receive data or information, it may contain files that are vulnerable to
many unwanted and dangerous traffic. So, such traffic must be monitored in order to prevent loss
of any information. And Access Controls Lists (ACL) are responsible for monitoring, allowing,
or blocking such harmful traffic right at the router's interface. Thus, ACL is a traffic filter that
works based on certain rules and commands which enables it to either restrict or allow data
packets to transfer from source to destination.
An inbound ACL filter packets before they are routed to the outbound interface. Inbound ACLs
are significantly used to filter packets when the network attached to an inbound interface is the
only source of packets that needs to be examined. In ACL, when a network traffic passes through
an interface, the router compares the information within the packet against each ACE (Access
Controlled Entries), in sequential order to determine if the packet matches one of the ACEs. This
process is called packet filtering. And in this way ACLs filter traffic.
On the basis of purpose ACLs are broadly categorized into many types. Among them the major
two are: Standard ACL and Extended ACL. Differences between Standard and Extended IPv4
ACLs are as listed below;
Standard ACL
S.
N.
Standard ACL filters network traffic on the
basis of source.
It permits or denies the entire protocol suite.
1.
It is created from 1-99 and extended range is
1300-1999.
It is less secure than extended ACLs.
3.
Two-way communication is not possible.
5.
2.
4.
Extended ACL
Extended ACL filters network traffic on
the basis of source and destination.
It permits or denies specific protocols
or applications.
It is created from 100-199 and
extended range is 2000-2699.
It is securer than standard ACLs.
One- way communication is not
possible.
6. Explain how to create ACLs.
Ans: Access Control List (ACL) is a traffic filter that works based on certain rules and commands
so as to restrict or allow data packets to transfer from source to destination. For proper
implementation of ACL, we should primarily understand ingress and egress traffic in the router.
When setting rules for an ACL, all traffic flow are based on the point of view of the router’s
interface. There is a limit in the number of ACLs that can be applied on a router interface. For
example- a dual stacked (i.e., IPv4 and IPv6) router interface. A router interface can have:
- One outbound IPv4 ACL
-One inbound IPv4 ACL
- One outbound IPv6 ACL
For functioning of ACL in proper way, firstly apply it to a routers interface. It is done so as to
make our process easier and less time-consuming as all routing and forwarding decisions are
made from the router’s hardware. Further, when we create an ACL entry, we should follow a
particular pattern wherein source address goes first followed by destination address. The
incoming flow is the source of all hosts or network and outgoing is the destination of all hosts
and network hence source address comes beforehand. For e.g., When we configure extended
ACL for IP on a Cisco router, to create deny/permit rule, we must define source first then
destination. Syntax of the same is;
IP
access-list <access-list no.>
{deny/permit} protocol-source_source-wildcard-mask_destination_destinationwildcard-mask
Hence, following the abovementioned factors we can create ACLs.
7. Describe the advantages and disadvantages of NAT.
Ans: Network Address Translation (NAT) is a process in which one or more local IP
address is translated into one or more Global IP address and vice versa in order to
provide Internet access to the local hosts. Also, it does the translation of port numbers
i.e. masks the port number of the host with another port number, in the packet that will
be routed to the destination.
The Advantages of NAT are:
• The main advantage of NAT (Network Address Translation) is that it can prevent the
depletion of IPv4 addresses.
• NAT (Network Address Translation) can provide an additional layer of security by
making the original source and destination addresses hidden.
• NAT (Network Address Translation) provides increased flexibility when connecting to
the public Internet.
.NAT (Network Address Translation) allows to use your own private IPv4 addressing
system and prevent the internal address changes if you change the service provider.
The Disadvantages of NAT are:
• NAT (Network Address Translation) is a processor and memory resource consuming
technology, since NAT (Network Address Translation) need to translate IPv4 addresses
for all incoming and outgoing IPv4 datagrams and to keep the translation details in
memory.
• NAT (Network Address Translation) may cause delay in IPv4 communication.
• NAT (Network Address Translation) cause loss of end-device to end-device IP
traceability.
Some technologies and network applications will not function as expected in a NAT
(Network Address Translation) configured network.
8. Explain how the IPsec framework is used to secure network traffic.
Ans: Internet Protocol Security (IPsec) is an IETF standard (RFC 2401-2412) that defines how a
VPN can be secured across IP networks. IPsec protects and authenticates IP packets between
source and destination. It can also define the encrypted, decrypted and authenticated packets.
Using IPsec framework, IPsec provides these essential security functions:
1. Confidentiality- IPsec uses encryption algorithms to prevent cybercriminals from reading the
packet contents.
2. Integrity- IPsec uses hashing algorithm to ensure that packets have not been altered between
source and destinations. It ensures the originality of our transferred information.
3. Origin authentication- IPsec uses the Internet Key Exchange (IKE) protocol to authentic
source and destination. Methods of authentication include using pre-shared keys, digital
certificates, or RSA certificates. Diffie-Hellman-Secure Key exchange typically uses various
groups of DH algorithm.
IPsec is not bound to any specific rules for secure communications. This flexibility of the
framework allows IPsec to easily integrate new security technologies without updating the
existing IPsec standards. IPsec encrypts data packets sent over the IPv4 and IPv6 networks. IPsec
protocols use a format called Request for Commands (RFC) to develop the requirements for the
network security standard, it makes use of tunneling. The data packets that we define as
sensitive or interesting are sent through the tunnel securely. By defining the characteristics of
tunnel, the security protection measures of sensitive packets are defined.
9. Describe different types of VPNs with their benefits.
Ans: A virtual private network better known as a VPN, gives you online privacy and anonymity by
creating a private network from a public internet connection. VPNs mask your internet protocol
(IP) address so your online actions are virtually untraceable. Most important, VPN services
establish secure and encrypted connections to provide greater privacy than even a secure Wi-Fi
hotspot.
The different types of VPNs are as follows:
A) Remote access VPNs.
B) Personal VPNs services.
C) Mobile VPNs.
D) Site-to-site VPNs.
Remote access VPNs: A remote access VPN lets you use the internet to connect to a private
network, such as your company’s office network. The internet is an untrusted link in
communication. VPN encryption is used to keep the data private and secure as it travels to and
from the private network. Remote access VPNs are also sometimes called client-based VPNs or
client-to-server VPNs.
Personal access VPNs: A personal VPN services connects to you to a VPN server, which then acts
as a middleman between your devices and the online services you want to access. The personal
VPN encrypts your connection, hides your identity online and lets you spoof your geographical
location.
Mobile VPNs: A mobile VPN is a better potion than a remote access VPN if the user is unlikely to
have a stable connection on the same network for the entire session. A mobile VPN can be used
with any devices and any connection, it doesn’t have to be a mobile phone on a mobile network.
Site-to-Site VPNs: Whereas a remote access VPN is designed to let designed to let individual
users connect to a network and its resources, a site-to-site VPN joins together two networks on
different sites. If a company had two offices on the east coast and west coast, for example: a
site-to-site VPN could be used to combine them into a single network. Site-to-site VPNs are also
sometimes known as network-based VPNs.
10. Describe the different QoS models. Describe the different QoS models.
Ans: Quality of Service abbreviated as QoS refers to any technology that manages data traffic to
reduce packet loss, latency, etc.
There are three different QoS models which are listed and briefly described below:
1) Best-effort model
2) Integrated Services (IntServ)
3) Differentiated services (DiffServ)
Best-effort model: The best-effort model treats all network packets in the same way, so an
emergency voice message is treated the same way that a digital photograph attached to an
email is treated.
Integrated services (IntServ): IntServ delivers the end-to-end QoS that real-time applications
require. It explicitly manages network resources to provide QoS to individual flows or streams,
sometimes called microflows. It uses resource reservation and admission control mechanisms as
building blocks to establish and maintain QoS. It uses a connection-oriented approach. Each
individual communication must explicitly specify its traffic descriptor and requested resources to
the network. The edge router performs admission control to ensure that available resources are
sufficient in the network.
Differentiated services (DiffServ): The differentiated services (DiffServ) QoS model specifies a
simple and scalable mechanism for classifying and managing network traffic. It is not an end-toend QoS strategy because it cannot enforce end-to-end guarantees. Hosts forward traffic to a
router which classifies the flows into aggregates (classes) and provides the appropriate QoS
policy for the classes. Enforces and applies QoS mechanisms on a hop-by-hop basis, uniformly
applying global meaning to each traffic class to provide both flexibility and scalability.
11. Explain how network transmission characteristics impact quality.
Ans: QoS (Quality of Service) is a very crucial factor of any system nowadays. Customer
satisfaction is a major objective of any system and QoS must be ensured to fulfill that. New
applications, such as voice and live transmissions, create higher expectations for quality among
users.
Network Transmission Quality is important for network communications. When we have a file
that needs to be transmitted and the traffic volume is greater than the actual what could be
transported, then we must have a kind of mechanism where our data is hold for certain time
and later released section by section to interface based on the memory and hardware’s
resources which are available in that particular device. If traffic volume is greater congestion
occurs. Congestion basically is a condition when multiple communication lines aggregate onto a
single device such as router, and then much of that data is placed on just a few outbound
interfaces, or onto a slower interface. It can also occur when large data packets prevent smaller
data packets from being transmitted in a timely manner.
The volume of traffic being greater i.e., congestion enables device queue that holds the packets
in memory until resources become available to transmit them. Queueing packets will mainly
result in
delays as when we have to hold our packets until the previous one has been processed. And if
the number of packets in queue (hold) increases, then the memory within the device fills up and
packets are dropped. This leads to inefficiency in our system also, the quality of service is
degraded.
12. Explain different types of Device Discovery Protocol with configuration syntax.
Ans: Discovery protocol or service discovery protocol simply refers to network protocols which
allow automatic detection of devices and services offered by these devices on a computer
network. We can also consider it as an action of finding a service provider for a requested
service. Three primary Discovery Protocol includes;
1. Cisco Discovery Protocol (CDP)
2. LLDP (Link Layer Discovery Protocol)
3. SNMP (Simple Network Management Protocol)
1) Cisco Discovery Protocol
Cisco Discovery Protocol (CDP) is Layer-2 proprietary protocol which is basically used to
discover and share information about network-connected Cisco equipment. CDP cannot be
operated on any other Windows. This protocol collects information about Cisco neighbor
devices and the Cisco devices share their information by sending CDP announcements after
every 60 secs. The hold down time is 180 secs. If no announcements are received from a device
before the timer expires, the device’s information is discarded. Basic commands of CDP are;
- show cdp neighbors
- show cdp neighbor's details.
CDP is a powerful network monitoring and troubleshooting tool. It enables us to access a
summary of protocol and address information about Cisco devices that are directly connected.
2) Link Layer Discovery Protocol
Link Layer Data Protocol is a vector-neutral, layer-2 discovery protocol. It is used by network
devices to share information about their identities and functionality with other network
elements. LLDP defines a standard method for Ethernet network devices to advertise
information about themselves to other nodes on the network and store the information they
discover. It allows devices to send and receive LLDP data units to and from neighbors. Receiving
device stores information in a MIB (Management Information Base) which can be accessed using
SNMP protocol. Basic commands of LLDP are;
- #show lldp
- #show lldp entry </entry-name
- #clear lldp table
- #clear lldp counter
3) Simple Network Management Protocol
Simple Network Management Protocol (SNMP) is an application layer protocol that provides a
message format for agents on a variety of devices to communicate with network management
situations (NMSs). The NMS periodically queries polls SNMP agent on a device to gather and
analyze statics via GET messages. End devices running SNMP agents would send SNMP trap to
NMS if problem occurs.
13. Explain how SNMP operates. Describe syslog operation.
Ans: Simple Network Management Protocol (SNMP) is an application layer protocol that
provides a message format for agents on a variety of devices to communicate with network
management situations (NMSs). All SNMP messages are transported via UDP. The SNMP agent
receives request on UDP port 161. The manager may send a request from any available source
to port 161 to the agent.
SNMP works by sending messages called Protocol Data Units (PDUs), to devices within your
network that “speak” SNMP. These messages are called SNMP Get requests. Using these
requests, network administrations can task virtually any data values they specify.
Talking about how SNMP operates, the following operations are performed sequentially:
S.
N.
Operations
Description
1.
get-request
retrieves a value from a specific variable.
2.
get-next-request
retrieves a value from a variable within a table; the SNMP
manager doesn’t need to know the exact variable name. Aa
sequential search is performed to find the needed variable from
within a table.
3.
get-bulk-request
retrieves large blocks of data, such as multiple rows in a table,
that would otherwise request the transmission of many small
blocks of data (only works with SNMPv2 or later).
4.
get-response
replies to a get-request, get-next-request and set-request sent by
an NMS.
5.
set-request
stores a value in a specific variable.
Syslog refers to system logging protocol. On Cisco network device, the syslog protocol starts by sending
system messages and debugging output to a local logging process that is internal to the device. Logging
process manages these messages and debug output to a local logging process that is internal to the
device. The logging process manages these messages and output is based on device configurations. For
e.g., syslog messages may be sent across the network to an external syslog server. These messages can
be retrieved without any need to access the actual device. Log messages and output stored on the
external server can be pulled into various reports for easier reading. Alternatively, syslog messages may
be sent to an internal buffer. Messages sent to an internal buffer are only viewable through the CLI of
the device.
Finally, the network administrator may specify that only certain types of system messages be sent to
various destinations. For example: the device may be configured to forward all system messages to an
external syslog server. However, the debug-level messages are forwarded to the internal buffer and are
only accessible by the administrator from the CLI.
14. Explain considerations for designing a scalable network.
Ans: Scalable network in terms of IT refers to any network that can continue to grow in future
without losing its authenticity, reliability, and availability.
Any well-designed network should have a scalable factor in it. This means the chosen topology
should be able to accommodate projected growth. The network designer should work
considering the scalable factor of the decision. A small, medium, or large network should be
available to work efficiently and easily to further assure the scalability factor. Major
considerations for designing a scalable network are as listed below:
- Use expandable, modular equipment, or clustered devices that can be easily upgraded to
increase capabilities. Device modules can be added to the existing equipment to support new
features and devices without requiring major equipment upgrades.
- Design a hierarchical network to include modules that can be added, upgraded, and modified
as necessary without affecting the design of the other functional areas of the network.
- Create an IPv4 and IPv6 address strategy that is hierarchical. Careful address planning
eliminates the need to re-address the network to support additional users and services.
- Choose routers or multilayer switches to limit broadcasts and filter other undesirable traffic
from the network. Use layer 3 devices to filter and reduce traffic to the network core.
Since, scalable network is quite a crucial factor for any organization, aforementioned points are
some of the things to be considered while designing our network.
15. Explain the importance of cloud computing. Describe software-defined networking.
Ans: Cloud computing is the delivery of computing services—including servers, storage,
databases, networking, software, analytics, and intelligence—over the Internet (the cloud) to
offer faster innovation, flexible resources, and economies of scale.
Importance of cloud computing includes;
• Scalability: Cloud computing allows you to use as many or as few resources as you need.
Therefore, depending on your business needs or projected traffic to your business you can
choose to increase or decrease your investment in IT infrastructure.
• Saving Costs: Cloud computing helps businesses to reduce costs in various ways. Companies
only pay for the resources they use, making this process a more economical option than having
to buy and manage their own resources. Cloud computing also results in considerable savings in
Capital Expenditure and Operating Expenditure because companies do not have to invest in
expensive hardware, storage devices, software, etc.
• Disaster Recovery: With all data stored in the ‘cloud’ backup and recovery of data and
applications is quicker and more reliable. This applies to all sizes of organizations and volumes of
data. 20% of cloud users claim disaster recovery in four hours or less as opposed to only 9% of
non-cloud users.
• Security: It is the duty and responsibility of the cloud service providers to carefully monitor
security. Compare this against an in-house I.T. department, for example, which is tasked with so
many internal processes to manage; security is just one of the many items on the list.
• Flexibility: When using cloud computing the number of options is vast. Depending on the size
of the organization, business needs, workloads, etc., companies can choose cloud infrastructure
and services accordingly.
Software-Defined Networking (SDN) is a network architecture approach that
enables the network to be intelligently and centrally controlled, or ‘programmed,’ using
software applications. This helps operators manage the entire network consistently and
holistically, regardless of the underlying network technology.
16. Explain the importance of virtualization. Describe the virtualization of network devices
and softwares.
Ans: Virtualization is the process of running a virtual instance of a computer system in a layer
separate from the actual hardware. Virtualization can increase IT agility, flexibility and scalability
while creating significant cost savings. Greater workload mobility, increased performance and
availability of resources, automated operations – they’re all benefits of virtualization that make
IT simpler to manage and less costly to own and operate.
The importance of Virtualization are as follows:
Easier IT management:
The benefits of virtualization technology are that the IT representatives saved a large part of the
provisioning work and grueling maintenance that actual servers require. A new VMWare white
paper noted. Considering that routine tasks like launching new applications and adding new
server workloads represent at any rate half of representatives’ time.
Speedy Recovery Time:
The benefits of virtualization in disaster recovery are to consider quicker recuperation of IT
resources that accommodate improved business revenue and continuity. The more seasoned
frameworks are unequipped for recuperating inside a couple of hours, and, organizations
experience any longer downtime, which brings about income misfortune.
Better Scalability:
The other benefits of virtualization are that the virtualized conditions are intended to be
versatile, which considers greater adaptability regarding organization development. Rather than
buying extra infrastructure components, new upgrades and applications can be executed with
virtualization without much of a stretch.
More agile business processes:
Another benefit of virtualization is that the business world changes quickly, and organizations
should have the option to react in a similar manner. Rather than customary organization plans,
which required making arrangements for hardware installation and purchases, virtual
foundation permits organizations to scale quickly, including new virtual servers' request.
Moreover, it’s simpler to change how virtual resources are allotted, enabling organizations to
move methodologies in a hurry.
Move to be more green-friendly:
At the point when you can eliminate the number of actual servers you are utilizing, it will lead to
a decrease in the measure of power being devoured. These two green benefits of virtualization
are that it diminishes the data center's carbon impression and lessens costs for the business.
That money can be reinvested somewhere else.
Network virtualization means virtual network components can mimic real-world physical
hardware functions. Now we can have things like a virtual router inside a router, a virtual switch
inside a switch, virtual firewalls inside a firewall and all those network devices can be virtualized
inside a server/PC. We can utilize network resources efficiently by using virtual networks.
17. Describe the purpose of WANs. Briefly explain the types of WANs topology designs.
Ans: A wide area network (also known as WAN), is a large network of information that is not tied
to an individual location. WANs can facilitate communication, the sharing of information and
much more between devices from around the world through a WAN provider. It consists of high
border geographical areas. It provides internet, mail, and e-commerce services. It can provide
real-time communication with each device.
The main purpose of WANs is if there is no WAN connection, the organization will be isolated in
a restricted area or a specific geographic area. The wide area network will allow organizations to
work in their buildings, but cannot extend to outside areas (different cities or even different
countries). As organizations grow and internationalize, WAN allows them to communicate
between branches, share information, and stay connected. However, the wide area network
also provides basic services to the public. University students may rely on WAN to access library
databases or university research. Every day, people rely on WAN for communication, banking,
shopping, etc. WANs can be vital for international businesses, but they are also essential for
everyday use, as the internet is considered the largest WAN in the world.
The types of WANs are as follows:
Point-to-Point WAN Topology: Point-to-Point WAN topology is the topology that connects one
site to the other like they are connected directly. This type of topology is also called Leased
Lines. They are leased from a Service Provider based on required bandwidth and the distance
between the two sites. They are not a shared solution. So, if we compare Point-to-Point
connections with the other WAN solutions, they are an expensive solution.
Hub and Spoke WAN Topology: Hub and Spoke Topology is the topology that is used to connect
multiple sites. In this type of WAN topology, there are two roles as its name implies, Hub and
Spoke. Hub is the central device at one site that is connected to all the other devices. The
Spokes are only connected to the Hub. There is not a direct connection between Spokes. Hub
and Spoke WAN Topology is less expensive if you compare this design with a Point to Point one.
Because, there is no need to connect each site one by one to other sites.
Full Mesh WAN Topology: Full Mesh WAN Topology is the topology that each site is connected
to the other sites one by one. This topology needs more resources and is expensive. Besides, it
needs an extra effort because of the number of connections. The connection number that we
need for a Full Mesh Topology is calculated with the formula below:
N x (N-1) / 2
Dual-Homed WAN Topology: Dual-Homed WAN Topology is a very good solution for better
performance, load balancing and redundancy. But it has a disadvantage about the cost. It is an
expensive solution. In Dual-Homed Topology, a site is connected to another two central sites.
18. Explain the purpose and function of NAT. Explain the operation of different types of
NAT.
Ans: NAT stands for network address translation. It is a way to map multiple local private
addresses to a public one before transferring the information. Organizations that want multiple
devices to employ a single IP address use NAT, as do most home routers. Network address
translation allows IP address conservation. Organizations using NAT could use hundreds, or even
thousands of private addresses, while only using a single public IP address. Larger organizations
may still use more public IP addresses for public servers, while keeping all the internal
workstations and servers configured with private NAT addresses.
The functions of NAT are as follows:
Address translation for data transfer: When the packets are transmitted from a local host to
another host in another network, then the packets are moved from local network to global
network. Then, the NAT process of the border router converts the local IP address of the
transmitted packet to a global IP address. When that packet moves from global network to local
network, then again, the global IP is converted to local IP and the packet reaches the local host
of that network.
Security in IP addresses: NAT provides privacy of the device IP addresses by keeping them
hidden when traffic flows through the network. Using the IP masquerading process NAT hides
the device IP addresses.
Eliminates address renumbering: It eliminates the address renumbering when a network
evolves.
Firewall security: It has important applications in firewall security, by conserving the number of
public addresses within an organization along with strict control over accessing resources at
both sides of the firewall.
20.