Network topology

1. Star network topology , Double star network topology （ Most widely used in enterprises ）

        High pressure at the central node （ Buy high-performance equipment ）

        Easy to implement 、 Easy to expand the network 、 Easy troubleshooting

2. Network topology

        High reliability

        The cost is very high

TCP/IP Five layer protocol cluster / Protocol stack

application layer （DHCP,FTB,HTTP,RDP...)          data

Transport layer （TCP/UDP）                                 Data segment                                   Process to process communication ( Port number )

The network layer （IP）                                             message （ package ）                              Point to point communication

Data link layer                                                     frame                                         

The physical layer                                                         The bit

  The physical layer

1. Ethernet cable / Optical fiber

2. The bit         

8bit=1Byte

1024B = 1KB

1024KB=1GB

1024GB=1TB

1024TB=1PB

3. The signal ：

Electrical signals ：

analog signal , digital signal （ Strong anti-interference ability , Short transmission ）

                amplifier         Repeater

optical signal ：

Fiber type ：

1） Single mode fiber （ Single light ） It's usually yellow

2） Multimode fiber         It's usually orange / Blue

4. Ethernet cable / Twisted pair ：

5 Class a twisted pair

super 5 class

6 class

7 class

T568A： White and green , green , White orange , blue , White and blue , orange , White brown , Brown

T568B： White orange , orange , White and green , blue , White and blue , green , White brown , Brown

The use of cable classification ：

Cross line ： At one end A, At one end B. The same kind of equipment （ Equipment with more than three floors is regarded as the same kind of equipment ）

Through line ： It's on both ends A Or both B, Use between different kinds of equipment （ The Internet cables bought online are basically ）

All negative ： At one end A, At the other end is the opposite A, It is also known as console Line

Cisco software basic tutorial

console mouth , Used to open the switch management interface , Only enterprise switches

Ten trillion mouths （10Mb/s）

Ethernet 

A hundred trillion mouths （100Mb/s）

  Giga ports （1000Mb/s）

  Ten thousand megabytes （10000Mb/s）

TengigabitEthernet（TE）

Most computers are adaptive gigabit network cards , Adaptive means that you can surf the Internet at a lower speed

Pictured , The computer works in 100m mode , The unit of Gigabit hour network speed is G 

f0/1 analysis

f： A hundred trillion mouths

0： Module number

1： Interface number

0/1：0 The first interface on the module

Module installation

Because the router has only two network ports , Therefore, you need to install modules to contact the following figure PC

  Double click to open the router interface —— There are optional modules on the left —— Shut down before installation

NM：network model Network module

2FE：2 individual FastEthernet mouth

  After installation, there is a new port

  Remove the router model

1. Open Settings  

Uncheck the two items in the figure

  Check the items in the figure

  After modification, it is shown in the figure

Traffic grabber （wireshark）

One 、 network card

wireshark It is to crawl the data traffic on the host network card

1、 NIC mode

        Hybrid mode ： No matter whether the goal is yourself , All received

        Non hybrid model ： By default , The network card of the host is in this state , Will not accept non own data

2、 Interface understanding

3、 Two filters

         Capture filter ： Filter before capturing packets

        Display filter ： You can filter before and after capturing packets , But it will not affect the grabbed package （ Will grab all the bags , Only some packages are displayed when viewing ）

4、 filter

        Capture filter

                grammar

                        type ：host  net  port

                        Direction ：src   dst

                        agreement ：ether ip tcp udp ftp..........

                        Logical operators ：&& And         || or         ！ Not

                give an example

                        Grab source IP by 192.168.1.12 And the target port is 80 Message of

src host 192.168.1.12 && dst port 80

                          Grab IP The address is 192.168.18.14 Or do IP The address is 192.68.18.1 Message of

host 192.168.18.14 || host 192.168.18.1

Don't grab broadcast packets

broadcast 

Display filter

        grammar

                Comparison operator ：==（eq）   !=(neq)      Greater than > (gt)    Less than < (lt)    Greater than or equal to >= (ge)    Less than                                              be equal to <=（le）

                Logical operators ：and（&&） And      or（||）   not

                IP Address filtering ： ip.addr                Ip.src                ip.dst

                Port filtering ：tcp.port       udp.port      tcp.dstport        tcp.flag.syn        tcp.flag.ack

                Protocol filtering ：arp        ip        icmp        udp        tcp        http

        give an example

        Show source IP be equal to 192.168.18.14 also tcp Port is 80

ip.src==192.168.18.14 and tcp.port==80

5、 Case study

Open the grab bag , Capture all messages

Filter DNS message , Find the corresponding domain name resolution message

according to DNS Back to IP Address , Find the host and server TCP The exchange process

  Find the client requesting the server HTTP message , track HTTP Flow situation