網路地址轉換 NAT
維基百科,自由的百科全書
在計算機網路中,網路地址轉換(Network Address Translation或簡稱NAT,也叫做網路掩蔽或者IP掩蔽)是一種在IP數據包通過路由器或防火牆時重寫源IP地址或/和目的IP地址的技術。這種技術被普遍使用在有多台主機但只通過一個公有IP位址訪問網際網路的私有網路中。根據規範,路由器是不能這樣工作的,但它的確是一個方便並得到了廣泛應用的技術。當然,NAT也讓主機之間的通信變得複雜,導致通信效率的降低。
2011年1月22日 星期六
網路地址轉換 - 維基百科,自由的百科全書
預設路由 - 維基百科,自由的百科全書
動態路由選擇 Dynamic Routing
Dynamic Routing 動態路由選擇 動態路由選擇是指路由器隨著網路拓撲結構和通信流量的改變而自動調整的過程。與之相對的是靜態路由選擇,它需要路由器管理人員手工輸入路由。動態路由選擇在所有現代路由器中都使用,但必要時仍要採用編程,按規則定制路由。電腦詞典/動態路由選擇 Dynamic Routing - 實用查詢
2011年1月21日 星期五
Static routing - Wikipedia, the free encyclopedia
Static routing
From Wikipedia, the free encyclopedia
Jump to: navigation, search
Static routing is a data communication concept describing one way of configuring path selection of routers in computer networks. It is the type of routing characterized by the absence of communication between routers regarding the current topology of the network.[1] This is achieved by manually adding routes to the routing table. The opposite of static routing is dynamic routing, sometimes also referred to as adaptive routing.
In these systems, routes through a data network are described by fixed paths (statically). These routes are usually entered into the router by the system administrator. An entire network can be configured using static routes, but this type of configuration is not fault tolerant. When there is a change in the network or a failure occurs between two statically defined nodes, traffic will not be rerouted. This means that anything that wishes to take an affected path will either have to wait for the failure to be repaired or the static route to be updated by the administrator before restarting its journey. Most requests will time out (ultimately failing) before these repairs can be made. There are, however, times when static routes make sense and can even improve the performance of a network. Some of these include stub networks and default routes.
2011年1月20日 星期四
電腦詞典/交換式集線器 Switching Hubs - 實用查詢
交換式集線器 Switching Hubs
【解釋】: 交換式集線器是一個能在共享網路拓撲結構中減少競爭訪問的設備,其採用的技術是用微分段的方法來減少一個段上的節點數。在一個經微分段後的網上,一個局域網路段上的節點可能少至只有一個。這時,交換式集線器處理那些不同網路段上需進行通信的節點間的所有連接。注意這裏所述的交換技術不同於前面所討論的端口交換技術,端口交換實質上是一個管理功能,借助這個功能,管理者可使用一個管理程式而不是物理地移動集線器的電纜來把工作站在邏輯段之間進行移動。有了交換技術,LAN可被分段,類似於一個橋接器,交換式集線器處理段之間的數據傳送,但交換式集線器的吞吐率不會低於橋接器的吞吐率。最初,交換式集線器是為部門使用設計的,並且建在其自己的底板上。而最新的交換式集線器是一些模塊化單元,它們位於企業集線器之中。
MAC Table
MAC Table...
這個table是Switch在轉送frame參考的表
記錄著某個MAC
從哪個VLAN、Port學到的
並且是Dynamic(Switch自動學到)
或是Static(User從Static MAC Forwarding設定)
2011年1月17日 星期一
Hardware Redundancy
Hardware Redundancy 硬體冗餘
The architecture of a Sun Cluster hardware system is designed so that no SPOF can make a cluster unavailable. Redundant high-speed interconnects, storage system connections, and public networks ensure that cluster connectivity does not experience single failures.
hint:
利用多餘硬體 (Hardware Redundancy)、多餘軟體 (Software Redundancy)、多餘時間 (Time Redundancy) 或是多餘資訊 (Information Redundancy) 設計出來的容錯系統,可稱之為高可用度系統。
Layer 2 Switch
Layer 2 Switch顧名思義,即是在區域網路通訊傳輸中僅以第二層(MAC層)的資訊來作為傳輸與資料交換之依據,通常此類交換器先以學習的方式(Learning) 在每一個port 紀錄該區段的MAC Address再根據MAC層封包中的目的地位址(Destination Address,DA)傳送該封包至目的地的port (或區段),其他port (或區段)將不會收到該封包,若目的地位址仍然在該(或區段),則封包將不會被傳送。
Layer 2 的Switch由於只判斷第二層的資訊故其處理效能佳,且其有效隔絕區段間非往來封包(及獨享頻寬),大大提昇網路的傳輸效能,且因技術與ASIC晶片的功能日益強化,目前較高檔的Layer 2 Switch 每個port 均可達到Wiring Speed 的傳輸率(Ethernet 為14880pps,Fast Ethernet 為148800pps)。
Layer 3 Switch
Layer 3 Switch 又稱為IP Switch 或Switch Router, 意即其工作於第三層網路層的通信協定(如IP),並藉由解析第三層表頭(Header)將封包傳至目的地,有別於傳統的路由器以軟體的方式來執行路由運算與傳送,Layer 3 Switch是以硬體的方式(通常由專屬ASIC構成)來加速路由運算與封包傳送率並結合Layer 2 的彈性設定,因此其效能通常可達每秒數百萬封包(Million packet per second)的傳送率,並具備數十個至上百個以上的高速乙太網路(Fast Ethernet)連接埠,或數個至數十個超高速乙太網路(Gigabit Ethernet)連接埠之容量。
傳統路由器通常可處理Multiprotocal 多重協定路由運算(如IP,IPX AppleTalk,DEC Net...etc)但Layer 3 Switch 通常只處理IP 及IPX,此乃為簡化設計,降低路由運算與軟體的複雜性以提昇效能,並配合網路協定發展的單純化(多重協定慢慢簡化至IP一種協定)趨勢所致。
2011年1月16日 星期日
WEP
有線等效加密(Wired Equivalent Privacy),又稱無線加密協議(Wireless Encryption Protocol),簡稱WEP,是個保護無線網路(Wi-Fi)信息安全的體制。因為無線網路是用無線電把訊息傳播出去,它特別容易被竊聽。WEP 的設計是要提供和傳統有線的區域網路相當的機密性,而依此命名的。不過密碼分析學家已經找出 WEP 好幾個弱點,因此在2003年被實現大部分 IEEE 802.11i 標準的 Wi-Fi Protected Access (WPA) 淘汰,又在2004年由實現完整 IEEE 802.11i 標準的 WPA2 所取代。WEP 雖然有些弱點,但也足以嚇阻非專業人士的窺探了
WPA
Wi-Fi 保護存取規格 ( Wi-Fi Protected Access, WPA)
由Wi-Fi聯盟與IEEE聯手推出的Wi-Fi強化版安全規格,用以取代既有但安全性較差的WEP標準。Wi-Fi產品目前多採用所謂的WEP加密機制來提供無線上網的安全性
Leased line 專線
Leased line 專線電腦詞典/Leased line 專線 - 實用查詢
【解釋】: 專線,通過專線提供給用戶接入公共網路的橋樑。一般的專線有電話專線、分組網專線、DDN專線、ISDN專線、幀中繼專線。
Loopback
The term loopback (sometimes spelled loop-back) is generally used to describe methods or procedures of routing electronic signals, digital data streams, or other flows of items, from their originating facility quickly back to the same source entity without intentional processing or modification. This is primarily intended as a means of testing the transmission or transportation infrastructure.Loopback - Wikipedia, the free encyclopedia
Private IPv6 addresses
The concept of private networks and special address reservation for such networks has been carried over to the next generation of the Internet Protocol, IPv6.Private network - Wikipedia, the free encyclopedia
The address block fc00::/7 has been reserved by IANA as described in RFC 4193. These addresses are called Unique Local Addresses (ULA). They are defined as being unicast in character and contain a 40-bit random number in the routing prefix to prevent collisions when two private networks are interconnected. Despite being inherently local in usage, the IPv6 address scope of unique local addresses is global(cf. IPv6 addresses, section "IPv6 Address Scopes").
A former standard proposed the use of so-called "site-local" addresses in the fec0::/10 range, but due to major concerns about scalability and the poor definition of what constitutes a site, its use has been deprecated since September 2004 by RFC 3879.
Private IPv4 address spaces
The Internet Engineering Task Force (IETF) has directed the Internet Assigned Numbers Authority (IANA) to reserve the following IPv4 address ranges for private networks, as published in RFC 1918:Private network - Wikipedia, the free encyclopedia
RFC1918 name
IP address range
number of addresses
classful description
largest CIDR block (subnet mask)
host id size
24-bit block
10.0.0.0 – 10.255.255.255
16,777,216
single class A
10.0.0.0/8 (255.0.0.0)
24 bits
20-bit block
172.16.0.0 – 172.31.255.255
1,048,576
16 contiguous class Bs
172.16.0.0/12 (255.240.0.0)
20 bits
16-bit block
192.168.0.0 – 192.168.255.255
65,536
256 contiguous class Cs
192.168.0.0/16 (255.255.0.0)
16 bits
Classful addressing is obsolete and has not been used in the Internet since the implementation of Classless Inter-Domain Routing (CIDR) starting in 1993. For example, while 10.0.0.0/8 was a single class A network, it is common for organizations to divide it into smaller /16 or /24 networks.
Skills Measured
Skills Being MeasuredThis exam measures your ability to accomplish the technical tasks listed below.The percentages indicate the relative weight of each major topic area on the exam.Networking Fundamentals
Understanding Network Infrastructures
Understanding Network Hardware
- Understand the concepts of Internet, intranet, and extranet.
- This objective may include but is not limited to: VPN, security zones, firewalls.
- Understand local area networks (LANs).
- This objective may include but is not limited to: perimeter networks; addressing; reserved address ranges for local use (including local loopback ip), VLANs; wired LAN and wireless LAN
- Understand wide area networks (WANs).
- This objective may include but is not limited to: leased lines, dial-up, ISDN, VPN, T1, T3, E1, E3, DSL, Cable, , etc. and their characteristics (speed, availability). Item idea: Map T1, etc to a LAN or WAN
- Understand wireless networking.
- This objective may include but is not limited to: Types of wireless networking standards and their characteristics (802.11A,B,G,N including different Ghz ranges), types of network security (WPA/WEP/802.1X etc.), point-to-point (P2P) wireless, wireless bridging
- Understand network topologies and access methods.
Understanding Protocols and Services
- Understand switches.
- This objective may include but is not limited to: transmission speed; number and type of ports; number of uplinks; speed of uplinks; managed or unmanaged switches; VLAN capabilities; Layer 2 and Layer 3 switches,, security options; hardware redundancy; support; backplane speed; switching types, mac table;understanding capabilities of hubs vs. switches
- Understand routers.
- This objective may include but is not limited to: transmission speed considerations, directly connected routes, static routing, dynamic routing (routing protocols), default routes; routing table and how it selects best route(s); routing table memory, NAT, software routing in Windows Server
- Understand media types.
- This objective may include but is not limited to: cable types and their characteristics, including media segment length and speed; fibre optic; twisted pair shielded or nonshielded; catxx cabling, wireless; ; susceptibility to external interference (machinery, power cables, etc); susceptibility to electricity (lightning), susceptibility to interception,.
- Understand the OSI model.
- This objective may include but is not limited to: OSI model; TCP model; examples of devices, protocols, applications and which OSI/TCP layer they belong to; TCP and UDP; well-known ports for most used purposes (not necessarily Internet); packets and frames
- Understand IPv4.
- This objective may include but is not limited to: subnetting; IPconfig; why use IPv6; addressing; ipv4toipv6 tunneling protocols to ensure backwards compatibility; dual ip stack; subnetmask; gateway; ports; packets; reserved address ranges for local use (including local loopback ip)
- Understand IPv6.
- This objective may include but is not limited to: subnetting; IPconfig; why use IPv6; addressing; ipv4toipv6 tunneling protocols to ensure backwards compatibility; dual ip stack; subnetmask; gateway; ports; packets; reserved address ranges for local use (including local loopback ip)
- Understand names resolution.
- This objective may include but is not limited to: DNS, WINS, steps in the name resolution process
- Understand networking services.
- This objective may include but is not limited to: DHCP, remote access
- Understand TCP/IP.
- This objective may include but is not limited to: tools, such as ping; tracert; pathping; Telnet; IPconfig; netstat, reserved address ranges for local use (including local loopback ip); protocols
Overview
This exam is designed to provide candidates with an assessment of their knowledge of fundamental networking concepts. It can also serve as a stepping stone to the Microsoft Certified Technology Specialist exams.Networking Fundamentals
訂閱:
文章 (Atom)