1. gateways
1.1. Joins two networks so the devices an one network can communicate with the device an another network.
1.2. Categories
1.2.1. Unidirectional getaways
1.2.2. Bidirectional gateways
2. Protocol analysis
2.1. TCP/IP suite protocol
2.1.1. A set of rules and procedures is commonly referred to as TCP/IP
2.1.2. Five Layer of TCP/IP
2.1.2.1. Physical, data link, network, transport, and application layer
2.2. IP Interface
2.2.1. Each layers major functions are distinct from all the others, but layers can be combined for performance reasons.
2.3. Problem related to TCP
2.3.1. Packets replication
2.3.1.1. Packet are retransmitted over the network if there congestion or if the packet lost.
2.3.2. Checksum error
2.3.2.1. The checksum is part of the TCP header field. The purpose of a checksum is to ensure data integrity. A failed checksum indicated a problem with the data in a packet.
2.3.3. Bottleneck bandwidh
2.3.3.1. A bandwidth bottleneck is a phenomenon where the performance of a network is limited because not enough bandwidth is available to ensure that all data packets in the network reach their destination.
2.3.4. Packet loss
2.3.4.1. Packet loss occurs when one or more packets of data travelling across a computer network fail to reach their destination. Packets loss is typically caused by network congestion.
2.4. IP Datagram
2.4.1. Maximum Transfer Unit(MTU)
2.4.1.1. MTU is the largest size packet or frame, specified in octets(eight bit byte). It can be sent in a packet or frame based network such as the Internet.
2.4.2. Framentation
2.4.2.1. An IP process that breaks datagrams into smaller pieces (fragments). So that packet may be formed that can pass through a link with a smaller maximum transmission unit (MTU) than the original datagrams size.
2.4.3. Encapsulation
2.4.3.1. When data moves from upper layer to lower level of TCP/IP(outgoing transmission) each layer includes a bundle of relevant information called a header along with the actual data.
2.5. Modes in Encapsulating security
2.5.1. Tunnel mode
2.5.1.1. protects the internal routing information by encrypting the IP header of the original packet.
2.5.2. Transport mode ESP
2.6. IPv6 header format
2.6.1. The wonder of IPv6 lies in its header. An IPv6 address is 4 times larger than IPv4 but surprisingly, the header of an IPv6 address is only 2 times larger than of IPv4.
2.6.1.1. Protects the internal routing information by encrypting the IP header of the original packet.
2.6.2. List describes the function of each header field.
2.6.2.1. Version
2.6.2.1.1. 4-bit version number of Internet Protocol = 6.
2.6.2.2. Traffic class
2.6.2.2.1. 8-bit traffic class field.
2.6.2.3. Flow label
2.6.2.3.1. 20-bit field.
2.6.2.4. Payload length
2.6.2.4.1. 16-bit unsigned integer, which is the rest of the packet that follows the IPv6 header, in octets.
2.6.2.5. Next header
2.6.2.5.1. 8-bit selector. Identifies the type of header that immediately follows the IPv6 header. Uses the same values as the IPv4 protocol field.
2.6.2.6. Hop limit
2.6.2.6.1. 8-bit unsigned integer. Decremented by one by each node that forwards the packet. The packet is discarded if the hop limit is decremented to zero.
2.6.2.7. Source address
2.6.2.7.1. 128 bits. The address of the initial sender of the packet.
2.6.2.8. Destination address
2.6.2.8.1. 128 bits. The address of the intended recipient of the packet. The intended recipient is not necessarily the recipient if an optional routing header is present.
2.7. Common protocols and standards
2.7.1. Domain Name Server Security (DNSSEC)
2.7.1.1. created to address vulnerabilities in the Domain Name System (DNS) and protect it from online threats.
2.7.2. Generic Security Services API (GSSAPI)
2.7.2.1. is an application programming interface for programs to access security services.
2.7.3. Secure Hypertext Transfer Protocol (SHTTP)
2.7.3.1. is an extension to the Hypertext Transfer Protocol (HTTP) that allows the secure exchange of files on the World Wide Web.
2.7.4. Secure Sockets Layer (SSL)
2.7.4.1. is a computer networking protocol for securing connections between network application clients and servers over an insecure network, such as the internet.
2.7.5. Security Takens
2.7.5.1. A small hardware device that the owner carries to authorize access to a network service. Security tokens provide an extra level of assurance through a method known as two-factor authentication: the user has a personal identification number (pin)
2.7.6. BlackDuck
2.7.6.1. Black Duck Software attempts to address that question with Black Duck Hub, a system that allows enterprise developers and code auditors to continuously audit the use of third-party open source code for known vulnerabilities.
3. Key elements in a network
3.1. Nodes
3.1.1. network node is a connection point that can receive, create, store or send data along distributed network routes.
3.2. Network Backbone
3.2.1. A backbone is the part of the computer network infrastructure that interconnects different networks and provides a path for exchange of data between these different networks.
3.3. Segments
3.3.1. A segment is a defined portion or section of something larger such as a database, geometric object, or network. The term is used in database management, graphics, and communications.
3.4. Subnets
3.4.1. Subnets is the strategy used to partition a single physical network into more than one smaller logical sub-networks (subnets). An IP address includes a network segment and a host segment.
4. IP an Virtual address
4.1. Internet Protocol Address
4.1.1. An Internet Protocol address (IP address) is a numerical label assigned to each device (eg, computer, printer) participating in a computer network that uses the Internet Protocol for communication.
4.1.2. IPv4
4.1.2.1. Internet Protocol version 4
4.1.2.2. Consists of 32 bits
4.1.3. IPv6
4.1.3.1. A new Internet addressing system Internet Protocol version 6 (IPv6) is being deployed to fulfill the need for more Internet address
4.1.3.2. consists of 128 bits
4.1.3.3. allows for approximately three hundred and forty trillion, trillion unique IP address.
4.2. Virtual IP address
4.2.1. An IP address that is shared among multiple domain names or multiple servers.
4.2.2. A virtual IP address eliminates a host's dependency upon individual network interfaces.
4.2.3. Incoming packets are sent to the system's VIPA address, but all packets travel through the real network interfaces.