Network Foundation Series - Part 2: Understanding Terminology

Table of Contents

• Introduction
• Required Concepts
• Network
• Interface
• Internet
• Intranet
• WAN
• LAN
• Switch
• Router
• Wireless Access Point
• Network Addresses
  • IP Address
  • Gateway
  • Subnet Mask
  • DNS
  • MAC Address
• Analogy Time
• DHCP
• VLAN
• Useful Commands
  • IP Configuration
  • Ping
  • Trace Route
  • DNS Lookup
• Prerequisites
  • A Managed Switch
  • Hardware to Run Firewall
  • Internet Connection
• Resources
• The Network Foundation Series

Introduction

Before we begin any implementation we need to understand what we are doing and plan it out to a basic degree. Part of this planning involves making sure we have a common understanding of terminology. This helps build a strong foundation to work from, allowing us to advance our initial goals to eventually get to where we ultimately need to be.

So let's start by making sure we understand some basic networking concepts and terms that will be used throughout the series.

^TOC

Required Concepts

The list of concepts and definitions covered in this video are by no means comprehensive deep dives and we would encourage you to do some additional digging to deepen your understanding, as that is ultimately the best way to learn. We will leave some links to channels and other resources that we feel do a fantastic job of breaking down these concepts in a very simple, understandable manner in the Resources section below to get you started. Let's go!

^TOC

Network

A network is simply 2 or more devices connected to one another in a manner that allows them to exchange data. There are typically three categories of connection types. Physical, for example via a cable; wireless via radio signals; or virtual in software. It also will have a boundary of some sort. Meaning, the connections are identifiable to one another.

We will talk more about the types of boundaries that exist, but for now just know the connections stop somewhere, and where they do that's the end of the network.

That's basically all you need to know at this time. Now, boundaries come in different forms and each category of connection type has multiple different versions, but at its most basic conceptual level, when we say network, we simply mean a group of devices defined by a boundary and connected together allowing them to exchange data.

^TOC

Interface

An interface refers to the port to which the connection is established. As noted before this can be via a cable of some sort, a wireless signal, or a software defined port (virtual interface).

In the case of a physical cable, the interface will usually come in the form of an opening that accepts the cable. With wireless, it's a circuit board with one or more antenna that receives and transmits the wireless signal. The antenna can be visible or it can be hidden inside of the device, for example a laptop has this circuit board and antenna inside somewhere. You don't actually see it, but it's there.

^TOC

Internet

The internet is just a collection of many networks, connected together, allowing the exchange of data and it exists outside your local network or group of networks.

The boundary of the internet can be confusing if you have multiple networks that are local to your own physical environment. But right now, just think of the internet as the group of networks outside your own local area network.

^TOC

Intranet

This next term isn't used all that much, but may come up. The Intranet is the network or group of networks that are local to your own area and NOT part of the internet.

This introduces the idea that you can have more than one local area network. Just know that it's possible to have more than one network that is close to you that is not part of that group of networks outside your immediate network(s) we call the internet.

^TOC

WAN

WAN stands for Wide Area Network and is analogous to the Internet. However, it adds an additional concept that begins to help us understand where various devices sit in relation to the network or networks to which they are connected.

WAN typically refers to the interface or interfaces that connect directly to the internet. So think of it as the element for how networks outside one another get connected together. In reality people often use this term to refer directly to the internet. While not wrong, we will be using it to refer to interfaces and their relationship to the networks they connect together.

^TOC

LAN

LAN is a similar concept to WAN, but refers to the intranet rather than the internet. It stands for Local Area Network, referring to the interface(s) that connect(s) all of the network devices that would be part of the Intranet.

This term is often used as a replacement for intranet, but know that when we use this term in the series, we will typically be referring to the interface(s) that connect a device to the internal network(s).

^TOC

Switch

A switch is a device with multiple interfaces designed to connect more than two devices to a network and pass data, making it accessible to the devices that are connected to one of its interfaces.

It's typically needed when you want to create a network with more than two devices. This device can also come in multiple forms and be combined with other types of devices that we will talk about next. But just think of a switch as the thing that physically connects multiple devices together on the network.

^TOC

Router

A router is a device whose job is to connect two different networks together. It is designed to transfer (route) data from one network to another. It does this by being simultaneously connected to 2 or more networks on different interfaces. It knows the necessary details about each of the networks it is directly connected to, as well as what to do when the data is destined for a network that it is not directly connected to.

Routers also come in various sizes and types, including being combined with switches, as mentioned in the switch definition. The main difference between a router and a switch is the switch connects devices together to form a network and the router sends the data between those networks.

^TOC

Wireless Access Point

A wireless access point is a device with the functionality of a switch but the interfaces, instead of being physical ports that cables plug into, is a wireless antenna and a circuit board that allows multiple devices to connect to the network via a radio signal.

The most common misconception that should be corrected when it comes to Wireless technology is that wireless is synonymous with routers. This misconception stems from the fact that most homes with internet have a device that combines a router, with a switch and a WiFi access point. So most people simply merge all these concepts together and have the belief that their WiFi is the internet. For now, the main lesson here is that switching, wireless, and routing are in fact separate functions that make up the physical layer of our network foundation.

We are now going to talk briefly about the software side and some key definitions you need to be familiar with to begin configuring your network.

^TOC

Network Addressing

Now we're going to briefly go over the very basics of IP addressing and I mean basics. However, here is where we will definitely encourage you to become more familiar with IP Addressing so we found a very helpful and well thought out Video Series by a fantastic teacher of these concepts. It is linked in the Resources section at the end of this article.

^TOC

IP Address

The IP (Internet Protocol) address is a unique identifier on a network that denotes the address, or destination, to send data packets to. It comes in two different flavors; a Version 4 and a Version 6. These are referred to as IPv4 and IPv6. We will strictly use the version 4 during this series, as that is still the most common version.

The characteristics of the IPv4 address are that it has 4 sections, each separated by a period, and contains a number between 0 & 255, for example, 192.168.22.29. Additionally, there can only be one of each address on a network, meaning they have to be unique. The IP address is attached (assigned) to an interface that is used by a device to talk with other devices on the network.

^TOC

Subnet Mask

A subnet mask is used to create the boundary for the IP network. It is similar to the IP address, it has 4 sections separated by periods and typically starts with 255, for example, 255.255.255.0. In this example, the first three sections define the boundary of the network and the 0 indicates that everything after the boundary is available as an individual IP address for the network and can be used on the network by an interface.

There's a lot to why we use 255 in this example and not some other number. For now, just think of the subnet mask as covering up a portion of the IP address and leaving only the available hosts for the network. This is why we say it defines the boundary of the IP network, because the masked part is assumed or the same and the unmasked part consists of all the devices and their interfaces.

^TOC

Default Gateway

The default gateway is an IP address on the network that is reserved for the router that forwards data to other networks. It is a piece of information given to devices on a network that tells them, if you are trying to send data to an IP address that is not on the same subnet, then send it here (default gateway) and it will be forwarded along to the correct destination network.

^TOC

DNS

DNS refers to two things, a Domain Name Server and Domain Name Service. The server is the device responsible for the function of the Service. What DNS does is helps users not have to remember IP addresses and does this by keeping a database of Domain Names, for example, stapel.io and the IP addresses that tell computers where to send data when they want to send it to those domain names.

DNS essentially acts like an address book that's keeping track of names and addresses.

^TOC

MAC Address

Up until now the IP address, subnet mask, and default gateway are pieces of information about the network that get assigned to an interface connected to the network somewhat arbitrarily. Meaning, this information is not naturally tied to the interface.

The MAC Address, however, is a unique hexadecimal (letters and numbers) identifier made up of 6 pairs of characters, separated typically by a colon, for example, 4d:55:2a:6f:dd:44. This is tied directly to an individual interface and is intended to be a static, non-changing address for the physical interface. It is used primarily by switches to determine where on the physical network the device resides. It's also used in IP packets to help the switches, access points, and routers eventually get the data to and from that physical interface.

^TOC

Analogy Time

Now that we've introduced the main components for the IP Addressing of a network, let's use an analogy I was taught that helped me to put it all together.

Imagine a street that happens to be a court, we'll call it East Lan Court. Along this street you have a few houses and up ahead you see a gate that is your only route out of the neighborhood. At the gate, the street ends and when you go through the gate, you're on West Wan Blvd.

Now, obviously the houses all have addresses on that street, for example 200 East Lan Court, 201 East Lan Court, etc. And for purposes of this analogy, we'll also give the gate an address of 1 East Lan Court from the perspective of our neighborhood and an address of 147 West Wan Blvd, from the perspective of the public street.

Now, let's say my friend Henry lives at 207 East Lan Court, it's an orange house with an orange driveway, I know it as Henry's House. That's the (domain) name I give it, I know the (IP) address on the (network) street, and I can distinguish it by its unique physical appearance (MAC address). I can also get a message directly to Henry's house directly without having to go to the stop sign because my house, 205 East Wan Blvd, is on the same street (network).

In this analogy, the House Number is the unique part of the address that has been assigned to the house, just like the IP address is assigned to a device. The Street Name part of the address is the network that the device lives on and the stop light is the default gateway to get off the street, aka,. There is one more concept we will introduce that you will need to be familiar with as we move through the series.

^TOC

DHCP

Dynamic Host Configuration Protocol (DHCP) is an automated way to assign the IP addressing information we just discussed to devices that appear and disappear on a network. When a device connects to a network, it needs an IP address, along with a subnet mask, default gateway, and DNS server(s) in order to send and receive data on that network. That's where DHCP comes in. It starts a conversation with the device requesting this information and they negotiate an available IP address, the device configures itself and the DHCP server keeps track of the assignment. There's an expiration period, where that assignment will be discarded unless renewed by the device, so that it can be used by a future device that might connect and need an IP address.

^TOC

VLAN

During this series we will be making use of something called a VLAN, which stands for Virtual Local Area Network. VLANs are a way, in software, to create a separation between multiple local networks. Think of them as side streets in our analogy. They are connected to the same larger network, but separated logically from it. They have all the same characteristics of a normal network and reside local to us. But they have different addresses and are technically a different network. They run over the same physical infrastructure, which is why they are called virtual local area networks.

If you've ever entered a street with a sign that says "No Outlet" and you go down that street, you may encounter several side streets. They are all part of the street, but the only way they can get out to the main road is through that street. Those side streets are like VLANs. They are separate, with distinct street names, house addresses, etc.

There is a resources section at the end of this article that will provide some fantastic detail on each of the concepts. We encourage you to check them out as they will bring more clarity to each of these subjects. We tried to provide enough of an understanding so that we could begin designing our network with some basic understanding of the concepts we will be using.

^TOC

Useful Commands

Now that we have a basic understanding of key networking concepts, there are a few tools you will need in your tool belt for testing and verification purposes as you build out your network.

For each of these tools, we will give examples in each of the three main Operating Systems so that no matter which OS you are using, you will have a basic foundation on how to perform these tests.

Let's look at the built in command line applications for each operating system.

^TOC

Windows

In Windows there are two bundled applications that can be used.

1. Command Prompt: this application is the original Windows default command line app. Simply search for CMD.exe from your Windows Search.
2. Powershell: This is the second CLI (command line interface) application that comes standard with more recent versions of Windows. It has the same functionality as CMD but also adds additional tools that can be used to perform many functions via the CLI.

^TOC

MacOS

Apple Macintosh has one main tool that is bundled by default called "Terminal."

^TOC

Linux

If you are using Linux, you're probably not reading this article. But in case you are new to Linux, you too have a built in CLI tool. However, it may be called something entirely different depending on the version of Linux you are using. But do not fret, if you simple search for "Terminal" you will find the CLI application you're looking for. Some example, Konsole, Xterm, Yakuake, Terminal, etc.

^TOC

IP Configuration Check

The first CLI tool we will look at is IP Configuration Check. As we learned above, any device that needs to communicate on the network needs some key pieces of information configured for an interface connected to the network: IP Address, Subnet Mask, Default Gateway, and DNS Server(s). We also know we can statically, aka manually, assign this information to the interface using our operating systems tools, or our computer can be told what information it can use to automatically assign itself that information through the DHCP process. On most devices, DHCP is the default method.

But what if we wanted to know what those settings are for our computer so we can determine what our network is, how we get to the internet, and what servers we will be using to know where to send data if we supply a name as the destination instead of an IP address?

^TOC

Windows

Command Prompt and Powershell:

ipconfig /all

This will return all network details for all available network interfaces that are part of the computer, including IP address, subnet mask, default gateway, and DNS server(s).

^TOC

MacOS

To get all this information from the command line, will want to know the name of the interface, therefore it's a two step process:

Step One, determine the interface in use:

ifconfig | grep '8863\|inet'

Let's break down this command:

1. 'ifconfig' is a tool we use to list certain details on all the interfaces, physical and virtual, that are configured in the machine.
2. We then "Pipe" the result using the '|' symbol to another command. This is a way to use the results of the preceding command and then run another command against that returned value.
3. 'grep' is the second command we are going to run against the data that resulted in the first command before we piped it to grep. It is a way to filter the results by searching for the value of the string we are passing to the grep command.
4. "'8863|inet'" are the filters in the form of a string (text value) we pass as to the grep command to only show lines that contain the keyword of '8863' and 'inet'. The '' tells grep to "escape" (not consider the next character as a literal part of the filter, but rather as an operator, in this case "or") the '|' character. So this reads as the following:

Using ifconfig give me all the interfaces on this computer, then take the results and send this to grep, but only show lines that contain 8863 OR inet as part of the result

This will give us any interface that is in an active status with a network address configured. For example, we can see that in the screen shot below, we have a few results, but one of them in particular stands out, en0, because it is the only one with an IP address assigned that looks like it's on my network.

Now that we have an idea of which network interface we have, we can run the following command to get all the information we need:

ipconfig getpacket en0

This will return all the information you need in order to know what your network setup looks like.

^TOC

Linux

In Linux we're going to use the following commands:

ip a | grep 'UP\|inet'

In Linux the most common application used to configure network settings on a machine is NetworkManager. There are others, for example Netplan in Ubuntu

Now that the above command gave us an idea of which interface is being used on our network we can ask the network manager to tell us more about the configuration

NetworkManager

nmcli dev show interfacename

^TOC

Ping

First, let's start with a tool called Ping. Ping is used to determine if a network destination is up and able to communicate back to a device on the network. For example, we might want to see if our computer can talk to our Default Gateway. We can use ping to determine that. Here is an example from a Linux computer:

You can see in the screen shot above, we used a command that looked like the following:

ping 172.16.200.1

This sent a packet of data to the above IP address. This packet is a very specific type of packet called an ICMP packet and is known as an echo request. The reason it's called an echo request is because it's purpose is to have the destination IP address respond with the packet back, echoing the data packet as an acknowledgment that it received the packet and confirming that same data can be sent back to us.

In the screenshot, we can see those packets of 64 bytes from that same IP address reached us on their way back. This tells us that we can send data to that destination and get it back, confirming the network connection between our devices is operational.

Note, this command is the same for MacOS and Linux. With minor differences in terms of the information displayed.

^TOC

Trace Route

Trace route is a tool that you can use to understand the path, aka, the routers your data traverses to get to its destination. This is useful when troubleshooting failed network connections or traffic that should be reaching its destination but is not. We will go into more detail on how to use this tool in specific episodes in this series, but here are the basics.

^TOC

Windows

tracert ipaddress/fqdn

FQDN stands for Fully Qualified Domain Name. This is the name that is given to a destination ip address. For example stapel.io is the FQDN for our website.

^TOC

MacOS and Linux

traceroute ipaddress/fqdn

^TOC

DNS Lookup

Finally, being able to resolve names to IP addresses will be an essential test as you build out your network. Being able to perform a DNS lookup will help you determine if an issue is related to DNS or something else.

^TOC

Windows

nslookup fqdn

^TOC

MacOS and Linux

dig fqdn

^TOC

Prerequisites

In order to build out a network in the manner we will want, there are a few key things you will need which allow us to implement

^TOC

A Managed Switch

All "managed" switches will have the ability to configure VLANs on your network. We will be making use of VLANs in our network design, so this is definitely a pre-requisite. There are many very affordable brands that have this capability including Netgear, Ubiquiti, TP-Link, Trendnet to name a few. Of course, Cisco, HP, Aruba, Arista and others on the business and enterprise side will definitey have the capability for VLAN management.

If your switch is currently not a managed switch, just find something reasonable that is managed. If you're going to purchase a new switch, you should also consider getting a switch that has POE capability as well.

^TOC

Hardware to Run Firewall

This can be any machine you have lying around that isn't being used, but has at least one network interface. If your device has two or more network interfaces, even better.

In terms of other specifications, we would recommend at least the following:

8 GB of Ram 100 GB of Storage (Preferably SSD) A relatively recent processor.

Again, these recommendations are not hard rules, but if you're going to go to the trouble to follow along, spending a couple hundred dollars on a used desktop off of eBay might be worth the time spent. If you already have a server device of some sort, or even better a virtual server, for example a device running Proxmox, then great. We will be using virtualization in our environment.

^TOC

Internet Connection

Sometimes we have to state the obvious. But hey, you never know!!

Resources

^TOC

Concepts

Some useful resources for digging into more detail on some of the concepts we discussed, particularly the networking concepts.

TCP/IP Model

We did not directly discuss the TCP/IP Reference Model, which is the modern version of what is called the OSI (Open Systems Interconnection) model at all during this portion of the series. However, each of these concepts are aspects of how network data transmission works under the hood. It is ultimately an essential component to truly understanding how networking functions at the physical and software level. It's a model for breaking down the various technical aspects of how data flows through a network. We highly recommend beginning to learn the about this model. We will touch on aspects of it as we go through the series, but for now, check out this fantastic overview by our one of our favorite network teachers:

https://youtu.be/qiHCdgSo9zs?feature=shared

Keith Barker's Youtube Channel: https://www.youtube.com/@KeithBarker has a wealth of very well explained networking related content. We highly recommend you to subscribe to his content if you're interested in becoming well educated on these subjects. He is one of the better teachers when it comes to networking and his Youtube channel is very extensive. Explains things in a very clear and concise manner, walking you through the concepts and providing spot on analogies and thorough examples.

• IPv4 Playlist: https://www.youtube.com/watch?v=Y8ZwmAxnOL0&list=PLQQoSBmrXmry0OIbA7DpjLMXLLYK0NV8z
• IP Addresses Explained: https://www.youtube.com/watch?v=U2T4RITeIk8
• DHCP Explained: https://www.youtube.com/watch?v=bqQ1oIx1MzM
• Vlans Explained: https://www.youtube.com/watch?v=gC2-4ZrKwZE

Tools

Ping

Windows: https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/ping Advanced Ping: PSPing: https://learn.microsoft.com/en-us/sysinternals/downloads/psping MacOS & Linux: https://linux.die.net/man/8/ping Advanced Ping: MTR

Trace Route

Windows: https://support.microsoft.com/en-us/topic/how-to-use-tracert-to-troubleshoot-tcp-ip-problems-in-windows-e643d72b-2f4f-cdd6-09a0-fd2989c7ca8e

MacOS & Linux: https://linux.die.net/man/8/traceroute

DNS Lookups

Windows

NSLookup tool: https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/nslookup

MacOS and Linux

Dig: https://linux.die.net/man/1/dig

The Network Foundation Series

The Network Foundation Series Playlist

https://stapel.io/NetworkFoundationSeries

The Network Foundation Series: Part 1 - Introduction

Video: https://stapel.io/tnfs1

Blog: https://stapel.io/tnfs1blog

The Network Foundation Series: Part 2 - Understanding Terminology

Video: https://stapel.io/tnfs2

^TOC