Networking fundamentals

Networking in person allows people to build a network of connected individuals that will enable them to succeed in a specific field. Networking within the office takes the same principle and applies it digitally. Information and communication are easily connected and shared between people within the company and outside of it by using digital communication tools and Internet access.

Networking involves computers, wireless technology (wifi), cables (e.g., ethernet), network appliances such as switches and routers, and a common language to communicate—global protocols. These concepts underpin the capability of a business to share information.

One of the defining features of a network is its responsibility to connect people, devices, and information securely. In this topic, we will focus on how devices connect to each other, allowing data sharing and the ability for millions worldwide to communicate and connect online. This will prepare you for putting those concepts into practice in cloud.

A network consists of two or more computers connected by a transmission medium, such as Ethernet cables or Wi-Fi to access the Internet or an internal network.

But first, to understand how networks work, you need to learn about the underlying technologies and devices used.

In this topic, we will look into:

• Network hardware
• IP addressing
  • (IPv4, IPv6)
  • Subnetting Masks
  • Classless Inter-Domain Routing (CIDR)
  • TCP/IP
• Network Address Translation (NAT)
• Virtual Private Networks (VPN)
• Troubleshooting

Network Devices

A good place to start is by looking at the components that turn a stand-alone computer into one that is part of a network. The following list identifies the hardware devices used to connect computers and other electronics to a network.²¹

Collectively, these hardware items are called network devices, or sometimes network appliances:

• Hubs and repeaters
• Bridges
• Managed and unmanaged switches
• Routers

Hubs and repeaters

A hub is a device used to implement the ethernet connection inside the equipment to provide connections for network devices. A hub, working as a multiport repeater, will replicate the signal received from one port and send it over to all other ports in the network.

A repeater is a device used to overcome the distance limitations imposed by network cabling. It receives a signal over one cable segment and then regenerates and retransmits it at the original strength over another cable segment.

Bridges

A bridge is a device that divides a local network into two or more segments.

Hosts from one segment can only communicate with those on another via the bridge. A bridge is used to divide an overloaded network into separate collision domains. A collision happens when two computers use media simultaneously, so both computers are denied the transmission and have to back off and wait for a random time before trying again. Collision domains spread the load.

The bridge keeps track of the MAC addresses attached to each segment. It only passes signals from one segment to another if there is a match to the destination MAC address, which reduces traffic loads in any one segment.

Managed and unmanaged switches

An unmanaged switch performs the micro-segmentation function described without requiring configuration. You plug in the network cable, power it on, and it's good to go.

Larger workgroups and corporate networks require additional functionality in their switches. Switches designed for larger LANs are called managed switches.

One of the main reasons for using managed switches is that enterprise networks might have to provide hundreds or thousands of access ports. This is accomplished by linking multiple switches together.

The functionalities provided by a managed port include:

• Remove management
• VLANs
• Port security

However, having many ports on the same network may create performance and security issues, so managed switches are used by dividing the ports into separate Virtual LANs (VLANs) where they can be configured and monitored, which will enhance performance and security. VLANS will be covered in a later topic.

Unmanaged	Managed
Fixed configuration	can be managed and configured accordingly
Plug and play	Requires IT personnel to set up and maintain
VLAN support- No	VLAN support- Yes
No control over traffic	Control over LAN traffic
No security settings	Security can be controlled over access
A simple network management protocol (SNMP) is not an option	Allows for remote troubleshooting of network
Cost-effective	More expensive
Basic features	Features including VLANs, port mirroring and redundancy included

For more information on managed and unmanaged switched, check out the following video.

Routers

A router is responsible for moving data across different networks. While a switch forwards frames using hardware (MAC) addresses within a single network segment, a router forwards packets across different networks using IP addresses.

When you want to connect a network to the Internet or when you want to divide a large network into smaller networks, you need to use one or more routers.

In some instances, it may be confusing to differentiate between hubs, switches, and routers. For further information on the similarities and differences click on the following video.

Networking plays a crucial role in every organisation’s daily activities, and in order to maximise its effectiveness organisations need to arrange and build their network to optimise performance. This can be challenging as thorough planning must be considered. This is when network topology models come in to assist organisations in setting up the structure and lay out of their network. Network topologily models outline how devices are connected together and how data will be transmitted from one node to another.

Types of Network Topology

There are different types of network topologies that can be used, and the model chosen will depend on the type of business and scalability requirements.

While topology constantly evolves, there are two network setup styles that you should know.

• Star topology
• Bus topology
• Mesh topology

1. Star topology

In this type of network, all nodes (like the spokes of a wheel) are connected to a central hub, a device used to receive signals from each connected device. This will then transmit them to all of the other spokes in the wheel. In more recent times, the use of an ethernet switch as the hub device directs the signal to only the port (spoke) that was the destination of the transmission. This way, traffic that is only destined for one port does not take up resources from the others, which means less lag for everyone.

The benefits of using this network setup are that it is:

• cost-effective
• simplistic in nature
• robust
• less likely to have whole-system failure.

If one of the spokes fails, it is easy to diagnose which one and the others will still work well, so the problem is confined to the failing node or connection.

The drawback of this setup is that it is:

• vulnerable due to loss or downtime if a single point of failure is the hub. If the hub goes down, the rest of the network goes down since it cannot operate without that central feature. The only way to mitigate this risk is to purchase an additional hub for backup if the active one fails so that it can be replaced immediately.

2. Bus topology

In this network, all the workstations and servers are connected to a primary ethernet or coaxial cable (traditionally) through drop lines and taps (interface connector.) The primary cable is sometimes called 'bus' and connects all the devices and the outside world. Sometimes this is referred to as linear topology since all the traffic travels along the linear bus. The longer it goes, the weaker the signal gets. There are terminators at each end that stop the transmission from going on forever. There is a limit to the number of drop lines to the main cable to ensure the signal remains robust. This topology is not commonly used today.

1. Terminator 1
2. Tap
3. Bus
4. Terminator 2

The benefits are that:

• the coaxial cable is robust
• the bus offers good protection against Electro Magnetic Interference (EMI)
• it can be used in a factory environment with machines that generate a lot of EMI (noise)
• it can be extended easily
• it is cost-effective.
• This setup requires less cable length than other networks.

The drawbacks are:

• the bus length is limited. (It's usually used in smaller networks)
• the number of nodes on the bus is limited; the more added, the lower the performance of the bus
• it is vulnerable to catastrophic failure if the bus fails
• it can be more difficult to add computers to the network
• it can be costly to maintain
• there is competition for resources as all devices are sharing the bus.

2. Mesh Topology

Within this network setup, each computer and network device is interconnected with one another. This can be explained as a point-point connection in which nodes are connected directly and dynamically to as many nodes as possible to transmit data.

There are two forms of mesh topology. These include:

1. Full mesh topology
2. Partial mesh topology

As demonstrated in the above image, full mesh networks work by connecting each node directly to all the other nodes whereas in a partial mesh network only some nodes are connected directly to one another.

Some benefits include:

• Reliable and effective in managing high amounts of traffic
• If one of the primary computers or connections in the network fails, the rest of the network continues to operate normally
• Organisations are able to add additional devices without disrupting data transmission between other devices.

The drawbacks include:

• Implementation cost is higher than other topology models
• Time consuming and may pose difficulty to set up, build and maintain
• Higher chance of redundant connections.

For more information regarding network topology models, check out the following video:

We can now see that IT networking is about using machines to communicate messages to each other. That connection requires a common language that network devices need to understand to send and receive messages that can be understood and actioned. Protocols enable machines worldwide to speak to each other in a shared language.

OSI Model

The Open Systems Interconnection (OSI) model is a framework used to describe how the functions of a networking system works. It provides a set of rules and requirements between its products and software and includes seven layers that computer systems use to communicate over a network.

This model was published in 1984, being one of the first standard model for network communication. Although there are models that are far simpler, this model is still used today as it helps visualise how networks operate.

The seven (7) layers of OSI include

1. Physical
2. Data link
3. Network
4. Transport
5. Session
6. Presentation
7. Application

These layers are split into the following categories

Physical, data and network layers are the network support layers which manage a physical transfer of data from one device to another whereas session, presentation and application layer are the user support layers that allow communication between unrelated software and external environments.

The transport layer links the two groups which can be seem in the following diagram.

• Physical layer- has the responsibility to connect cable or wireless to their network nodes and delivers transmission of raw data.
• Data layer- establishes and terminates a connection between two physically connected nodes on a network. It splits up packets into frames and sends them from the source to their destination.
• Network layer- is responsible for receiving frames from the data link layer and delivering them to their intended destinations based on the addresses contained inside the frame.
• Transport layer- manages the delivery and error checking of data packets. It regulates the size, sequencing, and ultimately the transfer of data between systems and hosts.
• Session layer-creates communication channels between devices, which is referred to as sessions. It is responsible for opening sessions, maintaining their functionality as well as ensuring they remain open while data is being transferred. They are also responsible for closing sessions once communication is complete.
• Presentation layer- defines how two devices should encode, encrypt, and compress data so it is received correctly on the other end.
• Application layer- is used by end-user through web browsers, emails and other forms of applications. It provides protocols that allows the software to send and receive information as well as present meaningful data to users.

TCP/IP protocol suite

TCP/IP was initially developed by the US department of defence but is now the standard used by most computer networks, including the Internet.

The protocols within TCP/IP are described in relation to layers defined below.

Application Layer

The Application layer is the topmost layer. This is the layer where interactions with software, operating systems and files systems occur; this layer ensures effective communication with another application program on a network.¹⁰

The application layer works with such protocols as Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), Post Office Protocol (POP), Simple Mail Transfer Protocol (SMTP), and Domain Name System (DNS).

• Transport Layer: provides communication dialogue between computers in the network. Two protocols were designed to work in this layer.
• Transmission Control Protocol (TCP): guarantees orderly transmission of packets at the transport layer. TCP can identify and recover from lost or out-of-order packets. Most TCP/IP application protocols use this as failing to receive a packet or processing it incorrectly can cause serious data errors.
• User Datagram Protocol (UDP): provides unreliable, non-guaranteed transfer of packets. UDP is an alternative way of implementing the transport layer to TCP. UDP is faster and has less transmission overhead because it does not need to send extra information to establish reliable connections.

It is used in time-sensitive applications, such as speech or video, where a few missing or out-of-order packets can be tolerated. Rather than causing the application to crash, they would just manifest as a glitch in video or a squeak in audio

Internet Layer

The Network Layer is also known as the Internet layer and is responsible for the host to host communication. It provides packets of data with addressing and routing instructions. IP and VPN are examples of protocols that operate on the Internet layer.

Network Interface Layer

The Network Interface layer is also known as the Link layer and is the bottom-most layer referring to the physical hardware used to connect. Network Interface Cards (NICs), ethernet cables and Wi-Fi are examples

Comparison of OSI and TCP/IP Model

The following diagram details the main difference between both models, one of which demonstrates how layers are organised. Looking at the diagram below, you will see that layers, 5,6 and 7 are combined into one application layer and layers 1 and 2 are combined into one network access layer within TCP/IP.

Other differences include:

• OSI model provides a clear distinction between interfaces, services and protocols, TCP/IP does not.
• OSI uses the network layer to define routing standards and protocols, TCP/IP uses the internet layer
• TCP/IP is designed to solve specific communication problems, whereas OSI is a generic model aimed at describing all forms of a network communication.

For communication on a network using TCP/IP to work, each device must be uniquely addressable. Each Network Interface Card (NIC) has a unique hardware address known as a Media Access Control (MAC) address, most commonly represented as a colon-separated hexadecimal number 2C:54:91:88:C9:E3. The MAC address is like a personal ID number for your device. Computers with multiple LAN ports or WiFi modules also have multiple MAC addresses. Because each MAC address is unique, MAC filtering enables a business to target specific devices from accessing their network.

A MAC address is a component of the Link layer of the TCP/IP protocol suite.

An IPv4 address (the most common type) is used at the Internet layer to identify computers and devices on a network uniquely. It is represented as a string of four dot-separated numbers, each between 0 and 255, and looks like 192.168.1.45

Each number in the string represents an 8-bit binary number known as an octet meaning an address is 32 bits long. The address 192.168.2.45 would look like this in binary notation: 11000000.10101000.00000010.00101101. The Address Resolution Protocol (ARP) will find the MAC address associated with each IP address when IP addresses are used.

Each IP address consists of two parts:

• The Network ID – All devices on the same network will have a common Network ID.
• The Host ID – This number is unique for each device within the network.

To see the differences between a MAC and IP address, click on the following video

Subnet masks

Subnetting — originally designed to handle the shortabe of IP addresses over the internet — is used to partition a large block of addresses into multiple smaller sub-networks (subnets), and assigns these subnets to even smaller networks. Subnetting allows an organization to add sub-networks without the need to acquire a new network number via the Internet service provider (ISP). It also helps reduce traffic on the network and conceals its complexity. It is essential when a single network number has to be allocated over multiple segments of a LAN.²

The benefits of subnetting are:

• enhancing routing efficiency
• network management control
• improving network security.

Most SOHO networks are class C networks (classes are discussed in more detail below) and use the default subnet mask 255.255.255.0 — when shown in binary looks like this 11111111.11111111.11111111.00000000.12

The bits with a value of 1mask the Network ID, and the bits with a zero value are available for the Host ID.

11000000.10101000.00000010.00101101    IP Address   192.168.2.45
11111111.11111111.11111111.00000000    Subnet Mask   255.255.255.0

In our example above 192.168.2 is the Network ID, and 45 is the Host ID.

Because each octet is made of 8 bits, the devices that can connect to this network will need a Host ID between 1-254. The Host ID 0 refers to a network without specifying a host, and 255 is used to broadcast a message to every host on a network. In binary notation, Host IDs that consist of all 1s or all 0s represent broadcast and network addresses respectively and cannot be assigned to a computer host.

Each host must be configured with an IP address and subnet mask at a minimum to communicate on a network; however, this minimum configuration will only provide local network communication. Several other parameters must be configured for a host to have remote network communication.

Routing decision

A host can communicate directly on the local network segment with any other host with the same network ID. Communications with a host with a different network ID must be sent via a router.

When two hosts attempt to communicate via IPv4, the protocol compares each packet's source and destination address against a subnet mask. If the masked portions of the source and destination IP addresses match, then the destination interface is assumed to be on the same IP network. For example:

172.30.15.12    10101100  00011110  00001111  00001100
255.255.0.0     11111111  11111111  00000000  00000000
172.30.16.101  10101100  00011110  00010000  01100101

In the example, IP concludes the destination IPv4 address is on the same IP network and would try to deliver the packet locally. If the masked portion does not match, IP assumes the packet must be routed to another IP network. For example:

172.30.15.12    10101100  00011110  00001111  00001100
255.255.0.0     11111111  11111111  00000000  00000000
172.30.16.101  10101100  00011110  00010000  01100101

In this case, IP concludes the destination IPv4 address is on a different IP network and would forward the packet to a router rather than trying to deliver it locally.

Network classes

The most common network classes are A, B, and C. Each of the address classes has a different default subnet mask. You can identify the class of an IP address by looking at its first octet. The following table shows the the ranges of Class A, B, and C Internet addresses, each with an example address:

CLASS TYPE	DEFAULT SUBNET MASK	EXAMPLE	FIRST OCTET	FIRST OCTET RANGE (inclusive)
A	255.0.0.0	10.52.36.11	10	1-126
B	255.255.0.0	172.16.52.63	172	128-191
C	255.255.255.0	192.168.123.132	192	192-223

In some scenarios, the default subnet mask values do not fit the organisation's needs for one of the following reasons:

• The physical topology of the network
• The numbers of networks (or hosts) don't fit within the default subnet mask restrictions.

Classless Inter-Domain Routing (CIDR)

CIDR is also referred to as supernetting, and replaces the class system, known as Classful. Classful addressing is defined in the table above, and separates the IPv4 32 bit IP address into classes A, B, and C. Note that there are also D and E but they are reserved for multicast and experimental purposese respectfully. ⁴

CIDR block

Supernetting provides for a more efficient allocation of IP addresses by assigning a block of IP addresses based on specified conditions when the user requires a specific amount of IP addresses, known as a CIDR block.

When allocating a block, classless addressing is concerned with the following three rules.

1. The CIDR block's IP addresses must all be contiguous.
2. The block size must be a power of two to be attractive. Furthermore, the block's size is equal to the number of IP addresses in the block.
3. The block's first IP address must be divisible by the block size. ⁵

In classless addressing, the block of addresses assigned to the requesting business should match their requirement, which reduces the number of addresses that remain unused or wasted.

CIDR Notation

Classless addressing, like classful addressing, also divides the IPv4 address into two parts. The prefix, which defines the network id; and the suffix, which defines the host address in the corresponding network.

Addresses that belong to the same block all have the same prefix, while each host in a block has a different suffix. As in classful addressing, the length of the net-id depends on the class to which the address belongs and it can only be 8, 16 and 24. The length of a prefix, however, can be anywhere from 0 to 32. This means the value of the suffix would be determined by [32 – length of prefix].

An address prefix length cannot be calculated as the block can have any prefix length, so it is provided by notation. The length of the prefix (n) is added to the last part of the address and is separated by a slash.

Example of CIDR notation of a classeless IPv4 address:

167.199.170.82/28

The value ‘28‘ provides the length of the prefix. Therefore, the length of the suffix would be 4 [32-28].

The following video provides a deeper dive into classful and classless IP addressing.

Static and dynamic IP addresses

Assigning IP addresses to hosts can be done manually, creating a static IP address, and for a network with only a few devices, it can be relatively quick and simple. However, as you can imagine, assigning and keeping track of each IP address on Larger networks could be time-consuming and prone to errors, so assigning static IP addresses to systems with dedicated functionality is more common. This may include router interfaces, network-attached printers, or servers that host applications on a network.

IPv6

While IPv4 is the most common type of IP address used in networking, the number of IPv4 addresses is nearing exhaustion, meaning the number of unassigned Public IP addresses is decreasing rapidly. IPv4 was only designed to support up to 4 billion addressable devices.

IPv6 address this issue by implementing a 128-bit address, massively increasing the available address pool. IPv6 allows 3.4x1038 unique IP addresses. This is equivalent to 340 undecillion IP addresses.

IPv6 address notation

To express a 128-bit IPv6 address in hexadecimal notation, the binary address is divided into eight double-byte (16-bit) values delimited by colons. For example:

2001:0db8:0000:0000:0abc:0000:def0:1234

However, this can be quite cumbersome, so they can be ignored when a double-byte contains leading zeros. In addition, one contiguous series of zeroes can be replaced by a double colon place marker. The address above would become:

2001:0db8 : : abc: 0 :def0:1234

Each IPv6 is divided into two 64-bit parts. The first part is the Network ID equivalent to the Network ID used in IPv4. The second part is the Interface ID which is equivalent to the HOST ID used in IPv4.

DHCP

A Dynamic Host Configuration Protocol (DHCP) server automatically assigns an IP address, subnet mask, and other TCP/IP settings (Default Gateway and DNS, for example) to a host when connected to a network.

It is common for in-home or SOHO networks to function as the DCHP server for the router.

DHCP reservations

It is often useful for a host to use the same IP address. Servers, routers, printers, and other network infrastructure can be easier to manage if their IP addresses are known. One option is to use static addressing for these appliances, but this is difficult to implement. Another option is to configure the DHCP server to reserve a particular IP address for that device. The DHCP server is configured with a list of the MAC addresses of hosts that should receive the same IP address. When a host contacts it with one of the listed MAC addresses, it issues a lease for the reserved IP address.

Default Gateway

The default gateway is the IP address of a router. When a host requests data unavailable on the local network, it is passed to the default gateway enabling connection and communication between networks. A connection to the Internet from a local network is made through a default gateway. Without setting a default gateway, connection to local hosts is still possible; however, communication outside the network is not possible.

A browser can connect to the router through the default gateway address to configure any network settings, like wifi and DHCP on a SOHO network.

Client-Side DNS

Domain Name System (DNS) servers resolve Fully Qualify Domain Names (FQDN) to IP addresses. It is common for the DNS and Default Gateway to be the same address on smaller networks. On larger networks, DNS servers can be managed locally.

Often two DNS server addresses (preferred and alternate) are specified for redundancy.

Public and private IP addresses

A host must obtain a unique public IP address to communicate on the Internet. Typically this is allocated by an Internet Service Provider. However, few companies can obtain sufficient public IP addresses for all their computers to communicate over the Internet. There are various mechanisms to work around this issue.

Private addressing

The IP address scheme defines certain ranges as private addresses. These ranges are defined by RFC 1918 and are sometimes referred to as RFC 1918 addresses. ISPs will filter all packets with private IP addresses in and out of the Internet. Use of the addresses is confined to private LANs. There are three classes of private IP address ranges:

10.0.0.0 to 10.255.255.255 (Class A private address range).
172.16.0.0 to 172.31.255.255 (Class B private address range).
192.168.0.0 to 192.168.255.255 (Class C private address range).

Internet access can be facilitated for hosts using the private addressing scheme in two ways:

• through a router configured with a single or block of valid public addresses, the router translates between the private and public addresses using Network Address Translation (NAT)
• through a proxy server that fulfils requests for Internet resources on behalf of clients.

Most hosts on private networks are not configured with IP addresses that can communicate directly to the Internet. Instead, when clients on the local network connect to the internet, the router translates the client's private IP address into a valid public address using NAT.

The group of public IP addresses in the NAT address pool supports multiple simultaneous connections but is still limited by the number of available public IP addresses. Smaller companies may only be allocated a single or small block of addresses by their ISP. In this case, a means for multiple private IP addresses to be mapped onto a single public address would be useful, and this is exactly what is provided by Network Address Port Translation (NAPT), which is also referred to as Port Address Translation (PAT) or as NAT overloading.²⁰

You can see the public IP address provided by your ISP by searching “what's my ip” on Google.

CGNAT

Carrier-Grade Network Address Translation or CGNAT is a new way of giving out private IP addresses that 2degrees and other ISPs have started to manage the global shortage of public IP addresses. 2degrees will move all broadband connections that currently use a dynamic IP to CGNAT. However, those that use a static IP will be unaffected by this change. Unfortunately, some services will be impacted—those designed to reach you via your device's public IP address to communicate with your modem won't work. Think about what services that might mean to you.

Check out this video for more information.

Did you think of any services that you might use that would be affected by this change? Here is a list of some:

• Multiplayer video games where you’re hosting a session/server
• Website hosting
• Services or devices that rely on port forwarding
• Torrents will only be able to establish outbound connections
• Internet-enabled devices that are reached by IP address (e.g. IP cameras/security cameras)
• Remote access to home network storage, backups and remote desktop service
• Services that rely on Dynamic DNS (DDNS)
• VPN servers

A Virtual Private Network (VPN) provides a 'tunnel' for communication between the components and resources of two (private) networks over another (public) network. The Internet provides a cost-effective way of connecting both users to networks and networks to networks. Rather than using a dedicated connection such as a leased line, which is private but expensive, the user connects to the network privately and securely via VPN, which offers a cheaper connection than a dedicated line.

A VPN uses special connection protocols and encryption technology to ensure that the tunnel is secure and the user is properly authenticated. Once the connection has been established, the remote computer becomes part of the local network (though it is still restricted by the bandwidth available over the WAN link).

VPN servers have gained in popularity recently as concerns about privacy and anonymity have increased. Using an encrypted VPN can secure data from unauthorised access.

VPNs are also used to make a computer appear to be located in a different country, bypassing geo-blocked content from providers like Netflix and Amazon Prime.

Companies like Surfshark, NordVPN, and ExpressVPN offer VPN subscription services that provide additional privacy and security at home or on public Wi-Fi.

Troubleshooting is analysing and solving problems or tracing and correcting faults. Various issues and problems can arise on a computer network and a systematic approach to solving them.

In this topic, we will look into:

• Wired connection issues
• Troubleshooting
• Network diagnostic tools
• Cable and port testing

Wired connection issues

To troubleshoot a wired connection, it's a good idea to eliminate as many obvious hardware issues as possible.

Assuming that the issue only affects the computer you are working on, check that the cable is inserted correctly into both the NIC and the network port. If that does not solve the problem, try replacing the cable with the one you know is good.

The next step is to perform a basic connectivity test using a ping utility to test the connection to another host on the same subnet. Use the ping command followed by the IP address of another computer on the network. Ping 192.168.1.52, for example.

If ping were successful, you would see something like:

64 bytes from 192.168.1.52: icmp_seq=0 ttl=64 time=9.952 ms

If ping is unsuccessful, you may see something like:

ping: sendto: No route to host

If ping is unsuccessful, try connecting a different computer to the network port. If the new computer can connect, then the issue is likely with the original computer's NIC or its configuration.

You can use Device Manager to check the configuration. If no issues are found, replace the NIC and retest.

Slow connection

Slow connections can be a symptom of a range of network problems, including:

• Congestion at a switch or router
• Users transferring a very large amount of data over the network
• Problem with the network adapter driver
• Being infected with malware
• Interference from an external source.

Check that the cable is of a suitable standard for wired connections and that the NIC is configured for the correct speed.

Wifi Issues

Wifi uses Radio Frequency (RF) signals that lose strength as the distance between the host and the access point increases.

Try moving the device closer to the access point for slow or intermittent connections issues.

If you are still unable to establish a connection, verify the security and authentication setting are correctly configured on the host and the access point.

If users cannot see a specific network in a list of available wifi networks, they could be out of range, or the Service Set IDentifier (SSID) could be suppressed, meaning it needs to be entered manually.

Another possible issue is the device; an access point may be using incompatible standards.

While modern devices are likely to support modern wifi standards, older devices may not.

Most wifi routers and access points can be configured to accommodate both older and newer standards. However, some cheaper consumer-grade routers and access points will reduce the speed for all wifi connected devices to match that of the slower connected devices.

This table defines the wifi standards and their maximum connection speed.

IEEE Standard	802.11a	802.11b	802.11g	802.11n	802.11ac	802.11ax
Year released	1999	1999	2003	2009	2014	2019
Frequency	5Ghz	2.4Ghz	2.4Ghz	2.4 & 5Ghz	5Ghz	2.4 & 5Ghz
Maximum data rate	54Mbps	11Mbps	54Mbps	600Mbps	1.3Gbps	10–12Gbps

Interference

Intermittent connection issues within the supported range of a wifi access point are likely caused by interference.

Interference can be caused by other RF sources operating in the vicinity, such as other wifi devices, cordless phones, and wireless security cameras broadcasting on the same frequency, or by powerful electromagnetic sources like motors and microwaves.

Radio waves do not pass easily through metal or dense objects. Construction materials such as wire mesh, foil-backed plasterboard, concrete, and mirrors can block or degrade signals. Try angling or repositioning the device or antenna to get better reception.⁴³

Wifi analysing software is available for Windows, macOS, and Linux and can often support a site survey allowing you to identify nearby networks and possible sources of interference. It can help you identify a wifi channel and is likely to provide better, more reliable performance.

IP configuration issues

When a host computer's IP configuration is not correct for the network being connected to, communication on the network is unlikely to be possible.

Ipconfig

The ipconfig tool is accessed from the command line in windows and includes a range of switches to display specific information about the network connections.

Switch	Description
ipconfig /all	Displays detailed configuration, including DHCP and DNS servers, MAC address, and NetBIOS status.
ipconfig /release AdapterName	Releases the IP address obtained from a DHCP server so that the network adapter(s) will no longer have an IP address.
ipconfig /renew AdapterName	Forces a DHCP client to renew its lease for an IP address.
ipconfig /displaydns	Displays the DNS resolver cache. This contains host and domain names that have been queried recently. Caching the name-to-IP mappings reduces network traffic.
ipconfig /flushdns	Clears the DNS resolver cache.

You would use ipconfig to determine whether the adapter has been correctly configured.

Ipconfig can resolve the following questions:

• Is the adapter configured with a static address? Are the parameters (IP address, subnet mask, default gateway, and DNS server correct)?
• Does DHCP configure the adapter? If so:
  • An address in the range 169.254.x.y indicates that the client could not contact a DHCP server and is using Automatic Private IP Addressing (APIPA). If this is the case, Windows will display a yellow alert icon and a notification that the adapter has only Limited connectivity.

A DHCP lease can be static (always assigns the same IP address to the computer) or dynamic (assigns an IP address from a pool)—has the computer obtained a suitable address and subnet mask?

Are other parameters assigned by DHCP correct (default gateway, DNS servers, and so on)?

If any of these results are negative, you should investigate either communication between the client and the DHCP server, the configuration of the DHCP server, or whether multiple DHCP servers are running on the network (and the client has obtained the wrong configuration from one).⁴⁴

ifconfig

UNIX and Linux hosts provide a command called ifconfig, which provides similar output to Windows' ipconfig program. Note some differences between the Windows and Linux commands:

• parameters, and enable or disable the adapter.
• The Windows switches for configuring the adapter with DHCP and DNS are not supported by ifconfig.
• The ifconfig command output does not show the default gateway (use route instead). It does show traffic statistics, though.

Troubleshooting Internet access

Suppose a network’s local access to resources functions correctly, but access to the Internet is unavailable. It is usually an issue with DNS on the host machine or router or an issue with the Internet Service Provider (ISP).

Remember that the host DNS setting will likely be the same address as the router or default gateway on a SOHO network.

DNS settings

On a SOHO network, the router is likely using the DNS servers provided by the ISP.

• Vodafone uses 203.109.191.1 and 203.118.191.1
• Spark uses 122.56.237.1 and 210.55.111.1
• Google also provides an alternative public DNS server at 8.8.8.8 and 8.8.4.4.

Windows will attempt to connect to msftncsi.com, checking that the DNS resolves the IP address correctly.

If the host computers settings are correct and the router settings are also correct, check the ISP’s service status page to see if there is a wider network issue.

If there is no ISP-wide issue, try resetting the router and modem. If the problem persists, there might be a security issue, such as a proxy configuration not working or a firewall blocking the host.

Network diagnostic tool

The following command-line tools can be used to diagnose network issues:

Ping

The ping command is mentioned above for diagnosing wired and wireless connection issues. PING is an acronym for Packet Internet (inter-Network) Groper and is used to verify a destination IP address or domain name is active or accessible.

A successful ping output will look something like this:

% ping -c 6 google.com
64 bytes from 142.250.67.14: icmp_seq=0 ttl=120 time=45.712 ms
64 bytes from 142.250.67.14: icmp_seq=1 ttl=120 time=46.283 ms
64 bytes from 142.250.67.14: icmp_seq=2 ttl=120 time=43.962 ms
64 bytes from 142.250.67.14: icmp_seq=3 ttl=120 time=44.417 ms
64 bytes from 142.250.67.14: icmp_seq=4 ttl=120 time=44.786 ms
64 bytes from 142.250.67.14: icmp_seq=5 ttl=120 time=53.441 ms
--- google.com ping statistics ---
6 packets transmitted, 6 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 43.962/46.434/53.441/3.228 ms

The command ping -c 6 google.com transmitted and received six packets with 0.0% loss.

The command also resolved the google.com domain with IP address 142.250.67.14.

TTL stands for Time To Live and can show how many routers (hops) a packet has passed through. TTL counts down from 128 for most Windows. If the TTL count reaches zero, the packet is discarded to prevent it from infinitely looping around the Internet.

For more information on how ping works check out the following video.

Netstat

Netstat can investigate open ports and connections on the localhost. In a troubleshooting context, you can use this tool to verify whether file-sharing or email ports are open on a server and whether other clients are connecting to them.

The following represent some of the main switches that can be used:

• -a displays all the connections and listening ports.
• -b shows the process that has opened the port
• -n displays ports and addresses in numerical format. Skipping name resolution speeds up each query.

Linux supports a similar utility with slightly different switches.

Nslookup

If you identify or suspect a problem with name resolution, you can troubleshoot DNS with the nslookup command, either interactively or from the command prompt:⁴⁵

nslookup -Option Host Server

Host can be either a hostname/FQDN or an IP address. Server is the DNS server to query; the default DNS server is used if this argument is omitted. -Option specifies an nslookup subcommand. Typically, a subcommand is used to query a particular DNS record type.

For example, the following command queries Google's public DNS servers (8.8.8.8) for information about comptia.org's mail records:

nslookup -type=mx comptia.org 8.8.8.8

tracHert

The tracers (traceroute) command displays the packet's path to the destination passing through each router.

% traceroute google.com
traceroute to google.com (172.217.24.46), 64 hops max, 52 byte packets
ultrahub.hub (192.168.2.1) 23.327 ms 16.323 ms 2.576 ms
unassigned.static.cust.vf.net.nz (203.693.233.255) 31.099 ms 22.993 ms 11.772 ms
10.200.12.17 (10.200.12.17) 17.967 ms 27.116 ms
10.200.12.21 (10.200.12.21) 34.941 ms
atm-2-0-0-402-tig-nz-akl-1.ihug.net (203.109.130.1) 101.624 ms 58.800 ms 43.577 ms
ggl-router.syd.vf.net.nz.130.109.203.in-addr.arpa (203.109.130.2) 46.196 ms 50.821 ms 50.362 ms
108.170.247.81 (108.170.247.81) 47.317 ms 46.323 ms
108.170.247.49 (108.170.247.49) 51.320 ms
216.239.56.69 (216.239.56.69) 55.681 ms
216.239.57.119 (216.239.57.119) 48.414 ms 57.231 ms
hkg07s23-in-f46.1e100.net (172.217.24.46) 47.220 ms 62.323 ms 49.009 ms

The above output is from the command traceroute google.com. In this instance, there are eight hops.

Check your understanding

The following activity will give you an opportunity to ensure you understand the concepts that will help you to apply traditional networking principles to cloud computing.