There are tons of books written on the OSI and TCP/IP model
so I won’t describe these models in depth here. What I will do is explain what
you need to know at each level and explain how the real world works. We have
two models, one from OSI and one from DOD.
In the real life
everyone references the OSI model. I’ve never heard anyone reference the DOD
model which doesn’t mean it doesn’t have its merits but everyone always uses
the OSI model as a reference.
The OSI model has seven layers but people sometimes joke that
layer 8 is financial and layer 9 is political.
Starting out with the physical layer, what you need to know is
auto negotiation. Auto negotiation is good, hard coding speed and duplex will
no doubt lead to ports that are hard coded on one side and auto on the other
side to end up in half duplex. Gone are the days when auto negotiation wasn’t
compatible and lead to misconfigured ports. Very very rarely does auto
negotiation fail, until proven otherwise, always use auto negotiation. If you
disable auto negotiation, did you know that you also disabled some of the error
checking mechanisms of Ethernet such as Remote Fault Indication (RFI)?
At the data link level you should be comfortable with MAC
addresses and hexadecimal numbers. Learn how the MAC address is built with the
Organizational Unique Identifier (OUI). Often when troubleshooting it is useful
to check the OUI of a MAC address to know what is connected to a port. Is it a
Cisco device or a PC for example. Learn how easy it is to spoof a MAC. How can
you perform an man in the middle attack? How do you protect against that? Learn
about port security, Dynamic ARP Inspection, DHCP snooping and so on. Proper
layer two security is critical in networks.
At the network layer you MUST know IP addressing. Throw away the
subnet calculator and learn how to calculate subnets, usable hosts, subnet ID
and the broadcast address manually. This will be the best thing you’ve ever
done. If you don’t know subnetting by heart you’ll never become a really
skilled network engineer. Everything depends on you knowing IP addressing,
calculating wild cards, understanding routing, configuring firewalls and so on.
At the transport layer you must understand the differences
between UDP and TCP. Why can UDP utilize the bandwidth fully on my link but not
TCP? What is the window size? What are sequence numbers? Why does multicast use
UDP? Ask these questions and learn UDP and TCP properly. This will immensly
help you in your career down the line. Take the time to really learn TCP/IP and
how the windowing mechanism works, what slow start is, why packet loss is
really bad for TCP and what the Bandwidth Delay Product (BDP) is. It is also
important to understand things such as CEF polarization. How is load sharing
performed on Etherchannels? What algorithm can I use to get a better
distributed load?
I will group the remaining layers session, presentation and
application into one. Learn about different applications such as HTTP, FTP and
other applications. You will need to have a good understanding of what ports
are used and how the communication is performed. Why does FTP use one port for
initial setup and one for transfer? What is passive FTP? The more you
understand about applications the better you will be able to help system
administrators when they have issues, and they will… Understand how to use
Wireshark, why is my TCP performing so badly? What are these duplicate ACKs?
No comments:
Post a Comment