How Does Internet Work

Redundant links are always welcome in switch topology as they are increasing the network’s availability and robustness.

Redundant links, if we look at them from layer 2 perspective, can cause Layer 2 loops. This is simply because TTL (Time To Live) field of the packet is found in Layer 3 header and L2 doesn’t have such a field.

On L3, this means that TTL number will be diminished only when the packet is passing through the router. There is no way to “kill” a packet that is stuck in layer 2 loop. This situation can result in broadcast storms.

Fortunately, Spanning Tree Protocol (STP) can allow you to have redundant links while having a loop-free topology, thus preventing the potential for a broadcast storm.

In this article we will mitigate VLAN hopping by switch spoofing in the way that we will disable trunking on the ports who do not have to become trunk ports. Some Cisco switches ports default to auto mode for trunking. That means that the ports automatically become trunk ports if they receive Dynamic Trunking Protocol (DTP) frames on some of the switch ports.

VLAN hopping attack can be possible by two different approaches, Switch Spoofing or Double tagging.

When you are in a situation where you need to configure and set up the security of VLAN trunks, also consider the potential for an exploit called VLAN hopping.

An attacker can craft and send positioned frames on one access VLAN with spoofed 802.1Q tags so that the packet end up on a totally different VLAN and all this without the use of a router.

Address Resolution Protocol (ARP) cache is a table where router or computer is keeping Layer 2 MAC addresses to Layer 3 IP addresses mappings which hw resolved lately. Without MAC to IP mapping the device would not be able to build and send IP packets.

Device discovers the MAC to IP mapping using ARP protocol Broadcast requests on the local subnet and saves the mapping in the ARP cache. If a device wants to send a packet to a neighbour, and it doesn’t have a corresponding MAC address, it sends out a broadcast ARP request packet. This broadcast packet reaches every device on the local subnet. Everybody will receive that ARP request packet but only the one device with the IP address mentioned in  ARP broadcast request packet responds back with an ARP response packet to complete the process.

If You want to create aliases on Cisco device for commonly used or complex commands we will show you how in this short configuration article.

You can create command aliases on your router with the alias command:

Port Numbers – How does Transport layer identifies the Conversations

Computers are today equipped with the whole range of different applications. Almost all of these applications are able in some way to communicate across the network and use Internet to send and get information, updates or check the correctness of user purchase. Consider they all these applications are in some cases simultaneously receiving and sending e-mail, instant messages, web pages, and a VoIP phone calls. In this situation the computer is using one network connection to get all this communication running. But how is it possible that this computer is never confused about choosing the right application that will receive a particular packet? We are talking about the computer that processes two or more communications in the same time for two or more applications running.

This is a list of Internet socket port numbers used by application communication with TCP and UDP on the Transport Layer of the Internet Protocol Suite for the host-to-host communications.

Let’s see who makes it possible? The Internet Assigned Numbers Authority (IANA) assigns all port numbers except Dynamic or Private ports. IANA is a standards organization in the world that is responsible for assigning various addressing standards.

There are different types of port numbers: Well Known Ports (Numbers 0 to 1023), Registered Ports (Numbers 1024 to 49151) and Dynamic or Private Ports (Numbers 49152 to 65535). The last porn number type Dynamic or Private Ports will not appear on our list because they are cannot be registered with IANA. This range is used for custom or temporary purposes and for automatic allocation of ephemeral ports. They are usually assigned dynamically to client applications when initiating a connection. It is not very common for a client to connect to a service using a Dynamic or Private Port, sometimes some peer-to-peer file sharing programs do.