Skip to content

Keywords

Keywords#

  • DNS Record Types
    • A
      • The record that holds the IP address of a domain
    • CNAME
      • Forwards one domain or subdomain to another domain, does NOT provide an IP address.
    • AAAA
      • Same as “A”, but for IPv6 addresses
    • MX
      • Directs emails to an email server
    • TXT
      • Lets an admin store text notes in the record
    • NS
      • Stores the name server for a DNS entry
    • Etc

      - https://www.cloudflare.com/en-in/learning/dns/dns-records/#

  • NAT - Network Address Translation
    • https://www.geeksforgeeks.org/network-address-translation-nat/
    • https://www.cisco.com/c/en/us/support/docs/ip/network-address-translation-nat/26704-nat-faq-00.html
  • PAT - Port Address Translation
    • This overloads NAT’s feature
    • https://www.geeksforgeeks.org/network-address-translation-nat/
  • Masquerade
  • (TBD) MPLS, Broadband, LTE, Satellite
  • (TBD) PPPoE

    - Point-to-Point Protocol over Ethernet#

  • SSL
    • Secure socket layer protocol
    • L6 (layer 6 - presentation layer thing)
    • 1995, at Netscape
    • establish encrypted communications between web servers/clients
      • encrypts the data received from L7 and passes encrypted data to L5
      • decrypts the data received from L5 and passes decrypted data to L7
    • leveraged by HTTPS protocol
    • provides privacy and data integrity
    • uses public-key exchange
    • version 1, 2, 3, all deprecated
  • TLS
    • transport layer security protocol
    • successor of SSL
    • 1999, by IETF
    • L6 (layer 6 - presentation layer thing)
    • establish encrypted communications between web servers/clients
      • encrypts the data received from L7 and passes encrypted data to L5
      • decrypts the data received from L5 and passes decrypted data to L7
    • leveraged by HTTPS protocol, can be used
    • provides privacy and data integrity
    • version 1.0, 1.1 are deprecated and 1.2 & 1.3 are available
  • SSL vs TLS
    • In short, a better version of SSL
    • https://www.ssl2buy.com/wiki/ssl-vs-tls
    • There is no SSL certificate and TLS certificates, they're just certificates which works for both the protocols
      • both are X.509 digital certificates that helps authenticate the server and facilitate the handshake process
  • TLS SNI: Server Name Indication, is an addition to the TLS encryption protocol that enables a client device to specify the domain name it is trying to reach in the first step of the TLS handshake, preventing common name mismatch errors.
  • DSCP
    • Differentiated Services Code Point
    • Is a packet header value
    • That can be used to request (for example) high priority or best effort delivery of the traffic
    • Related
      • Devices: TBD
      • Layer: TBD
  • DHCP
    • Dynamic Hosting Configuration Protocol
    • L2-L3 (Network Layer to Transport Layer)
    • Is a NMP (N/W management protocol), helps automate the process of configuring devices on IP networks
    • Thus assigning devices IP address
      • so that IPs don't need to be manually assigned by an admin each time a device connects
    • Thus allowing them to use network service like NAT, DNS and any communication protocols based on UDP or TCP
    • DHCP is also responsible for the configuration of domain name server (DNS) and subnet masks, as well as default gateways
    • Related
      • Devices: Router/Gateway
      • OSI Layer: 2-3
  • NAT
    • Network Address Translation
    • Is a method of remapping an IP address space into another by modifying the network address information in IP header of packets while they are in transit across a traffic routing device
    • Means, it enables private IP networks that uses unregistered IP address to connect to internet
      • by translating the unregistered (not globally unique) IP addresses in internal network into legal address
      • before packets are forwarded to another network
    • Related
      • Devices: Router
      • Layer: TBD
  • PFE
    • Packet Forwarding Engine (Juniper routers?)
    • Related
      • Devices: Router
      • Layer: TBD
  • SD-WAN
    • Software-Driven Wide Area Network
    • Related
      • Devices: Router/Gateway
      • Layer: TBD
  • RPM
    • Real-time Performance Monitoring (Switch?)
    • Related
      • Devices: Switch
      • Layer: TBD
  • TWAMP
    • Two Way Active Measurement Protocol (Switch?)
    • Related
      • Devices: Switch
      • Layer: TBD
  • QoS
    • Quality of service
    • QoE
      • Quality of experience
  • AP, Router, Modem, Switch, Bridge, Hub
  • Node, Hop
  • Gateway, Catenet
  • LAN, WLAN, WxLAN, WAN, VLAN, VxLAN
  • MAC
    • Media access control
  • IP
  • Port
  • SSID
  • BSSID
  • Roaming
  • Hash(), HMAC
  • OSI
    • application layer (7)
    • presentation layer (6)
    • session layer (5)
    • data layer (4)
    • transport layer (3)
    • network layer (2)
    • physical layer (1)
  • RFC
  • CNA - Captive N/W Assistance / Captive Portal
  • WiFi Auth Mechanism
  • LE , BLE (Bluetooth Low Energy), Beacon, vBLE
  • SLE (Service Level Expectations), SLA (Service Level Agreements)
  • Host
  • .local files
    • e.g. hostname.local
  • RADIUS
    • Remote Authentication Dial-In User Service
  • NAS
    • Network access server
  • MAC Auth
  • CoA
    • Change of authorization
  • RadSec
    • RADIUS security
  • Traceroute, ARP, Ping, TCP ping, TCP traceroute
  • SPA
    • Source protocol address
  • TPA
    • target protocol address
  • Connection-oriented, Connectionless protocol
  • TCP
    • Transmission Control Protocol
    • defines how to establish connection to exchange info
      • how computers send packets of data to each other
      • works on top of IP
    • ensures reliable transmission of packets
      • have a feedback/ack/validation mechanism which ensures if the packet has reached the destination or not
      • thus is lossless transmission
      • called as connection-oriented
    • Related
      • Device:
      • OSI Layer: L3 (Transport Layer)
  • UDP
    • User Datagram Protocol
    • defines how to establish connection to exchange info
      • how computers send packets of data to each other
      • works on top of IP
    • ensures low-latency transmission of datagrams
    • re-transmission of lost datagrams are not possible
    • connection-less protocol
  • ICMP
    • Internet Control Message Protocol
    • one of the protocol of TCP/IP suite
    • generally used for network diagnostic or control purpose
    • e.g. PING, Traceroute etc
  • Packet Data, Datagram, Error-Message, Segment, IP datagram, IP fragmentation
  • Ethernet
  • Websocket
  • Control Plane
  • ACL/Policy
  • Rogue, Neighbor, Honeypot
    • Honeypot SSID
    • Rogue AP, Rogue Clients
    • Neighbour APs
    • https://www.mist.com/documentation/rogue-neighbor-honeypot-aps/
  • Wifi spoof
  • Ssid injection
    • Xss (script in ssid name)
  • DFS (dynamic frequency selection)
  • WiFi bandwidth channels
  • FCC, CE, Other certifications
  • 2.4 GHz
  • 5 GHz
  • 802.11ac and all other
  • RRM: Radio resource management
  • SLE: Service level experience
  • BGP: Border Gateway Protocol
  • PPTP: Point-to-Point Tunneling Protocol
    • used by an Internet service provider (ISP) to enable the operation of a virtual private network (VPN) over the Internet
  • L2TP: Layer Two Tunneling Protocol
    • an extension of the PPTP
  • Layer Two:
    • Devices e.g. Network interface cards, hubs, bridges, and switches
    • OSI layers: layer 2
  • Layer Three??
    • Device e.g.
      • Advanced Switch
        • Combines the functionality of a switch and a router
    • OSI layers: layer 2 and layer 3
    • Ref:
      • https://documentation.meraki.com/MS/Layer_3_Switching/Layer_3_vs_Layer_2_Switching
      • http://techgenix.com/layer-3-switch/
  • LLDP: Link Layer Discovery Protocol
  • wifi authentication types
    • WPA, WEP or WPA2, WPA3 (personal/Enterprise)
  • 802.1x, EAP
  • PPSK
  • PSK
    • Pre-shared key
  • multi PSK
  • PMK
    • Pair-wise master key
  • OKC
    • Opportunistic key caching
  • WIDS - wireless intrusion detection system
  • EAP/802.1X
  • NTP, NTP config, http://www.ntp.org/
  • ZTP: Zero touch provisioning
    • is a switch feature that allows the devices to be provisioned and configured automatically, eliminating most of the manual labor involved with adding them to a network
  • MDNS (multicast DNS)
  • DNS
    • Domain Name System
    • translates Name to IP address
    • Is a hierarchical and decentralized naming system
    • For computers, services or other resources connected to internet or private network
    • Related
      • Devices: TBD
      • Layer: L3 (Transport Layer thing)
    • process
      • hit a URL (say api.example.com)
      • DNS lookup starts
      • queries recursive resolver which can be ISP, wireless carrier, etc.
      • recursive resolver redirects the query to root server
      • root server keeps map of all the top level domain (e.g. .com, .net) with top level domain (TLD) server's address
      • root server redirects the query for .com part to a TLD server
      • TLD server keeps map of all the top level domains with domain's name server
      • TLD server finds the domain's name server for example.com and redirects the query there
      • domain's name server keeps map of all the subdomains with IP address
      • request reaches to domain's DNS server with unsolved puzzle part (i.e. api.example.com)
      • domain's DNS server returns the IP address to recursive resolver server
      • recursive resolver server shares the IP address with client/browser
      • webpage appears
      • query resolution happen in 10th of the seconds
      • https://d1.awsstatic.com/Route53/how-route-53-routes-traffic.8d313c7da075c3c7303aaef32e89b5d0b7885e7c.png
  • DOT1X
  • dBm - decibels with milliwatt (mW) reference
    • A decibel is a logarithmic unit that is a ratio of the power of the system to some reference
    • 10 dBm (1mW) is 10 times powerful than 0 dBm
    • 20 dBm (100mW) is 10 times powerful than 10 dBm
  • RX (Receive) vs. TX (Transmit)
  • Ionizing vs non-ionizing radiation
  • 5G vs WiFi6
    • WiFi naming convention for past and current generation tech has been simplified
      • Wi-Fi 6 means 802.11ax technology – the new generation of Wi-Fi, present in many new routers you'll buy from now on - but not many devices as yet.
        • enhancement: at PHY layer, better traffic management, better multi-client mgnt
      • Wi-Fi 5 means 802.11ac technology – effectively the current generation
      • Wi-Fi 4 means 802.11n technology – many people will have networking gear based on 802.11n, but it was replaced by 802.11ac in many new routers from 2013 on.
    • WiFi6 > 5G
    • OEM original equipment manufacturer
    • OUI organizationally unique identifier
      • a 24-bit number that uniquely identifies a vendor, manufacturer, or other organization
    • MAC
    • physical address
    • EUI
    • Ref:
      • https://www.intel.com/content/www/us/en/wireless-network/5g-technology/5g-vs-wifi.html
      • https://www.cisco.com/c/m/en_us/solutions/enterprise-networks/802-11ax-solution/nb-06-5-things-WiFi6-5G-infograph-cte-en.html
  • Delay vs jitter vs latency
    • Latency: time to reach a packet to destination
    • Delay: time wasted/spent before sending the packet
    • Jitter: intermittent network issue/failure/package drop
  • baud