timy/EduNetworkBuilder
timy/EduNetworkBuilder
0
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
a18f760a9f
EduNetworkBuilder/EduNetworkBuilder/Resources/Help.rtf

178 lines
23 KiB
Plaintext
Raw Normal View History

Starting to sync
2015-08-01 17:13:20 +02:00
{\rtf1\ansi\ansicpg1252\deff0\nouicompat\deflang1033{\fonttbl{\f0\fswiss\fprq2\fcharset0 Calibri;}{\f1\fnil\fcharset0 Courier New;}{\f2\fmodern\fprq1\fcharset0 Consolas;}{\f3\fnil\fcharset0 Calibri;}}
{\colortbl ;\red0\green0\blue255;}
{\*\generator Riched20 6.3.9600}\viewkind4\uc1
\pard\widctlpar\sa200\sl276\slmult1\f0\fs22\lang9 This is a basic help document for EduNetworkBuilder\par
\b Overview\par
\b0 EduNetworkBuilder is meant to represent fairly truthfully how a network functions while removing the complexity of configuration. It focuses on IP addresses, Netmasks, Gateways, and Routes.\par
\b The Items & Terminology\b0\par
The items in this are broken into three main portions. Devices, network cards, and interfaces. This is how Linux does it, and Windows does too, though it is hard to notice it.\par
A device is the physical object. A laptop, desktop, server, etc.\par
Different devices can have multiple network cards. Each card has a MAC (Ethernet) address.\par
Each network card can have multiple IP addresses. This allows you to have one network wire coming into a computer, but have multiple IP-addresses. This adds a little bit of complexity, to it being a "simple" network simulation tool. But it adds a lot of flexibility, as well as being closer to reality.\par
\b Building a network\b0\par
Use the item list on the left to choose an item to add to the network.\par
Click on the link button, then left-click on the starting item and drag to the destination item. Release the button on the destination and a "link" box will appear. Select the network-cards and interfaces that are selected.\par
\b Configuring The Devices\par
\b0 Double-click an item to edit it. You can change the host name, and add network cards and interfaces. You can also set the default gateway and add routes. On servers, you can configure the DHCP service.\par
\b Network Cards\par
\b0 For the most part, you should not need to add extra network cards. But, if you want to, you can. If you press the edit button on a network card, you can choose if the network card is configured statically, or through DHCP.\par
\b Interfaces\b0\par
You change an interface when you are editing a device. If the device has multiple network cards, you need to select the network card you want to change the interface for. The interface initially looks like: "0.0.0.0 - 0.0.0.0" This is the network and subnet. The whole object of the program is to simulate what happens when you have different values here. Or to have someone set up a network and then for you to go in and configure it so it works. Double-click on an interface to set the IP Address and netmask for that interface.\par
\b Default Gateway\b0\par
The default gateway is on a device editing screen at the top-right. Click on the button to set it. If a Network Card is set to use DHCP then any value you put in will be overridden if the device does a DHCP Request.\par
\b ACTIONS\par
\b0 You can right-click a device and do actions on it. Delete, edit, ping from, arp from, dhcp request (if the device is configured to use DHCP), remove links between devices, and a few other things.\par
\b Solving Puzzles\par
\b0 Under the menu-item, "Samples", you will find the puzzles. Opening this window will let you select from a number of puzzles which will help you learn how the program functions and test your knowledge of networking. The puzzles start with a low complexity (level zero is mainly about basic usage of this program) and work their way up. Starting at the beginning is recommended, but you can jump to whatever complexity you want to master.\par
As you try to solve a puzzle, you should see a series of radio-buttons on the upper-right. These are your "help-o-meter." Help of zero, the bottom, does not do anything for you. If you click it up one button, it will color-code the machines that have problems. If you click it onto the third button, it will give you a little more information about the problem when you mouse-over the problematic computer. And the top-most button will basically tell you what you need to do when you mouse-over the problem. Some puzzles, however, are set up to not show you the complete solution, and so you will need to think those out.\par
\b Making Puzzles\par
\b0 EduNetworkBuilder is set up so you can make puzzles to give to others to do. Start by thinking out your problem, what you want to solve and how you want them to solve it. Then, draw your "network." Once all the pieces to the puzzle have been added and configured to your liking, you need to go to "Edit" and "Options."\par
Start by giving the puzzle a good name (title). This shows up at the top of the network window. You can determine if the device names and their IP addresses are displayed by checking the "Display Titles" checkmark.\par
Set the "Message given when network loaded", which explains the puzzle. Make sure to give enough information that they can understand what you want them to do with the puzzle.\par
Finally, double-click in the "tests" box, or right-click to "add" a test. Choose the device that is affected. The source device is the one that will change color to tell you that there is a problem with it. There are many sorts of tests, from needing to ping something, to have an IP-Address which is considered "local" to something else.\par
You can also choose to "lock" things. This keeps others from changing them during the puzzle. For example, locking pc0 NIC 192.168.1.3 will keep people from changing the network card that has the IP address of 192.168.1.3.\par
\b Levels:\par
\b0 Level_0: Program operation.\par
Level_1: Basics: IP Addresses, Netmask, Gateway, Ping, etc.\par
Level_2: Firewalls, VPNs, etc.\par
Level_3: Troubleshooting the basics\par
Level_4: Advanced Subnetting and Routing\par
\b NETWORKING TOPICS:\par
The Basics:\par
\b0 There are four main components to subnetting. The IP Address, the netmask, the default gateway, and static routes.\par
\b The IP Address:\par
\b0 The IP Address is a set of four numbers, connected by periods. Each of the numbers is eight bits long, which means it is a number between 0 and 255. Most IP addresses are reserved for specific people, places, and things. But there are three main sets of "internal" IP addresses that are set aside for use behind firewalls. 10.x.x.x, 192.168.x.x, and 172.16-31.x.x\par
\b The Netmask:\par
\b0 The network mask (or netmask) is a set of numbers that state what is considered "local" and what is considered "remote." Anything that is not considered local is sent to the computer specified by the "default gateway." Anything that is considered local is sent straight out to the local network, destined to the local machine.\par
The netmask usually looks something like 255.255.255.0. In binary, this looks like: \par
11111111.11111111.11111111.00000000\par
Again, each bit can either be 0 or 1, and a byte is 8 bits in length. There are 4 bytes in each IP address, and the same number in each netmask. The 255 number is the highest number that can be represented in one byte. All the bits are set to 1. \par
A netmask can also be expressed by "CIDR" notation. This is a count of how many 1s there are in a row before the first zero. The number above would be expressed as /24.\par
\b The Gateway:\par
\b0 The gateway is a computer on the same subnet as the IP address, where any non-local packets are sent to. The computer compares the destination IP address with the local computer's IP address, using the subnet-mask to determine if it is local or not. If the packet is local, it is sent straight out of the network card to the destination computer. If the packet is not local, it is routed to the default gateway, which sends it on towards the final destination.\par
\b DHCP:\par
\b0 DHCP is a protocol for when a computer does not have a static IP address set up for it. Often when a computer turns on or connects up to the wireless, it needs to have one assigned to it. DHCP is what happens. Basically the client broadcast out a "DHCP" request. The request only goes out to "local" computers (it stops when it hits a router). A DHCP Server will respond (if one exists on the local network) and give the client an IP Address.\b\par
DHCP Server:\par
\b0 (See DHCP above) A DHCP server remembers all the clients that request IP addresses so it issues the same IP address if that particular client asks a second time. It also remembers which IP addresses it has given out so it does not give the same IP address to different computers.\b\par
Ping:\par
\b0 A Ping is a simple packet that is sent from one comput to the other. The computer you send the ping packet to will usually respond. The word "Ping" comes from the concept of a submarine and sonar. Something does a "Ping" and you hear an echo to tell you that the computer is alive. This is usually what it is used for, to determine if a computer is turned on, functional, or to see if the network is properly set up.\b\par
ARP:\par
\b0 ARP stands for "Address Resolution Protocol." Computers on a local network talk to each-other by using the MAC Addresses. These are addresses that are unique to each network card, that look something like: \f1\lang1033 10:08:b1:73:aa:5b\par
\f0\lang9 ARP is what is used when one computer wants to find the MAC address of another computer. It usually sends out a broadcast that says, "who has this IP Address?" And it gets a response back that says something like, "I have that IP and my MAC address is: \f1\lang1033 10:08:b1:73:aa:5b\f0\lang9 "\par
We do not get into it too much on this program, but if a computer does not know the MAC address of the computer it is trying to communicate with, it first sends out an ARP request to find that before it sends out a packet containing the ping or other communication.\par
You can usually run: arp -a\par
from a commandline to see all the MAC addresses that the computer has remembered.\par
\b Unicast Packet:\par
\b0 A Unicast packet is a packet that is going to one specific computer.\b\par
Broadcast Packet:\par
\b0 A broadcast packet is one that is sent out to everything that is considered local to it. Routers, firewalls, and some other devices do not pass broadcasts on.\b\par
Static Routes:\par
\b0 A static route has a network, a subnet mask, and a gateway. The gateway must be local to the computer that is sending out the packet, otherwise the computer cannot figure out how to send the packet. Static routes are used primarily for telling routers, firewalls, and computers how to send packets when the IP addresses and gateways are not obvious.\par
\b Comparing IP addresses:\par
\b0 When a computer wants to compare IP Addresses, it does it by using the subnet mask. A mask hides something. A Halloween mask hides our face; masking tape covers a wall to keep it from being painted on. A subnet mask hides the subnet. For example, an IP address of 192.168.0.50 and netmask of 255.255.255.0 looks like:\par
\pard\widctlpar\fs24\lang1033 IP:\par
11000000.10101000.00000000.00110010\par
Mask:\par
11111111.11111111.11111111.00000000\par
\pard\widctlpar\sa200\sl276\slmult1\fs22\lang9 The mask has 24 ones in a row. So it could also be represented as /24. When it is compared, the first thing that happens is the subnet is masked out. In the mask, the final set of numbers are zeroes. The numbers where the mask is a 0 is dropped. The resulting number is: 192.168.0.0. This is called the "Network Address." We do the same thing for both the source and destination IP. Then we compare the Network Address of both of them. If they have the same network address, then they are considered to be on the same network. If they do not have the same network address, they are considered to be on different networks.\par
\b VPNs:\par
\b0 A VPN stands for a "Virtual Private Network." It is used to make a secure connection between computers or networks, usually across the Internet. It is usually used in the context of either someone working from home and wanting to access printers or file-shares off the office network. Or, two different networks wish to be connected (two offices in different states, etc).\b\par
ADVANCED TOPICS:\b0\par
\b Subnetting: \b0 (Based heavily off of LordFlasheart's post, "Subnetting Made Easy" here: {{\field{\*\fldinst{HYPERLINK http://www.techexams.net/forums/ccna-ccent/38772-subnetting-made-easy.html }}{\fldrslt{http://www.techexams.net/forums/ccna-ccent/38772-subnetting-made-easy.html\ul0\cf0}}}}\f0\fs22\par
An IP address is made up of 32 bits, split into 4 octets (octet = 8 bits). Some bits are reserved for identifying the network and the other bits are left to identify the host.\par
Below shows you how, for each class, the address is split in terms of network (N) and host (H) portions.\par
\f2 NNNNNNNN.HHHHHHHH.HHHHHHHH.HHHHHHHH /8\par
NNNNNNNN.NNNNNNNN.HHHHHHHH.HHHHHHHH /16\par
NNNNNNNN.NNNNNNNN.NNNNNNNN.HHHHHHHH /24\par
\f0 There is a boundary at each dot, therefore there are boundaries after bits 8, 16, 24, and 32. This is an important concept to remember. The first move in doing any work with subnets is to figure out which boundary segment you are working within. So you will need to remember the 8, 16, 24, 32.\par
We will either be working with the netmask given in CIDR notation (/24) or in dotted decimal (255.255.255.0). The first thing to do is to determine the block size: how big the subnet is.\par
With CIDR (/24) we do this by first finding the nearest boundary higher than our number. For example, we are using a /20 subnet. The next boundary up is /24. We then subtract our subnet from the boundary. 24 - 20 = 3. There are three bits that make up the size of the subnet. the number of numbers in 3 bits = 2 ^ 3 (two to the power of 3, or 2 * 2 * 2), which is 8. Remember that the first number is lost to the "network address" and the last number is the "broadcast address".\par
It is very simple to determine the block size when using the dotted decimal (255.255.255.0) format. You find the last number that is not 255, and subtract it from 256. For example, if you are doing 255.255.255.240, the last number is 240. 256 - 240 = 16. So the block size is 16. But, what do we do with the block size? Well, the easiest thing to do is to look at a number of examples, and it should make more sense.\par
\b Question: What subnet does 192.168.12.37/29 belong to?\par
\b0 You may wonder where to begin. We always start with determining which boundary we are working with for this address.\par
Our mask is a /29. The next boundary up is 32. So 32 - 29 = 3. Now 2^3 = 8 which gives us our block size i.e. 2 to the power of 3 equals 8. \par
We have borrowed from the last octet as the 29th bit is in the last octet. We start from zero and count up in our block size. Therefore it follows that the subnets are:-\par
\par
192.168.12.0\par
192.168.12.8\par
192.168.12.16\par
192.168.12.24\par
192.168.12.32\par
192.168.12.40\par
.............etc.\par
Our address is 192.168.12.37 so it must sit on the 192.168.12.32 subnet.\par
\par
\b Question: What subnet does 172.16.116.4/19 sit on?\par
\b0 Our mask is /19 and our next boundary is 24. Therefore 24 - 19 = 5. The block size is 2^5 = 32.\par
We have borrowed into the third octet as bit 19 is in the third octet so we count up our block size in that octet. The subnets are:-\par
172.16.0.0\par
172.16.32.0\par
172.16.64.0\par
172.16.96.0\par
172.16.128.0\par
172.16.160.0\par
.............etc.\par
Our address is 172.16.116.4 so it must sit on the 172.16.96.0 subnet. Easy eh?\par
\b Question: What subnet does 10.34.67.234/12 sit on?\par
\b0 Our mask is 12. Our next boundary is 16. Therefore 16 - 12 = 4. 2^4 = 16 which gives us our block size.\par
We have borrowed from the second octet as bit 12 sits in the second octet so we count up the block size in that octet. The subnets are:-\par
10.0.0.0\par
10.16.0.0\par
10.32.0.0\par
10.48.0.0\par
.............etc.\par
Our address is 10.34.67.234 which must sit on the 10.32.0.0 subnet.\par
Hopefully the penny is starting make sense. We will now change the type of question so that we have to give a particular host range of a subnet.\par
\b Question: What is the valid host range of the 4th subnet of 192.168.10.0/28?\par
\b0 Easy as pie! The block size is 16 since 32 - 28 = 4 and 2^4 = 16. We need to count up in the block size in the last octet as bit 28 is in the last octet.\par
192.168.10.0\par
192.168.10.16\par
192.168.10.32\par
192.168.10.48\par
192.168.10.64\par
.................etc.\par
Therefore the 4th subnet is 192.168.10.48 and the host range must be 192.168.10.49 to 192.168.10.62, remembering that the subnet and broadcast address cannot be used.\par
\b Question: What is the valid host range of the 1st subnet of 172.16.0.0/17?\par
\b0 /17 tells us that the block size is 2^(24-17) = 2^7 = 128. We are borrowing in the 3rd octet as bit 17 is in the 3rd octet. Our subnets are:-\par
172.16.0.0\par
172.16.128.0\par
The first subnet is 172.16.0.0 and the valid host range is 172.16.0.1 to 172.16.127.254. You must remember not to include the subnet address (172.16.0.0) and the broadcast address (172.16.127.255).\par
\b Question: What is the valid host range of the 7th subnet of address 10.0.0.0/14?\par
\b0 The block size is 4, from 16 - 14 = 2 then 22 = 4. We are borrowing in the second octet so count in the block size from 0 seven times to get the seventh subnet.\par
The seventh subnet is 10.24.0.0. Our valid host range must be 10.24.0.1 to 10.27.255.254 again remembering not to include our subnet (10.24.0.0) and the broadcast address (10.27.255.255).\par
\b What if they give me the subnet mask in dotted decimal?\par
\b0 If you're lucky and they give you a mask in dotted decimal format then you should have an even easier time. All you need again is your block size.\par
Let's say they have given a mask of 255.255.255.248 and you wish to know the block size. Here's the technique:\par
1. Starting from the left of the mask find which is the first octet to NOT have 255 in it.\par
2. Subtract the number in that octet from 256 to get your block size e.g. above it is 256 - 248 = block size of 8.\par
3. Count up from zero in your block size in the octet identified in step 1 as you have learned above (the example above would be in the last octet).\par
Another example is a mask of 255.255.192.0 - you would simply count up in 256 - 192 = 64 in the third octet.\par
One more example is 255.224.0.0 - block size is 256 - 224 = 32 in the second octet.\par
\b WHEN TO SUBNET:\par
\b0 The word, "subnet", means one network that is part of another. The process of subnetting, therefore, is the process of breaking a network into smaller pieces.\b\par
\b0 Subnetting used to be very critical to the smooth operations of a network. Old versions of Windows did lots of broadcasting, and networks were very loud. That, combined with slower networks, meant a lot of congestion. To remedy that, they used to subnet networks into small pools of like items (PCs, printers, servers, etc.) This would have the net effect of shrinking the distance a broadcast packet would travel, as well as give granular control of security.\par
But a number of technological advances happened, which removed many of the reasons to subnet.\par
* Switches were invented so only broadcast traffic went to every machine.\par
* Protocols got a lot smarter, relying less and less on broadcast traffic to make things work.\par
* Programs got a lot smarter, using other methods than broadcasts.\par
* Router speed increased, so routers could handle more traffic and larger routing tables.\par
* Network speeds increased exponentially, which increased the carrying capacity of a single network exponentially.\par
* And many other advances.\par
So, in short, subnetting is no longer critical for making a small network function. But subnetting of large networks is very important. Security is probably the biggest reason to subnet. Subnetting very large networks can still be very helpful in keeping down traffic. And Subnetting networks that are connected via VPNs is still a very important part of planning large scale networks.\par
There are a few main rules for how to subnet:\par
* All IP subnets should use natural boundaries.\par
* Grouping like objects into \ldblquote natural\rdblquote subnets makes them easier to control.\par
* Smaller adjacent subnets should fit into larger subnets, most of the time.\par
* Smaller routing tables require less management and resources.\par
\b All IP subnets should use natural boundaries.\par
\b0 Even if you do not need all the space, you should break up networks into ranges of the power of 2. It is very common to say something like, the first 50 IPs are for networking equipment, the next 20 are for printers, etc. But it is much better to use 64 IPs for networking equipment, and 16 IPs for printers... The numbers are not quite as simple on the brain, but they are a lot easier to control in your firewall. You can block access from the Internet to your networking equipment my making one simple rule if you make your ranges appropriately. You should also plan on growth. It is very common for people to run out of their IP space, simply because they failed to plan.\par
\b Grouping like objects into \ldblquote natural\rdblquote subnets makes them easier to control.\par
\b0 As mentioned above, it is common to want to block Internet access directly to and from your networking equipment and printers. You may want to allow certain traffic to individual departments (many organizations allow the media departments to access Facebook and social media sites during work-hours, while other departments are not allowed to access those same sites.) If your equipment and PCs are subnetted along natural boundaries (8, 16, 32, 64, etc.), you can usually make a single rule to allow or block traffic to those particular items.\par
\b Smaller adjacent subnets should fit into larger subnets, most of the time.\par
\b0 If you plan it right, you should be able to supernet your subnets, and have one route or rule for them. For example, you may have your networking equipment in 1-63, and your printers from 65-127. That means you can have one route or rule that matches all 128 IPs. This makes life a lot simpler for creating many sorts of rules.\b\par
Smaller routing tables require less management and resources.\par
\b0 Again, with the onset of more powerful routers, firewalls, and faster networking speeds, this is no longer quite as critical as it once was. But if you have a finely tuned firewall, you can end up with many rules. Often it is very nice to block all access to a whole range instead of blocking access to each machine one IP at a time. Often, the "less management" simply means less work for the techies who are keeping things running smoothly.\f3\par
}
Reference in New Issue Copy Permalink