Users browsing this thread: 1 Guest(s)
z3bra
Grey Hair Nixers
Hey there!

Posting this here as there is no "networking" section on this forum. Feel free to move me venam :)

I've found myself discussing the basics of networking with two different people on IRC via private message, both interrested in me sharing my experience with it. Not that I'm an expert in this field, but it's my job so I understand a few bits of it.
So it got me thinking, why not setting up a bunch of "networking courses" within the nixers community, to teach people how their computer manage to communicate with the outside world?
We would be covering the basics of the 4 first layers of the OSI model: what's a MAC address, an IP address, a netmask, how do they work together? What's a switch, a router, how do they know where to send packets? A lot of these questions seems quite easy, but I always encouter people having difficulties to answer them when you go into details.

Who would be interrested in attending such a course?

Also, if some gurus out there are willing to help me, it would be great to have multiple opinions/explanations about some topics (as I said, I'm far from knowing everything, and there are many things I don't understand well enough to teach).



EDIT: There will be 6 sessions. I'll update the planning in this post:

0. introduction: recorded on 2016-07-31
1. physical layer: recorded on 2016-08-11
2. data link layer: recorded on 2016-08-13
3. networking layer:
4. transport layer:
5. further informations:
BANGARANG, MOTHERFUCKER
stark
Members
As a student, I'm interested.

Also, it would be really cool, if everyone would submit practical questions, challenges, creative experiments for home-labs, etc.

- What kind of issue(s) did you come across today ?

- How did you solve it when no search engine or individual had the answer ?

- What kind of complexity do you manage everyday ?

- Can it be simplified ? If so, how ?

It doesn't matter if you are a professional or a hobbyists, personal experience, curiosity and willingness to learn is what makes this work :)

I guess this needs to broken down into three parts ?

- Beginner
- Intermediate
- Expert

None the less, Great idea !
venam
Administrators
Great initiative.
Maybe you can integrate it with something we already have for the media, a webcast, podcast, or something dynamic.

Text documents on the subjects are plenty on the internet.

A plus would be to make it unix specific and give real world examples and tools from the unix toolbox.
z3bra
Grey Hair Nixers
We could host it on mumble, and record the course. I could also record webcasts on my side showing configuration examples, and discuss them live.
stark
Members
+1 for netcasts !
pranomostro
Long time nixers
(12-07-2016, 03:38 AM)z3bra Wrote: what's a MAC address, an IP address, a netmask, how do they work together? What's a switch, a router, how do they know where to send packets?

Okay, I'll try to answer these without searching the internet. Phew.

MAC address: a (normally) device specific address, 48 bit long, set by the manufacturer. Can be changed,
normally shouldn't, is mostly used for authentication. Only the next router knows it.

IP address: IP addresses are used within the TCP/IP protocol to establish connections. IPv4 addresses are 32 bit long, IPv6 addresses
are 128 bit long (we are having a problem because we haven't got enough IPv4 addresses left). IPv4 addresses are mostly
dynamic, so every device is assigned an IP address with DHCP to avoid IPv4 address collisions. IPv6 doesn't need DHCP because
collisions are highly unlikely (the IPv6 address is generated via the MAC address and some device specific stuff).
IP addresses are hierarchical, which means that every network can have a sub-network. And here we get to the

netmask: a simple description of how big a subnet of a certain router is. For example, Apple has got a whole /24 network, meaning
that they can use every IP-address which begins with a 17 (17.1.1.1 for example) (source: https://www.xkcd.com/195/). IPv6 has the same
principle.

[To be continued]
z3bra
Grey Hair Nixers
Thanks for giving it a try without cheating! These are actually "basic" questions, but their answers tend to be tricky if you want to be 100% correct (note that I'm probably not 100% correct myself).

Overall, your answers are correct, and you seem to undertstand the topic well enough. They are not "correct enough" in the academic sense though, and, I think, deserve some correction. (Note that I'm also replying without googling, so some answers might not be totally correct).

(12-07-2016, 05:33 AM)pranomostro Wrote: MAC address: a (normally) device specific address, 48 bit long, set by the manufacturer. Can be changed,
normally shouldn't, is mostly used for authentication. Only the next router knows it.
MAC addresses are used for layer 2, while routers operate on layer 3, so your statement is not exact.

(12-07-2016, 05:33 AM)pranomostro Wrote: IP address: IP addresses are used within the TCP/IP protocol to establish connections.
IP addresses are used for far more protocols than TCP. TCP and IP are two distinct protocols.

(12-07-2016, 05:33 AM)pranomostro Wrote: IPv4 addresses are mostly dynamic, so every device is assigned an IP address with DHCP to avoid IPv4 address collisions.
DHCP is used primarily to avoid bothering your administrator when connecting to a network. When you sit in an airport, you don't know what's the network, netmask and gateway. DHCP sets this all for you. You're right as it also helps avoiding address conflicts.
Also, they are not "mostly" dynamic. For home networks, DHCP is pretty common, as it makes it easier for the lambda user to connect. For professionnal networks, static addressing is used a lot, especially for network equipment and servers. Public IP addresses are also candidates for static IPs (even though providers like digital ocean have a DHCP server for them too).

(12-07-2016, 05:33 AM)pranomostro Wrote: IPv6 doesn't need DHCP because collisions are highly unlikely (the IPv6 address is generated via the MAC address and some device specific stuff).
Using the MAC address to set the IPv6 is a common practice amongst net admins, as it would be tedious to generate "manually" a new address for each machine you setup. It is also a good practice because, as all MAC addresses are supposedly unique, it helps making IPv6 addresses unique too (this tend to be wrong because of VMs, as the MAC address has to be generated semi-randomly for them, but that's another topic).

(12-07-2016, 05:33 AM)pranomostro Wrote: IP addresses are hierarchical, which means that every network can have a sub-network.
The netmasks are hierarchical, not the IP addresses themselves, but that's correct (exception for netmask /30 and more)

(12-07-2016, 05:33 AM)pranomostro Wrote: netmask: a simple description of how big a subnet of a certain router is.
The concept of "network" is independent from the routers. The router only serves as a "bridge" (or gateway ;)) between networks. You're right saying it defines its size (size refers to the number of available IP address withing a network), and it's used internally by the OS to know where to send its packets.

(12-07-2016, 05:33 AM)pranomostro Wrote: For example, Apple has got a whole /24 network, meaning that they can use every IP-address which begins with a 17 (17.1.1.1 for example) (source: https://www.xkcd.com/195/). IPv6 has the same
principle.
/24 only features 254 available addresses (x.x.x.1 to x.x.x.254, .0 is reserved for the network, .255 for the broadcast). "24" here refers to the numbers of bits set to 1 in the netmask. A netmask includes 32 bits overall (4 bytes, like IP addresses):

/24 == 255.255.255.0 (base10) == 11111111.11111111.11111111.00000000 (base2)

Apple then owns a /8 (or 'A' class) IP range (16581373 available IP addresses). This range goes from 17.0.0.0 to 17.255.255.255 (including net and broadcast).

---

I think such a course would help people understand better how network works. It would also help me being more precise about some points, as I'll have to dive again into some topics that I've probably forgotten (looking at you "split-horizon" and comrades), and learn a bunch of things along the way.

Who would be up for it then?

(12-07-2016, 03:43 AM)stark Wrote: 0. What kind of issue(s) did you come across today ?
1. How did you solve it when no search engine or individual had the answer ?
2. What kind of complexity do you manage everyday ?
3. Can it be simplified ? If so, how ?

0. networking is really creative when it comes to issues. Latest one was a NAT rule forgotten on a firewall interface, leading to a DMZ machine accessible from the internet, but not from the internal network. You know you have a network issue when you start saying "Ah, that's odd..."
1. if no search engine or individual has the answer, it means you're writing a thesis on a hot topic only you is interrested in. On a more serious note, there is always a manual somewhere with the answer.
2. top secret ;) Personnally, I'm connected to 5 different networks, my local one, internet, and 3 VPNs. I manage one router/firewall myself
3. it's simplified at its max (I guess...)
tigoesnumb3rs
Members
Great Idea!

I would be interested!

0. Though I'm probably completely missing most of the basics, right now I'm interested in VRFs, overlaynetworking, meshing, firewalling.. etc. Basically I want to connect a bunch of VMs/Containers across hosts/networks and know how to isolate them. I have read a few things here and there, but I haven't really tried out that much of it as of yet.

1. $people have solved most problems I encounter.. and usually I'm not working on a thesis, which means I currently lack some knowledge to ask the right questions. Which means I have to iterate over the current state of my progress until I find something.

2. Currently some virtual machines with a bunch of containers on them to test what I've read online on my old x220.. soon I might be able to get my fingers on a small multi host cloud.. already have access to the Hardware, but haven't had time yet to install it. I have access to 2 VPNs from my university and if I start reading some documentation to 2 mesh networks..

3. I'm not entirely sure what I want yet.. so I don't know how to simplify it..
acg
Members
This sounds pretty cool! I'm interested!

Would also love to see how any sysadmin have managed to solve issues, sort of a journal.
argonaut · musician · developer · writer · https://www.betoissues.com
I can probably help out with this knowledge wise and its possible I can toss up some juniper and cisco hardware to futz around with once I get settled in to my new place but no promises on the last part.
z3bra
Grey Hair Nixers
That would be nice! Do you work as a network architect or something similar?

Ok, so it seems we have a few people interrested. Here is a quick sketch of the topics I would like to cover:

0. introduction
  • OSI model

1. physical layer
  • RJ45 pins
  • straigh-through / crossover cables
  • network topologies
  • sending bits

2. data link layer
  • MAC address
  • switches
  • hubs
  • ARP protocol

3. network layer (the big one)
  • IP addresses
  • network/broadcast address
  • netmask
  • gateway
  • routers
  • routing protocols

4. transport layer
  • encapsulation
  • TCP / UDP

4. further informations
  • Bonding
  • Bridging
  • VLAN
  • Firewall
  • VPN
  • DNS

I think we will cover a big part of networking basics with these. If you feel something is missing, or would like to see another topic discussed, please ask and I'll consider discussing it.
I will probably share my screen, but I need a reliable way to do so. If someone has an idea, please tell me! Another idea would be to do it over Tox, but I'm not sure there is a way to record the video/audio. I'll check.

What do you think of this program?
(13-07-2016, 03:05 AM)z3bra Wrote: That would be nice! Do you work as a network architect or something similar?

Nope, just a lowly admin but my dad is pretty high level and at one of the major US telecoms at that so I can usually "borrow" most reasonably borrowable equipment. When I told him I was studying for my CCNA i had a CCIE lab in my bedroom the next day.

Looks good to me. I need to touch up on VLANs personally.
pranomostro
Long time nixers
@z3bra:

Thanks for the detailed answer.
Quite some reading material ahead!
acg
Members
(13-07-2016, 03:05 AM)z3bra Wrote: Ok, so it seems we have a few people interrested. Here is a quick sketch of the topics I would like to cover:

I've read about this but I think it would be amazing content coming from people over here.
argonaut · musician · developer · writer · https://www.betoissues.com
z3bra
Grey Hair Nixers
Ok, I got the streaming part covered in using ffmpeg. There is like 10 seconds delay, but it should be ok to demonstrate practical stuff.
For sound, we can use my mumble server, and perhaps IRC for live questions.
acg
Members
(14-07-2016, 03:38 PM)z3bra Wrote: Ok, I got the streaming part covered in using ffmpeg. There is like 10 seconds delay, but it should be ok to demonstrate practical stuff.
For sound, we can use my mumble server, and perhaps IRC for live questions.

Using IRC should be fine as it can be easily embedded almost anywhere, plus most of us are already there.
argonaut · musician · developer · writer · https://www.betoissues.com
stark
Members
Kudos for the live streaming ! Are the live lessons going to be archived somewhere ? Perhaps we can create a Github page or something, and add lesson notes, video link, etc.
z3bra
Grey Hair Nixers
I don't like github. But I can host it myself. I need to look at audio streaming as well, so I can save the file for later distribution. The 10 seconds lag bother me though, as if there are question, I will get them 10 seconds after O discussed the topic.
tigoesnumb3rs
Members
Could you maybe use something like asciinema [0] to record the screencasts?

[0] : https://asciinema.org/
z3bra
Grey Hair Nixers
Yeah I have been considering such an option (not asciinema, but our very own solution, see thread https://nixers.net/showthread.php?tid=1662). I ended up ditching it because you can't record sound with it, and it's bound to the terminal anyway (and I plan to use my whole screen).
This looks interesting - its got a limit of 15 users at a time though.

https://github.com/trailofbits/tubertc
z3bra
Grey Hair Nixers
There are indeed a bunch of apps using webRTC. They require a compatible browser though, and don't allow recording the video. I keep it in mind, just in case. Thanks!
I could have sworn I read that it had an option to record but I dont see that referenced anywhere. My mistake.
z3bra
Grey Hair Nixers
I'm still unable to stream the video + sound. This is a bit odd as I followed basica example on the net.
I guess audio on linux is still driving me crazy...
Could anyone help a bit?

I already have the first two courses written down. All I need now is a way to schedule an online course.
z3bra did you work out your bgp thing? If not PM me your setup details so I can sanity check.
z3bra
Grey Hair Nixers
I did not yet. Not sure where the problem lies, and I would need a peer to trouble shoot this issue with me.
z3bra
Grey Hair Nixers
Ok so I have the presentation for the 3 first sections completed. I managed to fix my microphone to get an "OK" sound (there is a low white noise, but it should be okay).
Only the streaming part remains, as it seems the audio is not sent to the server. I need to figure out why... Otherwise, we can try doing a live session on mumble, and see if the lag isn't much of an issue.

I'll probably perform a test over the week-end if people are availaible.
z3bra
Grey Hair Nixers
As nobody even tried to help me, I had to figure it out myself, but I did! I did some quick testing with gents on IRC, and they could see my nice screen and hear my suave voice loud and clear! There is like 20 seconds of delay, but I guess I can live with it.

So if everything goes ok, I'll set the first networking course for this week-end! It will be sarturday at around 10AM UTC. Who would be available at this time? The session will last less than 30 minutes I guess.
z3bra
Grey Hair Nixers
Nobody available...? :(
venam
Administrators
I'll be there, I don't know if my connection will handle it but I'll try.