• OSI Model consists of 7 layers.

  • physical , data link, network, transport, session, presentation, application

  (Please Do Not Teach Students Pointless Abbreviation!)

  

  Source : https://www.udemy.com/course/networkplus/

Layer 1) Physical

Bits, Medium, Wiring standards, Physical topology, 
Synchronizing bits, Bandwidth usage, Multiplexing strategy 

• physical and electrical characteristics.

How are bits represented on the medium?

1. Electrical voltage or light
2. Current State
3. Transition Modulation

How are the cables wired?

• 2 std inside of network.
• TIA/EIA-568-B is standard wiring for RJ-45 cables and ports (?)
• cross over cable : A std - Bstd
• straing-thru cable : B std - B std or A std - A std

How are the cables connected?

• add pros/cons on the picture

source : https://www.conceptdraw.com/How-To-Guide/network-topologies

How is communication synchronized?

• Asynchronous : uses start/stop bits to notify transmission occured.
• Synchronous : uses a reference clock to coordinate the transmission

How is bandwidth utilized?

• broadband : like TV channel. we only pulled out the ones we wanted
• baseband : like telephone, using all of the bandwidth allocated to that phone line, reference clock. (example of synchronous communication)

Layer 1 Devices

• Cables : Ethernet, Fiber optic
• Radio frequencies : Wi-Fi, Bluetooth
• Infrastructure devices : Hubs, Wireless Access Points, Media Converters

Layer 2) Data Link

MAC, Physical addressing, Logical topology, Method of Transmission, LLC, Flow control

• consists of 2 sublayers, Media Access Control and Logical Link Control.

• data –(Data Link)–> frames

  

  (source : https://www.youtube.com/watch?v=Ilk7UXzV_Qc)

• Error detection/correction

• identification of network devices with an address (MAC)

Media Access Control (MAC)

• Many stations vying each other to occupy the cable. This is called media access, and there are several strategies.

  • Carrier Sence/Multiple Access with Collision Detection (CSMA/CD)

    If the device uses this method, then it first detect the signal on the wire(a carrier). Signal on the wire means that someone is already transmitting the data.

    1. It detects a signal on the wire.
    2. If there is no signal, then it sends signal. If other device did the same , then collision happens.
    3. After certain amount of time, It sends its signal again.

  • Token Passing

    1. The first computer turned on creates a token.

    2. The token passes around till it finds computer with data to send.

    3. The token with data has the address. Each station checks the address in the token.

    4. If the address in the token matches its own address, then it receives data, and modifies the token that it has received the data.

    5. The token is sent back to the original sender, and finally becomes free.

       No collision occurs!

  • Carrier Sense/Multiple Access with Collision Avoicance(CSMA/CA)

    This method is similar to CSMA/CD method. The difference is that It sends a request to send(RTS) packet and wait for clear to send(CTS) before sending.

    (I wonder if does have a collsion issue. It seems like, if it has a bad luck, it might happen.)

• Physical addressing. protocol-independent address

  • First 24-bits : the vendor code
  • Second 24-bits : a unique value
  • Hexadecimal number system

source : https://www.semanticscholar.org/paper/A-Study-of-MAC-Address-Randomization-in-Mobile-and-Martin-Mayberry/abae19306dfe311a2301d4cd015003414513e72a

• Logical topology

  • dictates the way the information flow. Types are the same as physical topology

  • Three main methods.

    • Contention :

      Stations seek for the chance to transmission of data. If collision occurs, the stations try to send data again.

    • Polling :

      Central device polls each device whether it has data to send or not. No collision problem.

    • Token passing :

      Token is a special data packet. If the device has a token, then it can transmit its data. No collision problem.

Logical Link Control (LLC)

• Acknowledgement of receipt of a message.
• Flow control : controls the load of data to optimize the performance.
• Error control : sends again if the data is not received or coruppted.

How is communication synchronized?

(learn more to understand fully)

• Isochronous :
  • create time slots by using a common reference clock source.
  • Less overhead(?) than other two method.
• Synchronous :
  • uses clocking method to indicate start/end of frames.
• Asynchronous :
  • uses their own internal clocks and use start/stop bits.

Layer 2 Devices

• Network Interface Cards (NIC)
• Bridges
• Switches

Layer 3) Network

Logical address, Switching (not SWITCH), Route discovery and selection, Connection services, Bandwidth usage, Multiplexing strategy 

• forward traffic with logical address such as IP Address.
• Every device has an assigned address by factory. This

Logical address

• Internet Protocol(IP) is dominantly used. (IP v4, IP v6)

How should data be forwarded or routed?

(learn more to understand fully)

• Packet swtiching (routing) : Data is divided into packets and forwarded.
• Circuit switching : Dedicated communication link is established between two devices
• Message switching : Data is divided into messages.

? what is the difference between Packet switching and Message switching?

Static routing : The network admin manually updates the router’s routing tables.

Dynamic routing : uses route discovery protocols to talk to other routeres.

Route Discovery and Selection

Routing table, Routing Protocol

• A routing table contains info about where to forward a packet based on destination IP address.
• Manually configured as a static route or dynamically through a routing protocol (RIP, OSPF, EIGRP) –> ?

Connection Services

• Layer 3 augment Layer 2 to improve reliability
• Flow control, Packet reordering (how does it work in detail? with LLC in layer 2?)

Internet Control Message Protocol (ICMP)

• sends error messages and operational info about an IP destination
• Used in troubleshooting (ping and traceroute)

Layer 3 Devices/Protocols

• Routers
• Multilayer switches
• IPv4 protocol / IPv6 protocol / Internet Control Message Protocol (ICMP)

Layer 4) Transport

TCP/UDP, Windowing, Buffering

• The start of upper layer.

Transmission Control Protocol (TCP)

• Connection-oriented protocol

• If segment is not sent well, then protocol will resend segment

• Acknowledgements recevied for succssful communications

• Three way handshake

  

• Source : https://www.udemy.com/course/networkplus/

User Datagram Protocol (UDP)

• Connectionless protocol
• Even though data is not sent well, sender does not know
• Good for audio/video streaming

Source : https://www.udemy.com/course/networkplus/

Windowing

• It helps client to send the right amount of data in each segment by evaluating how often retransmisions occured.

(Ex. Downloading Videos. The downloading speed keeps changing)

Buffering

• If bandwdith is not available, Device allocate memory to store segements.
• If bandwidth is available, it transmits the contents of the buffer.
• If the buffer overflows, then segments will be dropped.

Layer 4 Devices/Protocols

• TCP
• UDP
• WAN Accelerators
• Load Balancers
• Firewalls

Layer 5) Session

Setting up session, Maintaining sessions, Tearing down sessions

• Session layer is different from Transport layer in that it sees a bigger picture, and focus on entire conversation rather than one sentence.

Setting up a Session

• Assign numbers to session to identify them
• Negotiate services needed for session and who begins sending data

Maintaining a Session

• Transfer the data (respond/request)
• Restart a disconnected session

Tearing Down a Session

• After the transfer is over, the session ends with mutual agreement.

Layer 5 Devices/Protocols

• H.323
• NetBIOS

Layer 6) Presentation

Encryption, Data compression, network redirectors, Data format

• It converts data format for both upper and lower layer, so they can understand each other, like a translator.

Data Formatting

• Formats data for proper compatibility between devices

• Ensures data is readable by receiving system.

  • Most standard computer systems use the ASCII, but some other computer uses EBCDIC.

    Protocol at the transport layer can translate between the two.

Encryption

• Used to scramble the data in transit to keep it secure from prying eyes

• TLS to secure data between your PC and website (lock shows that it is encrypted)

  

Layer 6 Protocols

• HTML, XML, PHP, JavaScript, …
• ASCII, EBCDIC, UNICODE, …
• GIF, JPG, TIF, SVG, PNG, …
• MPG, MOV, …
• TLS, SSL, …

Layer 7) Application

Application services, Network management activities

• Provides application level services
• Layer where the users communicate with the computer (not notepad, not word, not eclipse…)

Application Services

• Application services unite communicating components from more than one network application
• Examples
  • E-mail (POP3, IMAP, SMTP)
  • File Transfer Protocol (FTP, FTPS)
  • Remote Access (TELNET, SSH)
  • Web Browsing (HTTP, HTTPS)
  • Domain Name Service (DNS)

Network management activities

• Client/server processes
• States the services they offer on the network (Printers ,File servers)
• Examples
  • Simple Network Management Protocol (SNMP)

• Mistakes
  • did not check the range of i in while statement.

Resources :

1. First Person View PC BUILD Guide!(POV)- Linus Tech Tips
2. https://www.wired.com/story/how-to-build-a-pc/
3. Hands-on practice

Components

Motherboard, CPU, Memory, Power supply, GPU, Storage

Motherboard : The follow a standard layout but can have different configurations depending on the use case.

Q) So if I wanted to build a gaming or AI specific computer, would I need to choose a different motherboard for each purpose?

CPU : Central Processing Unit, this is where the numbers get crunched and is what is core to a computer, it is socketed directly to the motherboard.

Memory : RAM (Random Access Memory, not REM, that is Rapid Eye Movement.)

PSU : Power Supply, it converts AC power to DC power to run the components of your computer.

GPU : Graphics Processing Unit, it handles the processing of visual aspects of a game or works as high core processing for AI

Storage : The two main types are HDD (Hard Disk Drive - mechanical) and SSD (Solid State Drive - no moving parts) and can vary in capacity and form factor.

I/O Devices : Such as a mouse, keyboard, monitor and so on, the devices used to interface with the computer.

Before getting started,

Connect yourself to a grounded power supply part using an anti-static strap. It will prevent ESD sensitive components from getting damaged.

** ESD : Electrostatic-Sensitive Device

Most computer components only require a size 2 Philips-head screwdriver to install.

Learning from YT video

1. Place the CPU in the CPU socket making sure it’s in the correct orientation.

   

2. Install the two RAM modules and note the notch for correct installation, after this install the M.2 SDD and screw it down.

   

3. When installing the cooler check to see if thermal compound has been pre-applied, if not apply only a pea sized amount on the center of the CPU, the pressure from installing the cooler will spread the compound. If you have an overclockable CPU a cooler that is higher rated would give better results when doing so.

1. The motherboard has a CPU fan pin which the cooler fan needs to be connected to, some computers will not boot if no CPU fan is detected.

   

2. The power supply should come with all the power cables necessary to run the computer.

3. If you plan to install a lot of fans you would need to have a fan splitter and to connect SATA power to the splitter.

   

4. Install the motherboard into the case. but before this, make sure to put the IO shield first into the case.

   

5. Once the motherboard has been screwed in securely you can start to plug in all the necessary power cables.

   

6. Take note of which cables are used for which devices.

7. Insert SATA SSD into the case, depending on the mount it should slot in or would need to be screwed in. Then connect the SATA data cable to motherboard and SSD.

8. Install the power supply and connect all the needed power supply cables to the motherboard.

   

9. PCI express power connector -> connects the graphics card and power supply

   

10. SATA power (SSD, hard drive, integrated RGB controller)

11. Put the graphics card in the PCI slot on the motherboard. Note the graphics card has it’s own IO shield so remove the IO plates corresponding to where the graphics card will be.

    

** PCI express : an interface that connects internal expansion cards such as graphics cards, sound cards, Ethernet and Wi-Fi adapters to the motherboard. source

** Overclocking : Overclocking is the action of increasing a component’s clock rate, running it at a higher speed than it was designed to run. This is usually applies to the CPU or GPU, but other components can also be overclocked. source

Try to learn about what is ipv4, ipv6, CIDR, OSI Model, what are ports, Switch vs Router vs firewall

그래프 기초

Direct-Address Tables

알고리즘 설명

알고리즘 설명

알고리즘 설명

S3 MFA-Delete

• S3에서 중요한 처리하기 전에MFA (multi factor authentication) 로 코드 인증하게..
• MFA-Delete 이요하기 위해서는 S3 bucket의 versioning을 먼저 enable시킨다.
• objective version 을 영구적으로 삭제할 때, versioning 을 중단할 때 MFA 필요하다.
• Versioning enable과 deleted versions을 list할 때는 MFA 필요 없다.
• Root account 만이 MFA-Delete를 활성/비활성 할 수 있다.
• 현재 CLI를 사용해서만 MFA-DELETE를 활성화할 수 있다.

Hands-on

일단 버켓부터 만든다. 버켓만들 시 versioning enable해준다.

root account 로 접속, IAM management => security credentials 가서 root access key 발급받는다. (MFA-Delete가 CLI 환경에서만 가능하기 때문에 CLI에서 Profile 등록해줘야한다. 평소에는 안 하는 것을 추천, 그리고 이 작업을 한 후 에 바로 root access key 삭제할 것을 추천.)

access key, secret, region 입력하는거 나오면 입력하면 된다.

$ aws configure --profile produser
AWS Access Key ID [None] : [여기 access key 입력]
AWS secret Access Key ID [None] : [여기 secret access key 입력]
Default region name [None] : [여기 region 입력]

그리고

$ aws s3api put-bucket-versioning --profile [my-root-profile] --bucket [my-bucket-name] --versioning-configuration Status=Enabled,MFADelete=Enabled --mfa [“arn:aws:iam::00000000:mfa/root-account-mfa-device 123456”]

이렇게 입력해 주면 된다. [] 로 둘러 쌓인 정보를 입력하면 됨. ([] 이거 빼고 입력). 마지막 줄은, 내 MFA 기기의 arn 정보를 입력해주고, 마지막줄 숫자는 내 기기에서 MFA 코드 받은 것을 쓰면된다.

그러면 MFA Delete 가 enable 되어서, S3 버켓 내의 object를 삭제를 하지 못한다. (마커 삭제도 불가.)

S3 Default Encryption vs Bucket Policies

과거의 Encryption 은 Bucket policy 를 이용해, proper headers가 없으면 HTTP 요청을 거부한다.

현재는 쉬워졌다. 그냥 default encryption option 을 사용하면 된다.

S3 Access Logs

• 모든 S3 버켓에 대해 무슨일이 일어나고 있는지 아는게 좋다. 아래처럼 properties에서 access logging 을 enable해준다.

• monitored bucket과 logging bucket이 같으면 절대 안된다. 사이즈가 기하급수적으로 증가한다.
• data analysis tool 이나 Amazon Athena를 이용해 분석 가능하다.

S3 Replication (CRR & SRR)

• Cross Region Replication (CRR) : 다른 리전의 버켓을 복사할 때. replication across accounts 때 ㄱㅊ
• Same Region Replication (SRR) : 같은 리전의 버켓을 복사할 때.다른 Bucket들에 있는 log를 하나로 합칠 때 ㄱㅊ
• 다른 Account의 버켓이라도 replication 가능하다.
• Asynchronous 하게 복제한다. (비동기)
• rep enable 전에 있던 파일은 rep안된다.
• delete action은 복제가 안된다. (versioning 여부와 상관없다.)
• 버켓3은 2를 rep하고, 2는 1을 rep한다고 했을 때 사진을 버켓1에 저장하면 2에만 rep되지, 3에는 rep안된다. (chain rep 안됨.)
• management - replication 에서 설정한다. rep 버켓 설정, 하고 IAM role 붙임, 그러면 IAM롤에 알아서 추가가됨. 아마 디폴트 세팅인가보다.

S3 Pre-Signed URLs

• SDK나 CLI를 이용해서 pre-signed URL 을 생성할 수 있다.
• GET 뿐 아니라 PUT 도 가능하게 할 수 있다. • Users given a pre-signed URL inherit the permissions of the person who generated the URL for GET / PUT

Hands-on

아래 링크는 pre-signed URL이지만, Public file이 아니라 access deny된다.

s3 object에 http get 요청에 응답하는 pre-sign URL을 만든다. 디폴트로 3600초 후에 만료된다.

맨 처음 명령은 kms encrypted object와 호환 가능하게 한다.

aws configure set default.s3.signature_version s3v4 
aws s3 presign s://bucket이름/s3object -- expires-in 300 --region [region]

S3 Storage