Lucio
@mkdir_lucio
- 1 Followers
- 0 Following
- 25 Posts
Switches are the smart, Layer 2 traffic cops of your LAN. VLANs enable me to carve up logical, isolated networks on one physical switch (HR, Engineering, Guests). 802.1Q trunking is the "tagged" highway that carries all this different VLAN traffic from switch to switch. It's network segmentation 101!
SSH is my secure lifeline. Encrypted remote access to configure anything, anywhere. SNMP is the network's health monitor, gathering stats in the background from devices. Just please, for uptime's sake, don't use SNMP v1/2c (no encryption)! Use v3. Your network requires secrets. #SSH #SNMP #Networking #SysAdmin #DevOps
The "S" makes all the difference. FTP/HTTP send your data (and passwords!) on a postcard for everybody to read. FTPS/HTTPS put that postcard in an locked, tamper-evident safe. Never, ever use the plaintext versions for anything worthwhile. The extra step of a certificate is a small price for security.
The ease-of-use dynamic duo:
DHCP: The friendly concierge who assigns your machine an IP address, subnet mask, and directions (default gateway) when you log in to the network.
DNS: The phonebook that translates a friendly name (mastodon.social) into a phone number (IP address).
Life without them? Setting it up manually. No thank you!
Ports are like numbered doors on a server. Commit these to memory: >>21: FTP (File Drop) >> 22: SSH (Secure Admin) >> 80: HTTP (Web) >> 443: HTTPS (Secure Web) >> 53: DNS (Phonebook) >> 25: SMTP (Mail Out) >> 110: POP3 (Mail In) >> 143: IMAP (Better Mail In) >> 67/68: DHCP (Auto-Config) >> 3389: RDP (Remote Desktop) Memorize these; it's a superpower. #Networking #Ports #SysAdmin #CyberSecurity
Protocols are the rules of conversation. Services are the applications talking. HTTP (protocol) defines how to ask for a webpage. A web server service (like Apache) listens and responds. It's the grammar versus the speaker. Understanding this difference is the key to debugging any network service. #Networking #Protocols #Services #IT
It's natively bilingual. A dual-stack device speaks both IPv4 and IPv6 natively. No translation needed, it can choose the best language to speak to the destination. It's the most seamless path forward as we make our way toward an entirely IPv6 world. The future is here, just unevenly distributed.
Two useful failsafes: APIPA (169.254.x.x) is your PC grumbling. "Okay, I can't get a DHCP address, I'll just talk to myself and other people on this link!" Loopback (127.0.0.1) is a network hugging-self. "Am I working?" It's the first thing I ping when things don't seem right. Important self-tests.
NAT is the bouncer on the door of your network's club. Your internal IPs are inside. When a machine is required to talk to the internet, NAT swaps its private IP for the public IP on the router's door (PAT overload does this for everybody using port numbers all at once). It's safety and conservation in one slick trick!