Destination port Port number of the application requested on the destination host
Length Length of UDP header and UDP data
Checksum Checksum of both the UDP header and UDP data fields
Data Upper-layer data
UDP, like TCP, doesn't trust the lower layers and runs its own CRC. Remember that the Frame Check Sequence (FCS) is the field that houses the CRC, which is why you can see the FCS information.
The following shows a UDP segment caught on a network analyzer:
UDP – User Datagram Protocol
Source Port: 1085
Destination Port: 5136
Length: 41
Checksum: 0x7a3c
UDP Data Area:
..Z…00 01 5a 96 00 01 00 00 00 00 00 11 0000 00
…C..2._C._C 2e 03 00 43 02 1e 32 0a 00 0a 00 80 43 00 80
Frame Check Sequence: 0x00000000
Notice that low overhead! Try to find the sequence number, ack number, and window size in the UDP segment. You can't because they just aren't there!
Key Concepts of Host-to-Host Protocols
Since you've now seen both a connection-oriented (TCP) and connectionless (UDP) protocol in action, it's a good time to summarize the two here. Table 1.1 highlights some of the key concepts about these two protocols for you to memorize.
Table 1.1 Key features of TCP and UDP
Exam Essentials
Compare and contrast UDP and TCP. Describe the differences in purpose and capability of the two transport layer protocols, including overhead and services offered. Also describe when each is used.
Describe the impact of infrastructure components in an enterprise network
Various internetworking devices offer services that are critical to the network. In this section, I will review three important components and the role each plays in making the network function in a secure fashion.
Firewalls
Firewalls are hardware appliances or special software running on servers that control the flow of traffic between parts of the network. Routers can also be configured to perform this service.
These devices are network security systems that monitor and control the incoming and outgoing network traffic based on predetermined security rules, and they are usually intrusion protection systems (IPSs). The Cisco Adaptive Security Appliance (ASA) firewall typically establishes a barrier between a trusted, secure internal network and the Internet, which is not secure or trusted. Cisco's new acquisition of Sourcefire puts it at the top of the market with Next Generation Firewalls (NGFW) and Next Generation IPS (NGIPS), which Cisco now just calls Firepower. Cisco's new Firepower runs on dedicated appliances, Cisco ASAs, ISR routers, and even Meraki products.
Access Points
These devices allow wireless devices to connect to a wired network and extend a collision domain from a switch and are typically in their own broadcast domain, or what is referred to as a virtual LAN (VLAN). An AP can be a simple standalone device, but today they are usually managed by wireless controllers either in-house or through the Internet.
Wireless Controllers
These are the devices that network administrators or network operations centers use to manage access points in medium to large to extremely large quantities. The WLAN controller automatically handles the configuration of wireless access points and was typically used only in larger enterprise systems. However, with Cisco's acquisition of Meraki systems, you can easily manage a small to medium-sized wireless network via the cloud using its simple-to-configure web controller system.
Exam Essentials
Describe the features of infrastructure components in an enterprise network. These include but are not limited to access points, WLAN controllers, and firewalls. Specific firewall solutions include the Cisco Adaptive Security Appliance (ASA), Next Generation Firewalls (NGFW), and Next Generation IPS (NGIPS), which Cisco now just calls Firepower.
Describe the effects of cloud resources on enterprise network architecture
Cloud computing is by far one of the hottest topics in today's IT world. Basically, cloud computing can provide virtualized processing, storage, and computing resources to users remotely, making the resources transparently available regardless of the user connection. To put it simply, some people just refer to the cloud as “someone else's hard drive.” This is true, of course, but the cloud is much more than just storage.
The history of the consolidation and virtualization of our servers tells us that this has become the de facto way of implementing servers because of basic resource efficiency. Two physical servers will use twice the amount of electricity as one server, but through virtualization, one physical server can host two virtual machines, hence the main thrust toward virtualization. With it, network components can simply be shared more efficiently.
Users connecting to a cloud provider's network, whether it be for storage or applications, really don't care about the underlying infrastructure because as computing becomes a service rather than a product, it's then considered an on-demand resource, described in Figure 1.7.
Figure 1.7 Cloud computing is on-demand
Centralization/consolidation of resources, automation of services, virtualization, and standardization are just a few of the big benefits cloud services offer. Let's take a look in Figure 1.8.
Figure 1.8 Advantages of cloud computing
Traffic Path to Internal and External Cloud Services
Centralization/consolidation of resources, automation of services, virtualization, and standardization are just a few of the big benefits cloud services offer as shown in Figure 1.8.
Cloud computing has several advantages over the traditional use of computer resources. Following are advantages to the provider and to the cloud user.
Here are the advantages to a cloud service builder or provider:
■ Cost reduction, standardization, and automation
■ High utilization through virtualized, shared resources
■ Easier administration
■ Fall-in-place operations model
Here are the advantages to cloud users:
■ On-demand, self-service resource provisioning
■ Fast deployment cycles
■ Cost effective
■ Centralized appearance of resources
■ Highly available, horizontally scaled application architectures
■ No local backups
Virtual Services
Cloud providers can offer you different available resources based