Network/ System Administrator

 Virtualization
o HCI Infrastructure
 Hyper Converged Infrastructure (HCI) is a software-defined, unified
system that combines all the elements of a traditional data center:
storage, compute, networking and management.
o Hyper Visor and its types
 A hypervisor, also known as a virtual machine monitor or VMM, is software
that creates and runs virtual machines (VMs). A hypervisor allows one host
computer to support multiple guest VMs by virtually sharing its resources,
such as memory and processing.
 There are two main hypervisor types, referred to as “Type 1” (or “bare
metal”) and “Type 2” (or “hosted”). A type 1 hypervisor acts like a
lightweight operating system and runs directly on the host's hardware,
while a type 2 hypervisor runs as a software layer on an operating system,
like other computer programs.
o DRS (Dynamic Resource Scheduler)
 Distributed Resource scheduler (DRS) is a type of VMware vSphere cluster
that provides load balancing by migrating VMs from a heavily loaded ESXi
host to another host that has enough computing resources, all while the
VMs are still running. This approach is used to prevent overloading of ESXi
hosts.
o HA Cluster and working
 High availability clusters are groups of hosts (physical machines) that act
as a single system and provide continuous availability.
 High availability clusters are typically used for load balancing, backup, and
failover purposes. To successfully configure a high availability (HA) cluster,
all hosts in the cluster must have access to the same shared storage. In any
case of failure, a virtual machine (VM) on one host can failover to another
host, without any downtime.
o vSphere Standard and Distributed Switch
 vSphere Standard Switch is used to provide network connectivity for hosts,
virtual machines and to handle VMKernel Traffic. Standard switch works
with only with one ESXi host. vSphere standard switch bridge traffic
internally between virtual machines in VLAN.
 vSphere Distributed switch allows a single virtual switch to connect
multiple Esxi hosts. vSphere Distributed switch on a datacenter to handle
the networking configuration of multiple hosts at a time from a central
place. Distributed switches allow different hosts to use the switch as they
exist in same host. It Provides centralized management and monitoring of
 the network onfiguration of all the ESXi hosts that are associated with the
dvswitch.
o Live Migration
 VMware vSphere live migration allows you to move an entire running
virtual machine from one physical server to another, with no downtime.
The virtual machine retains its network identity and connections, ensuring
a seamless migration process.
o Template, Clone and Snapshot Difference
 Templates are pre-configured VMs used for multiple deployments say you
have to deploy W2K8 R2 Server 20 times in this case best would be to
create a master copy of W2K8 R2 with all basic setups and create a
template of it, thereafter use this template to deploy your 20 VMs. THe
configuration file of a template VM will be *.vmtx and not *.vmx that way
you can identify the VM in your datastore as template VM.
 Clone is exact copy of your existing VM but it gives you option to change
the name of your destination VM as well as the resouces.
 Snapshot is an instance in time of a VM to preserve its state, snapshots are
usually used for testing/development purposes as it allows you to revert
back to previous state of VM. Snapshots create additional vmdk files as
consumes disk space hence take snapshots with care and always delete
the snapshots after completing your testings.
 Network
o Hub/ Switch difference and working
 Hub is a networking devices which is used to transmit the signal to each
port (except one port) to respond from which the signal was received. Hub
is operated on Physical layer. In this packet filtering is not available. In hub,
there is only one collision domain. Hub is a broadcast type transmission.
 Switch is a network device which is used to enable the connection
establishment and connection termination on the basis of need. Switch is
operated on Data link layer. In this packet filtering is available. In switch,
different ports have own collision domain. It is a Unicast, multicast and
broadcast type transmission.
o Broadcast domain and collision domain
 A Collision Domain is a scenario in which when a device sends out a
message to the network, all other devices which are included in its collision
domain have to pay attention to it, no matter if it was destined for them
or not. This causes a problem because, in a situation where two devices
send out their messages simultaneously, a collision will occur leading them
to wait and re-transmit their respective messages, one at a time.
Remember, it happens only in the case of a half-duplex mode.
  A Broadcast Domain is a scenario in which when a device sends out a
broadcast message, all the devices present in its broadcast domain have to
pay attention to it. This creates a lot of congestion in the network,
commonly called LAN congestion, which affects the bandwidth of the users
present in that network.
o VPN and its types (Site to Site and Remote Access/ Dial up VPN)
 VPN (Virtual Private Network) is a technology that provides a secure
connection to a private network over Internet for users. By encrypting the
connections, VPN provides security in this type communication. Basically
this security is provided over a VPN Tunnel and provide a trusted
connection by avoiding any hacker attacks.
 A Site-to-Site VPN is also called as Router-to-Router VPN and is mostly used
in the corporates. Companies, with offices in different geographical
locations, use Site-to-site VPN to connect the network of one office
location to the network at another office location. When multiple offices
of the same company are connected using Site-to-Site VPN type, it is called
as Intranet based VPN.
 Remote access VPN allows a user to connect to a private network and
access its services and resources remotely. The connection between the
user and the private network happens through the Internet and the
connection is secure and private.
o Types of VPN Protocols
 There are different types of VPN Protocols. With these VPN Protocols,
different types of security can be provided.
 Internet Protocol Security (IPSec)
 Layer 2 Tunneling Protocol (L2TP)
 Point to Pint Tunneling Protocol (PPTP)
 SSTP (Secure Socket Tunneling Protocol)
 Internet Key Exchange version 2 (IKEv2)
 Secure Socket Layer (SSL) and Transport Layer Security (TLS)
 OpenVPN
 Secure Shell (SSH)
 MPLS VPN
 Hybrid VPN
o VLANS and its types
 Virtual LAN (VLAN) is created on Layer 2 switch to reduce the size of
broadcast domain. It is one of the technologies used to improve network
performance by the separation of large broadcast domains into smaller
ones.
  There are 5 main types of VLANs depending on the type of the network
they carry:
 Default VLAN
When the switch initially starts up, all switch ports become a
member of the default VLAN (generally all switches have default
VLAN named as VLAN 1), which makes them all part of the same
broadcast domain. Using default VLAN allows any network device
connected to any of the switch port to connect with other devices
on other switch ports. One unique feature of Default VLAN is that
it can’t be rename or delete.
 Data VLAN
Data VLAN is used to divide the whole network into 2 groups. One
group of users and other group of devices. This VLAN also known
as a user VLAN, the data VLAN is used only for user-generated data.
This VLAN carrying data only. It is not used for carrying
management traffic or voice.
 Voice VLAN
Voice VLAN is configured to carry voice traffic. Voice VLANs are
mostly given high transmission priority over other types of network
traffic. To ensure voice over IP (VoIP) quality (delay of less than 150
milliseconds (ms) across the network), we must have separate
voice VLAN as this will preserve bandwidth for other applications.
 Management VLAN
A management VLAN is configured to access the management
capabilities of a switch (traffic like system logging, monitoring).
VLAN 1 is the management VLAN by default (VLAN 1 would be a
bad choice for the management VLAN). Any of a switch VLAN could
be define as the management VLAN if admin as not configured a
unique VLAN to serve as the management VLAN. This VLAN ensures
that bandwidth for management will be available even when user
traffic is high.
 Native VLAN
This VLAN identifies traffic coming from each end of a trunk link. A
native VLAN is allocated only to an 802.1Q trunk port. The 802.1Q
trunk port places untagged traffic (traffic that does not come from
any VLAN) on the native VLAN. It is a best to configure the native
VLAN as an unused VLAN.
o Trunk/ Access Ports
 If you intend to use VLANs in your network, you will need to configure
some ports on a switch as access ports and other as trunk ports. Here is a
description each port type:
 Access port – a port that can be assigned to a single VLAN. This type of
interface is configured on switch ports that are connected to end devices
such as workstations, printers, or access points.
 Trunk port – a port that is connected to another switch. This type of
interface can carry traffic of multiple VLANs, thus enabling you to extend
VLANs across your entire network. Frames are tagged by assigning a VLAN
ID to each frame as they traverse between switches.

o Inter VLAN Routing

 Inter VLAN Routing is the process of forwarding network traffic from one
VLAN to another VLAN using a router. Inter VLAN routing allows you to
communicate between two or more completely different VLAN in the
same switch or other with the help of layer device Router.
o Gateway Redundancy/ 1st hope redundancy Protocols
 First Hop Redundancy Protocol (FHRP) is a hop redundancy protocol that
is designed to provide redundancy to the gateway router within the
organization’s network by the use of a virtual IP address and virtual MAC
address.
o FHRP Protocols types
 We have three ways to implement FHRP. These are by using the following
First Hop Redundancy Protocols:
 HSRP, or Hot Standby Router Protocol, is a Cisco-proprietary router
redundancy protocol that enables a cluster of routers to cooperate, and all
routers are willing to be a default router. All the routers within the cluster
will have the same virtual IP address and virtual mac address.
 VRRP, Virtual Router Redundancy Protocol, is a vendor-neutral
redundancy protocol that groups a cluster of physical routers (two or more
routers) to produce a new single virtual router. It enables redundancy by
assigning the same virtual gateway IP address and MAC address on all
physical routers within the VRRP group. Currently, VRRP is at version 2. It
almost has the same concept as HSRP. The only difference is that
preemption is enabled by default on VRRP, while on HSRP, it needs to be
configured manually.
 As compared to HSRP and VRRP, Gateway Load Balancing Protocol is a bit
different. With GLBP, routers within the group are allowed to do load
balancing. To put it simply, all the traffic that is transmitted to the default
gateway IP address will be load-balanced one at a time or in a round-robin
manner among the routers within the group. GLBP has the same state as
 HSRP, which is called active and standby. The mechanism of GLBP’s active
and standby state is the same as HSRP’s active and standby state.
o VTP Protocol
 VLAN Trunk Protocol (VTP) reduces administration in a switched network. When
you configure a new VLAN on one VTP server, the VLAN is distributed through all
switches in the domain. This reduces the need to configure the same VLAN
everywhere. VTP is a Cisco-proprietary protocol that is available on most of the
Cisco Catalyst series products.
o Modes of VTP (Server, Client and Transparent mode)
There are 3 modes:
 Server – The switches are set to this mode by default. This mode allows
you to create, add and delete VLANs. The changes you want to made
should be done in this mode
 Client – In this mode, the switches receives the updates and can also
forward the updates to other switches (which are in same VTP domain).
 Transparent – This mode only forwards the VTP summary advertisements
through trunk link. The transparent mode switches can make their own
local database which keep secret from other switches.
o VTP Revision Number
 The configuration revision number is a 32-bit number that indicates the
level of revision for a VTP packet. This configuration number is tracked by
every switch in order to find that the received information is more recent
than the current version.
o Policy Base Routing
 Policy-based routing (PBR) is a technique that forwards and routes data
packets based on policies or filters. Network administrators can selectively
apply policies based on specific parameters such as source and destination
IP address, source or destination port, traffic type, protocols, access list,
packet size, or other criteria and then route the packets on user-defined
routes.
o NAT
 Network Address Translation (NAT) is a process in which one or more local
IP address is translated into one or more Global IP address and vice versa
in order to provide Internet access to the local hosts.
o Network Address Translation (NAT) Types
There are 3 ways to configure NAT:
 Static NAT – In this, a single unregistered (Private) IP address is mapped
with a legally registered (Public) IP address i.e one-to-one mapping
between local and global addresses. This is generally used for Web hosting.
These are not used in organizations as there are many devices that will
 need Internet access and to provide Internet access, a public IP address is
needed.
 Dynamic NAT – In this type of NAT, an unregistered IP address is translated
into a registered (Public) IP address from a pool of public IP addresses. If
the IP address of the pool is not free, then the packet will be dropped as
only a fixed number of private IP addresses can be translated to public
addresses.
 Port Address Translation (PAT) – This is also known as NAT overload. In
this, many local (private) IP addresses can be translated to a single
registered IP address. Port numbers are used to distinguish the traffic i.e.,
which traffic belongs to which IP address. This is most frequently used as
it is cost-effective as thousands of users can be connected to the Internet
by using only one real global (public) IP address.
o Routing Protocols
 Routing is a process in which the layer 3 devices (either router or layer 3
switches) find the optimal path to deliver a packet from one network to
another.
There are mainly 3 different classes of routing protocols:
1. Distance Vector Routing Protocol:
These protocols select the best path on the basis of hop counts to reach a
destination network in a particular direction.
2. Link State Routing Protocol:
These protocols know more about Internetwork than any other distance
vector routing protocol. These are also known as SPF (Shortest Path First)
protocol.
3. Advanced Distance vector routing protocol:
It is also known as hybrid routing protocol which uses the concept of both
distance vector and link-state routing protocol.
o Router on a stick
 ROUTER-ON-A-STICK, also known as a “one-armed router” is a method
for running multiple VLANs over a single connection in order to provide
inter-VLAN routing without the need of a Layer 3 switch.
o Subnetting
 A subnet, or subnetwork, is a network inside a network. Subnets make
networks more efficient. Through subnetting, network traffic can travel a
shorter distance without passing through unnecessary routers to reach its
destination.
o ICMP
 The Internet Control Message Protocol (ICMP) is a network layer protocol
used by network devices to diagnose network communication issues.
ICMP is mainly used to determine whether or not data is reaching its
 intended destination in a timely manner. Commonly, the ICMP protocol is
used on network devices, such as routers.
o ARP
 its functionality is to translate IP address to physical addresses.
o IP Classes
 In the IPv4 IP address space, there are five classes: A, B, C, D and E. Each
class has a specific range of IP addresses (and ultimately dictates the
number of devices you can have on your network). Primarily, class A, B,
and C are used by the majority of devices on the Internet. Class D and
class E are for special uses.

 System/ Servers
o FSMO Roles
 Active Directory has five FSMO (generally pronounced “FIZZ-mo”) roles,
two of which are enterprise-level (i.e., one per forest) and three of which
are domain-level (i.e., one per domain). The enterprise-level FSMO roles
are called the Schema Master and the Domain Naming Master. The
domain-level FSMO roles are called the Primary Domain Controller
Emulator, the Relative Identifier Master, and the Infrastructure Master.
o Group Policy
 Group Policy provides a method of centralizing configuration settings and
management of operating systems, computer settings and user settings
in a Microsoft IT environment. Group Policy is a twofold idea: Local Group
Policy on individual workstations and Group Policy in Active Directory.
o Child Parent Domain
 Child Domain is a domain in a domain tree in Microsoft Windows Server
whose Domain Name System (DNS) name is a subdomain of a parent
domain. For example, if the name of the parent or company domain is
microsoft.com, some typical names of child domains might include
dev.microsoft.com, marketing.microsoft.com, and
support.microsoft.com.
 New child domains can be created using the Active Directory Installation
Wizard. A child domain must be created in an existing domain tree, since
creating a new tree automatically creates a new parent domain. A two-
way transitive trust exists between a parent domain and its child
domains.
o PDC, BDC, ADC
 A PDC is a Primary Domain Controller, and a BDC is a Backup Domain
Controller. You must install a PDC before any other domain servers. The
Primary Domain Controller maintains the master copy of the directory
 database and validates users. A Backup Domain Controller contains a
copy of the directory database and can validate users. If the PDC fails
then a BDC can be promoted to a PDC.
o TOMBSTON Object
 Keeping some form of a deleted object is necessary in multimaster
systems such as Active Directory (AD), which must replicate deletions
among domain controllers (DCs). When you delete an object in AD, that
object doesn't disappear completely. Instead, the object becomes a
deleted object, aka a tombstone.
o Trust Relationship (One way/ Two Way)
 Trust relationship is a secure communication channel between two
domains in Microsoft Windows Server Operating Systems.
 Trust relationships allow users in one domain to access resources in
another domain. Trusts work by having one domain trust the authority of
the other domain to authenticate its user accounts.
o How DHCP Works (DHCP IP Assignment Process) 4 Step Process
 Dynamic Host Configuration Protocol is a network management protocol
that is used to dynamically assign the IP address and other information to
each host on the network so that they can communicate efficiently. DHCP
automates and centrally manages the assignment of IP address easing
the work of network administrator. In addition to the IP address, the
DHCP also assigns the subnet masks, default gateway and domain name
server(DNS) address and other configuration to the host and by doing so,
it makes the task of network administrator easier.
 DHCP Discovery
 DHCP Offer
 DHCP Request
 DHCP Acknowledgment
o DNS (Name to IP / IP to Name Resolution)
 A DNS server is a computer with a database containing the public IP
addresses associated with the names of the websites an IP address brings
a user to. DNS acts like a phonebook for the internet. Whenever people
type domain names, like Fortinet.com or Yahoo.com, into the address bar
of web browsers, the DNS finds the right IP address. The site’s IP address
is what directs the device to go to the correct place to access the site’s
data.
o Domain Forest vs Tree
 A tree is a collection of one or more domains or domain trees in a
contiguous namespace that is linked in a transitive trust hierarchy. In
contrast, a forest is a collection of trees that share a common global
catalogue, directory schema, logical structure and directory
 configuration. Thus, this is the difference between Tree and Forest in
active directory.
o Forwarder/ Conditional Forwarder
 DNS forwarder sends name queries of external domains to a remote DNS
server outside of its local network for resolution. Internal name queries
are handled by the Internal DNS server.
 Conditional forwarders are DNS servers that only forward queries for
specific domain names. Instead of forwarding all queries it cannot resolve
locally to a forwarder, a conditional forwarder is configured to forward a
query to specific forwarders based on the domain name contained in the
query.
o Reverse lookup Zone/ Forward lookup Zone
 Forward lookup zone contains a mapping between host names and IP
addresses. When a computer requests an IP address by providing a host
name (that is more user friendly), the forward lookup zone is queried to
find the IP address for the given host name.
 Reverse lookup zone contains a mapping that relates IP addresses to host
names. When a computer requests for a domain name by providing an IP
address, the reverse lookup zone is queried to find the host name for the
IP address given.
o DNS Records
 DNS records (aka zone files) are instructions that live in authoritative DNS
servers and provide information about a domain including what IP
address is associated with that domain and how to handle requests for
that domain.
o Global Catalogue Server
 A global catalog is a distributed data storage that is stored in domain
controllers (also known as global catalog servers) and is used for faster
searching. It provides a searchable catalog of all objects in every domain
in a multi-domain Active Directory Domain Services (AD DS). A global
catalog provides a partial representation of the objects and is distributed
using multi-master replication.