Amazon AWS Certified Advanced Networking Specialty – Networking & AWS Primer
1. Understanding DHCP DORA Process
Hey everyone, and welcome back to the KP Labs course. So in today’s lecture, we’ll be speaking about DHCP. Now, DHCP is one of the terms which I am sure that many of you might have already heard. If not need not worry, we will be looking into what DHCP is all about. So, in a very simple terms, DHCP server is responsible for giving out and managing the IP addresses which clients have within a specific given network. So, if that is something which is bit complex, let’s understand it as a use case. So whenever a client joins a network, it does not really have any IP address by default. So what the client does, since client does not have any IP address, it will send a broadcast request to all the network asking for the IP address. So let’s start. Client joins the network, it does not have any IP address. So what it will do, it will send a broadcast to everyone within the network asking or requesting for the IP address. Now, within this network, there is a DHCP server which is also running. So once that DHCP server will receive this request from the client which is asking for the IP address, what the DHCP server will do? DHCP server will offer an IP address that the newly joined client can use.
Now, within a network, there can be multiple DHCP servers which might offer multiple IP address to the same client. So a client can receive two different set of IP addresses which it can use from two different DHCP servers. So in that case, what client does is the client will decide the IP address that it wants to have. So ideally, in Windows, the client will choose the first IP address that it receives from the DHCP server. So the client will decide the IP address that it wants to have, and then it will send the DHCP request so that all the DHCP servers know that what IP address it would like to have. So let’s assume that the client has received two IP addresses. Now the client has to decide which IP address it wants to use. Now, within those two IP address, let’s assume client has decided to use the first IP address. So now what client will do? Client will send a DHCP request to all the servers again. And within that DHCP request, client will say that I am going to use that first IP address that has been offered to me. Now, once the client sends this DHCP request, the DHCP server that has offered that IP address will quickly check whether that IP address is still available.
And if yes, then it will send a DHCP act back to the client, which means that a client can now use the IP address. So I know this might be a little confusing, so let’s go into the packet capture and look into how exactly it might really look like. So these are the four packets for the entire process. So now, within the first packet you see the source is that means the client does not have an IP address yet. So this is the client which has recently joined the network and it does not have any IP address. So what it will do, it will send this DHCP discover packet to the destination two 5525-525-5255. That means it is a broadcast address, which means it will get received to all the clients within the particular network. So what does this specific packet have? Let’s look into it. So if you dig down further, currently you see the client IP addresses, which means it does not really have any IP address. And what this specific client is looking for, it is looking for the IP address.
And along with that, it is looking for information like subnet mask, router, domain name servers, network time, protocol servers and so on. So this is the DHCP discover packet. Now, since this is a broadcast, it will be received to the entire network on port 67. So now there is a DHCP server which is already running on port 67. Once the DHCP server receives this packet, what it will do is it will look into its database to check what are the IP addresses which are available and it will pick one IP from the available IP list and it will send the DHCP offer. So this DHCP server is running on 192-1680 dot one, and it has sent a DHCP offer on the Mac address of the client. So this is the Mac address of the client and this is where the DHCP offer has been sent. Now, if you now look into the bootstrap protocol, what does the DHCP has to offer? So the DHCP has offered that the client can use 109 216-3010 IP address. So this is just an offer. Now, a client can accept that offer or the client can even reject that offer. So that is up to the client. Now, along with the offer, the DHCP server has also given various information like the subnet mask. You see, this is the subnet mask, the renewal time and various others.
So once the client receives this DHCP offer, it will either accept it or it will either deny it. So once the client has accepted, it will send a DHCP request. Now, within the DHCP request, it will basically tell the DHCP server that I received your offer, that you want me to have 190 to 168 00:10 and I’m happy with it. So can I use it? Something like that. So this is what the DHCP request packet. So if you go into the bootstrap in the requested IP address, you see 109 216-8010. So the server or the client is requesting whether I can use this particular IP address. Now, the server will say, okay, you can go ahead and use with the DHCP act.
Now, once the DHCP act is received, that means the entire process of the DHCP is completed and the client can now use the 190 to 168 00:10 as its official IP address. So this is also called as the Dora process because you see Discover, Offer Request as. So this is one of the quite important things that you must remember. So there is one interesting thing that I wanted to show you, because this might look quite boring. So I just wanted to give you a live example on how it might really look like. So what we’ll do, we’ll open up our favorite wireshark and we’ll look into how exactly the entire process might happen. So if I do IP config, currently I have the IP address which are assigned. So what I’ll do I do IP Config release. So this will release all the IP addresses. Now we can go ahead and start the wireshot and I’ll say IP config renew. So it will actually perform the entire Dora process so that we’ll actually come to know on how exactly it might really look like. So when we did an IP config release, what it did was it released the IP address which it had. So my Windows client released all the IP address and then when I entered Ipconfigrenew, it requested DHCP server to get a new IP address. So let’s go a bit up.
And now you see, here is the entire process of discover, offer, request and Acknowledge. So this is what it is all about. So now, if you will see over here the source is that means it does not really have any IP address yet. Now there is a DHCP offer. Then again, there is a DHCP request. Again, there is a no IP address which it has. Now, in the last package, the DHCP server has given the acknowledgement saying that this client can use a specific IP address. So let’s look into what is the IP address that the DHCP server had to offer. So I’ll open up the Bootstrap protocol and if you’ll see the IP address that the DHCP server offered to my Windows client is 192-1680 dot four. Now, if you go and let me click on CLS, if I do an IP config, ideally I should see an IP address. You see 109 216804. So this is what it is all about. Now, one important thing that I wanted to show you is that we already discussed that while requesting, the client asks for certain information like subnet mask, domain name servers, the NTP protocol. Now, depending upon the DHCP servers configuration, DHCP server might either give it or it might not reply those information. So let me show you. I have a DHCP server running in my router. Now, let’s go to the local network and the DHCP server seems to be enabled.
So if I quickly go to the setup and this is the DHCP server configuration. Now here, if you will see, I have certain configuration related to DNS servers, the domain name, the maximum lease time and various others. So if I put this information whenever a client requests, these information will be sent. So now the domain name is domain dot name. And if you’ll go to the windows, you will see the connection specific DNX profits is domain names.
2. DHCP Option Sets in AWS
Hey everyone and welcome back to the KP Labs course. So continuing our great journey with the DHCP lectures, today we’ll be looking into the DHCP option sets which is provided by the AWS. Now, in the earlier lecture we had discussed that a DHCP server can have certain configuration parameters which can can be a domain name servers, which can be a DNS servers which can also be NTP servers, and the net bias names. So it can dictate what are the DNS servers, the NTP servers which a client can use and client would generally use the configurations which were provided by the DHCP server. Now, similar to how we can actually dictate the DNS server over here, the domain name parameter. Similarly within the AWS also we can configure these parameters. So if you go into the VPC dashboard under the DHCP option sets, currently there is a default DHCP option set which is configured. Now, within the default DHCP option sets you will see the domain name is configured and the DNS server is configured. So two things are configured, one is the domain name and second is the DNS server.
However, there can be a lot of other things which can also be a part which can be NTP, which can be netbiased names also. So let’s do one thing, we’ll not include this specific and we’ll create a custom DHCP option set. So before we do that, let’s go ahead and click on create a DHCP option set. Now here if you will see it is asking for a specific configuration. One is the domain name. You have the domain name servers, you have the NTP server, you have the net BIOS name and the net bias node type. So let’s do one thing, let me open up my terminal and currently let’s find out the NTP server of sentos. So this would be the NTP server pool. So let’s open up any websites where we can get an NTP server pool. So let’s go a bit down. Perfect. So this is one of the NTP servers domain name. So what I’ll do, let’s quickly do a NS lookup and let’s find the IP address which is associated. So funny thing is that they are also using the Amazon network for the NTP server.
So there are certain IP addresses which have been resolved and we’ll be using these set of IP addresses within the DHCP set configuration. So the reason why we are putting the IP address is because the domain name directly is not possible right of it. So let’s name this as Kplabs DHCP domain name. Let me put Kplabs internal. We’ll discuss on what exactly this is all about the domain name servers. Okay, so let’s put it as eight eight the NTP server. I’ll put it as this IP 526-6585. You can have a comma and you can actually define multiple IP addresses over here. So let me take one more and I’ll paste it here netbias we are not using Windows right now.
So we will ignore this. Now let’s click on yes create. Perfect. So now that we have our DHCP option sets created before we apply it, so we have to attach this DHCP option set to the VPC. Before we do that, let me show you on what exactly the changes it might do. So let’s log into one of the servers. So currently the service that is part so this server is using the default DHCP option set where the domain name is EC two dot internal and the domain name server is Amazon provided DNS. So let’s quickly verify. So I’ll copy the latest IP address. I am using the public IP instead of EIP. Perfect. So I’m logged in here. Now let’s go to cat etc resolve dot connex and here you will see the search parameter is EC two dot internal and the name server is 172-3102. So this is the Amazon provided DNS server and this specific domain name has come from the DHCP domain name parameter. Perfect. Now let’s do one thing. Let’s go to the VPC that we have now in order to attach our new DHCP configuration set, I’ll go to edit DHCP option set and I’ll select the one that we had recently created which is kplabs DHCP. I’ll click on save. Perfect.
So now let me just stop the EC two instance and we will start the EC to one instance again. So once the EC two instance will start, it will again fetch the information from the latest DHCP option sets which in our case is the Kplabs, F and DHCP. So it will fetch these configurations and it will apply it to various configuration files. So let’s just wait for a minute. Perfect. So now the server is topped. I’ll start the server again. So during the initial start, as we discussed, it will fetch the latest configuration from the DHCP option sets that we have created and various files like resolve convey or even NTP conifer should be changed. So let’s wait for a minute for the server to boot up. Perfect. So our server is now running. So what I’ll do, the IP address has changed again.
So I’ll just copy of the IP address and let me paste it over here and let’s log in. Perfect. So now if we do a cat on etc. Resolve. Comf, you should see that the search has now changed from EC two internal to Kplabs internal. And the name server has also changed from 170 to 300 two to eight eight. So these are generated by the DH client script. So this DH client script actually calls the DHCP server which is running on the AWS side and it will fetch the latest configuration.
Now, along with that, since we had also configured the NTP pool, if you quickly open the NTP con F file, you see these are the two servers which were added by the DH client script. So these are the two servers which we had configured in the DHCP option sets and now they are part of the configuration files. So this is what the DHCP option sets are all about. Now, if you have understood the concepts, I’m sure you might also know that what will happen if we change the configuration in the router. So everywhere the overall way of achieving things will be saved. Just some GUI will be different. So this is it, about this lecture. I hope this has been informative for you and I look forward to see you in the next lecture.
3. Understanding Encapsulation in OSI model
Hey everyone, and welcome back to the Kplabs course. So in today’s lecture, we will be understanding about encapsulation. So having an overview about encapsulation in the field of networking is very important. So the easiest way that I have found to explain encapsulation is through the example of a letter. So let’s understand that with a simple, simple use case. So recently, in fact, this last week, I had to send a letter from my location, which is Bangalore to another city in India called as Mumbai. So I had to physically send so I could not scan it. So what are the steps involved if I wanted to courier a specific letter from a location A to location B? So the first step involves maybe write a message in a piece of paper which you want to send. So definitely this becomes one of the first steps. So let me just show you. So let’s assume that this is a page, okay? This is a page and you write something on this page and you fold it down. So this becomes your message. So you cannot directly send, you cannot directly give this paper to the courier person and ask him to send.
That will not work. So ideally, what happens, you write a message in a piece of paper which you want to send. You encapsulate it in an envelope. So I hope we know what an envelope is. So this is what the envelope is all about. So once you complete writing, you put this in this kind of envelope. And last, you write the source and the destination address on top of the envelope. So if you see in this example, if you see there is a destination address and maybe a little source address which is written on top of this envelope. And this is how you give it to the courier person. So the courier person will read this destination address and then your envelope will go to the right direction. So this is what you can call as encapsulation. So your piece of paper. So whatever piece of paper that you have, you are encapsulating it inside the envelope. And on top of the envelope, you are writing the destination address where the courier is supposed to be delivered. Now, in a very similar way, in networking, if you want to send the data from source A to the destination B, the process is very similar. So let’s understand this. So application A from the source one wants to send the data to the application B, which is the source two. So now there are a lot of questions which might arise here. So first is whether the data has to be sent via a reliable protocol like TCP or maybe you want UDP. Second question is maybe if TCP, then what is the port numbers for source and the destination application? And definitely the most important, what is the IP address of the destination server?
So if you look over here on the first stage you just have the data similar to what we had discussed, you just have this envelope which contains the data. Now this paper, the paper which contains the data does not really have anything related to the destination address and this is the reason why. Then you have various kind of headers which are attached which contains lot of information. So if it, if it is a TCB, then the header would contains the source port number and the destination port number and the IP header would contain the IP address of the source and the IP address of the client. And last but not the least, this is the frame header which contains the entire frame which also has the ethernet headers. So let’s look into how exactly this might really look like.
Now, if you’ll see on the top you just have this plain data and as the headers are added, each header contains a specific information. Once these headers are added, the size, the overall size of the frame or the packet increases. So let me show you this specific part before we go and jump into the header field. So what I have is I have two servers over here. Now in one of the servers I’ll open a netcat on port 900:29 so let me just show you I have two servers, one is the server one and second is the server two. Now, what I wanted to show you, I wanted to show you the size increase depending upon the data and the ultimate frame header. So let me just show you on what I mean. So I have the server two which is listening on port nine, zero, twenty nine and whatever data that is received, it will store it in the file call as output TXT perfect. So if I do a quick LS, I have a file which is smallfile TXT so if you do a quick LS hyphen l, this is the exact size of small file TXT which is close to ten MB. So if I quickly do a du hyphen sh, you see it is close to ten MB.
So now let’s do one thing, let’s capture the TCP dump on the IP address of the destination server. So what we will be doing is we will be sending this small file TXT from the source to the destination and along with that we will be capturing the entire packet. So let me just show you again we have this data, this data is smallfile THC now I want to send this data from a server to another server and in the transit I will capture the entire packets over here. So I wanted to show you the overhead in terms of size of each header which is added in the transit perfect. So let me start the TCP dump over here. You see the Got is equal to zero, that means no packets have been transferred. So let me just name it as EC two encapsulate and I’ll run this now from the source server. Let me quickly do an NC. So you have NC followed by the destination server. This is the IP address of the server 170 to 31 29 dot 88 followed by the port number. So here in the destination server the NC is listening on port nine zero twenty-nine and it is storing everything on output TXT perfect.
So now what we’ll do, we’ll send the entire small file TXT let me do one thing, let’s enter the thing manually. So I’ll just say smallfile TXT so let’s send this small file TXT and within the year the output has completed. So if you will see over here I have received a certain traffic going to this destination. Now let’s do a quick LS hyphen l and now you see there is a file called EC two hyphen encapsulate and there is a file called smallfile TXT. So now the size of small file TXT is 10 four and the size of EC two Hyphen encapsulate is 10 five. So there is certain size difference between the data and the captured packets. Now the question is why? Now the reason why there is a difference so when it comes to TCP Dom, we are capturing the entire header frames over here which includes the IP header which includes the TCP header. However, the size of data is ten and this is the additional overhead. So if you quickly do a TCP dump hyphen r on the EC to hyphen encapsulate let me just you see these are all the headers which are added along with the data and this is the reason why the size of the data and the captured network file is different perfect. So now one thing we understood is that during the transit each of this header has its own size and due to this the amount of data, the amount of actual network traffic will be much more higher than just the data packet perfect.
So this is one thing I wanted to show you the second thing I wanted to show you is how exactly this encapsulation looks like. So let me do one thing. I have actually captured the entire network traffic so this is the entire network traffic of a data traveling from a source to a destination. So the first you have thin synagogue and act and then you have the entire data which is getting transmitted. So if I open up any random packet, this is what we are actually looking into. So this is the TCP header which gets added. So now if you’ll see over here, this is the actual data. So this is a 2048 bytes of data. So this is the first data. Now, since the application is using TCP, the first header that gets added is the TCP header. So on top of the data you have the TCP header which gets added. Now, once you have the TCP header, then you have the IP header over here.
So if you will see over here you have the TCP header, you have the IP header on top of IP header, you have the Ethernet header, and then you have the entire frame. So even though the data size, if you see is 2048 bytes, the size of the frame is 2114 bytes. So the data is just 2048 bytes. But the entire frame, which contains the TCP header, the IP header as well as the Ethernet header is 2114 bytes. That means each of the header has its own size which is associated. And this is the reason why the overall frame size becomes much higher in encapsulation. So this is what encapsulation is all about. So last but not the least, I’ll just show you on how exactly it really looks like.
So application A wants to send ten bytes of data to Application B. So you have data of ten bytes, then maybe you have a TCP Header of maybe 20 bytes, you have the IP Header of 20 bytes, you have the Ethernet header of 14 bytes. So this is the minimum. So just for transmitting ten bytes of data, you have 2040, 54, 64 bytes of data in the frame which has to be sent. So this is what the Ethernet frame looks like. So you have the TCP header, you have the Mac header, and you have the CRC entire becomes an Ethernet frame. Don’t worry if this is something which has not been understood, we’ll be discussing in the relevant.
Interesting posts
The Growing Demand for IT Certifications in the Fintech Industry
The fintech industry is experiencing an unprecedented boom, driven by the relentless pace of technological innovation and the increasing integration of financial services with digital platforms. As the lines between finance and technology blur, the need for highly skilled professionals who can navigate both worlds is greater than ever. One of the most effective ways… Read More »
CompTIA Security+ vs. CEH: Entry-Level Cybersecurity Certifications Compared
In today’s digital world, cybersecurity is no longer just a technical concern; it’s a critical business priority. With cyber threats evolving rapidly, organizations of all sizes are seeking skilled professionals to protect their digital assets. For those looking to break into the cybersecurity field, earning a certification is a great way to validate your skills… Read More »
The Evolving Role of ITIL: What’s New in ITIL 4 Managing Professional Transition Exam?
If you’ve been in the IT service management (ITSM) world for a while, you’ve probably heard of ITIL – the framework that’s been guiding IT professionals in delivering high-quality services for decades. The Information Technology Infrastructure Library (ITIL) has evolved significantly over the years, and its latest iteration, ITIL 4, marks a substantial shift in… Read More »
SASE and Zero Trust: How New Security Architectures are Shaping Cisco’s CyberOps Certification
As cybersecurity threats become increasingly sophisticated and pervasive, traditional security models are proving inadequate for today’s complex digital environments. To address these challenges, modern security frameworks such as SASE (Secure Access Service Edge) and Zero Trust are revolutionizing how organizations protect their networks and data. Recognizing the shift towards these advanced security architectures, Cisco has… Read More »
CompTIA’s CASP+ (CAS-004) Gets Tougher: What’s New in Advanced Security Practitioner Certification?
The cybersecurity landscape is constantly evolving, and with it, the certifications that validate the expertise of security professionals must adapt to address new challenges and technologies. CompTIA’s CASP+ (CompTIA Advanced Security Practitioner) certification has long been a hallmark of advanced knowledge in cybersecurity, distinguishing those who are capable of designing, implementing, and managing enterprise-level security… Read More »
Azure DevOps Engineer Expert Certification: What’s Changed in the New AZ-400 Exam Blueprint?
The cloud landscape is evolving at a breakneck pace, and with it, the certifications that validate an IT professional’s skills. One such certification is the Microsoft Certified: DevOps Engineer Expert, which is validated through the AZ-400 exam. This exam has undergone significant changes to reflect the latest trends, tools, and methodologies in the DevOps world.… Read More »