Thursday, November 5, 2015

Digging into IP Packets



For the next 6 to 12 months I'm going to take a departure from focusing solely on certifications. I want to gain a better understanding of the underlying protocols that encompass my career daily. This will mean deep diving into the TCP/IP protocol suite. Not only do I want to understand what a general IPv4/IPv6 looks like, I want to learn how to correlate trends based on the IP packets that traverse my network.

Alcantel-lucent Ocean Fiber Cable Run






This will help immensely in troubleshooting security and general network connectivity issues. Not only that, but it can be used to stop certain teams from automatically blaming particular incidents on the network. Through the use of packet capture tools that show exactly what's happening between two hosts. There can be no if, and, or buts about whose fault it is for a particular problem using concrete logs.

Not that a packet capture will be used for every incident but it's good to have "big guns" that you can pull out of your arsenal every now and again. With that said, pulling out a "big gun" is no use if you have no clue on how to operate the weapon. Hence why I've been culling over multiple WireShark and huge TCP/IP books to help get me started. Having a strong foundation is important for just about any goal in life. We all know fundamental learning can become boring and repetitive quickly because typically it's not the cool bleeding edge stuff but it's VERY important. Mastery comes from making tasks second nature which requires constant repetition.

Just like a race car driver has to learn how to drive a fast car slow first, the same can be said with networking. We must learn how to configure and design small elements of a particular portion of a network first before moving on to deploying networks that can properly scale along with become resilient.

My Packet Capture read list:


Practical Packet Analysis



Wireshark Network Analysis (Second Edition)



Routing TCP/IP, Volume 1 (2nd Edition)

4 comments:

  1. Shawn what book are you using to dive into TCP/IP? Could you list what you or your co-workers have been using since November 2015.

    Thanks,

    ReplyDelete
  2. Hello Tillman,

    I've read the following TCP/IP based books since I posted:

    "TCP/IP Illustrated, Volume 1: The Protocols (2nd Edition)"
    "Routing TCP/IP, Volume 1 (2nd Edition)"

    I also went over the following WireShark book to get a good primer on how to use this software:

    "Practical Packet Analysis: Using Wireshark to Solve Real-World Network Problems"

    I solved a lot of DHCP and DNS related issues from that book alone. I plan on diving into Laura Chappell's line of Wireshark books eventually. Currently I'm picking up Python, Juniper, and I need to renew my CCNP R/S at the moment though!

    ReplyDelete
  3. This is an awesome post.Really very informative and creative contents. These concept is a good way to enhance the knowledge.I like it and help me to development very well.Thank you for this brief explanation and very nice information.Well, got a good knowledge.
    Isoft Innovations Facebook

    ReplyDelete