The Available Bit Rate (ABR) service type is used primarily for traffic that is not time sensitive and don't need service level guarantees.
An access point is a device or interface that connects users to other users within the network. It can also serve as the point of interconnection between the WLAN and a fixed wire network.
The number of required access points depends on the number of network users and the area the network covers.
An Access Token is a secure string used in OAuth to provide a client with access to resources. The access token is issued to to clients that have a valid authorization grant.
An Access Control List (ACL) is an table containing permissions for a particular service or device, defining access to objects and allowed operations.
An Auto Configuration Servers (ACS) is a server used for automatic device and user provisioning and configuration through TR069.
Adaptive Differential Pulse-Code Modulation (ADPCM) is a differential pulse-code modulation variant where the size of quantization ranges is modified with a scaling factor before encoding. This means that the bandwidth requirements are reduced.
An ADvertisement SPECification (ADSPEC) is a part of an RSVP PATH message which contains information from network devices between a sender and receiver.
Typically the message allows advertise supprted services, availability and transmission information.
Assured Forwarding (AF) is a mechanism for assurance of delivery, given a defined rate.
In case of congestion, traffic that exceeds the rate have a higher probability of being dropped.
The four AF classes have the same priority. For each class, packets are given a drop probability.
| Drop probability | Class 1 | Class 2 | Class 3 | Class 4 |
|---|---|---|---|---|
| Low | AF11 | AF21 | AF31 | AF41 |
| Medium | AF12 | AF22 | AF32 | AF42 |
| High | AF13 | AF23 | AF33 | AF43 |
An Address Family Transition Router (AFTR) is a server implementing the Dual-Stack Lite to provide IPv4 to IPv4 communication over IPv6.
Authentication Headers is a protocol for integrity and origin authentication of IP packets.
In wifi networks, airtime is the time spent transmitting and receiving data.
Devices with a slower transmission rate need longer time to transmit a set data volume than devices with a higher transmission rate. This means that airtime is not a reliable measure of how much data has been transmitted.
An Aggregated MAC Protocol Data Unit - AMPDU - is an aggregation of MPDUs.
An Aggregated MAC Service Data Unit is an aggregation of MSDUs.
With Access Point Isolation, all Access Points in a network are prevented from communicating directly with each other.
Access Point steering allows the device to route traffic to the best available Access Point, as determined by network probing values.
Apdex (Application Performance Index) is an open standard that defines a standard method for reporting and comparing the performance of software applications in computing.
More information is available at http://www.apdex.org/
The term API stands for Application Programming Interface.
It is the way a computer program talks to another computer program. APIs has traditionally been the domain of software developers. A program uses a library someone else supplies. This is something that has been greatly extended with the arrival of the Internet. It is possible, and very common, that one computer program uses the services from another computer program and that they are connected through a network. This is often referred to as Service Oriented Architecture, SOA.
A specific case is obviously services available on Internet. The computer that offers the API is a server and the program that uses the service is a client. The supplier doesn't have to know anything about the client. All it needs to do is to reply on specific questions that the clients ask.
These services will be released independently of each other; they do not form a large monolithic lump. They are probably developed using different tools, different languages and by different teams. There are many differences but a common denominator is the way they communicate. They offer an API that others may or may not use through a network. A common property is also that they don't have a user interface.
A SOAP API is defined as a standardized communication protocol for XML-based message exchange. SOAP can use different protocols like HTTP or JMS. IN SOAP, all parameters the server needs to be able to respond to should be a in a W3C standardized XML format and part of the body in the request.
REST web services encode most parameters in the request URI, instead of an XML. Data is encoded in the URI or as request parameters, where encoding is not standardized by W3C.
Application Performance Management - APM - is monitoring and management of application performance.
Example products are AppDynamics, DynaTrace and New Relic.
An Access Point Name (APN) is the name of a gateway between a mobile network providing access to Internet.
Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol address (IP address) to a physical machine address that is recognized in the local network.
American Standard Code for Information Interchange - ASCII - is a character encoding standard representing a basic set of 128 characters as seven-bit integers:
0-9, a-z, A-Z, (space), basic punctuation, and some legacy control codes.
ATF feature addresses the issue where low-speed data transfers impact high-speed data transfers.
Airtime Fairness gives equal amounts of air time (instead of equal number of frames) to each client regardless of its theoretical data rate. This will ensure higher download speed to latest devices when slower devices are connected to the same AP. This is done to prevent slower devices from penalizing faster devices by monopolizing network traffic.
In effect this means that Airtime Fairness improves the speed for faster devices by making the slowest devices even slower. This may allow better Quality of Service for faster devices, and should be negligible for the slower devices in most cases.
Using band steering in combination of Airtime Fairness can further improve results.
ATM - Asyncronous Data Transfer Mode is a protocol for high-throughput data traffic and streaming.
The Authorization Grant is an OAuth credential representing the resource owner's authorization to access a resource. It consists of either user login credentials or a refresh token.
An Authorization Request is an OAuth request from a client to access a resource. It consists of an HTTP POST message identifying the client and providing credentials for authorization.
The Authorization Server is an OAuth term referring to the server handling authentication and authorization an providing the client with access tokens for access to resources.
The process of Authentication means identifying a user and making sure they are who they claim to be. Typically, it is followed by an authorization process.
Auto-negotiation is a method in Ethernet where two devices agree on the best performance transmission mode they both support.
The average is the the arithmetic mean - the sum of a set of values divided by the number values.
More information: https://en.wikipedia.org/wiki/Arithmetic_mean
Back-Off is a method for decreasing the frequency of retransmissions of request in order to avoid congestion and collision.
Band steering allows the device to determine if a connected client is dual-band capable. If so, the client can be forced to use the less congested 5GHz network.
This is done by blocking the client from connecting to the 2.4GHz network.
Base64 is a method to convert binary data into a string of ASCII characters for storage and transmission in environments designed to handle text rather than binary data. Each base64 character represents exactly 6 bits of data. The string length must be a multiple of 4 (which might require padding).
Basic Authentication is an authentication method using an username and password* to validate the client. Optionally, a domain may also be required.
It can be used together with WS-Security to validate traffic.
Beamforming is technique used for radio signals to improve quality and performance. It is done by creating multiple signals and finding the best paths, thereby “shaping” the antenna output to provide minimum interference.
The Bit Error Rate (BER) is the percentage of transmitted bits which contain errors.
The bit rate is a measure of traffic speed in a network. It indicates the number of bits per second transmitted.
Bitswap is a methoid for adjusting the number of bits allocated to channels. Congested channels are assigned fewer bits, and available channels are allocated more bits.
Bitwise OR is a binary calculation where you take the value of two bits and if both are 0, the result is 0. If either is 1, the result is 1.
For example, when calculating an IP broadcast address, the In other words, take the host's IP address, and set to '1' any bit positions which hold a '0' in the subnet mask.
Bidirectional-streams Over Synchronous HTTP (BOSH), also called HTTP Binding, is a technique designed for asynchronous XMPP communication between client and server using HTTP.
BOSH uses a multiple request/response pairs for communication, and has a Connection Manager entity which handles the HTTP requests between clients, and for server communication.
The basic service set (BSS) is the basic building block in a wireless LAN. It is a set of all stations that can communicate with each other. Every BSS has an identification (ID) called the BSSID, which is the MAC address of the access point servicing the BSS.
A Certificate Authority (CA) is an entity that issues digital certificates which guarantee that a public key is owned by the certificate subject, verifying their identity.
Certificates typically include the owner's public key, the expiration date of the certificate, the owner's name and other information about the public key owner.
Community Antenna TeleVision (CATV), or “cable TV”, is a system of delivering television programming radio frequency (RF) signals transmitted through coaxial cables or fiber-optic cables.
The Constant Bit Rate (CBR) service type is used for applications that transport traffic at a constant bit rate, where time synchronisation between source and destination is important, providing predictable response times and a static amount of bandwidth.
CCMP – CTR mode with CBC-MAC Protocol is based on the Advanced Encryption Standard (AES) cipher along with strong message authenticity and integrity checking.
Code division multiple access (CDMA) is a radio communication standard, where several transmitters can send information simultaneously over a single channel.
A Content Delivery Network - CDN - is a service providing delivery of content through a network of distributed data centers.
The goal of a CDN is to serve content to end-users with high availability and high performance.
DSL cells are ATM data encoded into small, fixed-sized packets (frames).
Challenge Handshake Authentication Protocol (CHAP) is a method used to authenticate PPP sessions.
CHAP uses a randomly generated string as a unique challege phrase for each authentication. This is combined with device host names and hash functions so that no static secret information is sent.
A checksum is a value used as an error control mechanism. It works by calculating a sum for the data using a predefined algorithm, and then comparing the result to some expected value, or the checksum itself. If the result is not as expected, this indicates that something has gone wrong in transmission.
Continuous Integration (CI) is a development practice that requires developers to integrate code into a shared repository several times a day. Each check-in is then verified by an automated build, allowing teams to detect problems early.
The main aim of CI is to prevent integration problems.
A WiFi security cipher is the method through which a connection is secured against intrusion.
For information about cipher strings, see https://www.openssl.org/docs/manmaster/apps/ciphers.html.
A Circuit ID is a unique identifier assigned to a network connection between two locations.
A Classful QDisc is a Quality Of Service function containing classes. The classes may contain other QDiscs, which in turn can be classful or classless.
Cell Loss Ratio (CLR) is the percentage of network cells that do not arrive at their destination.
A coder-decoder (codec) is a method for encoding or decoding digital data streams or signals. It uses various algorithms to encode data for transmission or storage, or decodes encoded data for use.
A compressing-expanding (companding) is a method for managing dynamic range in channels with limited dynamic range. It compresses the dynamic range of a signal transmission and expands it at the receiving end, according to the defined.
Network congestion is when the traffic volume in the network becomes so large it affects the trasnmission and delivery of data packets, thereby causing a reduced quality of service.
Connection Bytes is a filtering property that matches packets only after the specified number of bytes has been transfered through the connection.
Cross-Origin Resource Sharing - CORS - is a mechanism for allowing restricted resources (CSS stylesheets, images, and scripts) to be accessed across domains even when they originate inside scripts.
This mechanism gives web servers cross-domain access controls, which enable secure cross-domain data transfers.
Modern browsers use CORS in an API container - such as XMLHttpRequest or Fetch - to mitigate risks of cross-origin HTTP requests.
The term Customer-Premises Equipment (CPE) is used in TR069 and refers to devices in a network that is located in the premises of a subscriber.
The CPU value indicates how much of CPU processing power is being used.
The CPU percentage for a process indicates how much of CPU processing power is being used.
Cyclic Redundancy Check (CRC) is a method for discovering errors in data transmission by verifying the received data against an attached check value.
The Cron Log level determines how much information to display or write to file when creating system logs.
| Level |
|---|
| Everything |
| High Verbosity |
| Low Verbosity |
| Executions and Errors |
| Only Errors |
The Critical Rendering Path is the minimum set of events that must happen to display the initial view for a webpage.
The Content Receive Time is a measure of the time needed to receive the response content data.
Most database operations can be described using the acronym CRUD. You Create data, you Read data, you Update and finally you Delete data.
These operations describe the lifecycle of data in a database. RESTful web services (almost) map CRUD operations using the HTTP verbs GET, PUT, POST, PATCH and DELETE.i
The mapping between CRUD operations and HTTP verbs isn't perfect. Read and Delete are easy, these operations are mapped by GET and DELETE, but Create and Update is more problematic.
A common mapping is:
| CRUD operation | HTTP Verb |
|---|---|
| Create | PUT with a new URI |
| POST to a base URI returning a newly created URI | |
| Read | GET |
| Update | PUT with an existing URI |
| PATCH | |
| Delete | DELETE |
The exact behavior varies with the exact RESTful service.
The Class Selector (CS) is used by Differentiated Services as a precedence code point value that maps to a Differentiated Services Code Point. It is backwards compatible with IP precedence values.
A Client Side Monitor runs on the client side and measures a number of parameters and sends them to a collector to generate monitoring metrics.
Cascading Style Sheets - CSS - is a method for adding style (fonts, colors, spacing, layout) to documents, most commonly (X)HTML.
The definition of a CSS element consists of a selector tag and a definition block describing the formatting.
The selector (an element type, a unique ID or a class) identifies the HTML element that the formatting applies to.
The declaration block starts with {, ends with } and contains one or more declarations.
Each declaration consists of a CSS property name followed by a colon and the value for the property. Each declaration ends with a semicolon.
An element type selector:
p {
text-size: 14px;
}
An ID selector:
#name {
color: red;
}
A class selector:
.class {
text-align: center;
}
For more information, see W3Schools.com
The Custom Style Sheet Object Model - CSSOM - is tree structure consisting of nodes representing the CSS styling for an (X)HTML or XML document.
It is used to create the styling for a document, typically by a web browser.
Each node is an object that can be accessed separately and manipulated to change the visual representation.
The CSSOM is used together with the DOM to display web pages.
Custom Events are external events such as maintenance windows, power outages and other events that could help explain to the user why performance was affected.
A data package is a portion of data that transmitted between a source and destination in a network, normally of larger size.
Dynamic DNS (DDNS) is a method for automatically providing DNS servers with up to date information about configured hostnames and addresses.
A Distributed Denial of Service attack is a type of Distributed Denial of Service attack where multiple compromised systems are used to attack a single target system.
Decoding is the process or method of transforming encoded data into a clear text, typically a set of readable characters or the original format.
DECT - Digital Enhanced Cordless Telecommunications is a European standard for cordless telephone systems over radio.
In the United States a slightly different radio frequency range is used, and it is called DECT 6.0.
Network delay is a network characteristic indicating how long it takes for a piece of data to travel across the network.
Distinguished Encoding Rules - DER - is an encoding method for converting data to a a binary string.
The Device Flags field shows information about the physical device.
Dynamic Frequency Selection (DFS) means that the wireless radio automatically selects the least congested wifi channel to use.
A DHCP Lease is a DHCP reservation of a particular IP address provided to a client by a DHCP server. It is called lease because it expires after a certain amoutn of time (usually 24 hours).
Before the lease expires, the DHCP server should renew the lease or provide a new lease.
When sending DHCP requests, additional options can be requested by providing a space separated list of codes.
| Code | Description |
|---|---|
| 0 | Pad. |
| 1 | Subnet Mask. |
| 2 | Time Offset(deprecated). |
| 3 | Router. |
| 4 | Time Server. |
| 5 | Name Server. |
| 6 | Domain Name Server. |
| 7 | Log Server. |
| 8 | Quote Server. |
| 9 | LPR Server. |
| 10 | Impress Server. |
| 11 | Resource Location Server. |
| 12 | Host Name. |
| 13 | Boot File Size. |
| 14 | Merit Dump File. |
| 15 | Domain Name. |
| 16 | Swap Server. |
| 17 | Root Path. |
| 18 | Extensions Path. |
| 19 | IP Forwarding enable/disable. |
| 20 | Non-local Source Routing enable/disable. |
| 21 | Policy Filter. |
| 22 | Maximum Datagram Reassembly Size. |
| 23 | Default IP Time-to-live. |
| 24 | Path MTU Aging Timeout. |
| 25 | Path MTU Plateau Table. |
| 26 | Interface MTU. |
| 27 | All Subnets are Local. |
| 28 | Broadcast Address. |
| 29 | Perform Mask Discovery. |
| 30 | Mask supplier. |
| 31 | Perform router discovery. |
| 32 | Router solicitation address. |
| 33 | Static routing table. |
| 34 | Trailer encapsulation. |
| 35 | ARP cache timeout. |
| 36 | Ethernet encapsulation. |
| 37 | Default TCP TTL. |
| 38 | TCP keepalive interval. |
| 39 | TCP keepalive garbage. |
| 40 | Network Information Service Domain. |
| 41 | Network Information Servers. |
| 42 | NTP servers. |
| 43 | Vendor specific information. |
| 44 | NetBIOS over TCP/IP name server. |
| 45 | NetBIOS over TCP/IP Datagram Distribution Server. |
| 46 | NetBIOS over TCP/IP Node Type. |
| 47 | NetBIOS over TCP/IP Scope. |
| 48 | X Window System Font Server. |
| 49 | X Window System Display Manager. |
| 50 | Requested IP Address. |
| 51 | IP address lease time. |
| 52 | Option overload. |
| 53 | DHCP message type. |
| 54 | Server identifier. |
| 55 | Parameter request list. |
| 56 | Message. |
| 57 | Maximum DHCP message size. |
| 58 | Renew time value. |
| 59 | Rebinding time value. |
| 60 | Class-identifier. |
| 61 | Client-identifier. |
| 62 | NetWare/IP Domain Name. |
| 63 | NetWare/IP information. |
| 64 | Network Information Service+ Domain. |
| 65 | Network Information Service+ Servers. |
| 66 | TFTP server name. |
| 67 | Bootfile name. |
| 68 | Mobile IP Home Agent. |
| 69 | Simple Mail Transport Protocol Server. |
| 70 | Post Office Protocol Server. |
| 71 | Network News Transport Protocol Server. |
| 72 | Default World Wide Web Server. |
| 73 | Default Finger Server. |
| 74 | Default Internet Relay Chat Server. |
| 75 | StreetTalk Server. |
| 76 | StreetTalk Directory Assistance Server. |
| 77 | User Class Information. |
| 78 | SLP Directory Agent. |
| 79 | SLP Service Scope. |
| 80 | Rapid Commit. |
| 81 | FQDN, Fully Qualified Domain Name. |
| 82 | Relay Agent Information. |
| 83 | Internet Storage Name Service. |
| 84 | N/A |
| 85 | NDS servers. |
| 86 | NDS tree name. |
| 87 | NDS context. |
| 88 | BCMCS Controller Domain Name list. |
| 89 | BCMCS Controller IPv4 address list. |
| 90 | Authentication. |
| 91 | Client-last-transaction-time. |
| 92 | Associated-ip. |
| 93 | Client System Architecture Type. |
| 94 | Client Network Interface Identifier. |
| 95 | LDAP, Lightweight Directory Access Protocol. |
| 96 | N/A |
| 97 | Client Machine Identifier. |
| 98 | Open Group's User Authentication. |
| 99 | GEOCONF_CIVIC. |
| 100 | IEEE 1003.1 TZ String. |
| 101 | Reference to the TZ Database. |
| 102-111 | N/A |
| 112 | NetInfo Parent Server Address. |
| 113 | NetInfo Parent Server Tag. |
| 114 | URL. |
| 115 | N/A |
| 116 | Auto-Configure |
| 117 | Name Service Search. |
| 118 | Subnet Selection. |
| 119 | DNS domain search list. |
| 120 | SIP Servers DHCP Option. |
| 121 | Classless Static Route Option. |
| 122 | CCC, CableLabs Client Configuration. |
| 123 | GeoConf. |
| 124 | Vendor-Identifying Vendor Class. |
| 125 | Vendor-Identifying Vendor-Specific. |
| 126 - 127 | N/A |
| 128 | TFPT Server IP address. |
| 129 | Call Server IP address. |
| 130 | Discrimination string. |
| 131 | Remote statistics server IP address. |
| 132 | 802.1P VLAN ID. |
| 133 | 802.1Q L2 Priority. |
| 134 | Diffserv Code Point. |
| 135 | HTTP Proxy for phone-specific applications. |
| 136 | PANAAuthentication Agent. |
| 137 | LoSTServer. |
| 138 | CAPWAP Access Controller addresses. |
| 139 | OPTION-IPv4_Address-MoS. |
| 140 | OPTION-IPv4_FQDN-MoS. |
| 141 | SIP UA Configuration Service Domains. |
| 142 | OPTION-IPv4_Address-ANDSF. |
| 143 | OPTION-IPv6_Address-ANDSF. |
| 144 - 149 | N/A |
| 150 | TFTP server address. |
| 150 | Ether boot. GRUB configuration path name. |
| 151-174 | N/A |
| 175 | Ether boot. |
| 176 | IP Telephone. |
| 177 | Ether boot. Packet Cable and Cable Home. |
| 178- 207 | N/A |
| 208 | pxelinux.magic (string) = F1:00:74:7E (241.0.116.126). |
| 209 | pxelinux.configfile (text). |
| 210 | pxelinux.pathprefix (text). |
| 211 | pxelinux.reboottime (unsigned integer 32 bits). |
| 212 | OPTION_6RD. |
| 213 | OPTION_V4_ACCESS_DOMAIN. |
| 214-219 | N/A |
| 220 | Subnet Allocation. |
| 221 | Virtual Subnet Selection. |
| 222-223 | N/A |
| 224-254 | Private use. |
| 255 | End. |
A DHCP pool is a collection of IP addresses available for DHCP allocation.
The Pool Start number is the first available number in the pool.
The Pool Size is the count of available numbers, counting from the pool start.
Example: with Pool Start of 50 and a Pool Size of 100, the available pool addresses are 50 to 150.
A DHCP Relay is a server acting like a proxy for DHCP requests. It receives the request forwards them to another DHCP server, and relays the response back to the client.
A DHCP server is a server that provides IP addresses to clients on the a network.
See also: Domain Name System.
A dial plan defines what sequence of digits need to be dialled in the private branch exchange to get access to specific calling networks or enable other features.
Differentiated Services (DiffServ) is a method for classifying traffic and providing quality of service for IP networks.
DiffServ uses a differentiated services code point in the IP header for packet classification purposes.
Digital Living Network Alliance (DLNA) is designed to act as a bridge between media and device. It needs either a wired or a wireless network.
Discrete MultiTone Modulation is a modulation method where the available bandwidth is divided into a large number of channels. Data is allocated to maximize the throughput of every channel. Channels that can't carry data are not used, and the bandwidth reallocated.
DMT is the technology which divides the whole bandwidth on the telephone line into lots of sub-channels and then controlling these 'virtual modems' as one together in order to get higher speeds.
DMZ (demilitarized zone) is used to provide an extra layer of security. It's a network added between a protected network and an external network.
A Domain Name System Server runs networking software containing a database of network names mapping them to IP addresses, typically on the Internet.
A DNS Translation File consists of a list of DNS name pairs, consisting of a match and a replacement. When the file is used, the match is converted to the replacement, which is then passed to the resolver.
Special characters can be used in the match:
| Character | Usage |
|---|---|
? | Wildcard for a single character. |
* | Wildcard for multiple characters. |
# | Comment. |
Note: Wildcards can only be used in the match, not the replacement.
Example of DNS translation file contents:
# Translation File www.*tester.com www.pure-tester.com mail?.google.com mail.google.com
The Domain Name System (DNS) is a hierarchical decentralized naming system for computers, services, or any resource connected to the Internet or a private network.
DOM events are events that occur during DOM traversal and parsing.
| Event | Description |
|---|---|
loading | The browser has received the document and is now about to do something with it. |
interactive | The browser has finished parsing all of the HTML and DOM construction is complete. |
content loaded | Both DOM and CSSOM](/glossary/c/cssom) are ready, render tree can be built, and Javascript can be executed. |
complete | Processing is complete and all resources have been downloaded. |
The Document Object Model - DOM - is tree structure consisting of nodes representing the contents of an (X)HTML or XML document.
It is used to create the visual representation of the document, typically by a web browser.
Each node is an object that can be accessed separately and manipulated to change the visual representation.
Domain matching is used to verify if a certificate matches the domain, by comparing the certificate with the domain.
There are three modes for comparison:
A domain name is typically a name that identifies a resource on the internet with an IP address, according to the Domain Name System.
A Denial of Service attack is a cyber-attack where the attacker tried to make a service unavailable by overloading network resources or processor capabilities by flooding the service with traffic.
A Downlink interface is an interface to subscribers/clients.
Differential Pulse-Code Modulation (DPCM) is a signal encoding method that uses pulse code modulation as a baseline and then compares nearby values to encode a difference instead of a fixed value.
Dropping is when a packet is deliberately dropped due to congestion or other reasons, such as quality of service rules.
Dual-Stack Lite (DS-Lite) is a method for sharing of IPv4 addresses by combining IPv4-in-IPv6 and NAT.
A Differentiated Services Code Point (DSCP) is a 6-bit code point in the differentiated services field (DS field) inside the packet IP header.
It is used by Differentiated Services for classification purposes to provide quality of service functionality.
DSL – Digital Subscriber Line is a way of providing high bandwidth data communication through regular copper telephone lines.
The DTMF mode is a setting that governs how Dual Tone Multi Frequency signalling is to be performed.
Dual Tone - Multi Frequency (DTMF) is a signalling method for telephone systems, which uses a set of eight audio frequencies transmitted in pairs to represent 16 signals, represented by the ten digits, the letters A to D, and the symbols # and *.
The DHCP Unique IDentifier – DUID – is a unique identifier associated with each client and server in a DHCP environment. The DUID should be permanently stored and not changed.
The term duplex indicates how traffic is performed. It can be either:
The dwell time is the amount of time spent on each channel in the hopping sequence when hopping from channel to channel.
Ethernet Auto Power Down allows the hardware ports to be turned off automatically when not in use.
Elliptic Curve Cryptography - ECC is an encryption method for public key to create relatively small keys.
Extension mechanisms for DNS - EDNS - is a specification for expanding the size of several parameters of the Domain Name System DNS protocol.
EDNS adds information to DNS messages in the form of pseudo-resource-records included in the “additional data” section of a DNS message in both requests and responses.
EDNS is needed for DNS Security Extensions.
Energy-Efficient Ethernet (EEE) is a technology for allowing for less power consumption during periods of low data activity.
Encoding is a process or method of transforming data into a different format, typically a sequence of bytes or other character streams.
Encryption is the process of encoding a message or information in such a way that only authorized parties can access it.
And endpoint is a message destination .
It can be part of a target URL (including the port number).
For example, for the following URL:
http://maps.googleapis.com/maps/api/geocode/xml?address=Rio&sensor=false
the endpoint is
http://maps.googleapis.com
Encapsulating Security Payload (ESP) is a security protocol for network data in IPv4 and IPv6 networks.
Ethernet a family of computer networking technologies commonly used in LANs.
Communication over ethernet consists of data frames. Each frame contains source and destination addresses, and error-checking data.
Evolution-Data Optimized (EVDO) is a standard for broadband Internet through wireless data transmission.
The execution mode defines how URLs are accessed.
| Mode | Description |
|---|---|
parallel / p | URLs are called without waiting for each other. |
sequential / s | Each URL is accessed one at a time. |
Parallel mode, is the normal mode for a modern browser. The URL elements of each subsequent page will load at the same time. There is no waiting for a particular URL to be completed before moving on to the next.
In sequential mode only one URL will load at a time. Each call will wait for the previous ULR before moving on.
Failover means switching over to a different network when the selected network cannot be accessed.
FAT32 is an older file system compatible with a wide range of devices. It has an upper limit on disk size 2TB of and file size of 4GB.
Forward error correction entails encoding the signal with redundant information that can be matched to discover errors in the transmission.
The file system is a specification of how data is stored on a drive and what types of information can be associated with the files and directories.
The firewall action defines how traffic is handled by the firewall.
| Item | Description |
|---|---|
| ACCEPT | Allow the traffic. |
| REJECT | Refuse the traffic. |
| DROP | Ignore the traffic. |
| FORWARD | Pass the traffic along. |
A firewall group is a collection of IP addresses that have the same firewall rules.
Ethernet flow control is a mechanism for temporarily stopping the transmission of data on Ethernet family computer networks.
The goal is to regulate traffic in order to prevent packet dropping.
A flow specification defines data traffic contents and requirements, and is used by devices to decide how to handle packets on the network. It consists of two parts - a Traffic SPECification, which describe traffic parameters an a Request SPECification that defines requirements for the flow.
Form-based authorization uses a form to provide username and password (or other credentials) which is handled by dedicated processes in the backend.
The Fully Qualified Domain Name (FQDN) is the complete domain name for a specific computer, or host, on the Internet. The FQDN consists of two parts: the hostname and the domain name.
In networking, a frame is a unit of data, consisting of addressing and synchronization information around a payload with data to be transmitted.
Frames of smaller size are often encapsulated in larger frames.
The gateway metric is used for routing decisions, and is added to routing tables to enable routing decisions.
A gateway is a node in a network that provides interconnectivity between networks of different types.
For a basic Internet connection, the gateway provides Internet access to the local network.
A genmask is the netmask for the destination net. For example 255.255.255.255 for a host destination and 0.0.0.0 for the default route.
Generic Routing Encapsulation (GRE) is a multipurpose tunneling protocol using IP networks to encapsulate a number of different network layer protocols.
Global System for Mobile Communications (GSM) is a standard for protocols for digital cellular networks used by mobile phones.
The Generic Security Service Application Program Interface - GSSAPI - is an API for programs to access security services. It does not provide security in itself, but makes it possible to connect different implementations, typically as security software libraries.
The HTTP Archive format - HAR - is a JSON-formatted archive file format for logging of a web browser's interaction with a site. The common extension for these files is .har.
Typically data about timings is stored and can be used to generate a waterfall graph:
HAR files can be generated by most browsers.
HATEOAS, is an acronym for Hypermedia as the Engine of Application State. It means that clients only interact with applications through dynamic hypermedia provided by servers.
Clients only need a generic understanding of hypermedia to interact with services. Basically it is the server allowing another server to discover how to interact, rather than having it defined beforehand.
The HTTP Keep-Alive Efficiency value measures the efficiency of the HTTP protocol keep-alive option.
It indicates the percentage of reused network connections, measured over all users and URL calls.
A host ID is an IPv6 label assigned to a network device used to identify the device in the network for addressing purposes.
A hostname is an IPv4 label assigned to a network device used to identify the device in the network for addressing purposes.
A Hosts file is a text file containing mappings of hostnames to IP addresses, overriding DNS resolution, or used as backup when DNS isn't available.
The Header Receive Time indicates the time it takes to receive the remaining data of the HTTP response header, measured since the first byte of the response header was received.
High Speed Packet Access (HSPA) is an extension of 3G mobile networks utilizing WCDMA.
Evolved High Speed Packet Access (HSPA+) is a furhter improvement on HSPA allowing for higher speeds.
HT Capabilities are information about which data rates are supported by a device or network.
An HTTP body is as the name implies the body of an HTTP request or response message, containing the bulk of the content of the message.
The body may consist of:
* Request line contining the HTTP and target (GET /logo.gif HTTP/1.1
* Response status line, such as (HTTP/1.1 200 OK`)
* Additional HTTP Headers
* An empty line
* Optional data in different types (plain text, JSON, XML, form data, or multipart files and so on)
| Number | Code |
|---|---|
| 200 | OK |
| 201 | Created |
| 202 | Accepted |
| 203 | Non Authoritative Information |
| 204 | No Content |
| 205 | Reset Content |
| 206 | Partial Content |
| 207 | Multi-Status |
| Number | Code |
|---|---|
| 300 | Multiple Choices |
| 301 | Moved permanently |
| 302 | Moved Temporarily |
| 303 | See Other |
| 304 | Not Modified |
| 305 | Use Proxy |
| 307 | Temporary redirect |
| Number | Code |
|---|---|
| 400 | Bad Request |
| 401 | Unauthorized |
| 402 | Payment Required |
| 403 | Forbidden |
| 404 | Not Found |
| 405 | Method Not Allowed |
| 406 | Not Acceptable |
| 407 | Proxy Authorization Required |
| 408 | Request Timeout |
| 409 | Conflict |
| 410 | Gone |
| 411 | Length Required |
| 412 | Precondition Failed |
| 413 | Request Too Long |
| 414 | Request-URL Too Long |
| 415 | Unsupported Media Type |
| 416 | Requested Range Not Satisfiable |
| 417 | Expectation Failed |
| 419 | Insufficient Space On Resource |
| 420 | Method Failure |
| 422 | Unprocessable Entity |
| 423 | Locked |
| 424 | Failed Dependency |
| Number | Code |
|---|---|
| 500 | Internal Server Error |
| 501 | Not Implemented |
| 502 | Bad Gateway |
| 503 | Service Unavailable |
| 504 | Gateway Timeout |
| 505 | HTTP Version Not Supported |
| 507 | Insufficient Storage |
HTTP headers are fields that can be transmitted as part of HTTP request or response messages. They provide additional parameters or information for the transaction being performed.
An HTTP header consists of a field name for identification and a value containing the data.
More information is available at https://www.iana.org
| Option | Description |
|---|---|
| GET | Retrieves information from the service. |
| POST | Sends data to the service. |
| PUT | Replaces current representations with the content. |
| DELETE | Removes all current representations in the target URI. |
| HEAD | Retrieves status line and header section only from the service. |
| OPTIONS | Describes the communication options for the target. |
| TRACE | Performs a loopback test for the path to the target resource. |
| PATCH | Updates parts of the resource. |
Hypertext Transfer Protocol - HTTP - is a protocol network for distributed, collaborative, and hypermedia communication, mainly on the Internet (World Wide Web).
It is used to exchange or transfer Hypertext - structured text using links between nodes containing text.
Hypertext Transfer Protocol 2 - HTTP/2 - HTTP/2 is a revision of the HTTP network protocol.
HTTP/2 uses the same methods, status codes, header fields, and URIs, as HTTP, but handles data frames and transport between client and the server differently.
The protocol promises increased request efficiency through minifying resources and performance gains through request prioritization, header compression and multiplexing.
HTTP/2 also allows servers to predict future requests and push data to the client beforehand.
Hypertext Transfer Protocol Secure - HTTPS is a protocol for secure network communication, mainly on the Internet.
HTTPS consists of communication over Hypertext Transfer Protocol, using Transport Layer Security, or Secure Sockets Layer for encryption.
The Iopsys Communication Engine - ICE - client is an embedded client software that can be integrated into any device for connection to the cloud, enabling Internet of Things. It can be dynamically extended using plugins providing a non service interrupting installation of new applications.
Typical devices are Gateways, Smart Phones, Tablets and Web Cameras but it could be just about anything that should be part of “The Internet of Things”.
All ICE enabled devices connect to a cloud based XMPP infrastructure using an encrypted TCP tunnel.
The client allows for communication to the gateway using the XMPP cloud infrastructure from anywhere at any time through the encrypted TCP tunnel.
The communication works behind any NAT and also provides for file transfers and proxy tunnel communication.
The Internet Control Message Protocol (ICMP) is used to send error messages about services or device status.
An Identity Provider - IdP - is an server providing user authentication through the use of security tokens, for example SAML 2.0 or OAuth.
Typically, an identity provider is used by one or several Service Providers to enable users to access services.
Identity stores are used to store certificates that identify an instance.
On request, they certificates from these stores are transmitted to other parties which use them for identification.
An Internet Group Management Protocol (IGMP) Proxy is a setting to enable the device to handle IGMP host tasks such as sending membership and leave group membership reports to groups.
IGMP snooping is the process of listening to IGMP network traffic to determine which paths are associatied with which IP multicast streams, and allow management of the multicast traffic.
IGMP – Internet Group Management Protocol is a communications protocol used on IPv4 networks to establish multicast group memberships.
Infrastructure monitoring is monitoring of server and middleware performance metrics.
Examples of metrics is CPU utilization, Memory usage, Disk Usage etc.
Inotify (inode notify) is a subsystem to detect changes to the filesystem, and report those changes to applications.
The Interface Protocol Type defines the interface basic type and direction.
An uplink interface type is an interface to services.
A Downlink interface is an interface to subscribers/clients.
The interface protocol type Unmanaged means that the connection has no defined protocol.
The Interface Protocol setting defines the protocol/behavior for an interface.
| Protocol | Description |
|---|---|
| Unmanaged | No defined protocol. |
| Static Address | Static IP address. |
| DHCP v4 | Retrieve IPv4 address through DHCP |
| DHCP v6 | Retrieve IPv6 address through DHCP |
| PPP | PPP interface. |
| PPP over Ethernet | PPPoE interface. |
| PPP over ATM | PPPOA interface. |
| 3G | PPP over GPRS/EVDO/CDMA/UMTS |
| 4G | 4G interface over LTE / HSPA+. |
| Point-to-Point Tunnel | PTPT interface. |
| IPv6 Tunnel in IPv4 | 6in4 interface. |
| IPv6 Tunnel in IPv6 | 6to4 interface. |
| IPv6 rapid deployment | 6rd interface. |
| Dual Stack Lite | DS-lite interface. |
| PPP over L2TP | PPP over L2TP. |
The Interface Type defines the base settings for the interface.
| Type | Description |
|---|---|
| Standalone | Not requiring hardware. |
| Any WAN | Any WAN interface. |
| Bridge | Network bridge. |
Integrated Services (DiffServ) is a method for classifying traffic and providing quality of service for IP networks.
Compared to DiffServ, it allows for more detailed traffic flow management.
The basic principle for IntServ is that each application requiring service guarantees makes reservations from all implementing routers in the network.
IntServ uses RSVP messages within the network to reserve capacity. The reservations are described in a FlowSpec.
Input/output - IO - is any process involving communication and transfer of data between a information processing system and other systems, peripherals, or other information processing systems.
Iopsys stands for Inteno Open Platform System. It combines the efficiency and power of the SOC (System on Chip) with the OpenWrt open source distribution. It further enables the operator to leverage on the modularity of OpenWrt to integrate new applications to the CPE.
The Internet of Things - IoT - is a term for the networking of physical with each other, through a number of protocols, domains, and applications, allowing devices to be controlled remotely across the network.
The IO Wait Time value represents the the time a CPU spends waiting for I/O operations to complete. Examples of things that influence this value are available physical memory, disk usage, fragmentation, file system efficiency and buffer sizes.
An Internet Protocol address (IP address) is a numerical identifier for a device address.
Internet Protocol Version 4 - IPv4 - is the first major version of the Internet Protocol.
A IP datagram is a unit of data transmitted using the IP protocol, following a specific format which describes various aspects of the datagram, its source and its destination.
The IPv4 datagram consists of the following headers and fields:
| Bits | Name | Description |
|---|---|---|
| 4 | VERS | IP version number 0100 (4) or 0110 (6). |
| 4 | HLEN | Header length in 32-bit words, so if the number is 6, then 6 x 32 bit words are in the header i.e. 24 bytes. The maximum size is 15 x 32-bit words which is 60 bytes. The minimum size is 20 bytes or 5 x 32-bit words. |
| 8 | Type of Service | The TOS field. |
| 16 | Total Length | is the number of octets that the IP datagram takes up including the header. The maximum size that an IP datagram can be is 65,535 octets. |
| 16 | Identification | The Identification is a unique number assigned to a datagram fragment to help in the reassembly of fragmented datagrams. |
| 3 | Flags | Bit 0 is always 0 and is reserved. Bit 1 indicates whether a datagram can be fragmented (0) or not (1). Bit 2 indicates to the receiving unit whether the fragment is the last one in the datagram (1) or if there are still more fragments to come (0). |
| 13 | Frag Offset | in units of 8 octets (64 bits) this specifies a value for each data fragment in the reassembly process. Different sized Maximum Transmission Units (MTUs) can be used throughout the Internet. |
| 8 | TTL | the time that the datagram is allowed to exist on the network. A router that processes the packet decrements this by one. Once the value reaches 0, the packet is discarded. |
| 8 | Protocol | Layer 4 protocol sending the datagram, UDP uses the number 17, TCP uses 6, ICMP uses 1, IGRP uses 88 and OSPF uses 89. |
| 16 | Header Checksum | Header checksum error control. |
| ?? | IP Options | Optional field for testing, debugging and security. |
| ?? | Data | Packet contents, actual data. |
| ?? | Padding | Optionally, padding is added to make the datagram into multiples of 32 bits. |
The IP Explicit Congestion Notification (ECN) field is part of the IP TOS IP header field.
It is used to signal that the network is, or is about to, experience congestion.
A device can use the ECN field to mark a packet instead of dropping it. The receiver of the packet repeats the ECN back to the sender, which can reduce the transmission rate.
ECN uses the two last bits of the TOS field encode four different codepoints:
| Binary | Value | Description |
|---|---|---|
| 00 | Non-ECT | Non ECN-Capable Transport. |
| 10 | ECT(0) | ECN Capable Transport. |
| 01 | ECT(1) | ECN Capable Transport. |
| 11 | CE | Congestion Encountered. |
IP in IP is an method to provide data tunneling by encapsulating one IP packet in another IP packet, using header information.
IP precedence is a method to assign priority to data packets by using part of the Type of Service field in the IP datagram header.
With IP precedence, the first three bits of the TOS field is used to provide one of eight possible precedence values.
| Binary | Value | Priority |
|---|---|---|
| 000 | (0) | Routine |
| 001 | (1) | Priority |
| 010 | (2) | Immediate |
| 011 | (3) | Flash |
| 100 | (4) | Flash Override |
| 101 | (5) | Critical |
| 110 | (6) | Internetwork Control |
| 111 | (7) | Network Control |
The IP Quality of Service Algorithm determines which type of QoS to provide.
Strict Priority Precedence means that where the the packets with the highest priority always are sent first.
Weighted Fair Queuing means that bandwidth is adjusted automatically according to traffic priority and weight value.
The IP Type of Service (TOS) field (also known as DiffServ or DSCP field) is a part of an IP datagram header, originally meant to describe the purpose of a datagram.
It is used by Differentiated Services for the DiffServ Code Point, and the optional Explicit Congestion Notification.
The Internet Protocol - IP - is the primary communication protocol used on the Internet, typically used together with TCP.
Internet Protocol Version 4 - IPv4 - is the first major version of the Internet Protocol.
Iproute2 is a collection of Linux utilities for handling routing, network interfaces, tunnels, traffic control, network-related device drivers, and other aspects.
Internet Protocol Security - IPsec - is a suite of protocols for authentication and encryption of network traffic through Security Associations, Authentication Headers, Encapsulating Security Payloads, and ISAKMP.
Iptables is a firewall application that uses configured tables to determine firewall rules and routes.
Internet Protocol Television (IPTV) delivers television services over IP networks as a streaming service.
International Portable User Identity (IPUI), is a unique identifier for each DECT Handset, allowing it to be assigned a SIP identity. The identifier is a 10-digit (40-bit) hexadecimal code
An IPv4 address is an IP address represented as four groups separated by a period. Each group consists of decimal numbers between 0 and 255.
An example of an IPv4 address is 192.168.22.12.
A Broadcast Address is an special values in the host-identification part of an IP address.
It is used to sending data multiple recipients at the same time, for example to allow one device to comunicate with all other devices on the network at once.
The device sends its messages to the broadcast address, and the network hardware propagates it to every other device in the group (the broadcast domain).
The broadcast address for an IPv4 host is calculated through bitwise OR using the subnet mask and the host IP address.
Example: For broadcasting a packet to an entire IPv4 subnet using the private IP address space 172.16.0.0/12, which has the subnet mask 255.240.0.0, the broadcast address is 172.16.0.0 | 0.15.255.255 = 172.31.255.255.
The IP broadcast address 255.255.255.255 is limited to use for the local (zero / 0.0.0.0) network. Traffic to this address is not forwarded to other networks.
Internet Protocol Version 4 - IPv4 - is the first major version of the Internet Protocol.
An IPv6 address is an IP address address represented as eight groups separated by colons (:). Each group contains four hexadecimal digits.
An example of an IPv6 address is 2011:09bd:583a:0000:8a2e:0000:0370:7334.
Internet Security Association and Key Management Protocol - ISAKMP - is a protocol for establishing Security Associations and cryptographic keys Internet.
It provides a framework for authentication and exchange of security keys that is not dependent on a particular implementation.
An Iterative Resolver is part of a DNS server. It navigates the DNS tree to find any available DNS data in order to determine which domain name resolves into what particular IP address.
The resolve process is done through iteration. The resolver starts from the top - the root domain, and works its way through the DNS tree until it receives an answer.
All data received during a query is placed in the resolver cache. The data remains cached according to Time-To-Live.
Inteno Universal Provisioning (IUP) is a technology for automatic delivery of service configuration and device settings.
A jitter buffer is storage for voice packets so they can be sent out in evenly spaced intervals used to reduce jitter, providing better transmission reliability.
There are two jitter buffer implementation types which are used by the SIP channel reciever.
| Implementation | Description |
|---|---|
| Fixed | Use a fixed buffer size. |
| Adaptive | Use a variable buffer size. |
Jitter is variations in packet arrival time, which may be caused by network congestion, timing delays, or changed routes.
JavaScript Object Notation - JSON - is a language independent data-interchange format. It aims to be easy for humans to read and write while maintaining a strict structure to enable simple machine parsing and creation.
More information is available at http://www.json.org/
JSON consists of objects, consisting of a key and a value.
Keys must be strings, written with double quotes: ``
Values must be one of the following:
{
"Coonfig": {
"Version": "V5.5-F",
"configurationEnabled": "false",
"pmaPort": "26401",
"pmaNetworkProtocol": "2",
"pmaRequestTimeoutSeconds": "60",
"useHttpProxy": "false",
"httpProxyPort": "0"
}
}
JUCI (Java User Control Interface) provides a command line and graphical user interface for administration of devices.
Kerberos is a protocol for network authentication using tokens to allow devices to communicate over non-secure networks.
For information about how to create a keystore, see the documentation for the java keytool command in the Java documentation
A Key Performance Indicator (KPI) is a measurable value that demonstrates how effectively a company is achieving key business objectives.
Layer 2 Tunneling Protocol (L2TP) is a protocol used to support VPNs, where security is provided in the transmitted packages rather than in the tunneling.
LAN – Local Area Network is a number of connected units within a limited area, typically a building.
The DSL Latency Path comes in three modes: Path 1 (Fast), Path 2 (Interleaved) and Both 1 & 2. Fast is used for applications sensitive to delay. Interleaved suits applications sensitive to errors.
Latency is the time it takes for a packet of data to get from source to destination, normally measured by performing a round-trip test: sending a packet that is returned to the sender.
The Link Control Protocol (LCP) is part of the Point-to-Point Protocol and is used to set up the PPP connection.
Client lease time or lease time is the length of time a local device retains an IP address.
The link speed for a connection is the maximum transmission rate the device can provide. The actual speed may be lower.
The logical link control (LLC) layer provides multiplexing to enable different network protocols to coexist and be transported over the same network medium.
Load balancing distributes traffic over multiple networks to provide an even load on each WAN interface.
Load distribution means that the generation of load is distributed over several data centers.
A load test generates transactions to the targeted application with the intention to verify how the application reacts to a specific load.
The Logging level determines how much information to display or write to file when creating system logs.
Error messages come with a identifying level tag which makes it possible to filter out messages according to severity.
| Level |
|---|
| Emergency |
| Alert |
| Critical |
| Error |
| Warning |
| Notice |
| Info |
| Debug |
Loop Attenuation is a measure of the quality of the line - how much the signal weakens over the loop.
Attenuation is measured in Decibel (dB). A value betwen 20dB-45dB can be considered normal.
Link Service Access Point (LSAP) fields are used to identify which protocol handler should process an incoming frame.
LSAP fields allow the receiving node to pass each received frame to an appropriate device driver which understands given protocol.
A Media Access Control (MAC) address is a unique identifier for physical network interfaces.
Firewall masquerading entails modifying addressing to allow devices to communicate with the WAN without being visible externally. To the external network, all traffic will look as originating from the gateway.
Maximum Burst Size (MBS) is the maximum size of cells that can be transmitted in direct sequence on a particular connection.
The Minimum Cell Rate (MCR) defines the lowest rate at which cells can be transported in an ATM connection.
The median is the value which is in the middle between the higher and lower half of a set of values. The number of values above and below a median is the same.
More information: https://en.wikipedia.org/wiki/Median
A management information base (MIB) is used in SNMP to describe the management data structure, in the form of a hierarchical namespace containing object identifiers (OID). Each OID identifies a variable that can be read or set via SNMP.
A MIME type / (properly) media type / (aka) content type is a standardized two-part identifier for file formats and format contents transmitted on the Internet.
A media type consists of top-level type name and sub-type name, possibly ordered into trees, and optional parameters.
top-level type name / subtype name [ ; parameters ]
top-level type name / [ tree. ] subtype name [ +suffix ] [ ; parameters ]
The top-level type names are:
application, audio, example, font, image, message, model, multipart, text, video.
The sub-type name consists of a media type name or other identifying content.
application/javascript application/json application/x-www-form-urlencoded application/xml application/zip application/pdf audio/mpeg audio/vorbis multipart/form-data text/css text/html text/plain image/png image/jpeg image/gif
The Man-In-The-Middle - MITM - is a method where a service is placed between client and server to allow recording of the traffic between them.
MITM can also be used as a a computer security attack where the attacker secretly relays traffic between sender and receiver in order to circumvent mutual authentication.
This allows the attacker to access, manipulate and modify the traffic without sender and receiver noticing.
Multicast Listener Discovery - MLD - is a protocol enables IPv6 routers to discover nodes able to receive multicast traffic.
The protocol discovers multicast addresses by regularly querying devices on the netwoek, which reply with membership reports containing information about multicast addresses and their states.
It also collects multicast requests from unlisted devices and adds or removes them as required.
A MAC Protocol Data Unit - MPDU - is a message transmitted to and from Media Access Control devices.
A MAC Service Data Unit - MSDU - is a unit of data transmitted to and from Media Access Control devices, containing the packet and additional link layer information.
Maximum Segment Size Clamping entails changing the maximum segment size of all TCP connections with a MTU lower than 1500.
Maximum Segment Size (MSS) is a TCP parameter specifying the largest byte size a a single TCP segment can contain for a device.
A Mail Transfer Agent - MTA - delivers mail to and from a domain.
MTOM - Message Transmission Optimization Mechanism is a method of efficiently sending binary data to and from Web services.
For more information see MTOM at the W3C site
Maximum Transmission Unit (MTU) is the largest physical packet size that a network can transmit. Any packets larger than the MTU are divided into smaller packets before being sent. MTU is measured in bytes.
Multicast is group communication where information is addressed to a group of destination computers simultaneously.
IP multicast is a method of sending Internet Protocol data messages to a group of interested receivers in a single transmission. It is often employed for streaming media applications on the Internet and private networks. The method is the IP-specific version of the general concept of multicast networking.
It uses specially reserved multicast address blocks in IPv4 and IPv6.
In IPv6, IP multicast addressing replaces broadcast addressing as implemented in IPv4.
MultiWAN is a term for when a device is set up to use multiple WAN connections from an provided by one or several ISP:s.
Usually the goal is to improve reliability and bandwidth capability.
The SOAP Must Understand (mustUnderstand) attribute is used in SOAP headers to indicate if the entry is mandatory for processing.
A mandatory header must be processed by the receiver. If the header is not recognized, the request will fail with a SOAP fault.
A Mail eXchanger - MX - record defines the destination for mail to the domain. This resource record is used by Mail Transfer Agent senders to route their traffic.
NAT loopback is a method using NAT to provide access to services via the public IP address from inside the local network.
The NAT Port Mapping Protocol (NAT-PMP) is a network protocol to automatically detect and determine the NAT gateways to configure NAT settings and port forwarding.
Network Address Translation (NAT) is a method to to device translate local network addresses into external addresses for the Internet.
A NDP Relay is a server acting like a proxy for NDP requests. It receives the request forwards them to another NDP server, and relays the response back to the client.
The RFC 4861 defines a number of statuses:
| Status | Description | Comment |
|---|---|---|
INCOMPLETE | Address resolution is in progress and the link-layer address of the device has not yet been determined. | |
REACHABLE | Device is known to have been reachable recently (within tens of seconds ago). | |
STALE | Device is no longer known to be reachable but until traffic is sent to the neighbor, no attempt should be made to verify its reachability. | |
DELAY | Device is no longer known to be reachable, and traffic has recently been sent to the neighbor. Probes should be delayed in order to give upper-layer protocols a chance to provide reachability confirmation. | |
PROBE | Device is no longer known to be reachable, and unicast Neighbor Solicitation probes are being sent to verify reachability. |
The Neighbor Discovery Protocol - NDP - is an IPv6 protocol used for discovery and redirect similar to ARP and ICMP for IPv4.
It is used to handle address configuration, node discovery, address determination, duplicate addresses detection, location of available routers and DNS servers, address prefix discovery, and maintainance of reachability information.
NDP defines five ICMPv6 packet types for communication:
Neighbor advertisements are NDP discovery messages announcing the IP addresses of the node, and are sent in response to a Neighbor Solicitation message.
In NDP, Neighbor Advertisement packets have the type 136.
A netmask is a mask used to divide an IP address into subnets and specify the number of available host addresses in the subnet.
The netmask consists of a 32-bit sequence on the format 255.255.225.255.
There are three commonly used network classes:
| Class | Netmask length | # of networks | Number of hosts | Netmask |
|---|---|---|---|---|
| Class A | 8 | 126 | 16777214 | 255.0.0.0 |
| Class B | 16 | 16382 | 65534 | 255.255.0.0 |
| Class C | 24 | 2097150 | 254 | 255.255.255.0 |
The last 0 and 255 in a sequence are always assigned and cannot be used as host addresses.
For example, in 255.255.225.0, 0 is the assigned network address.
In 255.255.255.255, 255 is the assigned IPv4 broadcast address.
A network bridge combines two network segments into an aggregated network, making them behave as if they are one continuos segment.
A network interface is the access point between a device and a computer network. A network interface can be either a physical connection or a software access address.
A network profile is a global setting for your device that defines how it will work in the network.
For example, selecting a particular profile may configure your device as a wireless repeater or as a fully routed NAT gateway.
Depending on the selected profile, available features and settings will be different.
Some sample profiles:
Network Throughput is the amount of network traffic generated, typically measured in megabits per second. This is a floating average value calculated over a set unit of time.
Next hop refers to the next closest device a packet can go through, according to the routing table.
A Network Interface Controller – NIC, is an hardware component that connects a device to a network.
The WiFi Noise level is the amount of interference in your wireless signal, such as crosstalk, radio frequency interference, distortion, and so on.
It is measured in decibels from zero to -120, where a lower value is better.
Typical environments range between -100db and -80db.
The non-functional requirements defines the requirements on how a IT system should perform in a production like environment.
A typical performance requirement is response time per page or transaction at a specific load.
The Name Server record - NS - defines the delegation point. It states which name servers should be used by resolvers to obtain information about the domain.
NTFS is a Windows-centric file system. The theoretical storage limit for NTFS is 16 Exabytes for 64-bit operating systems.
Windows NT LAN Manager - NTLM - is a collection of security protocols that provides authentication, integrity, and confidentiality to users of Microsoft Windows-based environments.
NTLM authorization requires a user name in the \DOMAIN\USERNAME or \USERNAME format, password and, if necessary, domain.
The NTP Server mode allows the device to act as a local NTP server even when losing connection to the providing NTP server.
NTP is a networking protocol for clock synchronization between devices in networks.
OAuth is an authorization method used to provide access to resources over HTTP/S. It works by providing access tokens representing a user permissions to access a resource. This token is used by a client to authenticate its requests.
There are two versions of OAuth: OAuth 1 which uses an HMAC-SHA signature strings, and OAuth 2 (using tokens over HTTPS.
Overlapping basic service sets (OBSS) is a setting that configures the BSS to allow coexistence between 20 MHZ and 40 MHZ overlapping basic service sets (OBSS).
An Open Resolver resolver is a DNS server that accepts DNS lookups from any client on the Itnernet, without authentication or authorization.
This makes the service vulnerable to the DNS Amplification Attack type of denial of service attack.
OpenWrt is an open source distribution with an excellent overall user space environment, modular and flexible system design. It has a large and active development community.
More information and documentation is available at http://wiki.openwrt.org/.
An Organizationally Unique Identifier - OUI - is a 24-bit number used to uniquely identify a vendor.
Usually makes up the first three octets of the MAC address.
An outstanding request is any request still waiting for a response.
Overhead is extra data or processing needed to manage delivery of a network data.
The Open Web-Server Daemon - OSWD - handles web requests to the configuration framework. I allows access to device configuration services through the configuration framework.
Packet aggregation means combining packets into larger units, in order to reduce the overhead associated with each transmission.
When packets are transmitted in a network they may travel different routes from source to destination. This means there is no guarantee that packets will arrive in time or arrive at all. They may also be denied at the receiver due to a full buffer or other issues. A collective term this is packet loss.
A queueing discipline / packet scheduler is a network function that distributes available bandwidth to different connections according to an algorithm.
The management is done by deciding how many packets each connection is handed, by handling the device traffic queue and making prioritizing incoming/ingress or outgoing/egress packets.
The scheduling can be done either by automatically, based on observed traffic, or following rules according to a Quality Of Service protocol such as Intserv or DiffServ.
A packet is a portion of data that transmitted between a source and destination in a network. It normally a smaller part of some larger unit of data, which is tagged with an identification number and an address. When all packets for a specific data unit arrives at their destination, they are reassembled to form the original data.
Division into packets, transmission and reassembly is governed by a transmission protocol.
Pairing is the process of making two compatible wireless devices able to communicate with each other. This is normally done by making them visible to each other, and providing a PIN code for identification.
Password Authentication Protocol (PAP) is a method used to authenticate PPP sessions.
PAP works like a standard login procedure; using a static user name and password combination.
Ethernet Pause Frames is a mechanism for flow control which is used to cause a temporary stop of transmission from the origin. Typically it is used when the sender temporarily or intermittently transmits faster than the device can receive.
The PAUSE frame is defined by IEEE 802.3x and uses MAC Control frames to carry the PAUSE commands. Ethernet pause frames are supported on full duplex only.
Note: If a port is over-subscribed, Ethernet Pause Frame flow control does not ensure no-loss behavior.
A Private Branch Exchange (PBX) is a switch used for connecting telephone devices or virtual applications in an organization. It manages internal communication in the network and provides access to the external public switched telephone network, and allows for sharing of lines and direct communication between internal devices.
Pulse-code modulation (PCM) is the standard method for digital audio. PCM entails converting analog signals to digital values by sampling the amplitude of the analog signal at set time intervals. Each sample is quantized to the nearest value within a range of digital steps. With PCM, the ranges vary with the source amplitude, so that the steps are larger at higher amplitudes.
PCM is defined by sampling rate (number of times per second that samples are taken) and bit depth (number of different digital values).
Peak Cell Rate (PCR) defines the highest rate at which cells can be transported in an ATM connection.
Peak load is the highest expected load on a system during shorter period of time.
The peak load is defined as transactions, pages, iterations or use cases per second.
The PID – Process ID – is an unique idenitifer for a process, assigned to it when it is loaded into memory.
A Personal Identification Number - PIN - is a number used to authenticate a user similarly to a password, but only using numbers.
Ping is a network tool which tests accessibility of hosts on an Internet Protocol network. It measures how long a it takes for a message to travel from the measuring host to the destination and back.
Public Key Cryptography Standards - PKCS - is a collection of public-key cryptography standards.
The PKCS #11 standard defines a platform-independent API to cryptographic tokens, typically used for hardware security modules or smart cards.
The PKCS#12 standard is a binary format for storing the server certificate, intermediate certificates, and the private key in one file, a PFX file (usually with th extension .pfx and .p12).
Packet loss concealment (PLC) is a technique to mask the effects of packet loss in VoIP communications.
Traffic Policing is a QoS process where packets are handled according to user-defined criteria. Depending on the criteria, the packets may be marked, dropped or completely ignored.
The purpose of traffic policing is to make sure that bursts in traffic hare handled and the designated traffic flows get appropriate bandwidth.
A Point of Presence (PoP) is an access point to the Internet.
Port forwarding is a feature that forwards inbound traffic from the internet on a specific port (or ports) to a specific device (or port) on your local network (LAN).
Port speed settings affect how a LAN or WAN port negotiates the speed setting.
Negotiation can be turned off (speed setting: only) or use Autonegotiation (speed setting max) to determine actual speed.
Communication on a port can be either half or full duplex.
A port that is set to disabled does not handle any traffic.
A port is a communication endpoint, identified by a number, which combined with an IP address provides the necessary addressing for a service on the network.
Point-to-Point Protocol (PPP) is a protocol for providing a direct data link connection with authentication, encryption and compression.
The Precedence setting defines quality of service parameters relating to Class Selector and Assured Forwarding priority.
| ID | Setting |
|---|---|
| All | Default |
| 0 | CS1, AF11, AF12 |
| 1 | CS2, AF21, AF22 |
| 2 | CS3, AF31, AF32 |
| 3 | CS4, AF41, AF42 |
| 4 | CS5, Voice-admit, EF |
| 5 | CS5 |
| 6 | CS6 |
| 7 | CS7 |
Prefix delegation is used in DHCPv6 to assign a network address prefix and automate configuration and provisioning of the public addresses for the network.
The Preserve Value option allows you to save Reported Value for a check run with URL errors that are mapped to I, W, or E (and there is no selenium error).
By default a check run with URL errors is shown as a failed check run and the Returned Value is not saved.
A private key is part of a cryptographic system for authentication and encryption using a private and public key.
The private key is kept secret and secure, and can be used to decrypt messages encrypted with the public key.
A protocol is a set of rules for how to handle data, specifically for transmission and management. The sender and reciever noth use the same protocol to structure, send and receive it, ensuring that the data remains intact, readable and usable.
A proxy server works as an intermediary between the client and other servers, forwarding traffic to and from the servers and client. I adds functionality for improving aspects of the connection, such as security, reliability or simplicity.
The time it takes to for all calls that is done to for a specific web page including the time it takes to execute client side code and rendering a complete web page.
The time it takes to for all calls that is done to render a web page.
A packet-switched data network - PSDN - is a network where communication is done by transmitting and receiving data packets. Devices are note connected directly, but packets from different sources going to different destinations share transmission channels.
A Pre-Shared Key (PSK) is a shared secret which was previously shared between the two parties using some secure channel before it is used.
The Public Switched Telephone Network (PSTN) is the publicly available network of telecommunication systems and services provided by telephone operators.
The PTM Proprity defines how PTM traffic packets should be handled.
| Priority | Description |
|---|---|
| Normal Priority | Send packets according to their priority. |
| High Priority | Use preemption; lower-priority packets are paused when higher-priority packets are sent. |
Pulse-Time Modulation means encoding traffic into a pulsing signal signal for transfer.
Point-to-Point Tunneling Protocol (PTPT) is a technology for virtual private networks through TCP and a GRE with PPP packets.
A public key is part of a cryptographic system for authentication and encryption using a private and public key.
The public key that can be distributed freely, and can be used to verify that a message has been sent by the owner of the private key.
A queueing discipline / packet scheduler is a network function that distributes available bandwidth to different connections according to an algorithm.
The management is done by deciding how many packets each connection is handed, by handling the device traffic queue and making prioritizing incoming/ingress or outgoing/egress packets.
The scheduling can be done either by automatically, based on observed traffic, or following rules according to a Quality Of Service protocol such as Intserv or DiffServ.
QNames are the qualified name of an element or attribute in XML content, and is used to identify and access them.
A QoS Class is a set of rules for various traffic settings that can be applied to data traffic to ensure particular needs for Quality of Service.
A Quality Of Service Filter is used by classful QDiscs to determine which QoS Class a packet should belong to.
The filter contains a number of parameters/conditions that the packet needs to match in order to be enqueued in the appropriate class.
A QoS Class group is a collection of QoS classes which can be added to an interface to provide a combination of settings.
The Quality of Service Mark is used when classifying traffic. Packets matching the filter will be marked with the provided hexadecimal code 0x000000-0xFFFFFF.
This mark can then be used for identification and filtering purposes, for example by iptables .
Scheduling is a QoS process when a packet scheduler decides to make a packet leave earlier than other packets.
Quality of Service (QoS) involves setting for data traffic that affect performance, allowing resources to be allocated depending on the needs of various types of traffic.
Quantization of signals is a method where a signal is sampled at specified time intervals and the input values are approximated to provide a smaller set of values compared to the actual signal.
A query string is a part added to an URL resource to pass form data, options, settings or other parameters to the executing web service.
In a typical implementation, parameters are indicated by this syntax:
| Separator | Parameter | Assignator | Value |
|---|---|---|---|
? | name | = | value |
Multiple parameters are separated with &.
For the URL http://example.com/path/to/page, parameters could look like this:
http://example.com/path/to/page?name=value
http://example.com/path/to/page?first=this&then=that
The Router Advertisement Daemon - radvd is an open-source software product that provides Neighbor Discovery Protocol services.
Random Access Memory - RAM - is the main memory available to applications. RAM is read/write and randomly accessible.
RAML is a REST API format based on YAML for service definition of RESTful interfaces. The file describes resources, actions/methods, query/header/path parameters, representations, and so on.
For more information, see the RAML website.
Ramp-up means increasing the load up to a designated load value.
The time this takes to is called Ramp-Up Time, whereas Ramp-Up Rate is the rate of increase during this time period.
Resource records are used by Domain Name Systems to identify and manage domain data.
Each record has name, number, time to live, a class, and data specific to its type.
The transmission format for resource record is specified in RFC 1035.
This list of DNS resource record types is an overview of resource records permissible in zone files of the Domain Name System (DNS).
| Type | Type id. (decimal) | Defining RFC | Description | Function |
|---|---|---|---|---|
| A | 1 | RFC 1035 | Address record | |
| AAAA | 28 | RFC 3596 | IPv6 address record | |
| AFSDB | 18 | RFC 1183 | AFS database record | |
| APL | 42 | RFC 3123 | Address Prefix List | |
| CAA | 257 | RFC 6844 | Certification Authority Authorization | |
| CDNSKEY | 60 | RFC 7344 | Child DNSKEY | |
| CDS | 59 | RFC 7344 | Child DS | |
| CERT | 37 | RFC 4398 | Certificate record | |
| CNAME | 5 | RFC 1035 | Canonical name record | |
| DHCID | 49 | RFC 4701 | DHCP identifier | |
| DLV | 32769 | RFC 4431 | DNSSEC Lookaside Validation record | |
| DNAME | 39 | RFC 6672 | Alias for a name and all its subnames, unlike CNAME, which is an alias for only the exact name. | |
| DNSKEY | 48 | RFC 4034 | DNS Key record | |
| DS | 43 | RFC 4034 | Delegation signer | |
| IPSECKEY | 45 | RFC 4025 | IPsec Key | |
| KEY | 25 | RFC 2535 and RFC 2930 | Key record | |
| KX | 36 | RFC 2230 | Key Exchanger record | |
| LOC | 29 | RFC 1876 | Location record | |
| MX | 15 | RFC 1035 and RFC 7505 | Mail exchange record | |
| NAPTR | 35 | RFC 3403 | Naming Authority Pointer | |
| NS | 2 | RFC 1035 | Name server record | |
| NSEC | 47 | RFC 4034 | Next Secure record | |
| NSEC3 | 50 | RFC 5155 | Next Secure record version 3 | |
| NSEC3PARAM | 51 | RFC 5155 | NSEC3 parameters | |
| PTR | 12 | RFC 1035 | Pointer record | |
| RRSIG | 46 | RFC 4034 | DNSSEC signature | |
| RP | 17 | RFC 1183 | Responsible Person | |
| SIG | 24 | RFC 2535 | Signature | |
| SOA | 6 | RFC 1035 and RFC 2308 | Start of [a zone of] authority record | |
| SRV | 33 | RFC 2782 | Service locator | |
| SSHFP | 44 | RFC 4255 | SSH Public Key Fingerprint | |
| TA | 32768 | N/A | DNSSEC Trust Authorities | |
| TKEY | 249 | RFC 2930 | Transaction Key record | |
| TLSA | 52 | RFC 6698 | TLSA certificate association | |
| TSIG | 250 | RFC 2845 | Transaction Signature | |
| TXT | 16 | RFC 1035 | Text record | |
| URI | 256 | RFC 7553 | Uniform Resource Identifier |
The Refresh Token is an OAuth method to provide clients with a new access token without repeated authorization. Typically, the refresh token is issued to the client when it first acquires an access token, and has much longer lifespan than the access token.
Regular expressions are coded strings that define an infinite number of possible matches.
For more information see: Java Regular Expressions
The Remote ID is an identifier for the client, added to all traffic from the device itself and devices communication through it.
The resolve file resolv.conf is a file used configure the DNS resolver.
search example.com local.lan nameserver 127.0.0.1 nameserver 172.16.1.254 nameserver 172.16.2.254 nameserver 192.168.137.2
Normally, all resolvers cache all replies they receive. This means that response times are greatly improved.
An iterative resolver can fetch data from the cache instead of going through the whole iteration process each time it receive a query.
For a cache all data it receives during a query. The cached data will remain cached for as long as the TTL allows.
A DNS Resolver is part of a DNS server. It navigates the DNS tree to find any available DNS data.
A Stub Resolver is part of a DNS lookup system on devices. It stores IP addresses to iterative resolvers.
Responses are placed in the resolver cache. The data remains cached according to Time-To-Live.
An Iterative Resolver is part of a DNS server. It navigates the DNS tree to find any available DNS data in order to determine which domain name resolves into what particular IP address.
The resolve process is done through iteration. The resolver starts from the top - the root domain, and works its way through the DNS tree until it receives an answer.
All data received during a query is placed in the resolver cache. The data remains cached according to Time-To-Live.
The Resource Owner is an OAuth entity capable of granting access to a resource. When the resource owner is a person, it is referred to as an end-user. The resource owner is always a user account. Client An application making resource requests on behalf of the user (also called the resource owner) with the user's authorization.
Resource records are used by Domain Name Systems to identify and manage domain data.
Each record has name, number, time to live, a class, and data specific to its type.
The transmission format for resource record is specified in RFC 1035.
Resource Server is an OAuth term referring to the server hosting resources.
Parameters can be defined at either the RESOURCE or at the METHOD level.
Parameters at the RESOURCE level are inherited by all contained methods, and all requests in these method nodes.
Parameters on the METHOD level are only inherited by all contained requests in that method.
Representations can be of three basic types: REQUEST, RESPONSE, and FAULT.
| Type | Decription |
|---|---|
| REQUEST | An entity sent as a request. |
| RESPONSE | An entity sent as a request. |
| FAULT | An Received entity which equates to an error. |
REST representations are the serialized text entitites - TYPE, Media-Type, Status Code, QName - used to communicate over an HTTP connection.
REST Requests are calls to a REST service. REST Request can include HTTP Headers and parameters.
A Resource is a part of the target URL, referring to the object to be accessed with REST methods.
For the URL
http://maps.googleapis.com/maps/api/geocode/xml?address=Rio&sensor=false
the resource is
/maps/api/geocode/xml
REST - Representational State Transfer is a more lightweight protocol than SOAP for HTTP communication, where parameters are mostly encoded in the request URL, but can also be sent in the message body.
The term RESTful basically means the same as REST, but sometimes is used to mean web services that implement REST methods and architecture. They don't require a WADL to be defined. It is possible, and common, to skip this definition. This means that the service definition needs to be implied, or provided elsewhere.
The Richardson Maturity Model is a scale for evaluating services and their RESTfulness. It consists of four levels:
For a web services to be RESTful in a meaningful sense, they need to reach level 3 of the Richardson Maturity Model.
http://martinfowler.com/articles/richardsonMaturityModel.html
http://www.ics.uci.edu/~fielding/pubs/dissertation/top.htm
http://roy.gbiv.com/untangled/2008/rest-apis-must-be-hypertext-driven
User Roles provide different levels of access to the system. A user may have multiple roles assigned to their account.
A Read Only Memory - ROM - is a read-only memory containing firmware for the device.
Typically, the term ROM actually refers to media that can be erased and re-programmed (is an Erasable Programmable ROM - EPROM, and Electrically Erasable Programmable ROM - EEPROM.)
A Root Queueing Discipline is a Quality Of Service collection point for multiple QDiscs/packet scheduler containing classes and class groups used for QoS.
The route metric is used for routing decisions, and is added to routing tables to enable routing decisions.
The IP Route is the path a data message takes through an Internet Protocol network.
Router advertisements are NDP discovery messages periodically sent by routers from each multicast interface, announcing the IP addresses of that interface.
In NDP, Router Advertisement packets have the type 134, and can be triggered by a Router Solicitation message.
Router solicitations are NDP discovery messages used by hosts to trigger Router Advertisement messages from connected routers.
In NDP, Router Advertisement packets have the type 133.
A routing table is a table stored in a device used for keeping track of routes to network destinations and metrics belonging to those routes. The information in the routing table is used by devices to make routing decisions for traffic in the network.
| Route | Description | Comment |
|---|---|---|
| Network | Path to a specific network address. | |
| Host | Route to a specific network address by network and host ID. | Used to optimize specific types of traffic. |
| Default | Route stored in the routing table. | Used when no other routes for the destination are found. |
Routing is the process of selecting paths in a network along which to send network traffic, making routing decisions to ensure that traffic moves from the source to the destination.
Dynamic routing is the most common method, where routing protocols are used to manage routing automatically.
Static routing means that routes are set up permanently using a routing table.
Policy based routing entails selecting routes based on the type of traffic being transmitted, tryingt to use more efficient routes for priority traffic.
A Request SPECification (RSPEC) is part of a Flow Specification, and defines the requirements for a flow.
Different possible service types:
| Type | Description | Examples |
|---|---|---|
| Best Effort | No guaranteed level of service. | WWW, FTP |
| Controlled Load | Behaves as Best Effort for an network without load. | |
| Guaranteed | Guarantees a minimum level of service, but no benefit would be provided by higher levels. | Real-time control, latency and delay. |
| Qualitative | Not imediately quantifiable, but better than Best Effort. |
RSS – Resident Set Size indicatres how much memory is allocated to a process and is in RAM.
It includes all stack and heap memory, and shared libraries also in memory, but not memory that is swapped out.
Received signal strength indicator (RSSI) is a measurement of the power of a received radio signal.
The Resource ReSerVation Protocol - RSVP - is a signalling mechanism used for network management of packets.
It uses a method where resources available to handle Quality Of Service traffic is broadcasted throughout the network.
Listening devices reply with a RESV (Reserve) message containing a flow specification for the traffic.
Devices on the route between sender and listener either accept the reservation and handle the flow, or send a reject message.
Reservations can end normally or time out as needed.
A response time analysis is done to determine min, avg. and max response for a specific throughput of a transaction, a use case transaction or a complete web page.
The analysis can also be done to find the point (if any) where the response time increases due to an increase in throughput.
The Real-time Transport Protocol (RTP) is a protocol for handling transmission of real-time data, typically audio or video over networks services. Control and monitoring features are provided thorugh the Real Time Streaming Protocol.
The Real Time Streaming Protocol (RTSP) is a protocol for control over transmission of real-time data with the Real-time Transport Protocol.
The RX Chain Power Save feature turns one of the receive chains off to save power.
The maximum number of packets per second that the WLAN interface should process for during RX Chain Power Save Quiet Time before the RX Chain Power Save feature activates itself.
The number of seconds the packets per second must be below the value before the Rx Chain Power Save feature activates itself.
A RX chain is the transmit/receive signal processing hardware, such as a radio transceiver with its own antenna.
RFC 1918 - Address Allocation for Private Internets - defines standards for IP addresses in a private local network.
Addresses with in these ranges cannot be routed on the Internet:
10.0.0.0 - 10.255.255.255 (10/8 prefix) 172.16.0.0 - 172.31.255.255 (172.16/12 prefix) 192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
RFC 2275 - View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)- defines an access method for resources based on view access. It limits the access of multiple users having various security levels different views of the object tree.
RFC 2473 defines the model and generic mechanisms for IPv6 encapsulation of Internet packets, such as IPv6 and IPv4. The model and mechanisms can be applied to other protocol packets.
RFC 4681 - Neighbor Discovery for IP version 6 - specifies the Neighbor Discovery protocol for IPv6.
IPv6 nodes on the same link use Neighbor Discovery to discover each other's presence, to determine each other's link-layer addresses, to find routers, and to maintain reachability information about the paths to active neighbors.
RFC 5572 discusses using TSP to set up IP tunnels with inner protocols, such as IPv6 or IPv4, inside various outer protocols packets, such as IPv4, IPv6, or UDP over IPv4 for IPv4 NAT traversal.
Security Association is term for the establishment of shared security attributes between two network entities to support secure communication. It typically consists of cryptography method, an encryption key and parameters for secure transmission of traffic.
Samba is an open source software that provides file and print services between Linux/Unix servers and Windows-based clients.
Security Assertion Markup Language 2.0 (SAML 2.0) is an XML-based, open-standard data format used for exchanging authentication and authorization data between a Service Provider and an Identity Provider.
It uses security assertion tokens to to pass information about the end user between the identity provider and the service provider.
SAML 2.0 enables web-based authentication and authorization scenarios including cross-domain single sign-on (SSO).
For more information about SAML see the Oasis documentation
As the traffic to a service increases, design decisions made early become a more and more important factor affecting performance. You want your service to be scalable, to be able to handle a growing amount of traffic.
Having a proper REST web service implementation is one way of increasing scalability as it usually creates less traffic over network and less overhead without XML conversions needed in SOAP.
SOAP implementations can also be made scalable, but less of the architecture is explicitly designed for that purpose.
Schema Annotations are comments added to the web service definition schema used to describe the nodes.
Schema inference is the process of generating an Schema from a set of messages.
When creating a REST Service without a WADL, it is often useful to be able to generate these documents anyway, so that validation is made possible, and code/documentation generation tools can be used.
Ready! API provides automatic inference from the model you create in SoapUI, and also inference of XSD schemas from any incoming responses that can be converted to XML, such as XML, JSON and HTML.
Generally, a script is a sequence of instructions to be performed automatically.
A performance test script is a script that generates transactions. A performance test script can be simple with a single transaction or complex with a large number of transactions.
A monitoring test script is a set of instructions to perform tasks or actions on a service or web site.
A Security Token (or Access Token) is a data object containing security credentials for a session, identifying a user, user group(s), permissions, and other security information.
A service definition is a machine readable description of an API interface, defining available resources, actions/operations, valid request/response pairs and other communication properties.
A Service Provider - SP - is provider of Web Services, such as applications, storage, or other capabilities. It uses an Identity Provider for authentication and authorization.
Service types define the guaranteed level of service in a ATM network. This involves such things as the timing between the source and destination, the guaranteed bandwidth and how many cells get lost in transmission.
| Setting | Description |
|---|---|
| UBR without PCR | Use Unspecified Bit Rate without Peak Cell Rate. |
| UBR with PCR | Use Unspecified Bit Rate with Peak Cell Rate. |
| CBR | Use Constant Bit Rate. |
| Non-Realtime VBR | Use Non-Real-Time Variable Bit Rate. |
| Realtime VBR | Use Real-Time Variable Bit Rate. |
The Small Form-factor Pluggable (SFP) connector is a hot-pluggable transceiver used for telecommunication and data.
For more information see the wikipedia article.
A SIP Account contains the identifying information and configuration for SIP communication.
A SIP Address is similar to a phone number for voice calls to other SIP accounts.
G.711ALaw is a companding standard using non-linear encoding and decoding to provide pulse code modulation mainly of voice frequencies with the A-law variant algorithm.
G.711MuLaw is a companding standard using non-linear encoding and decoding to provide pulse code modulation mainly of voice frequencies with the μ-law variant algorithm. It provides higher compression than A-Law, with higher distorion for smaller packets.
G.729 is a compression standard with linear compression for voice with low bandwith requirements, suitable for voip applications where bandwith conservation is an issue. It divides 10ms packets for a 8kbit/s transmission rate.
A SIP domain is a DNS hostname for SIP traffic routing.
A SIP realm is a SIP authentication/authorization component, defining the set of usernames and passwords for a particular protection domain. The SIP realm does not have to be the same as a the SIP domain.
The SIP Realm is used together with an SIP authentication username to provide access to SIP services.
The SIP Reg Interval is how often connections to a SIP provider is updated. This is normally done by updating the registration with the server.
A SIP server (also called SIP Registrar or SIP Proxy) handles SIP management for a IP-based private branch exchange.
It handles setup and connections for SIP calls in a network, but does not handle actual transmission of real-time data.
A SIP User is the identifier for a SIP account. This may be a phone number.
The Session Initiation Protocol (SIP) is a protocol for handling communication sessions, most commponly for Internet telephony for voice and video calls, as well as instant messaging, over Internet Protocol networks.
The Service Level Agreement (SLA) value is used to specify if the response has been returned within a set time threshold.
SLA is expressed as a percentage, indicating the fraction of all checks that fall within the threshold.
Short Message Service - SMS - is a service using standard protocols to provide messaging text messaging, most commonly for mobile applications.
A SMTP Server handles SMTP accounts and traffic to provide services for sending email.
Simple Mail Transfer Protocol - SMTP - is an internet standard for sending email.
Server Name Indication - SNI - is an extension of the TLS TLS protocol. It allows clients to state which hostname they are trying to connect to.
The server can then serve multiple server certificates on the same IP address and TCP port.
This lets multiple TLS services to be served off the same IP address without requiring all those sites to use the same certificate.
The conceptual HTTP equivalent is name-based virtual hosting.
An SNMP agent provides access to managament data as variables that can be modified to perform managment tasks remotely. The variables accessible via SNMP are organized in hierarchies and stored together with metadata in Management Information Bases.
Simple Network Management Protocol (SNMP) is a protocol for managing and devices on an IP network.
The SNR margin is the difference between the current Signal to Noise Ratio and minimal SNR required to sync at a specific transfer speed.
Higher SNR margin means a better signal, with less background noise, which in turn means a more stable the connection.
Signal-to-noise ratio (SNR) is defined as the power ratio between a signal and background noise.
It is normally measured in decibels (dB).
| dB value | Description |
|---|---|
| < 6dB | Poor. No sync, or intermittent sync problems. |
| 7dB - 10dB | Fair. Vulnerable to conditions. |
| 11dB-20dB | Good. |
| 20dB-28dB | Very good. |
| 29dB < | Excellent. |
Start Of Authority - SOA - is a Resource Record that defines the Zone File zone file and how the master and slaves keep track of Domain Name Systems data.
SOAP Operations bind abstract operations to actual SOAP operations in the service, defining the request and response format.
SOAP Requests are XML-based calls to a service which (optionally) contain SOAP parameters as part of the request body.
SOAP - Simple Object Access Protocol, is an XML-based communication protocol and encoding format for inter-application communication.
A SOAP API is defined as a standardized communication protocol for XML-based message exchange. SOAP can use different protocols like HTTP or JMS.
All parameters the server needs to be able to respond to should be a in a W3C standardized XML format and part of the body in the request.
The current specification is version, SOAP 1.2, though version 1.1 is more widespread. SOAP is widely viewed as the backbone to a new generation of cross-platform cross-language distributed computing applications, termed Web Services.
Soft errors are call failures where the cause most likely is on the scenario side, perhaps a faulty script or other issue with the calling process. A response may have been received but for example contained no data, or was of the wrong type, and so on.
Soft errors do not block the completion of the loop.
The Simple and Protected GSSAPI Negotiation Mechanism - SPNEGO - is a GSSAPI mechanism you use to secure messages when a client application wants to authenticate to a remote server, but does not know what authentication protocol to use.
Strict Priority Precedence means that where the the packets with the highest priority always are sent first.
Seamless Rate Adaptation (SRA) allows devices to change data transfer rates on the fly to avoid losing a connection due to interference.
The Secure Real-time Transport Protocol (SRTP) is a protocol used for providing authentication, encryption, and other se curity features with the Real-time Transport Protocol.
A Service Record (SRV record) is a specification of data in the Domain Name System containing information about IP and port for a specific service.
It is used by domain servers to keep track of their own changes without having to contact a central DNS server.
An SRV record has the form:
_Service._Proto.Name TTL Class SRV Priority Weight Port Target
| Item | Description |
|---|---|
| Service | Identifier for the service. |
| Proto | The service protocol. |
| Name | Domain name where the record is valid. |
| TTL | DNS time to live. |
| Class | DNS class (IN for Internet). |
| Priority | Target host priority, lower value means more preferred. |
| Weight | A relative weight for records with the same priority. |
| Port | Port for the service. |
| Target | Hostname for the service provider. |
Simple Service Discovery Protocol (SSDP) is a network protocol capable of discovering universal plug and play devices on a home network.
Secure Shell (SSH) is a protocol for secure communication on networks. Most commonly it is used for remote login to devices, typically to unix shell accounts.
SSID – Service Set IDentifier, also knowns as network name, identifies a wireless network interface.
When an SSL session cache is enabled, the same SSL session ID is reused for multiple requests instead of requesting new ones.
The Common Name - CN - identifies a hostname associated with an SSL server certificate.
The certificate is valid for a request only if the requested hostname matches the certificate common name.
For a single-name certificate, the common name is a single hostname (example.com or www.example.com).
For a wildcard certificate, the common name is a wildcard name (*.example.com).
An SSL fingerprint
GRC has created HTTPS Fingerprints. This service allows you to check whether or not your enterprise is performing MITM on the SSL secured site that you are trying to reach.
It compares the certificate fingerprint to what you would receive to the fingerprint that they receive by going direct. If they are the same, the certificate is authentic and you have no problem. If they are different, then it is likely that someone is performing MITM on your SSL connection.
Anyone examining an SSL certificate (like this page or your web browser) can create a “cryptographic hash” or “digest” of the certificate's contents. Cryptographic hashes are complex mathematical algorithms which carefully process every single bit of what they “digest.” They have the amazingly property that if even one bit inside the certificate is changed, an average of half of the fingerprint's hash bits will change in response! In other words, when such a cryptographic hash is used to “fingerprint” a certificate any change, no matter how small, will result in a COMPLETELY different fingerprint.
Fingerprints offer incredibly sensitive and strong detection of anything changed anywhere in a security certificate. Certificate fingerprints were originally based upon the “MD5” (Message Digest 5) hashing algorithm. But over time researchers found MD5 to be a bit weak in some special cases which might have been exploitable. So the entire industry (and this web site) has switched over to using the newer, stronger and even more secure “SHA1” (Secure Hashing Algorithm 1) hashing algorithm.
GRC has created HTTPS Fingerprints. This service allows you to check whether or not your enterprise is performing MITM on the SSL secured site that you are trying to reach. It compares the certificate fingerprint to what you would receive to the fingerprint that they receive by going direct. If they are the same, the certificate is authentic and you have no problem. If they are different, then it is likely that someone is performing MITM on your SSL connection.
The SSL Renegotiation Indication Extension - RNI - is an improvement on SSL and TLS aimed to prevent unauthorized connections where a service wrongly identifies an injected connection as belonging to a previously authorized client.
RNI achieves this by encrypting the TLS renegotiation so it is specific to the client.
A Subject Alternative Name - SAN - is an additional name associated with an SSL server certificate.
The name can be a hostname, an IP address, a common name or other identifier.
Typical uses for SANs is when you want to cover multiple names across different domains/subdomains (www.example.com and www.example.net) with the same certificate, or when you have a multiple virtual hosts on the same IP address.
Secure Sockets Layer (SSL) is a protocol for providing security features such as authentication, privacy and data integrity in a network.
Source-specific multicast (SSM) is a method of limiting delivery of multicast packets only from a requested source address.
Single sign-on - SSO - is the process of providing shared authentication and authorization for multiple systems. This allows a user to sign in once, and seamlessly use multiple systems with the same set of credentials.
The standard deviation, σ is a measure of how big the variation is in a set of values.
A low standard deviation indicates that the data points tend to be close to the expected value (mean), while a high standard deviation indicates that the data points are spread out.
More information: https://en.wikipedia.org/wiki/Standard_deviation
The process state code indicates the state for a process.
| Short Code | Meaning | Description |
|---|---|---|
| D | Uninterruptible sleep | Usually refers to IO processes. |
| l | Is multi-threaded (using CLONE_THREAD, like NPTL pthreads do) | |
| L | Has pages locked into memory (for real-time and custom IO) | |
| N | Low-priority (nice to other users) | |
| R | Running runnable (on run queue) | |
| s | Is a session leader | |
| S | Interruptible sleep | Waiting for an event to complete. |
| T | Stopped | May have been stopped by control signal or trace. |
| W | Paging | Storing or retrieving data. |
| Z | Defunct (“zombie”) process | Terminated but not collected by its parent process. |
| < | High-priority | |
| + | Belongs to foreground process group. |
When you design your service to be stateless, you are making it treat each new request as an independent event. No session is stored, nor information about the connecting clients. 1
This removes the need for a specific client to stay connected to a specific server, and instead of a session with multiple steps between a client and a single server you get multiple pairs of request-response traffic between a client and multiple service instances.
The main benefit of this is that as traffic grows, you can just add service instances and servers to handle the load. It doesn't matter where a specific client call ends up, since you don't need to keep track of it.
Stateless services are more common among RESTful web services than among SOAP based web services, but there is no specific technical reason for this.
A static IP address is an address that doesn't change, unless manually changed by the administrator.
A static route is a manually entered route to a network destination, which is used instead of any routes discovered automatically.
A stealth name server is a name server that does not have a NS record listed in the domain.
It can therefore not be queried through normal means, and must already be reachable directly to be used.
A stored procedure is a subroutine available to applications that access a relational database system. A stored procedure is stored in the database data dictionary.
A Stub Resolver is part of a DNS lookup system on devices. It stores IP addresses to iterative resolvers.
Responses are placed in the resolver cache. The data remains cached according to Time-To-Live.
Session Traversal Utilities for NAT (STUN) consists of methods and a protocol to allow a server to discover its public IP address from behind a NAT. It is used for real-time voice, video, messaging, and other interactive IP services.
The protocol requires a STUN server located on the public side of the NAT.
A subnet mask is used to divide the IP address into network and host addresses.
A Subscriber ID is a identifier assigned to messages indepenedently from client and physical network identifiers, providing an ID that persists over network and path changes.
Swagger is a format for defining REST services.
It is a specification and a framework implementation for describing, producing, consuming, and visualizing RESTful web services. The overarching goal of Swagger is to enable client and documentation systems to update at the same pace as the server.
Transmission Control Protocol (TCP) Flags are control bits for TCP messages. These flags indicate how packets should be handled or indicate connection states.
| Flag | Description |
|---|---|
| SYN | Synchronize sequence numbers. |
| ACK | Acknowledgment field is significant. |
| FIN | No more data from sender. |
| RST | Reset the connection. |
| URG | Urgent pointer field is significant. |
| PSH | Push function. |
| CWR | Congestion Window Reduced. |
| ECE | TCP peer is ECN capable. |
The Transmission Control Protocol (TCP) is a protocol to provide reliable data streams over an IP network.
Time Division Synchronous Code Division Multiple Access (TD-SCDMA) is an UMTS 3G mobile networks in China.
The think time is the time between one user interaction to the next user interaction that in turn create a new call to the server side.
If the application does not have a user interface it is the time between to calls or between two transactions.
A severity of a particular type is trigged whenever the returned value from the check is higher than the configured threshold, the baseline.
The notification threshold / baseline can be defined in several ways.
| Setting | Description |
|---|---|
| Method | Constant / Average / Median / Deviation |
| Percentage | Percentage threshold based on the calculated value. |
| Deviation | Number of standard deviations |
| Period | Time period for historical results to include in the calculation. |
| Offset | Constant to add to the calculated value. |
Static calculations uses a constant threshold value.
Dynamic methods calculate the threshold value on the fly, based on a combination of the type (percentage or deviation), the method (average, median, deviation), the period (time frame for historical data to use), and offset which is added to the calculated value.
| Method | Calculation | Type | Example |
|---|---|---|---|
| Constant | A fixed value. | Static | 25 |
| Average | Average. | Dynamic | 120% of the average returned value for the last 2 hours + offset 50. |
| Median | Median. | Dynamic | 120% of the median value for the last 2 hours + offset 50. |
| Deviation | Standard deviation. | Dynamic | 2 standard deviations + average value for the last 2 hours + offset 50. |
The throughput is the traffic volume (typically measured in Mbit/s) over the network.
Throughput can also be considered as the number of transactions per second an application can handle.
TKIP (Temporal Key Integrity Protocol) is a RC4 stream cipher is used with a 128-bit per-packet key, meaning that it dynamically generates a new key for each packet.
Transport Layer Security (TLS) is a protocol for providing security features such as authentication, privacy and data integrity in a network.
A token bucket algorithm is a method of handling packet traffic, by using an analogy of a bucket containing a number of tokens that arrive at a particular rate. Tokens are used to limit when data packets are transmitted.
The depth of the bucket limits the number of tokens, and the rate of arriving tokens limits how quickly packets can be sent.
The concept is as follows:
This means that the bucket needs to be deep enough to handle bursts of traffic, and the token rate limits the transmission rate.
Transmission Power Control (TPC) is used to automatically adjust the transmission power level on wireless radios to avoid interference.
TPTEST allows you to measure the speed of your Internet connection, by sending a number to and from a defined reference test server.
A list of TP test servers is available at http://tptest.sourceforge.net/servers.php.
TR-069 CPE WAN Management Protocol (CWMP) was created by the DSL Forum to standardize the Wide Area Network (WAN) management of CWMP. The TR-069 protocol specifically defines a common method for CPE devices to communicate with an Auto Configuration Server (ACS).
The Transaction Rate is the number of successfully completed URL calls / transactions made per second.
A performance transaction is a single call/response using a specific protocol such as HTTP/S.
The term Triple Play Service refers to provisioning of broadband Internet access, television, and telephone over a single broadband connection.
The Transaction Response Time is the time it takes for a single transaction, including receiving the response.
It is the amount of time from the moment that a user sends a request until the time that the application indicates that the request has completed.
Truststores contain certificates that identify parties that you choose to trust.
Truststores often do not include the certificate from the remote party directly, but instead holds certificates from organizations that are trusted to identify the certificate of the remote party.
Such organizations are commonly referred to as “Certificate Authorities”.
TrustStore stores public keys and/or CA (Certificate Authorities) certificates.
The SSL Java client uses SSL certificates, commonly .cer files, stored in TrustStore to verify the server identity.
See also: KeyStore.
See also: Identity.
A Traffic SPECification (TSPEC) is part of a Flow Specification, and describes traffic flow properties, typically involving token bucket algorithm parameters.
The Time To First Byte - TTFB - value is a measure of how long the wait is for the first byte of the response, after the request has been successfully transmitted.
Time to live (TTL) is a mechanism to determine when data in a network should be discarded, for example for cache expiry, or to prevent data from being transmitted forever.
The Time To Transmit value indicates the time it takes to send the HTTP request header, after a network connection has been established.
This value may also include the transmission time for any HTTP request content data (form data or file upload data).
An IP tunnel is an IP network channel between two networks. It is used to transfer data using a different protocol by wrapping its packets in packets of a different type.
In IP tunnelling, every IP packet, including addressing information of its source and destination IP networks, is encapsulated within another packet format native to the transit network.
Unscheduled Automatic Power Save Delivery (UAPSD) is a wifi device feature which allows them to save power by dozing between transmissions.
UBIFS file-system stands for “Unsorted Block Images File System”.
It is a flash file system, designed to work with flash devices, using Memory Technology Device (MTD) device files.
OpenWrt micro bus architecture - UBUS - is a combination of daemon, library and helpers to provide communication between various daemons and applications in OpenWrt.
The ubus command line tool can be used to interact with the ubusd server to and manage services through JSON .
Command referencs is available at https://wiki.openwrt.org/doc/techref/ubus.
User Datagram Protocol (UDP) is a protocol to provide relatively unreliable data streams over an IP network. It provides no guarantees for delivery and no protection from duplication.
The simplicity of UDP reduces the overhead from using the protocol and the services may be adequate in many cases.
Universal Mobile Telecommunications System (UMTS) is a third generation mobile cellular system for networks based on the GSM standard.
Unicast is communication where information is addressed to a single destination.
The interface protocol type Unmanaged means that the connection has no defined protocol.
An uplink interface type is an interface to services.
Universal Plug and Play (UPnP) is a set of networking protocols used for automatic discovery and communication on a network. It makes it possible for various devices to connect and share services.
UPnP involves automatic port forwarding set up without user interaction. This may constitute a security risk.
URL Encoding (also known as percent encoding) is the process of converting a URL so as to replace reserved characters that have a special meaning with special escape character sequences.
For example / might be replaced with %2F and ( with %28.
This is done to differentiate between when the characters used as text and when they are used in their special meaning.
An URL filter excludes certain URL types from execution.
URLs can be filtered out based on a number of criteria, which can be used together or separately as needed:
| Filer | Description | Comment |
|---|---|---|
| Binary Data | Non-ASCII content data with a 200 (ok) status code. | This will strip away all images and other kinds of binary data. |
| CSS, JS (HTML Only) | Text/ASCII data not in HTML format with a 200 (ok) status code. | This will strip away CSS and JavaScript files. |
| Cached Data (304) | Browser-side cached URLs received with a 304 (found) status code. | Recommended. |
| Errors | All errors status code 400 and above, and all URLs with an incomplete response. | If not enabled, a reported error will count as a successful connection. |
| Host | Hostname exclusion/inclusion filtering. |
Host filtering can be used to exclude and/or include traffic from particular hostnames.
The filter can consist of a list of hostnames, separated by comma.
You can also explicitly exclude hosts by adding ! before the hostname.
www.example.com,media.example.com
All traffic not from www.example.com or media.example.com will be excluded.
!media.example.com
Traffic from media.example.com will be excluded.
A Uniform Resource Locator - URL - is a web resource location reference which points out where to find a particular resource (file, script, image et. c.).
A typical URL is of the form http://www.example.com/about/us/index.html:
USB – Universal Serial Bus is a standard for connection, communication, and power supply between computers and electronic devices.
The Use Case Iteration Time is the time it takes to perform one iteration of all the steps in a use case including optional loops and think time.
A use case can be functional or non-functional and describes in detail each step and interaction with an application.
If the application has a user interface the use case usually describes the most common interaction that a real user would do.
A functional use case can often be adopted to a non-functional use case by removing unnecessary steps that is not direct related to performance.
The User-Agent contains information about client and operating system accessing the server or application, typically offered in the HTTP request headers. This allows the server to select suitable content and parameters for the response.
The User Class uniquely identifies the type or category of user or applications it represents.
Unicode Transformation Format - UTF - is a character encoding that maps Unicode code points (characters) to code values.
UTF encoding is available in multiple versions. The two most common types are UTF-8 and UTF-16.
UTF-8 is a variable-length encoding using up to 8-bit code units. It is backward compatible with ASCII.
UTF-16 is also variable-length using one or two 16-bit code units.
A Universally Unique Identifier (UUID) is an 128-bit identifier used to uniquely identify objects.
Example: 65613210-44d4-11e6-beb8-9e71128cae77
The service type Variable Bit Rate come in two variants: Non-Realtime VBR and Realtime VBR.
Non-Real-Time Variable Bit Rate (nrt-VBR) is used for connections that need guaranteed bandwidth or latency, but do not rely on accurate timing between source and destination.
Real-Time Variable Bit Rate (rt-VBR) is used for connections that need accurate timing between source and destination.
Virtual Channel Identifier - VCI, is used together with VPIs to enable ATM networks.
In an ATM network, each circuit is given a virtual channel identifier, and and each path is given a virtual path identifier.
The VCI identifies circuit/channel in use, and VPI matches the appropriate path to the desired destination host.
A Vendor ID - VID - is a unique number identifying a device.
Virtual network interfaces are linked to a hardware device, but are not hardware devices.
A virtual network interface is generally associated with a physical network, another virtual interface, a loopback interface or other standalone interfaces.
| Type | Example | Description |
|---|---|---|
| Aliases | eth4:5, eth4:6 | Used to handle multiple IP-addresses per interface. Supported for backwards compatibility. |
| Bridges | br0, br-lan | Used to make multiple network interfaces behave as one network interface. |
| Stacked VLANs | 10, 20 | IEEE 802.1ad type network, using two or more tags in each packet. |
| Special purpose | imq0, teql3 | Used to change the order of outgoing or incoming network packets. |
| Tunnel interfaces | pppoe-dsl, tun0, vpn1 | Used to send packets over a tunneling protocol. |
| VLANs | eth4.0, vlan0 | Used to separate a network into multiple virtual networks. |
| Wireless operating mode virtual interfaces | wlan0, ath3 | A wireless subsystem created automatically for a wireless NIC master interface. |
The VLAN Tag (VLAN ID) is a method to identify the which VLAN a packet belongs to.
Devices use the VLAN ID to determine which port(s), or interface(s), to send a multicast packet to.
A virtual LAN (VLAN) is, as the name implies, a virtualized LAN. Most commonly a VLAN is a subdivision of a network.
VLANs also allow grouping of hosts together even if the hosts are not connected to the same network device, and managing them through software.
VoIP - Voice Over IP is a group of technologies for the delivery of voice communications and multimedia sessions over Internet Protocol networks.
A Virtual Path Identifier - VPI, is used together with VCIs to enable ATM networks.
In an ATM network, each circuit is given a virtual channel identifier, and and each path is given a virtual path identifier.
The VCI identifies circuit/channel in use, and VPI matches the appropriate path to the desired destination host.
A virtual private network (VPN) is a secured, private network connected through a public network.
VSZ is the Virtual Memory Size. It includes all memory that the process can access, including memory that is swapped out and memory that is from shared libraries.
VSZ is the Virtual Memory Size. It includes all memory that the process can access, including memory that is swapped out and memory that is from shared libraries.
WADL stands for Web Application Description Language and is the REST equivalent to WSDL. An important difference is that the WADL is not required.
A REST based web service (REST Service) may be defined by a WADL descriptor file. It may look like this:
<application XMLns="http://wadl.dev.java.net/2009/02">
<resources base="http://example.com/api">
<resource path="books">
<method name="GET"/>
<resource path="{bookId}">
<param required="true" style="template" name="bookId"/>
<method name="GET"/>
</resource>
</resource>
</resources>
</application>
A WADL definition is similar to WSDL in the way that it defines what you can do. It defines the supported HTTP verbs. In this example we can see that we are able to get information about books using the HTTP method GET.
We can also notice that there is a required resource that must be part of the request.
More information is available in the W3C standard suggestion
A Wide Area Network (WAN) is network that extends over a large geographical distance.
A browser waterfall diagram shows the series of actions performed by the client and server when a specific URL is accessed.
The information is shown as a cascading list of items showing how the browser loads and renders the URL. Every row in the diagram represents a single request made by the client. The timing of the events relating to the request is indicated by the length of the bars on the row.
Wideband Code Division Multiple Access (W-CDMA) is a mobile communications technology using CDMA for broadband.
A web service is a service available on a network and will allow other systems to communicate with it, using a defined protocol. The web part indicates that the service is using transport protocols designed for the World Wide Web, i.e. it uses HTTP to communicate. Other systems can be web applications, apps in phones and similar.
There are two major flavors of web services: Simple Object Access Protocol SOAP and Representational State Transfer REST.
WebSocket is a communication protocol for full-duplex communication channels over a single TCP connection.
WebSocket connections allow for real-time data transfer where the the server sends content to the browser continuously without additional client requests.
Messages can be sent to be passed back and forth while keeping the connection open, allowing for two-way communication between the client and the server.
Webbsockets use TCP to communicate over ports 80 for HTTP and 443 for TLS.
Wired Equivalent Privacy (WEP) is a security algorithm intended to provide security comparable a wired network.
WEP uses a key of 10 or 26 hexadecimal digits.
Weighted Fair Queuing means that bandwidth is adjusted automatically according to traffic priority and weight value.
A wifi band is a collection of wifi channels provided by a particular wifi radio.
Bands are identified by their frequency as measured in Gigahertz (GHz).
Standard bands are 2.4GHz and 5Ghz.
A wifi channel is a frequency range in a specific wifi band used for wifi communication.
WiFi encryption means to encrypt the messages that are sent between nodes on a wireless network.
A wifi interface can use one of several encryption options:
| None | No encryption. |
| WEP | Wired Equivalent Privacy |
| WPA2 Personal (PSK) | Wi-Fi Protected Access |
| WPA/WPA2 Personal (PSK) Mixed Mode | Wi-Fi Protected Access II Pre-Shared Key |
| WPA2 Enterprise | Wi-Fi Protected Access II Enterprise |
| WPA/WPA2 Enterprise Mixed Mode | Wi-Fi Protected Access Enterprise / Wi-Fi Protected Access II Enterprise |
A wireless interface is the access point to a wireless radio. Interfaces are identified by their SSID.
Each radio can have several SSIDs and each SSID interface can be configured as part of a network bridge or firewall group.
The WiFI Key or passphrase is a shared secret between client and server used for encryption and decryption in wireless networks.
The WiFi Mode defines which to use for wireless communication in the network.
The Auto Mode allows the device to automatically select a suitable profile among the available options.
802.11a is a wireless radio specification for the 5 GHz band with a maximum data rate of 54 Mbit/s.
802.11ac is a wireless radio specification for both the 2.4 GHz and the 5 GHz bands with support for multiple-input multiple-output antennas, providing a maximum data rate from 433 Mbit/s to 1300 Mbit/s.
802.11b is a wireless radio specification for the 2.4GHz band with a maximum data rate of 11 Mbit/s .
802.11b/g is a wireless radio specification combining 802.11b and 802.11g standards in dual band mode.
802.11g is a wireless radio specification for the 2.4 GHz band with a maximum data rate of 54 Mbit/s.
802.11n is a wireless radio specification for both the 2.4 GHz and the 5 GHz bands with support for multiple-input multiple-output antennas, providing a maximum data rate from 54 Mbit/s to 600 Mbit/s.
WiFi or Wi-Fi is a technology allowing devices to connect to a wireless LAN (WLAN) network. The term “Wi-Fi” is a play on words relating to hi-fi (high fidelity) from the music industry. Communication is commonly done over 2.4 gigahertz and 5 gigahertz radio bands.
A wireless radio is the device sending out a wireless signal. Each radio can have several interfaces associated with it.
A Wireless Local Area Network is Local Area Network connected through one or several access points.
WMM (WiFi Multimedia) Acknowledgement is a verification signal sent from the client to the device to indicate that no error has been detected for the data .
WMM Power Save allows small devices, such as phones and PDAs, to transmit data while in a low-power status.
WiFi Multimedia - WMM (also known as WiFi Multimedia Extension - WME) - improves quality of service on a network by prioritizing data by four configurable categories:
Voice: Voice packets for Voice over IP (VoIP) calls.
Video: Video packets for support of TV streams.
Best effort: Support for legacy devices or devices lacking QoS standards.
Background: File downloads, print jobs and other traffic that does not suffer from increased latency.
WMM does not provide guaranteed throughput.
Also referred to as WPA-802.1X mode, and sometimes just WPA (as opposed to WPA-PSK), is designed for enterprise networks and requires an authentication server.
It provides additional security (e.g. protection against dictionary attacks on short passwords).
Various kinds of the Extensible Authentication Protocol (EAP) are used for authentication.
Wi-Fi Protected Access (WPA), also referred to as WPA-PSK (pre-shared key) does not require an authentication server.
It uses TKIP, with a key either as a string of 64 hexadecimal digits, or as a passphrase of 8 to 63 characters.
WPA also includes a message integrity check, which is designed to prevent an attacker from altering and resending data packets.
WPA-Personal mode is available with both WPA and WPA2.
Wi-Fi Protected Access 2 Enterprise is designed for enterprise networks and requires an authentication server.
It provides additional security (e.g. protection against dictionary attacks on short passwords).
Various kinds of the Extensible Authentication Protocol (EAP) are used for authentication.
Short for Wi-Fi Protected Access 2 – Pre-Shared Key, and also called WPA2 Personal, it is a method of securing your network using Pre-Shared Key (PSK) authentication,
Wi-Fi Protected Access 2 Personal uses pre-shared passphrases between 8 and 63 characters long.
The wireless device converts the preshared key to a hash and uses that for communication authentication.
Wi-Fi Protected Setup (WPS) is an authentication key distribution method. It can be performed in one of several ways.
PIN code: A PIN is entered on the client.
Push button: An actual or virtual button is pressed on the device and the client within a short amount of time.
Near field: The client is brought physically close to the device.
USB: An USB device is used to transfer data between the new client and the device. (Deprecated)
WSDL stands for Web Service Definition Language and is a W3C web service description language standard for describing SOAP web services, using XML.
It describes network services as a set of endpoints operating on messages containing either document-oriented or procedure-oriented information. The operations and messages are described abstractly, and then bound to a concrete network protocol and message format to define an endpoint.
Related concrete endpoints are combined into abstract endpoints (services). WSDL is extensible to allow description of endpoints and their messages regardless of what message formats or network protocols are used to communicate, however, the only bindings described in this document describe how to use WSDL in conjunction with SOAP 1.1, HTTP GET/POST, and MIME.
Web Services Security - WS-Security / WSS - is a SOAP extension protocol for adding security to web services by adding security tokens, for example SAML), Kerberos, and X.509.
For more information see oasis documentation
A Wireless Wide Area Network (WWAN), is a wireless network that extends over a large geographical distance.
X.509 is a standard that defines the format of public key certificates. They are used in many Internet protocols, including TLS/SSL.
X-Forwarded-For - XFF - is an HTTP header used to for identifying the originating IP address of a client.
Extensible Markup Language - XML - is a markup language standard for documents that aims to be readable for both humans and machines, while separating the markup form the content.
XML content consists of “start”, “end” and “empty” Tags (E.g.: <section> / <section> / <line-break />), which make up elements containing data (E.g.: <greeting>Hello, world!</greeting> / <line-break />).
Elements can contain other elements (child elements) and form a tree: (E.g.: <name><first>Firstname</first><last>Lastname</last></name> / <line-break />).
Start and empty tags can contain any number of unique Attributes consisting of name-value pairs (E.g.: <img src="logo.png" alt="Logo" />).
Optionally, XML files can start with an XML declaration (E.g.: <?xml version="1.0" encoding="UTF-8"?>) identifying aspects of the XML content.
<?xml version="1.0" encoding="UTF-8"?> <Config> <Version>V5.5-F</Version> <configurationEnabled>false</configurationEnabled> <pmaHost></pmaHost> <pmaPort>26401</pmaPort> <pmaNetworkProtocol>2</pmaNetworkProtocol> <pmaRequestTimeoutSeconds>60</pmaRequestTimeoutSeconds> <useHttpProxy>false</useHttpProxy> <httpProxyHost></httpProxyHost> <httpProxyPort>0</httpProxyPort> <httpProxyAuthUsername></httpProxyAuthUsername> <httpProxyAuthPassword></httpProxyAuthPassword> </Config>
XML-RPC is a remote procedure call (RPC) protocol which uses XML to encode its calls via HTTP.
XML-RPC uses method calls to the service and passes parameters to the remote method to achieve results.
Parameter styles can be nested or use maps and lists, allowing for objects and structures both as input and output.
Most HTTP security methods can be used for authorization.
Extensible Messaging and Presence Protocol - XMPP - (originally called Jabber) is an XML-based technoology technology for real-time communication.
XML Path Language - XPath - is a query language for selecting nodes from an XML document.
For some XML like this:
<root>
<node>
<target />
</node>
</root>
the XPath to target would be
/root/node/target
Originally defined as XML Schema, is a description of a type of XML document, typically expressed in terms of constraints on the structure and content of documents of that type, above and beyond the basic syntactical constraints imposed by XML itself. An XML schema provides a view of the document type at a relatively high level of abstraction.
The Resource Owner is an OAuth entity capable of granting access to a resource. When the resource owner is a person, it is referred to as an end-user. The resource owner is always a user account. Client An application making resource requests on behalf of the user (also called the resource owner) with the user's authorization.
Resource Server is an OAuth term referring to the server hosting resources.
The Authorization Server is an OAuth term referring to the server handling authentication and authorization an providing the client with access tokens for access to resources.
An Authorization Request is an OAuth request from a client to access a resource. It consists of an HTTP POST message identifying the client and providing credentials for authorization.
The Authorization Grant is an OAuth credential representing the resource owner's authorization to access a resource. It consists of either user login credentials or a refresh token.
An Access Token is a secure string used in OAuth to provide a client with access to resources. The access token is issued to to clients that have a valid authorization grant.
The Refresh Token is an OAuth method to provide clients with a new access token without repeated authorization. Typically, the refresh token is issued to the client when it first acquires an access token, and has much longer lifespan than the access token.
A zone file is a text file that describes a DNS zone - a subset of the hierarchical domain name structure of the DNS.
The zone file contains Resource Records describing domain names, IP addresses and other resources.
Zone transfer is a type of DNS transaction that involves copying DNS database information between DNS Servers.
Second-generation wireless telephone technology (2G), is a cellular network for digital mobile data communication.
Third-generation wireless telephone technology (3G), is a cellular network for digital mobile data communication for broadband traffic.
Fourth-generation wireless telephone technology (4G), is a cellular network for digital mobile data communication for high-speed broadband.
802.11a is a wireless radio specification for the 5 GHz band with a maximum data rate of 54 Mbit/s.
802.11ac is a wireless radio specification for both the 2.4 GHz and the 5 GHz bands with support for multiple-input multiple-output antennas, providing a maximum data rate from 433 Mbit/s to 1300 Mbit/s.
802.11b is a wireless radio specification for the 2.4GHz band with a maximum data rate of 11 Mbit/s .
802.11b/g is a wireless radio specification combining 802.11b and 802.11g standards in dual band mode.
802.11g is a wireless radio specification for the 2.4 GHz band with a maximum data rate of 54 Mbit/s.
802.11n is a wireless radio specification for both the 2.4 GHz and the 5 GHz bands with support for multiple-input multiple-output antennas, providing a maximum data rate from 54 Mbit/s to 600 Mbit/s.
802.1p is a standard for priority levels, identifying the class of service a VLAN is to be used for. There are 8 different levels, numbered from 0 to 7.
| Priority | Acronym | Traffic types | Comment |
|---|---|---|---|
| 0 | BK | Background | Lowest |
| 1 | BE | Best Effort | |
| 2 | EE | Excellent Effort | |
| 3 | CA | Critical Applications | |
| 4 | VI | Video | < 100 ms latency and jitter |
| 5 | VO | Voice | < 10 ms latency and jitter |
| 6 | IC | Internetwork Control | |
| 7 | NC | Network Control | Highest |