D channel
Data channel. Full-duplex, 16-kbps (BRI), or 64-kbps (PRI) ISDN channel. Compare with B channel.
datagram
Logical grouping of information sent as a network layer unit over a transmission medium without prior establishment of a virtual circuit. IP datagrams are the primary information units in the Internet. The terms cell, frame, message, packet, and segment
also are used to describe logical information groupings at various layers of the OSI reference model and in various technology circles.
decrypt
Cryptographically restore ciphertext to the plaintext form it had before encryption.
Decryption
Reverse application of an encryption algorithm to encrypted data, thereby restoring that data to its original, unencrypted state. See also encryption.
default route
Routing table entry that is used to direct frames for which a next hop is not explicitly listed in the routing table.
demilitarised zone DMZ
a separated area of a local or site network whose access is controlled by a specific policy using firewalls. A DMZ is not part of the internal network and is considered less secure.
Denial of Service
DoS
an attack against a system to deter its availability.
DES
Data Encryption Standard. Standard cryptographic algorithm developed by the U.S. National Bureau of Standards. Uses a 56-bit key size for encryption.
3DES
Also called ‘triple DES’. It uses the DES encryption 3 consecutive times, thus resulting in a bigger encryption key of 168 bits.
Dynamic Host Control Protocol
DHCP
an Internet protocol that dynamically provides IP addresses at start up (RFC 2131).
designated router
OSPF router that generates LSAs for a multiaccess network and has other special responsibilities in running OSPF. Each multiaccess OSPF network that has at least two attached routers has a designated router that is elected by the OSPF Hello
protocol. The designated router enables a reduction in the number of adjacencies required on a multiaccess network, which in turn reduces the amount of routing protocol traffic and the size of the topological database.
D-H
Diffie-Hellman. The Diffie-Hellman algorithm, introduced by Whitfield Diffie and Martin Hellman in 1976, was the first system to utilize “public-key” or “asymmetric” cryptographic keys. Today Diffie-Hellman is part of the IPSec standard. A protocol known as OAKLEY uses Diffie-Hellman, as described in RFC 2412. OAKLEY is used by the Internet Key Exchange (IKE) protocol (see RFC 2401), which is part of the overall framework called Internet Security Association and Key Management Protocol (ISAKMP; see RFC 2408).
DHCP
Dynamic Host Configuration Protocol. Provides a mechanism for allocating IP addresses dynamically so that addresses can be reused when hosts no longer need them.
Diffie-Hellman key exchange
A public key cryptography protocol that allows two parties to establish a shared secret over insecure communications channels. Diffie-Hellman is used within Internet Key Exchange (IKE) to establish session keys. Diffie-Hellman is a component of Oakley key exchange. Cisco IOS software supports 768-bit and 1024-bit Diffie-Hellman groups.
digital certificate
Certificate document in the form of a digital data object (a data object used by a computer) to which is appended a computed digital signature value that depends on the data object.
distance vector routing algorithm
Class of routing algorithms that iterate on the number of hops in a route to find a shortest-path spanning tree. Distance vector routing algorithms call for each router to send its entire routing table in each update, but only to its neighbors. Distance vector
routing algorithms can be prone to routing loops, but are computationally simpler than link state routing algorithms. Also called Bellman-Ford routing algorithm. See also link-state routing algorithmand SPF.
DLCI
data-link connection identifier. Value that specifies a PVC or an SVC in a Frame Relay network. In the basic Frame Relay specification, DLCIs are locally significant (connected devices might use different values to specify the same connection). In the
LMI extended specification, DLCIs are globally significant (DLCIs specify individual end devices).
DNS
Domain Name System. System used on the Internet for translating names of network nodes into addresses.
DNS zone
domain name server zone. Point of delegation in the DNS tree. It contains all names from a certain point downward except those for which other zones are authoritative. Authoritative name servers can be asked by other DNSs for name-to-address translation. Many name servers can exist within an organization, but only those known by the root name servers can be queried by the clients across the Internet. The other name servers answer only internal queries.
DSL
digital subscriber line. Public network technology that delivers high bandwidth over conventional copper wiring at limited distances. There are four types of DSL: ADSL, HDSL, SDSL, and VDSL. All are provisioned via modem pairs, with one modem located at a central office and the other at the customer site. Because most DSL technologies do not use the whole bandwidth of the twisted pair, there is room remaining for a voice channel. See also ADSL, HDSL, and VDSL.
DSLAM
digital subscriber line access multiplexer. A device that connects many digital subscriber lines to a network by multiplexing the DSL traffic onto one or more network trunk lines.
Leave a Reply