Networking

Key Networking Concepts

Understanding the roles of various protocols and port ranges is essential for effective networking. Below is an overview of critical concepts:

TCP and UDP Protocols

Encapsulation: Both TCP and UDP are encapsulated within the IP protocol, enabling communication over networks.
OSI Layer: Operate at OSI Layer 4 (Transport Layer), managing data delivery between applications.

TCP (Transmission Control Protocol)

Connection-oriented: Ensures reliable data transfer through acknowledgment and retransmission.
Flow Control: Manages data flow to prevent overwhelming the receiver.
Use Cases: Web browsing (HTTP/HTTPS), email (SMTP, IMAP), file transfers (FTP).

UDP (User Datagram Protocol)

Connectionless: Sends data without establishing a connection, trading reliability for speed.
No Flow Control: Suitable for time-sensitive transmissions.
Use Cases: Streaming (audio/video), DNS queries, VoIP.

Port Ranges

Non-Ephemeral Ports (0–1023):
- Also known as well-known ports, used for standardized services.
- Examples:
  - HTTP (80)
  - HTTPS (443)
  - FTP (21)
Ephemeral Ports (1024–65535):
- Temporary ports assigned dynamically for client-side communication.

ICMP (Internet Control Message Protocol)

Purpose: Used for network diagnostic and administrative tasks rather than data transfer.
Functions:
- Ping requests to check host availability.
- Traceroute for path analysis.

The OSI (Open Systems Interconnection Reference) Model is used as a reference for understanding how network communication occurs. Each layer has specific responsibilities and includes certain technologies or protocols.

Layer 1 - Physical Layer

Description: Handles the physical connection between devices, including transmission of raw binary data over physical mediums.
Typical Components:
- Cables (Ethernet, fiber optics, coaxial)
- Connectors (RJ45, RJ11)
- Physical network devices (hubs, repeaters)
- Transmission standards (voltage levels, timing)

Layer 2 - Data Link Layer

Description: Provides reliable data transfer by addressing and error detection between directly connected nodes.
Typical Components:
- MAC (Media Access Control) addresses
- Switches
- Ethernet (IEEE 802.3), Wi-Fi (IEEE 802.11)
- Frame structure and error-checking mechanisms (e.g., CRC)

Layer 3 - Network Layer

Description: Handles logical addressing and routing of data packets across networks.
Typical Components:
- IP addresses (IPv4, IPv6)
- Routers
- Protocols (e.g., IP, ICMP, ARP)
- Packets and packet forwarding

Layer 4 - Transport Layer

Description: Ensures end-to-end communication, error recovery, and flow control between devices.
Typical Components:
- TCP (Transmission Control Protocol) segments
- UDP (User Datagram Protocol) datagrams
- Port numbers
- Flow control, error detection, and retransmission mechanisms

Layer 5 - Session Layer

Description: Manages and maintains communication sessions between applications.
Typical Components:
- Session establishment, management, and termination
- Protocols (e.g., NetBIOS, RPC, PPTP)
- Checkpoints for data recovery in case of interruptions

Layer 6 - Presentation Layer

Description: Translates, formats, and secures data for the application layer.
Typical Components:
- Data encoding (e.g., ASCII, EBCDIC)
- Data compression (e.g., JPEG, GIF)
- Application encryption and decryption (e.g., SSL/TLS, HTTPS)

Layer 7 - Application Layer

Description: Provides an interface for end-user applications to communicate over a network.
Typical Components:
- Web browsers and servers
- Protocols (e.g., HTTP, FTP, SMTP, DNS)
- APIs for network services (e.g., REST, SOAP)
- User-facing applications (e.g., email clients, chat applications)

Routing & Switching

This guide covers essential concepts in routing and switching, including MAC addresses, duplex modes, casting types, and routing protocols.

MAC (Media Access Control)

Description: The hardware address of a network adapter.
Characteristics:
- Unique and 6 bytes long.
- Used for communication within a local network.

Duplex Modes

Half-Duplex:
- Devices can either send or receive data but not both simultaneously.
- Example: Legacy Ethernet hubs.
Full-Duplex:
- Devices can send and receive data simultaneously.
- Example: Modern Ethernet switches.

Collisions and CSMA

Collision: Occurs when two devices try to communicate simultaneously.
CSMA/CD (Carrier Sense Multiple Access/Collision Detect):
- Used in half-duplex Ethernet to manage collisions.
CSMA/CA (Collision Avoidance):
- Prevents collisions; often used in wireless networks where collision detection is impractical.

Switches

Functions:
- Forwards or drops frames based on MAC address.
- Maintains a MAC address table.
- Ensures a loop-free environment using STP (Spanning Tree Protocol).
Features:
- Broadcast Frames: Sent to all devices (e.g., ARP requests). Stops at routers.
- ARP (Address Resolution Protocol): Maps IP addresses to MAC addresses.

Casting Types

Unicast:
- Communication between one sender and one receiver.
- Example: Web surfing, file transfers.
Broadcast:
- Sends information to all devices in the broadcast domain.
- Limited to IPv4; not used in IPv6.
Multicast:
- Sends information to a specific group of devices.
- Example: Multimedia delivery.

Protocol Data Unit (PDU)

Definition: A unit of data for transmission.
Examples by OSI Layer:
- Ethernet: Frame
- IP: Packet
- TCP: Segment
- UDP: Datagram

Maximum Transmission Unit (MTU)

Definition: The largest IP packet size that can be sent without fragmentation.
Impact: Fragmentation slows data transfer.

STP and RSTP

STP (Spanning Tree Protocol): Prevents loops in a network.
- Port States:
  - Blocking: Prevents loops.
  - Listening: Cleans the MAC table.
  - Learning: Adds MAC addresses to the table.
  - Forwarding: Operational state for data transmission.
  - Disabled: Port is turned off by admin.
RSTP (Rapid Spanning Tree Protocol, 802.1w):
- Faster convergence than STP.
- Backwards-compatible.

Additional Networking Features

Trunking: Connects multiple VLANs over a single link.
DMZ (Demilitarized Zone): Adds an extra layer of security for sensitive services.
Port Mirroring: Copies traffic for analysis (e.g., SPAN port).

Routers

Function: Directs IP packets based on destination IP addresses.
Routing Types:
- Static Routing:
  - Manually configured by admins.
  - Secure but lacks automatic rerouting.
- Dynamic Routing:
  - Routers exchange routing information.
  - Scalable and automatic but requires more resources.
- Default Route:
  - Used when no specific route is available.

Routing Protocols

Interior Gateway Protocol (IGP):
- Used within a single AS (Autonomous System).
- Examples: OSPF, RIPv2 (IPv4), OSPFv3, RIPng (IPv6).
Exterior Gateway Protocol (EGP):
- Routes between multiple AS.
- Example: BGP (Border Gateway Protocol).
Dynamic Protocol Types:
- Distance-Vector: Uses hop count (e.g., RIPv2, EIGRP).
- Link-State: Considers connectivity and speed (e.g., OSPF).
- Hybrid: Combines features of both (e.g., BGP).

IP Addressing

IPv4:
- Length: 4 bytes (32 bits).
- Format: Four octets separated by dots.
IPv6:
- Length: 16 bytes (128 bits).
- Format: Eight groups of hexadecimal values.
Other Features:
- Dual-stack: Supports both IPv4 and IPv6 simultaneously.
- Tunneling: Allows IPv6 traffic over IPv4 networks.

Quality of Service (QoS)

Purpose: Manages and prioritizes network traffic.
Methods:
- CoS (Class of Service).
- DiffServ (Differentiated Services).

Advanced Concepts

Port Forwarding: Maps external IP/port to internal IP/port; also called static NAT.
Access Control Lists (ACLs):
- Filters traffic based on rules.
- Often used in firewalls with an implicit deny rule.
Circuit Switching: Establishes a dedicated connection (e.g., PSTN, ISDN).
Packet Switching: Data is divided into packets and sent over shared media (e.g., SONET, ATM, DSL).
Software Defined Networking (SDN):
- Separates control and data planes.
- Centralized and programmable management.