Sources:
I’ve been re-visiting an array of topics such as programming and computer networks lately. As such, the collection this paper is in constitutes my notes on Networking. Other files should include more notes on topics aforementioned; feel free to re-visit them if you may.
Networking is the modern way of doing computing. It connects devices and lets them talk to each other and share data. It is important to know about networking, regardless of who you are. Yet when we’re discussing Networks, we're primarily referring to foundational equipment that manages crucial tasks such as data reading, sending, and device communication. Knowing how these systems work is essential for understanding the Web, or for effectively developing digital infrastructure that utilizes it. In this paper, we’ll review my notes on how the Internet (and all networks) are put together. We’ll also look at how devices are identified, how data is recognized, and how it’s managed as it moves in and out of a network. All with supplementary screenshots and links.
It’s therefore paramount to know the OSI model. The OSI (Open Systems Interconnection) model is a conceptual framework that enables the understanding of how different parts of a network interact with each other. It facilitates the communication between diverse communication systems using standard protocols. In simple terms, the OSI model provides a standard for different computer systems to be able to communicate with each other. The following figure illustrates the OSI model.
Figure 1
The OSI model can be considered as a universal standard for computer networking. Based on the concept of dividing communication into seven abstract layers, where each one performs a specific function, and communicates with the layers above and below itself. DDoS attacks target specific layers of a network connection; application layer attacks target layer 7 and protocol layer attacks target layers 3 and 4.
Although the modern Internet does not strictly adhere to the OSI Model (it more closely follows the simpler Internet protocol suite), the OSI Model remains a valuable tool for troubleshooting network issues. Whether it’s a single individual experiencing difficulties connecting their laptop to the Internet or a website experiencing downtime affecting thousands of users, the OSI Model can assist in identifying the root cause of the problem and isolating the source of the disruption. If the issue can be attributed to a specific layer of the model, it is possible to avoid unnecessary work.
Networks rely on protocols and standards to ensure that devices can
communicate with each other. Protocols define the rules for
communication, including how data is transmitted and received. Standards
are agreements on how
devices should interact with each other,
ensuring that networks are interoperable and can work together.
The most widely used protocol(or the most widely used base that other protocols are written on) for transmitting data over the internet is the TCP/IP (Transmission Control Protocol/Internet Protocol) suite. The TCP/IP suite is a set of protocols that define how data is transmitted over a network and how it’s divided into smaller packets for transmission.
A data packet is a small unit of data(like a txt file,
or a text you send) transmitted over a network. Think of it like a
digital envelope containing information that needs to be sent from one
device to another. When data is sent over a network (e.g., loading a
webpage or sending an email), the data is broken down into smaller
packets. Each packet travels independently through the network and
may take different paths to reach the destination. When the
packets arrive, they are reassembled to form the original data. Usually,
packets look like this:
A network interface provides the physical “bridge” for a device to connect to a network, either through wired (Ethernet) or wireless (Wi-Fi) connections. Each interface has it’s own settings that define how it communicates within the network, such as an IP address, a subnet mask, and a default gateway.
A Media Access Control (MAC) address is a unique identifier assigned to a network interface controller (NIC) for communication on the physical network segment. It operates at the Data Link Layer (Layer 2) of the OSI model. The MAC address is a 48-bit number, typically displayed in hexadecimal format, e.g., 00:1A:2B:3C:4D:5E.
Understanding MAC addresses is essential for network administration, particularly in managing devices, ensuring security through MAC filtering, and troubleshooting network issues.
When data is transmitted over a network, the MAC address is important for the first part of data transmission. When a device wants to communicate, it must send an ARP request(usually to a router) to find the MAC address corresponding to an IP address. The MAC address remains constant, regardless of network changes, whereas the IP address may change based on network configurations.
Switching refers to the process of directing data packets between devices on the same network or between different networks. A switch is a networking device that performs this function, connecting multiple devices within a Local Area Network (LAN) and using MAC addresses to forward data to the correct destination.
IP addresses are numerical formats that serve as unique labels for devices within a network. Initially utilizing IPv4, a 32-bit format, provided approximately limited to 2³² = ~4.3 billion addresses. However with the consumption of most IPv4 addresses, IPv6 emerged as a 128-bit format capable of generating virtually limitless addresses(2¹⁸), represented in hexadecimal notation. Remember: IPv4 utilizes decimal notation. IPv6 utilizes hexadecimal notation.
Additional nomenclature: we call the total addresses possible(i.e for IPv4 it is 2³² possible addresses—“the address space.”
IPv4 addresses are segmented into four parts, each part (octet) containing values from 0 to 255. Segments are the numeral representation — and octets are the binary 8-bit representation of that segment. These values are essential as they define what the IP designates. But we’ll talk about this later in the “subnetting” section.
It is therefore obvious, that we should consider when we read sections of an IP (193, 255, etc.), to comprehend the octet in binary form. Below is a demonstration of an figurative octet:
Figure 2
Binary representation per segment:
Positional
value of each bit:
128 64 32 16 8 4 2 1
Binary
representation of octet: 1 1 1 1
1 1 1 1
⇒ Sum: 128×1 + 64×1 …=
255
Figure 2.1
Figure 6
IPv6 addresses are written as eight groups of four hexadecimal digits, separated by colons (e.g., 2001:0db8:85a3:0000:0000:8a2e:0370:7334). Leading zeros in each group can be omitted, and consecutive groups of zeros can be replaced with a double colon (::), but this can only be used once in an address.
An IPv6 address consists of two main parts:
IPv6 addresses come in three types:
In networking, WAN (Wide Area Network) and LAN (Local Area Network) are fundamental concepts. WANs connect geographically dispersed locations, typically using public infrastructure, whereas LANs are confined to a single location, such as an office or home. For example, the Internet itself is the largest WAN, made up of smaller WANs, which ultimately make up your home network.
Even though the IPv4 address space has been consumed, we still use IPv4
extensively through a technique called Network Address Translation
(NAT). NAT is a method used by routers to translate private IP addresses
to a single public IP address (or a pool of public IP addresses) for
accessing the internet. This translation is essential because private IP
addresses cannot be routed over the public WAN.
In simple words,
NAT allows multiple devices on a local network to
share a single public IP address
for accessing the internet. Such a case is most common within house
networks. This yields a collection of private IP addresses and
conserves the limited number of available public IPv4 addresses. In such
a way, the use of IPv4 lives on despite its exhaustion.
Types of NAT:
In IPv4 addressing, IP addresses are divided into
different classes according to the size and configuration of the network
to which they belong. The part of an IP address that shows which network
a device or host is connected to is called the network ID (also known as the network address or
network portion) in IP addressing. It helps to send data packets to the
right place across networks.Furthermore, the broadcast address is a special address used to
send data packets to all devices within a specific network
segment. When a device sends a packet(data) to the broadcast address,
all devices on the same subnet receive the packet. The broadcast address
is typically the last address in the subnet range.
The subnet mask
or IP address class that is being used decides what network ID is used.
It shows which subnet or network a device is connected to. The
IP address class or subnetting scheme determines the size and placement
of the network ID within an IP address. Each class has a
unique set of bits assigned to the network ID
and host
ID, as well as a range of IP addresses. Below (Picture 1.1) is a summary
of each class.
Figure 4
Class A:
Class B:
Class C:
Class D:
Class E:
For instance, the first octet (8 bits) in a Class A IP address represents the network ID. The first two octets (16 bits) of a Class B IP address and the first three octets (24 bits) of a Class C IP address represents the network ID. The host ID, which identifies the device or host within the network, is made up of the remaining bits of the IP address.Let’s take the IP address “192.168.0.1” with the subnet mask ‘255.255.255.0’ as an example. In this case, the host ID is “1” and the network ID is “192.168.0.” The subnet mask shows how many bits are allotted to each, and this is what determines where the host ID and network ID meet.
This said, you’ll most likely never encounter class D & class E networks in your time. The concept of IP address classes (A, B, C, etc.) is largely obsolete in modern networking. Classful addressing has been replaced by Classless Inter-Domain Routing (CIDR), which allows for more flexible allocation of IP addresses. Unless you work in such fields, the average person will most likely interact with Class A and briefly with class C networks (when interacting with LAN applications).
There are address ranges designated for reserved use that are not intended for public internet routing are known as private IP addresses.Devices can communicate inside a private network without being directly accessible from the internet thanks to them.
Class A Private IP Range:
Class B Private IP Range:
Class C Private IP Range:
By using private IP addresses, businesses and individuals can establish their own private networks(subnetting) without interfering with those of other people or organizations on the internet. It contributes to the preservation of public IP address space and security. We’ll talk more about how we can create these ‘private networks’ on the ‘subnetting’ section.
Now let’s attempt to see this information in action. On Linux, executing “ip addr” in a terminal will yield the following:
Figure 5
There’s more info from the terminal output than what we’ve
covered above, but it’s outside the scope of this section.
We’ll dive deeper into it in other sections. In the meantime,
let’s take a look at what we’ve learned so far and what we
can work out from this output. Firstly, the IP address starting with
‘192.0’ suggests we're
probably looking at a Class C network. The
‘192.168’ address is common for the first two octets when
designating a local address (LAN IP). The MAC address is
‘e4:b3:18:3e:b5:75’ of this interface, and we know that only
the two later octets have been set aside for nodes.
Subnetting is the process of dividing a larger network into smaller sub networks or subnets within a larger network. Network performance is enhanced and IP addresses are used more effectively as a result. In order to establish subnetworks, subnetting involves stealing bits from the host component of an IP address.
The two parts of an IP address that make up a subnet are the network and the node. The network is the part of the address that identifies the subnet. The host, sometimes called the node, is a computer that's on its own and connected to the network. Like your computer, or your tablet, or your phone — it needs its own IP address. All computers know how to split the two parts of the IP address using a subnet mask. A subnet mask is basically just a filter that helps us identify the part of an IP address that corresponds to the network and node. It's got some similarities to an IP address, but it's not the same thing.
Figure 6
Classless Inter-Domain Routing (CIDR) is a method for allocating IP addresses and routing. It uses a suffix to indicate the number of bits in the network portion. For example, /24 indicates 24 bits for the network part and 8 bits for the host part (255.255.255.0), while /27 indicates 27 bits for the network and 5 bits for the host (255.255.255.224).