Networking Fundamentals
Basic Networking Concepts
Last updated
Basic Networking Concepts
Last updated
A network enables two computers to communicate with each other.
Example of a basic network structure:
There are different types of networks, each with its own structure.
A Wide Area Network (WAN) is commonly referred to as the internet. However, it is not limited to the internet—a WAN is simply a large number of Local Area Networks (LANs) joined together. Sometimes, companies have their own WANs.
To identify whether a network is a WAN, we check the routing protocol and the IP schema to ensure it is not using private IP schemas.
A Local Area Network (LAN), as the name suggests, is a local network (e.g., a home network or a company network). A LAN uses local IP addresses that are not designed for internet communication.
VPNs are used to make it appear as if the user is accessing the network from a different location. For example, if a company device is accessible only from the company's network, a VPN can be set up so that users can access the device from anywhere. There are three types of VPNs:
Site-to-Site VPN: Both the client and server are network devices, and they share entire network ranges.
Remote Access VPN: The client's computer creates a virtual interface that behaves as if it is on the client's network.
SSL VPN: This is essentially a VPN that runs within a web browser using SSL/TLS.
A network topology is the typical arrangement or the physical/logical connection of devices in a network. There are around eight types of topologies. Examples include:
Point-to-Point
Bus
Star
Ring
A proxy is a device or service that sits in the middle of a connection and acts as a mediator. This means the device in the middle must be able to inspect the traffic's contents. There are several types of proxies, with the main ones being:
Dedicated Proxy/Forward Proxy: Handles outgoing requests from a client (e.g., filtering web traffic).
Reverse Proxy: Manages incoming requests (e.g., protecting a web server).
Each of these proxies can operate either transparently or non-transparently. With a transparent proxy, the client does not know about its existence. In a non-transparent proxy, the client must be informed of its presence.
The OSI model (Open Systems Interconnection model) is a reference model used to describe and define communication between systems. During transmission, each layer adds a header to the Protocol Data Unit (PDU) from the upper layer, a process called encapsulation.
The TCP/IP model is another layered reference model, often called the Internet Protocol Suite. TCP/IP stands for Transmission Control Protocol (TCP) and Internet Protocol (IP). Its most important tasks are:
Logical Addressing (IP)
Routing (IP)
Error & Control Flow (TCP)
Application Support (TCP)
Each host in a network can be identified by its Media Access Control (MAC) address, which allows data exchange within that network. However, if the remote host is on a different network, knowing the MAC address alone is not enough. This is where IP addressing comes in. Addressing on the internet is done using IPv4 and/or IPv6 addresses, which consist of a network address and a host address.
IPv4 uses a 32-bit binary number divided into 4 bytes (8-bit groups called octets) ranging from 0 to 255 (e.g., 127.0.0.1).
The first IP address is usually assigned to the router that connects networks (this is not a strict requirement but has become a de facto standard).
The subnet mask is used to indicate which bits of the IP address represent the network part and which represent the host part.
The last IP address in a network is the broadcast address, used to send a message to all devices on the network without requiring a response.
Classless Inter-Domain Routing (CIDR) is a method that replaces the fixed assignment of IPv4 addresses to network classes (A, B, C, D, E). The division is based on the subnet mask. For example:
IPv4 Address: 192.168.10.39
Subnet Mask: 255.255.255.0
CIDR Notation: 192.168.10.39/24
Calculating subnets is done using binary math, but you can use various calculators to automate this process.
A
1.0.0.0
1.0.0.1
127.255.255.255
255.0.0.0
/8
B
128.0.0.0
128.0.0.1
191.255.255.255
255.255.0.0
/16
C
192.0.0.0
192.0.0.1
223.255.255.255
255.255.255.0
/24
D
224.0.0.0
224.0.0.1
239.255.255.255
Multicast
Multicast
E
240.0.0.0
240.0.0.1
255.255.255.255
Reserved
Reserved
IPv6 is the successor to IPv4. In contrast to IPv4, an IPv6 address is 128 bits long and includes many new features:
Larger address space
Address self-configuration (SLAAC)
Multiple IPv6 addresses per interface
Faster routing
End-to-end encryption (IPsec)
Data packages up to 4 GBytes
There are 3 types of IPv6:
Unicast: Addresses for a single interface.
Anycast: Addresses for multiple interfaces, where only one receives the packet.
Multicast: Addresses for multiple interfaces, where all receive the same packet.
Because of its length, an IPv6 address is written in hexadecimal. The 128 bits are divided into 8 blocks of 16 bits (or 4 hexadecimal digits), separated by colons (:). To simplify the notation, leading zeros in each block can be omitted, and one or more consecutive blocks of zeros can be replaced with a double colon (::). For example:
Full IPv6: fe80:0000:0000:0000:dd80:b1a9:6687:2d3b/64
Short IPv6: fe80::dd80:b1a9:6687:2d3b/64
Rules for IPv6 notation:
Alphabetical characters are always in lowercase.
Leading zeros in a block are omitted.
One or more consecutive blocks of zeros can be shortened to two colons (::).
The shortening (::) may only be used once in an address.
Each host in a network has a unique 48-bit (6 octets) Media Access Control (MAC) address, represented in hexadecimal. This is the physical address for network interfaces. There are several standards for MAC addresses, including:
Ethernet (IEEE 802.3)
Bluetooth (IEEE 802.15)
WLAN (IEEE 802.11)
The MAC address identifies the physical connection (network card, Bluetooth, or WLAN adapter) of a host. Each network card is assigned an individual MAC address by the manufacturer, although it can sometimes be changed temporarily.
The first 3 bytes (24 bits) are the Organization Unique Identifier (OUI), defined by the IEEE for each manufacturer.
The last 3 bytes are the Individual Address Part (or NIC), assigned by the manufacturer to ensure the address is unique.
MAC addresses can be changed or spoofed, so they should not be the sole means of security or identification.
Address Resolution Protocol (ARP) is a network protocol used to map a network layer (Layer 3) IP address to a link layer (Layer 2) MAC address. ARP is crucial because it allows devices on a LAN to communicate using MAC addresses. When a device wants to communicate with another device on the same network, it sends an ARP request to resolve the target's IP address to its MAC address. The target then responds with an ARP reply containing its MAC address.
Internet protocols are standardized rules and guidelines (defined in RFCs) that specify how devices communicate on a network. There are many protocols for different services (e.g., FTP, HTTP, etc.), and you'll become more familiar with them over time. Two main types of connections, TCP and UDP
TCP is a connection-oriented protocol that establishes a virtual connection between two devices using a three-way handshake before transmitting data. It is reliable but slower than UDP because of the extra overhead involved in establishing and maintaining the connection.
UDP is a connectionless protocol, meaning it does not establish a virtual connection before sending data. It simply sends the data packets to the destination without confirming receipt. This makes UDP faster than TCP, but it is less reliable because there is no guarantee that packets will reach their destination.
