Networking Notes
History of the www
(after TCP/IP) Finally, people around the world could send data to one another, but there was still a problem. The information they sent was just text. It wasn't centralized and it was pretty bland. Then, in the 1990s, a computer scientist by the name of Tim Berners-Lee invented the World Wide Web. It utilized different protocols for displaying information in webpages and became the predominant way of communication in accessing the Internet. Anyone who had an Internet connection at that time was able to access the information source of the World Wide Web.
RJ45
A common connector or plug used on the end of the network cable.
How many root servers are there?
13
Important rules for troubleshooting:
1: Ask specific questions to isolate the problem and ask questions about what they did prior to the error 2:Start with the quickest solution first
Class D IP address
224-239 Used for multicast testing
IP address
32 bit long numbers made up of four octets, and each octet is normally described in decimal numbers. A number that uniquely identifies each computer or device connected to the Internet. Comparable to a house address
DNS
A critical web protocol, Domain Name System, or DNS. DNS acts like our Internet's directory and lets us use human readable words to map to an IP address.
Routing table
A data table stored in a router that lists the routes to particular network destinations
Firewalls
A firewall is just a device that blocks traffic that meets certain criteria. Firewalls can actually operate at lots of different layers of the network. There are firewalls that can perform inspection of application layer traffic, and firewalls that primarily deal with blocking ranges of IP addresses. The reason we cover firewalls here is that they're most commonly used at the transportation layer. Firewalls that operate at the transportation layer will generally have a configuration that enables them to block traffic to certain ports while allowing traffic to other ports. A firewall placed at the perimeter of the network could be configured to allow anyone to send traffic to port 80 in order to view the web page. At the same time, it could block all access for external IPs to any other port. So that no one outside of the local area network could access the file server. Firewalls are sometimes independent network devices, but it's really better to think of them as a program that can run anywhere. For many companies and almost all home users, the functionality of a router and a firewall is performed by the same device. And firewalls can run on individual hosts instead of being a network device.
Network Hub
Allows for connections from many computers at once. All the devices connected to a hub will end up talking to all other devices at the same time. It's up to each system connected to the hub to determine if the incoming data was meant for them, or to ignore it if it isn't. Creates noise and collisions domains, outdated and rarely used
Proxy Services
A proxy service is a server that acts on behalf of a client in order to access another service. Most often, you'll hear the term, proxy, used to refer to web proxies. As you might guess, these are proxies specifically built for web traffic. A web proxy can serve lots of purposes. Many years ago, when most Internet connections were much slower than they are today, lots of organizations used web proxies for increased performance. Using a web proxy, an organization would direct all web traffic through it, allowing the proxy server itself to actually retrieve the webpage data from the Internet. Another example of a proxy is a reverse proxy. A reverse proxy is a service that might appear to be a single server to external clients, but actually represents many servers living behind it. A good example of this is how lots of popular websites are architected today. Very popular websites, like Twitter, receive so much traffic that there's no way a single web server could possibly handle all of it. A website that popular might need many, many web servers in order to keep up with processing all incoming requests. Another way that reverse proxies are commonly used by popular websites is to deal with decryption. Proxies come in many other flavors, way too many for us to cover them all here. But the most important takeaway is that proxies are any server that act as a intermediary between a client and another server.
Frame Check Sequence (FCS)
A sequence of bits placed in a frame that is used to check the primary data for errors.
Network protocols
A set of rules for how we transfer data in a network Imagine if you sent a letter to your friend Sasha who lives in California, but your post office sends it out to another Sasha who lives out in New York. That would hopefully never happen, since the post office has rules that they follow to make sure your letter is sent to the correct address. Our networking protocols do the same thing.
three-way handshake
A three-step process in which Transport layer protocols establish a connection between nodes. The three steps are: Node A issues a SYN packet to node B, node B responds with SYN-ACK, and node A responds with ACK.
Ticketing system
A ticketing system allows IT support to be organized, focused, efficient, and effective. Ultimately, ticketing systems are a means to support and help you deal with any issues/incidents in your organization, managing the incidents from the moment they're captured through to their resolution.
Unicast address
A unicast transmission is always meant for just one receiving address. If the least significant bit in the first octet of a destination address is set to zero, it means that Ethernet frame is intended for only the destination address. This means it would be sent to all devices on the collision domain, but only actually received and processed by the intended destination.
2nd layer of the 5 layer network model
Data link layer is responsible for defining a common way of interpreting these signals, so network devices can communicate. Lots of protocols exist at the data link layer, but the most common is known as Ethernet, although wireless technologies are becoming more and more popular. Beyond specifying physical layer attributes, the Ethernet standards also define a protocol responsible for getting data to nodes on the same network or link.
ARP Table
Address Resolution Protocol. Resolves IP addresses to MAC addresses. ARP poisoning attacks can redirect traffic through an attacker's system by sending false MAC address updates. VLAN segregation helps prevent the scope of ARP poisoning attacks within a network.
Network Stack
All the components that makes up computer networking.
Broadcast Address
An Ethernet broadcast is sent to every single device on a LAN. This is accomplished by using a special destination known as a broadcast address. The Ethernet broadcast address is all Fs. Ethernet broadcasts are used so that devices can learn more about each other.
Basically, an network is
An interconnection of computers.
DNS zones
Any distinct, contiguous portion of the domain name space in the Domain Name System (DNS) for which administrative responsibility has been delegated to a single manager.
5th layer of the 5 layer network model
Application layer There are lots of different protocols at this layer, and as you might have guessed from the name, they are application-specific. Protocols used to allow you to browse the web or send receive email are some common ones. The protocols at play in the application layer will be most familiar to you, since they are ones you probably interacted with directly before even if you didn't realize it.
OSI Model
Application, Transport, Network, Data Link, Physical, SESSION, AND PRESENTATION Session layer: The concept of a session layer is that it's responsible for things like facilitating the communication between actual applications and the transport layer. It's the part of the operating system that takes the application layer data that's been unencapsulated from all the layers below it, and hands it off to the next layer in the OSI model, the presentation layer. Presentation layer: is responsible for making sure that the unencapsulated application layer data is actually able to be understood by the application in question. This is the part of an operating system that might handle encryption or compression of data.
What a router does
Basic routing has just a few steps. One, a router receives a packet of data on one of its interfaces. Two, the router examines the destination IP of this packet. Three, the router then looks up the destination network of this IP in its routing table. Four, the router forwards that out though the interface that's closest to the remote network. As determined by additional info within the routing table.
Class A IP Address
Class A addresses are those where the first octet is used for the network ID and the last three are used for the host ID.
CIDR
Classless Inter-Domain Routing CIDR is an even more flexible approach to describing blocks of IP addresses. It expands on the concept of subnetting by using subnet masks to demarcate networks. To demarcate something means to set something off. In our previous model, we relied on a network ID, subnet ID, and host ID to deliver an IP datagram to the correct location. With CIDR, the network ID and subnet ID are combined into one. CIDR basically just abandons the concept of address classes entirely, allowing an address to be defined by only two Individual IDs. Let's take 9.100.100.100 with a net mask of 255.255.255.0. Remember, this can also be written as 9.100.100.100/24. In a world where we no longer care about the address class of this IP, all we need is what the network mask tells us to determine the network ID. In this case, that would be 9.100.100, the host ID remains the same.
MAC address
Comparable to the name of the recipient on a piece of mail. Permanent unique identifier of your networking device
What does a router do
Connects lots of different devices together and helps route network traffic. You want to send a file from Computer A to Computer B. Our packets go through the router and the router utilizes network protocols, to help determine where to send the packet.
Subnet masks
IPv4 addresses are comprised of a network portion and host portion. A subnet mask is assigned to each IPv4 address to separate the two portions.
DARPA
Defense Advanced Research Projects Agency: An agency of the United States Department of Defense responsible for the development of new technology for use by the military. It went on to create the earliest version of the Internet that we see today with the ARPANET
Copper network cables
Different types: cat5, cat5e, cat6 cat5 is older and has been mostly replaced 5e has faster transfer rate and less crosstalk (Crosstalk is when an electrical pulse on one wire is accidentally detected on another wire and causes a network error.) 6 is faster and has no crosstalk but a shorter max distance at higher speeds cat6 has 4 twisted pairs (8 wires total), half talking in one direction and half the other direction (duplex communication) simplex (one direction only) half duplex (two directions, one at a time) Modulation: The sending device communicates packets in binary data across these copper wires by changing the voltage between two ranges
Port Forwarding
Forwards an external network port to an internal IP address and port.
IP address format
Four octets (range 1-255)
A DNS TTL determines what?
How long a DNS entry is allowed to be cached
Hubs
Hubs are like company memos. They don't know who to send the memo to, so they send it to everyone.
IP masquerading
IP masquerading is a technique that hides an entire IP address space, usually consisting of private IP addresses, behind a single IP address in another, usually public address space.
Multicast address
If the least significant bit in the first octet of a destination address is set to one, it means you're dealing with a multicast frame. A multicast frame is similarly set to all devices on the local network signal. What's different is that it will be accepted or discarded by each device depending on criteria aside from their own hardware MAC address.
What was the biggest breakthrough in networking that allowed networks to speak to each other
In the 1970's It was thanks to computer scientists Vinton Cerf and Bob Kahn, who created the method we call the Transmission Control Protocol and the Internet Protocol, or TCP/IP. First, only a handful of computers in universities, governments, and businesses adopt TCP/IP, then hundreds. And then, in the span of 50 years, billions of computers. TCP/IP is the protocol we use on the Internet today.
All layers in unison
Now that you know the basics of how every layer of out network model works, let's go through an exercise to look at how everything works at every step of the way. Spoiler alert, things are about to get a little geeky, in a good way. Imagine three networks, network A will contain address space 10.1.1.0/24. Network B Will contain address space 192.168.1.0/24, and network C will be 172.16.1.0/24. Router A sits between network A and network B. With an interface configured with an IP of 10.1.1.1 on network A, and an interface at 192.168.1.254 on network B. There's a second router, router B, which connects networks B and C. It has an interface on network B with an IP address of 192.168.1.1, and an interface on network C with an IP address of 172.16.1.1. Now let's put a computer on one of the networks. Imagine it's a desktop, sitting on someone's desk at the workplace. It'll be our client in this scenario, and we'll refer to it as computer 1. It's part of Network A and has been assigned an IP address of 10.1.1.100. Now, let's put another computer on one of our other networks. Play video starting at :1:48 and follow transcript1:48This one is a server in a data center, it'll act as our server in this scenario, and we'll refer to it as computer 2. It's part of network C, and has been assigned an IP address of 172.16.1.100, and has a web server listening on port 80. An end user sitting at computer 1 opens up a web browser and enters 172.16.1.100 into the address bar, let's see what happens. The web browser running on computer 1 knows it's been ordered to retrieve a web page from 172.16.1.100. The web browser communicates with the local networking stack, which is the part of the operating system responsible for handling networking functions. The web browser explains that it's going to want to establish a TCP connection to 172.16.1.100, port 80. The networking stack will now examine its own subnet. It sees that it lives on the network 10.1.1.0/24, which means that the destination 172.16.1.100 is on another network. At this point, computer 1 knows that it'll have to send any data to its gateway for routing to a remote network. And it's been configured with a gateway of 10.1.1.1. Next, computer 1 looks at its ARP table to determine what MAC address of 10.1.1.1 is, but it doesn't find any corresponding entry. Uh-oh, it's okay, computer A crafts an ARP request for an IP address of 10.1.1.1, which it sends to the hardware broadcast address of all Fs. This ARP discovery request is sent to every node on the local network. Play video starting at :3:42 and follow transcript3:42When router A receives this ARP message, it sees that it's the computer currently assigned the IP address of 10.1.1.1. So it responds to computer 1 to let it know about its own MAC address of 00:11:22:33:44:55. Computer 1 receives this response and now knows the hardware address of its gateway. This means that it's ready to start constructing the outbound packet. Play video starting at :4:12 and follow transcript4:12Computer 1 knows that it's being asked by the web browser to form an outbound TCP connection, which means it'll need an outbound TCP port. The operating system identifies the ephemeral port of 50000 as being available, and opens a socket connecting the web browser to this port. Play video starting at :4:32 and follow transcript4:32Since this is a TCP connection, the networking stack knows that before it can actually transmit any of the data the web browser wants it to, it'll need to establish a connection. The networking stack starts to build a TCP segment. It fills in all the appropriate fields in the header, including a source port of 50000 and a destination port of 80. A sequence number is chosen and is used to fill in the sequence number field. Finally, the SYN flag is set, and a checksum for the segment is calculated and written to the checksum field. Play video starting at :5:8 and follow transcript5:08Our newly constructed TCP segment is now passed along to the IP layer of the networking stack. This layer constructs an IP header. This header is filled in with the source IP, the destination IP, and a TTL of 64, which is a pretty standard value for this field. Play video starting at :5:26 and follow transcript5:26Next, the TCP segment is inserted as the data payload for the IP datagram. And a checksum is calculated for the whole thing. Now that the IP datagram has been constructed, computer 1 needs to get this to its gateway, which it now knows has a MAC address of 00:11:22:33:44:55, so an Ethernet Datagram is constructed. All the relevant fields are filled in with the appropriate data, most notably, the source and destination MAC addresses. Play video starting at :6:1 and follow transcript6:01Finally, the IP datagram is inserted as the data payload of the Ethernet frame, and another checksum is calculated. Play video starting at :6:10 and follow transcript6:10Now we have an entire Ethernet frame ready to be sent across the physical layer. Play video starting at :6:15 and follow transcript6:15The network interface connected to computer 1 sends this binary data as modulations of the voltage of an electrical current running across a CAT6 cable that's connected between it and a network switch. Play video starting at :6:27 and follow transcript6:27This switch receives the frame and inspects the destination MAC address. The switch knows which of its interfaces this MAC address is attached to, and forwards the frame across only the cable connected to this interface. Play video starting at :6:42 and follow transcript6:42At the other end of this link is router A, which receives the frame and recognizes its own hardware address as the destination. Play video starting at :6:50 and follow transcript6:50Router A knows that this frame is intended for itself. So it now takes the entirety of the frame and calculates a checksum against it. Router A compares this checksum with the one in the Ethernet frame header and sees that they match. Meaning that all of the data has made it in one piece. Next, Router A strips away the Ethernet frame, leaving it with just the IP datagram. Again, it performs a checksum calculation against the entire datagram. And again, it finds that it matches, meaning all the data is correct. It inspects the destination IP address and performs a lookup of this destination in its routing table. Router A sees that in order to get data to the 172.16.1.0/24 network, the quickest path is one hop away via Router B, which has an IP of 192.168.1.1. Router A looks at all the data in the IP datagram, decrements the TTL by 1, calculates a new checksum reflecting that new TTL value, and makes a new IP datagram with this data. Play video starting at :7:58 and follow transcript7:58Router B knows that it needs to get this datagram to router B, which has an IP address of 192.168.1.1. It looks at its ARP table, and sees that it has an entry for 192.168.1.1. Now router A can begin to construct an Ethernet frame with the MAC address of its interface on network B as the source. And the MAC address on router B's interface on network B as the destination. Once the values for all fields in this frame have been filled out, router A places the newly constructed IP datagram into the data payload field. Calculates a checksum, and places this checksum into place, and sends the frame out to network B. Play video starting at :8:44 and follow transcript8:44Just like before, this frame makes it across network B, and is received by router B. Router B performs all the same checks, removes the the Ethernet frame encapsulation, and performs a checksum against the IP datagram. Play video starting at :8:59 and follow transcript8:59It then examines the destination IP address. Looking at its routing table, router B sees that the destination address of computer 2, or 172.16.1.100, is on a locally connected network. So it decrements the TTL by 1 again, calculates a new checksum, and creates a new IP datagram. This new IP datagram is again encapsulated by a new Ethernet frame. This one with the source and destination MAC address of router B and computer 2. And the whole process is repeated one last time. The frame is sent out onto network C, a switch ensures it gets sent out of the interface that computer 2 is connected to. Computer 2 receives the frame, identifies its own MAC address as the destination, and knows that it's intended for itself. Computer 2 then strips away the Ethernet frame, leaving it with the IP datagram. It performs a CRC and recognizes that the data has been delivered intact. It then examines the destination IP address and recognizes that as its own. Play video starting at :10:4 and follow transcript10:04Next, computer 2 strips away the IP datagram, leaving it with just the TCP segment. Again, the checksum for this layer is examined, and everything checks out. Next, computer 2 examines the destination port, which is 80. The networking stack on computer 2 checks to ensure that there's an open socket on port 80, which there is. It's in the listen state, and held open by a running Apache web server. Computer 2 then sees that this packet has the SYN flag set. So it examines the sequence number and stores that, since it'll need to put that sequence number in the acknowledgement field once it crafts the response. Play video starting at :10:45 and follow transcript10:45After all of that, all we've done is get a single TCP segment containing a SYN flag from one computer to a second one. Everything would have to happen all over again for computer 2 to send a SYN-ACK response to computer 1. Then everything would have to happen all over again for computer 1 to send an ACK back to computer 2, and so on and so on.
Interior gateway protocols
Interior gateway protocols are used by routers to share information within a single autonomous system. In networking terms, an autonomous system is a collection of networks that all fall under the control of a single network operator. The best example of this would be a large corporation that needs to route data between their many offices an each of which might have their own local area network. The two main types of interior gateway protocols are link state routing protocols and distance-vector protocols. A router using a distance-vector protocol basically just takes its routing table, which is a list of every network known to it and how far away these networks are in terms of hops. Then the router sends this list to every neighboring router, which is basically every router directly connected to it. Routers using a link state protocol taking more sophisticated approach to determining the best path to a network. Link state protocols get their name because each router advertises the state of the link of each of its interfaces. These interfaces could be connected to other routers, or they could be direct connections to networks. The information about each router is propagated to every other router on the autonomous system. This means that every router on the system knows every detail about every other router in the system. Each router then uses this much larger set of information and runs complicated algorithms against it to determine what the best path to any destination network might be.
ICANN
Internet Corporation for Assigned Names and Numbers Once a domain name is registered with ICANN, no one else can take that name unless it becomes available again.
IP
Internet Protocol the predominant protocols of the Internet. The Internet Protocol or IP, is responsible for delivering our packets to the right computers. Remember those addresses that computers use to find something on a network? They're called IP addresses or Internet protocol addresses.
IPv4
Internet Protocol version 4 is an address that consists of 32 bits separated into four groups. Remember, 42 bits is four bytes and one byte can be stored up to 256 values from 0 to 255. So IPv4 addresses, can be something like 73.55.242.3. Not enough IP address for all the websites
IoT
Internet of Things Basically, more and more devices are being connected to the internet in a smarter fashion.
VLAN
It's a technique that lets you have multiple logical LANs operating on the same physical equipment. Any frame with a VLAN tag will only be delivered out of a switch interface configured to relay that specific tag. This way you can have a single physical network that operates like it's multiple LANs. VLANs are usually used to segregate different forms of traffic. So you might see a company's IP phones operating on one VLAN, while all desktops operate on another.
TCP segment dissection
Just like how an Ethernet frame encapsulates an IP datagram, an IP datagram encapsulates a TCP segment. Remember that an Ethernet frame has a payload section which is really just the entire contents of an IP datagram. Remember also that an IP datagram has a payload section and this is made up of what's known as a TCP segment. A TCP segment is made up of a TCP header and a data section. This data section, as you might guess, is just another payload area for where the application layer places its data. Source port: A source port is a high numbered port chosen from a special section of ports known as ephemeral ports. Destination port: The destination port is the port of the service the traffic is intended for TCP splits all of this data up into many segments. The sequence number in a header is used to keep track of which segment out of many this particular segment might be. The next field, the acknowledgment number, is a lot like the sequence number. The acknowledgment number is the number of the next expected segment. The data offset field comes next. This field is a four-bit number that communicates how long the TCP header for this segment is. Then, we have six bits that are reserved for the six TCP control flags. The next field is a 16-bit number known as the TCP window. A TCP window specifies the range of sequence numbers that might be sent before an acknowledgement is required. TCP is a protocol that's super reliant on acknowledgements. This is done in order to make sure that all expected data is actually being received and that the sending device doesn't waste time sending data that isn't being received. The next field is a 16-bit checksum. It operates just like the checksum fields at the IP and Ethernet level. Once all of this segment has been ingested by a recipient, the checksum is calculated across the entire segment and is compared with the checksum in the header to make sure that there was no data lost or corrupted along the way.
TCP socket states
LISTEN. Listen means that a TCP socket is ready and listening for incoming connections. You'd see this on the server side only. SYN_SENT. This means that a synchronization request has been sent, but the connection hasn't been established yet. You'd see this on the client side only. SYN_RECEIVED. This means that a socket previously in a listener state, has received a synchronization request and sent a SYN_ACK back. But it hasn't received the final ACK from the client yet. You'd see this on the server side only. ESTABLISHED. This means that the TCP connection is in working order, and both sides are free to send each other data. You'd see this state on both the client and server sides of the connection. FIN_WAIT. This means that a FIN has been sent, but the corresponding ACK from the other end hasn't been received yet. CLOSE_WAIT. This means that the connection has been closed at the TCP layer, but that the application that opened the socket hasn't released its hold on the socket yet. CLOSED. This means that the connection has been fully terminated, and that no further communication is possible.
Port LEDs
Link LED: The link LED will be lit when a cable is properly connected to two devices that are both powered on. Activity LED: will flash when data is actively transmitted across the cable. On switches, sometimes the same LED is used for both link and activity status. It might even indicate other things like link speed. You'll have to read up on a particular piece of hardware you're working with.
How does info get routed across the internet (in abstract terms?)
Mey is halfway across the world in Tokyo. So our letter will go through lots of places before it reaches her. I put her name and address on there, and I also put my name and address on there too. When I drop my letter off at the post office, the mail person looks at it. He thinks, "I don't know how to get to Tokyo from here, but there is a truck that's headed to Texas." He puts my letter in that truck. At the post office in Texas, a mail person looks at the letter and says, "I don't know how to get to Tokyo from here, but we have a truck going to San Francisco." She puts my letter in that truck. At the post office in San Francisco, yet another mail person looks at my letter. He says, "Oh, there's a plane headed to Tokyo." And puts the letter on that plane. When it finally reaches Tokyo, the postman there says, "Oh, I know where Mey lives," and delivers the letter to her.
NAT
Network Address Translation. This lets organizations use one public IP address and many private IP addresses within the network. Think of NAT like a receptionist at a company. You know what number to dial to get to the company and once you reach the receptionist, he can transfer your call to one of the private numbers inside the company. Now, instead of companies using hundreds of public IP addresses, they can just use one IP address.
NAT
Network address translation does pretty much what it sounds like, it takes one IP address and translates it into another. NAT is a technology that allows a gateway, usually a router or firewall, to rewrite the source IP of an outgoing IP datagram while retaining the original IP in order to rewrite it into the response. We now have potentially hundreds of responses all directed at the same IP and the router at this IP needs to figure out which responses go to which computer. The simplest way to do this, is through port preservation. Port preservation is a technique where the source port chosen by a client, is the same port used by the router.
3rd layer of the 5 layer network model
Network layer is also sometimes called the Internet layer. It's this layer that allows different networks to communicate with each other through devices known as routers. A collection of networks connected together through routers is an internetwork, the most famous of these being the Internet. Hopefully you've heard of it. While the data link layer is responsible for getting data across a single link, the network layer is responsible for getting data delivered across a collection of networks.
1st layer of the 5 layer network model
Physical layer It represents the physical devices that interconnect computers. This includes the specifications for the networking cables and the connectors that join devices together along with specifications describing how signals are sent over these connections.
Connection-oriented and Connectionless Protocols
So far, we've mostly focused on TCP, which is a connection-oriented protocol. A connection-oriented protocol is one that establishes a connection, and uses this to ensure that all data has been properly transmitted. While this is important traffic, it's really only useful if you absolutely, positively have to be sure your data reaches its destination. You can contrast this with connectionless protocols. The most common of these is known as UDP, or User Datagram Protocol. Unlike TCP, UDP doesn't rely on connections, and it doesn't even support the concept of an acknowledgement. With UDP, you just set a destination port and send the packet. This is useful for messages that aren't super important. A great example of UDP is streaming video.
Firmware
Software that is permanently stored in a chip. The BIOS on a motherboard is an example of firmware.
IPv6
The Internet Protocol version 6 provides a large number of new addresses to route Internet traffic, using "from" and "to" addresses written as colon-hexadecimal notation, such as "fe80::42:acff:feaa:1bf0".
How do we connect to the internet?
The Internet is composed of a massive network of satellites, cellular networks, and physical cables buried beneath the ground. We don't actually connect to the Internet directly. Instead, computers called servers connect directly to the Internet. Servers store the websites that we use, like Wikipedia, Google, Reddit, and BBC. These websites serve content. The machines that we use, like our mobile phones, laptops, video game, consoles and more, are called clients. Clients request the content, like pictures, websites, from the servers. Clients don't connect directly to the Internet. Instead, they connect to a network run by an Internet service provider or ISP, like CenturyLink, Level 3, Comcast, Telefonica, and things like that. ISPs have already built networks and run all the necessary physical cabling that connects millions of computers together in one network. They also connect to other networks and other ISPs. These other networks connect to the networks of Google, Reddit, and universities. Basically, all the other networks in the world, together, they form one giant network of computers called the Internet.
data packets
The distinct units of data that are exchanged between nodes on a network. little bits of data, and you guessed it, ones and zeros. It doesn't matter if it's pictures, email, music, or text. When we move data through the network, we break them down into packets. When a packet gets to its destination, it will rearrange itself back in order.
TCP Control Flags
The first flag is known as URG, this is short for Urgent. A value of one here indicates that the segment is considered urgent and that the urgent pointer field has more data about this. Like we mentioned in the last video, this feature of TCP has never really had wide spreaded option and isn't normally seen. The second flag is ACK, short for acknowledge. A value of one in this field means that the acknowledgment number field should be examined. The third flag is PSH, which is short for Push. This means, that the transmitting device wants the receiving device to push currently- buffered data to the application on the receiving end as soon as possible. The Fourth flag is RST, short for Reset. This means, that one of the sides in a TCP connection hasn't been able to properly recover from a series of missing or malformed segments. It's a way for one of the partners in a TCP connection to basically say, "Wait, I can't put together what you mean, let's start over from scratch." The fifth flag is SYN, which stands for Synchronize. It's used when first establishing a TCP connection and make sure the receiving end knows to examine the sequence number field. And finally, our six flag is FIN, which is short for Finish. When this flag is set to one, it means the transmitting computer doesn't have any more data to send and the connection can be closed.
Resource record types
The most common resource record is known as an A record. An A record is used to point a certain domain name at a certain IPv4 IP address. Quad A record is very similar to an A record except that it returns in IPv6 address instead of an IPv4 address. We'll cover the details of IPv6 in a future module. The CNAME record is also super common.A CNAME record is used to redirect traffic from one domain to another. MX record. MX stands for mail exchange and this resource record is used in order to deliver e-mail to the correct server. Many companies run their web and mail servers on different machines with different IPs, so the MX record makes it easy to ensure that email gets delivered to a company's mail server, while other traffic like web traffic would get delivered to their web server. SRV stands for service record, and it's used to define the location of various specific services. It serves the exact same purpose as the MX resource record type except for one thing, while MX is only for mail services, an SRV record can be defined to return the specifics of many different service types. the text record has been increasingly used to convey additional data intended for other computers to process. Since the text record has a field that's entirely free form, clever engineers have figured out ways to use it to communicate data not originally intended to be communicated by a system like DNS.
Servers
The simplest way to think of a server, is as something that provides data to something requesting that data. a server is anything that can provide data to a client, but we also use the words to refer to the primary purpose of various nodes on our network
Clients
The thing receiving the data, is referred to as a client.
Transportation Layer
The transport layer handles multiplexing and demultiplexing through ports. A port is a 16-bit number that's used to direct traffic to specific services running on a networked computer. Different network services run while listening on specific ports for incoming requests. For example, the traditional port for HTTP or unencrypted web traffic is port 80 Ports are normally denoted with a colon after the IP address. So the full IP and port in this scenario could be described as 10.1.1.100:80.
Core routers
These core routers form the backbone of the Internet, and are directly responsible for how we send and receive data all over the Internet every single day. Routers share data with each other via a protocol known as BGP, or border gateway protocol, that let's them learn about the most optimal paths to forward traffic.
Patch panel
These ports are generally connected to the network via cables, run through the walls that eventually end at a patch panel. A patch panel, is a device containing many network ports. But it does no other work. It's just a container for the endpoints of many runs of cable. Additional cables are then generally ran from a patch panel, to switches, or routers to provide network access, to the computers at the other end of those links.
Switches
Think of switches like mailrooms in a building. Routers get our letters to the building. But once we're inside, we use the mailroom to figure out where to send a letter.
URL
Uniform Resource Locator Is just a web address similar to a home address. ex. www.reddit.com www = world wide web reddit.com = domain name The last part of the URL in this case is .com. But you can also use different domain endings like reddit.net or reddit.org. The different domain name endings are standards for what type of website it might be. So a domain that ends in .edu is mainly used for educational institutions.
TCP
Transmission Control Protocol is a protocol that handles reliable delivery of information from one network to another. This protocol was an important part of the creation of the internet since it let us share information with other computers.
4th layer of the 5 layer network model
Transportation layer is known as TCP or Transmission Control Protocol. While often said together as the phrase TCP IP, to fully understand and troubleshoot networking issues, it's important to know that they're entirely different protocols serving different purposes. Other transfer protocols also use IP to get around, including a protocol known as UDP or User Datagram Protocol. The big difference between the two is that TCP provides mechanisms to ensure that data is reliably delivered while UDP does not.
What transport layer protocol does DNS normally use?
UDP
Exterior gateway protocols
Used for the exchange of information between independent autonomous systems
Fiber Optic Cables
Uses glass/light for binary Fiber is even sometimes used specifically in environments where there's a lot of electromagnetic interference from outside sources because this can impact data being sent across copper wires. Faster, longer, more expensive
VPNs
Virtual private networks or VPNs are a technology that allows for the extension of a private or local network to host that might not work on that same local network. VPNs come in many flavors and accomplish lots of different things. But the most common example of how VPNs are used is for employees to access their business's network when they're not in the office. VPNs are a tunneling protocol, which means they provision access to something not locally available.
Wireless Security
WEP stands for Wired Equivalent Privacy, and it's an encryption technology that provides a very low level of privacy. The WEP standard is a really weak encryption algorithm. It doesn't take very long for a bad actor to be able to break through this encryption and read your data. WEP was quickly replaced in most places with WPA or Wi-Fi Protected Access. WPA, by default, uses a 128-bit key, making it a whole lot more difficult to crack than WEP. Today, the most commonly used encryption algorithm for wireless networks is WPA2, an update to the original WPA. WPA2 uses a 256-bit key make it even harder to crack.
Router
While a hub is a layer 1 device and a switch is a layer 2 device, a router operates at layer 3, a network layer. Just like a switch can inspect Ethernet data to determine where to send things, a router can inspect IP data to determine where to send things. Routers store internal tables containing information about how to route traffic between lots of different networks all over the world. The purpose of these routers is mainly just to take traffic originating from inside the home or office LAN and to forward it along to the ISP, or Internet service provider.
WLAN
Wireless Local Area Network A local area network that links electronic devices via electromagnetic airwaves, rather than by wire or cable, usually providing connection to an Internet service provider through an access point (router).
5 layer network model analogy
You can think of layers like different aspects of a package being delivered. The physical layer is the delivery truck and the roads. The data link layer is how the delivery trucks get from one intersection to the next over and over. The network layer identifies which roads need to be taken to get from address A to address B. The transport layer ensures that delivery driver knows how to knock on your door to tell you your package has arrived. And the application layer is the contents of the package itself.
Application Software
any software created to fulfill a specific need, like a text editor, web browser, or graphics editor.
IP datagram format
a packet is usually referred to as an IP datagram
Dynamic Host Configuration Protocol (DHCP)
allows dynamic IP address allocation so users do not have to have a preconfigured IP address to use the network DHCP is an application layer protocol, Automatic allocation is very similar to dynamic allocation, in that a range of IP addresses is set aside for assignment purposes. The main difference here is that, the DHCP server is asked to keep track of which IPs it's assigned to certain devices in the past. Using this information, the DHCP server will assign the same IP to the same machine each time if possible. Finally, there's what's known as fixed allocation. Fixed allocation requires a manually specified list of MAC address and their corresponding IPs. When a computer requests an IP, the DHCP server looks for its MAC address in a table and assigns the IP that corresponds to that MAC address. If the MAC address isn't found, the DHCP server might fall back to automatic or dynamic allocation, or it might refuse to assign an IP altogether The DHCP discovery process has four steps. First, we have the server discovery step. The DHCP clients sends what's known as a DHCP discover message out onto the network. Next, the DHCP server would examine its own configuration and would make a decision on what, if any, IP address to offer to the client. The client machine would now process this DHCPOFFER to see what IP is being offered to it. Technically, a DHCP client could reject this offer. It's totally possible for multiple DHCP servers to be running on the same network, and for a DHCP client to be configured to only respond to an offer of an IP within a certain range. Finally, the DHCP server receives the DHCPREQUEST message and responds with a DHCPACK or DHCP acknowledgement message. This message is again sent to a broadcast IP of 255.255.255.255, and with a source IP corresponding to the actual IP of the DHCP server.
Wireless Channels
configurable channels in the 2.4GHz range to allow the same SSID to be used when more users need to be given access
DNS
domain name system, comes into play. DNS is a global and highly distributed network service that resolves strings of letters into IP address for you. Let's say you wanted to check a weather website to see what the temperature is going to be like. It's much easier to type www.weather.com into a web browser than it is to remember that one of the IP adresses for this site is 184.29.131.121.
MAC addres
is a globally unique identifier attached to an individual network interface. It's a 48-bit number normally represented by six groupings of two hexadecimal numbers. The first three octets of a MAC address are known as the organizationally unique identifier or OUI These are assigned to individual hardware manufacturers by the IEEE or the Institute of Electrical and Electronics Engineers. This is a useful bit of information to keeping your back pocket because it means that you can always identify the manufacturer of a network interface purely by its MAC address.
Ethernet frame
is a highly structured collection of information presented in a specific order. This way network interfaces at the physical layer can convert a string of bits, travelling across a link into meaningful data or vice versa. The first seven bytes are a series of alternating ones and zeros. These act partially as a buffer between frames and can also be used by the network interfaces to synchronize internal clocks they use, to regulate the speed at which they send data. This last byte in the preamble is known as the SFD or start frame delimiter. This signals to a receiving device that the preamble is over and that the actual frame contents will now follow. Immediately following the start frame delimiter, comes the destination MAC address. This is the hardware address of the intended recipient. Which is then followed by the source MAC address, or where the frame originated from. Don't forget that each MAC address is 48 bits or 6 bytes long. The next part of an Ethernet frame is called the Ether Type field. It's 16 bits long and used to describe the protocol of the contents of the frame.
What is the internet
is the physical connection of computers and wires around the world
LAN
nodes can communicate with each other through their physical MAC addresses. But MAC addressing isn't a scheme that scales well, every single network interface on the planet has a unique MAC address and they aren't ordered in any systematic way. There is no way of knowing where on the planet a certain MAC address might beat any one point in time, so it's not ideal for communicating across distances.
System software
software responsible for the general operation of a computer system, including the operation of hardware, running application software, and file management
Class C IP Address
those where the first three octets are used for the network ID, and only the final octet is used for the host ID.
Network Switch
very similar to a hub since you can connect many devices to it so they can communicate. The difference is that while a hub is a layer one or physical layer device, a switch is a layer two or data link device. This means that a switch can actually inspect the contents of the ethernet protocol data being sent around the network. Determine which system the data is intended for and then only send that data to that one system. This reduces or even completely eliminates the size of collision domains on the network. If you guess that this will lead to fewer re-transmissions and higher overall throughput, you're right.
Class B IP Address
where the first two octets are used for the network ID, and the second two are used for the host ID.
Domain name anatomy
www . google . com Top Level Domain. In this case it's the .com portion of the domain name. There are only a certain restricted number of defined TLDs available, although that number has been growing a lot in recent years. The most common TLDs are ones you're probably already familiar with .com, .net, .edu and so on. A domain is the name commonly used to refer to the second part of a domain name, which would be, google in our example. Domains are used to demarcate where control moves from a TLD name server, to an authoritative name server. This is typically under the control of an independent organization, or someone outside of ICANN. That www portion of this is known as the subdomain, sometimes referred to as a host name if it's been assigned to only one host.
Compilers vs Interpreters
• A compiler translates all the code in one go whereas an interpreter translates one line at a time. • A compiler creates an executable whereas an interpreter executes one line at a time. • A compiler reports all errors at the end whereas an interpreter stops when it finds an error.
