~ C @ m p u t e r N e t w o r k i n g

A repository for mastering the core principles of computer networking.
From data transmission and protocols to routing, security, and subnetting this project provides a clear, structured, and practical guide for anyone exploring the world of networks.

~ Table of Content : :

Introduction
What Are RFCs?
Types of Computer Networks
Network Devices
Network Communication Types
Core Networking Concepts
Network Hardware & Transmission Media
Ports and Sockets
Networking Models & Protocols
IP Addressing and Subnetting
Routing & Switching Concepts
- Routers
- Routing Tables
- Switches
- VLAN
Network Services
Network Security
Network Data Units
- Frames
- Packets
- Segments
- Ports
Troubleshooting & Monitoring

1. Introduction ::

Definition of Computer Network ::

A computer network is a collection of interconnected devices such as computers, servers, and other hardware that communicate with each other to share resources, exchange information, and enable collaboration. Networks can be small, like a home network connecting a few devices, or large, spanning cities or even countries.

By allowing devices to communicate, networks make it possible to share files, access the internet, run applications remotely, and coordinate complex systems efficiently.

Why Networks are Important ::

Computer networks are the backbone of modern digital life. They allow businesses, schools, governments, and individuals to:

Share Resources: Printers, storage devices, and internet connections can be shared among multiple users.
Communicate Quickly: Email, messaging apps, and video calls rely on networks to transmit information instantly.
Access Remote Services: Cloud computing, web applications, and online databases require a reliable network connection.
Enable Collaboration: Teams can work together in real time, regardless of geographic location.
Support Scalability: Networks allow organizations to grow by adding new devices and services without disrupting existing systems.

In short, networks make modern computing fast, flexible, and efficient.

Basic Networking Terms ::

To get started with networking, here are some foundational terms:

Node / Host: Any device connected to a network (computer, server, printer, etc.).
Link / Connection: The physical or wireless medium that connects devices.
Protocol: A set of rules that devices follow to communicate correctly. Examples include TCP/IP, UDP, and HTTP.
Bandwidth: The maximum amount of data that can be transmitted over a network in a given time.
Latency: The delay between sending and receiving data.
Packet: A small unit of data sent across a network.
MAC Address: A unique identifier assigned to each network device.
IP Address: A numerical label that identifies a device on a network.

These concepts form the building blocks of networking. As you progress through this guide, you will see how they work together to create powerful, reliable networks.

2. What Are RFCs? ::

As you dive deeper into networking, you’ll start bumping into strange references like RFC 791, RFC 1918, or RFC 2616.
At first glance, these look like secret codes but they’re actually the manuals of the Internet. Every major networking concept, protocol, or standard you learn about is described in one or more of these documents called RFCs, short for Request for Comments.

Definition of RFC ::

RFC (Request for Comments) is a type of publication from the Internet Engineering Task Force (IETF) and related organizations that defines standards, protocols, procedures, and best practices for how the Internet works.

The name “Request for Comments” comes from the early days of the ARPANET (the Internet’s ancestor), when engineers would circulate ideas as open documents for feedback. Even though many RFCs are now official standards, the name stuck a reminder that the Internet is built on collaboration and open discussion.

Purpose of RFCs in Networking ::

RFCs are how people agree on how computers talk to each other.
Without them, every company would invent its own way to send data, and nothing would connect.

Here’s what RFCs actually do:

They define the behavior of Internet protocols like IP, TCP, HTTP, and DNS.
They serve as the reference point for developers, engineers, and researchers building network software or hardware.
They make sure different systems and vendors can interoperate meaning your laptop can talk to a server on the other side of the planet without a hitch.

In short, RFCs are the blueprints that keep the global Internet consistent and functional.

Examples of Important RFCs ::

You don’t need to memorize them all (there are thousands), but here are a few classics you’ll see mentioned often:

RFC Number	Title	Description
RFC 791	Internet Protocol (IP)	Defines how packets are sent across networks the backbone of the Internet.
RFC 793	Transmission Control Protocol (TCP)	Explains how reliable data delivery works over IP.
RFC 1918	Address Allocation for Private Internets	Defines the famous private IP ranges (like 192.168.x.x).
RFC 2616	Hypertext Transfer Protocol (HTTP/1.1)	The standard that makes web pages work.
RFC 1034/1035	Domain Names - Concepts and Implementation	The foundation of DNS how names (like `google.com`) map to IP addresses.

You can find every RFC freely available at the RFC Editor website.

How to Read an RFC ::

RFCs might look intimidating at first long pages of text with technical language but here’s how to get value from them quickly:

Start with the abstract and introduction.
These sections summarize what the RFC covers and why it exists.
Look for the “Terminology” section.
It defines key terms that might appear later.
Skim the “Requirements” or “Specification” parts.
That’s where the rules of how a protocol works are described.
Use search.
Even experts rarely read RFCs front-to-back they look up what they need.

With time, you’ll start recognizing famous RFC numbers the way programmers recognize version numbers or code libraries. Reading them is like peeking behind the curtain to see how the Internet itself is engineered.

In short: RFCs are the Internet’s rulebooks open, public, and written by the very people who keep the digital world running. Learning to read them, even casually, gives you a deeper understanding of how every packet, protocol, and connection truly works.

3. Types of Computer Networks ::

Computer networks come in different types because organizations, individuals, and devices have varying needs for coverage, speed, cost, and connectivity. Networks are grouped based on geographic area, purpose, and technology:

Small-scale networks: Serve a single user or a small area (e.g., PAN, LAN).
Medium-scale networks: Connect multiple buildings or a city (e.g., CAN, MAN).
Large-scale networks: Span countries or the globe (e.g., WAN, GAN, VPN).

Each network type is designed to solve specific challenges such as local connectivity, long-distance communication, secure remote access, or high-speed data sharing. Choosing the right type ensures efficient communication, security, and resource sharing.

Common Network Types ::

Network Type	Short Description	Solution Provided	Expanded Explanation
LAN (Local Area Network)	Connects devices in a small area like a home, office, or school.	High-speed connectivity for local users, resource sharing, and collaboration.	LAN - GeeksforGeeks
WAN (Wide Area Network)	Connects multiple LANs over large geographic areas.	Enables organizations to communicate across cities, countries, or continents.	WAN - GeeksforGeeks
MAN (Metropolitan Area Network)	Spans a city or campus.	Connects multiple buildings for efficient city-wide communication.	MAN - GeeksforGeeks
PAN (Personal Area Network)	Connects devices within a personal workspace, like Bluetooth.	Allows personal devices to communicate over short distances.	PAN - GeeksforGeeks
WLAN (Wireless LAN)	Wireless version of a LAN.	Provides mobility and flexibility for local users without physical cables.	WLAN - GeeksforGeeks
CAN (Campus Area Network)	Connects networks across a campus (e.g., university or business complex).	Centralized communication and resource sharing for multiple buildings.	CAN - GeeksforGeeks
SAN (Storage Area Network)	Network dedicated to connecting storage devices.	High-speed access and management of shared storage resources.	SAN - GeeksforGeeks
VPN (Virtual Private Network)	Securely connects remote users to a private network over the internet.	Encrypted communication for remote access to private networks.	VPN - GeeksforGeeks
GAN (Global Area Network)	Connects networks around the world.	Enables worldwide data sharing and global communication.	GAN - GeeksforGeeks

4. Network Devices ::

Network devices are the building blocks of any computer network. They manage, direct, and control the flow of data between devices, ensuring communication is fast, secure, and efficient. Without these devices, networks would not function properly data could get lost, collisions could occur, or communication might not even be possible.

Each network device serves a specific role. Some simply extend the reach of the network, like repeaters, while others direct traffic intelligently, like routers. Firewalls protect networks from unauthorized access, switches make communication more efficient by sending data only to the intended device, and virtual devices allow modern cloud and virtualized environments to operate smoothly.

Understanding these devices is fundamental for anyone learning networking because they form the infrastructure that enables connectivity, communication, and security.

Common Network Devices ::

Network Device	Description	Role	How It Works	Expanded Explanation
Repeater	A device that regenerates and amplifies signals to extend the range of a network. It ensures that weak or degraded signals do not get lost over long distances.	Extends the physical reach of a network.	Receives incoming signals, amplifies them, and retransmits at full strength.	Repeater - GeeksforGeeks
Hub	A basic device that connects multiple devices in a LAN. Hubs broadcast incoming data to all ports, making them simple but less efficient.	Central connection point for devices.	Receives data on one port and broadcasts it to all other ports.	Hub - GeeksforGeeks
Switch	Connects devices in a network and forwards data only to the intended recipient using MAC addresses.	Improves network efficiency and reduces unnecessary traffic.	Examines the destination address of data packets and sends them to the correct port.	Switch - GeeksforGeeks
Bridge	Connects and filters traffic between two network segments, reducing collisions and improving performance.	Segments networks to enhance performance.	Examines incoming frames and forwards them only to the segment where the destination device resides.	Bridge - GeeksforGeeks
Router	Directs data packets between networks and manages traffic, often connecting different LANs or a LAN to the internet.	Routes data efficiently across networks.	Uses routing tables and protocols to determine the best path for data packets.	Router - GeeksforGeeks
Access Point	Provides wireless connectivity, allowing devices to connect to a wired network via Wi-Fi.	Enables wireless access for devices.	Transmits and receives wireless signals, bridging wireless clients to the wired network.	Access Point - Juniper Networks
Firewall	Monitors and controls incoming and outgoing network traffic based on security rules.	Protects the network from unauthorized access and cyber threats.	Filters traffic according to predefined rules and policies.	Firewall - Fortinet
Load Balancer	Distributes network or application traffic across multiple servers to ensure reliability and availability.	Enhances performance and prevents server overload.	Monitors server health and forwards requests to the optimal server.	Load Balancer - Cloudflare
Virtual Switch	Software-based switch used in virtualized environments.	Connects virtual machines within a host or across hosts.	Uses software to manage traffic between virtual machines.	Virtual Switch - Oracle
Virtual Router	Software-based router used in virtual networks or cloud environments.	Routes traffic between virtual networks efficiently.	Performs routing functions in software, often in cloud or virtualized networks.	Virtual Router - Huawei
Host / Computer	Any device (PC, server, etc.) that sends or receives data on a network.	Acts as a source or destination for network communication.	Uses network protocols to communicate with other devices.	Host - Temok

Note: The table above highlights some of the most widely used network devices. There are many other specialized devices not mentioned here, each serving unique roles in different network environments.

5. Network Communication Types ::

In computer networks, data can be transmitted in different ways depending on the number of senders and receivers. Understanding these communication types is crucial for grasping how networks operate efficiently.

Type	Description	Example	When to Use
Unicast	One-to-one communication where a single sender transmits data to a single receiver.	Sending an email from your computer to a friend.	Use for private, direct communication between devices.
Broadcast	One-to-all communication where a sender sends data to all devices in a network segment.	ARP requests in a local network.	Use for announcements or discovering devices in a LAN.
Multicast	One-to-many communication where data is sent to a specific group of devices.	Streaming a video to a group of subscribers.	Use for group communication where only a subset of devices need the data.
Anycast	One-to-nearest communication where data is delivered to the closest node among a group of potential receivers.	Accessing the nearest DNS server.	Use to reduce latency and improve efficiency in distributed networks.

Tip: For a deeper, step-by-step explanation of how each type works, along with diagrams and examples, check out the dedicated guide: Network Communication Types.

6. Core Networking Concepts ::

Before diving into IP addressing and subnetting, it’s important to understand some fundamental networking concepts. These concepts will give you the necessary background to grasp how devices communicate in a network, how they are identified, and how addresses are assigned.

Network Interface Card (NIC) ::

A Network Interface Card (NIC) is a hardware component that allows a device to connect to a network. It can be a physical card installed in a computer or built into a device's motherboard. NICs can connect via wired (Ethernet) or wireless (Wi-Fi) interfaces. Every NIC has a unique identifier called a MAC address that ensures devices can be recognized on the local network.

Related document: NIC

MAC Address ::

A MAC (Media Access Control) address is a unique identifier assigned to each NIC by the manufacturer. It is a 48-bit address typically represented in hexadecimal format (e.g., 00:1A:2B:3C:4D:5E). MAC addresses operate at the data link layer (Layer 2) of the OSI model and are used for local network communication. They allow devices to be uniquely identified on the same network segment, even if their IP addresses change.

Related document: MAC Address

IP Address Basics ::

An IP (Internet Protocol) address is a numerical label assigned to a device for identification and communication on a network. Unlike MAC addresses, IP addresses work at the network layer (Layer 3) of the OSI model. They enable devices across different networks to locate and communicate with each other.

There are two main versions of IP addresses:

IPv4: Uses a 32-bit format, usually written as four decimal numbers separated by dots (e.g., 192.168.1.1).
IPv6: Uses a 128-bit format, written in hexadecimal with colons (e.g., 2001:0db8:85a3:0000:0000:8a2e:0370:7334). IPv6 provides a vastly larger address space than IPv4.

IP addresses can be public (routable on the internet) or private (used within local networks). Understanding these basics is crucial before learning subnetting and routing.

Related documents: IPv4, IPv6, IP Address

IP Address Allocation ::

IP addresses can be assigned to devices in two main ways:

Static IP Address: Manually configured on the device. It does not change unless manually updated. Useful for servers or devices that need consistent addresses.
Dynamic IP Address: Automatically assigned by a configuration service.
- DHCP (Dynamic Host Configuration Protocol): Used in IPv4 networks to lease addresses dynamically.
- DHCPv6: Used in IPv6 networks for dynamic address assignment, often combined with SLAAC.

Understanding how IP addresses are allocated helps you see how devices gain access to networks and the internet.

Related documents: DHCP, DHCPv6

Types of IP Addresses ::

Within an IP network, addresses are categorized based on their purpose:

Network Address: Identifies the network segment itself.
Host Address: Identifies an individual device on the network.
Broadcast Address: Used to send messages to all devices on the same network.

Some additional classifications include classful addressing (Class A, B, C, etc.), but modern networks mostly use CIDR (Classless Inter-Domain Routing) for flexible addressing.

Related documents: IP Address Classification

This section provides the foundation you need to understand how devices connect, identify themselves, and communicate in a network. With these concepts clear, you’re ready to explore IP Addressing and Subnetting in detail.

7. Network Hardware & Transmission Media ::

This section is written with a single goal: to explain networking in a way that both beginners and experienced readers can understand write once, speak to everyone. We'll cover the physical components that carry and direct data, giving enough detail for newcomers to grasp the basics, while also including the depth and terminology that seasoned professionals appreciate.

Transmission Media

Transmission media are the physical pathways that carry data between devices. Think of them as the highways of a network. Different types of media serve different purposes:

Cables:
- Twisted Pair (Ethernet) – Affordable, reliable, and common in most local networks.
- Coaxial Cable – Durable and suited for longer distances, often used in cable networks.
- Fiber Optic – Uses light to send data at extremely high speeds over long distances.
Wireless Signals:
- Wi-Fi – Flexible, short- to medium-range wireless connections.
- Radio, Microwave, Satellite – Long-distance wireless communication where cables can't reach.

Transmission media are the foundation of the network: without them, data simply cannot travel.

Network Devices

If transmission media are the roads, network devices are the traffic controllers. They make sure data flows efficiently, reaches the right place, and avoids collisions:

Routers – Direct traffic between networks, ensuring messages reach their destination.
Switches – Connect multiple devices within a network, sending data only where it needs to go.
Hubs – Basic devices that broadcast data to all connected devices; less efficient, but historically important.
Modems & Access Points – Convert data between network types and extend connectivity.

These devices handle the heavy lifting so your data can move seamlessly across the network.

End Devices

End devices are where data originates and where it is consumed:

Clients – Laptops, phones, or tablets that send and receive data.
Servers – Systems that respond to requests, hosting content or services.
IoT Devices – Smart sensors, cameras, and appliances that automatically send and receive information.

By understanding transmission media, network devices, and end devices together, you see the full picture of how information physically moves across a network. This knowledge is useful for newcomers learning the basics and professionals refining their understanding of network design.

8. Ports and Sockets ::

Sockets are the gateways between applications and the network. They allow programs to send and receive data over the internet or local networks in a structured, reliable way. Understanding sockets is crucial because every networked application from web browsers to messaging apps depends on them. This section will cover everything about sockets, their life cycle, and how applications connect to each other over the network.

Intro to Sockets

A socket is like a combination of a mailbox and an address label for your program. It’s an endpoint for sending or receiving data over a network. Each socket is defined by:

IP address – Identifies the device on the network.
Port number – Identifies a specific application or service on that device.

Think of it like this: your device is a building (IP address), and the ports are different offices inside. Each office handles a different service: one office for web traffic (port 80), one for secure web traffic (port 443), another for email (port 25), and so on. When a program wants to send or receive data, it posts it to the right office via the socket.

Sockets can be:
- TCP sockets – Provide reliable, ordered, and error-checked delivery of data. Great for applications like web browsers, email, and file transfers.
- UDP sockets – Lightweight, fast, but without guaranteed delivery. Often used in gaming, streaming, or DNS queries.

Sockets Life Cycle

Every socket goes through a life cycle, ensuring data is sent and received correctly:

Creation – The application requests a socket from the operating system.
Binding – Assigns the socket a local IP address and port. Servers usually bind to well-known ports, while clients are assigned dynamic ports.
Listening / Connecting – Servers listen for incoming connections; clients initiate connections.
Handshake (TCP only) – For TCP, a three-way handshake establishes a connection and synchronizes sequence numbers.
Data Transfer – Applications send and receive data through the socket. TCP ensures order and reliability; UDP sends quickly without overhead.
Closure – Once communication is finished, the socket is closed and resources are freed.

This life cycle ensures smooth communication and prevents data from being lost or misrouted.

How Applications Communicate Through Sockets

Applications use sockets to exchange messages across networks. Here’s a detailed overview:

A client application opens a socket and specifies the server’s IP address and port number it wants to communicate with.
The server application has a socket bound to a specific port and listens for incoming connections.
When the client connects, the server may create a dedicated socket for this session, allowing it to handle multiple clients at once.
Data flows back and forth through these sockets, structured according to protocols (TCP, UDP, HTTP, etc.).
After communication, both client and server close their sockets.

Example Scenario

Imagine a chat application:

Each user’s device has a socket assigned by the operating system.
When a user sends a message, it travels through the device’s socket to the chat server’s socket.
The server’s socket receives the message and routes it to the recipient’s socket.
The recipient sees the message almost instantly, thanks to this socket-to-socket communication.

This model is the foundation of almost all networked software.

Ports

Ports are like channels within your device that separate traffic for different services:

Well-known ports (0–1023) – Standard services like HTTP (80), HTTPS (443), FTP (21).
Registered ports (1024–49151) – Assigned to specific applications by IANA.
Dynamic/private ports (49152–65535) – Temporarily assigned to client applications for outbound connections.

By combining IP addresses and ports, sockets ensure that data is delivered to the correct program.

Further Learning

This section covers the basics and intermediate concepts of sockets and ports, but the topic goes much deeper. You can explore advanced socket programming, security, and optimization using these resources:

Beej's Guide to Network Programming – Comprehensive guide to socket programming in C.
Python Socket Programming Tutorial – Practical examples using Python.
IANA Service Name and Port Number Registry – Official reference for ports and protocols.

With this understanding, you can see how applications truly connect over the network: every connection flows through sockets, every service has a port, and the combination creates a structured, reliable communication channel across any network.

9. Networking Models & Protocols ::

When you first approach computer networking, it may seem like a collection of unrelated terms: TCP, DNS, IP addresses, routers, and so on.
In reality, these pieces fit together into an organized system. To make sense of how data travels across a network, we rely on networking models and protocols.

Models provide a layered framework that shows how communication flows from one computer to another.
Protocols are the rules and methods that define how each layer operates.

Together, they give us a map of how information is prepared, transmitted, routed, and delivered.

OSI Model ::

The OSI (Open Systems Interconnection) Model is a seven-layer conceptual framework developed in the 1980s. While it is not used directly in modern networking, it is still the best way to learn how networks function because it breaks down communication into clear, logical steps.

You can think of the OSI model like a mail delivery system:

You write a letter (Application Layer).
You package it and address it (Presentation, Session, Transport).
It passes through postal sorting and transport systems (Network, Data Link).
Finally, it is delivered to the recipient’s mailbox (Physical Layer).

OSI Model Layers ::

Layer	Name	Description
7	Application	Interfaces with software applications (e.g., web browsers, email clients).
6	Presentation	Translates, encrypts, and compresses data so applications can understand it.
5	Session	Manages sessions and controls dialogue between systems.
4	Transport	Ensures data delivery, error correction, and sequencing (TCP/UDP).
3	Network	Handles logical addressing and routing (IP).
2	Data Link	Provides physical addressing (MAC), error detection, and framing.
1	Physical	Transmits raw bits as electrical signals, light, or radio waves.

Key idea: each layer only communicates with its immediate upper and lower layers. This modularity allows hardware and software from different vendors to work together.

For an in-depth discussion of each layer: see OSI Model.

TCP/IP Model ::

The TCP/IP model is the practical standard that underlies the Internet today. It was developed by the U.S. Department of Defense in the 1970s and eventually replaced the OSI model in real-world use. While simpler than OSI, it captures the essential functions.

TCP/IP Layers ::

Layer	Examples	Description
Application	HTTP, FTP, DNS, SMTP	Provides network services directly to applications.
Transport	TCP, UDP	Ensures delivery of data between hosts.
Internet	IP, ICMP	Responsible for addressing, routing, and packet forwarding.
Network Access	Ethernet, Wi-Fi, ARP	Defines how data is physically transmitted over the medium.

The TCP/IP model maps closely to the OSI model but merges some layers. For example:

OSI’s Application, Presentation, and Session layers are combined into the Application Layer.
OSI’s Physical and Data Link layers are grouped as the Network Access Layer.

For a more detailed study: see TCP/IP Model.

Why Models Matter ::

Models are not just academic diagrams. They provide:

A reference language: engineers worldwide can describe issues precisely (e.g., “this is a Layer 3 problem” means a routing issue).
Troubleshooting guidance: problems can be isolated layer by layer.
Interoperability: by following the models, devices and software from different vendors can communicate successfully.

Transport Protocols :: TCP & UDP

The Transport Layer is where end-to-end communication between two hosts is managed. Two major protocols dominate this layer:

TCP :: (Transmission Control Protocol)

Connection-oriented: requires a three-way handshake before data transfer.
Reliable: guarantees delivery, ensures packets arrive in order, and retransmits lost data.
Flow and congestion control: adapts to avoid overwhelming the network.
Use cases: web browsing (HTTP/HTTPS), email (SMTP/IMAP/POP3), file transfers (FTP).

UDP :: (User Datagram Protocol)

Connectionless: no handshake, no guarantee of delivery.
Fast and lightweight: useful for real-time communication where speed is more important than reliability.
No congestion or flow control.
Use cases: live video streaming, voice over IP (VoIP), online gaming.

Feature	TCP	UDP
Connection	Yes (handshake)	No
Reliability	Guaranteed (error correction)	None
Speed	Slower	Faster
Overhead	High (headers, acknowledgments)	Low (minimal headers)
Best for	Accuracy (web, email, files)	Speed (streaming, gaming, calls)

For expanded discussions: see TCP and UDP.

Application Layer Protocols

The Application Layer is the topmost layer in the network protocol stack, where protocols enable direct interaction between software applications and the network. This layer provides services that humans and applications use daily from browsing websites to sending emails and streaming videos. Instead of dealing with raw IP addresses and low-level connections, Application Layer protocols abstract these complexities into user-friendly services.

Key characteristics of the Application Layer:

User-Facing: Provides interfaces and services directly accessible to end users and applications
Protocol Diversity: Hosts a wide variety of protocols, each designed for specific use cases
Built on Lower Layers: Relies on Transport, Network, and other underlying layers for data delivery
Standardization: Most protocols follow standards defined by organizations like IETF, W3C, and IEEE

Application Layer Protocols Reference Table

Protocol	Full Name	Purpose	Key Features	Documentation
DNS	Domain Name System	Translates human-readable domain names into IP addresses	• Hierarchical distributed database • Root, TLD, and authoritative servers • Caching mechanisms • Vulnerable to spoofing and cache poisoning	DNS Documentation
DHCP	Dynamic Host Configuration Protocol	Automatically assigns IP addresses and network configuration to devices	• Automatic IP address allocation • Lease-based system • Provides subnet mask, gateway, DNS info • Simplifies network administration	DHCP Documentation
DHCPv6	Dynamic Host Configuration Protocol for IPv6	IPv6 version of DHCP with enhanced features	• Stateful and stateless configuration • Works alongside IPv6 autoconfiguration • Enhanced security options	DHCPv6 Documentation
HTTP/HTTPS	Hypertext Transfer Protocol (Secure)	Foundation of web communication for transferring web pages and resources	• Request-response model • Stateless protocol • HTTPS adds TLS/SSL encryption • Methods: GET, POST, PUT, DELETE, etc.	HTTP Documentation
SMTP	Simple Mail Transfer Protocol	Sends outgoing email from clients to servers and between servers	• Push protocol for email transmission • Works on port 25 (or 587 for submission) • Text-based protocol • Often combined with authentication	SMTP Documentation
POP3	Post Office Protocol version 3	Downloads email from server to client (typically deletes from server)	• Simple download-and-delete model • Port 110 (995 for secure) • Single-device oriented • No server-side folder management	POP3 Documentation
IMAP	Internet Message Access Protocol	Manages email on server with synchronization across multiple devices	• Email stays on server • Folder management and synchronization • Port 143 (993 for secure) • Multi-device support	IMAP Documentation
FTP	File Transfer Protocol	Transfers files between client and server	• Separate control and data connections • Ports 20 and 21 • Active and passive modes • Authentication required	FTP Documentation
SFTP/FTPS	SSH/SSL File Transfer Protocol	Secure versions of file transfer protocols	• SFTP uses SSH encryption (port 22) • FTPS uses SSL/TLS • Encrypted data transfer • Better security than FTP	Secure FTP Documentation
SSH	Secure Shell	Provides secure remote login and command execution	• Encrypted communication channel • Port 22 • Authentication via passwords or keys • Tunneling capabilities	SSH Documentation
Telnet	Telnet Protocol	Remote terminal access (unencrypted, legacy)	• Plain-text protocol • Port 23 • No encryption (insecure) • Largely replaced by SSH	Telnet Documentation
SNMP	Simple Network Management Protocol	Monitors and manages network devices	• Collect device statistics and status • Ports 161/162 • SNMP traps for alerts • Versions: v1, v2c, v3 (secure)	SNMP Documentation
NTP	Network Time Protocol	Synchronizes clocks across network devices	• Maintains accurate time • Hierarchical stratum system • Port 123 • Critical for logging and security	NTP Documentation
RDP	Remote Desktop Protocol	Provides graphical remote desktop access	• Full desktop environment access • Port 3389 • Developed by Microsoft • Supports audio, printing, file transfer	RDP Documentation
SIP	Session Initiation Protocol	Establishes, maintains, and terminates VoIP and video calls	• Signaling protocol for multimedia sessions • Works with RTP for media transfer • Port 5060/5061 • Used in VoIP systems	SIP Documentation
RTP/RTCP	Real-time Transport Protocol / Control Protocol	Delivers audio and video over IP networks	• Real-time media streaming • Used with SIP, WebRTC • RTCP monitors quality • Low-latency delivery	RTP Documentation
LDAP	Lightweight Directory Access Protocol	Accesses and manages directory information services	• Centralized authentication • Port 389 (636 for secure) • Used in Active Directory • Hierarchical directory structure	LDAP Documentation
CDN Protocols	Content Delivery Network Protocols	Distribute and cache content across geographically dispersed servers	• Reduces latency • Improves reliability • Load balancing • DDoS protection	CDN Documentation
DoH/DoT	DNS over HTTPS / DNS over TLS	Encrypts DNS queries for privacy and security	• Prevents DNS eavesdropping • DoH uses port 443 • DoT uses port 853 • Improves user privacy	Secure DNS Documentation
WebSocket	WebSocket Protocol	Provides full-duplex communication channels over TCP	• Real-time bidirectional communication • Persistent connection • Lower overhead than HTTP polling • Used in chat, gaming, live updates	WebSocket Documentation
MQTT	Message Queuing Telemetry Transport	Lightweight publish-subscribe messaging protocol for IoT	• Low bandwidth usage • Port 1883 (8883 for secure) • Quality of Service levels • Ideal for IoT devices	MQTT Documentation

Note: This table covers the most common Application Layer protocols. Each protocol serves specific use cases and has evolved to meet modern security, performance, and scalability requirements. Refer to the individual documentation links for in-depth explanations, implementation details, and security considerations.

10. IP Addressing and Subnetting ::

This section explains how devices are identified on a network and how networks are divided and managed. If you followed earlier sections (devices, NIC/MAC, networking models and protocols), this is where the logical addressing layer becomes practical: you will learn how addresses are formed, how they are assigned, and how to split address space into usable subnets.

IPv4 ::

What it is
IPv4 (Internet Protocol version 4) is a 32-bit addressing system. An IPv4 address is usually shown in dotted-decimal form, for example 192.168.1.10. IPv4 provides logical addresses used for routing packets between networks.

Structure

32 bits long, typically written as four decimal octets (a.b.c.d).
Each address contains a network portion and a host portion (determined by the subnet mask).

Public vs Private addresses (and why it matters)

Public addresses are globally routable on the Internet and must be unique across the entire Internet. ISPs assign public addresses.
Private addresses are reserved ranges used inside local networks (not routable on the Internet). They let many organizations reuse the same private ranges while conserving public IPv4 space.

Common IPv4 private ranges:

10.0.0.0/8 (10.0.0.0 – 10.255.255.255)
172.16.0.0/12 (172.16.0.0 – 172.31.255.255)
192.168.0.0/16 (192.168.0.0 – 192.168.255.255)

Because IPv4 address space is limited, networks commonly use NAT (Network Address Translation) to let many private hosts share a single public IP for Internet access. NAT is a workaround for IPv4 scarcity and is part of why IPv4 networking has extra operational complexity.

Special IPv4 notes

Loopback: 127.0.0.0/8 (e.g., 127.0.0.1)
APIPA (fallback): 169.254.0.0/16

For a deeper dive into IPv4, examples, and the historical reasons behind private/public addressing and NAT, see: docs/ipv4.md.

IPv6 ::

What it is
IPv6 (Internet Protocol version 6) uses 128-bit addresses and was designed primarily to solve IPv4 address exhaustion and simplify certain aspects of addressing and routing.

Key differences from IPv4

Much larger address space: 128 bits (practically unlimited for normal use).
Notation: hexadecimal, colon-separated (e.g., 2001:0db8:85a3::8a2e:0370:7334).
Native support for address types such as link-local and unique local (ULAs).
Stateless Address Autoconfiguration (SLAAC) allows devices to self-configure addresses in many networks; DHCPv6 is also available for centralized management.
Because IPv6 has a huge address space, the private vs public dichotomy is different: IPv6 uses link-local (fe80::/10) and unique local (fc00::/7) addresses for local scopes, but the IPv6 design removes the shortage that made NAT necessary for IPv4. NAT is therefore not required for address conservation with IPv6 (though operators may still use other forms of translation for policy).

For full details on IPv6 addressing, allocation methods (SLAAC vs DHCPv6), and address types, see: docs/ipv6.md and docs/dhcpv6.md.

Subnetting ::

What subnetting is
Subnetting is the process of breaking a larger network block into smaller subnetworks (subnets) by changing the subnet mask (i.e., changing how many bits are used for the network versus hosts).

Why subnet?

To limit broadcast domains and reduce congestion.
To segregate and secure parts of a network (departmental separation).
To use address space efficiently (avoid wasting IPs).

How the process works (step by step)

Start with the IP block and its prefix (for example, 192.168.1.0/24).
Decide how many subnets you need, or how many hosts each subnet must support.
Borrow bits from the host portion to create additional network bits; each borrowed bit doubles the number of subnets and halves hosts per subnet.
Calculate network address, first usable host, last usable host, and broadcast address for each subnet.

Worked example (simple)

Given 192.168.1.0/24 and a need for 4 subnets: borrow 2 bits → new prefix /26 (mask 255.255.255.192).
Each /26 subnet has 64 addresses, 62 usable hosts. Subnets are:
- 192.168.1.0/26 (hosts .1–.62, broadcast .63)
- 192.168.1.64/26 (hosts .65–.126, broadcast .127)
- 192.168.1.128/26 (hosts .129–.190, broadcast .191)
- 192.168.1.192/26 (hosts .193–.254, broadcast .255)

For full explanation, binary walkthroughs, and practice examples, see: docs/subnetting.md and docs/subnet_mask.md.

FLSM :: (Fixed Length Subnet Masking)

FLSM, or Fixed Length Subnet Masking, is one of the simplest subnetting techniques used in computer networking. In this method, the entire network is divided into smaller, equal-sized subnets each with the same subnet mask and the same number of available IP addresses. This uniformity makes FLSM easy to design, visualize, and manage, especially when all network segments require an identical number of hosts. For example, a training environment or a small business might assign one subnet per department, each with exactly the same number of devices.

However, while FLSM is straightforward, it isn’t the most efficient way to use IP addresses. Real networks rarely have subnets that all need the same number of hosts one subnet might connect just two routers, while another might serve hundreds of workstations. In such cases, FLSM leads to IP address wastage, since each subnet reserves the same amount of address space regardless of its actual size. This limitation is what gave rise to more flexible methods like VLSM (Variable Length Subnet Masking) and CIDR (Classless Inter-Domain Routing), which allow subnet sizes to vary based on real needs.

FLSM still serves as a foundational concept in networking education because it’s ideal for learning how subnetting math works and for practicing IP address division without added complexity. Once you understand FLSM, transitioning to more advanced subnetting techniques becomes much easier.

For a deeper look at how FLSM works with clear examples, visit: Fixed Length Subnet Masking (FLSM) - GeeksforGeeks

VLSM :: (Variable Length Subnet Masking)

VLSM, short for Variable Length Subnet Masking, is a subnetting method that allows a network to use different subnet masks for different subnets. In simple terms, it lets you design subnets of various sizes within the same network large subnets where many hosts are needed, and smaller ones where only a few devices connect. This flexibility makes VLSM much more efficient than FLSM, as it minimizes wasted IP addresses and lets network administrators make the most of limited address space, especially with IPv4.

For example, imagine you have a company network that needs one subnet for 100 users, another for 30, and several small point-to-point connections. With VLSM, you can assign subnet masks that fit each case perfectly like tailoring each subnet to its purpose instead of forcing them all into the same size. This adaptability is crucial in large or complex networks, such as ISPs or enterprises, where every IP address counts.

VLSM also plays a key role in CIDR (Classless Inter-Domain Routing), which extends this same flexibility to routing on the global Internet. Understanding VLSM gives you the foundation to grasp how modern networks optimize IP allocation and how routing tables stay compact even as the Internet keeps growing.

For step-by-step examples and design tips, see: docs/vlsm.md.

FLSM vs VLSM (Key Differences & When to Use Each) ::

When learning about subnetting, it’s easy to think of FLSM and VLSM as two competing methods but really, they represent different stages in how networking evolved to use IP addresses more intelligently. FLSM (Fixed Length Subnet Masking) divides a network into equal parts, giving every subnet the same number of IP addresses. This approach keeps things simple and consistent, making it great for beginners or for environments where all subnets serve roughly the same number of devices. However, in real-world networks, this can quickly become inefficient because not all network segments are equal for example, a branch office LAN might need hundreds of addresses, while a router-to-router link only needs two.

That’s where VLSM (Variable Length Subnet Masking) comes in. VLSM allows each subnet to have a different size and subnet mask, giving administrators the freedom to allocate IP addresses based on actual requirements. It’s like upgrading from a one-size-fits-all model to a custom-fit design larger subnets where needed, smaller ones where they make sense, and no wasted address space. This flexibility is vital in modern IPv4 networks, where conserving address space is a top priority. It’s also the foundation of CIDR (Classless Inter-Domain Routing), which extends the same principle to Internet-wide routing.

In short, FLSM is simpler and more predictable, while VLSM is smarter and more efficient. FLSM works well for teaching, testing, or static networks where uniformity is fine. VLSM, on the other hand, is the go-to choice for scalable, real-world designs that need to grow dynamically. Understanding both helps you appreciate how modern IP addressing balances structure with flexibility a key skill for any network engineer.

For a detailed comparison with diagrams and worked examples, explore this guide: Difference Between FLSM and VLSM - GeeksforGeeks

CIDR :: (Classless Inter-Domain Routing)

What CIDR is
CIDR replaces the old classful system and allows networks to be specified with arbitrary prefix lengths (e.g., /22, /27) instead of fixed Class A/B/C boundaries.

Why CIDR matters

It reduces IP address waste by letting networks be the exact size needed.
It enables route aggregation (summarization), which dramatically reduces the size of global routing tables.

Practical note

CIDR notation is: network/prefix (for example 203.0.113.0/24).
In routing, CIDR enables combining many contiguous networks into one advertisement (e.g., four /24s into a single /22).

For concepts, routing examples, and aggregation illustrations, see: docs/cidr.md.

IP Address Classification :: (classful vs modern usage)

Classful overview (legacy)
Historically, IPv4 addresses were split into classes:

Class A: /8 (large networks)
Class B: /16
Class C: /24
This approach proved inefficient and led to address waste.

Modern approach
Today, we use CIDR instead of classful addressing. Classful knowledge is useful for historical context and some legacy systems, but all modern IP planning should assume classless addressing.

For the historical classes and why they were replaced, see: docs/ipaddress_classificatin.md.

Quick reference :: common prefixes and usable hosts

Prefix	Host bits	Total addresses	Usable hosts (typical)
/8	24	16,777,216	16,777,214
/16	16	65,536	65,534
/24	8	256	254
/25	7	128	126
/26	6	64	62
/27	5	32	30
/28	4	16	14
/30	2	4	2
/32	0	1	1 (single host)

(Usable hosts = 2^(host bits) − 2 in normal subnetting; note some modern usages treat /31 specially for point-to-point links.)

IPv4 vs IPv6 :: (short comparison)

Aspect	IPv4	IPv6
Address length	32 bits	128 bits
Notation	Dotted decimal (`a.b.c.d`)	Hex colon (`2001:db8::1`)
Address space	~4.3 billion addresses	Vast (2^128)
NAT necessity	Common (due to scarcity)	Not required for address scarcity
Common allocation	Static / DHCP	SLAAC / DHCPv6 / static
Typical scope types	Public / Private ranges	Global unicast, link-local, ULA

For a complete IPv6 guide and allocation methods, see: docs/ipv6.md.

Practicing Subnetting ::

Theory is only half the journey real understanding comes from practice. After exploring how subnet masks work, how to apply FLSM, VLSM, and CIDR, it’s time to put those concepts into action.

This section provides a collection of carefully designed subnetting exercises that range from basic address division to advanced multi-network design. Each exercise includes its complexity range, type of subnetting (FLSM or VLSM), and clear requirements describing what’s needed. The goal isn’t just to find the right numbers, but to train your logical process and build the reflex to design subnets efficiently and confidently.

No external tools are needed just a pen, paper, and your brain. Start with easier exercises, then move toward the complex ones that simulate real-world network planning scenarios.

For the full set of exercises and challenges, visit: Practicing Subnetting

Go Deeper ::

docs/ipv4.md :: deep dive into IPv4, public vs private, NAT, special addresses.
docs/ipv6.md :: detailed IPv6 features, types, and allocation.
docs/subnet_mask.md :: binary masks, notation, and how masks separate network/host bits.
docs/subnetting.md :: full subnetting walkthroughs and exercises.
docs/vlsm.md :: variable length subnetting examples and best practices.
docs/cidr.md :: CIDR notation, aggregation, and routing implications.
docs/ipaddress_classificatin.md :: historical classful addressing overview.

11. Routing & Switching Concepts ::

This section explains how packets actually move inside and between networks. If you are a beginner, think of this as the moment when the abstract ideas (IP addresses, MACs, NICs) become concrete: switches move frames inside a LAN, routers move packets between LANs/WANs, and routing tables tell routers where to send those packets. Read each subsection carefully and then follow the links to the in-depth documents for practical examples and commands.

Routers :: how networks are connected

What a router is (plain language)
A router is a device that connects two or more separate networks and forwards packets between them using IP addresses. Each router interface is on a different network and has its own IP. Routers make decisions about where to send a packet next.

Step-by-step: what happens when a host sends a packet to a remote IP

The host checks whether the destination IP is on the same subnet.
If it is not, the host sends the packet to its default gateway (the router). The host encapsulates the IP packet into an Ethernet frame with:
- Source MAC = host MAC
- Destination MAC = router’s MAC on the same LAN
The local switch forwards that frame to the router port (using its MAC table).
The router receives the frame, strips the Ethernet header, inspects the destination IP, and consults its routing table.
The router chooses the best route (longest-prefix match, AD/metric tie-breakers) and forwards the packet to the next hop (could be another router or the final network).
Each intermediate router repeats the process until the packet reaches the destination network; then the final router forwards it to the target host using L2 for the last hop.

Key router concepts to remember

Routers operate at Layer 3 (IP).
They rely on a routing table to decide next hops.
Routing can be static, dynamic (routing protocols), or use a default route for unknown destinations.

For full details, examples, and protocol explanations, see: docs/routers.md.

Routing Tables :: the router’s map

What a routing table is (simple)
A routing table is a list of destination networks the router knows about and how to reach them (next hop and outgoing interface).

Important fields you’ll see

Destination / Prefix (e.g., 10.1.2.0/24)
Next hop (IP of next router) or outgoing interface
Administrative source (connected, static, OSPF, BGP…)
Metric or cost (used to choose between multiple routes)

How a router chooses a route (short version)

Longest Prefix Match (LPM) pick the most specific route that fits the destination IP.
If multiple entries with the same prefix length exist, use administrative distance (trust level).
If still tied, use metric (cost) from the routing protocol.

Example routing table fragment

C  192.168.1.0/24 is directly connected, Gig0/0
S  10.0.0.0/24 via 192.168.1.2
D  172.16.0.0/16 [OSPF metric] via 192.168.1.3

Default route

Written as 0.0.0.0/0 (IPv4) or ::/0 (IPv6).
Used when no specific route matches (common on edge routers and home routers).

For examples of show ip route outputs, more on longest-prefix-match, and troubleshooting steps, see: docs/routing_table.md.

Switches :: how frames move inside a LAN

What a switch is (plain language)
A switch connects devices inside the same LAN and forwards Ethernet frames to the correct port using MAC addresses. Switches are the building blocks of LAN wiring closets and server racks.

Step-by-step: how a switch forwards a frame

A frame arrives on Port A with source MAC AA:AA:AA:AA and destination MAC BB:BB:BB:BB.
The switch learns source MAC AA:AA... → Port A (records in MAC table).
The switch looks up destination MAC BB:BB... in its MAC table:
- If present → forward frame only to the port recorded there (efficient).
- If absent → flood the frame to all ports (except the source) so the destination can reply; the switch will then learn the destination MAC when it replies.

Flooding, broadcasts, and ARP

Broadcast frames (e.g., ARP requests) go to every port in the VLAN.
Unknown unicast frames are temporarily flooded until the MAC is learned.

Types of switches

Unmanaged: plug-and-play, no config.
Managed: support VLANs, QoS, security, monitoring.
Layer-3 switches: can perform routing between VLANs (inter-VLAN routing).

Practical note

Switches reduce collisions and isolate MAC-based traffic per port; they do not route between IP subnets (unless they are Layer 3 devices).

For full explanation, MAC-table examples, and security features, see: docs/switches.md.

VLANs :: logical segmentation inside switches

What is a VLAN (intuitively)
A Virtual LAN (VLAN) partitions one physical switch (or switch stack) into separate logical networks each VLAN is a separate broadcast domain. Devices in VLAN 10 can’t communicate with VLAN 20 unless a router (or Layer-3 switch) routes between them.

Why use VLANs

Security: isolate sensitive systems (finance, servers).
Performance: reduce broadcast domain size.
Organization: group users by function regardless of physical location.

Basic VLAN concepts

Access port: belongs to a single VLAN (used by end hosts).
Trunk port: carries traffic for multiple VLANs between switches/routers using tagging (802.1Q).
Inter-VLAN routing: required for communication between VLANs done by a router or Layer-3 switch.

Simple example

Port 1–10 → VLAN 10 (HR)
Port 11–20 → VLAN 20 (Engineering)
Trunk between Switch A and Switch B carries VLAN 10 and 20 tagged.

For configuration patterns, trunking details, and VLAN design best practices, see: docs/vlan.md.

How these pieces fit together :: (practical mental model)

Inside a LAN: hosts ↔ switches (Layer 2). Switches forward frames using MAC addresses; VLANs partition the broadcast domain.
Between networks: hosts ↔ router (default gateway) ↔ other routers (Layer 3). Routers forward packets using routing tables and IP addresses.
Edge/home networks: a single device often acts as switch + router + Wi-Fi + NAT.

Troubleshooting checklist (beginner friendly)

Physical: Cables, link LEDs, interface up/down.
Layer 2: Check MAC tables (show mac address-table), ARP entries (do hosts know gateway MAC?).
Layer 3: Check IP addressing, default gateway on hosts, and the router’s routing table (show ip route).
Path test: ping for reachability, traceroute to see hops.
Configs: VLAN membership, trunking, static routes, default routes.

Go Deeper ::

docs/routers.md :: routers, route types, routing protocols.
docs/routing_table.md :: route lookup, longest-prefix-match, examples.
docs/switches.md :: MAC learning, flooding, switch types, security.
docs/vlan.md :: VLAN concepts, trunking (802.1Q), inter-VLAN routing.

12. Network Services ::

Network services are the extra features that make networks usable, reliable, and secure for real applications. They sit on top of the basic forwarding behavior of switches and routers and provide functionality such as address translation, traffic prioritization, remote secure access, scalable application delivery, cloud connectivity, and wireless access. This section briefly explains why these services matter and then walks you through each service in beginner-friendly, step-by-step language. For deep, hands-on explanations and examples see the linked docs at the end of each subsection.

Why this section matters ::

Basic connectivity (a NIC, an IP, a switch, a router) gets devices to talk. Network services make sure:

traffic gets where it needs to go even when addresses aren’t unique (NAT),
time-sensitive traffic (voice/video) gets priority (QoS),
many users can share a service without overload (load balancing),
remote offices and users can connect securely (VPN),
infrastructure can scale and be managed in the cloud (cloud networking), and
mobile/wireless devices can join the network reliably (wireless networking).

If you’re building or troubleshooting networks, these services are the tools you’ll use every day.

NAT :: (Network Address Translation)

What NAT does (simple):
NAT rewrites IP addresses and sometimes ports on packets as they pass through a device. Its most common use: let many private hosts share a single public IPv4 address for Internet access.

Common NAT types

Static NAT (one-to-one): maps one private IP to one public IP.
Dynamic NAT (pool): maps private addresses to a pool of public addresses.
PAT / Overloaded NAT (Port Address Translation): many private IPs share a single public IP using unique source ports (most common in home/office routers).
DNAT / SNAT: Destination or Source NAT terminology used in firewall/iptables contexts.

How it works (step-by-step, outbound example)

Host 192.168.1.10:12345 wants to reach 8.8.8.8:53.
Router with public IP 203.0.113.5 rewrites the packet’s source to 203.0.113.5:50001 and records the translation in a table.
The remote server replies to 203.0.113.5:50001.
Router looks up the translation entry and forwards the packet back to 192.168.1.10:12345.

Tradeoffs / gotchas

NAT breaks end-to-end addressing some protocols need special handling (ALGs).
Makes peer-to-peer inbound connections more complex (requires port forwarding).
IPv6 largely removes the need for NAT because of abundant address space.

For full details and examples, see: docs/nat.md.

Gateways ::

What is a gateway?
A gateway is a node that serves as an entry/exit point for a network. In common usage, the default gateway on a host is the router that forwards traffic destined for other networks.

Common gateway roles

Default (IP) gateway: where hosts send non-local packets.
Application gateway / proxy: a proxy that forwards and inspects application traffic (HTTP proxy, SMTP proxy).
Cloud/Internet gateway: cloud-specific gateway objects (Internet Gateway, NAT Gateway) that allow VPC resources to reach or be reached from the Internet.

Example (host viewpoint)

Host wants to reach an external IP.
Host checks local routing destination is remote → forwards frame to default gateway MAC.
Gateway forwards the packet onward (router behavior).

For deeper reading about gateway types and cloud gateway concepts, see: docs/gateway.md.

QoS :: (Quality of Service)

Why QoS exists:
Networks have finite bandwidth. QoS lets you prioritize important traffic (voice, video, interactive apps) and control less-critical traffic (bulk backups, large transfers).

Basic QoS workflow

Classification: Identify traffic (by IP, port, DSCP, VLAN).
Marking: Tag packets (e.g., DSCP) to indicate priority.
Policing/Shaping: Enforce rate limits (police drops, shape buffers).
Queuing/Scheduling: Serve higher-priority queues first (e.g., priority queue, WFQ).

Common concepts

DSCP/ToS marks used across routers/switches.
Traffic shaping smooths bursts.
Policing drops or remarks packets that exceed a rate.
Scheduling algorithms: Weighted Fair Queuing (WFQ), Priority Queuing (PQ), Low Latency Queuing (LLQ).

Simple example: guarantee 100 kbps for voice traffic while letting bulk file sync use leftover capacity.

For configuration patterns and practical QoS design, see: docs/qos.md.

Load Balancing ::

What a load balancer does:
A load balancer distributes incoming application requests across multiple backend servers to improve performance, availability, and scalability.

Types

Layer 4 (Transport) load balancing: uses IP/port info (fast).
Layer 7 (Application) load balancing: understands HTTP, can route by URL, cookies, headers.

Common algorithms

Round Robin
Least Connections
Source IP Hash
Weighted algorithms

Key features

Health checks: only send traffic to healthy servers.
Session persistence (sticky sessions): route a client back to the same server when necessary.
SSL/TLS termination: offload encryption/decryption at the LB.
Active/Passive vs Active/Active failover modes.

Example flow

Client connects to app.example.com (LB IP).
Load balancer selects backend app1.example.local based on algorithm and health.
LB forwards the request and returns the backend response to the client.

For product choices and advanced patterns, see: docs/load_balancing.md.

VPN :: (Virtual Private Network)

What a VPN provides:
A secure, encrypted tunnel over an insecure network (like the Internet) so remote offices or users appear to be on the same private network.

Common VPN types

Site-to-site VPN: connects entire networks (office ↔ data center) often IPSec.
Remote-access VPN: individual users connect from home/coffee shop often SSL/TLS or IPSec.
Clientless VPN / SSL VPN: browser-based secure access for web apps.

High-level tunnel setup (IPSec simplified)

IKE (Internet Key Exchange) establishes authentication and keys (Phase 1).
IPsec establishes secure channels and negotiates encryption parameters (Phase 2).
Encrypted traffic flows through the tunnel with confidentiality and integrity.

Use cases

Secure branch office connectivity
Remote worker access to internal resources
Secure connectivity between cloud and on-prem environments

For encryption types, authentication methods, and configuration examples, see: docs/vpn.md.

Cloud Networking ::

What cloud networking covers:
Cloud networking is how networking constructs are realized in public cloud platforms: virtual networks (VPCs), subnets, route tables, security groups, NAT gateways, peering, VPN/Direct Connect, and managed load balancers.

Key concepts

VPC (Virtual Private Cloud): an isolated virtual network.
Subnets: segmented spaces inside a VPC (public/private).
Route tables: control traffic between subnets and to the Internet.
Security groups / NACLs: virtual firewall and network-level controls.
Managed services: cloud load balancers, NAT Gateways, Transit Gateways.

Typical cloud flow

Web server in a public subnet receives traffic from a cloud LB.
App servers in private subnets connect to databases with controlled egress via a NAT Gateway.
Admins use security groups for fine-grained access control.

Cloud networking emphasizes infrastructure as code, elasticity, and managed primitives that replace manual on-prem appliances.

For cloud-specific patterns and diagrams, see: docs/cloud_networking.md.

Wireless Networking ::

What wireless networking covers:
Wireless (Wi-Fi) enables mobile devices to connect to the LAN without cables. It introduces RF behavior, channel planning, AP placement, and security concerns that wired networks don’t face.

Core elements

Access Point (AP): radio device providing wireless connectivity.
SSID: the wireless network name.
Channels and bands: 2.4 GHz vs 5 GHz (and 6 GHz on Wi-Fi 6E) choose channels to avoid interference.
Security: WPA2/WPA3 (avoid WEP).
Controllers / cloud-managed APs: centralized management and roaming optimization.

Join/connection sequence (simplified)

Client scans for SSIDs and selects one to join.
Client associates with AP (Layer 2 association).
Authentication and key exchange (WPA2/WPA3).
DHCP assigns IP and client begins normal IP communications through the AP and wired switch/router.

Wireless considerations

RF interference (microwaves, neighboring networks) plan channels.
Capacity planning (AP density) for many users.
Roaming / seamless handoff in enterprise deployments.

For Wi-Fi standards, security best practices, and AP design guidance, see: docs/wireless_networking.md.

Go Deeper ::

docs/nat.md :: NAT types, examples, port forwarding.
docs/gateway.md :: gateway roles and cloud gateway concepts.
docs/qos.md :: classification, queuing, shaping, examples.
docs/load_balancing.md :: L4/L7, algorithms, health checks.
docs/vpn.md :: IPSec, SSL VPNs, and use cases.
docs/cloud_networking.md :: VPCs, subnets, security groups, NAT gateways.
docs/wireless_networking.md :: Wi-Fi standards, AP design, and security.

13. Network Security ::

Introduction to Network Security ::

Network security is the practice of protecting computer networks and their data from unauthorized access, misuse, modification, or denial of service attacks. In today's interconnected world, where businesses and individuals rely heavily on digital communication and data sharing, network security has become a critical aspect of maintaining the integrity, confidentiality, and availability of information.

Think of network security as a multi-layered defense system, similar to protecting a physical building. Just as a building might have locks on doors, security cameras, alarm systems, and guards, a network needs multiple security measures working together to provide comprehensive protection.

The main goals of network security include:

Confidentiality: Ensuring that sensitive information is only accessible to authorized users
Integrity: Protecting data from unauthorized modification or corruption
Availability: Ensuring that network resources and services remain accessible when needed
Authentication: Verifying the identity of users and devices
Non-repudiation: Preventing denial of actions taken by authenticated users

Common Network Threats ::

Understanding potential threats is the first step in building effective network security. Let's explore the most common types of attacks that networks face today.

Malware & Viruses ::

Malware (malicious software) is any software designed to harm, exploit, or gain unauthorized access to computer systems. This broad category includes several types:

Viruses attach themselves to legitimate programs and spread when those programs are executed. Like biological viruses, they need a host to survive and replicate. Once activated, they can corrupt files, steal information, or provide unauthorized access to attackers.

Worms are self-replicating programs that spread across networks without needing a host file. They can consume network bandwidth and system resources, potentially causing networks to slow down or crash.

Trojans disguise themselves as legitimate software but contain malicious code. Users unknowingly install them, giving attackers backdoor access to their systems.

Ransomware encrypts a victim's files and demands payment for the decryption key. This type of malware has become increasingly common and can paralyze entire organizations.

DDoS Attacks ::

Distributed Denial of Service (DDoS) attacks overwhelm a target system with a flood of internet traffic, making it unavailable to legitimate users. Imagine trying to enter a popular store, but the entrance is blocked by thousands of people – that's essentially what happens during a DDoS attack.

These attacks use networks of compromised computers (called botnets) to generate massive amounts of traffic directed at a single target. The goal isn't usually to steal data, but rather to disrupt services and cause downtime, which can be costly for businesses.

Man-in-the-Middle Attacks ::

In a Man-in-the-Middle (MitM) attack, an attacker secretly intercepts and potentially alters communications between two parties who believe they are communicating directly with each other. It's like someone secretly listening to and potentially modifying your phone conversations.

Common scenarios include:

Intercepting data on unsecured Wi-Fi networks
DNS spoofing to redirect users to malicious websites
Session hijacking to steal authentication tokens

Social Engineering ::

Social engineering attacks target the human element of security, exploiting psychological manipulation rather than technical vulnerabilities. These attacks are often the most successful because they bypass technological defenses entirely.

Common social engineering techniques include:

Phishing: Fraudulent emails or websites designed to steal credentials
Pretexting: Creating false scenarios to gain trust and extract information
Baiting: Offering something enticing to trigger unsafe actions
Tailgating: Following authorized personnel into secure areas

Security Mechanisms & Technologies ::

Now that we understand the threats, let's explore the primary technologies and mechanisms used to defend against them.

Firewalls ::

A firewall acts as a barrier between trusted internal networks and untrusted external networks, such as the internet. Think of it as a security guard that checks everyone trying to enter or leave a building.

Firewalls examine network traffic based on predetermined security rules and decide whether to allow or block specific communications. They can operate at different levels:

Network Layer Firewalls filter traffic based on IP addresses, ports, and protocols. They're fast and efficient but provide basic protection.

Application Layer Firewalls examine the actual content of communications, providing more sophisticated protection but requiring more processing power.

Next-Generation Firewalls combine traditional firewall capabilities with additional features like intrusion prevention, application awareness, and advanced threat detection.

Encryption Protocols ::

Encryption transforms readable data (plaintext) into an unreadable format (ciphertext) using mathematical algorithms and keys. Even if attackers intercept encrypted data, they cannot understand it without the proper decryption key.

Symmetric Encryption uses the same key for both encryption and decryption. It's fast and efficient but requires secure key distribution.

Asymmetric Encryption uses a pair of keys: a public key for encryption and a private key for decryption. This solves the key distribution problem but is slower than symmetric encryption.

Hash Functions create unique digital fingerprints of data, allowing verification of data integrity without revealing the original content.

VPNs :: (Virtual Private Networks)

A VPN creates a secure, encrypted connection between a user's device and a remote server, effectively extending a private network across a public network like the internet. It's like having a private tunnel through a busy highway.

VPNs provide several benefits:

Encrypt data transmission to prevent eavesdropping
Hide user location and IP address
Allow secure remote access to corporate networks
Bypass geographic restrictions on content

Common VPN protocols include OpenVPN, L2TP/IPSec, and WireGuard, each offering different balances of security, speed, and compatibility.

Intrusion Detection Systems (IDS) ::

An IDS monitors network traffic and system activities for suspicious behavior or policy violations. Like a security camera system, it watches for unusual activities and alerts administrators when potential threats are detected.

Network-based IDS (NIDS) monitors network traffic for suspicious patterns or known attack signatures.

Host-based IDS (HIDS) monitors individual systems for suspicious activities like unauthorized file changes or unusual user behavior.

Intrusion Prevention Systems (IPS) go beyond detection by automatically taking action to block or prevent identified threats.

Authentication & Authorization ::

Authentication verifies the identity of users or systems, while authorization determines what authenticated users are allowed to do.

Multi-Factor Authentication (MFA) requires users to provide multiple forms of identification, such as something they know (password), something they have (phone), and something they are (biometric).

Single Sign-On (SSO) allows users to access multiple applications with one set of credentials, improving both security and user experience.

Role-Based Access Control (RBAC) assigns permissions based on user roles within an organization, ensuring people only have access to resources they need for their job functions.

Network Security Protocols ::

Security protocols provide standardized methods for implementing security measures across different systems and networks.

SSL/TLS ::

Secure Sockets Layer (SSL) and its successor, Transport Layer Security (TLS), encrypt data transmitted between web browsers and servers. When you see "https://" in a web address, SSL/TLS is protecting your connection.

The protocol works through a process called a "handshake":

The client requests a secure connection
The server sends its digital certificate
The client verifies the certificate
Both parties establish encryption keys
Secure communication begins

IPSec ::

Internet Protocol Security (IPSec) provides security at the network layer, encrypting and authenticating IP packets. It's commonly used in VPNs and can operate in two modes:

Transport Mode encrypts only the data portion of IP packets, leaving headers intact for routing.

Tunnel Mode encrypts entire IP packets and adds new headers, providing complete packet protection.

WPA/WPA2/WPA3 ::

Wi-Fi Protected Access protocols secure wireless networks:

WPA was the first improvement over the flawed WEP protocol, providing better encryption and authentication.

WPA2 introduced AES encryption, becoming the standard for secure Wi-Fi connections for many years.

WPA3 is the latest standard, offering enhanced security features including individualized data encryption and protection against brute-force attacks.

Security Best Practices ::

Implementing security technologies is only part of the solution. Following established best practices is crucial for maintaining network security.

Regular Updates and Patching: Keep all systems, software, and firmware up to date. Attackers often exploit known vulnerabilities that have available patches.

Strong Password Policies: Enforce complex passwords and regular password changes. Consider using password managers to generate and store unique passwords for different accounts.

Network Segmentation: Divide networks into smaller, isolated segments to limit the spread of potential attacks. Critical systems should be on separate network segments from general user systems.

Regular Backups: Maintain current backups of important data and test restoration procedures regularly. This is your last line of defense against ransomware and data loss.

Employee Training: Educate users about security threats and safe computing practices. Many successful attacks exploit human error rather than technical vulnerabilities.

Principle of Least Privilege: Grant users and systems only the minimum access rights needed to perform their functions. Regularly review and adjust permissions as roles change.

Monitoring and Logging: Implement comprehensive logging and monitoring to detect suspicious activities quickly. Automated alerting can help respond to threats in real-time.

Network Security Assessment Tools ::

Various tools help security professionals assess and maintain network security:

Network Scanners like Nmap identify active devices and open ports on networks, helping administrators understand their network topology and potential vulnerabilities.

Vulnerability Scanners such as Nessus or OpenVAS automatically scan systems for known security weaknesses and provide recommendations for remediation.

Packet Analyzers like Wireshark capture and analyze network traffic, helping troubleshoot issues and detect suspicious activities.

Penetration Testing Tools such as Metasploit simulate real attacks to identify vulnerabilities before malicious actors can exploit them.

Security Information and Event Management (SIEM) systems collect and analyze security logs from multiple sources to provide comprehensive security monitoring.

Quick Reference: Threats & Solutions ::

Security Topic	Description	Key Protection Methods	External Resource
Malware Protection	Defending against viruses, worms, trojans, and ransomware	Antivirus software, regular updates, user education	NIST Malware Guide
DDoS Mitigation	Protecting against distributed denial of service attacks	Load balancers, traffic filtering, CDN services	Cloudflare DDoS Protection Guide
Secure Communications	Implementing SSL/TLS and encrypted channels	Certificate management, proper cipher selection	Mozilla SSL Configuration Guide
Firewall Configuration	Network traffic filtering and access control	Rule management, regular audits, logging	SANS Firewall Checklist
VPN Implementation	Secure remote access and site-to-site connections	Strong authentication, encryption protocols	OpenVPN Community
Wireless Security	Securing Wi-Fi networks and mobile devices	WPA3 implementation, enterprise authentication	Wi-Fi Alliance Security
Network Monitoring	Detecting and responding to security incidents	IDS/IPS deployment, log analysis, SIEM	Wireshark Documentation
Vulnerability Management	Identifying and remediating security weaknesses	Regular scanning, patch management, risk assessment	OWASP Testing Guide

External Resources & Further Reading ::

To deepen your understanding of network security, consider exploring these valuable resources:

Official Standards and Guidelines:

NIST Cybersecurity Framework - Comprehensive cybersecurity guidance
ISO/IEC 27001 - Information security management standards

Educational Platforms:

Cybrary - Free cybersecurity training courses
SANS Institute - Professional security training and certification

Technical Documentation:

RFC Documents - Internet standards and protocols
CVE Database - Common vulnerabilities and exposures

Security Communities:

OWASP - Open Web Application Security Project
CERT/CC - Computer Emergency Response Team

News and Threat Intelligence:

Krebs on Security - Security news and analysis
Threatpost - Cybersecurity news and insights

Remember that network security is an ongoing process, not a one-time implementation. Stay informed about emerging threats and evolving best practices to maintain effective protection for your networks and systems.

14. Network Data Units ::

When data travels through a computer network, it doesn’t move as one big block.
Instead, it is broken down into smaller chunks so devices can handle it more efficiently.
Each chunk has a special name depending on the layer of the networking model it belongs to.

Let’s walk through the most important ones step by step.

Frames ::

A Frame is the unit of data at the Data Link Layer (Layer 2).

Think of it as an envelope used inside your local network (LAN).
It contains the sender’s and receiver’s MAC addresses, plus some control info.
Frames are used when devices are talking on the same network segment (like PCs connected to the same switch).

Example: When your laptop sends a file to a printer in the same office LAN, the data is wrapped in a frame.

Packets ::

A Packet is the unit of data at the Network Layer (Layer 3).

Think of it as a package that needs to travel across different networks.
It contains IP addresses (source and destination) so routers know where to send it.
Packets can travel across the world, not just inside one LAN.

Example: When you open a website, the request your browser sends is wrapped inside packets carrying your IP and the server’s IP.

Segments ::

A Segment is the unit of data at the Transport Layer (Layer 4).

Segments make sure communication is reliable and organized.
They include port numbers (to identify which application should receive the data).
With TCP, segments ensure the data arrives in order and without errors.

Example: If you stream a video, the video is broken into many small segments so they can be reassembled correctly on your device.

Ports ::

A Port is not a physical hole but a virtual door on your device that applications use to communicate.

Every program that talks over the network uses a port number.
This allows your computer to handle multiple network connections at once.
Ports are like apartment numbers in a building the building is your IP address, and the apartment (port) tells which application should get the message.

Example:

Port 80 → Used by websites with HTTP.
Port 443 → Used by secure websites (HTTPS).
Port 25 → Used by email (SMTP).

Summary Table: Data Units Across Layers ::

Layer (OSI)	Data Unit	Example Purpose
Layer 2 – Data Link	Frame	Send data within a local network (MAC)
Layer 3 – Network	Packet	Deliver data across networks (IP)
Layer 4 – Transport	Segment	Ensure reliable delivery (TCP/UDP + Ports)
Application Level Use	Port	Identify the right application/service

Go Deeper ::

For a deeper dive into how these data units actually work in detail, check the following docs:

Frame :: docs/frame.md
Packet :: docs/packet.md
Segment :: docs/segment.md
Port :: docs/ports.md

These files explain how frames, packets, and segments move through routers and switches in real networks.

15. Troubleshooting & Monitoring ::

When working with networks, things won’t always go smoothly.
Connections can drop, websites may load slowly, or devices might not talk to each other.
That’s why troubleshooting and monitoring are essential skills for anyone learning networking.

Introduction to Troubleshooting & Monitoring ::

Troubleshooting: The process of finding and fixing network problems.
Monitoring: Continuously observing network performance to detect issues early.

Think of troubleshooting as fixing a flat tire, while monitoring is like having a dashboard that shows tire pressure before it goes flat.

Network Troubleshooting Basics ::

Common Network Issues ::

Here are some frequent problems you’ll encounter in real networks:

Problem	Example
No Connectivity	Can’t reach the internet or local devices
Slow Connection	Websites load slowly, video buffers
IP Address Conflicts	Two devices using the same IP
DNS Issues	Can’t resolve domain names (e.g., google.com)
Hardware Failures	Bad cables, faulty NICs, or broken switches

Troubleshooting Steps (The OSI Model Method) ::

One common approach is to troubleshoot layer by layer (OSI Model):

Physical Layer → Check cables, Wi-Fi signal, power.
Data Link Layer → Check switch ports, MAC addresses.
Network Layer → Verify IP addressing, routing tables.
Transport Layer → Check ports, firewalls, connection rules.
Application Layer → Test applications (web, email, etc.).

This step-by-step approach helps avoid missing the simple issues first.

Useful Troubleshooting Commands ::

Command	Purpose	Example Use
`ping`	Test connectivity to another device	`ping 8.8.8.8`
`traceroute` / `tracert`	Show the path packets take across the network	`traceroute google.com`
`ipconfig` (Win) / `ifconfig` (Linux)	Show IP address settings	`ipconfig /all`
`netstat`	View active connections and listening ports	`netstat -an`
`nslookup` / `dig`	Test DNS name resolution	`nslookup openai.com`

Monitoring Tools ::

Ping & Traceroute ::

Ping checks if a device is reachable. to learn how to use it check this link : man7.org/
Traceroute shows the path packets take to reach the destination. to learn how to use traceroute check this link : docs.oracle.com/

Packet Analyzers (Wireshark) ::

Wireshark lets you see the actual packets moving across a network.
Useful for debugging strange issues or analyzing protocols in detail.
Learn what is and how to use Wireshark : www.wireshark.org/

SNMP (Simple Network Management Protocol) ::

SNMP allows monitoring of network devices like routers and switches.
Provides stats on traffic, CPU usage, errors, and more.
learn more anout the SNMP : www.ibm.com/docs/

Network Performance Monitors ::

Tools like Nagios, Zabbix, SolarWinds, PRTG watch your network 24/7.
They generate alerts if something goes wrong (e.g., a server goes down).
Learn More: https://www.paessler.com/prtg/

Name		Name	Last commit message	Last commit date
Latest commit History 309 Commits
docs		docs
static		static
readme.md		readme.md

xidruk/computer-networking

Folders and files

Latest commit

History

Repository files navigation

~ C @ m p u t e r N e t w o r k i n g

~ Table of Content : :

1. Introduction ::

Definition of Computer Network ::

Why Networks are Important ::

Basic Networking Terms ::

2. What Are RFCs? ::

Definition of RFC ::

Purpose of RFCs in Networking ::

Examples of Important RFCs ::

How to Read an RFC ::

3. Types of Computer Networks ::

Common Network Types ::

4. Network Devices ::

Common Network Devices ::

5. Network Communication Types ::

6. Core Networking Concepts ::

Network Interface Card (NIC) ::

MAC Address ::

IP Address Basics ::

IP Address Allocation ::

Types of IP Addresses ::

7. Network Hardware & Transmission Media ::

Transmission Media

Network Devices

End Devices

8. Ports and Sockets ::

Intro to Sockets

Sockets Life Cycle

How Applications Communicate Through Sockets

Example Scenario

Ports

Further Learning

9. Networking Models & Protocols ::

OSI Model ::

OSI Model Layers ::

TCP/IP Model ::

TCP/IP Layers ::

Why Models Matter ::

Transport Protocols :: TCP & UDP

TCP :: (Transmission Control Protocol)

UDP :: (User Datagram Protocol)

Application Layer Protocols

Application Layer Protocols Reference Table

10. IP Addressing and Subnetting ::

IPv4 ::

IPv6 ::

Subnetting ::

FLSM :: (Fixed Length Subnet Masking)

VLSM :: (Variable Length Subnet Masking)

FLSM vs VLSM (Key Differences & When to Use Each) ::

CIDR :: (Classless Inter-Domain Routing)

IP Address Classification :: (classful vs modern usage)

Quick reference :: common prefixes and usable hosts

IPv4 vs IPv6 :: (short comparison)

Practicing Subnetting ::

Go Deeper ::

11. Routing & Switching Concepts ::

Routers :: how networks are connected

Routing Tables :: the router’s map

Switches :: how frames move inside a LAN

VLANs :: logical segmentation inside switches

How these pieces fit together :: (practical mental model)

Go Deeper ::

12. Network Services ::

Why this section matters ::

NAT :: (Network Address Translation)

Gateways ::

QoS :: (Quality of Service)

Load Balancing ::

VPN :: (Virtual Private Network)

Cloud Networking ::

Wireless Networking ::

Go Deeper ::

13. Network Security ::

Packages