Networking Fundamentals

1. Models & Encapsulation

Each layer adds headers; packets become frames then bits; reversed on receipt.

OSI vs TCP/IP

OSI (7-layers) conceptual. TCP/IP (4-layers) practical. Focus: Link, Internet, Transport, Application.

Model

Encapsulation

Data→Seg (TCP)→Packet (IP)→Frame (Ethernet). Headers supply addressing & control (seq, ack, ports).

Headers

MTU & Fragmentation

Exceed MTU → fragmentation (IPv4) or drop (IPv6). Path MTU discovery avoids fragmentation.

MTU

Latency vs Throughput

Latency = time/unit; throughput = volume/time. BDP influences optimal window size for TCP.

Performance

Capture Basics

tcpdump -ni any port 443 -c 20
# Layers sample: Ethernet / IP / TCP / TLS / HTTP
wireshark &  # rich protocol dissection

2. IP Addressing & Subnetting

Subnetting partitions address space for scale & isolation.

IPv4 Structure

32 bits → dotted decimal
Network vs Host portion defined by mask
CIDR: /24 = 255.255.255.0 (256 addrs)
Private ranges: 10/8, 172.16/12, 192.168/16

IPv6 Quick

128 bits, hex & :: compression
Stateless autoconfig (SLAAC)
No traditional broadcast (uses multicast)

Subnet Capacity

/30 → 4 addrs (2 usable)
/29 → 8 addrs
/26 → 64 addrs
/16 → 65,536 addrs

Mask & CIDR Reference

/24 255.255.255.0
/25 255.255.255.128
/26 255.255.255.192
/27 255.255.255.224
/28 255.255.255.240

3. DNS, HTTP & TLS

Name to IP translation + application semantics & secure transport.

DNS Flow

Stub → Resolver → Root → TLD → Authoritative
Records: A, AAAA, CNAME, MX, TXT, NS
TTL influences propagation delay

HTTP Essentials

Methods: GET idempotent, POST create, PUT replace, PATCH partial
Status classes 1xx–5xx
Headers shape caching, content negotiation

TLS Handshake

ClientHello cipher suites
ServerHello + cert
Key exchange (ECDHE)
Finished + symmetric crypto

Diagnostics

dig +trace example.com
curl -v https://site --http2
openssl s_client -connect site:443 -servername site | openssl x509 -noout -dates

4. Switching, Routing & NAT

Frames switched by MAC; packets routed by IP; NAT rewrites headers.

Switching

MAC learning via source addresses
Flood unknown dest frames
Spanning Tree prevents loops

Routing

Forwarding table: longest prefix match
Protocols: OSPF (link-state), BGP (path vector)
Default route 0.0.0.0/0

NAT & PAT

Translate private→public
PAT multiplexes ports
Breaks end-to-end unless ALG / UPnP

Routing Table Sample

Destination  Gateway  Iface
10.0.0.0/24  0.0.0.0  eth0
0.0.0.0/0    10.0.0.1 eth0

6. Diagnostic Cheat Sheet

High signal commands grouped by objective.

Reachability

ping -c4 host
mtr -rw host
traceroute host

Name Resolution

dig A example.com
nslookup example.com
host -t MX example.com

Sockets

ss -tulpen
netstat -plant
lsof -i :443

Security / TLS

nmap -sC -sV host
openssl s_client -connect host:443
curl -I https://host --http2

HTTP

curl -v https://api/service
curl -X POST -d '{"a":1}' https://api
httpie GET https://api/service

Packet

tcpdump -ni any port 80 -c 10
wireshark &

7. Review & Mastery

Checklist + conceptual Q&A.

Progress Checklist

Explain OSI vs TCP/IP mapping Calculate usable hosts for a CIDR Perform basic DNS query with dig Interpret a TLS handshake sequence Trace a packet path across routers Differentiate routing vs switching Use tcpdump to capture filtered traffic Distinguish NAT vs PAT behavior

Concept Q&A

Why is TCP considered reliable?

Sequence numbers, acknowledgements, retransmission (ARQ), flow control (window), congestion control algorithms ensure ordered, loss-recovered delivery.

Difference: latency vs bandwidth?

Latency is delay per unit; bandwidth capacity per unit time. High bandwidth + high latency still underutilized without proper window sizing.

When use UDP deliberately?

Low overhead, tolerant to loss: streaming, gaming, real-time telemetry where timeliness > reliability.

Why TLS perfect forward secrecy?

Ephemeral Diffie-Hellman keys mean long-term key compromise doesn't decrypt past sessions.