Updated 11/20/2024
The Internet is a bunch of Interconnected Networks.
A host is any device that send or receives data.
A network is a logical grouping of host which require similar connectivity. Networks have an IP address space, and all of the host in the network have an IP Address that is in the network's IP address space.
A NIC is a Network Interface Card (Ethernet or WiFi). Today, these have been integraded onto the motherboard or inside a phone or watch. However, the therm nic is still used.
A Hub is a multi-port repeater. It sits in the center and facilates scaling communications betweeen additinal host. The problem with hubs is that every host receives every host's data.
Bridges sit between two connected host. Bridges by defination only have two ports. Bridges learn which hosts are connected to which bridge port. Bridges issolate traffice by permitting only traffic that needs to cross the bridge to do so.
Switches are a combinatin of Hubs and Bridges. They have multiple ports, and they learn which host are on each port. Switches facilitate communications within a network.
A Router facilitates communications between networks. Since Rounters sit between networks, they are a logical location for security, filtering, and redirection. Routers learn which neworks they are connected to. A Routing Table is all the networks a Router knows about.
A Gateway is a host's way out of their local Network.
The Internet is composed of a bunch of interconnected Routers in a Hierarchy.
# | Layer | Devices | Header | Addressing | Delievery |
---|---|---|---|---|---|
7 | Application | Merged Application | |||
6 | Presentation | ||||
5 | Session | ||||
4 | Transport | Port No's, TCP, UDP | TCP Port No. or UDP Port No. | 16-bits / 0-65535 decimal | Service-to-Service |
3 | Network | Anything with an IP Address i.e. Hosts & Routers | scr & dst IP Addresses | 32-bits 4 octets (0-255 decmial) | End-to-End |
2 | Data Link | NIC, WiFi, Switches | scr & dst MAC Addresses | 48-bit / 6 Hexidecimal pairs | Hop-to-Hop |
1 | Physical | Cables, WiFi, Repeaters & Hubs |
TCP: Tranmission Control Protocol - guaranteed delievery.
UDP: User Datagram Protocol - fast but not guaranteed delievery.
The transmport header dst port number is a "well known" port number and/or assigned port number. ie https - TCP 443, http - TCP 80, IRC (Chat) UDP 6669). The source port number is usually a random number. This allows for applications with tabs or multiple windows on the desktop at the same time.
The ARP (Address Resolution Protocol maps IP Addresses to MAC Address. It bridges L3 and L2.
As data moves down the stack:
As the data moves through the network, at each router, the Layer 2 header is removed, and replaced with a new Layer 2 header to carry it to the next hop.
Finally, the receiving host, checks the Layer 2 header and if it matches, removes it, then checks the Layer 3, and if it matches, removes it. The application then processes the data.
The following should be configured for each host:
Assumee that Host_1 needs to send data to Host_2, and Host_1 knows Host_2's IP Address. Since Host_1 knows it own IP Address and the destination IP Address, it has enough information to construct the L3 header (IP Addresses). However, it does not have enough information to construct the L2 header (MAC addresses).
It compares it own IP address and subnet mast to the destination IP Address to determine if the destination IP Address is on the same network or a foreign network.
Host have a ARP Table that maps IP Addresses to MAC Addresses.
The difference between a host and router is that host do not forward frames (or packets). If a host receives a frame that is not address to it, it drops the frame (or packet). Linux allows turning a host into a router by enabling forwarding.
Switching is the process of moving data within a single network.
Switches are Level 2 (Data Link) devices. Switches are only concerned with MAC Addresses. Switches have a MAC Address Table that maps switchport numbers to the MAC Address of the NIC that it is connected to.
Switches do 3 things: Learn, Flood, and Forward.
Initially the MAC Address Table is emply. However, everytime a frame (MAC Address Header + data) flows into a switch, the the switche learns which switchport number is connected to the NIC with the header's source address. This is a one-to-one mapping i.e. each switch port is connected to only one NIC.
If the header's designation MAC Address is not in the switch's MAC Address Table, it does not know where to send the frame. It therefore sends the frame out of all of the switch ports that were not populated in the table. This process is called Flooding. It is not the same as Broadcasting to every switch port.
Simple switches do not have a MAC or IP Address. Managed switches do have a MAC and IP Addresse, which is only used to facilitate managing the switch.
Routing is the process of moving data between networks.
Routers are Level 3 (Network) devices. Routers have an IP Address and a MAC Address for each Network they are connected to.
Each Router has a Routing Table that maps Router Ports to Neworks that they know about. This is a one to many mapping. That is, you can usually reach more than one network per router port.
There are 3 ways to populate a routing table: 1. Direct connected networks, 2. static (adm manual) entries, and information from from other routers via one of serveral dyamic routing protocol. Routing Tables are populated in advance. If a router receives a packet and its destination IP address is not in its routing table, it drops the packet.
Routers also have an ARP Tables (IP Addresses to MAC Addresses). This was discussed in "Everyting Host DO".
As will be discussed in the next section, routers something have an Network Address Translation (NAT) table.
In the Internet address space, there are both private an public IP addresses. The private address spaces are:
The remaining addresses are public.
Since there is no way to recieve a response, a rounter will not forward a packet to the Internet whose source address is private. Instead it will replace the private source IP address with the the routers IP address. In addition, it will also generate a new random port number for the source port number so when the response is recieved at the router, it will know, which host to forward it to. Formally in RFC 2663, uses to term network address and port translation (NAPT) . However, the port transltion is often left out. It is also referred to as port address translation (PAT), IP masquerading, NAT overload, and many-to-one NAT.
One big advantage of NAT (many-to-one) is that it saves public IP Addresses.
As pointed out in one of my old books, "Learning TCP/IP in 24 hours: if the your router always does source NATing then your local Area Network can be any IP Address space not just thoese reversed by private.
There are the terms souce nework address translation (SNAT) and designation network address translation (DNAT).
Router that perform NAT keep a NAT table so that it can forward the respone to the correct host - nftable refers to this as conn tracking.
References:
IP Address | Host Internet Identity |
Subnet Mask | Size of the Network the Host is connected to |
Default Gateway | IP Address of a Rounter connected to this Network |
Domain Name Server (DNS) | Converts Domain Names to IP Addresses |
In his examples, the router are connected linear. In this configuration, hosts in the middle network have two gateways. Which is the default gateway? How does the host know which gateway to chose? Will arranging the host in a heirachie eliminate this problem?
It is customary for the IP Address of a rounter to end in the number one i.e. xxx.xxx.xxx.1. However, it can be any IP Address in the network's IP space. Chosing a another value may be more secure.
When using a Linux Box as a router, you can always perform masquerading via nftables. Therefore, you can chose any IP Address space for the Network - not just the reserved for private use space. If you do use the reserved for private use space then 10.xxx.xxx.xxx is a much larger space, and this may be more secure.
To understand how computer networks operate, you have to understand how data moves though networks. This is the foundation you will need to expand your knowlege of computer networks.