Standard-Concepts
Standard-Concepts
2025-02-01 10:42
Status: #adult
Tags: Networking
Transport Layer
Internet Layer
The key protocols for this layer are IP, ICMP, ARP, Routing
protocols.
IP (Internet protocol)
IPv4 (32-bit addresses) and IPv6 (128-bit addresses)
ICMP (Internet Control Message Protocol)
This is for debugging where the packet stops, this uses ping
and traceroute.
ARP (Address Resolution Protocol)
Maps IP addresses to MAC addresses on the local network.
Routing Protocols
Routing protocols are a set of rules that allow routers to
communicate with each other to find the best path for data
packets to travel through a network.
Examples of routing protocols are: OSPF, EIGRP, BGP
Open Shortest Path First (OSPF)
It is a link-state routing protocol, it determines the
best path between network nodes. OSPF uses Dijkstra's
Algorithm which computes the shortest path tree using
link-state database (LSDB).
Used within an Autonomous System for intra-domain routing.
Intra-domain routing only works within the domain, the
opposite of this is inter-routing.
Hierarchical design using areas to scale large networks.
Link-state advertisement is a message sent by routers in
an OSPF domain to announce changes in the network.
TYPE 1 (Router LSA)
TYPE 2 (Network LSA)
TYPE 3/4 (SUMMARY LSAs)
TYPE 5/7 (EXTERNAL LSAs)
The operations that OSPF does is:
Neighbor Discovery, LSDB Synchronization, SPF
Calculation
Neighbor discovery is when routers send Hello
packets which are multicast to 224.0.0.5 to form
adjacencies.
LSDB synch. exchanges LSAs via Database Description
(DBD)
SPF Calc. is when each router independently
computes the shortest path to all destinations.
The advantages of OSPF are namely:
Fast convergence due to triggered updates.
Hierarchical design reduces LSA flooding.
Supports VLSM (Variable-Length Subnet Masking) and
authentication (MD5/SHA).
Disadvantages are:
Complex config in large scale.
High CPU/mem usage in large LSDBs
Use cases are Enterprise Networks, ISP core networks.
Packet Tracer Config Commands
router ospf 1
network 10.0.0.0 0.255.255.255 area 0
show ip ospf neighbor
show ip ospf database
Enhanced Interior Gateway Routing Protocol (EIGRP)
EIGRP is an advanced distance-vector/hybrid protocol. This
will compute loop-free paths by tracking
successors/feasible successors.
This is for efficient intra-domain routing with fast
convergence.
EIGRP uses Diffusing update algorithm (DUAL) for loop free
paths.
Same with OSPF it uses hello packets multicast to
224.0.0.10, but it differs from the route updates as it is
for partial/bounded updates, which is only sent when
topology changes.
EIGRP stores all routes and feasible successors in a
topology table.
EIGRP is only viable when you are using cisco-centric
enterprise networks, as it is a cisco proprietary
protocol.
Packet Tracer Config Commands
router eigrp 100
network 10.0.0.0
show ip eigrp neighbors
show ip eigrp topology
Border Gateway Protocol (BGP)
is a path-vector protocol, its purpose is for inter-domain
routing between autonomous systems on the internet. This
differs from the two routing protocols by using policy-
based routing using attributes.
The neighbor establishment of BGP is that it uses TCP port
179 for reliable sessions. Route Advertisements exchanges
UPDATE messages with NLRI, and the way it selects the best
path is by evaluating attributes in sequence.
Path attributes are:
AS_PATH - a list of Autonomous Systems traversed.
This will prevent loops
NEXT_HOP - IP of the next router
LOCAL_PREF - the preference for a route within an
autonomous system.
MULTI-EXIT DISCRIMINATOR (MED) - suggests preferred
entry point to an autonomous system.
Packet Tracer Config Commands:
router bgp 65001
neighbor 192.168.1.1 remote-as 65002
show ip bgp summary
show ip bgp neighbors
1. Encapsulation:
Data starts at the application layer. HTTP request.
Transport Layer adds a TCP/UDP header
Internet Layer adds an IP Header
Network Access Layer adds a frame header and trailer.
2. Decapsulation
The receiving device reverses the process, stripping headers
layer by layer
OSI Model
Application Layer
Interfaces with user applications
Presentation Layer
Translates data into a readable format (Encryption,
Compression)
Session Layer
Managing connections between devices (Session Establishment,
Termination)
Transport Layer
Ensures end-to-end communication (TCP,UDP)
Network Layer
Handles logical addressing and routing (IP, routers)
Data Link Layer
Manages node-to-node communication (Mac Addresses, Switch)
Physical Layer
Transmits raw bits over a physical medium (Cables, Wireless
Signals)
Example:
Laptop sending data to a printer on the same LAN:
1. The IP Packet (Layer 3) is wrapped in an ethernet frame.
2. The frame uses the printer's MAC address (Learned via ARP) as the
destination.
3. The switch examines the frame's MAC address and forwards it only
to the printer's port
Packets are data units at the Network Layer (Layer 3). Packets
include source and destination IP addresses, routing information,
and the payload.
Example:
When you load a website hosted on a remote server:
1. Your PC creates an IP packet with the destination IP.
2. Routers examine the packet's IP header, decrement TTL, and use
routing tables to forward it toward the destination network.
3. The destination server's local network uses ARP to resolve the IP
to a MAC address for frame delivery.
Work together?!?
Frame and packets work together in Encapsulation and De-
encapsulation process.
1. The receiving device’s NIC reads the frame, verifies the FCS, and
strips the frame header/trailer.
2. The IP packet is passed to Layer 3, where the router examines the
destination IP.
3. The transport layer (TCP/UDP) processes the segment and delivers
data to the application.
Addressing
Every device on a network needs a unique identifier so data can be
sent to the right place and responses can come back. Without
addresses, networks cannot communicate with each other.
In network architecture, addressing serves as the abstraction layer
that enables scalable, hierarchical, and deterministic
communication. It operates at two critical layers:
Example:
IPv6 Advantages:
Advanced Troubleshooting
Always check for overlapping subnets
Verify VLSM Consistency
Trace ARP tables and routing protocol advertisements.
Bandwidth
This is the maximum data transfer capacity of a network link,
measured in bits per second (bps).
A Gigabit Ethernet Link has a bandwidth of 1Gbps
This is fixed by the physical layer, it will be determined by the
medium and encoding schemes.
Throughput
The actual rate of successful data delivery over a network,
measured in bps
A 1Gbps link has the capacity of 1Gbps but might only reach
850 Mbps throughput due to overhead and congestion.
It is affected by protocol overhead, latency, packet loss, and
network congestion
T hroughput = W indowSize(Bytes)/RT T (Seconds)
Latency
This is the time it takes for data to travel from source to
destination (one-way delay), measured in milliseconds.
Delay
It is the amount of time it takes for a data packet to travel from
one point to another across a network, essentially measuring how
long it takes for information to be transmitted and received.
Commonly known as "Network Latency" where a longer delay indicates
high latency and a shorter delay indicates low latency.
iPerf
Measures: Throughput between two endpoints on a controlled
network.
Pros:
Tests LAN/WAN performance without internet variables.
Supports TCP/UDP, parallel streams, and adjustable window
sizes.
Command Example:
Server: iperf3 -s
Client: iperf3 -c 10.0.0.1 -t 30 -P 4 # 30-second test, 4 parallel streams
Use Case: Validating network infrastructure (e.g., link capacity
between offices).
Key Difference:
Speedtest = “What’s my throughput to the internet?”
iPerf = “What’s the max throughput my network can handle
internally?”
On-Premises Infrastructure
When the hardware and software is hosted locally, managed entirely
by the organization.
- Has high Capital Expenditure (CapEx) upfront costs for servers,
storage, and networking gear, but the company will have complete
ownership of the security, compliance and architecture.
- The IT staff of the company will be handling updates, patches, and
hardware replacements. Scalability is only when you are being
limited by physical capacity; requires procurement lead time.
Public Cloud
Definition: Shared, multi-tenant infrastructure hosted by third-
party providers (AWS, Azure, Google Cloud).
Private Cloud
Definition: Dedicated cloud infrastructure (on-premises or hosted)
for a single organization.
Hybrid Cloud
Definition: Combines public cloud, private cloud, and on-premises
systems.
The user will give the code, data, and app configuration.
While the provider will take care of the runtime, OS, servers,
and storage.
An example is Google app engine deploying python/node.js apps
without managing servers.
The user will provide the OS, middleware, apps, and data.
While the provider will take care of the hypervisors and physical
hardware.
An example is: AWS EC2 for hosting custom Linux VMs with full
root access.
On-Premises Challenges
VPN Dependency: Remote workers rely on VPNs to access on-prem
apps (latency issues).
Scalability Limits: Struggles with sudden demand spikes (e.g.,
remote desktop gateway overload).
Features of UDP:
UDP is typically used for video streaming, VoIP, DNS queries, and
online gaming. By using UDP you are prioritizing speed over quality.
Features of TCP:
TCP is typically used for web browsing, email, and file transfers.
By using TCP it ensures all data arrive intact.
Port: 22
Features:
Data is encrypted before sending it in transit.
Compared to FTP which uses only username and password, SFTP
uses SSH keys or passwords.
Port: 69
Features:
There is no authentication since this version of FTP will only
prioritize the speed of transfer.
It uses UDP instead of TCP, so it is fast but unreliable.
Web Protocols
Web protocols are network protocols that enable the transmission of
data over the internet.
Port: 80
Features:
Each request is independent.
There is no encryption when using HTTP, prone to M-i-M attacks
and eavesdropping.
Port: 443
Features:
Encrypts data using TLS/SSL, so it protects data integrity and
confidentiality.
The server identifies the user via certificates which provides
authentication.
Port: 53
Process: Recursive Query -> Iterative Query
Client asks DNS server to resolve a name.
DNS server queries root/TLD servers if needed.
Features:
By using PING you will be able to test connectivity
You can map out the path to a end device by using TRACEROUTE
Port: 123
Features:
Hierarchy of time sources (Stratum 1 = atomic clock)
Critical for auditing. Used for logging, authentication and
financial transactions.