TCP/IP networks
IPv4
- commonly used (except for phones)
- 32-bit addresses
- Class A 8 network bits, 24 host bits (1st bit = 0)
- Class B 16 network bits, 16 host bits (1st bits = 10)
- Class C 24 network bits, 8 host bits (1st bits = 110)
- subnet mask all network bits = 1, all host bits = 0
- private addresses (10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) are not routed to the public Internet
- local addresses (127.0.0.0/8) are not sent off the local host
- network address has all host bits = 0
- broadcast address has all host bits = 1
- address are running out and address assignment produces inefficient routing
IPv6
- 128-bit addresses
- default 64 bits for network and 64 bits for host
- plenty of addresses and more efficient routing
layers & protocols
organization
protocols are loosely organized into 4 layers
the layers do not exactly correspond to the 7 more rigorously defined OSI layers
- Application
- data streams to/from programs using network communication
- DHCP provides automatic addressing (not needed with IPv6 SLAAC)
- DNS provides a mapping between names and addresses
- Transport
- end-to-end communication between programs using software ports
- UDP is stateless, has low overhead
- TCP is stateful, has error correction and more overhead
- QUIC is intended to replace TCP with encryption and multiplexed UDP streams for better performance
- Internet (Layer 3)
- moves packets between networks using IP addresses
- IP makes a best effort to route packets to the destination network
- ICMP moves messages about the network itself
- NAT translates source and/or destination addresses, usually public ⇄ private (not needed with IPv6)
- CIDR allows any number of IP address host bits (not needed with IPv6)
- Link (Layer 2)
- moves frames between devices on the same network using MAC addresses
- ARP resolves IP addresses to MAC addresses
network hardware
- physical (Layer 1)
- interfaces, cables, etc
- ethernet (IEEE 802.3)
- Wi-Fi (IEEE 802.11)
- switch (Layer 2)
- link layer, moves data between hosts on a local network using MAC addresses
- allows simultaneous traffic between different pairs of hosts
- router (Layer 3)
- internet layer, moves data between hosts on a different networks using IP addresses
- communicates with interconnected routers to determine the best route
- firewall
- filters traffic based on interfaces, direction, addresses, ports, data, etc
- used to direct traffic and to block potentially malicious traffic
diagrams
- TCP/IP encapsulation
- recursive DNS query
- source NAT
- destination NAT
UNIX utilities
- IP address, subnet mask
- ip addr (Linux), ifconfig (BSD, UNIX)
- router address
- ip route (Linux), route (BSD, UNIX)
- DNS server address
- /etc/resolv.conf (text file)
- neighbor info
- ip neigh (Linux), arp (BSD, UNIX)
- connections
- ss (Linux), netstat (BSD, UNIX)
- service names and ports
- /etc/services (text file)
- DNS
- host, nslookup, dig
- firewall
- nft (Linux), pf (BSD)