Networks

Terminology

Network Device - e.g. a computer, a printer, a mobile device, a server
Network Interface Card (NIC) - wired or wireless, each network device has this card (usually built in to the device) If wired device (instead of wireless), it will have a wire that connects to a physical switch of an access point. A typical connector on a NIC is an RJ45 connector (RJ = registered jack) used for Ethernet networks
Access Point (AP) - a network device that is used to forward data to it’s destination
Router - a network device that creates and maintains a local area network (as well as moves data inside of that network)

E.g. Will is on a computer (network device) that is connected to a switch (wireless or wired), which forwards the request to the router, it forwards to a firewall, then to another router, then to the internet (a service provider).

Protocol Stack (aka Network Stack)

A protocol stack (aka network stack) is an implementation of a computer networking protocol suite.

Application Layer - Web Service, File Service
Transport Layer (Layer 4) - TCP (slower, but reliable) vs UDP (faster, best attempt only, not reliable) UDP = User Datagram Protocol TCP = Transmission Control Protocol
Network Layer (Layer 3) - IP (Internet Protocol) Address (identify a specific device and on what network). IP Addresses added here. At this level, the Protocol data unit (PDU) is a Packet
Data-link Layer (Layer 2) - MAC (Media Access Control) Address (aka physical address, ethernet address, hardware address). Each device has its own unique 12 hexadecimal identifier (e.g. 9C-35-5B-5F-4C-D7, 0-F). Ethernet addresses added here. At this level, the Protocol data unit (PDU) is a Frame Mac addresses are physically attached to a hardware device.
Physical Layer (Layer 1)- Sending raw bit (0’s, 1’s) streams. At this level, the Protocol data unit (PDU) is Bit or Symbol

So how does this all come together? A user’s computer might request data from a web server, the web service associates tcp as the transport protocol (how to send data), we would add the IP address of the server, add the mac address and send those bits.

The above is called a TCP/IP protocol stack.

Example Application Layer Services:

DNS (Domain Name Service)

An important app service is DNS (domain name service), which converts a domain name (like google.com) into an IP address. DNS uses the Layer 4 Transport Protocol of UDP and has a destination port of port 53, a source port (e.g. say port number is > 1024 like 38777, randomly picked and assigned if it’s not in use) Think of the source port and destination port as an envelope with sender and destination address.

HTTP web service

An example of a web app using HTTP uses the Layer 4 of TCP and a destination port 80 and say a source port of 1553.

Troubleshooting Tools

In your CLI, you have a few tools to help troubleshoot:

ping - Can rule out that DNS is working (e.g. ping www.google.com)
protocol analyzer (e.g. Wireshark, to capture logs of where packets went)

ping tips, if we see that there’s an IP address after the ping, we know at least DNS is working (doesn’t matter what the reply is).

ping google.com

Pinging google.com [142.250.69.238] with 32 bytes of data:
Reply from ...

IP address and Layer 2 address

ipconfig using ipconfig /all on windows

Has the information from Ethernet adapater Ethernet 0: with the Physical Address (aka layer 2 address)

ifconfig (interface config) on mac/linux

Under inet (for ip address, e.g. 192.168.1.109) and ether for physical address (e.g. 00:15:5d:77:77:01)

Address Resolution Protocol (ARP)

So how does say a computer (which has its own MAC address) know the MAC address of another device on the network? Address Resolution Protocol (ARP) helps discover another computer’s Layer 2 address. For example:

Name of Computer	Layer 3 - IP Address	Layer 2 - MAC Address
Computer 2	10.1.0.10	00:15:5d:77:88:99
Internal Server	10.1.0.111	00:15:5d:67:83:22

Computer 2 basically asks (using Address Resolution Protocol) as a broadcast request what is using this IP Address (should only be one device that uses an IP address at a time), and if it’s there, what is the Layer 2 address?

Layer 2 Switching Fundamentals

A switch has a few ports that allow registered jacks to plugin in. When a switch starts up, the switch doesn’t know what devices are plugged into those ports. The switch will remember what MAC address with what Port. The switch remembers each MAC Address is at which port number.

A broadcast of ffffffffffff is a reserved address that says everyone needs to see this data (sends to every port in that local area network, e.g. an ARP request). Another case is unknown unicast, which means this frame is intended for only one specific mac address (but it’s not sure where that mac address is).

Internet Protocol (IP) ver 4 (IPv4)

An IP address looks like #.#.#.# where the numbers can range from 0-255. An example is say 10.1.0.10. In the IP address, there are 2 parts:

the first part is the Network Address (think of it as the Street Address)
the second part is the Host Address (think of it as the House Address)

The left side is the Network Address and the remaining right side is the Host Address. All of the devices on the same network starts with the same set of numbers.

So what’s the dividing line between network address and host address? The indicator on what separates the network address from the host address is the mask (subnet mask, network mask).

Say we have a mask of 255.255.0.0 and an IP of 10.1.0.10. That means 10.1 is the network address and 0.10 is the host address.

Layer 3 IP Routing

Say we have a 10.1 Network and a 10.2 Network. A user Will has his computer on 10.1.0.10 and wants to talk to another device on the same 10.1 network. You can just specify that device and the switch will know. However, if Will wants to talk to a different network 10.2 Network, we would have to go through a network device called a Router.

If a computer cannot connect to the destination, you want to check 4 basic computer configuration elements:

Does the user have the correct IP Address? (e.g. shows right network?)
Does the computer have the right mask? (e.g. 255.255.0.0)
Based on above, is the default gateway configured? What router do you forward frames to (for anything that goes to a remote network, i.e. another network)
Is there a DNS server configured? (e.g. Google DNS is 8.8.8.8 or using a company specific DNS)

Dynamic Host Configuration Protocol (DHCP)

In order to setup automatic IP configuration on computers, we can use DHCP. Without DHCP, we would need to setup/update configs manually. To setup DHCP, we setup a DHCP server where we can have specific options (e.g. DNS server, default gateway). When a client connects, we run through DORA:

Discover
Offer
Request
Ack

VPC (Virtual Private Cloud)

A VPC is a logically isolated virtual network that you define and have complete control over. You can have your own selection of IP address ranges, create your own subnets, and configure your own route tables and network gateways. You can use both IPv4 and IPv6 for your resources. You can have a public facing subnet for web servers that have access to the internet and a private subnet with no internet access for your backend systems like databases.