AfterZip|Documentation Centre

Learn

Navigate through learn topics

Networking Fundamentals

Understanding how networks, protocols and internet communication work

Last updated: 8/15/2025

Demystify the invisible highways that connect the digital world, from basic networking concepts to advanced protocols and architectures.

How Networks Work

The Basics

Connecting computers together

A network is simply computers connected to share information. It's like a postal system for digital data - with addresses, routes and delivery methods.

Real-world analogy: Think of networks like a city's road system. Houses (computers) are connected by streets (cables/WiFi), with addresses (IP addresses) and traffic rules (protocols).

The OSI Model

Seven Layers of Networking

A framework for understanding network communication

┌─────────────────────────────────────┐
│ 7. Application Layer                │ ← HTTP, [FTP](/learn/ftp), SMTP
│    (User applications)              │
├─────────────────────────────────────┤
│ 6. Presentation Layer               │ ← SSL/TLS, JPEG
│    (Data formatting, encryption)    │
├─────────────────────────────────────┤
│ 5. Session Layer                    │ ← NetBIOS, SQL
│    (Connection management)          │
├─────────────────────────────────────┤
│ 4. Transport Layer                  │ ← TCP, UDP
│    (Reliable data transfer)         │
├─────────────────────────────────────┤
│ 3. Network Layer                    │ ← IP, ICMP, Routing
│    (Path determination)             │
├─────────────────────────────────────┤
│ 2. Data Link Layer                  │ ← Ethernet, WiFi
│    (Node-to-node delivery)          │
├─────────────────────────────────────┤
│ 1. Physical Layer                   │ ← Cables, Radio waves
│    (Bits over physical medium)      │
└─────────────────────────────────────┘

Remember it with: "Please Do Not Throw Sausage Pizza Away"

Physical → Data Link → Network → Transport → Session → Presentation → Application

IP Addressing

IPv4 Addresses

The internet's phone numbers

IPv4 addresses are 32-bit numbers written as four octets: 192.168.1.1

Example: 192.168.1.100
Binary:  11000000.10101000.00000001.01100100

Classes:
Class A: 1.0.0.0 to 126.255.255.255 (Large networks)
Class B: 128.0.0.0 to 191.255.255.255 (Medium networks)
Class C: 192.0.0.0 to 223.255.255.255 (Small networks)

Private vs Public IPs

Internal vs external addresses

Private IPs (not routable on internet):

  • 10.0.0.0 to 10.255.255.255
  • 172.16.0.0 to 172.31.255.255
  • 192.168.0.0 to 192.168.255.255

Public IPs: Globally unique addresses assigned by ISPs

IPv6 Addresses

The future of IP addressing

IPv6 uses 128-bit addresses: 2001:0db8:85a3:0000:0000:8a2e:0370:7334

Benefits:

  • 340 undecillion addresses (3.4×10³⁸)
  • Built-in security (IPSec)
  • No more NAT needed
  • Auto-configuration

Subnetting and CIDR

Subnet Masks

Dividing networks into smaller pieces

Network: 192.168.1.0/24
Subnet Mask: 255.255.255.0

/24 means first 24 bits are network portion:
11111111.11111111.11111111.00000000

Available hosts: 254 (256 - network - broadcast)
Network address: 192.168.1.0
Broadcast: 192.168.1.255
Usable: 192.168.1.1 to 192.168.1.254

CIDR Notation

Classless Inter-Domain Routing

/32 = 255.255.255.255 = 1 host
/24 = 255.255.255.0   = 256 addresses
/16 = 255.255.0.0     = 65,536 addresses
/8  = 255.0.0.0       = 16,777,216 addresses

VLSM (Variable Length Subnet Masking)

Efficient IP allocation

Company needs:
- 100 hosts for Sales: 192.168.1.0/25 (126 usable)
- 50 hosts for HR: 192.168.1.128/26 (62 usable)
- 20 hosts for IT: 192.168.1.192/27 (30 usable)
- 2 for WAN link: 192.168.1.224/30 (2 usable)

TCP/IP Protocol Suite

TCP (Transmission Control Protocol)

Reliable, ordered delivery

TCP is like registered mail - guaranteed delivery with confirmation.

Three-way handshake:

1. SYN →       "Can we talk?"
2. ← SYN-ACK   "Yes, can you hear me?"
3. ACK →       "Yes, let's talk!"

Features:

  • Connection-oriented
  • Error checking
  • Flow control
  • Retransmission
  • In-order delivery

UDP (User Datagram Protocol)

Fast, best-effort delivery

UDP is like dropping postcards in a mailbox - fast but no guarantees.

Use cases:

  • Video streaming
  • Online gaming
  • DNS queries
  • VoIP calls

Comparison:

         TCP                    UDP
    ─────────────          ─────────────
    Reliable               Unreliable
    Ordered                No ordering
    Slower                 Faster
    Higher overhead        Lower overhead
    HTTP, HTTPS, SSH       DNS, DHCP, Gaming

DNS (Domain Name System)

How DNS Works

The internet's phonebook

DNS translates human-readable names to IP addresses.

User types: www.example.com
                ↓
1. Check local cache
                ↓
2. Query recursive resolver (ISP)
                ↓
3. Query root server (.)
                ↓
4. Query TLD server (.com)
                ↓
5. Query authoritative server
                ↓
6. Return IP: 93.184.216.34

DNS Record Types

A       - IPv4 address
AAAA    - IPv6 address
CNAME   - Canonical name (alias)
MX      - Mail exchange
TXT     - Text information
NS      - Name server
SOA     - Start of authority
PTR     - Pointer (reverse DNS)
SRV     - Service record

DNS Resolution Example

# Using dig to trace DNS resolution
dig +trace google.com

# Check specific record types
dig google.com A      # IPv4
dig google.com AAAA   # IPv6
dig google.com MX     # Mail servers

HTTP/HTTPS Protocols

HTTP Basics

HyperText Transfer Protocol

HTTP is the foundation of web communication.

Request structure:

GET /index.html HTTP/1.1
Host: www.example.com
User-Agent: Mozilla/5.0
Accept: text/html

Response structure:

HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 1234

<html>...</html>

HTTP Methods

GET     - Retrieve data
POST    - Submit data
PUT     - Update/replace
PATCH   - Partial update
DELETE  - Remove resource
HEAD    - Get headers only
OPTIONS - Get allowed methods

Status Codes

1xx - Informational
  100 Continue
  101 Switching Protocols

2xx - Success
  200 OK
  201 Created
  204 No Content

3xx - Redirection
  301 Moved Permanently
  302 Found
  304 Not Modified

4xx - Client Error
  400 Bad Request
  401 Unauthorized
  403 Forbidden
  404 Not Found

5xx - Server Error
  500 Internal Server Error
  502 Bad Gateway
  503 Service Unavailable

HTTPS and TLS/SSL

Secure communication

HTTPS adds encryption using TLS/SSL.

TLS Handshake:

1. Client Hello (supported ciphers)
2. Server Hello (chosen cipher)
3. Server Certificate
4. Key Exchange
5. Finished (encrypted communication begins)

Network Topologies

Common Topologies

Star Topology:
    Client
      ↓
   Switch ← Client
      ↑
    Client

Mesh Topology:
  Node ←→ Node
   ↓ ✕ ↑
  Node ←→ Node

Bus Topology:
Client - Client - Client - Client
        |
    Main Cable

Ring Topology:
Client → Client
  ↑         ↓
Client ← Client

Network Types

LAN (Local Area Network):

  • Single building/campus
  • High speed (1-100 Gbps)
  • Low latency

WAN (Wide Area Network):

  • Geographically distributed
  • Lower speeds
  • Higher latency

MAN (Metropolitan Area Network):

  • City-wide coverage
  • Between LAN and WAN

Routing and Switching

How Routing Works

Finding the best path

Routers make decisions based on routing tables.

# Sample routing table
Destination     Gateway         Interface
0.0.0.0         192.168.1.1    eth0       # Default route
192.168.1.0/24  0.0.0.0        eth0       # Local network
10.0.0.0/8      192.168.1.254  eth0       # Another network

Routing Protocols

Static Routing:

  • Manually configured
  • No overhead
  • Doesn't adapt to changes

Dynamic Routing:

  • RIP: Distance vector, hop count
  • OSPF: Link state, cost-based
  • BGP: Path vector, internet backbone

Switching Concepts

MAC Address Table:

Port    MAC Address         VLAN
1       00:1B:44:11:3A:B7   10
2       00:1B:44:11:3A:B8   10
3       00:1B:44:11:3A:B9   20

VLANs (Virtual LANs):

  • Logical network segmentation
  • Improved security
  • Better performance

NAT and Port Forwarding

Network Address Translation

Sharing one public IP

NAT allows multiple devices to share a single public IP address.

Internal device: 192.168.1.100:45678
        ↓
NAT Translation
        ↓
External: 203.0.113.1:45678

Port Forwarding

Exposing internal services

# Forward external port 80 to internal server
External: 203.0.113.1:80 → Internal: 192.168.1.100:8080

# Common port forwards
SSH:   22 → 192.168.1.10:22
HTTP:  80 → 192.168.1.20:80
HTTPS: 443 → 192.168.1.20:443

Load Balancing

Distribution Algorithms

Round Robin:

Request 1 → Server A
Request 2 → Server B
Request 3 → Server C
Request 4 → Server A (repeat)

Least Connections:

Server A: 5 connections
Server B: 3 connections ← New request
Server C: 7 connections

IP Hash:

hash(client_ip) % num_servers = target_server

Types of Load Balancers

Layer 4 (Transport):

  • Works with IP and port
  • Faster, less CPU intensive
  • Can't inspect application data

Layer 7 (Application):

  • Can inspect HTTP headers
  • Content-based routing
  • SSL termination

CDN (Content Delivery Network)

How CDNs Work

Bringing content closer to users

User in Sydney requests image.jpg
        ↓
1. Check Sydney edge server
2. Cache miss? Fetch from origin
3. Cache for future requests
4. Serve to user (low latency)

CDN Benefits

  • Reduced latency: Content served from nearby
  • Reduced bandwidth: Origin serves less traffic
  • Improved availability: Multiple points of presence
  • DDoS protection: Distributed infrastructure

Network Security

Firewalls

Network gatekeepers

Stateless Firewall Rules:

Allow TCP 80 from any to web_server
Allow TCP 443 from any to web_server
Deny all from any to any

Stateful Firewall:

  • Tracks connection state
  • Allows return traffic automatically
  • More intelligent filtering

VPN (Virtual Private Network)

Secure tunnels over public networks

Types:

  • Site-to-Site: Connect offices
  • Remote Access: Individual users
  • SSL VPN: Browser-based
  • IPSec: Network layer

Network Segmentation

Defense in depth

Internet
    ↓
Firewall
    ↓
DMZ (Web servers)
    ↓
Firewall
    ↓
Internal Network (Application servers)
    ↓
Firewall
    ↓
Database Segment

WebSockets and Real-time

WebSocket Protocol

Full-duplex communication

// Client-side WebSocket
const ws = new WebSocket('wss://example.com/socket');

ws.onopen = () => {
  ws.send('Hello Server!');
};

ws.onmessage = (event) => {
  console.log('Received:', event.data);
};

Server-Sent Events (SSE)

One-way real-time communication

// Client-side SSE
const eventSource = new EventSource('/events');

eventSource.onmessage = (event) => {
  console.log('New message:', event.data);
};

API Protocols

REST

Representational State Transfer

GET /api/users/123
PUT /api/users/123
DELETE /api/users/123
POST /api/users

GraphQL

Query language for APIs

query {
  user(id: 123) {
    name
    email
    posts {
      title
      content
    }
  }
}

gRPC

High-performance RPC

service UserService {
  rpc GetUser (UserRequest) returns (User);
  rpc ListUsers (Empty) returns (stream User);
}

Network Troubleshooting

Essential Tools

ping:

# Test connectivity
ping google.com

# Continuous ping
ping -t google.com

traceroute/tracert:

# Trace packet path
traceroute google.com

# Windows version
tracert google.com

netstat:

# Show network connections
netstat -an

# Show listening ports
netstat -tuln

nslookup/dig:

# DNS lookup
nslookup google.com
dig google.com

# Reverse DNS
nslookup 8.8.8.8

tcpdump/Wireshark:

# Capture packets
tcpdump -i eth0 port 80

# Save to file
tcpdump -w capture.pcap

Common Issues and Solutions

Can't connect to website:

  1. Check DNS: nslookup domain.com
  2. Check routing: traceroute domain.com
  3. Check firewall rules
  4. Verify port is open: telnet domain.com 80

Slow network:

  1. Check bandwidth: Speed test
  2. Check latency: ping -t
  3. Check packet loss: Extended ping
  4. Check MTU size issues

Performance Optimisation

TCP Tuning

# Linux TCP tuning
echo 'net.core.rmem_max = 134217728' >> /etc/sysctl.conf
echo 'net.core.wmem_max = 134217728' >> /etc/sysctl.conf
echo 'net.ipv4.tcp_rmem = 4096 87380 134217728' >> /etc/sysctl.conf
echo 'net.ipv4.tcp_wmem = 4096 65536 134217728' >> /etc/sysctl.conf

HTTP/2 and HTTP/3

HTTP/2 Benefits:

  • Multiplexing
  • Server push
  • Header compression
  • Binary protocol

HTTP/3 (QUIC):

  • UDP-based
  • Faster connection establishment
  • Better mobile performance
  • Built-in encryption

Edge Computing

Edge Networks

Computing at the network edge

Traditional:
User → Internet → Cloud Data Centre

Edge Computing:
User → Edge Location (compute) → Cloud (if needed)

Benefits:

  • Ultra-low latency
  • Reduced bandwidth
  • Data locality
  • Offline capability

Getting Started

Home Lab Setup

Basic Network Lab:

Internet
    ↓
Router/Firewall (pfSense)
    ↓
Managed Switch (VLANs)
    ├── Server VLAN
    ├── Client VLAN
    └── IoT VLAN

Tools to learn:

  1. Wireshark - Packet analysis
  2. nmap - Network scanning
  3. iperf - Bandwidth testing
  4. GNS3 - Network simulation

Learning Path

  1. Fundamentals: OSI model, TCP/IP
  2. Practical: Set up home network
  3. Security: Firewalls, VPNs
  4. Advanced: BGP, MPLS, SDN
  5. Cloud: AWS/Azure networking
  6. Automation: Network as code

Summary

Networking is the foundation of the connected world. From simple home networks to the global internet, understanding these concepts helps you build better, more secure and more efficient systems.

Key takeaways:

  • Networks use layers to organise complexity
  • IP addressing and routing direct traffic
  • Protocols define communication rules
  • Security must be built in, not bolted on
  • Performance optimisation requires understanding the full stack
  • The future is distributed and edge-focused

Keep learning, keep experimenting and remember - every expert was once a beginner who kept trying to understand why the network was down!