Network Fundamentals

OSI Model

The OSI (Open Systems Interconnection) model has 7 layers:

Layer	Name	Function	Protocols/Devices
7	Application	User interface, applications	HTTP, FTP, SMTP, DNS
6	Presentation	Data format, encryption	SSL/TLS, JPEG, ASCII
5	Session	Session management	NetBIOS, RPC
4	Transport	End-to-end connections	TCP, UDP
3	Network	Routing, IP addressing	IP, ICMP, Routers
2	Data Link	Frame switching, MAC	Ethernet, Switches, ARP
1	Physical	Physical transmission	Cables, Hubs, Signals

Mnemonic: "Please Do Not Throw Sausage Pizza Away"

TCP/IP Model (Simplified)

Layer	OSI Equivalent	Protocols
Application	5-7	HTTP, DNS, SSH
Transport	4	TCP, UDP
Internet	3	IP, ICMP
Link	1-2	Ethernet, WiFi

Routing vs Switching

Layer 2 - Switching

Switches operate at the Data Link layer using MAC addresses.

Characteristics:

• Forwards based on MAC address
• Single broadcast domain (can be segmented with VLANs)
• Low latency
• No IP knowledge needed

# View MAC table
show mac address-table    # Cisco
bridge fdb show           # Linux

Layer 3 - Routing

Routers operate at the Network layer using IP addresses.

Characteristics:

• Forwards based on IP address
• Separate broadcast domains
• Makes forwarding decisions
• Connects different networks

# View routing table
route -n
ip route show
netstat -rn

Routing Table Example:

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.1.1     0.0.0.0         UG    100    0        0 eth0
192.168.1.0     0.0.0.0         255.255.255.0   U     100    0        0 eth0

IP Addressing

IPv4

32-bit addresses, written as four octets.

192.168.1.1 = 11000000.10101000.00000001.00000001

Address Classes (Historical):

• Class A: 0.0.0.0 - 127.255.255.255 (/8)
• Class B: 128.0.0.0 - 191.255.255.255 (/16)
• Class C: 192.0.0.0 - 223.255.255.255 (/24)

Private Ranges (RFC 1918):

• 10.0.0.0/8
• 172.16.0.0/12
• 192.168.0.0/16

IPv6

128-bit addresses, written as eight groups of hexadecimal.

2001:0db8:85a3:0000:0000:8a2e:0370:7334
# Can be shortened:
2001:db8:85a3::8a2e:370:7334

Special Addresses:

• ::1 - Loopback
• :: - All zeros
• fe80::/10 - Link-local
• ff00::/8 - Multicast

CIDR Notation

Classless Inter-Domain Routing specifies networks using prefix length.

Format

192.168.1.0/24
│           │
IP Address  Prefix length (network bits)

Subnet Calculations

Example: 192.168.1.0/24

• Network bits: 24
• Host bits: 32 - 24 = 8
• Subnet mask: 255.255.255.0
• Number of hosts: 2^8 - 2 = 254
• Network address: 192.168.1.0
• Broadcast: 192.168.1.255
• Usable range: 192.168.1.1 - 192.168.1.254

Common Subnets:

CIDR	Subnet Mask	Hosts	Notes
/32	255.255.255.255	1	Single host
/31	255.255.255.254	2	Point-to-point
/30	255.255.255.252	2	Point-to-point (4-2)
/29	255.255.255.248	6	8-2
/28	255.255.255.240	14	16-2
/24	255.255.255.0	254	Class C
/16	255.255.0.0	65534	Class B
/8	255.0.0.0	16777214	Class A

Subnetting Example

Problem: Divide 192.168.1.0/24 into 4 subnets.

Solution:

• Need 2 more bits: /24 → /26
• Each subnet: 2^6 = 64 addresses

Subnets:

1. 192.168.1.0/26 (0-63)
2. 192.168.1.64/26 (64-127)
3. 192.168.1.128/26 (128-191)
4. 192.168.1.192/26 (192-255)

VLANs (Virtual LANs)

VLANs segment a physical network into multiple logical networks.

802.1Q Tagging

Adds 4-byte tag to Ethernet frame.

VLAN Tag Fields:

• TPID (2 bytes): 0x8100 (identifies 802.1Q frame)
• TCI (2 bytes):
• PCP (3 bits): Priority
• DEI (1 bit): Drop eligible
• VID (12 bits): VLAN ID (1-4094)

Configuration

# Create VLAN interface (Linux)
ip link add link eth0 name eth0.10 type vlan id 10
ip addr add 192.168.10.1/24 dev eth0.10
ip link set eth0.10 up

# View VLANs
cat /proc/net/vlan/config

Use Cases

• Network segmentation
• Security isolation
• Broadcast domain reduction
• Multi-tenancy

NAT (Network Address Translation)

NAT translates private IP addresses to public addresses.

Types

SNAT (Source NAT)

• Changes source address
• Used for outgoing traffic
• Typical home router

DNAT (Destination NAT)

• Changes destination address
• Port forwarding
• Load balancing

PAT (Port Address Translation)

• Also called NAT overload
• Many private IPs → one public IP
• Uses different source ports

Example

Internal: 192.168.1.10:5000 → External Server

NAT Gateway: 203.0.113.5:34567 → External Server

NAT Table:

Internal              External
192.168.1.10:5000 ↔  203.0.113.5:34567

# Configure NAT (Linux iptables)
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

# Port forwarding
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 192.168.1.10:8080

Network Namespaces

Linux network namespaces provide isolated network stacks.

# Create namespace
ip netns add myns

# Execute in namespace
ip netns exec myns ip addr

# Create veth pair
ip link add veth0 type veth peer name veth1

# Move one end to namespace
ip link set veth1 netns myns

# Configure
ip addr add 10.0.0.1/24 dev veth0
ip link set veth0 up

ip netns exec myns ip addr add 10.0.0.2/24 dev veth1
ip netns exec myns ip link set veth1 up

# Test
ping 10.0.0.2

Use Cases:

• Container networking (Docker, Kubernetes)
• Network isolation
• Testing
• VPNs

Practice Questions

1. Explain the difference between Layer 2 and Layer 3 devices.
2. How many usable hosts in a /27 subnet?
3. What is CIDR notation and why was it introduced?
4. Explain how VLANs work.
5. What is the difference between SNAT and DNAT?
6. How does a switch learn MAC addresses?
7. Calculate the subnet mask for /19.

Further Reading

• RFC 1918 - Private Address Space
• RFC 4632 - CIDR
• IEEE 802.1Q - VLAN tagging