Introduction to basic network concepts
Provides an electrical, mechanical, and procedural interface.
Defines the means of transmitting a stream of raw bits.
Provides transfer of data frames between hosts connected to the physical link.
Media Access Control (MAC) address.
Can be impersonated.
Provides packet forwarding including routing through intermediate routers.
Relaying datagrams across network boundaries.
An IP mask identifies a range of IPs.
A mask is a number, from 8 to 32.
The mask specifies the IP starting bits that are "fixed".
Adheres to the end-to-end principle.
It's a ping!
Provides end-to-end communication services for applications.
Connection-oriented protocol.
Ordered data transfer.
Retransmission of lost/corrupted packets.
Connectionless protocol.
Transaction oriented.
Stateless.
No guarantee of delivery.
Session checkpointing and recovery.
Sockets are defined by an application programming interface (API) for the networking architecture.
Sockets are created only during the lifetime of a process of an application
Number assigned to uniquely identify a connection endpoint and to direct data to a specific service.
Well-known ports 0-1023
Maintained by IANA.org.
Registered ports 1024-49151
Registered with IANA.org.
Ephemeral ports 49152–65535
Can not be registered with IANA.org.
Number | Assignment |
---|---|
21 | File Transfer Protocol (FTP) Command Control |
22 | Secure Shell (SSH) Secure Login |
25 | Simple Mail Transfer Protocol (SMTP) email delivery |
53 | Domain Name System (DNS) service |
80 | Hypertext Transfer Protocol (HTTP) |
123 | Network Time Protocol (NTP) |
443 | HTTP Secure (HTTPS) HTTP over TLS/SSL |
Transport Protocol +
IP address +
Port number
Provides a bridge between session and application layer.
Provides communications protocols and interface methods used in process-to-process transmissions.
Hierarchical and decentralized naming system used to identify computers reachable through Internet Protocol networks.
They are configured in the DNS root zone as 13 named authorities.
Server that gives answers in response to questions asked about names in a zone.
To improve efficiency, reduce traffic, and increase performance in end-user applications the results can be cached with a TTL.
Propagation unreliable.
Provides security, including privacy (confidentiality), integrity, and authenticity through the use of cryptography.
Runs over TCP.
Negotiates cipher to use.
Handshake with an asymmetric cipher.
Server provides identification in the form of a digital certificate.
Certificate contains:
- server name
- the trusted certificate authority (CA) - the server's public encryption key
Client confirms the validity of the certificate with the CA provided.
Generation of a shared session secret key.
Communication is encrypted using a symmetric cipher with the shared session secret key.
Provides distributed, collaborative, hypermedia information systems interconnection.
Runs over TCP.
Allows redirections.
HTTP over TLS.
Everything goes encrypted over TLS.
Used to terminate and/or establish TLS (or DTLS) tunnels by decrypting and/or encrypting communications.
It can modify requests.