Subsections of Computer Networking

Introduction to Networking

What is Networking?

Basics of Networking

Network

An interconnection of Computers.

The Internet

The physical connection of computers and wires around the world.

The Web

The information present on the Internet.

Networking

In an IT field, managing, building, and designing networks.

Networking Hardware

  • Ethernet Cables
  • Wi-Fi
  • Fiber Optics
  • Router
  • ISP Network
  • Switches and Hubs

Network Stack

A set of hardware or software that provides the infrastructure for a computer.

Language of the Internet

IP

Delivers packets to right computers.

TCP

Delivers information from one network to another.

The Web

  • URL
  • Domain Name (registered with ICANN: internet corporation for assigned names and numbers)
  • DNS

Limitations of the Internet

History of the Internet

  • 1960s DARPA project introduced with the earliest form of Internet called ARPANET.
  • 1970s invention of TCP/IP made possible the interconnection of computers and different networks.
  • 1990s was the start of World Wide Web (WWW).

Limitations of the Internet

  • IPV4 addresses are limited, only >4 billion.
  • IPV6 addresses solve this problem with 2128 addresses, but adaptation is slow and expensive.

Network Address Translation (NAT)

Lets an organization use one public IP address and many private IP addresses within the network.

Impact of the Internet

Globalization

The movement that lets governments, businesses, and organizations communicate and integrate together on an international scale.

Internet of Things (IOT)

Smart devices like thermostat, refrigerators, and other home appliances as well as every day smart devices which are being connected to the internet thanks to the IOT.

Privacy and Security

  • GDPR (General Data Protection Regulation)
  • COPPA (Children Online Privacy Protection Act)
  • Copyright Laws

Introduction to Computer Networking

Protocol

A defined set of standards that computers must follow in order to communicate properly.

Computer Networking

The name we’ve given to the full scope of how computer communicate with each other.

  • TCP/IP five layered network model

The Basics of Networking Devices

Cables

“Connect different devices to each other, allowing data to be transmitted over them.”

  • Copper Cables

    • Change voltage to get binary data
    • The most common forms of copper twisted-pair cables used in networking are Cat5, Cat5e, and Cat6 cables

    Types of Twisted-Pair Copper Cables Types of Twisted-Pair Copper Cables

    Crosstalk: “When an electrical pulse on one wire is accidentally detected on another wire.”

  • Fiber Optic Cables

    Contain individual optical fibers, which are tiny tubes made out of glass about the width of a human hair.

  • Unlike copper cables, fibers use light pulses to send 1s and 0s

Hubs and Switches

Hub

A physical layer device that allows for connections from many computers at once.

Hubs’s Working Hubs’s Working

  • Layer 1 device

  • Collision domain: A network segment where only one device can communicate at a time.

  • If multiple systems try sending data at the same time, the electrical pulses sent across the cable can interfere with each other.

    Data Collision Data Collision

Network Switch

  • Layer 2 device
  • Can direct traffic to a particular node on network, so reduces Collision Domain

Routers

  • The primary devices used to connect computers on a single network, usually referred to as a LAN or local area network

A device that knows how to forward data between independent networks

  • Layer 3 (network) device
  • Core ISP routers (More complex than home routers) form the backbone of the internet.

Servers and Clients

Server Provide data to some client, requesting it

  • Vague definition, as individual programs running on the computer can also act a server

The TCP/IP Five-Layer Network Model

1) Physical Layer

Represents the physical devices that interconnect computers.

  • 10 Base T, 802.11

  • Bits

    The smallest representation of data that a computer can understand; it’s a one or zero

  • 1s and 0s are sent across the network using modulation

    Modulation: A way of varying the voltage of charge moving across the cables

  • When using modulation in computer networks, it’s called Line coding

Twisted-Pair Cabling and Duplexing

  • Most common
  • Twisted-Pair to avoid interference & crosstalk

Duplex Communication: The concept that information can flow in both directions across the globe

Simplex Communication: This is unidirectional

Simplex and Duplex Communication Simplex and Duplex Communication

Network Ports and Patch Panels

  • Twisted-Pair Cables end with the plug which takes the wires and act as a connector

  • The most common plug RJ45

    Plugs and Connector Plugs and Connector

    Network Ports: They are generally directly attached to the devices that make up a computer network

  • Most network ports have two small LEDs

    Activity LED: Would flash when data actively transmitted across the cable

    Link LED: Lit when cable properly connected to two devices that are both powered on

  • Sometimes a network port isn’t connected directly to a device. Instead, there might be network ports mounted on a wall or underneath your desk. These ports are generally connected to the network via cables, run through the walls, that eventually end at a patch panel.

    Patch Panel: A device containing many network ports. But it does no other work.

Responsible for defining a common way of interpreting these signals so network devices can communicate.

  • Ethernet: The Ethernet standards also define a protocol responsible for getting data to nodes on the same network.
  • WI-FI
  • Frames
  • Mac-Address

Ethernet and MAC Addresses

  • Ethernet is the most common means of sending data

  • Ethernet solves Collision domain by using a technique known as carrier sense multiple access with collision detection (CSMA/CD).

    CSMA/CD: Used to determine when the communications channels are clear, and when device is free to transmit data

    MAC Address: A globally unique identifier attached to an individual network interface

    • It’s a 48- bit number normally represented by six groupings of two hexadecimal numbers
    • Hexadecimal: A way to represent numbers using 16 digits

    Hexadecimal Numbers Hexadecimal Numbers

    • Another way to represent MAC Address is Octet
    • Octet: In computer networking, any number can be represented by 8 bits
    • MAC-Address is split in two categories

    1) Organizationally Unique Identifier(OUI): The first three octets of a MAC address

    2) Vendor Assigned(NIC Cards, Interfaces): Last three octets are assigned by the vendor, depending upon their preferences.

    MAC Address Types MAC Address Types

    • Ethernet uses MAC addresses to ensure that the data it sends has both an address for the machine that sent the transmission, and the one the transmission was intended for.

Uni-cast, Multicast and Broadcast

  • Uni-cast

    A uni-cast transmission is always meant for just one receiving address

    Unicast Unicast

    • It’s done by looking at a specific bit in the destination MAC address
    • If the least significant bit in the first octet of a destination address is set to zero, it means that an Ethernet frame is intended for only the destination address.
    • If the least significant bit in the first octet of a destination address is set to one, it means you’re dealing with a Multicast frame.

    Multicast Multicast

  • Broadcast

    An Ethernet Broadcast is sent to every single device on a LAN

    • This is accomplished by a special address known as Broadcast address
    • Ethernet broadcast are used, so devices can learn more about each other
    • Ethernet broadcast address used is FF:FF:FF:FF:FF:FF:FF

    Broadcast Broadcast

Dissecting an Ethernet Frame

  • Data Packet

    An all-encompassing term that represents any single set of binary data being sent across a network link

  • Ethernet Frame

    A highly structured collection of information presented in a specific order

    Ethernet Frame Ethernet Frame

    • The first part of an Ethernet frame is called a preamble.

    Preamble: 8 bytes (or 64 bits) long, and can itself split into two sections

    • Preamble can split into two part of 1 byte of series of 1s and 0s
    • Last frame in preamble is called Start frame delimiter (SFD)

    Signals to a receiving device that the preamble is over and that the actual frame contents will now follow

    • Next is Destination MAC address

    The hardware address of the intended recipient

    • Followed by Source Address
    • The next part of Ethernet Frame is EtherType field

    16 bits long and used to describe the protocol of the contents of the frame

    • WE can use VLAN header in place of EtherType field

    Indicates that the frame itself is what’s called a VLAN frame

    • If a VLAN header is present, the EtherType field follows it.

    Virtual LAN (VLAN): A technique that lets you have multiple logical LANs operating on the same physical equipment

    • VLANs, use to segregate different type of network traffic

    Vlan Network Vlan Network

    • The next part of Ether frame is payload

    In networking terms, is the actual data being transported, which is everything that isn’t a header.

    • Following payload is, Frame Check Sequence (FCS)

    A 4-byte (or 32-bit) number that represents a checksum value for the entire frame

    • This checksum value is calculated by performing what’s known as a cyclical redundancy check against the frame.

    Cyclic Redundancy Check (CRC): An important concept for data integrity, and is used all over computing, not just network transmissions

3) Network Layer

Allows different networks to communicate with each other through devices known as routers.

  • IP: IP is the heart of the Internet and smaller networks around the world.
  • Datagram
  • IP Address

Inter-network

A collection of networks connected together through routers, the most famous of these being the Internet.

4) Transport Layer

Sorts out which client and server programs are supposed to get that data.

  • TCP/UDP
  • Segment
  • Ports

5) Application Layer

There are lots of different protocols at this layer, and as you might have guessed from the name, they are application-specific. Protocols used to allow you to browse the web or send, receive email are some common ones.

  • HTTP, SMTP etc.
  • Messages

The Network Layer

IP Addresses

  • 32 bit long

  • 4 octets describe in decimal number

  • Each octet range from 0 to 255

  • IP Addresses belong to Networks, not to the devices attached to those networks

    When connecting to a network, an IP address is assigned automatically by Dynamic Host Configuration Protocol (DHCP)

    IP address assigned by DHCP is called Dynamic IP address

  • Other type is static IP addresses

  • In most cases, static IP addresses are reserved for servers and networks devices, while Dynamic IP addresses are reserved for clients

IP Datagrams and Encapsulation

  • IP Datagram

    A highly structured series of fields that are strictly defined.

IP Datagram Header

  • Version

    IPv4 is more common than IPv6

  • Header Length field

    Almost always 20 bytes in length when dealing with IPv4

  • Service Type field

    These 8 bits can be used to specify details about quality of service, or QoS, technologies

  • Total Length field

    Indicates the total length of the IP datagram it’s attached to

  • Identification field

    A 16-bit number that’s used to group messages together

    The maximum size of a single datagram is the largest number you can represent with 16 bits which is 65535 If the total amount of data that needs to be sent is larger than what can fit in a single datagram, the IP layer needs to split this data up into many individual packets

  • Next are closely related Flags and Fragment Offset fields

  • Flags field

    Used to indicate if a datagram is allowed to be fragmented, or to indicate that the datagram has already been fragmented

    • Fragmentation

    The process of taking a single IP datagram and splitting it up into several smaller datagrams

  • Time to Live (TTL) field

    An 8-bit field that indicates how many router hops a datagram can transverse before it’s thrown away

  • Protocol field

    Another 8-bit field that contains data about what transport layer protocol is being used, the most common ones are TCP and UDP

  • Header checksum field

    A checksum of the contents of the entire IP datagram header

  • Source IP address (32-bits)

  • Destination IP address (32-bits)

  • IP Options field

    An optional field and is used to set special characteristics for datagrams primarily used for testing purposes

  • Padding field

    A series of zeros used to ensure the header is of correct total size, due to variable size to option field

Encapsulation

IP datagram is basically the payload section of network layer, the process involved is called Encapsulation.

  • Entire content IP datagram are encapsulated in the form of IP payload of 3rd layer

IP Datagrams IP Datagrams

IP Address Classes

  • IP addresses can be split into two sections: the network ID and host ID

    IP Address Classes IP Address Classes

Address class system

A way defining how the global IP address space is split up.

  • Three Types of IP addresses, ClassA, ClassB, ClassC
  • ClassA

Only first octet is used for network ID, rest is used for host ID.

  • ClassB

Only the first two octets are used for network ID, the rest are used for host ID.

  • ClassC

First three octets used for network ID, the last one used for host ID.

IP Address Classes IP Address Classes

Address Resolution Protocol (ARP)

A protocol used to discover the hardware address of a node with a certain IP address.

ARP table

A list of IP addresses and the MAC addresses associated with them.

  • ARP table entries generally expire after a short amount of time to ensure changes in the network are accounted for.

Subnetting

The process of taking a large network and splitting it up into many individual and smaller subnetworks, or subnets.

  • Class-C subnetting table.

    Subnetting Table Subnetting Table

Subnet Masks

32-bits numbers that are normally written out as four octets in decimal.

OR

A way for a computer to use AND operators to determine if an IP address exists on the same network.

  • A single 8-bit number can represent 256 different numbers, or more specifically, the numbers 0-255.

Subnet ID

  • Generally, an IP address consists of Network ID and Host ID

  • In Subnetting world, Host ID is further divided into Subnet ID to identify the subnet mask.

    Subnet ID Subnet ID

Basic Binary Math

Basic Binary Table Basic Binary Table

  • Two of the most important operators are OR and AND.
  • In computer logic, a 1 represents true and a 0 represents false.

CIDR (Classless Inter-Domain Routing)

  • Addresses should be continuous
  • Number of addresses in a block must be in power of 2
  • First address of every block must be evenly divisible with the size of the block

Demarcation point

To describe where one network or system ends and another one begins.

CIDR CIDR

Routing

Basic Routing Concepts

Router

A network device that forwards traffic depending on the destination address of that traffic.

Basic Routing Basic Routing

Routing Tables

  • Destination Network

    Destination Network Destination Network

  • Next Hop

  • Total Hops

  • Interface

Routing Protocols

  • Routing protocols fall into two main categories: interior gateway protocols and exterior gateway protocols.
  • Interior Gateway Protocols
    • Link state routing protocols
    • distance-vector protocols

Interior Gateway Protocols

Used by routers to share information within a single autonomous system.

Autonomous system

“A collection of networks that all fall under the control of a single network operator.”

Interior Gateway Protocols Interior Gateway Protocols

In computer science, a list is known as a vector.

Exterior Gateway Protocol

Internet Assigned Numbers Authority (IANA)

“A non-profit organization that helps manage things like IP address allocation.”

  • Also, responsible for ASN allocation

Autonomous System Number (ASN)

Numbers assigned to individual autonomous systems.

  • 32-bits long as IP addresses

  • But has only single decimal block instead of 4 octets

    The Internet The Internet

Non-Routable Address Space

  • IPv4 standard doesn’t have enough IP addresses
  • There are non-routable address spaces, set aside for internal use only and couldn’t free communicate on the free internet

Transport Layer and Application Layer

The Transport Layer

“Allows traffic to be directed to specific network applications”

  • It handles multiplexing and demultiplexing through ports

    De/multiplexing De/multiplexing

  • Port

A 16-bit number that’s used to direct traffic to specific services running on a networked computer

Port Number Port Number

A Small Company Network Hosted on a Single Server A Small Company Network Hosted on a Single Server

Dissection of a TCP Segment

  • IP datagram encapsulate TCP segment

TCP segment

“Made up of a TCP header and a data section.”

TCP Header

A TCP Header A TCP Header

  • Destination port

    The port of the service the traffic is intended for.

  • Source port

    A high-numbered port chosen from a special section of ports known as ephemeral ports.

  • Sequence number

    A 32-bit number that’s used to keep track of where in a sequence of TCP segments this one is expected to be.

  • Acknowledgement number

    The number of the next expected segment.

  • Data offset field

    A 4-bit number that communicates how long the TCP header for this segment is.

  • Control Flag (See next part)

  • TCP window

    Specifies the range of sequence numbers that might be sent before an acknowledgement is required.

  • TCP checksum

    Operates just like the checksum fields at the IP and Ethernet level.

  • Urgent pointer field

    Used in conjunction with one of the TCP control flags to point out particular segments that might be more important than others. (No real world adoption of this TCP feature)

  • Options field

    It is sometimes used for more complicated flow control protocols. (rarely used in real world)

  • Padding

    Just a sequence of zeros to make sure the data payload section starts at the expected location.

TCP Control Flags and the Three-way Handshake

TCP Control Flags

Not in strict order;

  • URG (urgent)

A value of one here indicates that the segment is considered urgent and that the urgent pointer field has more data about this. (No particular real world use for this flag)

  • ACK (acknowledged)

A value of one in this field means that the acknowledgement number field should be examined.

  • PSH (push)

The transmitting device wants the receiving device to push currently-buffered data to the application on the receiving end asap.

  • RST (reset)

On the sides in a TCP connection hasn’t been able to properly recover from a series of missing or malformed segments.

  • SYN (synchronize)

It’s used when first establishing a TCP connection and makes sure the receiving end knows to examine the sequence number field.

  • FIN (finish)

When this flag is set to one, it means the transmitting computer doesn’t have any more data to send and the connection can be closed.

The Three-way Handshake

  • Handshake

“A way for two devices to ensure that they’re speaking the same protocol and will be able to understand each other.”

A Three-way Handshake A Three-way Handshake

A TCP Handshake A TCP Handshake

The Four-way Handshake

  • Not very common

  • TCP connection when finishes sending data, it sends FIN to request the port closure.

  • Then receiving end responds with ACK flag and connection closes

  • Even though the port, on one end, can simply remain open, and the connection ends without closing it

    A Four-way Handshake A Four-way Handshake

TCP Socket States

Socket

“The instantiation of an end-point in a potential TCP connection.”

Instantiation

“The actual implementation of something defined elsewhere.”

Socket States

  • LISTEN

    A TCP socket is ready and listening for incoming connection.

  • SYN-SENT

    A synchronization request has been sent, but the connection has not been established yet.

  • SYN-RECEIVED

    A socket previously in a LISTEN state has received a synchronization request and sent a SYN/ACK back.

  • ESTABLISHED

    The TCP connection is in working order and both sides are free to send each other data.

  • FIN-WAIT

    A FIN has been sent, but the corresponding ACK from the other end hasn’t been received yet.

  • CLOSE-WAIT

    The connection has been closed at the TCP layer, but the application that opened the socket hasn’t yet released its hold on the socket yet.

  • CLOSED

    The connection has been fully terminated and that no further communication is possible.

Connection-oriented and Connectionless Protocols

Connection-oriented Protocol

“Established a connection, and uses this to ensure that all data has been properly transmitted.”

A lossless TCP Transfer A lossless TCP Transfer

A Packet loss during TCP Transfer A Packet loss during TCP Transfer

Connectionless Protocol

  • The most common one is UDP
  • Used where data integrity is not super important, i.e., video streaming

System Ports vs. Ephemeral Ports

  • Port 0 isn’t in use for network traffic, but sometimes used in communications taking place between different programs on the same computer
  • Ports 1-1024 are referred as system ports or sometimes as well-known ports. These ports represent the official ports for the most well-known network services.
    • i.e., HTTP uses port-80, FTP uses port-21
    • Admin level access is needed to listen on these port in mos OSs
  • Ports 1024-49151 are known as registered ports. These ports are used for lots of other network services that might not be quite as common as the ones that are on system ports.
    • i.e., Port-3306 is used for many Databases listen on
    • Some of these ports are registered with IANA but not always
  • Ports 49152-65535 are known as Private or ephemeral ports. Ephemeral ports can’t be registered with the IANA and are generally used for establishing outbound connections.
    • When a client wants to communicate with a server, the client will be assigned an ephemeral port to be used for just that one connection, while the server listen on a static system or registered port
    • Not all OSs follow the ephemeral port recommendation of the IANA

Firewalls

“A device that blocks traffic that meets certain criteria.”

The Application Layer

“Allows network applications to communicate in a way they understand.”

The TCP Five-Layered Model The TCP Five-Layered Model

  • Too many protocols in use at application layer, a hassle to list them all.
    • i.e., HTTP, SMTP, etc.

The Application Layer and the OSI Model

Session Layer

“Facilitating the communication between actual applications and the transport layer.”

  • Takes application layer data and hands it off to the presentation layer

Presentation Layer

“Responsible for making sure that the un-encapsulated application layer data is able to understand by the application in question.”

The OSI 7-Layer Model The OSI 7-Layer Model

Networking Services

Name Resolution

Why do we need DNS?

  • Human brain is not good at remembering numbers
  • So a system called DNS is developed to assign those IP addresses to memorable domain names

Domain Name System (DNS)

“A global and highly distributed network service that resolves strings of letters into IP addresses for you.”

Domain Name

“The term we use for something that can be resolved by DNS.”

The Many Steps of Name Resolution

There are five primary types of DNS servers;

  • Caching name servers
  • Recursive name servers
  • Root name servers (13 root servers all over world)
  • TLD name servers
  • Authoritative name servers

Caching and Recursive name servers

The purpose is to store known domain name lookups for a certain amount of time.

Recursive name servers

  • Perform full DNS resolution requests
  • Time to live (TTL)

A value, in seconds, that can be configured by the owner of a domain name for how long a name server is allowed to cache an entry before it should discard it and perform a full resolution again

A Typical DNS Query

A DNS query: Step 1 A DNS query: Step 1

Step 2 Step 2

Step 3 Step 3

Step 4 Step 4

Step 5 Step 5

Anycast

“A technique that’s used to route traffic to different destinations depending on factors like location, congestion, or link health.”

DNS and UDP

  • DNS, an application layer service, uses UDP

  • A full DNS lookup with TCP in use, will use 44 total packets

    A DNS resolution with TCP A DNS resolution with TCP

  • A full DNS lookup with UDP on the other hand require only 8 packets

  • Error recovery is done by asking again in the UDP, as no error check is present

    A DNS Lookup with UDP A DNS Lookup with UDP

Name Resolution is Practice

Resource Record Types

A record

“An A record is used to point a certain domain name at a certain IPv4 IP address.”

  • A single A record is configured for a single domain
  • But a single domain name can have multiple A records, this allows for a technique known as DNS round-robin to be used to balance traffic across multiple IPs

Round-robin is a concept that involves iterating over a list of items one by one in hastily fashion. The hope is that this ensures a fairly equal balance of each entry on the list that’s selected.

AAAA – Quad A

“Quad A record is used to point a certain domain name at a certain IPv6 IP address.”

CNAME

“A CNAME record is used to redirect traffic from one domain name to another.”

MX record – mail exchange

“This resource record is used in order to deliver e-mail to the correct server.”

SRV record – service record

“It’s used to define the location of various specific services.”

  • MX record is only used for e-mails, SRC is used for every other service
    • I.e., caldav (calendar and scheduling service)

TXT record – text

  • Used to communicate configuration preferences of a domain

Anatomy of a Domain Name

Top level domain (TLD)

The last part of a domain name. E.g. .com, .net etc.

  • TLDs are handled by non-profit The Internet Corporation for Assigned Names and Number (ICANN)
  • ICANN is a sister organization to IANA, together both help define and control the global IP spaces and DNS system

Domains

“Used to demarcate where control moves from a TLD name server to an authoritative name server.”

Subdomain

“The WWW portion of a domain.”

Full qualified domain name (FQDN)

When you combine all of these parts together, you have what’s known as this.

  • A DNS can technically support up to 127 level of domain in total for a single fully qualified domain name
  • Some other restrictions are, each individual section can only be 63 characters and a complete FQDN is limited to 255 characters

DNS Zones

“An authoritative name server is actually responsible for a specific DNS zone.”

  • Allow for easier control over multiple level of a domain.

  • DNS zones are a hierarchical concept. The root name servers are responsible for some even finer-grained zones underneath that.

  • The root and TLD name servers are actually just authoritative name servers, too. It’s just that the zones that they’re authoritative for are special zones.

  • E.g., a large company has three servers, one in LA, other in Paris and 3rd one in Shanghai. It will have three zones that and fourth for large company server, so in total 4 DNS server zones.

    DNS Zones of Large Company DNS Zones of Large Company

Zone files

“Simple configuration files that declare all resource record for a particular zone.”

Start of authority (SOA)

“Declares the zone and the name of the name server that is authoritative for it.”

NS records

“Indicate other name servers that might also be responsible for this zone.”

Reverse lookup zone files

These let DNS resolvers ask for an IP and get the FQDN associated with it returned.

Pointer resource record (PTR)

Resolves an IP to a name.

Dynamic Host Configuration Protocol

Overview of DHCP

Every single computer on a modern TCP/IP based network needs to have at least four things specifically configured;

  • IP address
  • Subnet mask
  • Gateway
  • Name server

DHCP

“An application layer protocol that automates the configuration process of hosts on a network.”

  • Resolves problem having to manually give an IP address to a device each time, it connects to the internet.

  • DHCP works on some standards, like Dynamic allocation.

    DHCP DHCP

Dynamic Allocation

“A range of IP addresses is set aside for client devices, and one of these IPs is issued to these devices when they request one.”

  • Under Dynamic allocation, IP of the computer is different every time, it connects to the Internet. Automatic allocation does it**.

Automatic Allocation

“A range of IP addresses is set aside for assignment purposes.”

  • The main difference is that, the DHCP server is asked to keep track of which IPs it’s assigned to certain devices in the past.
  • Using this information, the DHCP server will assign the same IP to the same machine each time if possible.

Fixed Allocation

Requires a manually specified list of MAC address and their corresponding IPs.

Network time protocol (NTP) servers

“Used to keep all computers on a network synchronized in time.”

  • DHCP keeps track of NTP

DHCP in Action

It is an application layer protocol, so it relies on:

  • Transport layer
  • Network layer
  • Data link layer
  • Physical layer

So, how DHCP works in practice:

DHCP discovery

“The process by which a client configured to use DHCP attempts to get network configuration information.”

It has four steps

  • The DHCP clients sends what’s known as a DHCP discover message out onto the network.

DHCPDISCOVER Message DHCPDISCOVER Message

  • The response is sent via DHCP offer message.

DHCPOFFER Message DHCPOFFER Message

  • A DHCP client will respond to a DHCP offer message with a DHCP request message.

DHCPREQUEST Message DHCPREQUEST Message

  • DHCP server will receive DHCPREQUEST and respond with DHCPACK message

DHCPACK Message DHCPACK Message

  • All of this configuration is known as DHCP lease, as it includes an expiration time. DHCP lease might last for days or only a short amount of time.

Network Address Translation

Basics of NAT

  • It is a technique, instead of a protocol.
  • Different hardware vendor implement NAT differently

Network Address Translation (NAT)

“A technology that allows a gateway, usually a router or firewall, to rewrite the source IP of an outgoing IP datagram while retaining the original IP in order to rewrite it into the response.”

  • Hides the IP of the computer originating the request. This is known as IP masquerading.

  • To the outside world, the entire space of Network A is hidden and private. This is called One-to-many NAT.

    A NAT in action A NAT in action

NAT and the Transport Layer

  • When traffic is outbound, for hundreds, even thousands of computers can all have their IPs translated via NAT to a single IP.
  • The concept become a bit cumbersome when return traffic is involved.
  • In inbound traffic, we have potentially hundreds of responses all directed at the same IP, and the router at this IP needs to figure out which response go to which computer.
  • The simplest way to do this, is port preservation technique.

Port preservation

“A technique where the source port chosen by a client is the same port used by the router.”

Port preservation in Practice Port preservation in Practice

Port forwarding

“A technique where specific destination ports can be configured to always be delivered to specific nodes.”

Port forwarding in practice Port forwarding in practice

NAT, Non-Routable Address Space and the Limits of IPv4

IANA is in-charge of distributing IPs since 1988. The 4.2 billion have run out since long.

  • For some time now, the IANA has primarily been responsible with assigning address blocks to the five regional internet registries or RIRs.

    • AFRINIC servers the continent of Africa. (Mar 2017 – ran out of addresses)
    • ARIN serves the USA, Canada, and parts of the Caribbean. (Sep 2015 – ran out of addresses)
    • APNIC is responsible for most of Asia, Australia, New Zealand, and Pacific island nations. (2011 – ran out of addresses)
    • LACNIC covers Central and South America and any parts of the Caribbean not covered by ARIN. (June 2014 – ran out of addresses)
    • RIPE serves Europe, Russia, the Middle East, and portions of Central Asia. (Sep 2012 – ran out of addresses)

  • The IANA assigned the last unallocated /8 network blocks to the various RIRs on February 3, 2011.

  • Solution is NAT, and Non-Routable Address Space, defined rfc1918.

    NAT, Non-Routable Address space at Rescue NAT, Non-Routable Address space at Rescue

VPNs and Proxies

Virtual Private Networks

“A technology that allows for the extension of a private or local network to hosts that might not be on that local network.”

VPN in practice VPN in practice

  • A VPN is a tunneling protocol, it’s basically a technique not a strict protocol which involves, using different methods.

  • VPNs require strict authentication protocols to allow only access to the required clients

  • VPNs were the first to implement the 2FA on a large scale

  • VPNs can be used to have site to site connectivity as well

    VPN in action VPN in action

Two-factor authentication

“A technique where more than just a username and password are required to authenticate.”

Proxy Services

“A server that acts on behalf of a client in order to access another service.”

  • They sit between client and server, providing some additional benefits like;
    • Anonymity
    • Security
    • Content flittering
    • Increased performance
  • The most commonly heard are Web proxies intended for web traffic.

Reverse proxy

“A service that might appear to be a single server to external clients, but actually represents many servers living behind it.”

Reverse Proxy Reverse Proxy

Connecting to the Internet

POTS and Dial-up

Dial-up, Modems and Point-to-Point Protocols

  • In the late 1970s, two graduate students of Duke University were trying to come up with a better way to connect computers at further distances.
  • They realized basic infrastructure in the form of telephone lines already existed.
  • The Public Switched Telephone Network or PSTN also referred as the Plain Old Telephone Service or POTS.
  • The system they built was called USENET, which was the precursor for Dial-up.

Dial-up

A dial-up connection uses POTS for data transfer, and gets its name because the connection is established by actually dialing a phone number.

A Dial-up A Dial-up

  • Transferring data on dial-ups is done through Modems, stands for Modulator/Demodulator.

    A Modem In Practice A Modem In Practice

  • Early modems have very low Baud rate

  • By the late 1950s, computers can generally send data at the rate of 110bps.

  • When USENET was developed, this rate was increased to 300bps

  • In the early 1990s, when the dial-up access to the Internet became a household commodity, this rate was increased to 14.4kbps.

Baud rate

“A measurement of how many bits can be passed across a phone line in a second.”

Broadband Connections

What is broadband?

“Any connectivity technology that isn’t dial-up Internet.”

  • In the late 1990s, it was to become common for most businesses to use T-carrier technologies.
  • T-carrier technologies require dedicated line, so are used by mainly only businesses.
  • Other solutions and technologies also available for businesses and normal consumers
    • DSL
    • Cable broadband
    • Fiber connections

T-carrier technologies

“Originally invented by AT&T in order to transmit multiple phone calls over a single link.”

  • Before Transmission System 1 or short T1, each phone call requires its own copper cable to transmit.

  • With T1, AT&T invented a way to carry 24 phone calls simultaneously over a single copper cable.

  • A few years later, T1 technology was repurposed for data transfers.

    T1 technology at play T1 technology at play

  • Over the years, the phrase T1 has come to mean any twisted pair copper connection capable of speeds of 1.544mbps, even if they don’t strictly follow the original Transferring System 1 specifications.

  • Initially, T1 lines were used to connect telecommunication channels only

  • But as the Internet grew, many businesses and companies paid to have T1 cables installed for faster connectivity.

  • Improvements were made by developing a way for multiple T1s to act as a single link.

  • T3 line was invented which has 28 T1 lines combined, and total speed of 44.736mbps.

  • Now for small businesses and companies, Fiber connection are more common as they cheaper.

  • For inner-ISP communications, different Fiber technologies have all replaced older copper-based ones.

Digital Subscriber Lines (DSL)

  • DSL made possible the occurrence of phone calls and data transfer on the same line, and at the same time.

  • DSL uses their own modems called Digital Subscriber Line Access Multiplexers (DSLAMs).

  • Just like dial-up modems, these devices establish data connections across phone lines, but inline dial-up connections, they’re usually long-running.

  • Two most common DLSs are:

    • ADSL (Asymmetric Digital Subscriber Line)
      • Feature different speed of outbound and inbound data. It means faster download speeds and slower upload.
    • SDSL (Symmetric Digital Subscriber Line)
      • Same as ADSL, but upload and download speeds are the same.
      • Most SDSLs have an upper cap of speed, 1.544mbps.

  • Further developments in SDSL technology have yielded things like:

    • HDSL (High Bit-rate Digital Subscriber Lines)
      • These provision speeds above 1.544mbps.

    A DSL connection A DSL connection

Cable Broadband

  • The history of both computer and telephone tells a story that started with all communications being wired, but the recent trend is moving towards more traffic as wireless.

  • But television followed the opposite path. Originally, all television broadcast was wireless, sent out by giant television towers and received by smaller antennas in people’s houses.

  • You had to be in range of that towers to receive signals, like today you’ve to be in range of cellular tower for cellular communications.

  • Late 1940s, first television technology was developed.

  • In 1984, Cable Communications Policy Act deregulated the television industry, started booming, rest of the world soon followed suit.

    Cable and DSL Cable and DSL

  • Cable connections are managed by Cable modems.

Cable modems

The device that sits at the edge of a consumer’s network and connects it to the cable modem, termination system, or CMTS.

Cable modem termination system (CMTS)

Connects lots of different cable connections to an ISPs core network.

Fiber Connections

  • Fiber achieve higher speed, no degradation in signal transfer.

  • An electrical signal can only travel a few hundred meters before degradation in copper cable.

  • While light signal in fiber cables can travel many, many KMs before degradation.

  • Producing and laying fibers a lot more expensive than copper cables.

  • Fiber connection to the end consumers, varies tons due to tons of implications.

  • That’s why the phrase FTTX or fiber to the X was developed.

    • FTTN: Fiber to the Neighborhood
    • FTTB: Fiber to the Building, FTTB is a setup where fiber technologies are used for data delivery to an individual building.
    • FTTH: Fiber to the Home
    • FTTB and FTTH, both may also refer to as FTTP or Fiber to the Premises

  • Instead of modem, the demarcation point for Fiber technologies is known as Optical Network Terminator or ONT.

    Fiber to the X Fiber to the X

Optical Network Terminator (ONT)

Converts data from protocols, the fiber network can understand, to those that more traditional, twisted-pair copper networks can understand.

WANs

Wide Area Network Technologies

“Acts like a single network, but spans across multiple physical locations.”

  • It works at Data Link Layer.
  • WANs are built to be superfast.
  • Some technologies used in WANs:
    • Frame Relay

    Frame Relay is a standardized wide area network (WAN) technology that specifies the Physical & Data Link Layer of digital telecommunications channels using a packet switching methodology. Originally designed for transport across Integrated Services Digital Network (ISDN) infrastructure, it may be used today in the context of many other network interfaces.

    • High-Level Data Link Control (HDLC)

    HDLC is a bit-oriented code-transparent synchronous data link layer protocol developed by the International Organization for Standardization (ISO). The standard for HDLC is ISO/IEC 13239:2002.

    • HDLC provides both connection-oriented and connectionless service.
    • Asynchronous Transfer Mode (ATM)

    A standard defined by **American National Standards Institute (ANSI) and ITU-T for digital transmission of multiple types of traffic.

    • ATM was developed to meet the needs of the Broadband Integrated Services Digital Network (BISDN) as defined in the late 1980s.

Local Loop

“In a WAN, the area between a demarcation point and the ISP’s core network is called Local Loop.”

Point-to-Point VPNs

  • A popular alternative to WAN technologies

  • Companies are moving to cloud for services such as email, Cloud Storage. So, expensive cost of WANs is often outnumbered.

  • They maintain their secure connection to these cloud solutions through Point-to-Point VPNs.

  • Point-to-Point VPN, typically called Site-to-Site VPN.

    Point-to-Point VPNs Point-to-Point VPNs

Wireless Networking

Introduction to Wireless Networking Technologies

“A way to network without wires.”

  • IEEE 802.11 Standards or 802.11 family define the most common workings of Wireless networks.

  • Wireless devices communicate via radio waves.

  • Different 802.11 generally use the same basic protocol but different frequency bands.

  • In North America, FM radio transmissions operate between 88 and 108 MHz. This specific frequency band is called FM Frequency Band.

  • Wi-Fi works at 2.4GHz and 5GHz bands.

  • There are many 802.11 specifications, but common ones, you might run into are: (In order of when it were introduced)

    • 802.11b
    • 802.11a
    • 802.11g
    • 802.11n
    • 802.11ac

  • 802.11 = physical and data link layers

  • All specifications operate with the same basic data link protocol. But, how they operate at the 88physical layer** varies.

  • 802.11 frame has a number of fields.

    • Frame control field

    It is 16-bits long and contains a number of subfields that are used to describe how the frame itself should be processed.

    • Duration field

    It specifies how long the total frame is, so the receiver knows how long it should expect to have to listen to this transmission.

    • The rest are 4 address fields. 6 bytes long.
      • Source address field
      • Intended destination
      • Receiving address
      • Transmitter address
    • Sequence control field

    It is 16-bits long and mainly contains a sequence number used to keep track of the ordering of frames.

    • Data payload

    Has all the data of the protocols further up the stack.

    • Frame check sequence field

    Contains a checksum used for a cyclical redundancy check, just like how Ethernet does it.

  • The most common wireless setup includes wireless access point.

    802.11 Data Frame 802.11 Data Frame

Frequency band

“A certain section of the radio spectrum that’s been agreed upon to be used for certain communications.”

Wireless access point

“A device that bridges the wireless and wired portions of a network.”

Wireless Network Configuration

  • There are few ways wireless networks can be configured
    • Ad-hoc networks: Nodes speak directly to each other.
    • Wireless LANS (WLANS): Where one or more access point act as a bridge between a wireless and a wired network.
    • Mesh Networks: Hybrid of the former two.

Ad-hoc Network

  • Simplest of the three

  • In an ad-hoc network, there isn’t really any supporting network infrastructure.

  • Every device on the network speaks directly to every other device on the network.

  • Used in smartphones, Warehouses

  • Important tool during disaster like earthquake, the relief workers, can communicate via ad-hoc network.

    Ad-hoc Network Ad-hoc Network

Wireless LAN (WLAN)

  • Most common in business settings

    Wireless LAN Wireless LAN

Mesh Network

  • Most mesh networks are only made up of wireless access points. And are still connected to the wired network.

    Mesh Network Mesh Network

Wireless Channels

“Individual, smaller sections of the overall frequency band used by a wireless network.”

  • Channels solve the problem of collision domain.

    2.4 GHz band and Wireless Channels 2.4 GHz band and Wireless Channels

Collision domain

“Any one of the network segment where one computer can interrupt another.”

Wireless Security

  • Data packets sent in the air via radio waves need to be protected.
  • Wired Equivalent Privacy (WEP) was invented to encrypt data packets.
  • WEP uses only 40-bits for its encryption keys, which could easily be compromised with modern and fast computers.
  • So, WEP was quickly replaced in most places with WPA or Wi-Fi Protected Access.
  • WPA, by-default, uses 128-bits key.
  • Nowadays, the most common wireless encryption method used is WPA2, an update to the original WPA
  • WPA2 uses 256-bits key.
  • Another common way of securing wireless traffic is MAC filtering.

Wired Equivalent Privacy (WEP)

“An encryption technology that provides a very low level of privacy.”

MAC filtering

You configure your access points to only allow for connections from a specific set of MAC addresses belonging to devices you trust.

Cellular Networking

  • Cellular networks have a lot in common with 802.11 networks.

  • Just like Wi-Fi, they also operate on radio waves.

  • There are cellular frequency bands reserved for Cellular communications.

  • Phone frequency waves can travel several KMs.

    Cellular Networking Cellular Networking

Mobile Device Networks

  • Mobile devices use wireless networks to communicate with the Internet and with other devices.
  • Depending on the device, it might use:
    • Cellular networks
    • Wi-Fi
    • Bluetooth
    • Internet of Things (IoT) network protocols

IoT Wireless network protocols at the physical layer

  • IoT devices can use both wired and wireless connections.
  • Most IoT devices can use at least one of the following network protocols:

Wi-Fi

  • Wireless Fidelity (Wi-Fi): IEEE 802.11 Standard
  • Wi-Fi 6 can support up-to 500mbps
  • The 2.4 GHz frequency extends to 150 feet (45.72 m) indoors, and 300 feet (91.44 m) outdoors.
  • 2.4 GHz may feel congestion due to limited number of channels and high interference from other devices.
  • 5.0 GHz provide stronger signal and has more channels to handle more traffic. The drawback is a limited range of 50 feet (ca. 15 meters) indoors and 100 feet (30.48 m) outdoors.

IEEE 802.15.4

  • An inexpensive, low-power wireless access technology intended for IoT devices that operate on battery power.
  • IEEE 802.15.4 uses 2.4 GHz or lower frequencies
  • IEEE 802.15.4 is normally used for low-rate wireless personal area networks (LR-WPANs) and uses a 128-bits encryption.

ZigBee

  • ZigBee is an LR-WPANs intended for smart home use. Also adopted globally for commercial use. ZigBee LR-WPAN networks can be accessed through Wi-Fi or Bluetooth.

Thread

  • Thread: a low latency wireless mesh network protocol based on IPv6.
  • Don’t use proprietary gateways or translators, making them inexpensive and easier to implement and maintain than other wireless technologies.
  • Thread is used by Google Nest Hub Max.

Z-Wave

  • Z-Wave: An interoperable, wireless mesh protocol that is based on low powered radio frequency (RF) communications.
  • The Z-Wave protocol uses an RF signal on the *908.2MHz frequency and extends to 330 feet (0.1 km).
  • Z-Wave is inexpensive, reliable, and simple to use. The Z-Wave protocol supports a closed network for security purposes.
  • Over 3300 types and models of home and business IoT devices are certified to use Z-Wave technology, with more than 100 million devices in use worldwide.

Wireless mesh network (WMN)

Mesh networks are used by many popular wireless IoT network protocols, like Zigbee and Z-Wave, for device communication. Wireless mesh networks use less power than other wireless connectivity options. Wireless mesh is a decentralized network of connected wireless access points (WAP), also called nodes. Each WAP node forwards data to the next node in the network until the data reaches its destination. This network design is “self-healing,” meaning the network can recover on its own when a node fails. The other nodes will reroute data to exclude the failed node. Wireless mesh is a good option for high reliability and low power consumption, which is better for battery powered IoT devices. Wireless mesh networks can be configured to be full or partial mesh:

  • Full mesh network: Every node can communicate with all the other nodes in the network.
  • Partial mesh network: Nodes can only communicate with nearby nodes.

Bluetooth

Bluetooth is a widely used wireless network that operates at a 2.45 GHz frequency band and facilitates up to 3 Mbps connections among computing and IoT devices. Bluetooth has a range of up to 100 feet (ca. 30 m) and can accommodate multiple paired connections. It is a good choice for creating a short distance wireless connection between Bluetooth enabled devices. Bluetooth is often used by computing devices to manage, configure, control, and/or collect small amounts of data from one or more close range IoT devices. For example, Bluetooth may be used to control smart home lighting or thermostat IoT devices from a smartphone.

Near-Field Communication (NFC)

NFC is a short-range, low data, wireless communication protocol that operates on the 13.56 MHz radio frequency. NFC technology requires a physical chip (or tag) to be embedded in the IoT device. NFC chips can be found in credit and debit cards, ID badges, passports, wallet apps on smartphones (like Google Pay), and more. A contactless NFC scanner, like a Point-of-Sale (POS) device, is used to read the chip. This scanner communication connection typically requires the IoT device to be within 2 inches (5.08 cm) of the scanner, but some NFC chips have an 8 inch (20.32 cm) range. This short-distance range helps to limit wireless network security threats. However, criminals can carry a portable NFC scanner into a crowded area to pick up NFC chip data from items like credit cards stored inside purses and wallets. To protect against this type of data theft, the cards should be placed inside special NFC/RFID sleeves that make the chips unreadable until they are removed from the sleeves. NFC technology may also be used in the pairing process for Bluetooth connections.

Long Range Wide Area Network (LoRaWAN)

LoRaWan is an open source networking protocol designed to connect battery powered, wireless IoT devices to the Internet for widely dispersed networks.

Troubleshooting and the Future of Networking

Introduction to Troubleshooting and the Future of Networking

  • After every possible safeguard in place, misconfiguration happens and:
    • Error still pop-up
    • Misconfiguration occur
    • Hardware breaks down
    • System incompatibilities come to light

Error-detection

“The ability for a protocol or program to determine that something went wrong.”

Error-recovery

“The ability for a protocol or program to attempt to fix it.”

Verifying Connectivity

Ping: Internet Control Message Protocol (ICMP)

ICMP Message

  • ICMP packet is sent to troubleshoot network issues.

  • The make-up of an ICMP packet is pretty simple, it has a HEADER and DATA section.

  • The ICMP HEADER has the following fields:

    • TYPE: 8-bits long, which specifies what type of data is being delivered. Like, destination unreachable or time exceeded.
    • CODE: 8-bits long, which indicates a more specific reason than just a type. I.e., destination unreachable type, there are different cods for destination network unreachable or destination port unreachable.
    • Checksum: 16-bits checksum, that work like every other checksum field.
    • Rest of Header 32-bits long, this field is optionally used by some specific codes and types to send more data.

  • Data Payload section for ICMP

    • The payload for an ICMP packet exists entirely so that the recipient of the message knows which of their transmissions caused the error being reported.
    • It contains the entire IP Header, and the first 8-bytes of the data payload section of the offending packet.

  • ICMP isn’t developed for the humans to interact with.

    ICMP Message ICMP Message

Ping

Ping lets you send a special type of ICMP message called an Echo Request.

  • Echo Request just asks, hi, are you there?
  • If the destination is up and running and able to communicate on the network, it’ll send back an ICMP Echo Reply message type.

Traceroute

“A utility that lets you discover the path between two nodes, and gives you information about each hop along the way.”

Traceroute Traceroute

  • Two similar tools to traceroute are:
    • MTR - Linux/macOS
    • pathping - Windows

Testing Port Connectivity

  • Sometimes, you need to know if things working at transport layer.
  • There are two powerful tools for this at your disposal:
    • netcat - Linux/macOS
    • Test-NetConnection - Windows

Digging into DNS

Name Resolution Tools

  • The most common tool is nslookup.
  • Available on all OSs.

Public DNS Servers

  • An ISP almost always gives you access to a recursive name server as part of the service it provides.

  • Many businesses run their own name servers. To give names to the Printers, computers etc. instead of referring them with their IPs.

    A Private Name server A Private Name server

  • Another option is using DNS as a service provider. It is becoming more popular.

  • Some organizations run Public DNS servers, like Google’s 8.8.8.8, Cloudflare’s 1.1.1.1, quad9’s 9.9.9.9 etc.

  • Some level 3 DNS provider also provide free public DNS servers, but not advertised by them. I.e., 4.2.2.3 etc.

    • Name servers specifically set up so that anyone can use them, for free.
    • Most public DNS servers are available globally through anycast.

  • One should be careful when using Public DNS server, hijacking outbound DNS query, and redirecting the traffic to a malicious website is a common intrusion technique.

  • Always make sure the name server is run by a reputable company, and try to use the name servers provided by your ISP outside of troubleshooting scenarios.

    DNS Hi-jacking DNS Hi-jacking

DNS Registration and Expiration

Registrar

An organization responsible for assigning individual domain names to other organizations or individuals.

  • Originally, there was only one company, Network Solutions INC responsible for domain Registration.
  • Network Solutions Inc. and USA government came to an agreement to let other companies also sell domain names.

Hosts Files

  • The original way that numbered network addresses were correlated with words was through hosts files.
  • Most modern system, like computers and Mobile phones, still hosts files.
  • Hosts files are a popular way for the computer viruses to disrupt and redirect users’ traffic.

Hosts File

“A flat file that contains, on each line, a network address followed by the host name it can be referred to as.”

Loopback Address

A way of sending network traffic to yourself.

  • Loopback IP for IPv4 is 127.0.0.1
  • Almost all hosts files in existence will, in the very least, contain a line that reads 127.0.0.1 localhost, most likely followed by ::1 localhost, where ::1 is the loop back address for IPv6.

The Cloud

What is The Cloud?

  • Not a single technology, it’s a technique.

Cloud Computing

“A technological approach where computing resources are provisioned in a shareable way, so that lots of users get what they need, when they need it.”

Or

“A new model in computing where large clusters of machines let us use the total resources available in a better way.”

  • Hardware virtualization is at the heart of cloud computing.
  • Hardware virtualization platforms deploy what’s called a hypervisor.

Virtualization

“A single physical machine, called a host, could run many individual virtual instances, called guests.”

Hypervisor

“A piece of software that runs and manages virtual machines, while also offering these guests a virtual operating platform that’s indistinguishable from an actual hardware.”

A Hypervisor A Hypervisor

Public Cloud

A large cluster of machines runs by another company.

Private Cloud

Used by a single large corporation and generally physically hosted on its own premises.

Hybrid Cloud

A term used to describe situations where companies might run a thing like their most sensitive proprietary technologies on a private cloud, while entrusting their less-sensitive servers to a public cloud.

Everything as a Service

  • X as a Service, where X can mean many things.

Infrastructure as a Service (IaaS)

You shouldn’t have to worry about building your own network or your own servers.

Platform as a Service (PaaS)

A subset of cloud computing where a platform is provided for customers to run their services.

Software as a Service (SaaS)

A way of licensing the use of software to others while keeping that software centrally hosted and managed.

  • Gmail for Business
  • Office 365 Outlook

Cloud Storage

  • Operate in different geographic region.
  • Pay as you use
  • Good for backup

IPv6

IPv6 Addressing and Subnetting

  • IPv4 was run out of new IPs

  • IPv5 was an experimental protocol that introduced the concept of connections.

  • IPv6 = 128 bits, written as 8 groups of 16-bits each. Each one of these groups is further made up of four hexadecimal numbers.

  • Full IPv6 address looks like this

    An IPv6 Address An IPv6 Address

  • Reserved IPv6 range is as follows, for education, documentation, books, courses etc.

    Reserved IPv6 Addresses Reserved IPv6 Addresses

Shortening of an IPv6 address

Two rules

  • Remove any leading zeros from a group
  • Any number of consecutive groups composed of just zeros can be replaced with two colons ::.
  • Any IPv6 address begins with FF00:: is used for multicast.
  • Any IPv6 address begins with FE80:: is used for Link-local unicast.
  • The first 32-bits of IPv6 are network ID, and last are host ID.
  • IPv6 uses the same CIDR notation for subnet mask.

Multicast

A way of addressing groups of hosts all at once.

Allow for local network segment communication and are configured based upon a host’s MAC address.

IPv6 Headers

  • Header, much simpler than IPv4 header.

  • IPv6 header has the following components:

    • Version field

    A 4-bit field that defines what version of IP is in use.

    • Traffic class field

    An 8-bit field that defines the type of traffic contained within the IP datagram, and allows for different classes of traffic to receive different priorities.

    • Flow Label Field

    A 20-bit field that’s used in conjunction with the traffic class field for routers to make decisions about the quality of service level for a specific datagram.

    • Payload length field

    A 16-bit field that defines how long the data payload section of the datagram is.

    • Next header field

    A unique concept of IPv6, and needs a little extra explanation. It defines what header is up next after that. To help reduce the problems with additional data that IPv6 addresses impose on the network, the IPv6 header was built to be a short as possible. One way to do that is to take all the optional fields and abstract them away from the IPv6 header itself. The next header field defines what kind of header is immediately after this current one. These additional headers are optional, so they’re not required for a complete IPv6 datagram. Each of these additional optional headers contain a next header field and allow for a chain of headers to be formed if there’s a lot of optional configuration.

    • Hop limit

    An 8-bit field that’s identical in purpose to the TTL field in an IPv4 header.

    • Source Address : 128-bits
    • Destination Address : 128-bits
    • Data Payload section

    An IPv6 Header An IPv6 Header

IPv6 and IPv4 harmony

  • Not possible for whole Internet to switch to IPv6 in no time.

  • So, IPv6 and IPv4 traffic need to coexist during the transition period.

  • This is possible with IPv4 mapped address space. The IPv6 specifications have set aside a number of addresses that can be directly correlated to an IPv4 address.

    IPv4 mapped address space IPv4 mapped address space

  • More important is IPv6 traffic needs to travel to IPv4 servers.

  • This is done through IPv6 tunnels.

IPv6 tunnels

Servers take incoming IPv6 traffic and encapsulate it within traditional IPv4 datagram.

  • They consist of IPv6 tunnel servers on either end of a connection. These IPv6 tunnel servers take incoming IPv6 traffic and encapsulate it within traditional IPv4 datagrams. This is then delivered across the IPv4 Internet space, where it’s received by another IPv6 tunnel server. That server performs the de-encapsulation and passes the IPv6 traffic further along in the network.

    IPv6 tunneling IPv6 tunneling

IPv6 tunnel broker

Companies that provide IPv6 tunneling endpoints for you, so you don’t have to introduce additional equipment to your network.