Networking Overview
From wikinotes
TODO:
this page is abysmal. fix.
Resources
router overview https://www.uhcl.edu/computing/information-security/tips-best-practices/routers
Tutorials
code a TCP/IP stack https://www.saminiir.com/lets-code-tcp-ip-stack-1-ethernet-arp/
5-layer TCP/IP model
- layer protocol unit address 1 physical 10 Base T, 802.11 Bits n/a 2 datalink Ethernet, WiFi Frames MAC addr 3 network IP Datagram IP addr 4 transport TCP, UDP Segment Ports 5 application HTTP, SMTP, .. Messages n/a
Intro
Example Transaction
An example might help this sink in.
visit a website: #(GET request on server's port 80) transport (HTTP) request is sliced into segments(transport) of 536 bytes or smaller network (TCP/IP) if network knows how to reach destination, each segment is wrapped in TCP/IP info, and handed off to the datalink layer. datalink (MAC,ARP) Adds information about the physical protocol (ethernet, token-ring, ...) and fires the data to a target MAC address. --- physical the information is sent over the wire --- On the receiving end, datalink, and network layers are stripped off, and all segments (transport) are re-assembled to form the request. This is handed to the web-server, which then repeats the above with a reply.
Layers
Physical
coax optical Datalink
protocols ethernet most commonly used protocol for the datalink layer
terminology routing schemes broadcast, unicast, multicast, ... duplex If traffic can be sent/received at the same time MTU the largest allowed frame-size (datalink) on a network.
Network Configurations vlan using one NIC/cord to share multiple connections to separate networks (ex: WAN/LAN on firewall)
Datalink Errors frame errors Frames received with an invalid checksum. drops Frames that were discarded by the netwk iface. unexpected VLAN tags, ipv6 packets when iface is not configured for ipv6. overruns Too much data received too quickly (before kernel can handle them). The buffer is full, so packets are dropped. collisions On half-duplex netwk, when 2x sides of a connection are talking at the same time. finding datalink errors
netstat -i ## Windows does not officially support viewing datalink errors. check the switchTX- ## packets sent RX- ## packets received *-OK ## correctly recceived frames *-ERR ## incorrect packets received *-DRP ## packets dropped at this interface *-OVR ## packets this interface was unable to receiveNetwork
Protocols ipv4 ipv6
Transport
Protocols tcp