Should be a short summary / quick cramming guide for Computer networks since i forgot everything from my networks course
only doing PART of application & network layer from TCP/IP model.
^ This provides a really good, simple concise introduction.
Book: Computer Networking A Top-down Approach
Network: two or more devices connected through a link
link: communication pathway that transfer data from one device to another
- Network Topology
- Types of area networks
- Line Configuration
- Transmission Modes
- Delay, loss, throughput
- Relation between application layer & transport layer network application consists of pairs of processes that send messages to each other over a network.
- HTTP Persistent VS non-persistent connection & pipelining
- Cookies to keep state
- HTTP VS HTTPS
- How DNS works
- Overview: TCP & UDP
- Relation between transport & network layer
- Multiplexing & demultiplexing
- UDP: Connectionless Transport
- UDP: Checksum
- TCP: Connection Oriented Transport
- TCP Connection: 3-way handshake
- Principles for Reliable Data Transfer
- TCP: Reliable Data Transfer
- TCP: Connection Termination
- TCP VS UDP
- idk other stuff????
Putting it to practice / in summary / interview questions
separation of responsibility / decoupled.
each layer handles different responsibility, top layer does not need tp worry about bottom layer stuff.
each device in network is associate with a unique device name called hostname
Internet Protocol address.
network address of the device across the network. to identify each device in www assigns IPV4 address as unique identifier to each device on internet
IPV4 - 32 bits
IPv6 - 128 bits
Media Access Control address / physical address assigned to Network Interface Controller / Card.
- MAC address assigned by manufacturer of hardware interface IP address assigned by network administrator / ISP
- MAC address defines device identity, IP describes how devices are connecte to internet
- MAC: broadcasting. IP: broadcasting / multicasting
- MAC: implement in data-link layer. IP: implemented in Netwrok layer reference
logical channel through which data can be sent/received to an application
format and the order of messages exchanged between entities, & actions taken on the transmission
and/or receipt of a message or other event.
set of rules defining how entities communicate
Network Topology is the arrangement with which computer systems or network devices are connected to each other.
- LAN -- local area network. covers smallest area
- MAN -- Metropolitan are network. cover larger area than LAN smaller area then WAN
- WAN -- Wide Area network. covers largest area. any network whose communications link cross metropolitan, regional or national boundaries.
media for data tranmission
- LAN: Wifi/ Ehternet cables
- MAN: modem & wire / cable
- WAN: leased telephone lines / satellite links
- LAN: usually group of computer / network devices connecte together usually within same building
- MAN: spans several buildings
- WAN: internet
For communication to occur, two deivces must be connected in some way to same link at same time. There are two possible types of connections:
- point-to-point connection
- multipoint connection
- dedicated link between two devices
- entire capacity is reserved for transmission between 2 devices
multipoint / multidrop connection
- also called "Broadcast network"
- packet transmitted by sender is received and processed by every device on link. But by address field in packet receiver determines whether the packet belongs to it or not.
- 2 or more devices share single link
- capacity is shared spatially or temporal
- spatial sharing - devices share link simultaneously
- temporal sharing - users take turns using the link
transferring of data between two devices also known as communication mode
- full duplex
- communication is unidirectional
- only one of two devices on link can transmit, other can receive
- uses entire capacity of channel to send data in 1 direction
eg. keybord & monitor. keyboard only introduce input, monitor only give output
each station can transmit and receive but not at same time. When 1 send, other canon only receive.
Entire capacity of channel utilized for each direction
eg. walkie talkie. must say "over" so other person can speak
- both can transmit and receive simultaneously
- signals going in 1 direction share capacity of signals going in other direction
- link contains 2 physically separate transmission paths (one for sending other receiving)
- capacity divided between signals
e.g. landline. both can talk and hear and talk over each other lmao.
This slides provides a really great concise overview.
how long will it take for packet to travel from point A to point B
- Processing Delay - time to examine packet's header and determine where to direct packet
- Queuing delay - packet waits to be transmitted onto link
- transmission delay - amount of time required to push / transmit all of packet's bits into link eg. if Ethernet link rate is R=10Mbps & length of packet is L bits. transmission delay is L(lenght of packet)/R (rate)
- propagation delay - time required to propagate from beginning to link to router B. depends on physical medium of link
transmission VS propagation delay
transmission: amount of time required for router to push out packet. (function of packet's length & transmission rate of link, nothing to do with distance between routers)
propagation: time taken to propagate from one router to next
(function of distance between routers, nothing to do with packet's length / transmission rate of link)
If packet arrives to a full queue, the router will drop it since there is no place to store packet
- Instantaneous Throughput - rate (in bits/sec) at which Host B is receiving file / packet
- average throughput amount of bits recevied (F) / time taken for Host B to receive all bits (T) = F/T
Interface between application layer and transport layer
eg. When process wants to send a message to another process on another host, it
shoves the message out its door (socket). Other process received message through door (socket) and acts on it.
HyperText Transfer Protocol. is a stateless protocol
- client program - browser, browser implement client side of Web
- server program - Web server implement server side of HTTP, house Web objects each addressable by URL.
HTTP uses TCP as underlying transport protocol
- client initiate TCP connect with server
- Browser & server processes access TCP via socket interface
TCP provides reliable data transfer service to HTTP, so each HTTP request response message sent by server eventually arrives intact at client.
HTTP need not worry about lost data or the details of how TCP recovers from loss or reordering of data within the network. That is the job of TCP and the protocols in the lower layers of the protocol stack
HTTP server maintains no information about client. if client asks for same object, server will server it will not response saying it just served object to client.
HTTP client & server will communicate for extended amount of time. must decide send each request/response over separate (non-persistent) OR same (persistent) TCP connection
requests for objects can be made back-to-back without waiting for replies to pending requests
default HTTP mode uses HTTP with pipelining & connection closes when not used for certain time
persistent VS non-persistent
- brand new connection established and maintained for each requested object. TCP buffers allocated TCP variable allocated in both server & client --> burden
- each object suffer delivery delay of 2 RTT - 1 RTT to establish TCP connected 1 RTT to request & receive object.
Website needs to identify users & serve content as function of user identity.
- HTTPS (or rather SSL) is a transport layer protocol, HTTP is a application layer protocol
- HTTP transfer data in plain text HTTPS transfer data encrypted. hacker can read sensitive data or modify data, entities communicating will be none the wiser
- HTTPS is slower since it consumes computation power to encrypt communication channel
- independent authority (certificate authority, CA) verifies identity of certificate owner. over HTTPS, one cannot impersonate.
- HTTPS can't stop stealing confidential information from pages cached in browser
Details in this section taken from cloudflare
TLS is an encryption protocol designed to secure Internet communication. During TLS both parties exchange messages to acknolwedge eahc other, verify each toehr & establish encryption algos & agree on session keys
TLS handshakes are a foundational part of how HTTPS work.
- Client Hello
- client initiates by senidng "hello" along with:
- TLS version client supports
- ciper suite supported &
- client random (string of random bytes)
- Server Hello
- Server's SSL cert
- Server's chosen cipher suite
- server random
- client verfies server SSL cert with cert authority (CA)
- premaster secret
- client sends premaster key (random string of bytes)
- premaster key is encrypted with server public key (can only be seen by server)
- Session keys created
- BOTH client & server generate session keys from
- client random
- server random
- premaster key
- Client ready
- client sends "finished" encrypted with session key
- Server ready
- server send "finished" encrypted with session key
- server & client agree on cipher suite
- server sends SSL cert
- client check that server cert is authentic / can be trusted
- Key Exchange
- server & client create session key (symmetric keys)
- certificate is issued by a Certificate Authority that browser trusts (usually pre-installed on browser, can add & remove)
- Digital Signature
- verify that person presenting cert is also person controlling the domain
- certificate is "signed" by another authority to declare person controlling cert controls domain
- Authority uses "private key" (basically a unique key only authority can produce, much like a signature) to encrypt contents of cert. cipher text is attached to cert as digital signature
- anyone can use public key to decrypt and match contents. only authority can produce the signature.
- browser can use CA public key to check if signature is valid.
man in middle can technically replay info from client to server. but information is encrypted and attacker will not have server's private key to decrypt and read information.
physical path between transmitter and receiver (i.e. channel through which data is sent from one palce to another)
Domain Name system. translates hostname (human friendly names) to IP addresses.
- distributed database implemented in hierarchy of DNS servers
- application-layer protocol that allows hosts to query distributed database.
when browser extracts hostname, DNS client sends query for hostname to DNS server. DNS server will reply with IP address.
DNS adds delay but delay is circumvented as IP address usually cached in "nearby" DNS server
DNS reply & query sent in UDP datagrams to port 53. DNS is a distributed hierarchical Database
- browser invoke client side of DNS with hostname to be translated
- DNS sends query message to network. All DNS reply & query are sent within UDP datagrams to port 53
- DNS in user host receive DNS reply message with desired mapping
- mapping passed to invoking application (browser)
distributed hierarchical Database
DNS uses a large number of servers,
organized in a hierarchical fashion and distributed around the world. mappings
are distributed across the DNS servers
- root DNS server (at top)
- top level domain (TLD) DNS server
authoritative DNS server (at bottom)
amazon.com-> client contact root server --> root server return IP address for TLD server (the com DNS server) -> client contact TLD server -> TLD server returns IP addrss for authoritative server for
amazon.com-> authoritative server returns IP address
Local DNS server
not in hierachy. Each ISP will have local DNS server, when host connect to ISP, ISP provides host with IP address of DNS server (typically via DHCP)
host makes DNS query, query sent to local DNS server which acts as proxy forwarding query to DNS server hierarchy.
DNS queries can be iterative or recursive
in query chain, DNS servers do caching so results can be returned more quickly
TCP/IP network makes 2 distinct transport-layer protocols to application layer:
TCP (Transmission Control Protocol)
- provides reliable, connection-oriented service to the invoking application
UDP (User Datagram Protocol)
- provides unreliable connection-less service to invoking application
extend host-to-host delivery service provided by network layer to process-to-process delivery service for applications running on hosts.
At destination host, transport layer receives segments from network layer below, transport layer responsible for delivering data in segments to appropriate application process running in host.
eg. in your computer u run 4 processes (FTP session, webpage HTTP session + 2 telnet sessions) transport layer on receiving data from network layer must direct it to 1 of these 4 processes
transport layer: TCP / UDP
network layer: IP
demultiplexing: at receiving end, transport layer examine segment fields to identify receiving socket & deliver it to correct socket
multiplexing: at source host, gather data chunks from different socket, encapsulate each data chunk with header info to create segment and pass them to network
TCP and UDP perform demultiplexing & multiplexing by including 2 fiels in segment headers:
- source port
- destination port
Each socket assigned port umber when segment arrives at host tarnsport layer examines destination port number and directs segment to corresponding socket. Segment's data passes through socket to attached process.
connectionless because there is no handshaking between sending & receiving transport-layer entities before sending segment.
- takes messages from application process
- attaches source and destination port number (for multiplexing & demultiplexing)
- adds 2 other small fields
- pass resulting segment to network layer
- network layer encapsulate transport-layer segment into an IP datagram & make best-effort attempt to deliver segment to receiving host
- If segment arrives at receiving host, UDP use destination port number to deliver segment data to correct application process.
DNS is an applicatio-layer protocol that uses UDP
when DNS application in host wants to make query
- application constructs DNS query message & passes it to UDP
- host-side UDP adds header fiels to message
- host-side UDP passes resulting segment to network layer
- netowrk layer encapsulates UDP segment to datagram & sends datagram to name server
- DNS application at querying host waits for reply to query
- If no reply (becuase underlying network lost query / reply), it tries sending query to another name server / inform invoking application that it can;t get reply
- Lesser delays: No handshake = no delay to establish connection
- Small packer header overhead
- Support more clients: No connection state = server devoted to particular application can support more active client when application runs over UDP rather than TCP
provides error detection: ensure bits in UDP segment have not been altered
- sender performs 1s complement of sum of all words in segment (any overflow is wrapped around)
- result is put in checksum field
- if segment arrives
- all 4 16-bit words are added together with cehcksum
- sum = 1111111111111111
- segment has no errors. If there is >=one 0 there are errors.
Why checksum? -layer protocols) between source & destination provide error checking.
TCP(Transmission Control Protocol)Internet's transport-layer connection-oriented reliable transport protocol
TCP connection provides a full-duplex service.
TCP connection is always point-to-point (between single sender & single receiver)
before 1 application process sends data to another, 2 processes must first "handshake" with each other
Reliable Data Transfer
TCP relies on principles of reliable data transmission
- error detection
- cumulative acknowledgement
- header fields for sequence & acknowledgement numbers
3-way handshake process to establish a fully-duplex communication
- client wants to establish connection with server.
- client send segment with SYN (synchronize Sequence Number) that informs server that client is likely to start communication with with what sequence number it starts segment with
- server responds to client request with SYN + ACK signal bits set.
- ACK: signifies response of segment it received
- SYN: signifies with what sequence number it is likely to start segments with
- client acknowledges response of server & both establish reliable connection with which they will start the actual data transfer
SYN & SYN+ACK establish connection parameter (sequence number) for one direction & it is acknowledged
SYN+ACK & ACK establish the connection parameter (sequence number) for other direction & it is acknowledged.
Information in this section is all taken from this medium article by Zack West.
I *HIGHLY RECOMMEND reading it. It introduces concepts for reliable data transfer in a really simple and concise way. In summary.
Reliable data transfer has 2 key components:
- data loss
- data corruption
There are a few components that address this:
- acknowledgement from receiver to let sender know data is received.
- timeout in case sender never receives ACK/NACK response
Mapping ACK/NACK to data segment sent
- stop and wait
- sender sends single data segment and waits for response
- SEQ (send multiple data segments)
- SEQ (sequence numbers). When sender sends multiple data segments. SEQ lets the sender know which ACK / NACK message is for which data segment
- Go back N
- sliding window
- sender transmit packets waits on ACKs from receiver.
- as sender receives ACKs base value (representing window minimum) slides forward "quthorixing" incremented SEQ numbered-segments
- receiver: packets received out of order are discarded
- selective repeat
- receiver can accept packets out of order.
- receiver can accept & buffer frames following a damaged or lost one
- retransmission of packets happen when:
- implicit: packets are not ACKed nefore time out
- explicit: explicit NACK
GBN & SR further reading:
TCP Is a mix of GBN & SR (https://networkengineering.stackexchange.com/a/29478)
TCP creates reliable data transfer service on top of IP's unreliable best-effort service.
TCP reliable data transfer service ensures data stream that a process reads out of its TCP receive buffer is uncorrupted
- data received from application
- TCP receive data, encapsulate data in segment, pass segment to IP (each segment includes a sequence number - byte-stream number of first data byte in segment)
- timer timeout
- TCP re transmits segment that caused timeout
- TCP restarts timer
- ACK receipt
- sener TCP determine whether ACK is first time ACK for segment sender has yet to receive or a duplicate ACK
- first-time ACK: sender knows all data up to byte being acknowledge has been received correctly. It can update its TCP state variable. ACK from Host B to Host A is lost. Host A re transmits segment after timeout. Host B receives the retransmission and observers from sequence number that the segment contains data that has already be received. Host B will discard bytes in retransmitted segment. if second ACK segment arrives before the new timeout ends, the second segment (seq=100 sender segment) will not be sent. Host A sends 2 segments but ACK of first is lost. Host A gets ACK of 120. so it knows B has received both segments. Host A will not resend second segment.
Information from this sectio is taken from Guru99
- use when both client & server independently send packets at same time & occasional delay is acceptable (eg. Online Poker)
- both client and server may separately send packets & occasional delay is not acceptable (multiplayer games)
Applications / Advantages
- establish connection between 2 computers
- can be use for servers that answer small queries from larger client base (eg.DNS)
- used by time-sensitive applications
- multicasting sending
I HIGHLY RECOMMEND this medium article by maneesha wijesinghe1
It is super detailed and if you are short on time, the headers provide a really good brief.
- type in URL
- cache check for DNS record with IP address of URL. browser cache, OS cache, router cache, ISP cache
- not in cache, ISP DNS server do DNS lookup of URL (to get IP address)
- browser initiate TCP connection with server (of the website). SYN/ACK stuff
- TCP connection initiated, browser send HTTP request to server
- server contains web server (apache, nginx) server handles request sends back resposne
- server send HTTP response (usually for SPA, the page loads coz browsers sends HTTP GET and webserver returns index.html)
- browser displays HTML content
- Dont store plain text
- Hash passwords
- Add salt (random phrase) to password
- Add dynamic salt (random phrase that changes for every user). each user will have to store hashed password + dynamic salt.
- use BCrypt VS md5. (BCrypt does salt)
- never tell someone their selected password is not unique
very quick hashing function -> faster calculation - faster brute force attacks
- generate salt
- hash password with generated salt
- can choose value of salt Rounds (increase time to compute hash & reduce brute force attacks) however time to compute hash must not be too long so users will not run out of patience
bcrypt VS md5