Home Blog

Networking notes

January 6, 2026

OSI Model

Ethernet

Physical and data-link layer

  • Destination address: 6 bytes
  • Source address: 6 bytes
  • Ether Type: Payload content format

Each computer has unique MAC address in the network

To broadcast to every device (send to), destination address is set to ff:ff:ff:ff:ff:ff

PPP (Point-to-point)

Data-link layer

  • Address and Control fields are not used for now (set to some default)
  • FCS = Frame check sequence

Internet Protocol (IP)

IP is a routed protocol

  • Version: Specifies IP version (4 or 6)
  • Service type: How packets are treated when routed (Quality of service)
  • 8-16 bytes: Related with IP fragmentation
  • Time to live: Value used to prevent routing loops (Decrement at every hop)
  • Protocol: Which type of package is in IP as data
  • Checksum: frame check sequence value

IP Fragmentation

  • IP packet is larger than that link can support (MTU)
  • More fragments flag: There is more data to come with same identification number
  • Fragment offset: Bytes offset of packet when reassembling (fragment count is the order)
  • Don’t fragment: Tell router not to fragment the packet (if packet size is > MTU, router drops the packet and returns with an ICMP packet) (Sometimes used for security purposes to prevent attackers from inserting fragments)

IPv6 doesn’t have a DF bit, and it uses a “Packet too big ICMPv6 message”

Internet control message protocol (ICMP)

  • Used by network devices to send error messages e.g. unreachable host, network, port or protocol
  • Echo request / reply (used by ping)
  • it’s above IP: carried in IP datagrams, protocol number 1

consists of: - type - code plus header - first 8 bytes of IP datagram causing error

How Traceroute works?

  1. source sends set of UDP segments to destination ( 1st set has TTL=1, 2nd set has TTL=2, etc…)
  2. datagram in nth set arrives to nth router (router discards datagram and sends ICMP message including it’s IP address)
  3. when arrived at host, host returns ICMP “port unreachable” and it stops

Maximum Transmission Unit (MTU)

video

  • The largest frame or packet that can be transmitted or received on an interface

Subnetting

  • Taking a network and dividing it into sub-networks

Attributes of subnetting: - # of ip addresses in sub-network - cidr / subnet: converting between them - Network IP: first IP address in each sub-network - Broadcast IP: last IP address in each sub-network

Network and broadcast IP’s are NOT assigned to any user in the network! e.g. in /24, 256 possible addresses but only 254 usable

Solving subnets video

Address resolution protocol (ARP)

  • Tracking an IP address to a physical machine in LAN (MAC)
  • Sending a broadcast (every device receives) into network and asking “who (MAC address) owns this IP address?”
  • Mapping between IP and Ethernet
  • For IPv4
  1. packet arrives at a gateway to a host machine
  2. prompts the ARP program to match the IP address with a MAC address
  3. host searches it’s ARP-cache, if not found starts process

Transmission Control Protocol (TCP)

  • encapsulated inside IP packet
  • connection oriented
  • client initializes connection to server

helps with:

  • packet loss
  • re-ordering
  • multiple conversations
  • flow control (slow down if too many packets get dropped)

  • checksum: frame check sequence for TCP header and data
  • sequence number: set to a random number at the beginning, increased by 1 for each byte

TCP Connection

User Datagram Protocol (UDP)

  • Connectionless: no handshaking
  • “No frills”, “bare bone” internet transport protocol
  • UDP segments may be lost or delivered out of order
  • Each UDP segment is handled independently

Pros:

  • No connection establishment delay
  • Simple: no connection state
  • Small header size
  • No congestion control: UDP can blast away as fast as desired

Used by:

  • Streaming multimedia apps (loss tolerant, rate sensitive)
  • DNS (can still work in a congested state)
  • SNMP
  • HTTP/3

If reliable transfer needed over UDP (e.g., HTTP/3): add reliability and congestion control at application layer

Network Address Translation (NAT)

Port Address Translation (PAT)

Dynamic Host Configuration Protocol (DHCP)

  • Operates over UDP
  • Dynamically assigns an IP address to a machine that connects to the network
  • Delivers the DHCP lease (time for IP lease)
  • Configures network settings (subnet mask, gateway & DNS IP addresses, MTU etc…)

DHCP explained