Skip to main content
HashnodeCOMPUTER NETWORKING

Command Palette

Search for a command to run...

Full Computer Networking

Published
47 min read
C
cherukuri naga vengama naidu

The ARPA Story: Birth of the Internet

The story of the Internet begins in the 1960s during the Cold War. The United States government created ARPA (Advanced Research Projects Agency) with a critical goal: to build a communication network that could continue functioning even if parts of it were destroyed. The idea was to create a system strong enough to survive attacks and still allow information sharing.

To achieve this, ARPA developed ARPANET in 1969, which became the world’s first packet-switching network. Instead of sending data as one large block, packet switching breaks information into smaller packets and sends them separately. Universities and research laboratories connected their computers to ARPANET, allowing them to share resources and communicate electronically.

However, a major problem appeared. Different computers used different operating systems and communication methods. These systems could not easily understand one another. A common language was needed so that all networks could communicate regardless of their internal design.

This led to the birth of TCP/IP in the 1970s. Two scientists, Vint Cerf and Bob Kahn, designed the TCP/IP protocol suite, which made it possible for different networks to communicate as one large interconnected system. TCP (Transmission Control Protocol) ensures reliable data delivery, while IP (Internet Protocol) handles addressing and routing.

A historic moment came on January 1, 1983, when ARPANET officially switched to TCP/IP. This date is widely known as the birth of the modern Internet, because it marked the start of a universal networking standard.

Why IP Was Needed

As networks grew, computers required two essential things:

  1. A unique address so each device could be identified

  2. A method to send packets between different networks

This is where the Internet Protocol (IP) became important. IP provides a logical addressing system that allows devices to locate and communicate with each other across networks worldwide.

What is an IP Address?

An IP address is a unique logical address assigned to every device on a network. It works much like a home address:

  • A home address identifies your house

  • An IP address identifies your device on a network

Without IP addresses, data would not know where to go.

IPv4 Address Structure

The most common version of IP is IPv4, which uses 32 bits to form an address. It is written as four numbers separated by dots, like this:

192.168.1.10

Each number represents 8 bits and can range from 0 to 255.

Example in binary:

192 .168 .1 .10
11000000.10101000.00000001.00001010

Parts of an IP Address

An IP address is divided into two main parts:

  • Network Part – Identifies the network

  • Host Part – Identifies the specific device within that network

For example:

192.168.1.10/24

  • Network = 192.168.1

  • Host = 10

The “/24” indicates how many bits are used for the network portion.

Understanding the OSI Model (7 Layers) — Complete Detailed Guide

The OSI Model (Open Systems Interconnection Model) is a conceptual framework that explains how data travels from one computer to another over a network. It was designed to ensure that different systems, devices, and software can communicate with each other in a standardized way.

Before the OSI model, different technologies followed their own communication rules, which made interoperability difficult. The OSI model solved this by dividing the communication process into structured layers, where each layer performs a specific function.

You can think of the OSI model like a step-by-step delivery process for sending information. Just as a package moves through different stages before reaching the receiver, data also moves through different layers before reaching its destination.

The 7 Layers of the OSI Model

The OSI model consists of seven layers, arranged from top to bottom:

7. Application
6. Presentation
5. Session
4. Transport
3. Network
2. Data Link
1. Physical

Each layer has a clearly defined role. When data is sent from a device, it travels down the layers from Application to Physical. When data is received, it moves up the layers from Physical to Application.

This layered approach makes networking easier to design, understand, troubleshoot, and standardize.

Layer 1: Physical Layer

The Physical Layer is the bottom layer of the OSI model. It deals with actual hardware and signal transmission.

This layer is responsible for sending raw bits (0s and 1s) through electrical signals, light signals, or radio waves. It defines cables such as fiber and copper, connectors, and voltage levels. The physical layer does not understand data; it only transmits bits.

Examples include Wi-Fi signals, Ethernet cables, and fiber optic cables. Without this layer, no physical connection exists.

The Data Link Layer ensures data transfer between two devices on the same network.

Its responsibilities include MAC addressing, framing, error detection, flow control, and switching. The data unit at this layer is called a frame. The MAC address is the physical address of a device.

Switches operate at this layer. An example is sending data between two computers connected to the same Wi-Fi router.

Layer 3: Network Layer

The Network Layer is responsible for logical addressing and routing. It finds the best path to send data across different networks.

Its responsibilities include IP addressing, routing, and packet forwarding. The data unit here is called a packet.

Routers operate at this layer. For example, when data is sent from India to a server in the USA, the network layer determines the route.

Layer 4: Transport Layer

The Transport Layer provides end-to-end communication and ensures data is delivered correctly and in order.

Its responsibilities include segmentation, error recovery, flow control, and port numbers.

Two main protocols work here:

  • TCP — Reliable communication

  • UDP — Faster but less reliable

An example is downloading a file, where TCP ensures all data arrives correctly.

Layer 5: Session Layer

The Session Layer manages sessions or connections between devices.

Its responsibilities include session establishment, session maintenance, session termination, and checkpoints with recovery.

An example is keeping a login session active on a website.

Layer 6: Presentation Layer

The Presentation Layer ensures data is in a readable format for the application.

Its responsibilities include data translation, encryption and decryption, and compression.

Examples include HTTPS encryption, converting file formats, and data encoding.

Layer 7: Application Layer

The Application Layer is the top layer and closest to the user. It provides network services to applications.

Common protocols at this layer include HTTP/HTTPS, FTP, SMTP, and DNS.

Examples include opening a website or sending an email.

How Data Travels Through OSI Layers

When sending data:

Sender Side (Top → Bottom)
Application → Presentation → Session → Transport → Network → Data Link → Physical

Receiver Side (Bottom → Top)
Physical → Data Link → Network → Transport → Session → Presentation → Application

Each layer adds its own header information. This process is called Encapsulation.

Data Units at Each Layer

Application / Presentation / Session → Data
Transport → Segment
Network → Packet
Data Link → Frame
Physical → Bits

Why the OSI Model is Important

The OSI model helps us understand networking clearly. It is widely used in troubleshooting, helps in designing network systems, and explains how protocols interact. Although it is a theoretical model, it is extremely important for learning networking fundamentals.

Understanding the TCP/IP Model (5 Layers) — Complete Guide

The TCP/IP model is the foundation of the Internet. Every website you open, message you send, or video you watch works because of TCP/IP.

TCP/IP stands for Transmission Control Protocol / Internet Protocol. It defines how data moves from one device to another across networks and allows different systems around the world to communicate reliably.

In modern learning, the TCP/IP model is commonly explained using five layers, where each layer has a specific responsibility in the communication process.

The 5 Layers of the TCP/IP Model

The five layers, from top to bottom, are:

Application
Transport
Network
Data Link
Physical

Each layer performs a unique function that ensures data reaches its destination correctly.

Layer 1: Application Layer

The Application Layer is the top layer of the TCP/IP model and is closest to the user. It provides network services directly to applications and allows software programs to communicate over the network.

Whenever you use the internet through an app or browser, this layer is active.

Common Protocols at the Application Layer

  • HTTP / HTTPS – Used to load websites

  • FTP – Used to transfer files

  • SMTP – Used to send emails

  • DNS – Converts website names into IP addresses

Example

When you type www.google.com into a browser, an HTTP request is sent to a server. Before the request reaches the server, DNS translates the website name into an IP address so the correct server can be found.

Layer 2: Transport Layer

The Transport Layer ensures that data moves properly between devices. It provides end-to-end communication and controls how data is delivered from one system to another.

This layer is responsible for data segmentation, error checking, flow control, and the use of port numbers to identify different applications on a device.

Main Protocols at the Transport Layer

  • TCP (Transmission Control Protocol) – A reliable protocol used for web browsing, email, and online banking. It ensures that all data arrives correctly and in the right order.

  • UDP (User Datagram Protocol) – A faster but less reliable protocol, commonly used in video streaming and online gaming where speed is more important than perfect accuracy.

Example

When downloading a file, TCP is used because every piece of data must arrive correctly. If any data is lost, TCP requests it again.

Layer 3: Network Layer

The Network Layer handles logical addressing and routing. Its job is to determine the best path for data to travel across different networks.

This layer makes sure data can move from one network to another using logical addresses.

Protocols at the Network Layer

  • IP (Internet Protocol) – Provides a logical address for each device.

  • ICMP (Internet Control Message Protocol) – Used for error reporting and diagnostics.

  • Routing Protocols – Help routers choose the best path for data.

Example

If your device IP address is 192.168.1.10 and the server IP address is 142.250.190.14, the network layer decides how your data should travel through various routers and networks to reach that server.

The Data Link Layer operates within a local network (LAN). It manages communication between devices that are directly connected to the same network.

This layer handles MAC addresses, framing, error detection, and reliable communication between devices on the same network. Data at this layer is organized into units called frames.

Common technologies at this layer include Ethernet, Wi-Fi, and ARP (Address Resolution Protocol), which helps map IP addresses to MAC addresses.

Switches operate at the Data Link Layer, forwarding frames between devices inside the local network.

Layer 5: Physical Layer

The Physical Layer is the bottom layer of the TCP/IP model. It is responsible for transmitting raw bits (0s and 1s) through the physical medium.

It deals with cables such as fiber and copper, signal types including electrical, light, and radio signals, and voltage levels. Like in the OSI model, this layer does not understand data — it only transmits bits.

How Data Travels Through the 5 Layers

To understand how these layers work together, consider what happens when you open YouTube.

At the Application Layer, the browser creates an HTTP request.

At the Transport Layer, TCP breaks the data into segments and adds port numbers.

At the Network Layer, IP adds source and destination IP addresses.

At the Data Link Layer, a frame is created that includes MAC addresses.

At the Physical Layer, the data becomes signals and travels through cables or Wi-Fi.

At the receiver side, the same process happens in reverse order.

Encapsulation Process

During transmission, each layer adds its own header information. This process is known as encapsulation.

Application Layer → Data
Transport Layer → Segment
Network Layer → Packet
Data Link Layer → Frame
Physical Layer → Bits

Why the TCP/IP Model is Important

Because of this model, the Internet works. Websites load, emails are sent, cloud services run, and DevOps networking functions properly. Without TCP/IP, communication between devices would not be possible.

Understanding Ports in Networking

In networking, an IP address identifies a device, while a port number identifies the application or service running inside that device.

You can think of it like this:

An IP address is like a house address.
A port is like a room number inside the house.

This combination allows data to reach not only the correct device but also the correct program on that device.

What is a Port?

A port is a logical communication endpoint used by the Transport Layer protocols TCP and UDP. Ports help the operating system know which application should receive incoming data.

Port numbers range from 0 to 65535, since they are 16-bit numbers.

Every network service runs on a specific port.

For example, a web server typically runs on Port 80, while an email server may use Port 25.

Types of Ports

Ports are divided into three main categories.

1. Well-Known Ports (0 – 1023)

These ports are reserved for common and widely used services. They are fixed and globally recognized.

Some examples include:

  • 20/21 (FTP) – File transfer

  • 22 (SSH) – Secure remote login

  • 23 (Telnet) – Remote login

  • 25 (SMTP) – Sending emails

  • 53 (DNS) – Name resolution

  • 80 (HTTP) – Web traffic

  • 443 (HTTPS) – Secure web traffic

2. Registered Ports (1024 – 49151)

These ports are used by applications, software services, and custom servers. They are registered but not as universal as well-known ports.

Examples include:

  • MySQL – Port 3306

  • PostgreSQL – Port 5432

  • MongoDB – Port 27017

3. Dynamic or Ephemeral Ports (49152 – 65535)

These are temporary ports automatically assigned by the operating system when a client starts communication. They are short-lived and released after the session ends.

For example, when you open a browser:

  • The server may use Port 443 (HTTPS)

  • Your system might assign Port 50321 as a temporary source port

Once the session ends, that port number becomes available again.

How Ports Work in Communication

When data travels across a network, it contains four key pieces of information:

  • Source IP

  • Destination IP

  • Source Port

  • Destination Port

For example:

Source IP: 192.168.1.5
Source Port: 50432
Destination IP: 142.250.x.x
Destination Port: 443

This tells the server where to send the reply — back to IP 192.168.1.5 on Port 50432.

TCP vs UDP Ports

Both TCP and UDP use ports, but they differ in how they handle data.

TCP provides reliable and ordered communication but is slower. It is used for web browsing and email.
UDP is faster but does not guarantee delivery or order. It is used in streaming and online gaming.

Ports function with both protocols.

Open Ports vs Closed Ports

An open port means a service is running and accepting connections.
A closed port means no service is listening on that port.
A filtered port is blocked by a firewall.

Attackers often scan systems for open ports, which is why port security and firewalls are important.

Why Ports Are Essential in Networking

Ports play a critical role in making modern networking possible. Without ports, communication over the Internet would not work the way it does today.

Without ports, a browser would not know how to reach a web server. Emails could not be delivered to the correct mail service. Online games would be unable to connect to their servers. Multiple applications on the same device would not be able to use the network at the same time.

Ports make it possible for many applications to share a single Internet connection simultaneously. They ensure that incoming and outgoing data reaches the correct program, allowing devices to handle web browsing, email, streaming, gaming, and other services all at once.

What is a Socket?

A socket is a combination of an IP address and a port number.

For example:

192.168.1.5 : 443

This combination uniquely identifies a communication endpoint on a device. While an IP address identifies the device, the port number identifies the specific application or service running on that device.

However, a complete network connection requires more than one socket. A full communication session is identified using four values:

  • Source IP

  • Source Port

  • Destination IP

  • Destination Port

This four-part combination ensures that data travels between the correct devices and the correct applications on both ends.

What is HTTP?

HTTP (HyperText Transfer Protocol) is the protocol used to transfer web pages and other web content between a browser and a server. It defines how messages are formatted and transmitted over the Internet.

Whenever you open a website, a simple process happens:

The browser sends an HTTP request, and the server sends an HTTP response.

What an HTTP Request Contains

An HTTP request is sent from the client (browser) to the server. It typically includes:

  • Method (such as GET, POST, etc.)

  • URL (the address of the resource)

  • Headers (extra information about the request)

  • Sometimes data, such as form information

What an HTTP Response Contains

An HTTP response is sent from the server back to the client. It includes:

  • Status code

  • Headers

  • The requested data (HTML page, image, file, etc.)

What Are HTTP Status Codes?

HTTP status codes tell us what happened to our request. They are three-digit numbers divided into five categories.

1xx — Informational Codes

These indicate that the request has been received and the process is continuing.

  • 100 Continue — Server received headers, send body

  • 101 Switching Protocols — Protocol change, such as HTTP to WebSocket

These are rarely seen by normal users.

2xx — Success Codes

These mean the request was successfully received and processed.

  • 200 OK — Everything worked

  • 201 Created — A new resource was created (usually after POST)

  • 204 No Content — Success but no data returned

For example, when a website loads normally, the server returns 200 OK.

3xx — Redirection Codes

These indicate that the resource has moved to another location.

  • 301 Moved Permanently — URL changed permanently

  • 302 Found — Temporary redirect

  • 304 Not Modified — Use cached version

A common example is redirecting from HTTP to HTTPS.

4xx — Client Error Codes

These show that the problem is on the client (user) side.

  • 400 Bad Request — Invalid request

  • 401 Unauthorized — Login required

  • 403 Forbidden — No permission

  • 404 Not Found — Page does not exist

  • 405 Method Not Allowed — Wrong method used

Typing the wrong URL often results in 404 Not Found.

5xx — Server Error Codes

These mean the problem occurred on the server side.

  • 500 Internal Server Error — Server crash or bug

  • 502 Bad Gateway — Server received a bad response

  • 503 Service Unavailable — Server overloaded or down

  • 504 Gateway Timeout — Server took too long to respond

If a website is down, you may see 503 Service Unavailable.

Easy Way to Remember Status Code Categories

1xx — Information
2xx — Success
3xx — Redirection
4xx — Client mistake
5xx — Server mistake

Real Example Flow

When you open a website, the browser sends a GET request. The server processes it and returns 200 OK if successful.

If the page has moved, the server might return 301. If the page does not exist, it returns 404. If the server fails internally, it returns 500.

Why HTTP Status Codes Matter

HTTP status codes are important for debugging websites, DevOps monitoring, API development, security testing, and search engine optimization (SEO), since search engines check these codes to understand website health.

What Are Cookies in Web?

A cookie is a small piece of data that a website stores in your browser. Cookies help websites remember information about you so that your experience feels continuous.

Without cookies, every page load would feel like you are a completely new visitor.

Why Cookies Are Needed

Websites use cookies for many purposes, including:

  • Keeping users logged in

  • Remembering preferences such as language or theme

  • Storing shopping cart items

  • Tracking user activity

Cookies make modern web applications interactive and personalized.

How Cookies Work

The process of using cookies is simple:

First, you visit a website.
The server sends a Set-Cookie header in its response.
Your browser stores the cookie.
On every future request to that website, the browser automatically sends the cookie back.

This allows the server to recognize your browser.

First-Party vs Third-Party Cookies

Cookies are mainly divided into two types.

First-Party Cookies

These cookies are set by the website you are currently visiting.

For example, if you visit amazon.com, Amazon stores the cookie.

They are used for login sessions, shopping carts, and user preferences. First-party cookies are mostly useful and necessary for proper website functionality.

Third-Party Cookies

These cookies are set by a domain different from the website you are visiting.

For example, if you visit a news website that loads an advertisement from adnetwork.com, that ad network can set its own cookie. This allows the ad company to track your activity across multiple websites.

Third-party cookies are commonly used for advertising, user behavior tracking, analytics, and social media integrations.

Why Third-Party Cookies Are Controversial

Third-party cookies raise privacy concerns because they can track users across different websites and build detailed behavior profiles.

Due to these concerns, many browsers block third-party cookies by default, and regulations such as GDPR place restrictions on their use.

Cookies can introduce security risks if not handled properly.

Session hijacking can occur if an attacker steals a login cookie. Cross-site scripting (XSS) attacks may allow malicious scripts to read cookies. Cross-site request forgery (CSRF) can lead to unauthorized actions.

To reduce risks, cookies often use security attributes such as Secure, HttpOnly, and SameSite.

Simple Example

When you log into Netflix:

The login process uses a session cookie.
Your language preference may be stored in a persistent cookie.
Advertisements may involve third-party cookies.

How Email Works

Sending an email is similar to sending a digital letter. However, instead of physical post offices, email communication depends on mail servers and specific network protocols to deliver messages across the Internet.

Whenever you send or receive an email, multiple systems work together in the background to ensure the message reaches the correct person.

Main Components of Email

Email communication relies on three main components.

A mail client is the application used to write and read emails, such as Gmail or Outlook. A mail server stores and forwards emails between users. Protocols are the rules that define how emails are sent and received.

Important Email Protocols

Different protocols handle different parts of email communication.

SMTP (Simple Mail Transfer Protocol) is responsible for sending emails.
POP3 (Post Office Protocol Version 3) is used for receiving emails by downloading them to a device.
IMAP (Internet Message Access Protocol) is used for receiving emails while keeping them synchronized across devices.

Step-by-Step: How an Email Travels

When you send an email to a friend, a series of steps occur.

First, you write the email using a mail client like Gmail or Outlook. When you press Send, the message is passed to an SMTP server.

SMTP, which stands for Simple Mail Transfer Protocol, handles the sending process. It transfers the email from your device to your mail server and then from your mail server to the recipient’s mail server. This works similarly to a post office sending a letter to another post office.

Once the email reaches the recipient’s mail server, it is stored there until the recipient checks their inbox.

When the recipient opens their email application, the message is retrieved using either POP3 or IMAP.

POP3 downloads the email to the user’s device and usually removes it from the server. Emails are stored locally, making it possible to read them offline. However, this method is not suitable when accessing email from multiple devices.

IMAP, on the other hand, keeps emails stored on the server and synchronizes them across devices. Users can access their email from a phone, laptop, or tablet, and any changes appear everywhere. Modern email systems commonly use IMAP.

Full Email Flow

The overall journey of an email looks like this:

Sender client → SMTP → Sender mail server → SMTP → Receiver mail server → POP3 or IMAP → Receiver

client

Port Numbers Used in Email

Each email protocol uses specific port numbers.

SMTP typically uses ports 25 or 587.
POP3 uses port 110.
IMAP uses port 143.
Secure SMTP uses port 465.
Secure POP3 uses port 995.
Secure IMAP uses port 993.

Email Security

Modern email communication includes security measures such as SSL/TLS encryption, spam filters, and SMTP authentication to protect users from attacks and unwanted emails.

Difference Between POP3 and IMAP

POP3 stores emails on the local device, does not support multi-device access, and does not synchronize changes. Internet access is mainly required only to download messages.

IMAP stores emails on the server, supports access from multiple devices, synchronizes changes across devices, and requires an Internet connection to view messages.

Easy Way to Remember

SMTP is used to send mail.
POP3 works like a post office, downloading mail.
IMAP provides Internet mail access with synchronization across devices.

What is DNS?

DNS (Domain Name System) is the system that converts human-readable domain names into IP addresses. While humans prefer easy-to-remember names like google.com, computers communicate using numerical IP addresses such as 142.250.190.14.

DNS acts like the phonebook of the Internet, matching names with numbers so devices can find each other.

Why DNS is Needed

It is nearly impossible for people to remember thousands of IP addresses. DNS solves this problem by translating domain names into IP addresses.

For example, when you type www.youtube.com, DNS converts it into an IP address such as 142.250.x.x. Without DNS, you would have to enter IP addresses manually for every website you visit.

How DNS Works

When you open a website like www.instagram.com, several steps happen in the background.

First, the browser checks its own cache to see if it already knows the IP address. It also checks the operating system’s cache. If the address is not found, the process continues.

Your request is then sent to a DNS resolver, which is usually provided by your Internet Service Provider. The resolver’s job is to find the correct IP address.

The resolver asks a Root DNS server for help. The root server does not know the exact address but directs the resolver to the correct Top Level Domain (TLD) server, such as the server responsible for .com domains.

The resolver then contacts the TLD server, which points it to the authoritative name server for the specific domain, such as instagram.com.

The authoritative server holds the actual mapping and responds with the final IP address, for example 157.240.x.x.

Finally, the browser uses that IP address to connect to the website’s server.

Types of DNS Servers

Different DNS servers play different roles in this system.

A resolver finds the answer for the user.
A root server sits at the top of the DNS hierarchy.
A TLD server manages domain extensions such as .com, .org, and .net.
An authoritative server stores the actual IP address mappings.

Common DNS Record Types

DNS uses different types of records to store information.

An A record maps a domain to an IPv4 address.
An AAAA record maps a domain to an IPv6 address.
A CNAME record acts as an alias for another domain.
An MX record specifies mail servers.
An NS record identifies name servers.
A TXT record stores text data such as SPF records or verification information.

Transport Layer

The Transport Layer is responsible for end-to-end communication between two devices. Its main job is to ensure that data moves safely and correctly from one application on a device to another application on a different device.

This layer does not just send data between computers — it sends data between applications, such as from your browser to a web server or from your email app to a mail server.

The two main protocols used in this layer are:

  • TCP (Transmission Control Protocol) – Reliable communication

  • UDP (User Datagram Protocol) – Fast but unreliable communication

Understanding the Transport Layer with a Real-Life Example

Imagine you are in India and your friend is in the USA. You want to send a box to them.

Before sending the box, you:

  • Write your friend’s name

  • Add contact details

  • Seal the package properly

  • Ask for tracking

This preparation and responsibility for safe delivery is similar to what the Transport Layer does for data.

What the Transport Layer Does

Real-Life Courier ActionTransport Layer Concept
Writing friend’s namePort number (identifies application)
Tracking numberSequence number
Splitting big box into smaller parcelsSegmentation
Delivery confirmationAcknowledgement (ACK)
Lost parcel resentRetransmission
Fast delivery without guaranteeUDP
Safe insured deliveryTCP

The transport layer is responsible for communication between sender and receiver, not for choosing the road or path (that is the Network Layer).

It ensures:

  • Data reaches the correct application

  • Data arrives in the correct order

  • Errors are detected and fixed

  • Lost data is resent

TCP vs UDP (Using Courier Analogy)

TCP – Safe Courier Service

TCP provides reliable communication.

  • Delivery confirmation

  • Tracking available

  • Lost data is resent

  • Data arrives in order

Used for websites, email, banking, and file downloads.

UDP – Fast Delivery Service

UDP focuses on speed.

  • No confirmation

  • No tracking

  • Data may be lost

  • Faster transmission

Used for video calls, online games, and streaming.

Relationship with the Network Layer

Once the parcel is handed to the courier, it travels through hubs, airports, and different routes. This path-finding job is handled by the Network Layer.

But making sure the parcel reaches your friend correctly and safely is still the Transport Layer’s responsibility.

Important Technical Features of the Transport Layer

FeatureRole
End-to-end communicationYes
Uses port numbersYes
Error detectionYes (in TCP)
Flow controlYes
ReliabilityTCP only

What is a Socket?

A socket is a communication endpoint used by applications to send and receive data.

In simple terms:

Socket = IP Address + Port Number

Example:
192.168.1.10 : 443

This identifies a specific application on a device.

Why Sockets Are Needed

A computer runs many applications at the same time, such as a browser, email app, messaging app, and games. All of them use the network.

Sockets help the system know:

  • Which application is sending data

  • Which application should receive the data

Without sockets, data would not know where to go inside the device.

Full Network Connection

A complete network connection is identified using four values:

  • Source IP

  • Source Port

  • Destination IP

  • Destination Port

This is called a socket pair.

FieldValue (Example)
Source IP192.168.1.5
Source Port50521
Destination IP142.250.x.x
Destination Port443

What Are Timers in Networking?

A timer is a countdown mechanism used to track time events in communication.

Timers help protocols:

  • Detect lost data

  • Control retransmissions

  • Manage connections

  • Avoid network congestion

Without timers, systems could wait forever for a response.

Timer Example (Courier)

If you send a parcel and say, “If it does not reach in 5 days, I will resend,” that waiting time is like a timer in networking.

Where Timers Are Used Most

Timers are heavily used in TCP, because TCP provides reliable communication and must track whether data reaches its destination.

Why Timers Are Important

ProblemWithout Timer
Lost packetData never resent
Dead connectionConnection stays forever
Network congestionGets worse
Connection errorsNot detected

Timers help keep communication efficient and safe.

Easy Way to Remember

Timers in TCP help to: Resend, Check, Keep alive, and Clean up

What is UDP?

UDP (User Datagram Protocol) is a Transport Layer protocol designed to send data quickly without providing reliability guarantees.

You can think of it like this:

  • TCP = Careful and safe

  • UDP = Fast and simple

UDP focuses on speed. To achieve that speed, it skips many safety features.

UDP does not:

  • Check whether data reached the destination

  • Resend lost data

  • Maintain a connection

  • Ensure packets arrive in order

Because it avoids all of this extra work, UDP is very fast.

Real-Life Example of UDP

Imagine sending a postcard instead of using a registered courier service.

You drop it into a mailbox. There is no tracking, no confirmation, and no guarantee that it will arrive. It might reach the destination, or it might not.

That is exactly how UDP works — send and forget.

Where UDP is Used

UDP is chosen when speed matters more than perfect delivery.

Use CaseWhy UDP is Used
Video streamingSmall data loss is acceptable
Online gamingVery low delay needed
Voice callsReal-time communication
DNS queriesFast request and response

In these applications, waiting to fix lost data would cause more problems than simply moving on.

How UDP Works

UDP is a connectionless protocol. This means there is no setup process before sending data.

There is:

  • No handshake

  • No session creation

  • No verification

The process is simple:

Sender → Sends packet → Receiver

That’s all.

What is a UDP Packet?

A UDP packet is called a datagram. It consists of:

Header + Data

The UDP header is very small — only 8 bytes — which is one reason UDP is fast.

UDP Header Structure

FieldSizePurpose
Source Port16 bitsSending application
Destination Port16 bitsReceiving application
Length16 bitsTotal size of packet
Checksum16 bitsError checking

Explanation of UDP Header Fields

Source Port identifies which application sent the data.
Destination Port identifies which application should receive it.
Length tells the size of the header plus data.
Checksum provides a basic error check (optional in IPv4, mandatory in IPv6).

Why UDP is Faster than TCP

FeatureTCPUDP
Connection setupYesNo
AcknowledgmentYesNo
Error recoveryYesNo
Header sizeLargerSmaller
SpeedSlowerFaster

Less work means more speed.

Problems with UDP

Because UDP skips reliability features, it has some drawbacks.

IssueCause
Packet lossNo retransmission
Out-of-order deliveryNo sequencing
Network overloadNo congestion control

Applications using UDP must handle these problems themselves.

What is TCP?

TCP (Transmission Control Protocol) is a connection-oriented, reliable, and full-duplex protocol.

Unlike UDP, TCP ensures safe and ordered delivery of data.

What Does Full Duplex Mean?

Full duplex means data can travel in both directions at the same time.

A good example is a phone call. Both people can speak and listen simultaneously.

TCP works the same way.

TCP Connection Structure

After a TCP connection is established, two data streams exist:

  • Client → Server

  • Server → Client

Each direction works independently.

Independent Sequence Numbers

TCP keeps separate sequence numbers for each direction, allowing proper tracking of data flow.

Separate Buffers

Both devices maintain send and receive buffers, enabling simultaneous sending and receiving.

Example: Loading a Website

When you open a webpage:

  • Your browser sends an HTTP request to the server

  • The server sends webpage data back

At the same time, your browser continues sending acknowledgments. Both directions operate together.

TCP is Not Half Duplex

TypeMeaning
Half DuplexOne direction at a time (walkie-talkie)
Full DuplexBoth directions simultaneously (phone call)

TCP is full duplex.

What is TCP 3-Way Handshake?

The TCP 3-Way Handshake is the process TCP uses to establish a reliable connection between two devices before any data transfer begins.

Before communication starts, both sides must confirm:

“I am ready to communicate.”

This confirmation happens in three steps, which is why it is called a 3-way handshake.

Real-Life Example (Phone Call)

Imagine calling your friend:

  1. You say, “Hello, can you hear me?”

  2. Your friend replies, “Yes, I can hear you.”

  3. You confirm, “Great, let’s talk.”

Only after this exchange does the conversation begin.

TCP connection setup works in a similar way.

Networking Example

Suppose you open www.google.com in your browser.

  • Your computer = Client

  • Google’s system = Server

Before the webpage loads, a TCP connection must be created using the 3-way handshake.

Step-by-Step TCP 3-Way Handshake

Step 1 — SYN (Synchronize)

Client → Server

The client sends a packet with:

  • SYN = 1

  • Sequence number = x

This means:
“I want to start communication.”

The sequence number x is the starting number used to track data packets.

Step 2 — SYN-ACK

Server → Client

The server replies with:

  • SYN = 1

  • ACK = 1

  • Sequence number = y

  • Acknowledgment number = x + 1

This means:
“I received your request, and I’m ready too.”

Step 3 — ACK

Client → Server

The client sends:

  • ACK = 1

  • Acknowledgment number = y + 1

This means:
“I received your response. Let’s begin communication.”

After the Handshake

Once these three steps are completed:

✅ Connection is established
✅ Both sides are synchronized
✅ Data transfer can now begin

Visual Diagram

Client                    Server
  | ---- SYN (Seq=x) ----> |
  | <--- SYN-ACK (y,x+1) --|
  | ---- ACK (y+1) ------> |
Connection Established

Why Are There Three Steps?

StepPurpose
SYNClient requests connection
SYN-ACKServer agrees and responds
ACKClient confirms

These steps ensure:

  • Both sides are ready

  • Sequence numbers are synchronized

  • Reliable communication is established

What Happens if Handshake Fails?

If a response is not received:

  • A timer expires

  • The SYN packet is sent again

  • If there is still no reply, the connection attempt fails

Where TCP Handshake is Used

The 3-way handshake happens every time you:

  • Open a website

  • Download a file

  • Send an email

  • Connect to any server

It is the first step before data transmission begins.

One-Line Summary

The TCP 3-Way Handshake is the process that establishes a reliable connection between a client and a server before any data is exchanged.

Network Layer (Layer 3)

The Network Layer is responsible for moving data from one network to another. It ensures that packets travel from the source device to the destination device, even if they are in different networks across the world.

Its main responsibilities are:

  • Logical addressing using IP addresses

  • Path selection (routing)

  • Packet forwarding

In simple words, the network layer’s job is:

Move packets from the source network to the destination network.

Hop-by-Hop Delivery

Data does not travel directly from your device to the final destination in a single step. Instead, it moves through multiple routers. Each movement from one router to the next is called a hop.

For example:

Your Laptop → Router A → Router B → Router C → Server

At every hop, the router performs the following actions:

  1. Receives the packet

  2. Checks the destination IP address

  3. Decides the next router (next hop)

  4. Forwards the packet

This process is called hop-by-hop forwarding. The network layer works at every hop along the path.

Routing Table

A routing table is a list of routes stored inside a router. It tells the router where to send packets to reach a specific network.

In simple terms, it answers:
“To reach this network, which router should I send the packet to next?”

Example routing table entry:

Destination NetworkNext HopInterface
192.168.1.0/24DirectEth0
10.0.0.0/8172.16.0.1Eth1

Routing tables are built using:

  • Static routing (manually configured)

  • Dynamic routing protocols such as RIP, OSPF, and BGP

Forwarding Table

The forwarding table is used for the actual movement of packets. It is created from the routing table but optimized for speed.

You can think of it as:

  • Routing table = Planning

  • Forwarding table = Actual packet sending

The forwarding table is also called the FIB (Forwarding Information Base). It contains optimized entries for quick lookups so packets can be forwarded very fast.

Routing Table vs Forwarding Table

FeatureRouting TableForwarding Table
PurposeStores route informationUsed to forward packets
Built byRouting protocolsDerived from routing table
Used byControl planeData plane
SpeedSlowerVery fast

Control Plane

The control plane is the “brain” of the router. It is responsible for decision-making, not actual packet movement.

It:

  • Chooses the best route

  • Decides which path to use

  • Updates the routing table

Routing protocols run in the control plane.

Data Plane

The data plane is responsible for forwarding packets. It uses the forwarding table to send packets to the next hop.

In simple words:

  • Control Plane → Thinks

  • Data Plane → Acts

Static vs Dynamic Routing

FeatureStatic RoutingDynamic Routing
Route creationManualAutomatic
Suitable forSmall networksLarge networks
Adapts to failureNoYes
Resource usageLowHigh
Configuration difficultyEasyComplex

When to Use What?

SituationUse
Home networkStatic routing
Small officeStatic routing
ISP networksDynamic routing
Enterprise networksDynamic routing

In real networks, both static and dynamic routing are often used together.

Full Packet Flow Example

  1. Routing protocols run and build the routing table

  2. The routing table creates the forwarding table

  3. A packet arrives at the router

  4. The router checks the forwarding table

  5. The packet is sent to the next hop

This process repeats until the packet reaches the destination.

One-Line Memory

The Network Layer works hop-by-hop, using routing decisions made in the control plane and fast packet forwarding using the forwarding table in the data plane.

What is Internet Protocol (IP)?

The Internet Protocol (IP) is a protocol that operates at the Network Layer of networking. Its primary job is to deliver packets from one device to another across different networks.

You can think of IP as the postal addressing system of the Internet. Just as every house needs an address to receive mail, every device connected to a network needs an IP address to send and receive data.

What is an IP Packet?

Whenever data is sent over a network, it is wrapped into an IP packet.

Data → Encapsulated into IP Packet → Sent across the network

An IP packet consists of two main parts:

  • Header – contains control information

  • Data – the actual message being sent

The header helps routers understand where the packet came from, where it is going, and how it should be handled.

Structure of an IPv4 Packet

An IPv4 packet has a header with several important fields:

FieldPurpose
VersionIdentifies IP version (IPv4)
Header LengthSize of the header
Total LengthFull packet size
TTL (Time To Live)Limits packet lifetime
ProtocolIdentifies TCP, UDP, etc.
Source IPSender’s address
Destination IPReceiver’s address

IPv4 Address

IPv4 uses a 32-bit address written in decimal form like:

192.168.1.10

Each number represents 8 bits. Since there are four numbers, the total is:

4 parts × 8 bits = 32 bits

Address range:

0.0.0.0 to 255.255.255.255

Total possible IPv4 addresses are about 4.3 billion.

Classes of IPv4 Addresses

Earlier, IP addresses were divided into classes:

ClassRangeUse
A1.0.0.0 – 126.255.255.255Very large networks
B128.0.0.0 – 191.255.255.255Medium networks
C192.0.0.0 – 223.255.255.255Small networks
D224–239Multicast
E240–255Research

Today, we mostly use CIDR (Classless Inter-Domain Routing) instead of strict classes.

Subnetting

A subnet is a smaller network created from a larger network. Subnetting helps in:

  • Better management

  • Reduced network traffic

  • Improved security

Example:
Network: 192.168.1.0/24

It can be split into:

  • 192.168.1.0/26

  • 192.168.1.64/26

  • 192.168.1.128/26

  • 192.168.1.192/26

Subnet Mask

A subnet mask shows which part of the IP address represents the network and which part represents the host.

Example:

IP Address: 192.168.1.10
Subnet Mask: 255.255.255.0

Binary form:

11111111.11111111.11111111.00000000

The first 24 bits are for the network, and the last 8 bits are for hosts. This is written as /24.

Reserved IPv4 Addresses

Some IP addresses are reserved for special purposes:

Address RangeUse
127.0.0.1Loopback (your own device)
0.0.0.0Default/unknown address
255.255.255.255Broadcast
192.168.x.xPrivate network
10.x.x.xPrivate network
172.16–31.x.xPrivate network

Private IP addresses are not used on the public Internet.

Time To Live (TTL)

TTL prevents packets from looping forever in the network. Each router decreases the TTL value by 1.

When TTL reaches 0, the packet is dropped.

Example:

Initial TTL = 64
After passing 10 routers → TTL = 54

IPv6

IPv6 was introduced because IPv4 addresses became insufficient.

IPv6 uses 128-bit addresses, written in hexadecimal:

2001:0db8:85a3:0000:0000:8a2e:0370:7334

It provides an extremely large number of addresses.

IPv6 Header Structure

The IPv6 header is simpler than IPv4:

FieldPurpose
VersionIP version (6)
Traffic ClassPriority of traffic
Flow LabelIdentifies special flows
Payload LengthSize of data
Next HeaderTCP/UDP indicator
Hop LimitSame as TTL
Source AddressSender
Destination AddressReceiver

IPv4 vs IPv6

FeatureIPv4IPv6
Address Size32-bit128-bit
FormatDecimalHexadecimal
SecurityOptionalIPSec support
BroadcastSupportedNo broadcast
Address CountLimitedExtremely large

Packet Flow Summary

  1. Application creates data

  2. Transport layer adds TCP or UDP header

  3. Network layer adds IP header

  4. Packet moves from router to router

  5. TTL reduces at each hop

  6. Packet reaches the destination

Final One-Line Memory

The Internet Protocol gives every device a unique address and moves packets across networks using IPv4 or IPv6, supported by routing, subnetting, and TTL control.

What Are Middleboxes?

Middleboxes are network devices placed between the sender and the receiver that inspect, modify, or control network traffic. Unlike regular routers, which simply forward packets toward their destination, middleboxes actively manage or interfere with traffic for various purposes.

A simple path might look like this:

You → Middlebox → Internet → Middlebox → Server

Simple Definition

A middlebox is any network device that performs functions beyond basic packet forwarding.

Why Middleboxes Are Needed

Modern networks are complex, and simple routing is not enough. Middleboxes are used to provide:

  • Security

  • Performance optimization

  • Traffic control

  • Monitoring and analysis

They help protect networks, manage traffic flow, and improve service quality.

Types of Middleboxes

Firewall

A firewall controls traffic based on predefined rules. It decides which packets are allowed and which are blocked.

For example, a firewall may block malicious traffic while allowing normal web traffic on ports 80 and 443.

NAT (Network Address Translation)

NAT changes private IP addresses into public IP addresses so devices in a local network can access the Internet.

Example:

192.168.1.10 → 49.204.12.5

NAT is commonly used in home routers.

How Middleboxes Work

Unlike routers, middleboxes can:

  • Open and inspect packets

  • Read data content

  • Modify headers

  • Drop unwanted packets

  • Delay or shape traffic

They may operate at multiple layers, including:

  • Network Layer

  • Transport Layer

  • Application Layer

Problems Caused by Middleboxes

The Internet was originally designed for direct end-to-end communication between devices. Middleboxes change this model.

Because they inspect and sometimes modify packets, they can:

  • Interfere with new protocols

  • Block unknown traffic types

  • Break certain end-to-end features

This is one reason why deploying new Internet technologies can be challenging.

Real-Life Example

When you open a website, your data may pass through several middleboxes:

You → Home Router (NAT) → ISP Firewall → Load Balancer → Server

Your traffic is managed multiple times before reaching the final server.

Router vs Middlebox

RouterMiddlebox
Only forwards packetsInspects and modifies traffic
Works mainly at Network LayerWorks at multiple layers
Simple behaviorPerforms intelligent processing

Final Memory Line

Middleboxes are network devices placed between sender and receiver that inspect, modify, secure, or manage traffic rather than simply forwarding it.

What is NAT?

NAT (Network Address Translation) is a technique used in networking to allow devices with private IP addresses to access the Internet using a public IP address.

Private IP addresses cannot travel across the public Internet, and public IP addresses are limited in number. NAT solves this problem by translating private addresses into a public one.

Simple Definition

NAT is a process where a router rewrites IP addresses in network packets.

Why NAT Is Needed

Inside a home or office network, multiple devices use private IP addresses such as:

  • Laptop → 192.168.1.10

  • Phone → 192.168.1.20

  • TV → 192.168.1.30

However, the Internet Service Provider (ISP) usually provides only one public IP address, for example:

49.204.12.5

NAT allows all internal devices to share that single public IP address when communicating with the Internet.

Step-by-Step Example of NAT in Action

Suppose you open a website like google.com from your laptop.

Step 1 — Inside the Local Network

The packet created by your laptop has:

  • Source IP: 192.168.1.10

  • Destination IP: Google’s server address

The router receives this packet.

Step 2 — NAT Translation

The router performs NAT by changing:

192.168.1.10 → 49.204.12.5

It also changes the source port number to uniquely track the connection. This information is stored in a NAT table.

Example NAT table entry:

Private IPPrivate PortPublic IPPublic Port
192.168.1.105151549.204.12.540001

Step 3 — On the Internet Side

Google’s server sees the request as coming from:

49.204.12.5:40001

It sends the reply to that address and port.

Step 4 — Reverse NAT

When the reply reaches the router, it checks the NAT table and translates the packet back to:

192.168.1.10

The response is then delivered to your laptop.

What NAT Modifies

NAT changes:

  • Source IP address

  • Source port number (in Port Address Translation, or PAT)

NAT and Internet Design

The original Internet design was based on direct communication:

Device A ↔ Device B

With NAT, communication becomes:

Device A → NAT → Internet → NAT → Device B

Devices behind NAT are not directly reachable from the Internet without special configuration such as port forwarding.

Advantages of NAT

  • Saves public IP addresses

  • Hides the internal network structure

  • Provides basic security

  • Makes home networking simple

Disadvantages of NAT

  • Breaks true end-to-end connectivity

  • Can cause issues for VoIP, gaming, and peer-to-peer applications

  • May require port forwarding or special protocols

Router vs NAT

RouterNAT
Forwards packetsModifies packets
Uses IP headers to routeRewrites IP addresses and ports

What is DHCP?

DHCP (Dynamic Host Configuration Protocol) is a network protocol that automatically provides devices with the settings they need to connect to a network.

These settings include:

  • IP address

  • Subnet mask

  • Default gateway

  • DNS server

Because of DHCP, devices can join a network without manual configuration.

Simple Definition

DHCP is a protocol that automatically assigns network settings to devices.

Real-Life Example

When you connect your phone to Wi-Fi, you do not manually type:

  • IP address

  • Subnet mask

  • Gateway address

  • DNS server

All of this is done automatically by DHCP in the background.

Who Are the Players?

RoleDevice
DHCP ClientYour phone or laptop
DHCP ServerRouter or a dedicated server

The client requests network settings, and the server provides them.

How DHCP Works — The DORA Process

DHCP follows a four-step process commonly remembered as DORA.

1. Discover

The client sends a broadcast message asking:

“Is there any DHCP server available?”

This message is sent to the entire network.

2. Offer

The DHCP server replies with an offer that includes:

  • An available IP address

  • Other network settings

It is basically saying, “You can use this IP address.”

3. Request

The client responds to the server:

“I accept this IP address.”

This confirms which offer it chooses.

4. Acknowledge

The server sends a final confirmation message:

“Approved. You can now use this IP address.”

At this point, the device is fully configured and connected to the network.

What Information Does DHCP Provide?

SettingPurpose
IP AddressIdentifies the device on the network
Subnet MaskDefines the network size
Default GatewayAddress of the router to reach other networks
DNS ServerConverts domain names into IP addresses

What Happens Without DHCP?

Without DHCP, you would have to manually configure:

  • IP address

  • Subnet mask

  • Gateway

  • DNS

This is time-consuming and very difficult in large networks with many devices.

What is ARP?

ARP (Address Resolution Protocol) is a protocol used to find the MAC address of a device when only its IP address is known.

This is necessary because:

  • IP addresses work at the Network Layer

  • MAC addresses work at the Data Link Layer

To send data within a local network (LAN), devices must know the destination’s MAC address.

Simple Definition

ARP converts an IP address into a MAC address.

Real-Life Analogy

Think of it like this:

You know your friend’s house address (IP address).
But to deliver a package inside the building, you need the flat number (MAC address).

How ARP Works (Step by Step)

Suppose:

  • Your PC IP address: 192.168.1.10

  • Router IP address: 192.168.1.1

You want to send data to the router.

1. ARP Request (Broadcast)

Your PC sends a broadcast message to all devices on the network:

“Who has IP address 192.168.1.1? Tell me your MAC address.”

Every device in the LAN receives this message.

2. ARP Reply (Unicast)

The router responds directly to your PC:

“I am 192.168.1.1, and my MAC address is AA:BB:CC:DD:EE:FF.”

3. ARP Table Update

Your PC stores this information in its ARP cache (ARP table):

IP AddressMAC Address
192.168.1.1AA:BB:CC:DD:EE:FF

Now your PC can send data to the router using its MAC address.

ARP Packet Fields

FieldPurpose
Sender IPIP address of the device making the request
Sender MACMAC address of the sender
Target IPIP address whose MAC is needed
Target MACUnknown in the request

Where ARP Is Used

ARP is used for:

  • Sending data within a local network (LAN)

  • Sending packets to the default gateway

If the destination device is outside the network, ARP does not find the remote device’s MAC address. Instead, it finds the MAC address of the router.

ARP Cache

ARP results are stored temporarily in the ARP cache.
When an entry expires, the ARP process runs again to refresh the information.

ARP Security Problem

ARP is not secure by design.

ARP Spoofing (or ARP Poisoning) occurs when an attacker sends fake ARP replies to trick devices into sending traffic through the attacker. This allows the attacker to act as a “middleman” and intercept data.

The Data Link Layer is the layer of the OSI model responsible for delivering data from one device to another within the same local network (LAN).

Its main responsibilities include:

  • Delivering data between devices in the same network

  • Using MAC addresses for communication

  • Detecting errors in transmitted data

It works directly below the Network Layer.

Simple Definition

The Data Link Layer sends data between devices on the same local network using MAC addresses.

Data Unit Name

Each layer of the OSI model has its own name for data:

LayerData Name
TransportSegment
NetworkPacket
Data LinkFrame

At the Data Link Layer, data is called a frame.

Structure of a Frame

A frame has three main parts:

| MAC Header | Data | Trailer |

MAC Header Contains:

  • Source MAC address

  • Destination MAC address

Trailer Contains:

  • Error checking value called FCS (Frame Check Sequence)

Real-Life Example

Inside your home network:

Laptop → Switch → Printer

The IP address helps identify which network the device belongs to, but the Data Link Layer uses the MAC address to deliver data to the correct device within that network.

Main Responsibilities

1. Framing

The Data Link Layer wraps a network-layer packet into a frame.

Packet → Frame

2. MAC Addressing

Every network device has a unique MAC address, for example:

00:1A:2B:3C:4D:5E

This address is used for local delivery of data.

3. Error Detection

The frame includes an FCS value.
If an error is detected during transmission, the frame is discarded.

4. Flow Control

Prevents a fast sender from overwhelming a slower receiver.

5. Access Control

Determines which device can use the communication medium.

Example: Ethernet uses CSMA/CD to manage access.

DeviceRole
SwitchUses MAC address table to forward frames
BridgeConnects multiple LAN segments
NIC (Network Interface Card)Hardware that provides MAC address
FeatureData Link LayerNetwork Layer
Address TypeMAC addressIP address
ScopeLocal networkAcross networks
Main DeviceSwitchRouter

Comments

Join the discussion

No comments yet. Be the first to comment.