Unlocking the Secrets of Computer Networks: From Physical Links to Application Layers

Fundamental Networking Concepts

Link : Physical connection between nodes (copper, fiber, satellite, etc.).

Node : Device such as a computer, hub, switch, or router.

Protocol : Rules governing communication between peer entities, consisting of syntax (format), semantics (meaning), and timing (order).

Service : Function provided by a lower layer to an upper layer under protocol control.

Entity : Any hardware or software process that can send or receive information.

Peer Entity : Two entities at the same layer that exchange the same PDU.

Layer PDU : Data unit exchanged between peer layers.

Communication Models

Client/Server (C/S): Client knows server address; server provides service.

Browser/Server (B/S): Web server mediates access to databases.

Peer‑to‑Peer (P2P): Each host acts as both client and server.

Network Scope Classification

PAN: ~10 m

LAN: ~1 km

MAN: 5–50 km

WAN: tens to thousands of km

Performance Parameters

Rate (bit/s): Transmission speed.

Bandwidth (bit/s): Maximum data rate a channel can carry.

Throughput (bit/s): Actual data rate achieved.

Delay (s): Time for a bit to travel from source to destination.

Transmission delay = frame length / transmission rate.

Propagation delay = link length / propagation speed.

Processing delay = time routers/switches need to process a frame.

Queueing delay = waiting time in buffers.

Round‑trip time (RTT): Time from sending a packet to receiving its acknowledgment.

Channel utilization: Percentage of time the channel carries data.

Physical Layer

Signal Encoding

NRZ (Non‑Return‑to‑Zero): 1 = high level, 0 = low level.

Manchester: 1 starts high then transitions low; 0 starts low then transitions high.

Factors Influencing Signal Distortion

Transmission rate

Distance

Medium characteristics

Noise and interference

Exceeding the symbol rate causes inter‑symbol interference.

Transmission Media

Twisted Pair : Four twisted pairs (8 wires). Can be shielded (STP) or unshielded (UTP). Straight‑through cables use identical T568A/B wiring; crossover cables use opposite wiring.

Coaxial Cable : 50 Ω for LAN/digital, 75 Ω for cable TV/analog.

Fiber Optic : Core (high‑index) + cladding (low‑index). Multi‑mode for short distances (LED source); single‑mode for long distances (laser source).

Wireless : Radio propagation.

Multiplexing Techniques

Frequency Division Multiplexing (FDM) : Each user receives a fixed frequency band for the entire session.

Time Division Multiplexing (TDM) : Time is divided into equal slots; each user transmits in its assigned slot.

Statistical TDM (STDM) : Slots are allocated dynamically based on demand.

Wavelength Division Multiplexing (WDM) : Multiple optical carriers share a single fiber.

Code Division Multiple Access (CDMA) : Orthogonal codes allow simultaneous use of the same frequency.

Broadband Access Technologies

ADSL : Uses existing telephone lines; employs FDM.

HFC : Cable‑TV network; uses FDM; coaxial cable connects to set‑top box and modem.

FTTx : FTTH (fiber to home), FTTB (fiber to building), FTTC (fiber to curb) – fiber reaches premises or a distribution point.

Data Link Layer

Role and Key Issues

Link: Physical segment between adjacent nodes.

Data link = link + protocol.

Required on hosts, switches, and routers.

Functions: framing, transparent transmission, error detection (CRC).

PPP over Point‑to‑Point Links

Typical for ISP access.

PPP Frame Format :

+----+----+----+----------+----------+----+
|Flag| Addr| Ctrl| Protocol |  Data   |FCS |
+----+----+----+----------+----------+----+

Flag (0x7E) delimits start/end. Address and Control fields are usually constant. Protocol field identifies payload type.

Zero‑bit stuffing : Insert a 0 after five consecutive 1s; receiver removes the inserted 0.

Byte stuffing (asynchronous) :

7E → 7D 5E
7D → 7D 5D
03 → 7D 23

CRC error detection : Sender appends CRC remainder; receiver divides by same polynomial and checks for zero remainder.

Broadcast LAN (CSMA/CD)

All stations share a common medium; collisions cause all stations to stop transmitting.

Collision detection time (2τ) for 10 Mbit/s Ethernet = 51.2 µs.

Binary exponential backoff: wait r·2τ where r ∈ [0, 2^k‑1] and k = min(retransmissions, 10).

MAC Frame Types

Unicast : Destination MAC matches receiver.

Broadcast : All stations receive.

Multicast : Subset of stations receive.

Switch vs. Hub

Hub : Physical star, logical bus; single collision domain; no learning.

Switch : Operates at data‑link layer; full‑duplex; learns MAC addresses; each port is a separate collision domain.

Switch Learning Process

Table empty at start.

First frame is flooded; receiving ports record source MAC.

Subsequent frames are forwarded based on table; unknown destinations are flooded.

Entries age out after a timeout.

Spanning‑Tree Protocol (STP) removes loops between switches.

VLAN and STP

VLANs partition a physical LAN into logical segments. STP disables selected links to eliminate loops while preserving physical topology.

Network Layer

Network Devices by Layer

Repeater – Physical layer.

Hub – Physical layer.

Switch – Data‑link layer.

Router – Network layer.

IP Addressing

Class A: 0.0.0.0 – 127.255.255.255

Class B: 128.0.0.0 – 191.255.255.255

Class C: 192.0.0.0 – 223.255.255.255

Class D (multicast): 224.0.0.0 – 239.255.255.255

Class E (experimental): 240.0.0.0 – 255.255.255.255

In the Internet an IP address consists of a network part and a host part . Special addresses include network address (host bits all 0), broadcast address (host bits all 1), loopback (127.x.x.x), link‑local (169.254.x.x), and the all‑ones address (255.255.255.255).

ARP (Address Resolution Protocol)

Maps known IP addresses to MAC addresses. Each host maintains an ARP cache. When a host needs a MAC for a remote IP, it broadcasts an ARP request; the owner replies with an ARP reply.

IP Datagram Structure

Header length (4 bits) = 20 bytes + optional fields (0‑40 bytes).

Total length (16 bits) ≤ MTU.

TTL (8 bits) decrements at each hop.

Protocol field (8 bits) identifies payload (6 = TCP, 17 = UDP, 1 = ICMP, 41 = IPv6).

Header checksum covers only the header.

Fragmentation and Reassembly

MTU limits the maximum payload per link.

If a packet exceeds the MTU, it is fragmented; all fragments share the same Identification field.

Flags: MF (more fragments), DF (don’t fragment).

Fragment offset (13 bits) indicates position in 8‑byte units.

Subnetting and CIDR

Subnet mask has contiguous 1s for network+subnet bits and 0s for host bits. Calculations yield network address, broadcast address, number of subnets, and hosts per subnet.

CIDR notation a.b.c.d/x defines the network prefix and mask. Route aggregation combines contiguous prefixes into a larger supernet using longest‑prefix matching.

ICMP (Internet Control Message Protocol)

Provides error reporting (destination unreachable, time exceeded, parameter problem) and diagnostic messages (echo request/reply – ping, traceroute).

Routing Protocols

Static routes : Manually configured.

RIP (Distance‑Vector): Hop count metric (max 15); updates every 30 s; fast convergence on small networks; suffers count‑to‑infinity.

OSPF (Link‑State): Each router builds a link‑state database and runs Dijkstra’s algorithm to compute shortest‑path trees. Areas limit flooding scope.

BGP (Path‑Vector): Used between autonomous systems; finds a reachable path, not necessarily optimal; exchanges routes over TCP port 179.

MPLS (Multi‑Protocol Label Switching)

At the ingress LSR, each IP packet receives a short label. Forwarding decisions are made by label lookup, enabling fast hardware switching. A Forwarding Equivalence Class (FEC) groups packets that receive the same treatment.

Transport Layer

Purpose

Provides end‑to‑end, process‑to‑process communication, abstracts lower‑layer details, and offers reliability (TCP) or low‑latency best‑effort (UDP).

UDP

Supports unicast, multicast, broadcast.

Connectionless, unreliable.

No flow or congestion control.

TCP

Connection‑oriented, reliable, ordered delivery.

Flow control (receiver window) and congestion control (slow start, congestion avoidance, fast retransmit/recovery).

Three‑way handshake (SYN, SYN‑ACK, ACK) to establish a connection.

Four‑step termination (FIN/ACK exchange).

TCP Header Fields

+-------------------+-------------------+-------------------+-------------------+
| Source Port (16) | Dest Port (16)    | Sequence Number (32)                     |
+-------------------+-------------------+-------------------+-------------------+
| Ack Number (32)   | Data Offset (4)   | Reserved (3)      | Flags (9)          |
+-------------------+-------------------+-------------------+-------------------+
| Window Size (16) | Checksum (16)     | Urgent Pointer (16)                     |
+-------------------+-------------------+-------------------+-------------------+
| Options (if any) ...                                            |
+---------------------------------------------------------------+

Key flags: URG, ACK, PSH, RST, SYN, FIN.

Reliability Mechanisms

Retransmission timeout (RTO = SRTT + 4·RTTVAR).

Fast retransmit after three duplicate ACKs.

Selective acknowledgment (SACK) and cumulative ACK.

Sliding windows for flow control.

Persistent timer to probe a zero‑window receiver.

Congestion Control

Slow start : cwnd doubles each RTT until it reaches ssthresh.

Congestion avoidance : cwnd increases linearly (by one MSS per RTT).

On timeout: ssthresh = cwnd/2, cwnd = 1 MSS.

On three duplicate ACKs: fast recovery (cwnd = ssthresh + 3 MSS).

TCP Connection Management

Three‑way handshake :

Client sends SYN (seq = x).

Server replies SYN‑ACK (seq = y, ack = x+1).

Client sends ACK (ack = y+1).

Four‑step termination :

Client sends FIN (seq = u).

Server replies ACK (ack = u+1) and enters half‑close.

Server later sends its own FIN (seq = w).

Client replies ACK (ack = w+1) and the connection closes.

Application Layer

Domain Name System (DNS)

Maps domain names to IP addresses. Hierarchical servers: root, top‑level, authoritative, and local resolvers. Supports iterative and recursive queries. Caches results to reduce latency.

File Transfer Protocol (FTP)

TCP‑based client/server protocol. Control connection on port 21; data connection on port 20 (active mode) or a client‑chosen port (passive mode). Anonymous FTP allows public access without authentication.

World Wide Web (HTTP)

Stateless request/response protocol. URL identifies the resource. HTTP/1.1 uses persistent connections and pipelining to reduce round‑trips. Cookies store client‑side state for sessions, personalization, and tracking.

Electronic Mail (SMTP, POP3, IMAP, MIME)

SMTP (TCP 25) sends mail; MIME adds support for multimedia content.

POP3 (TCP 110) retrieves mail and typically deletes it from the server.

IMAP (TCP 143) allows server‑side mail management.

Dynamic Host Configuration Protocol (DHCP)

Clients broadcast DHCPDISCOVER; servers reply with DHCPOFFER. The client selects an offer with DHCPREQUEST; the server finalizes with DHCPACK. Lease time governs address validity; clients can renew before 50 % of the lease expires.

Peer‑to‑Peer (P2P) File Distribution

Chunks are exchanged using a tit‑for‑tat strategy: each peer prefers the fastest four uploaders, re‑evaluates every 10 s, and randomly seeds a fifth peer every 30 s to discover new high‑capacity partners.

Network Security

Common Attack Types

Eavesdropping: intercepting traffic.

Tampering: modifying intercepted data.

Malware: viruses, worms, trojans, logic bombs, backdoors.

Denial‑of‑Service (DoS): overwhelming a target with traffic.

Cryptographic Foundations

Symmetric encryption : Same secret key for encryption and decryption.

Public‑key (asymmetric) encryption : Public key encrypts, private key decrypts.

Digital signatures : Provide authentication, integrity, and non‑repudiation.

Key Distribution

Key Distribution Center (KDC) for symmetric keys; Certificate Authority (CA) issues public‑key certificates.

Wireless LAN (WLAN)

WLAN Types

Infrastructure WLAN : Hosts communicate via an Access Point (AP).

Ad‑hoc WLAN : Peer‑to‑peer mesh without an AP.

CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance)

Stations listen; if the channel is idle they wait DIFS then transmit.

Receiver replies after SIFS.

Random backoff timers mitigate hidden‑node and collision problems.

802.11 Frame Format

Frames may contain up to four MAC addresses (receiver, transmitter, destination, source), a Frame Control field, Duration, Sequence Control, and payload. Various management, control, and data subtypes are defined.

Comparative Tables

Address lengths : MAC 6 bytes, IPv4 4 bytes, IPv6 16 bytes, Port 2 bytes.

Header sizes : Ethernet frame 18 bytes, IPv4 20 + options, IPv6 40 bytes.

Checksum methods : CRC for frames, IPv4 header checksum, TCP/UDP pseudo‑header checksum.

Key Command Reference (Windows)

ipconfig : /all, /displaydns, /flushdns, /release, /renew.

ping : -n count, -l size, -t.

tracert : Trace route to a destination.

arp : -a (display), -d (delete), -s (static entry).