# Networking

- computer networks are so ubiquitous that they're taken for granted
- we're constantly connected to Internet and use applications that rely on networking
    - email, social media, the Web
- these applications rely on a particular network protocol, but each protocol uses the same general network transport methods
- there are vulnerabilities in the networking protocols themselves and on systems and applications running on the network

## OSI Model
- Open Systems Interconnection model
- governs the language used by systems in the network to talk to each other
- the structure of the language is described in 7 layers by the OSI model
- the conceptual layers make it easier for different network devices (routers, switches, firewalls) and applications (Web, email) to focus on their respective layers and ignore the others

### OSI layers
<img src="./resources/OSIModel.png">

1. **Physical layer** 
    - lowest layer that deals with the physical connection between two points
    - responsible for activating, maintaining, and deactivating these bit-stream communications
    - Ethernet card and cable, WiFi Card belong to this layer
- **Data-link layer**
    - deals with transferring data providing high-level functions (error correction and flow control)
    - provides procedures for activating, maintaining, and deactivating data-link connections
    - ARP (Address Resoultion Protocol) is a common protocol that uses this layer
    - Ehternet switches are network devices that use Layer 2 protocol
- **Network layer**
    - works as the middle ground
    - primarily role is to pass information between the lower and the higher layers
    - provides addressing (IP) and routing between two different networks
    - most routers and layer-3 switches are primarily use this layer
- **Transport layer**
    - provides transparent transfer of data between systems
    - provides reliable data communication, so the higher layers do not have to worry about reliability or cost-effectiveness of data transmission
    - TCP, UDP and ICMP are commonly used protocols of this layer
- **Session layer**
    - responsible for establishing and maintaining connections between network applications
- **Presentation layer**
    - responsible for presenting the data to applications in a syntax or language they understand
    - supports things like encryptiong, data compressions, image file (GIF, JPG) etc.
- **Application layer**
    - the layer users interact with
    - concerned with keeping track of the requirements of the application
    - HTTP, FTP, SMTP, SSH, Telnet are some protocols used in this layer
    
### Packet Encapsulation
- starting from the application layer, the packet wraps the presentation layer around the data, which wraps the session layer, which wraps the transport layer, and so forth
<img src="./resources/PacketEncapsulation.png">

## Sockets
 - standard way to perform network communications through the OS
 - socket API takes care of OSI details
 - in C, sockets behave a lot like files where you use read() and write() to receive and send data
 - /usr/includesys/sockets.h provide a bunch of functions to work with sockets
 - socket(), connect(), bind(), listen(), accept(), send(), recv()
 - we'll use Scapy python library to create packets with various protocol types and send across networks
   
## IP Address
- numerical label assigned to each device connected to a computer network
    - uses Internet Protocol (IP) for routing packets
- two types: IPv4 and IPv6

### IPv4 (version 4)
- uses 32-bit number to represent usually written in 4 quads of decimals : XXX.XXX.XXX.XXX
    - e.g. 192.168.1.1
- most prevalent
- can support upto $2^{32} = 4,294,967,296$ unique addresses
- each decimal number (8-bit value) that can range from 0-255

### IPv6 (version 6)
- uses 64-bit number and the scheme is not quite readable, e.g.: 2001:db8:0:1234:0:567:8:1

### Public addresses
- used by public network and/or devices
- routeable over the Internet, publicly accessible unless behind firewall

### Private addresses
- reserved for internal or private networks to communiate with each other
- private IP addresses do not have to unique across networks allowing for IPv4 addresses to not completely deplet
- private networks use Network Address Translation (NAT) technique to connect private networks to the the Internet
    - Edge router/gateway/proxy server usually does the NAT to route packets from systems in private network to the Internet and vice versa

#### private addresses
| Name | CIDR block | Address Range | Number of addresses | Class name |
| --- | --- | --- | --- | --- | 
| 24-bit block | 10.0.0.0/8 | 10.00/0 - 10.255.2555.255 | 16777216	| Single Class A.|
| 20-bit block	| 172.16.0.0/12	| 172.16.0.0 – 172.31.255.255 | 1048576	| Contiguous range of 16 Class B blocks.|
| 16-bit block	| 192.168.0.0/16 | 192.168.0.0 – 192.168.255.255 | 65536 | Contiguous range of 256 Class C blocks.|

- most home routers use 16-bit block
- mid-sized organization typically use 20-bit block
- large institutions like Universities use 24-bit block



.
### References
- https://en.wikipedia.org/wiki/IP_address