## 8. Networking

### Main Concepts

#### Computer network

Communication between two or more network interfaces to exchange data.

**Components**:

* Two or more computers/devices

* Cables as links between the computers or a wireless network

* These links are connected to a network interfacing card (NIC) on each device

* A device from which to create commands or manage the data that is being received

* Switches to connect multiple network interfaces together

* Routers to connect multiple network together

* Software (Operating System) running on the device that can analyse the data

#### How do devices communicate?

Through a common platform where everyone can communicate with each other in the same language (standard): **ISO**

- *Open System Interconnection* (OSI) Model is a 7-layer architecture model developed by ISO in 1984:

1. Physical
2. Data link
3. Network
4. Transport
5. Session
6. Presentation
7. Application

**OSI Model**

The basic elements of the model are: services, protocols and interfaces

- A service is a set of actions that a layer offers to another (higher) layer

- A protocol is a set of rules that a layer uses to exchange information

- An interface is communication between layers.


![](https://images.slideplayer.com/39/10941790/slides/slide_3.jpg)

![](https://www.computernetworkingnotes.org/images/cisco/ccna-study-guide/csg25-02-osi-encapsulation.png)

#### OSI Model Layers

Media Layers (Devices): 

- Physical (Hub)
- Data link (Bridges, Layer 2 Switches)
- Network (Router, Firewall, Layer 3 Switches)

Host Layers (Devices):

- Transport (Gateway)
- Session (Web Server, Mail Server, Browser, Mail Client, etc.)
- Presentation (Web Server, Mail Server, Browser, Mail Client, etc.)
- Application (Web Server, Mail Server, Browser, Mail Client, etc.)

![](https://www.auvik.com/wp-content/uploads/2021/02/network-devices-OSI-model-network-layers.jpg)

![](https://media.fs.com/images/community/upload/kindEditor/202107/29/original-seven-layers-of-osi-model-1627523878-JYjV8oybcC.png)

### Classification of Network by Geography

Actually, the classification is based on the distance between networks:

* LAN: Local Area Network (very close, e.g., in a house or building)

* WAN: Wide Area Network (far away, e.g. global internet)

* MAN: Metropolitan Area Network (e.g., cities, metro train systems)

* CAN: Campus Area Network (e.g., offices -intranet)

* PAN: Personal Area Network (e.g., your bluetooth hotspot)

#### Devices

* Switches: facilitate the sharing of resources by connecting together all the devices, including computers, printers, and servers, in a small business network.

    - Data from computer nodes is sent and received to/from switches

    - Your wi-fi router has switches inside

* Routers: receives and sends data on computer networks. Routers are sometimes confused with network hubs, modems or network switches. However, routers can combine multiple networks together.

* Home network:

![](https://images.edrawsoft.com/articles/8different-home-network-diagram-layouts/5-mesh-network-diagram.png)

### IPv4 Address

`192.168.100.1` -> Binary number of 32 bits

![](https://f4n3x6c5.stackpathcdn.com/article/getting-started-with-vpc-virtual-private-cloud-part2/Images/1.png)

#### IPv4 Range

* From `0.0.0.0` to `255.255.255.255`

(why not 999? -> 255 is the decimal representation of the binary number 11111111)

In binary:

* `00000000.00000000.00000000.00000000` -> (`0.0.0.0`)

* `11111111.11111111.11111111.11111111` -> (`255.255.255.255`)

This entire range is divided into to:

* Public IP: Internet (e.g., `54.86.23.90`)

* Private IP: Local network design (e.g., `192.168.1.10`)

**Private IP Ranges**:

* Class A: from `10.0.0.0` to `10.255.255.255`

* Class B: from `172.16.0.0` to `172.31.255.255`

* Class C: from `192.168.0.0` to `192.168.255.255`

There's also Class D and E (but not used)

### Protocols

In networking and communications, a protocol is the formal specification that defines the procedures that must be followed when transmitting or receiving data.

Protocols define the format, timing, sequence and error checking used on a network.

4th layer (Transport) protocols:

* TCP:

    - Reliable protocol

    - Connection oriented

    - Performs 3-way handshake

    - Provision for error detection and retransmision

    - Most applications use it for reliable and guaranteed transmission

    - 5th layer protocols within this protocol: FTP, HTTP, HTTPS

* UDP:

    - Unreliable protocol

    - Connectionless

    - Much faster than TCP

    - No acknowledgements waits

    - No proper sequencing of data units

    - Suitable for apps, where speed matters more than reliability

    - 5th layer protocols within this protocol: DNS, DHCP, TFTP, ARP, RARP

#### Port Numbers

Think about a food court, where you have multiple stalls:

* Stall 1: Indian food, stall 2: Chinese food, stall 3: Italian, etc...

* These stalls are the port numbers, which serve a specific service (e.g., port 22 serves ssh service)

* One computer with an IP address can be serving multiple services.

![](https://www.networxsecurity.org/fileadmin/_processed_/csm_Port_Number_fee55070a7.png)

![](https://fiberbit.com.tw/wp-content/uploads/2013/12/TCP-IP-model-vs-OSI-model.png)

* So, when a computer which is running, let's say a Tomcat service (a web application services) wants to communicate with a MySQL server to store some data, the Tomcat service will send traffic to the destination *IP address* of MySQL server AND *the port number* to get an assurance that the connection will be reached:

    Source: `192.168.1.2:8080` (Tomcat) -> Dest: `192.168.1.2:3306` (MySQL)

* When you work in a project, you should know **what service is running in which server i.e., the IP address, and in what port number**!

### Network Commands

Suppose two VMs: 

- one running a web application service (`web01`) using IP address 192.168.40.11 and port number 80

- the other one running a database service (`db01`) using IP address 192.168.40.12 and port number 3306

In Linux:

| Command                  | Description                                     |
|--------------------------|-------------------------------------------------|
| `ifconfig`               | Show the active network interfaces: names, IP addresses |
| `ip addr show`           | Used if `ifconfig` is not available             |
| `ping <ipaddr>`          | Used to test connection between to an IP address. Press `ctrl+c` to make it stop or limit it using `-c <number>` option. You can also add the IP address of the target machine in the `/etc/hosts` file: `vi /etc/hosts`. After this, you can use `ping <hostname>` |
| `netstat -antp`          | Show all the TCP open ports with their respective process ID. You may want to know what port a service is using, so you search for the service PID: `ps -ef \| grep <servname>` and then, search the PID using the netstat command: `netstat -antp \| grep <pid>`|
| `ss -tunlp`              | New command for `netstat -antp`                  |
| `nmap <targethost>` (not installed)   | Scan open ports of a target machine. Can be considered illegal when used publicly (on internet). Run `apt\yum install nmap` to install it |
| `telnet <targethost port>`| Similar to `nmap`. Checks the connection to specific ports |
| `dig <webpage/ipaddr>`   | Show records in the DNS server                   |
| `nslookup <webpage/ipaddr`| Older version of `dig`                          |
| `route -n`               | Show gateways for the network interface          |
| `arp`                    | View/add content to the ARP table. Kernels will keep a table of all IP or hostname with their MAC address|
| `mtr <webpage/ipaddr>`   | Similar to `tracert` in Windows. It continuously show the latency of the connections and packet loss|