Skip to main content
HashnodeAman Pathak

Command Palette

Search for a command to run...

Core Network Components and Operations

Updated
8 min read
A
Aman Vajradev Pathak

I am a Student, who finds beauty in simple things. I like to teach sometimes.

Part of seriesAll about computers

A functional understanding of network fundamentals is essential for anyone working with computer systems. This document details several foundational elements: addressing mechanisms like MAC and IP addresses, the Domain Name System (DNS), methods for network connection, and common utilities for diagnosing connectivity.

Hardware Identification: MAC Addresses

Every network-capable device possesses a Media Access Control (MAC) address. This is a unique identifier assigned to a network interface controller (NIC) by its manufacturer. A MAC address is a 48-bit number, typically represented as six groups of two hexadecimal digits, separated by colons or hyphens (e.g., 00:1A:2B:3C:4D:5E).

The primary function of a MAC address is to facilitate communication between devices on the same local network segment, operating at Layer 2 (Data Link Layer) of the OSI model. When a device sends an Ethernet frame to another device on the same LAN, it uses the destination device's MAC address. Network switches maintain a MAC address table to direct frames only to the port connected to the destination device, rather than broadcasting to all ports. While MAC addresses are intended to be globally unique and permanent, they can sometimes be changed or "spoofed" through software.

Logical Addressing: Internet Protocol Addresses

While MAC addresses operate at the local network level, Internet Protocol (IP) addresses are used for routing data across different networks, functioning at Layer 3 (Network Layer). Unlike MAC addresses, IP addresses are logical and can be assigned statically or dynamically.

IPv4 Addresses

The most widely used version, IPv4, employs a 32-bit address scheme, commonly written as four decimal numbers (octets), each ranging from 0 to 255, separated by periods (e.g., 192.168.1.100). This format provides approximately 4.3times109 unique addresses.

Key aspects of IPv4 include:

  • Public vs. Private IP Addresses: Public IP addresses are globally unique and routable on the internet. Private IP addresses, defined in RFC 1918 (e.g., 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16), are used within private networks and are not routable on the public internet. Network Address Translation (NAT) is commonly used on routers to allow devices with private IPs to share a single public IP address for internet access.

  • Subnet Mask: A subnet mask (e.g., 255.255.255.0) defines the network portion and the host portion of an IP address. It allows a larger network to be divided into smaller subnetworks, improving organization and traffic management. Classless Inter-Domain Routing (CIDR) notation (e.g., /24) is a more flexible way to represent the subnet mask, indicating the number of bits used for the network prefix.

IPv6 Addresses

Due to the exhaustion of available IPv4 addresses, IPv6 was developed. IPv6 uses a 128-bit address, offering a vastly larger address space (2128 addresses). IPv6 addresses are represented as eight groups of four hexadecimal digits, separated by colons (e.g., 2001:0db8:85a3:0000:0000:8a2e:0370:7334).1 Consecutive groups of zeros can be abbreviated using a double colon (::), but this can only be used once in an address. For example, 2001:0db8:0000:0000:0000:0000:1428:57ab can be written as 2001:0db8::1428:57ab.

Network Connection Procedures

Devices connect to networks either through wired (Ethernet/LAN) or wireless (Wi-Fi) means.

  • Wired (LAN/Ethernet) Connections: This involves physically connecting a device to a network switch or router using an Ethernet cable with an RJ45 connector. Once a physical link is established, the device needs an IP address.

  • Wireless (Wi-Fi) Connections: Wi-Fi allows devices to connect to a network wirelessly. This requires a wireless network interface card in the device and a Wireless Access Point (WAP). The process generally involves:

    1. Scanning: The device scans for available Wi-Fi networks (SSIDs - Service Set Identifiers).

    2. Association: The user selects an SSID, and the device requests to associate with the WAP.

    3. Authentication: For secured networks, the device must authenticate, typically by providing a passphrase (e.g., WPA2/WPA3 preshared key).

    4. IP Address Assignment: After successful authentication and association, the device requires an IP address.

  • Dynamic Host Configuration Protocol (DHCP): Most networks use DHCP to automate the assignment of IP addresses and other network configuration parameters like the subnet mask, default gateway IP address, and DNS server IP addresses. The DHCP process typically involves four steps (DORA):

    1. Discover: The client device broadcasts a DHCP Discover message to find a DHCP server.

    2. Offer: DHCP server(s) respond with a DHCP Offer message, proposing an IP address and other parameters.

    3. Request: The client selects an offer and sends a DHCP Request message to the chosen server.

    4. Acknowledge: The DHCP server confirms the assignment with a DHCP Acknowledge message. Alternatively, IP addresses can be configured manually (static IP addressing), but this is less common for client devices.

Resolving Names: The Domain Name System (DNS)

Humans prefer using memorable names (e.g., www.example.com) to access resources on the internet, while computers communicate using IP addresses. The Domain Name System (DNS) is a hierarchical and distributed naming system that translates these human-readable domain names into their corresponding IP addresses.

When you type a URL into your browser:

  1. Your computer first checks its local DNS cache (and possibly the browser's cache) for the IP address.

  2. If not found locally, it queries a configured DNS resolver (usually provided by your ISP or a public DNS service like Google's 8.8.8.8 or Cloudflare's 1.1.1.1).

  3. This resolver then performs a series of queries (which can be recursive or iterative) to authoritative DNS servers, starting from the root DNS servers, then to the Top-Level Domain (TLD) servers (e.g., for .com), and finally to the domain's authoritative name server, which holds the actual IP address record (e.g., an A record for IPv4 or an AAAA record for IPv6).

  4. The resolver returns the IP address to your computer, which can then establish a connection with the server.

Verifying Connectivity and Network Paths

Several command-line utilities are indispensable for checking network configurations and diagnosing connection issues.

ip address (or ip a) on Linux

This command is part of the iproute2 suite and is used to display and manipulate network interfaces, IP addresses, and routes. Running ip a will list all network interfaces on the system along with their configurations.

Key information in the output includes:

  • Interface Name: Logical names for network interfaces (e.g., lo for loopback, eth0 for the first Ethernet interface, wlan0 for a wireless interface).

  • MAC Address: Displayed as link/ether followed by the address.

  • IP Address(es): Shown under inet for IPv4 and inet6 for IPv6, often with the CIDR suffix (e.g., 192.168.1.100/24).

  • Interface State: Indicates if the interface is UP, DOWN, LOWER_UP (physical layer is up), RUNNING etc.

Example snippet of ip a output:

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:1a:2b:3c:4d:5e brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.101/24 brd 192.168.1.255 scope global dynamic noprefixroute eth0
       valid_lft 85988sec preferred_lft 85988sec
    inet6 fe80::21a:2bff:fe3c:4d5e/64 scope link noprefixroute
       valid_lft forever preferred_lft forever

ping

The ping (Packet Internet Groper) utility tests the reachability of a host on an IP network. It sends ICMP (Internet Control Message Protocol)2 Echo Request packets to the specified target host and waits for ICMP Echo Reply packets.

Usage: ping <hostname_or_IP_address>

Interpreting ping output:

  • Replies: Successful replies from the target indicate that it is reachable and responding.

  • Round-Trip Time (RTT): The time= value shows the duration in milliseconds it took for a packet to travel to the target and for the reply to return.

  • Time To Live (TTL): This value indicates the remaining "hops" a packet can make before being discarded. It can sometimes give a clue about the operating system of the target.

  • Packet Loss: If packets are lost, it indicates a problem somewhere along the network path or at the target host.

  • "Request timed out" or "Destination Host Unreachable": These messages suggest connectivity problems. The former means no reply was received within the timeout period. The latter often indicates a routing issue closer to the source, where a router cannot find a path to the destination.

Example of ping output:

PING google.com (142.250.196.142) 56(84) bytes of data.
64 bytes from lhr48s32-in-f14.1e100.net (142.250.196.142): icmp_seq=1 ttl=118 time=12.5 ms
64 bytes from lhr48s32-in-f14.1e100.net (142.250.196.142): icmp_seq=2 ttl=118 time=12.2 ms
--- google.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 12.234/12.369/12.504/0.135 ms

traceroute (or tracert on Windows)

The traceroute utility displays the route (sequence of routers) that packets take to reach a network host. It also measures the transit delays of packets to each intermediate router.

Mechanism: traceroute sends packets (typically UDP on Unix-like systems, ICMP on Windows) towards the destination, starting with a Time To Live (TTL) value of 1. Each router that handles the packet decrements the TTL. When the TTL reaches 0, the router discards the packet and sends an ICMP "Time Exceeded" message back to the source. traceroute uses these messages to identify each router in the path. It then increments the TTL by 1 for subsequent sets of packets to discover the next router in the sequence until the destination is reached or a maximum number of hops is exceeded.

Usage: traceroute <hostname_or_IP_address>

Interpreting traceroute output:

  • Hop Number: The sequence number of the router in the path.

  • Router IP Address/Hostname: The IP address of the router at that hop. If DNS resolution is successful, a hostname may also be shown.

  • Round-Trip Times: Typically, three RTTs are shown for packets sent to that specific hop, indicating latency. Asterisks (* * *) often mean that probes timed out, which could be due to the router not sending ICMP "Time Exceeded" messages or filtering them.

Example of traceroute output (simplified):

traceroute to google.com (142.250.196.142), 30 hops max, 60 byte packets
 1  gateway (192.168.1.1)  0.521 ms  0.480 ms  0.462 ms
 2  isp-router1.example.net (10.0.0.1)  5.123 ms  5.432 ms  5.001 ms
 3  another-router.example.net (172.16.50.5) 10.234 ms * 10.567 ms
 ...
10  lhr48s32-in-f14.1e100.net (142.250.196.142)  12.543 ms  12.321 ms  12.602 ms

A working knowledge of these identifiers, systems, and tools provides a solid base for understanding and troubleshooting network connectivity. They represent the building blocks upon which more complex network interactions are constructed.

Comments

Join the discussion

No comments yet. Be the first to comment.

All about computers

Part 14 of 26

A step-by-step series for absolute beginners to learn how computers work, how to install and use an operating system, and how to start programming.

Up next

Mastering System Internals: Processes, Resources, and Permissions

Understanding and managing a Linux system requires familiarity with its core components: how processes operate, how resources are consumed, and how user privileges are structured. This document provides a technical overview of essential commands and ...

More from this blog

Aman Pathak

58 posts

Things I would speak if the person in front of me is me