Essential Concepts in Computer Networking Protocols

Posted on Oct 26, 2025 in Contemporary Music Composition

Network Layer Models: OSI vs. TCP/IP

The networking architecture is often compared using the 7-layer OSI model and the 4-layer TCP/IP model.

  • 7-Layer OSI Model: Application, Presentation, Session, Transport, Network, Data Link, Physical.
  • 4-Layer TCP/IP Model: Application (combines OSI Application, Presentation, Session), Transport, Internet (Network), Link (combines OSI Data Link and Physical).

Core Networking Fundamentals

Data Handling and Addressing

  • Packet Switching: Data is routed individually using routing tables. Packets may take different paths and arrive at the destination at different times, requiring buffering.
  • Statistical Multiplexing: Used for bursty traffic. Multiple data flows share a single channel, resulting in smoother, more efficient utilization.
  • Socket: Defined by the combination of protocol (TCP/UDP), local address, remote address, local port number, and remote port number.

Endianness and Servers

  • Little-Endian: Stores data starting with the least significant byte (e.g., b0, b1, b2, b3).
  • Big-Endian: Stores data starting with the most significant byte (e.g., b3, b2, b1, b0). IP uses Big-Endian (network byte order).
    • htons/l(): Host to Network Short/Long conversion.
    • ntohs/l(): Network to Host Short/Long conversion.
  • Server Operation: Typically uses Passive Open, handles multiple clients, and assigns a unique socket per client connection.
  • Bandwidth: The maximum capacity of a communication channel to carry information.

Physical Layer Encoding and Timing

Data Encoding Schemes

  • Non-Return-to-Zero (NRZ): High voltage = 1, Low voltage = 0.
  • Non-Return-to-Zero Inverted (NRZI): Inverts the signal only upon encountering a 1.
  • Manchester Encoding: Provides clock synchronization.
    • Low-to-High transition = 0.
    • High-to-Low transition = 1.
  • 4B/5B Encoding: Ensures no more than three consecutive zeros are transmitted, aiding synchronization.

Network Delays and Performance Metrics

  • Propagation Delay: Distance divided by the speed of light (or signal speed in the medium). Time taken for the first bit to travel from source to destination.
  • Transmission Delay: Message Size divided by Bandwidth. Time taken to push all bits onto the link.
  • Latency: Total delay calculated as: Propagation Delay + Transmission Delay + Queuing Delay.
  • Round Trip Time (RTT): Approximately twice the one-way latency.
  • Throughput: Total transfer size divided by total transfer time. This is often less than the theoretical bandwidth.

Error Detection Techniques

  • 2D Parity (Row/Column Parity): Adds parity bits for both rows and columns. Parity is 1 for an odd number of ones, and 0 for an even number of ones.
  • Checksum: Calculated using the one’s complement sum of data segments. The checksum field is the one’s complement of this sum (where one’s complement means inverting all bits). Includes handling of carry bits during summation.

Data Link Layer and Ethernet

Address Resolution Protocol (ARP)

ARP Packets: Used for requests and replies to map IP addresses to MAC addresses. IP packets often contain ICMP messages or require checksum verification. An ARP error code 5 (ARP5) might correspond to an ICMP Destination Unreachable message.

Medium Access Control (MAC)

  • Carrier Sense: A station waits until the channel is idle before transmitting.
  • Collision Detection (CSMA/CD): A station listens while transmitting. If a collision is detected, a jam signal is sent to ensure all stations detect the collision.
  • Random Access: Following a collision, stations use an exponential back-off algorithm to determine when to retransmit.

Ethernet Characteristics

Ethernet is connectionless and unreliable. Key components of the Ethernet frame include the Destination/Source Address, Type field (protocol carried), and CRC (Cyclic Redundancy Check) for error detection.

Network Devices and Switching Techniques

Basic Network Devices

  • Repeaters: Simply amplify the signal to extend transmission distance.
  • Hubs: Act as a branch point for connections. They operate in a single collision domain and do not adjust traffic flow.
  • Bridges: Divide a network into segments, each with its own collision domain.
  • Switches: Allow concurrent communication between different pairs of ports by forwarding frames based on MAC addresses.

Switching Modes and Duplexing

  • Dedicated Access: A direct connection from a host to a switch port.
  • Full Duplex: Allows continuous communication in both directions simultaneously, effectively avoiding collisions.
  • Cut-through Switching: Begins transmitting the frame as soon as the destination address is read, minimizing latency.
  • Self-learning (Switches): The process of building a forwarding table by observing source MAC addresses. If an address is unknown, the switch uses flooding (sending the frame out all ports except the ingress port).

Spanning Tree Protocol (STP)

STP prevents loops in bridged networks.

  • STP Messages (BPDUs): Format typically includes (Root ID, Distance to Root, Sender ID). Node X claims Y as the root with distance d. A root bridge initializes its message as (X, 0, X).
  • Robust STP Algorithm: Ensures stability, potentially by resending specific configuration messages (e.g., (1, 0, 1) in some contexts).

Device Comparison Matrix

FeatureHubRouterSwitch
Traffic IsolationNoYesYes
Plug & PlayYesNoYes
Optimal RoutingNoYesNo
Cut-Through SwitchingYesNoYes

Internet Protocol (IP) and Routing

IP Characteristics and Addressing

  • IP Protocol: Connectionless, unreliable, best-effort delivery, uses datagrams.
  • IP Header Size: Typically 20 bytes, up to 60 bytes.
  • Maximum Transmission Unit (MTU): The largest packet size (including header) that can be transmitted. Often 1500 bytes or greater.

IP Addressing Classes (Historical)

The five original IP address classes are defined by the leading bits:

  • Class A: Starts with 0 (First octet range: 1–126).
  • Class B: Starts with 10 (First octet range: 128–191).
  • Class C: Starts with 110 (First octet range: 192–223).
  • Class D (Multicast): Starts with 1110.
  • Class E (Experimental): Starts with 11110.

Subnetting and CIDR

  • Subnetting Example: 128.100.3/24 indicates a network address with a 24-bit subnet mask.
  • Classless Inter-Domain Routing (CIDR): Replaced classful addressing. Allows for flexible subnetting and supernetting (combining multiple networks).

Internet Control Message Protocol (ICMP)

ICMP is used for error reporting and diagnostic functions, such as:

  • Destination Unreachable messages.
  • Time Exceeded messages (due to Time-to-Live, TTL, expiring).

Forwarding and Routing Principles

  • Longest Prefix Matching: The forwarding decision is based on the most specific matching entry in the routing table.
  • Flooding: A naive routing technique where packets are sent out on every interface except the one they arrived on.

Routing Algorithms

Distance Vector Routing (Bellman-Ford)

  • Distributed Bellman-Ford Technique: Maintains a table showing Destination, Cost, and Next Hop. Initial costs are often set to infinity.
  • Counting to Infinity Problem: A major issue where routing loops cause costs to increase indefinitely. Solutions include setting a maximum cost value and implementing split horizon (not sending low-cost routes back to the sender).

Link State Routing (Dijkstra)

  • Dijkstra’s Shortest Path Algorithm: Calculates the shortest path iteratively by selecting the lowest cost path available at each step.

Inter-Domain Routing and AS Relationships

Autonomous System (AS) Relationships

  • Customer-Provider Relationship: The customer is reachable from everyone via the provider, but the customer does not provide transit service for the provider’s other traffic.
  • Peer-to-Peer Relationship: Peers exchange traffic freely between their respective customers and networks, but they do not provide transit service for each other’s external traffic (typically no monetary exchange).

Backbone Networks

Large, high-capacity networks characterized by many Points of Presence (PoPs). They must efficiently handle communication, accommodate traffic demands, and minimize delay.

Routing Policy Constraints

In typical inter-domain routing policies, you should never see:

  • Two peer edges forming a path (violates policy).
  • Transit traffic passing through a customer network.

Gateway Protocols

  • Within an AS: Interior Gateway Protocol (IGP), e.g., OSPF, RIP.
  • Outside/Between ASes: Exterior Gateway Protocol (EGP), primarily Border Gateway Protocol (BGP).

Transport Layer: TCP Flow and Congestion Control

Control Mechanisms

  • Flow Control: Primarily involves managing the receiver’s buffer capacity to prevent buffer overflow.
  • Congestion Control: Aims for overall network control, preventing the network links and routers from becoming overloaded.

TCP Segment Structure

Assuming a standard Ethernet MTU of 1500 bytes:

  • IP Packet Size (MTU): 1500 bytes.
  • TCP Header Size: 20 bytes (minimum).
  • Maximum Segment Size (MSS): 1460 bytes (MTU – IP Header – TCP Header).

TCP Connection Establishment and Retransmission

  • Three-Way Handshake: Uses SYN and SYN ACK segments to establish a connection. Data can sometimes be piggybacked on the SYN ACK segment.
  • Fast Retransmission: The sender retransmits data immediately upon receiving three duplicate acknowledgments (ACKs), without waiting for a timeout.

TCP Congestion Control Algorithms

  • AIMD (Additive Increase, Multiplicative Decrease): The core principle of TCP congestion avoidance. Increases the congestion window linearly upon successful transmission and decreases it exponentially upon loss.
  • Slow Start: A phase used at the beginning of a connection or after a timeout, where the congestion window increases exponentially.

TCP Optimization Techniques

  • Nagle’s Algorithm: Waits until all outstanding packets are acknowledged before sending a new small packet, ensuring at most one small packet is in flight at a time, reducing overhead.
  • Delayed ACK: The receiver waits a short period before sending an acknowledgment, hoping to piggyback the ACK onto an outgoing data segment.

Active Queue Management

  • Random Early Detection (RED): An active queue management technique where, as the queue size increases, the probability of randomly dropping incoming packets increases, signaling congestion early.
  • Explicit Congestion Notification (ECN): Allows routers to mark packets with the ECN bit instead of dropping them, notifying the endpoints of congestion without incurring loss.

Network Infrastructure and Modern Architectures

Middleboxes and Security

Middleboxes are intermediary devices that perform functions beyond simple forwarding, such as NAT, firewalls, and proxies.

  • Network Address Translation (NAT): Maintains a NAT table to rewrite internal IP addresses and port numbers when communicating with the external network. It creates unique entries (IP/Port mappings) for received packets and drops entries after a period of inactivity.
  • Firewall: Isolates the internal network from the Internet. It filters packets based on criteria like IP addresses, port numbers, and protocol types.
  • Telnet Gateway: Restricts Telnet usage, often requiring specific username and password authentication before allowing access.

Software Defined Networking (SDN)

SDN separates the control plane (intelligence/master decision-making) from the data plane (forwarding/caching decisions).

  • SDN Concept: Promotes open-source networking solutions, moving away from closed, proprietary systems.
  • Network OS: A distributed system that creates a consistent, up-to-date view of the entire network state.
  • OpenFlow: An open standard that enables running experimental protocols and centralized control in production networks.

Advanced Network Services

  • Overlay Networks: Implemented using application-level protocols to create new protocols and services on top of the existing network infrastructure.
  • Multicast: The efficient delivery of the same data simultaneously to multiple users.
  • Resilient Overlay Network (RON): An overlay network designed to improve performance and reliability by routing around failures or congestion in the underlying network.