Loading W Code...
Essential protocols for network communication
Network protocols define rules for communication between devices. They operate at different layers of the OSI/TCP-IP model.
Application Layer
HTTP (HyperText Transfer Protocol) is the foundation of web communication. HTTPS adds TLS/SSL encryption. HTTP Methods: - GET: Retrieve data - POST: Submit data - PUT: Update resource - DELETE: Remove resource - PATCH: Partial update Status Codes: - 2xx: Success (200 OK, 201 Created) - 3xx: Redirect (301 Moved, 304 Not Modified) - 4xx: Client Error (400 Bad Request, 404 Not Found) - 5xx: Server Error (500 Internal, 503 Service Unavailable)
// HTTP Request
GET /api/users HTTP/1.1
Host: api.example.com
Authorization: Bearer token123
Accept: application/json
// HTTP Response
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 45
{"id": 1, "name": "John", "email": "john@example.com"}
// HTTPS TLS Handshake
Client → Server: ClientHello (supported ciphers)
Server → Client: ServerHello + Certificate
Client → Server: Key Exchange + ChangeCipherSpec
Server → Client: ChangeCipherSpec + FinishedApplication Layer
DNS (Domain Name System) translates domain names to IP addresses. DNS Record Types: - A: IPv4 address - AAAA: IPv6 address - CNAME: Canonical name (alias) - MX: Mail exchange server - NS: Name server - TXT: Text record (SPF, DKIM) - SOA: Start of Authority DNS Query Types: - Recursive: Client asks resolver to find answer - Iterative: Server refers to other servers
// DNS Resolution Process
1. Browser checks cache
2. OS checks hosts file & cache
3. Query recursive DNS resolver
4. Resolver queries root server (.com)
5. Resolver queries TLD server (example.com)
6. Resolver queries authoritative server
7. Answer returned to client
// DNS Query Example
$ nslookup google.com
Server: 8.8.8.8
Address: 8.8.8.8#53
Name: google.com
Address: 142.250.190.14
// DNS Record Examples
example.com. A 93.184.216.34
www.example.com. CNAME example.com.
example.com. MX 10 mail.example.com.
example.com. TXT "v=spf1 include:_spf.google.com ~all"Application Layer
DHCP (Dynamic Host Configuration Protocol) automatically assigns IP addresses and network configuration. DHCP Process (DORA): 1. Discover: Client broadcasts to find DHCP server 2. Offer: Server offers IP configuration 3. Request: Client requests offered IP 4. Acknowledge: Server confirms assignment DHCP Provides: - IP Address - Subnet Mask - Default Gateway - DNS Servers - Lease Time
// DHCP DORA Process
┌────────┐ ┌────────┐
│ Client │ │ Server │
└───┬────┘ └───┬────┘
│─── DHCP Discover (broadcast) ───>│
│ │
│<──── DHCP Offer (IP offered) ────│
│ │
│──── DHCP Request (accept IP) ───>│
│ │
│<─── DHCP Acknowledge (confirmed) │
│ │
└─── IP Assigned: 192.168.1.100 ───┘
// DHCP Lease Information
IP Address: 192.168.1.100
Subnet Mask: 255.255.255.0
Default Gateway: 192.168.1.1
DNS Servers: 8.8.8.8, 8.8.4.4
Lease Time: 86400 seconds (24 hours)Application Layer
Email Protocols handle sending and receiving emails. SMTP (Simple Mail Transfer Protocol): - Port 25 (unencrypted), 587 (submission), 465 (SSL) - Used for sending emails - Push protocol POP3 (Post Office Protocol v3): - Port 110 (unencrypted), 995 (SSL) - Downloads emails to local device - Typically removes from server IMAP (Internet Message Access Protocol): - Port 143 (unencrypted), 993 (SSL) - Keeps emails on server - Syncs across devices
// Email Flow
┌────────┐ SMTP ┌────────────┐ SMTP ┌────────────┐
│ Sender │ ─────────> │ Sender MTA │ ────────> │ Receiver │
│ (MUA) │ │ (Mail │ │ MTA │
└────────┘ │ Server) │ └─────┬──────┘
└────────────┘ │
POP3/IMAP│
┌────────┐ │
│Receiver│ <────────────────────────────────────────┘
│ (MUA) │
└────────┘
// SMTP Commands
HELO mail.example.com
MAIL FROM:<sender@example.com>
RCPT TO:<receiver@example.com>
DATA
Subject: Test Email
Hello, World!
.
QUIT
// Protocol Comparison
┌──────────┬───────┬──────────────┬─────────────────┐
│ Protocol │ Port │ Direction │ Server Storage │
├──────────┼───────┼──────────────┼─────────────────┤
│ SMTP │ 25 │ Send │ N/A │
│ POP3 │ 110 │ Receive │ Download/Delete │
│ IMAP │ 143 │ Receive │ Keep on Server │
└──────────┴───────┴──────────────┴─────────────────┘Application Layer
FTP (File Transfer Protocol) transfers files between client and server. FTP Modes: - Active Mode: Server connects back to client - Passive Mode: Client initiates both connections FTP Commands: - USER, PASS: Authentication - LIST: Directory listing - GET/RETR: Download file - PUT/STOR: Upload file - QUIT: Close connection SFTP (SSH File Transfer Protocol): - Uses SSH (port 22) for encryption - More secure than FTP
// FTP Connection Modes
Active Mode: Passive Mode:
Client:5000 ─> Server:21 Client:5000 ─> Server:21
Server:20 ─> Client:5001 Client:5001 ─> Server:2000+
// FTP Session Example
$ ftp ftp.example.com
Connected to ftp.example.com.
Name: anonymous
Password: user@email.com
ftp> ls
drwxr-xr-x 2 ftp ftp 4096 Jan 01 pub
ftp> cd pub
ftp> get file.txt
ftp> put upload.txt
ftp> quit
// SFTP vs FTP vs FTPS
┌──────────┬─────────┬─────────────────┬─────────────┐
│ Protocol │ Port │ Encryption │ Firewall │
├──────────┼─────────┼─────────────────┼─────────────┤
│ FTP │ 21 │ None │ Problematic │
│ FTPS │ 990 │ TLS/SSL │ Problematic │
│ SFTP │ 22 │ SSH │ Easy (1 port)│
└──────────┴─────────┴─────────────────┴─────────────┘Application Layer
SSH (Secure Shell) provides encrypted remote access. Telnet is unencrypted (legacy). SSH Features: - Encrypted communication - Public key authentication - Port forwarding/tunneling - SCP/SFTP file transfer SSH Authentication: - Password-based - Key-based (recommended) - Multi-factor Telnet (legacy): - Unencrypted (plaintext) - Should not be used for sensitive systems
// SSH Key Authentication
1. Generate key pair
$ ssh-keygen -t rsa -b 4096
→ Creates: ~/.ssh/id_rsa (private)
~/.ssh/id_rsa.pub (public)
2. Copy public key to server
$ ssh-copy-id user@server
3. Connect
$ ssh user@server
// SSH Port Forwarding
Local Forward: ssh -L 8080:remote:80 user@server
Remote Forward: ssh -R 8080:localhost:80 user@server
Dynamic SOCKS: ssh -D 1080 user@server
// SSH vs Telnet
┌─────────────┬───────────────┬───────────────┐
│ Feature │ SSH │ Telnet │
├─────────────┼───────────────┼───────────────┤
│ Port │ 22 │ 23 │
│ Encryption │ Yes (AES) │ No (plaintext)│
│ Auth │ Password/Keys │ Password only │
│ Security │ High │ Very Low │
│ Use Today │ Yes │ Avoid │
└─────────────┴───────────────┴───────────────┘Transport Layer
TCP (Transmission Control Protocol) provides reliable, ordered delivery. UDP (User Datagram Protocol) provides fast, connectionless delivery. TCP Features: - Connection-oriented (3-way handshake) - Reliable delivery (acknowledgments) - Flow control & congestion control - In-order delivery UDP Features: - Connectionless - No guarantee of delivery - No ordering - Faster, lower overhead
// TCP Header (20-60 bytes)
┌───────────────────┬───────────────────┐
│ Source Port (16) │ Dest Port (16) │
├───────────────────┴───────────────────┤
│ Sequence Number (32) │
├───────────────────────────────────────┤
│ Acknowledgment Number (32) │
├────┬──────┬───────┬───────────────────┤
│Off │Reserv│ Flags │ Window Size (16) │
├────┴──────┴───────┼───────────────────┤
│ Checksum (16) │ Urgent Ptr (16) │
├───────────────────┴───────────────────┤
│ Options (variable) + Padding │
└───────────────────────────────────────┘
// UDP Header (8 bytes only!)
┌───────────────────┬───────────────────┐
│ Source Port (16) │ Dest Port (16) │
├───────────────────┼───────────────────┤
│ Length (16) │ Checksum (16) │
└───────────────────┴───────────────────┘
// When to use TCP vs UDP
TCP: HTTP, HTTPS, FTP, SSH, SMTP, Telnet
UDP: DNS, DHCP, SNMP, VoIP, Gaming, StreamingNetwork/Link Layer
ICMP (Internet Control Message Protocol) is used for network diagnostics and error reporting. ARP (Address Resolution Protocol) maps IP addresses to MAC addresses. ICMP Uses: - ping: Test reachability - traceroute: Path discovery - Error messages (unreachable, TTL exceeded) ARP Process: 1. Check ARP cache 2. Broadcast ARP request 3. Receive ARP reply 4. Update cache
// ICMP - Ping
$ ping 8.8.8.8
PING 8.8.8.8: 64 bytes from 8.8.8.8: icmp_seq=1 ttl=117 time=14.2ms
// ICMP - Traceroute
$ traceroute google.com
1 192.168.1.1 1.234 ms
2 10.0.0.1 5.678 ms
3 172.16.0.1 10.234 ms
4 142.250.x.x 15.678 ms ← google.com
// ICMP Message Types
Type 0: Echo Reply (ping response)
Type 3: Destination Unreachable
Type 8: Echo Request (ping)
Type 11: Time Exceeded (traceroute)
// ARP Request/Reply
ARP Request (Broadcast):
Who has 192.168.1.1? Tell 192.168.1.100
ARP Reply (Unicast):
192.168.1.1 is at AA:BB:CC:DD:EE:FF
// ARP Table
$ arp -a
192.168.1.1 AA:BB:CC:DD:EE:FF dynamic
192.168.1.254 11:22:33:44:55:66 dynamicKnow common port numbers: HTTP(80), HTTPS(443), DNS(53), SSH(22), FTP(21)
Understand DNS resolution process and record types (A, CNAME, MX, TXT)
Know DHCP DORA process: Discover, Offer, Request, Acknowledge
Explain HTTP methods and status codes (2xx, 3xx, 4xx, 5xx)
Compare TCP vs UDP and their use cases