Network Fundamentals: Protocols, Addressing, Security

Posted by Anonymous and classified in Computers

Written on in English with a size of 17.78 KB

TCP Reliable Transfer and Connection Management

TCP Reliable Transfer

  1. Sequence Numbers

    • Each byte of data is assigned a sequence number. This number is used by the receiver to correctly order the data and ensure there are no missing segments.

  2. Acknowledgements

    • The receiver sends back an ACK to the sender for the sequence number of the next expected byte. If the sender receives the ACK before its timer expires, it knows everything up to that byte was received correctly.

  3. Retransmission

    • If the ACK is not received before the timer expires, the sender retransmits the data.

TCP Connection Management

Managing a TCP connection begins with a three-way handshake, which establishes a connection before any actual data is transmitted.

Steps in Three-Way Handshake

  1. SYN
    • The client wants to establish a connection and sends a segment with SYN set to 1, and a random sequence number, x.
  2. SYN-ACK
    • The server acknowledges the client's SYN, sends back its own SYN request with a random sequence number, Y, and acknowledges the client's SYN by sending the ACK with the sequence number of the next expected byte.
  3. ACK
    • The client acknowledges the server's SYN by sending ACK set to 1 and the ACK numbers set to Y+1.

Congestion Control

Congestion Window (CWND) is the number of bytes that can be sent without receiving an ACK.

  1. Slow Start

    • Rapidly discovers the network capacity by starting with a small CWND and doubling it each RTT until packet loss occurs or it reaches the SSThresh.

  2. Congestion Avoidance

    • Once CWND meets or exceeds SSThresh or after a packet loss, congestion avoidance increases CWND linearly by 1 MSS per RTT.

  3. Fast Retransmit and Recovery

    • Retransmits a packet upon receiving three duplicate ACKs without waiting for a timeout, and fast recovery reduces CWND to SSThresh plus 3 MSS.

Network Layer, Addressing, and Subnetting

IP Addresses: unique identifier assigned to each device connected to a computer network.

Types of IP Addresses

  1. IPv4

    • The most widely used, which are 32-bit numbers displayed as 4 decimal numbers separated by dots (e.g., 192.168.1.1).

  2. IPv6

    • Newer version, represented by 8 groups of 4 hexadecimal digits separated by colons (e.g., 2001:0db8:85a3:0000:0000:8a2e:0370:7334).

Subnetting: technique used to divide a single IP network into multiple smaller networks.

Why Subnet?

  1. Avoids wasting IP addresses in small networks.
  2. Reduces network traffic.
  3. Limits the broadcast area, improving security by isolating groups of hosts.

Subnet Mask: a 32-bit number that masks an IP address and divides the IP address into network and host parts. Used to determine what subnet an IP address belongs to.

Subnetting Calculation Steps

  1. Convert IP Address and Subnet Mask to Binary.
  2. Calculate Network Address
    • Bitwise AND – leave as 1 if both inputs are 1, otherwise it's 0.
  3. Determine First Host Address
    • One more than the network address.
  4. Calculate Broadcast Address
    • Replace all host bits of the network address (bits that are 0 in the subnet mask) with 1s.
  5. Identify Last Host Address
    • Subtract one from the broadcast address to get the highest usable IP address in the subnet.

Routing

Key Concepts in Routing

  1. Static Routing

    • Routes are manually set up by a network administrator and do not change unless manually updated. Simple but lacks flexibility.

  2. Dynamic Routing

    • Routes are automatically adjusted based on current network conditions. More complex but adapts to changes in the network.

Routing Algorithms

Focus on how routers decide which path is best for sending packets.

  1. Link-State Routing: Uses Dijkstra's Algorithm

    • Each router builds a map of the connectivity to the entire network, independently calculating the best way to route packets.

  2. Distance Vector Routing: Uses Bellman-Ford Algorithm

    • Each router communicates with its neighbors to share its routing table information, and each router independently determines the best path to every node based on this knowledge.

Calculating Routing Algorithms

Calculating Link-State Routing using Dijkstra's Algorithm

  1. Start at the source router (A).
  2. Make a list:
    • Confirmed: Routers with known shortest paths.
    • Tentative: Routers not confirmed yet.
  3. Pick the router in the tentative list with the lowest cost, and move it to confirmed.
  4. Update costs in the table, repeat until all routers are confirmed.

Calculating Distance Vector Routing Using Bellman-Ford Algorithm

Calculates the shortest path to every network by minimizing distance (cost).

Formula:

Dx(y) = minv { c(x,v) + Dv(y) }

  • Dx(y) = cost of the least-cost path from router x to destination y
  • c(x,v) = cost to reach neighbor v
  • Dv(y) = neighbor v’s cost to reach destination y

Link Layer and Error Control

Data Link Layer

  • Is responsible for node-to-node communication. It operates directly above the physical layer and ensures data transferred between two devices on the same network is framed properly, error-checked, and flow controlled.

Framing

  • Putting boundaries around each chunk of data so the receiver knows where a frame starts and where it ends.

Error Detection Techniques

  1. Parity Bit

    • Adds 1 extra bit to the data.
    • If the total number of 1s is incorrect, it knows an error occurred.
    • Can only detect 1-bit errors.

  2. Checksums

    • The sender adds up all the data values and includes that total as a checksum.
    • The receiver does the same and compares. If there's a mismatch, an error is detected.
    • Used in TCP, UDP, IP headers.

  3. CRC (Cyclic Redundancy Check)

    • Treats the data as a binary number and divides it by a fixed generator polynomial.
    • The remainder is added as a trailer to the frame.
    • Receiver does the same division and compares the remainder.
    • Detects burst errors and multiple-bit errors.

Error Detection

  • Notifies the receiver that an error occurred.

Error Correction

  • Not only detects but also fixes the error without retransmission.

Types of Error Correction

  1. Hamming Code

    • Adds redundant bits at calculated positions in the data.
    • It can detect and correct single-bit errors.
    • Each redundant bit checks certain positions using a parity check.
    • If an error is found, Hamming code pinpoints the exact bit that flipped and corrects it.

Flow Control

Flow control prevents the sender from overwhelming the receiver.

Two Main Methods of Flow Control

  1. Stop-and-Wait

    • Sender sends 1 frame, waits for ACK before sending the next.
    • Simple but inefficient – wastes time while waiting.

  2. Sliding Window Protocol

    • Sender can send multiple frames before needing ACKs.
    • Uses a window to control how many unacknowledged frames are in transit.
    • Window Size = N.
    • Sender can send N frames without waiting.
    • As ACKs come in, the window slides forward.
    • Faster and more efficient than stop-and-wait.

MAC Random Access Protocols

MAC Protocol

  • Medium Access Control.
  • Part of the data link layer that decides who gets to use the channel and when.

Types of MAC Protocols

  1. Random Access Protocols

    • Used when multiple devices want to transmit data over a shared channel, but there is no central control.
    • More efficient under light load.
    • It includes:
      1. Pure ALOHA
        • Send immediately when data is ready.
        • Not listening, no time slots.
        • If a collision occurs, wait a random time, then retransmit.
        • Max efficiency: 18% - very high chance of collisions.
      2. Slotted ALOHA
        • Time is divided into slots.
        • Nodes can only transmit at the start of a time slot.
        • If a collision occurs, back off, and try again in a later slot.
        • Max efficiency: 37% - cuts collisions in half compared to Pure ALOHA.
      3. CSMA (Carrier Sense Multiple Access)
        1. CSMA: Higher efficiency than ALOHA
          • Listen before sending.
        2. CSMA/CD: Collision Detection
          • Listen and detect collisions while sending.
          • If a collision happens, abort, send jam signal, retry.
          • Used in Ethernet.
        3. CSMA/CA: Collision Avoidance
          • Listen, avoid collisions using random backoff before sending.
          • Used in Wi-Fi.

  2. Controlled Access Protocols: Scheduled or Coordinated MAC Protocols

    • Nodes take turns using the medium.
    • No collision but more delay and overhead.
    • More efficient under heavy load.
    • It includes:
      1. Polling
        • Central controller asks each device one at a time if it wants to send.
        • If yes – the device sends the data.
        • If no – the controller asks the next device.
        • No collisions – Efficient under light load.
        • Delay if one device talks a lot.
      2. Token Passing
        • A token is passed around all the nodes in a logical ring. Only the node with the token can transmit.
        • After transmitting, passes to the next node.
        • No collisions.
        • Token loss – must regenerate it.

  3. Channelization Protocols

    • Everyone transmits at the same time, using different channels.
    • Include:
      1. FDMA (Frequency Division Multiple Access)
        • Each device is assigned its own frequency.
        • Devices transmit at the same time, but on different frequencies.
        • Used in radio, old analog cellular systems.
      2. TDMA (Time Division Multiple Access)
        • Time is divided into slots and assigned to users.
        • Only one device transmits per time slot.
        • Used in GSM cellular networks.
      3. CDMA (Code Division Multiple Access)
        • Everyone transmits at the same time and on the same frequency, but with a unique code.
        • Receiver decodes only the intended signal using that code.
        • Signals overlap in time and frequency but are separated by code.
        • Used in Modern 3G/4G cellular networks.

Scheduling

  • It is about deciding who gets to send data, and when. Especially in shared medium networks (Wi-Fi, Cellular).

Why is it important?

  1. Avoids collisions.
  2. Ensures fairness.
  3. Helps enforce Quality of Service.

Scheduling Techniques

  1. Round-Robin.
  2. Priority Scheduling.
  3. Real-Time Scheduling.

Scheduling Used in MAC

  1. TDMA.
  2. Polling.

Framing (MAC Level Framing)

  • Packages data into frames so the receiver knows where it starts and ends.
  • Encapsulates the data into a structure with:
    1. Header (MAC Address).
    2. Payload (Actual Data).
    3. Trailer (Error Detection).

MAC Frame Structure

  1. Preamble – Sync bits to align clocks.
  2. Destination Address – Receiver's MAC address.
  3. Source Address – Sender's MAC address.
  4. Type/Length - Type of payload or size.
  5. Payload – Actual Data.
  6. CRC – Error detection.

MAC Address

  • It is a device's hardware address on a local network.
  • It is fixed at the NIC (Network Interface Card) level.
  • 6-byte address written in hexadecimal.
  • Key Properties:
    • Unique per device.
    • Used within a Local Area Network (LAN).
    • Cannot route across networks like IP addresses can.

ARP (Address Resolution Protocol)

  • Used to find the MAC address that matches a given IP address on the local network.

How ARP Works

  1. A device wants to send data to an IP address.
  2. But Ethernet frames need a MAC address.
  3. So, it broadcasts an ARP Request to the LAN.
  4. The device with that IP replies with an ARP Reply.
  5. The sender stores it in the ARP cache and sends the Ethernet frame.

ARP Header Fields

Field NameDescription
Hardware Type1 for Ethernet
Protocol Type0x0800 (IPv4)
Hardware Address Length6 (MAC = 6 bytes)
Protocol Address Length4 (IPv4 = 4 bytes)
Operation

1 = ARP Request

2 = ARP Reply

Sender Hardware AddressThe sender’s MAC address
Sender Protocol AddressThe sender’s IP address
Target Hardware AddressUnknown in ARP Request, filled in ARP Reply
Target Protocol AddressThe IP address we’re trying to resolve

Network Security Fundamentals

Security Principles: C.I.A.A

  1. Confidentiality

    • Ensure the data is private.
    • Method: Encryption.

  2. Integrity

    • Ensure data hasn’t been modified in transit.
    • Method: Hashing and Message Authentication Codes.

  3. Authentication

    • Verify the identity of the sender or receiver.
    • Method: Passwords, digital certificates, public key signatures.

  4. Availability

    • Keep services accessible and running.
    • Threat: DoS or DDoS attacks.

Network Attacks: P.I.T.D.D

  1. Packet Sniffing

    • Eavesdropping on traffic not meant for you, like open Wi-Fi.
    • Defense: Encryption Protocols (HTTPS, TLS).

  2. IP Spoofing

    • Attacker fakes their IP address to impersonate another device.
    • Can be used to bypass access control or inject fake data.
    • Defense: Use firewalls, ingress filtering.

  3. TCP Session Hijacking

    • Attacker predicts TCP sequence numbers and inserts fake packets.
    • Defense: Use encrypted and authenticated connections like TLS.

  4. Denial of Service (DoS)

    • Attacker floods a server with fake requests to exhaust resources.
    • Defense: Rate limiting, firewalls, cloud scrubbing.

  5. DNS Spoofing/Poisoning

    • Sends fake DNS responses to redirect users to malicious sites.
    • Defense: Use DNSSEC.

Encryption

  1. Symmetric Encryption

    • Same key used for encryption and decryption.
    • Fast but key must be shared securely.
    • Example: AES (Advanced Encryption Standard).

  2. Asymmetric Encryption

    • Uses two keys.
    • Public key to encrypt.
    • Private key to decrypt.
    • Slower, but safer for exchange.
    • Example: RSA.

Digital Signatures

  • Sender encrypts a hash of the message with their private key.
  • Receiver decrypts it with the sender’s public key to verify:
    • Message was not altered.
    • It came from the expected sender.

Secure Protocols and Applications

  1. HTTPS (HTTP + TLS = HTTPS)

    • Encrypts web traffic between your browser and the server.
    • Provides:
      • Confidentiality.
      • Integrity.
      • Authentication.

  2. TLS vs SSL

    1. TLS
      • Secure.
      • Used in all HTTPS connections.
      • Difference from SSL: Strong cipher negotiation.
      • TLS has replaced SSL.
    2. SSL
      • Vulnerable to attacks.
      • Deprecated.
      • Difference from TLS: Weak cipher negotiation.

  3. IPsec (Internet Protocol Security)

    • Provides encryption, integrity, and authentication at the network layer.
    • Modes:
      • Transport mode – Encrypts only the data (host-to-host).
      • Tunnel mode – Encrypts the entire IP packet (used in VPNs).

  4. VPNs (Virtual Private Networks)

    • Encrypts traffic between your device and a trusted network.
    • Protects you on public Wi-Fi, bypasses content restrictions.
    • Uses:
      • Secure remote work.
      • Protecting browsing on public networks.
      • Accessing private resources.

  5. Email Security

    • Prevents someone from reading or altering your email.
    • PGP (Pretty Good Privacy):
      • End-to-end email encryption using asymmetric keys.
      • Encrypt a message using recipient's public key.
    • S/MIME:
      • Enterprise-grade email encryption.
      • Uses digital certificates for email signing and encryption.

Wireless Security (WPA2, WPA3)

  • WPA2:
Karma: 14%
Visits: 0

Related entries:

Tags:
Network Security TCP Flow Control IP MAC Address Encryption Data Link Layer VPN Error Control ARP Routing Algorithms Three-Way Handshake Subnetting Protocols Networking Congestion Control