Networking for AWS/ DEVOPS/ Cloud Engineer
A network connects two or more computers and devices through communication channels like cables or wireless media to share files and resources, with the Internet being the largest network, known as "the network of networks."
Types of Networks
There are different types of networks.
1. LAN (Local Area Network) -LAN (Local Area Network) connects computers within a limited area, like homes or schools, using Wi-Fi or Ethernet.
2. MAN (Metropolitan area network) - used in metropolitan area (cities).
3. WAN (Wide Area Network) - WAN (Wide Area Network) extends a LAN over a large geographic area, such as using optical fiber cables, while SONET (Synchronous Optical Network) is used in submarine communications.
Network Components
1. A switch is a device that connects two or more computers.
2. A router is a device used to connect one network to another.
3.A modem is a device used for modulation and demodulation.
4. A hub is a simple device that extends power and broadcasts signals to connected computers.
5. NIC, or Network Interface Card, is a preinstalled wireless card on the motherboard used to connect your computer to the internet, featuring a MAC (Media Access Control) address.
6. A bridge is a networking device that connects multiple LANs to form a larger LAN, reduces broadcasting, stores the MAC address of computers, but is now obsolete and replaced by a switch.
What is Protocol?
A network protocol is a set of rules created by people to determine how data is transmitted between devices in the same network, such as HTTP, TCP, IP, FTP, and SMTP.
IP Address and its Types and Classes
An IP (Internet Protocol) address is a unique number given to each device on a network, enabling them to communicate, similar to a device's "address" on the internet or local network.
Types of IP Addresses
- IPv4: An IPv4 address is a 32-bit number represented as four decimal-separated numbers, made up of four 8-bit groups or octets, which is easy to remember but limited to approximately 4.3 billion unique addresses.
2. IPv6:IPv6 is a 128-bit address written in eight groups of hexadecimal numbers, providing a much larger number of addresses to replace IPv4 as it runs out.
3. Public IP: Public IPs, assigned by ISPs, are used to identify devices on the internet and are accessible globally.
4. Private IP: Private IPs are used within home or office networks, are not accessible from the internet, and usually fall within specific ranges.
5. Static IP: A static IP is a manually assigned, unchanging address often used for servers and devices requiring a consistent address.
6. Dynamic IP: A dynamic IP is automatically assigned by a DHCP server, changes periodically, and is commonly used for home devices.
IP Address Classes (IPv4 Only)
IPv4 addresses are categorized into five classes by IANA (Internet Assigned Numbers Authority) based on their starting number, which defines their network usage.
Class Range Purpose
A Class IP addresses, ranging from 1.0.0.0 to 126.0.0.0, are used for large networks such as big organizations.
B 128.0.0.0 to 191.255.0.0, are used for medium-sized networks.
C Class IP addresses, ranging from 192.0.0.0 to 223.255.255.0 are used for small networks, like home or business LANs.
D Class IP addresses, ranging from 224.0.0.0 to 239.255.255.255 are reserved for multicasting.
E Class IP addresses, ranging from 240.0.0.0 to 255.255.255.255 is experimental and used for research.
Note: Class A addresses in IPv4 range from 1.0.0.0 to 126.0.0.0, while 0.0.0.0 is a special address not included in this range.
The range 127.0.0.0 to 127.255.255.255, particularly 127.0.0.1, is reserved for loopback addresses in IPv4.
What is Loopback?
A loopback address lets a device communicate with itself and is often used for testing network software on the local machine.
Key Points
127.0.0.1, known as "localhost," and any IP in the 127.x.x.x range, loops back to the same device, making it useful for testing networking applications without an external network.
IP address - Network ID and Host ID:
An IP address consists of two parts: the Network ID and the Host ID, where any device assigned an IP address is called a Host.
The Network ID portion differs depending on the IP class
Class A: 1st octet is the Network ID.
Class B: 1st and 2nd octets are the Network ID.
Class C: 1st, 2nd, and 3rd octets are the Network ID.
Devices with the same Network ID can connect directly without needing a router.
Devices with different Network IDs require a router to connect, and we'll illustrate this with a text-based structural diagram for clarity.
Subnetting
Subnetting divides a network into smaller, more manageable segments.
Example: A network with the IP address 192.168.1.0/24 can be split into subnets such as 192.168.1.0/25 and 192.168.1.128/25.
An example of subnetting is the network 192.168.1.0/24, a Class C network with a subnet mask of 255.255.255.0, allowing for 256 IP addresses ranging from 192.168.1.0 to 192.168.1.255, with 8 bits allocated for hosts.
Dividing into Smaller Subnets
To divide the network into two equal subnets, we use /25 subnet masks, which allocate 7 bits for hosts.
- Subnet 1: 192.168.1.0/25 has a range from 192.168.1.0 to 192.168.1.127 with a subnet mask of 255.255.255.128, providing 128 IP addresses, of which 126 are usable for hosts.
2. Subnet 2: 192.168.1.128/25 has a range from 192.168.1.128 to 192.168.1.255 with a subnet mask of 255.255.255.128, providing 128 IP addresses, of which 126 are usable for hosts.
Subnet | Range | Subnet Mask | Total IPs | Usable Host IPs
192.168.1.0/25 | 192.168.1.0 - 192.168.1.127 | 255.255.255.128 | 128 | 126
Explanation: A /25 mask splits the network into two subnets with 128 IP addresses each, making it easier to manage specific host groups separately.
Benefits of Subnetting
1.Improves Network Performance: By reducing broadcast domains, it limits broadcast traffic to specific subnets.
2. Enhances security by allowing the segregation of different departments or functions within an organization.
3. Efficient IP usage prevents wasting addresses by allocating only what is needed for each subnet.
CIDR (Classless Inter-Domain Routing):CIDR (Classless Inter-Domain Routing) is a method for allocating and routing IP addresses that improves IP address usage and simplifies routing by replacing the older classful system.
The table below shows common address and netmask combinations along with key details.
| Prefix | Netmask | **No.of addresses | Relation to class** | |
| /32 | 255.255.255.255 | 1 | Class C/256 | single host in a network |
| /25 | 255.255.255.128 | 128 | Class C/2 | |
| /24 | 255.255.255.0 | 256 | Class C | |
| /23 | 255.255.254.0 | 512 | Class C*2 | |
| /16 | 255.255.0.0 | 65536 | Class C*256 Class B | |
| /15 | 255.254.0.0 | 131072 | Class B*2 | |
| /8 | 255.0.0.0 | 16,777,216 | Class B*256 Class A |
Network Models
There are mainly two types of network model -
1. OSI Reference Model
2. TCP/IP Model
1.OSI Reference Model: The OSI (Open Systems Interconnection) Model, created by the International Organization for Standardization (ISO), outlines rules for how computer systems communicate over a network using 7 layers, each with distinct functions and responsibilities.
1. Physical Layer: The Physical Layer manages the direct connection between devices by sending raw data as bits through cables, radio signals, and other methods.
2. Data Link Layer: The Data Link Layer manages data transfer between directly connected nodes, handling error detection and flow control, with examples including Ethernet and Wi-Fi.
- Network Layer: Manages packet forwarding and routing through the network using IP addressing, with IP (Internet Protocol) as an example.
4. Transport Layer:Ensures reliable data transfer with error correction and flow control, using protocols like TCP and UDP.
5. Session Layer: Establishes, maintains, and manages communication sessions between applications..
6. Presentation Layer: The Presentation Layer translates data formats for compatibility between systems and handles encryption and compression, with examples like SSL/TLS.
7. Application Layer: Interfaces directly with the user and provides network services such as HTTP, FTP, and SMTP..
Below is a list of OSI model protocols and their port numbers for each layer.
1. Application Layer (Layer 7)
HTTP (Port 80): Web browsing.
HTTPS (Port 443): Secure web browsing.
SMTP (Port 25): Sending email.
FTP (Ports 20, 21): File transfer.
DNS (Port 53): Domain name resolution.
POP3 (Port 110): Receiving email.
IMAP (Port 143): Receiving email.
2. Presentation Layer (Layer 6)
SSL/TLS (Port 443 for HTTPS, also used in other protocols) provides encryption for secure data transmission, while MIME is used for formatting email attachments.
JPEG/PNG: Image formats used to encode multimedia files.
3. Session Layer (Layer 5)
PPTP (Port 1723): Tunneling protocol for VPNs.
NetBIOS (Ports 137, 138, 139): Establishes sessions for network communications.
4. Transport Layer (Layer 4)
TCP provides reliable data transmission with acknowledgment.
UDP allows fast, connectionless data transmission without acknowledgment, while SCTP is used for applications needing multiple data streams.
5. Network Layer (Layer 3) IP
(IPv4/IPv6): Responsible for routing packets between the source and destination.
ICMP is used for error messaging and diagnostics, such as ping.
IGRP is a routing protocol used for sharing routing information.
6. Data Link Layer (Layer 2)
Ethernet defines physical addressing and channel access at the Data Link Layer (Layer 2).
PPP is used for point-to-point connections.
HDLC is used for framing and error control on point-to-point links..
ARP resolves IP addresses to MAC addresses.
7. Physical Layer (Layer 1)
Ethernet specifies the electrical signals and cabling for physical signaling.
USB is used to physically connect devices.
The Application Layer (Layer 7) includes well-known protocols with specific port numbers for communication, such as HTTP on Port 80, HTTPS on Port 443, and SMTP on Port 25.
Layers 2 to 6 handle network management functions without using port numbers, while port numbers are mainly used in the Application and Transport Layers to ensure data reaches the correct services and applications on a computer.
2. TCP/IP Model
The TCP/IP model, or Internet Protocol Suite, simplifies the OSI model by using only 4 layers instead of 7.
This model is a practical, working model with 4 layers.
1. The Application Layer in the TCP/IP model combines the Application, Presentation, and Session Layers of the OSI model.
2. Transport Layer 3. Network Layer
4.Network Interface Layer combines the Data Link Layer and Physical Layer of the OSI model, with ports and protocols remaining the same as discussed in the OSI model.
Ports and Protocols
1. HTTP (Hypertext Transfer Protocol) is a stateless client-server protocol that defines how data is requested from a server and how the server sends data back to the client.
- When a client makes a request - HTTP request
- When server sends response to client - HTTP response -- Some HTTP methods used to make any request.
Status Codes
Status codes are issued by a server in response to a client's request made to the server. There are 4 categories of HTTP responses.
1. 200s: Successful responses
2. 300s: Redirects
3. 400s: Client errors
4. 500s: Server errors
Take a look at some of the most common response codes
| Code | What Itʼs Telling | What it Means |
| 200 | ok | Request succeeded |
| 302, 307 | Found, Temporary Redirect | The URI of the requested resource has been temporarily changed. |
| 301, 308 | Moved Permanently, Permanent Redirect | The URI of the requested resource has been permanently changed. |
| 400 | Bad Request | The server cannot understand the request being sent. |
| 401 | Unauthorized | The client needs to authenticate itself before making the request. |
| 403 | Forbidden | The client lacks sufficient permission to access the content. |
| 404 | Not Found | The server cannot find the requested resource. |
| 408 | Request Timeout | The server wants to close the connection because the response was sent to an idle connection. |
| 500 | Internal Server Error | The server cannot handle the request.. |
| 502 | Bad gateway | The server you're trying to access acts as a gateway or reverse proxy, and you receive this error when it gets an incorrect response from the source server. |
| 503 | Service Unavailable | The server can't process the request, typically because it is down or overloaded. |
| 504 | Gateway Timeout | Similar to 502, the gateway cannot get a response quickly enough. |
2. SMTP/POP (Simple Mail Transfer Protocol and Post Office Protocol)
SMTP is used for sending and receiving emails between the sender's SMTP server and the receiver's SMTP server.
3. FTP (File Transfer Protocol): FTP is used to download, upload, and transfer files between hosts.
4. Secure Shell (SSH) is used by system administrators to securely access a computer over an insecure network, similar to Telnet.
5. TCP (Transmission Control Protocol) is a reliable, connection-oriented protocol that ensures data is delivered successfully with acknowledgments and retransmissions if needed, used for applications where data integrity is crucial, such as HTTP (port 80) and SQL (port 1433).
TCP and the Three-Way Handshake:
Before sending packets, TCP establishes a stable connection between the sender and recipient using the three-way handshake (SYN-SYN-ACK).
6.UDP (User Datagram Protocol) is an unreliable, connectionless protocol with no acknowledgments or retransmissions, prioritizing speed over reliability, and is used for applications like video streaming or DNS queries.
Routing
IIf a packet's destination is within 10.21.0.0/16, it stays in the local network; if it's within 10.0.0.0/8, it goes to the transit gateway interface; otherwise, it's considered internet traffic (0.0.0.0/0) and is redirected to the NAT interface.
DNS (Domain Name System)
DNS (Domain Name System) converts human-readable domain names like www.example.com into IP addresses such as 192.0.2.44.
Root DNS Servers store all top-level domains like .com, .in, .org, and .io, and DNS functions as the internet's phonebook, translating human-readable names into numerical addresses by looking up domain names to find their corresponding IP addresses through multiple DNS servers.
Example - Visiting a Website
1. User Request: You type www.example.com into your web browser.
2. DNS Query: Your browser sends a request to a DNS server to get the IP address of .
3. DNS Resolution: The DNS server checks if it has the IP address cached. If not, it contacts other DNS servers (root, TLD, and authoritative servers) to find the IP address. www.google.com
www.google.com Networking for DevOps 23 .com .com google.com
4. IP Address Found: Once the IP address (e.g., 93.184.216.34) is found, the DNS server sends it back to your browser.
5. Connecting to the Website: The browser uses this IP address to connect to the web server, and the website loads on your screen.
Domains, Zones, and Delegation
Domains: Domains are like branches in the internet's tree structure, starting with the root domain at the top, followed by top-level domains (TLDs) like .com, and subdomains branching off from TLDs..
Zones are parts of a domain managed by specific organizations, such as Verisign controlling a zone, while ICANN manages the root zone and other organizations handle subdomains.
3. Delegation lets one organization transfer control of part of its domain to another organization using Nameserver (NS) records.
For example, ICANN controls the root domain and delegates to Verisign, which can then delegate control to "Example Ltd" by adding an NS record pointing to their nameserver.
NS records guide traffic to the correct nameserver managing a domain, enabling independent management of different DNS tree parts by various organizations.
DNS record types
DNS records, or zone files, contain information about a domain, such as its associated IP address and query handling instructions, and each record has a time-to-live (TTL) setting that determines how frequently a DNS server updates it.
| Type | Name | Description |
| A | Host address | The most basic and the most commonly used DNS record. It translates human-friendly domain names into computer-friendly IP addresses. |
| AAAA | IPv6 host address | Same as A but for IPv6 (a host address that can have more than one IP address). |
| CNAME | Canonical name for an alias | Maps a name to another name. It should only be used when there are no other records on that name. |
| ALIAS | Auto resolved alias | Maps a name to another name but can coexist with other records on that name |
| MX | Mail Exchange | Specifies the e-mail server(s) responsible for a domain name. |
| NS | Name server | Identifies the DNS servers responsible for a zone. One NS record for each DNS server in a zone. |
| TXT | Descriptive Text | Holds general information about a domain name such as who is hosting it, contact person, phone Networking for DevOps 25 numbers, etc. Widely used for domain ownership verification. |
DHCP
DHCP (Dynamic Host Configuration Protocol) is a network management protocol that automatically assigns IP addresses and other network settings to devices on a network.
Example: When you connect your laptop to a Wi-Fi network, a DHCP server automatically assigns it an IP address, enabling communication with other devices without manual setup..
Network Components and Services
Routers connect different networks and direct data packets between them, while switches connect devices within the same network and use MAC addresses to forward data to the correct device.
Firewalls manage incoming and outgoing network traffic according to set security rules.
Load balancers evenly distribute incoming network traffic across multiple servers to prevent any single server from becoming overloaded.
VPN (Virtual Private Network) creates a secure connection between remote users and the corporate network over the internet.
Network Troubleshooting Tools
1. ping
The commands telnet google.com 443, curl http://example.com, curl -I http://example.com, curl -X POST http://example.com, and curl http://example.com/file -o output.file are used to test internet network connections by checking response times and packet loss through ICMP ECHO requests and responses.
2. traceroute (or tracert on Windows)
The purpose of traceroute is to track the route packets take to their destination by sending UDP probes with increasing TTL values, showing each router along the way and the delay in reaching it, which helps identify which gateway is causing a delay by showing response times and where packets fail.
3. telnet
Telnet is used to test network connections and protocols by attempting to connect to a specified IP and port to check if a specific service is reachable.
4. curl
The purpose of curl is to transfer data using multiple protocols, often for HTTP requests, with usage examples including a basic GET request (curl http://example.com), checking headers (curl -I http://example.com), making a POST request (curl -X POST http://example.com), and saving a response to a file (curl http://example.com/file -o output.file).
5. dig (Domain Information Groper)
The purpose of dig is to troubleshoot DNS problems and verify DNS records by performing DNS lookups and displaying information such as IP addresses, with usage like dig google.com to get details like IP addresses, TTL, and DNS record types.
6. netstat
The purpose of netstat is to display network connections and port listening information, with usage including netstat -lp to list listening servers and their program names, netstat -a to show all active ports, and netstat -r to display the routing table.
8. ssh (Secure Socket Shell)
The purpose of SSH is to securely connect to remote machines to execute commands, with usage including connecting to a server using ssh username@hostname for secure and encrypted remote management and file transfers.
9. scp (Secure Copy Protocol)
The purpose of SCP is to securely copy files between local and remote hosts, with usage such as copying a file to a remote server using scp localfile.txt user@remote:path/to/destination.
These tools are essential for network diagnostics, troubleshooting, and secure communications, which are crucial skills for any DevOps engineer.