Networking_fundamentals
Chapter 21: Networking Fundamentals
Section titled “Chapter 21: Networking Fundamentals”Comprehensive Linux Networking Concepts
Section titled “Comprehensive Linux Networking Concepts”21.1 OSI and TCP/IP Models
Section titled “21.1 OSI and TCP/IP Models”Network Layer Models
Section titled “Network Layer Models”┌────────────────────────────────────────────────────────────────────────┐│ OSI VS TCP/IP MODEL │├────────────────────────────────────────────────────────────────────────┤│ ││ OSI (7 Layers) TCP/IP (4 Layers) ││ ┌───────────────┐ ┌────────────────┐ ││ │ 7. Application │◄───────│ Application │ ││ │ 6. Presentation│ │ (HTTP, FTP) │ ││ │ 5. Session │ └────────────────┘ ││ ├───────────────┤ │ ││ │ 4. Transport │◄──────────────┤ Transport ││ │ (TCP, UDP) │ │ (TCP, UDP) │ ││ ├───────────────┤ └────────────────┘ ││ │ 3. Network │ │ ││ │ (IP, ICMP) │ │ Internet ││ ├───────────────┤ │ (IP, ICMP) │ ││ │ 2. Data Link │◄────────┤ │ ││ │ (Ethernet) │ └────────────────┘ ││ │ 1. Physical │ │ ││ └───────────────┘ │ Link/Network Access ││ │ (Ethernet, WiFi) ││ └────────────────┘ ││ │└────────────────────────────────────────────────────────────────────────┘OSI Layer Functions
Section titled “OSI Layer Functions”┌────────────────────────────────────────────────────────────────────────┐│ OSI LAYER FUNCTIONS │├────────────────────────────────────────────────────────────────────────┤│ ││ Layer 7 - Application ││ ┌─────────────────────────────────────────────────────────────────┐ ││ │ User interface, HTTP, FTP, SMTP, DNS, SSH │ ││ └─────────────────────────────────────────────────────────────────┘ ││ ││ Layer 6 - Presentation ││ ┌─────────────────────────────────────────────────────────────────┐ ││ │ Data encoding, encryption, compression (SSL/TLS, JPEG, GIF) │ ││ └─────────────────────────────────────────────────────────────────┘ ││ ││ Layer 5 - Session ││ ┌─────────────────────────────────────────────────────────────────┐ ││ │ Session management, checkpoints, synchronization │ ││ └─────────────────────────────────────────────────────────────────┘ ││ ││ Layer 4 - Transport ││ ┌─────────────────────────────────────────────────────────────────┐ ││ │ End-to-end connection, reliability, flow control │ ││ │ TCP: connection-oriented, reliable │ ││ │ UDP: connectionless, fast, unreliable │ ││ └─────────────────────────────────────────────────────────────────┘ ││ ││ Layer 3 - Network ││ ┌─────────────────────────────────────────────────────────────────┐ ││ │ Routing, logical addressing (IP), fragmentation │ ││ │ Routers operate at this layer │ ││ └─────────────────────────────────────────────────────────────────┘ ││ ││ Layer 2 - Data Link ││ ┌─────────────────────────────────────────────────────────────────┐ ││ │ Physical addressing (MAC), frame handling, error detection │ ││ │ Switches operate at this layer │ ││ └─────────────────────────────────────────────────────────────────┘ ││ ││ Layer 1 - Physical ││ ┌─────────────────────────────────────────────────────────────────┐ ││ │ Physical connections, cables, hubs, bits │ ││ └─────────────────────────────────────────────────────────────────┘ ││ │└────────────────────────────────────────────────────────────────────────┘21.2 IPv4 Addressing
Section titled “21.2 IPv4 Addressing”IP Address Classes
Section titled “IP Address Classes”┌────────────────────────────────────────────────────────────────────────┐│ IPv4 ADDRESS CLASSES │├────────────────────────────────────────────────────────────────────────┤│ ││ Class First Octet Default Mask Networks Hosts/Net ││ ───────────────────────────────────────────────────────────────── ││ A 1-126 /8 (255.0.0.0) 126 16,777,214 ││ B 128-191 /16 (255.255.0.0) 16,384 65,534 ││ C 192-223 /24 (255.255.255.0) 2M 254 ││ D 224-239 - - Multicast ││ E 240-255 - - Reserved ││ ││ Special Addresses: ││ - 127.x.x.x : Loopback (127.0.0.1 = localhost) ││ - 0.0.0.0 : This network (default route) ││ - 255.255.255.255 : Limited broadcast ││ │└────────────────────────────────────────────────────────────────────────┘Private IP Ranges
Section titled “Private IP Ranges”┌────────────────────────────────────────────────────────────────────────┐│ PRIVATE IP ADDRESSES │├────────────────────────────────────────────────────────────────────────┤│ ││ 10.0.0.0/8 (10.0.0.0 - 10.255.255.255) ││ ┌──────────────────────────────────────────────────────────────┐ ││ │ 10.0.0.0 - 10.255.255.255 │ ││ │ 16,777,216 addresses (Class A) │ ││ └──────────────────────────────────────────────────────────────┘ ││ ││ 172.16.0.0/12 (172.16.0.0 - 172.31.255.255) ││ ┌──────────────────────────────────────────────────────────────┐ ││ │ 172.16.0.0 - 172.16.255.255 │ ││ │ 172.17.0.0 - 172.17.255.255 │ ││ │ ... │ ││ │ 172.31.0.0 - 172.31.255.255 │ ││ │ 1,048,576 addresses (16 contiguous Class B) │ ││ └──────────────────────────────────────────────────────────────┘ ││ ││ 192.168.0.0/16 (192.168.0.0 - 192.168.255.255) ││ ┌──────────────────────────────────────────────────────────────┐ ││ │ 192.168.0.0 - 192.168.255.255 │ ││ │ 65,536 addresses (Class C) │ ││ └──────────────────────────────────────────────────────────────┘ ││ ││ Link-Local (APIPA): 169.254.0.0/16 ││ ┌──────────────────────────────────────────────────────────────┐ ││ │ Used for automatic IP assignment when DHCP unavailable │ ││ └──────────────────────────────────────────────────────────────┘ ││ │└────────────────────────────────────────────────────────────────────────┘Subnet Mask Calculations
Section titled “Subnet Mask Calculations”┌────────────────────────────────────────────────────────────────────────┐│ SUBNET MASK REFERENCE │├────────────────────────────────────────────────────────────────────────┤│ ││ CIDR Mask Usable Hosts Power of 2 ││ ──────────────────────────────────────────────────────────────── ││ /30 255.255.255.252 2 4-2 = 2 ││ /29 255.255.255.248 6 8-2 = 6 ││ /28 255.255.255.240 14 16-2 = 14 ││ /27 255.255.255.224 30 32-2 = 30 ││ /26 255.255.255.192 62 64-2 = 62 ││ /25 255.255.255.128 126 128-2 = 126 ││ /24 255.255.255.0 254 256-2 = 254 ││ /23 255.255.254.0 510 512-2 = 510 ││ /22 255.255.252.0 1022 1024-2 = 1022 ││ /21 255.255.248.0 2046 2048-2 = 2046 ││ /20 255.255.240.0 4094 4096-2 = 4094 ││ /19 255.255.224.0 8190 8192-2 = 8190 ││ /18 255.255.192.0 16382 16384-2 = 16382 ││ /17 255.255.128.0 32766 32768-2 = 32766 ││ /16 255.255.0.0 65534 65536-2 = 65534 ││ /8 255.0.0.0 16777214 16777216-2 ││ ││ Formula: Hosts = 2^(32 - CIDR) - 2 ││ (Subtract 2 for network address and broadcast) ││ │└────────────────────────────────────────────────────────────────────────┘21.3 Basic Network Commands
Section titled “21.3 Basic Network Commands”IP Configuration
Section titled “IP Configuration”# View IP addressesip addr showip addr show eth0
# Alternative (legacy)ifconfigifconfig -a
# Add IP addresssudo ip addr add 192.168.1.10/24 dev eth0
# Remove IP addresssudo ip addr del 192.168.1.10/24 dev eth0
# Bring interface up/downsudo ip link set eth0 upsudo ip link set eth0 down
# View interface detailsip link showip -s link show eth0Routing
Section titled “Routing”# View routing tableip route showip route
# Alternative (legacy)route -n
# Add default routesudo ip route add default via 192.168.1.1
# Add static routesudo ip route add 10.0.0.0/24 via 192.168.1.1
# Delete routesudo ip route del default via 192.168.1.1
# View specific routeip route get 8.8.8.8
# Add route with metricsudo ip route add default via 192.168.1.1 metric 100Connectivity Testing
Section titled “Connectivity Testing”# Pingping -c 4 8.8.8.8ping -c 4 google.comping -i 0.2 host # 0.2 second intervalping -f host # Flood ping (root only)
# Trace pathtraceroute google.comtraceroute -I google.com # ICMPtraceroute -T -p 80 google.com # TCP
# Alternative: mtr (combined ping + traceroute)mtr google.com
# Path MTU discoverytracepath google.comDNS Commands
Section titled “DNS Commands”# DNS lookupnslookup google.comdig google.comhost google.com
# Specific DNS servernslookup google.com 8.8.8.8dig @8.8.8.8 google.com
# Query specific recorddig google.com MXdig google.com TXTdig google.com AAAA
# Reverse DNS lookupdig -x 8.8.8.8host 8.8.8.8Connection Monitoring
Section titled “Connection Monitoring”# Socket statistics (modern)ss -tunaplss -tunapl | grep :80ss -tn | wc -l # Count connections
# Socket statistics (legacy)netstat -tunaplnetstat -i # Interface stats
# Listening portsss -tulpnss -tulpn | grep LISTEN
# Connection statesss -tan state established
# Process using portss -tulnp | grep :80lsof -i :80fuser 80/tcpNetwork Interface Testing
Section titled “Network Interface Testing”# Bandwidth testiperf3 -s # Serveriperf3 -c server # Client
# Quick testcurl -I https://google.comwget -O /dev/null https://google.com
# NIC bonding/team infoip link show type bondip link show type team21.4 Network Configuration Files
Section titled “21.4 Network Configuration Files”DNS Configuration
Section titled “DNS Configuration”nameserver 8.8.8.8nameserver 8.8.4.4search example.com
# View current DNScat /etc/resolv.conf
# Check DNS resolutiongetent hosts google.comHostname Configuration
Section titled “Hostname Configuration”# View hostnamehostnamehostnamectl
# Set hostname (persistent)sudo hostnamectl set-hostname server01.example.com
# Set hostname (temporary)sudo hostname temp-hostname
# /etc/hostnameecho "server01" | sudo tee /etc/hostnameNetwork Configuration (Debian)
Section titled “Network Configuration (Debian)”auto eth0iface eth0 inet static address 192.168.1.10 netmask 255.255.255.0 gateway 192.168.1.1 dns-nameservers 8.8.8.8 8.8.4.4
# DHCPiface eth0 inet dhcp
# Restart networkingsudo systemctl restart networkingNetwork Configuration (RHEL/CentOS)
Section titled “Network Configuration (RHEL/CentOS)”DEVICE=eth0BOOTPROTO=staticONBOOT=yesIPADDR=192.168.1.10NETMASK=255.255.255.0GATEWAY=192.168.1.1DNS1=8.8.8.8
# Restart networksudo systemctl restart networkStatic Routes
Section titled “Static Routes”# RHEL/CentOS - /etc/sysconfig/network-scripts/route-eth0# 10.0.0.0/24 via 192.168.1.1 dev eth0
# Debian - /etc/network/interfacesup ip route add 10.0.0.0/24 via 192.168.1.121.5 Network Troubleshooting
Section titled “21.5 Network Troubleshooting”Diagnostic Flow
Section titled “Diagnostic Flow”┌────────────────────────────────────────────────────────────────────────┐│ NETWORK TROUBLESHOOTING FLOW │├────────────────────────────────────────────────────────────────────────┤│ ││ 1. Is the interface up? ││ └─► ip link show ││ └─► ip link set eth0 up ││ ││ 2. Does it have an IP? ││ └─► ip addr show ││ └─► dhclient eth0 or ip addr add ││ ││ 3. Can it reach gateway? ││ └─► ping <gateway> ││ └─► Check routing table ││ ││ 4. Can it reach external hosts? ││ └─► ping 8.8.8.8 ││ └─► Check DNS, firewall ││ ││ 5. Can it resolve DNS? ││ └─► nslookup google.com ││ └─► Check /etc/resolv.conf ││ ││ 6. Check firewall ││ └─► iptables -L -n ││ └─► firewall-cmd --list-all ││ │└────────────────────────────────────────────────────────────────────────┘Common Issues
Section titled “Common Issues”# Interface not showingip link show# Check driver loadedlsmod | grep e1000
# No IP addressdhclient -v eth0# Check DHCP server
# Can't ping gateway# Check IP, netmask, gateway settings
# Can't ping external# Check DNS, firewall
# DNS not workingcat /etc/resolv.confping 8.8.8.8Advanced Diagnostics
Section titled “Advanced Diagnostics”# Capture packetstcpdump -i eth0tcpdump -i eth0 port 80tcpdump -i eth0 host 192.168.1.1
# Analyze traffictcpdump -w capture.pcap# Then analyze with Wireshark
# Check ARP tableip neigh showarp -a
# Check link statusethtool eth0mii-tool eth021.6 IPv6 Basics
Section titled “21.6 IPv6 Basics”IPv6 Addressing
Section titled “IPv6 Addressing”┌────────────────────────────────────────────────────────────────────────┐│ IPv6 ADDRESS TYPES │├────────────────────────────────────────────────────────────────────────┤│ ││ Global Unicast (2000::/3) ││ ┌─────────────────────────────────────────────────────────────────┐ ││ │ 2001:0db8:85a3:0000:0000:8a2e:0370:7334 │ ││ │ └────┴─────┴──────┴─────┴──────┴─────┴──────┴────────────┘ │ ││ │ Prefix Registry Site ID Subnet Interface ID │ ││ └─────────────────────────────────────────────────────────────────┘ ││ ││ Link-Local (fe80::/10) ││ ┌─────────────────────────────────────────────────────────────────┐ ││ │ fe80::1 (automatic on every interface) │ ││ └─────────────────────────────────────────────────────────────────┘ ││ ││ Unique Local (fc00::/7) ││ ┌─────────────────────────────────────────────────────────────────┐ ││ │ fd00::/8 (private, like 10.x.x.x) │ ││ └─────────────────────────────────────────────────────────────────┘ ││ ││ Loopback (::1) ││ ┌─────────────────────────────────────────────────────────────────┐ ││ │ ::1 │ ││ └─────────────────────────────────────────────────────────────────┘ ││ ││ Special Addresses: ││ - :: (unspecified, like 0.0.0.0) ││ - ::1 (loopback, like 127.0.0.1) ││ │└────────────────────────────────────────────────────────────────────────┘IPv6 Commands
Section titled “IPv6 Commands”# View IPv6 addressesip -6 addr show
# Add IPv6 addresssudo ip -6 addr add 2001:db8::1/64 dev eth0
# Ping IPv6ping6 -I eth0 fe80::1ping6 google.com
# Trace IPv6 pathtraceroute6 google.com21.7 Interview Questions
Section titled “21.7 Interview Questions”Q1: Explain the OSI model layers.
Section titled “Q1: Explain the OSI model layers.”Answer:
- Physical - Hardware, cables, hubs
- Data Link - MAC addresses, switches
- Network - IP addresses, routers
- Transport - TCP/UDP, ports
- Session - Session management
- Presentation - Data formatting, encryption
- Application - User interface, protocols (HTTP, FTP, SMTP)
Q2: What’s the difference between TCP and UDP?
Section titled “Q2: What’s the difference between TCP and UDP?”Answer:
| Feature | TCP | UDP |
|---|---|---|
| Connection | Connection-oriented | Connectionless |
| Reliability | Reliable, ordered | Unreliable |
| Speed | Slower | Faster |
| Overhead | Higher | Lower |
| Use Cases | HTTP, SSH, Email | DNS, VoIP, Video |
| Flow Control | Yes | No |
| Congestion Control | Yes | No |
Q3: What are private IP ranges?
Section titled “Q3: What are private IP ranges?”Answer:
- 10.0.0.0/8 (10.0.0.0 - 10.255.255.255)
- 172.16.0.0/12 (172.16.0.0 - 172.31.255.255)
- 192.168.0.0/16 (192.168.0.0 - 192.168.255.255)
- 169.254.0.0/16 (Link-local/APIPA)
Q4: What is a subnet mask?
Section titled “Q4: What is a subnet mask?”Answer: A subnet mask defines which portion of an IP address is the network and which is the host:
- /24 = 255.255.255.0 = 256 addresses (254 usable)
- /16 = 255.255.0.0 = 65,536 addresses (65,534 usable)
- /8 = 255.0.0.0 = 16,777,216 addresses
Q5: What is the difference between /bin and /usr/bin?
Section titled “Q5: What is the difference between /bin and /usr/bin?”Answer: In modern Linux, they’re often the same or similar:
- /bin - Essential system commands (legacy)
- /usr/bin - User programs
- On many systems, /bin is a symlink to /usr/bin
- Both are in the default PATH
Q6: What is the loopback address?
Section titled “Q6: What is the loopback address?”Answer: 127.0.0.1 (IPv4) or ::1 (IPv6) - A special IP address that refers to the local machine. Traffic to this address doesn’t go to the network - it loops back within the host.
Q7: What does the default route (0.0.0.0) mean?
Section titled “Q7: What does the default route (0.0.0.0) mean?”Answer: The default route (0.0.0.0/0 or simply 0.0.0.0) matches all IP addresses. It’s used to send traffic that doesn’t match any specific route to a gateway (usually an internet-facing router).
Q8: What is NAT?
Section titled “Q8: What is NAT?”Answer: Network Address Translation (NAT) maps private IP addresses to public IPs. Common types:
- SNAT: Source NAT - outgoing traffic
- DNAT: Destination NAT - incoming traffic
- PAT: Port Address Translation - many-to-one (port forwarding)
Quick Reference
Section titled “Quick Reference”Commands
Section titled “Commands”# Configurationip addr add 192.168.1.10/24 dev eth0ip link set eth0 upip route add default via 192.168.1.1
# Testingping -c 4 hosttraceroute hostnslookup hostdig host
# Monitoringss -tunaplnetstat -tunapl
# DNScat /etc/resolv.confhostnamectlWell-Known Ports
Section titled “Well-Known Ports”| Port | Service |
|---|---|
| 20/21 | FTP |
| 22 | SSH |
| 23 | Telnet |
| 25 | SMTP |
| 53 | DNS |
| 80 | HTTP |
| 110 | POP3 |
| 143 | IMAP |
| 443 | HTTPS |
| 3306 | MySQL |
| 5432 | PostgreSQL |
| 6379 | Redis |
| 8080 | HTTP Alt |
Summary
Section titled “Summary”In this chapter, you learned:
- ✅ OSI and TCP/IP models
- ✅ IPv4 addressing and classes
- ✅ Private IP ranges
- ✅ Subnet mask calculations
- ✅ Basic network commands
- ✅ Network configuration files
- ✅ Network troubleshooting
- ✅ IPv6 basics
- ✅ Interview questions and answers
Next Chapter
Section titled “Next Chapter”Chapter 22: Network Configuration
Last Updated: February 2026