OSI (Open Systems Interconnection) Model: 7 Layers
Physical -> Data Link -> Network -> Transport -> Session -> Presentation -> Application
- Layer 1 (Physical) agrees on how to transmit and receive data in a physical medium; the medium, the voltage, and RF details.
- Layer 2 (Data Link) adds MAC addresses, which can be used for named communication on the local network.
- Layer 3 (Network) allows the packets to pass through different networks – Routing.
- Layer 4 (Transport) adds TCP (reliability) or UDP (Speed)
- TCP ensured data is transmitted in the correct order and adds error checking.
- Ports allow different communication to the same host.
- Layer 5 (Session) adds the concept of sessions between client and server.
- Layer 6 (Presentation) adds the data conversion, encapsulation, and compression – TLS.
- Layer 7 (Application) is where protocols (HTTP, SSH, FTP) are added.
IP Addresses – IPv4
- 4 bytes (32bit): 0.0.0.0 to 255.255.255.255
- 0.0.0.0 or 0.0.0.0/0: represents all IP address
- 255.255.255.255: broadcast to all IP addresses (it is generally filtered)
- 127.0.0.1: localhost or loopback
- Classes – network part + node part
- Class A (/8): 1.0.0.0 to 126.255.255.255: 126 networks and 16,777,214 nodes in each
- Class B (/16): 128.0.0.0 to 191.255.255.255: 16,382 networks and 65,534 nodes in each
- Class C (/24): 192.0.0.0 to 223.255.255.255: 2,097,150 networks and 254 nodes in each
- There are 2 reserved networks in each class.
- Private Network Ranges
- Class A: 10.0.0.0 to 10.255.255.255 (1 network)
- Class B: 172.16.0.0 to 172.31.255.255 (16 networks)
- Class C: 192.168.0.0 to 192.168.255.255 (256 networks)
- CIDR (Classless Inter-Domain Routing) is used for more effective allocation and sub-networking.
- CIDR is represented as network/prefix. (e.g. 10.0.0.0/24)
- The prefix is the number of bits that the network uses.
IP Addresses – IPv6 in AWS
- IPv6 is not enabled on EC2 instances by default.
- IPv6 is not supported by all AWS services.
- IPv6 is attached to the operating system. IPv4 is not.
- There is no IPv6 private address. All IPv6 addresses are public.
IP Routing
- Local: Using MAC address (Layer 2)
- Does not span across networks – No router.
- Uses Address Resolution Protocol (ARP).
- L3 packet is created and wrapped in L2 Frames. -> L2 frame is sent to the destination MAC.
- Known Remote: Uses a router (L3 packet)
- L3 Packets are not changed.
- When the destination is not local, the L2 frame (L3 packet in it) is sent to the default gateway (router) -> If the router knows the destination, strips the L2 frame and wrap the L3 packet with a new L2 frame and send it to the destination.
- Unknown Remote: Routing works the same whether the destination is known or unknown
- Usually, unchanged packets (L3) being passed through multiple routers (internet); between routers, a new L2 connection is used.
- The internet uses the Border Gateway Protocol (BGP) to advertise networks among routers.
Proxy Server
- A proxy server is a gateway between a private network and a public one.
- A user in a private network accesses the public network through a proxy server, which can support firewalls, filtering, and caching.