[AWS] Basic Networking

OSI (Open Systems Interconnection) Model: 7 Layers

Physical -> Data Link -> Network -> Transport -> Session -> Presentation -> Application

  • Layer 1 (Physical) agrees on how to transmit and receive data in a physical medium; the medium, the voltage, and RF details.
  • Layer 2 (Data Link) adds MAC addresses, which can be used for named communication on the local network.
  • Layer 3 (Network) allows the packets to pass through different networks – Routing.
  • Layer 4 (Transport) adds TCP (reliability) or UDP (Speed)
    • TCP ensured data is transmitted in the correct order and adds error checking.
    • Ports allow different communication to the same host.
  • Layer 5 (Session) adds the concept of sessions between client and server.
  • Layer 6 (Presentation) adds the data conversion, encapsulation, and compression – TLS.
  • Layer 7 (Application) is where protocols (HTTP, SSH, FTP) are added.

IP Addresses – IPv4

  • 4 bytes (32bit): to
    • or represents all IP address
    • broadcast to all IP addresses (it is generally filtered)
    • localhost or loopback
  • Classes – network part + node part
    • Class A (/8): to 126 networks and 16,777,214 nodes in each
    • Class B (/16): to 16,382 networks and 65,534 nodes in each
    • Class C (/24): to 2,097,150 networks and 254 nodes in each
    • There are 2 reserved networks in each class.
  • Private Network Ranges
    • Class A: to (1 network)
    • Class B: to (16 networks)
    • Class C: to (256 networks)
  • CIDR (Classless Inter-Domain Routing) is used for more effective allocation and sub-networking.
    • CIDR is represented as network/prefix. (e.g.
    • The prefix is the number of bits that the network uses.

IP Addresses – IPv6 in AWS

  • IPv6 is not enabled on EC2 instances by default.
  • IPv6 is not supported by all AWS services.
  • IPv6 is attached to the operating system. IPv4 is not.
  • There is no IPv6 private address. All IPv6 addresses are public.

IP Routing

  • Local: Using MAC address (Layer 2)
    • Does not span across networks – No router.
    • Uses Address Resolution Protocol (ARP).
    • L3 packet is created and wrapped in L2 Frames. -> L2 frame is sent to the destination MAC.
  • Known Remote: Uses a router (L3 packet)
    • L3 Packets are not changed.
    • When the destination is not local, the L2 frame (L3 packet in it) is sent to the default gateway (router) -> If the router knows the destination, strips the L2 frame and wrap the L3 packet with a new L2 frame and send it to the destination.
  • Unknown Remote: Routing works the same whether the destination is known or unknown
    • Usually, unchanged packets (L3) being passed through multiple routers (internet); between routers, a new L2 connection is used.
    • The internet uses the Border Gateway Protocol (BGP) to advertise networks among routers.

Proxy Server

  • A proxy server is a gateway between a private network and a public one.
  • A user in a private network accesses the public network through a proxy server, which can support firewalls, filtering, and caching.

Leave a Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s