NETWORKING

PROTOCOL:
Protocol is some set of rules that determine how data is transmitted between different devices.

Communication :
Transferring or shearing data between different devices.

Types of communication :
1.point to point(unicast): Unicast communication involves the transmission of data from a single
sender to a specific recipient. It is a one-to-one communication model where the data is sent to a unique IP
address.

2.point to many(multicast): Multicast communication is a one-to-many communication model where

a single sender sends data to a group of recipients who have expressed interest in receiving that data. It is
more efficient than broadcast as it targets only the interested parties, reducing unnecessary network traffic.

3.point to all(broadcast): Broadcast communication is a one-to-all communication model where a

single sender sends data to all devices on a network. The data is sent to a broadcast address, and all devices on
the network receive and process it.

TRANSMISSION MODES:
1.Simplex: In simplex mode, data flows in only one direction, from the sender to the receiver. The sender can
transmit data, but the receiver cannot send any data back. It is comparable to a one-way street, where traffic
can flow in only one direction.

2.Half-duplex: In half-duplex mode, data can be transmitted in both directions, but not simultaneously. Devices
can take turns sending and receiving data. When one device is transmitting, the other device can only receive,
and vice versa. It is like a walkie-talkie where one person talks while the other person listens, and then they
switch roles.

3.Full-duplex: In full-duplex mode, data can be transmitted simultaneously in both directions. Both the sender
and the receiver can send and receive data at the same time. It is like a two-way street where traffic can flow
in both directions simultaneously.

Types of networks:

1.Local Area Network (LAN):

A LAN is a network that covers a small geographical area, typically within a building or a campus. It
connects computers and devices, allowing them to share resources and communicate with each other.
2.Wide Area Network (WAN):
A WAN is a network that spans across a large geographical area, often connecting multiple LANs or
remote locations. The internet itself is an example of a WAN.

3.Metropolitan Area Network (MAN):

A MAN is a network that covers a larger geographical area than a LAN but smaller than a WAN. It
usually connects multiple LANs within a city or metropolitan area.

Network topologies:

Number system:
Binary number(0,1)

Decimal number(0 to 9)

Hexadecimal number(0 to 9 ,A=10,B=11,C=12,D=13,E=14,F=15)

Each hexadecimal need only 4 digits

0000(0)
0001(1)

0010(2)

0011(3)

0100(4)

0101(5)

0110(6)

0111(7)

1000(8)

1001(9)

1010(A)

1011(B)

1100(C)

1101(E)

1111(F)

Networking elements:
1.host name: A hostname is a label or name assigned to a device connected to a computer network. It is used
to identify and identify the device within the network.

2.MAC address(Media access control): A Media Access Control (MAC) address is a unique identifier assigned
to network interface controllers (NICs) by the manufacturer. It is a hardware address that is associated with a
specific device's network card or adapter.

The MAC address is a 48-bit (6-byte) address, typically represented as a series of six pairs of hexadecimal
digits, separated by colons or hyphens.

For example, a MAC address may look like this: 00:1A:2B:3C:4D:5E.

00:1A:2B:3C:4D:5E=(0000 0000:0001 1010:0011 1101:0011 1100:0100 1101:0101 1110)

The MAC address serves as a unique identifier for devices on a local network. It is used at the data link layer of
the network protocol stack to ensure that data is sent to the intended device within the same local network
segment.

Mac address is in hexadecimal form .

Mac address ranges:

00:00: 00: 00: 00: 00 to FF:FF:FF:FF:FF:FF

BB:BB:BB:BB:BB(unicast)

FF:FF:FF:FF:FF:FF(broadcast)

To find mac address in Linux system : ifconfig command

To find mac address in windows system : ipconfig command

Ip address(internet protocol):

An IP (Internet Protocol) address is a unique numerical label assigned to each device connected to a
computer network that uses the Internet Protocol for communication. It serves as an identifier for the device,
allowing it to send and receive data over the network

For example, a IP address may look like this: 198.168.1.0

IP address ranges:

0.0.0.0 to 255. 255. 255. 255

*Size of Ip address 4bytes

1byte=8bits(00000000)=0

If 8bits are once (11111111)=255

Port number:

A port number is a (2bytes) 16-bit unsigned integer that identifies a specific process or service running
on a device within a network. Port numbers are used to enable communication between different applications
or services by providing a unique identifier for each process.

Port numbers are part of the transport layer protocols, such as TCP (Transmission Control Protocol) and UDP
(User Datagram Protocol), which are responsible for establishing reliable or unreliable connections between
devices on a network. The combination of an IP address and a port number allows data packets to be properly
routed to the intended application or service on a device.

Here are a few key points about port numbers:

Range: Port numbers range from 0 to 65535.

INTERFACE

Networking devices:

1.Hub: A hub is an older networking device that connects multiple devices within a network. It operates at the
physical layer of the network and broadcasts incoming data packets to all connected devices.

2.switch: A switch is used to connect multiple devices within a local area network (LAN). It receives data
packets and forwards them to the intended destination based on the MAC address of the devices connected to
it. Switches enable efficient data transmission within a LAN by creating dedicated communication channels

3.Bridge: A bridge is a device that connects two network segments or LANs and forwards data packets
between them. It operates at the data link layer (Layer 2) of the network and can filter and forward packets
based on MAC addresses.

4.Router: A router is a critical networking device that connects multiple networks together and directs network
traffic between them. It forwards data packets based on IP addresses and makes decisions on the most
efficient path for data transmission.
OSI Model(open system internet connection):

The OSI (Open Systems Interconnection) model is a conceptual framework that standardizes and
describes the functions of a communication system or network. It provides a structured approach to
understanding how different protocols and networking components interact to enable communication
between devices.

The OSI model consists of seven layers, each representing a specific set of functions and responsibilities

7.Application layer:

The application layer is the closest layer to end-users and provides network services and interfaces to
applications.

Example web applications .

It encompasses protocols and services like HTTP (Hypertext Transfer Protocol), FTP (File Transfer Protocol),
DNS (Domain Name System), and SMTP (Simple Mail Transfer Protocol).

Protocols used :HTTP,HTTPS,SMTP,FTP,DNS

6.Presentation layer:

presentation layer is responsible for the formatting, encryption, compression, and conversion of
data to ensure that it is properly understood by the receiving application.

1.Data Formatting: converting data between different character encodings, data formats, or representation
schemes.
2.Encryption and Decryption: The presentation layer provides encryption and decryption services to secure
the data during transmission. It ensures that the data is protected from unauthorized access and maintains the
confidentiality and integrity of the information.

3.Compression: The presentation layer can compress data to reduce the amount of data that needs to be
transmitted over the network.

4.Data Translation and Representation: The presentation layer handles the conversion of data between
different data formats and representations. It may involve translating between different data structures,
syntaxes, or protocols to enable interoperability between different systems.

Protocols used in presentation layer : NDR(network data representation ),AFP(apple fill protocol),TLP(transport
layer protocol)

5.Session layer:

The session layer establishes, manages, and terminates communication sessions between applications
on different devices. It provides mechanisms for session establishment, synchronization, and checkpointing

Session Establishment: The session layer is responsible for establishing a session between two communicating
applications. It sets up the necessary protocols, parameters, and security measures to initiate the session.

Session Management: It handles synchronization, coordination, and flow control to ensure that data is
exchanged in an orderly manner.

Dialogue Control: The session layer manages the dialogue or conversation between the applications. It
establishes rules and procedures for how the applications take turns sending and receiving data.

Session Termination: When the communication between the applications is complete, the session layer is
responsible for terminating the session. It ensures that all resources allocated for the session are released
appropriately.

Checkpointing and Recovery: The session layer provides mechanisms for checkpointing and recovery in case of
session failures or interruptions. It allows the applications to save the current state of the session and resume
from the last known checkpoint in the event of a failure.

Session Security: The session layer can implement security measures to protect the session's confidentiality,
integrity, and availability. This may include encryption, authentication, and access control mechanisms.

4.Transport Layer:

It provides reliable and efficient end-to-end delivery of data between hosts or devices on a network. The
transport layer ensures that data packets are delivered accurately, in sequence, and without errors or losses.

Segmentation and Reassembly: The transport layer breaks the data received from the session layer into
smaller units called segments or datagrams. It adds necessary headers to each segment to indicate sequence
numbers, checksums, and other control information. At the receiving end, the transport layer reassembles
these segments into the original data.

Connection Establishment: In some transport layer protocols, such as the Transmission Control Protocol (TCP),
the transport layer establishes a connection-oriented session before data transmission. This involves a
handshake process between the sender and receiver to set up parameters and establish a reliable
communication channel.

Reliable Data Delivery: The transport layer ensures reliable delivery of data by using acknowledgments,
sequence numbers, and retransmission mechanisms. It ensures that all data segments are received correctly at
the destination and retransmits any lost or corrupted segments.
Flow Control: The transport layer implements flow control mechanisms to manage the rate of data
transmission between the sender and receiver. It prevents the receiver from being overwhelmed by regulating
the amount of data sent and adjusting the transmission rate based on the receiver's capacity.

Congestion Control: The transport layer handles congestion control by monitoring network congestion levels
and adjusting the transmission rate accordingly. It avoids network congestion by slowing down data
transmission when necessary, thereby preventing packet loss and ensuring fair resource allocation.

Multiplexing and Demultiplexing: The transport layer uses port numbers to multiplex multiple applications or
services running on a host. It enables the transport layer to identify which application a received data segment
belongs to and deliver it to the appropriate application at the receiving end.

Quality of Service (QoS): The transport layer can provide QoS mechanisms to prioritize certain types of traffic
or applications. It can assign different levels of priority or service guarantees to ensure that critical data, such
as real-time audio or video streams, receive preferential treatment.

Protocols used in :TCP(transmission control protocol),UDP(user datagram protocol)

3.Network layer:

It provides logical addressing, routing, and forwarding of data packets between different networks or
subnetworks. The network layer enables end-to-end communication between hosts or devices across
interconnected networks.

Here are the key functions and responsibilities of the network layer:

Logical Addressing

Routing

Packet Forwarding: The network layer is responsible for forwarding data packets from the source host to the
destination host. It encapsulates data received from the transport layer into packets and adds the necessary
network layer headers, including source and destination IP addresses.

Fragmentation and Reassembly: The network layer can fragment large data packets into smaller units to
accommodate the maximum transmission unit (MTU) size of the underlying network. At the receiving end, it
reassembles the fragmented packets into the original data.

Quality of Service (QoS)

Network Address Resolution

Protocols used :OSPF(open short path first),BGP(border gateway protocol),RIP(Routing information

protocol),Icmp,

Data link layer:

The data link layer is the second layer of the OSI model, situated between the physical layer and the network
layer. It is responsible for the reliable transfer of data frames between adjacent network nodes over a physical
link. The data link layer ensures error-free and efficient communication between devices that are directly
connected within a local network.

Here are the key functions and responsibilities of the data link layer:

Framing: The data link layer divides the stream of bits received from the physical layer into manageable data
frames. It adds frame delimiters at the beginning and end of each frame to mark the boundaries for easy
identification.

Media Access Control: The data link layer manages access to the shared communication medium, such as
Ethernet, to avoid data collisions. It implements media access control protocols like CSMA/CD (Carrier Sense
Multiple Access with Collision Detection) to regulate the transmission of data frames and ensure fair access to
the network medium.

Error Detection and Correction

Flow Control

Logical Link Control: The data link layer provides logical link control protocols that establish, maintain, and
terminate the logical connection between devices. It manages the flow of data between the network layer and
the physical layer.

Physical layer:

The physical layer is responsible for establishing and maintaining the actual physical connection between
network devices and ensuring reliable transmission of data.

Here are the key functions and responsibilities of the physical layer:

Encoding and Signalling

Physical Media (e.g., copper, fiber-optic), pin configurations, signal voltages, and transmission speeds.

Bit Synchronization: The physical layer ensures proper synchronization between the transmitting and receiving
devices by establishing a clocking mechanism. It maintains timing synchronization so that the receiver can
correctly interpret the received data.

Transmission Line Management: The physical layer manages aspects related to the transmission medium, such
as impedance matching, noise reduction, and signal attenuation compensation. It aims to maintain signal
quality and integrity during transmission.

Error Detection: The physical layer may incorporate error detection mechanisms to identify transmission
errors. For example, parity bits or cyclic redundancy checks (CRC) can be used to detect bit errors and ensure
data integrity.
TCP/IP:

TCP/IP model is to provide a standardized framework for communication and data exchange between different
devices and networks. It serves as a reference model that helps in understanding the various protocols and
their functionalities in a hierarchical manner.

Layer 2(Access layer or data link layer):

Layer 2 in networking is commonly referred to as the "Data Link Layer." It is the second layer of both the OSI
(Open Systems Interconnection) model and the TCP/IP model. The Data Link Layer is responsible for the
reliable transmission of data between directly connected devices over a physical network link.

The main functions of the Data Link Layer include:

Framing: The Data Link Layer encapsulates network layer packets into data frames with additional headers and
trailers, making it easier to identify the start and end of each frame.

Physical Addressing: Devices on the same local network (e.g., Ethernet LAN) are identified by their unique
Media Access Control (MAC) addresses at the Data Link Layer. MAC addresses are used to deliver data frames
to the correct destination device.

Media Access Control: The Data Link Layer handles access to the physical transmission medium (e.g., Ethernet
cable) and manages how devices share and access it.

Flow Control: The Data Link Layer provides mechanisms to control the flow of data between devices to avoid
overwhelming the receiving device.

Error Detection and Correction: The Data Link Layer detects and, in some cases, corrects errors that may occur
during data transmission over the physical medium.
Ethernet frame:

1.preamble: The preamble consists of a predetermined bit pattern, usually a sequence of alternating 0s and 1s.
This pattern helps synchronize the clocks of the sender and receiver devices. By aligning their clocks, both
devices can accurately determine the timing of each bit, ensuring data is transmitted and received at the
correct rate.

2.start frame delimiter(SFD): start frame delimiter (SFD), which marks the end of the preamble and the
beginning of the actual frame's data. The SFD acts as a signal for the receiving device to identify where the
frame's data starts.

3.Destination mac address: This field contains the Media Access Control (MAC) address of the intended
receiver.

4.source MAC address: This field contains the Media Access Control (MAC) address of the intended sender .

5.Ethernet header length :Type field indicates the type of data carried in the payload of the Ethernet frame.

6.Frame check sequence :The Frame Check Sequence (FCS) is a field in the Ethernet frame that serves as an
error-detection mechanism.

Layer 3(Ip/Network layer):

Layer 3 is known as the "Network Layer." It is the third layer from the bottom and is responsible for
routing data packets between different networks to ensure their successful delivery from the source to the
destination.

The Network Layer operates on logical addressing, such as IP (Internet Protocol) addresses, to uniquely identify
devices on a network. Its primary functions include:

1. Logical Addressing: The Network Layer assigns logical addresses (IP addresses) to devices on the
network. These addresses are used to identify the source and destination of data packets during
communication.

2. Routing: The Network Layer is responsible for determining the best path (route) for data packets to
travel from the source device to the destination device across multiple interconnected networks.
Routers are the devices responsible for making these routing decisions based on the destination IP
address.
 3. Packet Forwarding: Once a router determines the appropriate path for a data packet, it forwards the
packet to the next router on the route until it reaches its final destination.

4. Fragmentation and Reassembly: The Network Layer can fragment large data packets into smaller
segments if they exceed the Maximum Transmission Unit (MTU) of the network. At the destination,
the receiving device reassembles the fragments into the original packet.

5. Error Handling: The Network Layer detects errors in the received data packets and may initiate
processes to request packet retransmissions if necessary.

Subnet mask:

A subnet mask is a 32-bit value used in IP (Internet Protocol) networking to divide an IP address into a network
portion and a host portion.

In IP networking, there are three common types of subnet masks:

classful subnet masks.

classless subnet masks.

Variable Length Subnet Masks (VLSM).

These subnet masks are used to divide IP address ranges into smaller subnets to create more efficient and
organized network structures. Let's take a closer look at each type:

1. Classful Subnet Masks: In the early days of the internet, IP addresses were divided into classes (Class
A, Class B, Class C, Class D, and Class E) based on the size of the network they represented. Classful
subnet masks were used to determine the default network boundaries for each IP address class. The
classful subnet masks are as follows:

• Class A: 255.0.0.0 (/8)

In class A starting 8 bits network id and remaining are host id

In class A first bit is fixed with ‘0’

Example : 0111 1111.0000 0000.0000 0000.0000 000

Class A Ranges start from :

0000 0000.0000 0000.0000 0000.0000 0000=0

T0

0111 1111.0000 0000.0000 0000.0000 000=126

Ip address(1.0.0.1 to 126.255.255.255)

127 is used for special purpose.

• Class B: 255.255.0.0 (/16)

In class B starting 16 bits network id and remaining are host id

In class B 2 bit is fixed with ‘0’
Example : 1011 1111.0000 0000.0000 0000.0000 000
Class A Ranges start from :
0000 0000.0000 0000.0000 0000.0000 0000=0
T0
1011 1111.0000 0000.0000 0000.0000 000=191
 Ip address(128.0.0.1 to 191.255.255.255)

• Class C: 255.255.255.0 (/24)

In class c starting 16 bits network id and remaining are host id

In class c 3rd bit is fixed with ‘0’
Example : 1101 1111.0000 0000.0000 0000.0000 000
Class A Ranges start from :
0000 0000.0000 0000.0000 0000.0000 0000=0
T0
1101 1111.0000 0000.0000 0000.0000 000=223
Ip address(192.0.0.1 to 223.255.255.255)

• Class D: 255.255.255.0 (/24)

In class D starting 24 bits network id and remaining are host id

In class c 4th bit is fixed with ‘0’
Class D is used to multicast
Example : 1110 1111.0000 0000.0000 0000.0000 000
Class A Ranges start from :
0000 0000.0000 0000.0000 0000.0000 0000=0
T0
1110 1111.0000 0000.0000 0000.0000 000=239
Ip address(223.0.0.1 to 239.255.255.255)
Class E:
Class e is reserved Ip address.
240.0.0.1 to 250.255.255.255

1. Unicast (point to point) 10.0.0.1 to 10.0.0.2

2. Broadcast (point to all) 10.0.0.1 to 10.0.0.255
3. Multicast (point to group) 10.0.0.1 to 224.0.0.5

Private ip address:

2. Classless Subnet Masks: With the adoption of Classless Inter-Domain Routing (CIDR) in the 1990s,
classless subnet masks became the standard. CIDR allows for more flexible allocation of IP address
space by using a variable-length subnet mask (VLSM), which is not restricted to class boundaries.
Classless subnet masks are represented using the CIDR notation, which indicates the number of bits
set to 1 in the subnet mask. For example:

• /8 represents a subnet mask of 255.0.0.0 (8 bits set to 1).

• /16 represents a subnet mask of 255.255.0.0 (16 bits set to 1).

• /24 represents a subnet mask of 255.255.255.0 (24 bits set to 1).

Classless subnet masks allow for more efficient use of IP address space and more precise allocation of subnets
with varying sizes.

3. Variable Length Subnet Masks (VLSM): VLSM allows network administrators to create subnets with
different sizes (varying numbers of hosts) within the same larger IP address range. With VLSM,
different subnets can have different subnet mask lengths, depending on their requirements. For
example, within a single network, one subnet may have a /24 mask (255.255.255.0) for 256 hosts,
while another subnet might have a /29 mask (255.255.255.248) for only 6 hosts.
VLSM is widely used to optimize IP address allocation and subnetting, especially in large and complex
networks.

Overall, classful subnet masks were used in the past, but classless subnet masks and VLSM have become the
norm in modern networking due to their flexibility and efficient utilization of IP address space.

IPv4 :

1. Version (4 bits): Indicates the IP version being used, which is IPv4 in this case. The value is always set
to 4 for IPv4.

2. Internet Header Length (IHL) (4 bits): Specifies the length of the IPv4 header in 32-bit words. Since the
IPv4 header is fixed at 20 bytes, the IHL is typically set to 5 (5 x 32 bits = 20 bytes).

3. Type of Service (TOS) or Differentiated Services (DS) (8 bits): Used for Quality of Service (QoS) and
differentiated handling of packets. It includes fields for precedence, delay, throughput, reliability, and
other QoS parameters.

4. Total Length (16 bits): Indicates the total length of the IPv4 datagram (header + data) in bytes. It
defines the entire size of the packet, including both the header and the payload.

5. Identification (16 bits): A unique identifier for the datagram, primarily used for reassembling
fragmented packets.

6. Flags (3 bits): Contains control flags for handling packet fragmentation. The three bits are used for the
"Don't Fragment" (DF) flag, the "More Fragments" (MF) flag, and a reserved flag (always set to 0).

7. Fragment Offset (13 bits): Used to identify the position of a fragment within the original
unfragmented datagram. It is measured in 8-byte units.

8. Time to Live (TTL) (8 bits): Represents the maximum number of hops (routers) that the packet can
traverse before being discarded. It prevents packets from circulating indefinitely in the network.

9. Protocol (8 bits): Specifies the protocol used in the data portion of the datagram, such as TCP, UDP,
ICMP, or others. This field helps the destination device know how to interpret the data.

10. Header Checksum (16 bits): Used for error detection in the header. It ensures the integrity of the
header during transmission.
 11. Source IP Address (32 bits): The 32-bit source IP address of the sender.

12. Destination IP Address (32 bits): The 32-bit destination IP address of the receiver

Layer 4(transport layer):

Layer 4 is known as the "Transport Layer." It is the fourth layer in the OSI model and the TCP/IP
model. The Transport Layer is responsible for end-to-end communication and managing the reliable and
efficient delivery of data between applications running on devices.

Functionality:

The Transport Layer manages the segmentation and reassembly of data, multiplexing and
demultiplexing of data streams using port numbers, and error handling and flow control for reliable data
delivery between applications running on devices.

Protocols:

The Transport Layer is mainly associated with the Transmission Control Protocol (TCP) and the User
Datagram Protocol (UDP). TCP provides reliable, connection-oriented data delivery, while UDP offers faster,
connectionless communication.

Addressing:

The Transport Layer uses port numbers to identify different applications running on devices. Port
numbers enable multiple applications to share the same IP address.

Transmission Control Protocol (TCP):

It is one of the core protocols of the Internet Protocol suite (TCP/IP) and is responsible for establishing
and maintaining reliable communication between devices over a network. TCP ensures that data is delivered
accurately and in the correct order from one device to another, typically over an IP-based network, such as the
internet.
 1. Source Port (16 bits): This field specifies the port number of the sender (source) application or process
that is sending the data.

2. Destination Port (16 bits): This field indicates the port number of the receiver (destination) application
or process that will receive the data.

3. Sequence Number (32 bits): This field represents the sequence number of the first data octet in the
current TCP segment. It is used to order the received data and manage data flow control.

4. Acknowledgment Number (32 bits): If the ACK flag is set (1) in the TCP header, this field contains the
next expected sequence number from the receiver. It acknowledges the successful receipt of data.

5. Data Offset (4 bits): Specifies the length of the TCP header in 32-bit words. It is necessary because TCP
allows for variable-length options. The minimum value for this field is 5 (indicating a 20-byte header).

6. Reserved (3 bits): Reserved for future use. Should be set to 0.

7. Control Flags (9 bits): These flags control the behavior of the TCP connection and include:

• URG (Urgent Pointer field is significant)

• ACK (Acknowledgment field is significant)

• PSH (Push Function)

• RST (Reset the connection)

• SYN (Synchronize sequence numbers)

• FIN (No more data from sender)

8. Window (16 bits): This field specifies the size of the receive window, which indicates the amount of
data (in bytes) the sender can transmit before receiving an acknowledgment.

9. Checksum (16 bits): The checksum is used for error-checking to ensure the integrity of the TCP header
and data.

10. Urgent Pointer (16 bits): If the URG flag is set, this field points to the last byte of urgent data in the
TCP segment.

11. Options (Variable): This field may include optional TCP parameters, such as Maximum Segment Size
(MSS), Selective Acknowledgment (SACK), and Timestamps.

User Datagram Protocol(UDP):

1. Source Port (16 bits): This field specifies the port number of the sender (source) application or process
that is sending the UDP datagram.
 2. Destination Port (16 bits): This field indicates the port number of the receiver (destination) application
or process that will receive the UDP datagram.
3. Length (16 bits): This field indicates the length of the UDP datagram, including the header and data,
measured in bytes. The minimum value for this field is 8 (indicating an 8-byte header).
4. Checksum (16 bits): The checksum is an optional field in UDP. If set to 0, it means no checksum is
used. If set to a non-zero value, the checksum is calculated to provide a level of error-checking for the
UDP header and data. However, unlike TCP, UDP does not have mechanisms for error recovery.

3 Way handshake:

The 3-way handshake is a fundamental process used in computer networking to establish a reliable connection
between two devices, typically in the context of TCP/IP (Transmission Control Protocol/Internet Protocol)
communication. The main purpose of the 3-way handshake is to ensure that both the sender and receiver are
ready to send and receive data before any actual data transmission begins. It involves three steps:

1. Step 1 - SYN (Synchronize): The process starts with the initiating device (often referred to as the
client) sending a TCP packet with the SYN (synchronize) flag set to the receiving device (usually
referred to as the server). This packet is sent to the server to request a connection.

2. Step 2 - SYN-ACK (Synchronize-Acknowledge): The server responds to the client's request by sending
a TCP packet with the SYN and ACK (acknowledge) flags set. The SYN flag indicates that the server
agrees to establish a connection, and the ACK flag acknowledges the receipt of the client's SYN
packet.

3. Step 3 - ACK (Acknowledge): Finally, the client acknowledges the server's response by sending a TCP
packet with the ACK flag set. This step completes the 3-way handshake, indicating that both devices
are ready to exchange data.
4 Way hand shake:

The term "4-way handshake" is commonly associated with the process used to terminate a TCP (Transmission
Control Protocol) connection. Unlike the 3-way handshake used to establish a connection, the 4-way
handshake is used to gracefully close an established connection between a client and a server. It involves four
steps to ensure that both parties agree to end the connection properly:

1. Step 1 - FIN (Client Initiates Closure): The client, wishing to close the connection, sends a TCP packet
with the FIN (Finish) flag set to the server. This packet indicates that the client has no more data to
send.

2. Step 2 - ACK (Server Acknowledges Closure Request): Upon receiving the FIN packet from the client,
the server acknowledges it by sending an ACK (Acknowledgment) packet back to the client.

3. Step 3 - FIN (Server Initiates Closure): Once the server has processed all data from the client and is
ready to close the connection, it sends its own FIN packet to the client.

4. Step 4 - ACK (Client Acknowledges Closure Request): The client responds to the server's FIN packet
with an ACK packet to acknowledge the server's request.
Socket programming:
Socket programming is a programming paradigm that enables communication between two or more
devices over a network. It allows applications running on different machines to exchange data by establishing a
connection through network sockets. A socket is a software abstraction of a network communication
endpoint, and socket programming provides an interface for developers to create, send, and receive data
between these endpoints.

Socket programming is commonly used in client-server applications, where one device acts as the server,
listening for incoming connections, and the other device acts as the client, initiating a connection to the server.
Once a connection is established, data can be exchanged bidirectionally.

Here's a brief overview of how socket programming typically works:

1. Creating a Socket: The first step in socket programming is to create a socket. This involves specifying
the address family (IPv4 or IPv6), the socket type (stream-oriented TCP or datagram-oriented UDP),
and the protocol (usually set to 0, as the operating system automatically selects the appropriate
protocol based on the socket type and address family).

Ex: int socket (int domain, int type, int protocol);//declaration

1.domain is address family(IPV4 or IPv6)

2.type is use to identify the socket which type it is.

Types of socket:

1.socket_stream (TCP)

2.socket_datagram(UDP)

3.socket_Raw(customized)

3.protocols: FTP,SMTP,HTTPS,HTTP ,etc..

2. Binding the Socket: For servers, the next step is to bind the socket to a specific IP address and port
number on the host machine. This allows the server to listen for incoming connections on that specific
address and port.
3. Listening (for Servers): Servers then start listening for incoming connection requests on the bound
address and port. When a client attempts to connect, the server's socket accepts the connection, and
a new socket is created specifically for that client-server communication.

4. Connecting (for Clients): Clients initiate a connection to the server by specifying the server's IP
address and port number. The client's socket attempts to connect to the server, and if successful, a
connection is established.

5. Data Exchange: Once a connection is established, both the client and server can send and receive
data using their respective sockets. This data exchange can be done synchronously (blocking) or
asynchronously (non-blocking) depending on the application's requirements.

6. Closing the Connection: When the data exchange is complete or when either party decides to
terminate the connection, the sockets are closed, releasing the network resources associated with the
connection.

ADDRESS RESULATION PROTOCOL(ARP):

ARP stands for Address Resolution Protocol. It is a
communication protocol used in computer networks to map an IP address (Internet Protocol address) to a
corresponding physical MAC (Media Access Control) address.

In modern computer networks, data is typically transmitted in the form of packets. Each packet
contains a source IP address and a destination IP address. However, in order to transmit the
packet over the physical network, the sender needs to know the MAC address of the destination
device, as MAC addresses are used at the data link layer to uniquely identify network interfaces

• Hardware Type: This field specifies the type of hardware (data link layer) used in the local network.
Commonly used values include 1 for Ethernet (IEEE 802.3) and 6 for IEEE 802.11 Wi-Fi networks.
 • Protocol Type: This field specifies the type of protocol being used at the network layer (Layer 3), such
as IPv4 (0x0800) or IPv6 (0x86DD).

• HLEN (Hardware Address Length): This field indicates the length of the hardware (MAC) address in
bytes. For Ethernet, this value is typically 6.

• PLEN (Protocol Address Length): This field indicates the length of the IP address in bytes. For IPv4,
this value is 4.

• Operation (Opcode): This field defines the purpose of the ARP packet. It can take one of the following
values:

• 1: ARP Request (the sender wants to know the MAC address of the target IP).

• 2: ARP Reply (the response to an ARP request, containing the requested MAC address).

• 3: RARP Request (Reverse ARP request used for old and obsolete systems).

• 4: RARP Reply (Reverse ARP reply, containing the requested IP address).

• 8: InARP Request (InARP, used for address resolution within the same IP subnet).

• 9: InARP Reply (InARP reply).

• Sender MAC Address (source): This field contains the MAC address of the sender (originating device)
that initiates the ARP request or response.

• Sender IP Address (source): This field contains the IP address of the sender (originating device) that
initiates the ARP request or response.

• Target MAC Address (destination): This field contains the MAC address of the target (destination)
device to which the ARP request or response is directed.

• Target IP Address (destination): This field contains the IP address of the target (destination) device to
which the ARP request or response is directed.

Routing:
Routing refers to the process of determining the path that data packets should take across a
network from the source to the destination.
Types of routing:

1.static routing:

Network administrators manually enter the network destinations and their corresponding
next-hop or exit interfaces into the routing table of each router in the network.

2.dynamic routing :

Dynamic routing is a network routing method that automatically learns and updates routing
information based on the current state of the network.

Ping protocol:
Ping is a network utility used to test the reachability of a host (typically a computer or a
server) on an Internet Protocol (IP) network.

"Ping protocol" is a term that is sometimes used informally to refer to the Internet Control Message
Protocol (ICMP) Echo Request and Echo Reply messages, which are the fundamental components of
the ping utility.

DNS(Domain Name System): DNS stands for "Domain Name System." It is a fundamental protocol
used in computer networks to translate human-readable domain names into their corresponding
numerical IP addresses.

DHCP(Dynamic Host Configuration Protocol):

DHCP stands for "Dynamic Host Configuration Protocol." It is a network management
protocol used to automatically assign and manage IP addresses, as well as other network
configuration parameters, to devices on a network.

Trace route :
Traceroute (also spelled as "trace route") is not a protocol itself but rather a network
diagnostic tool used to trace the path taken by data packets from the source to a destination over a
network, such as the internet. It helps identify the routers or network devices through which the
packets travel, along with the round-trip times (latency) at each hop.

NAT(Network Address Translation):

NAT stands for "Network Address Translation." It is a networking technique used to translate private
IP addresses within a local network to a single public IP address, allowing multiple devices within the
private network to share a common internet connection. NAT is primarily used to conserve public IP
addresses, as IPv4 (the current version of IP addresses) has a limited number of available addresses,
which are rapidly depleting.
Ping with in network:
Ping within the network refers to the communication between the device within the same network
area it is called ping within the network

`To find out both devices are in same network only mac address is required If both devices are in different
network ip address also required.

Sender needs to know the receiver is in same network or different network

To find both devices are in same network or different network To perform bitwise and operation between
sender IP address and the receiver ip address. If the result would be same IP address it means both devices are
in same network If the result would be all zeros both devices are different

For example Device A IP addresses 192 .168 .1 .1

Device B IP addresses 192 .168 .1 .2

192 .168 .1 .1 bitwise and operation with 192 .168 .1 .2

11000000.10101000.00000001.00000001

&

11000000.10101000.00000001.00000010

__________________________________

11000000.10101000.00000001.00000000 ==192.168.1.0

Don’t know the mac address of anyone of two devices address resolution protocol comes into
picture

Address resolution protocol is used to generate mac address using ip address IP address resolve into
mac address
For example two devices in local network area A and B devices

Device A know IP address and mac address. Device B don’t know mac address it has only IP address
now the cases the device sends data packet to device .

Device A send data packet to switch The switch will look up into Mac address table If Mac Entries
found in the Mac table It will directly send data packets Source to destination

Device a sent data packets to switch . The switch will look up into the mac address table If there is no
mac entries in the Mac table the switch will send Arp request to all the devices If Anyone of the
devices matches with target ip address and device ip address is same It will accept the request and
the remaining devices. Will reject the request.

After accepting the ARP request the device sends or reply to the speech, and the switch reply to the
source device And they will directly send icmp package to each other.

Ping in different network:

Ping in different network refers to the sender and receiver Both are in different networks

To find pink in different networks. To perform bitwise and operation between sender IP
address and the receiver Ip address. The result will be all zeros they are in different networks For
example

Device A IP address is 10 .0 .0 .0 .1

Device B IP address is 20.0 .0 .0 .2

000001010.00000000.00000000.0000001

&

00010100.00000000.00000000.00000000

__________________________________

00000000.00000000.00000000.00000000===0.0.0.0

The packet flow between device A and device B

Device a in one network and the device be in different network When the device A Wants to send data to
device B.

The data packet released from device a it goes to switch ,the switch will look up into Mac Address table If it is
the mac address matches with the default gateway mac address the data packet will send to that port To
router .

The router gets packet from the port and it verifies through routing table And it verifies the destination ip
address If it is matches with any device ip address in the network The pack go through the switch The which
will look up into mac table If any entry is found in that mca table it will directly send to that device
If there is no mac entries in the Mac table the switch will send Arp request to all the devices If
Anyone of the devices matches with target ip address and device ip address is same It will accept the
request and the remaining devices. Will reject the request.

After accepting the ARP request the device sends or reply to the speech, and the switch reply to the
source device And they will directly send icmp package to each other.