Networking Protocols & Technologies

The OSI model. Basic Information

(A PDU is a data type in this case)

The OSI (Open Systems Interconnection) model is a conceptual model that describes how different network protocols interact with each other. It consists of seven levels, each of which performs certain functions.:

• Application layer: Host-level data. Provides network services to end-user applications. Examples: HTTP, FTP, SMTP.

• Presentation level: Host-level data. Responsible for formatting, encrypting, and compressing data so that it can be understood by the application.

• Session level: Host level data. Manages communication sessions between applications by establishing, maintaining, and terminating connections.

• Transport level: Segment/Datagram. Ensures reliable and orderly data delivery between end systems. Examples: TCP, UDP.

• Network layer: Package. It is responsible for logical addressing (IP addresses) and packet routing between different networks. Examples: IP, ICMP.

• Channel (Data Link) level: Frame. Enables data transfer between devices on the same local network using physical (MAC) addresses. Examples: Ethernet, Wi-Fi.

• Physical level: Bit. It is responsible for the physical transmission of bits over network media (cables, radio waves). Examples: Ethernet cables, Wi-Fi radios.

Encapsulation is the process of "packing data". Encapsulation is the process of adding service information (headers) to data at each level of the network model (for example, TCP/IP or OSI). Decapsulation is the opposite.

The physical layer

It is responsible for the exchange of physical signals between physical devices, hardware. Physical layer devices operate with bits. They are transmitted over wires (for example, through fiber) or without wires (for example, via Bluetooth or IRDA, Wi-Fi, GSM, 4G, and so on).

Channel level

The second level solves the problem of addressing when transmitting information. The channel layer receives the bits and turns them into frames (also "frames"). The task here is to generate frames with the address of the sender and recipient, and then send them over the network. The channel layer has two sublevels, MAC and LLC. MAC (Media Access Control) is responsible for assigning physical MAC addresses, while LLC (Logical Link Control) verifies and corrects data and manages its transmission. Switches operate at the second OSI level, their task is to transfer the generated frames from one device to another, using only physical MAC addresses as addresses.

Network layer

At the third level, a new concept appears — routing. For this task, third—level devices were created - routers (they are also called routers). Routers receive the MAC address from switches from the previous layer and build a route from one device to another, taking into account all potential network problems. The ARP protocol (Address Resolution Protocol) is actively used at the network level. It converts 64-bit MAC addresses to 32-bit IP addresses and vice versa, thereby ensuring data encapsulation and decapsulation.

Transport level

His main task is to transport packages. When transmitting data that is most sensitive to losses at the transport layer, the TCP protocol is used to control the integrity of the delivered information. For multimedia files, small losses are not so important, the delay will be much more critical. To transmit such data, which is most sensitive to delays, the UDP protocol is used, which allows for communication without establishing a connection.

Session level

The session layer is responsible for maintaining a communication session. The fifth level provides a service to the following: it manages the interaction between applications, opens up the possibility of synchronizing tasks, completing a session, and exchanging information. An example of the fifth level is a video call over the network. During a video call, it is necessary that two data streams (audio and video) run synchronously. When a third person is added to the conversation of two people, it will be a conference. The task of the fifth level is to make sure that the interlocutors can understand who is speaking now.

Presentation level

The sixth level is concerned with representing data (which is still a PDU) in a way that is understandable to humans and machines. For example, when one device can display text only in ASCII encoding, and the other only in UTF-8, text translation from one encoding to another occurs at the sixth level. The sixth level also deals with the presentation of images (in JPEG, GIF, etc.), as well as video and audio (in MPEG, QuickTime). In addition to the above, the sixth level deals with data encryption, when it needs to be protected during transmission.

The application layer

The application layer is what users interact with, a kind of graphical interface for the entire OSI model, with which it interacts to a minimum. The task of the seventh level is to use its protocols so that the user sees the data in a way that he understands.

The network layer

IP protocol

The protocol of inter-network communication. The purpose of the protocol is to connect networks built using different link layer technologies. It is used for data transmission (without a guarantee of delivery, without preserving the order of messages). To perform its functions, the protocol defines its own packet format. The main information fields of the packet header are:

• The IP addresses of the sender and recipient are intended to identify the sender and recipient (see IP addressing);

• Packet Lifetime (Time To Live, TTL) - defines the time that an IP packet can be on the network, and is designed to prevent "stray packets" from cluttering up the network;

• fields intended for packet fragmentation (see IP fragmentation);

• fields designed to control packet processing (packet and header length, header checksum, service type, etc.).

Pv4 uses a 32-bit address scheme, allowing it to store 2^32 addresses (4.19 billion addresses). IPv6 is a 128-bit IP address that supports 2^128 Internet addresses in total. Using IPv6 not only solves the problem of limited network address resources, but also removes barriers for many Internet-connected devices.

ICMP Protocol

It is used to diagnose network connectivity issues. In simple terms, ICMP helps determine whether a packet can reach its destination address within a specified time frame. ICMP is usually used by routers and third-level devices. The second, and perhaps one of the most popular uses of ICMP are the ping and traceroute utilities. The term “ping" is related to the ICMP protocol, and “ping" a host means sending ICMP packets in order to understand whether the target device is responding to them. The traceroute command allows you to find out where the package is currently located and why it cannot be delivered along the specified route.

OSPF Protocol

Dynamic routing protocol based on link-state technology (link-state technology). Where does OSPF start? After establishing a neighborhood between the routers— after activating OSPF on the router interfaces, the routers begin to send Hello messages. This message is sent to the multicast address 224.0.0.5 every 10 seconds (Hello Timer).

Stages of OSPF operation

Studying network topology:

• Routers study connected networks and their nearest neighbors.

• Topology information is distributed throughout the network via an avalanche link (flooding)

Calculating the cost of routes in the network:

• It is performed after the full network configuration is known.

• Each router performs the calculation independently

Updating network configuration information:

• Routers check the availability of neighbors

• Sending information about network configuration changes

RIP Protocol

RIP is probably the oldest (relative to the listed) routing protocol. It is used in small networks. Periodically (once every 30 seconds), each router broadcasts a copy of its routing table to all neighboring routers that it is directly connected to. The receiving router looks at the table. If there is a new path or a message about a shorter route in the table, or there have been changes in the length of the path, these changes are recorded by the recipient in his route table.

ARP Protocol

Address resolution protocol. The ARP protocol allows you to automatically determine the MAC address of a computer by its IP address. The protocol operates in the request-response mode.

Transport level

TCP Protocol

TCP is a transport protocol for data transmission in TCP/IP networks that pre–establishes a connection to the network. It runs slower, while ensuring 100% delivery of all packages. Before starting data exchange, this protocol requires establishing a connection between two hosts. This protocol is highly reliable because it allows you not to lose data during transmission, requests confirmation of receipt from the receiving party and, if necessary, resends the data. At the same time, the data packets sent retain the sending order, that is, we can say that the data transmission is ordered. The disadvantage of this protocol is the relatively low data transfer rate, due to the fact that reliable and orderly delivery requires additional overhead costs.

UDP Protocol

UDP is a transport protocol that transmits datagram messages without the need to establish an IP network connection. It works faster, but it does not guarantee delivery of all packages.

PPTP protocol

A point-to-point tunnel protocol that allows a computer to establish a secure connection to a server by creating a special tunnel in a standard, unsecured network. PPTP places (encapsulates) PPP frames in IP packets for transmission over a wide-area IP network, such as the Internet. PPTP can also be used to establish a tunnel between two local networks. The RTP uses an additional TCP connection to service the tunnel.

L2TP Protocol

In computer networks, a tunnel protocol used to support virtual private networks. Presentation level

TLS Protocol

The TLS (Transport Layer Security) protocol is one of the most popular protocols designed to establish a secure communication channel on the Internet. It is based on the SSL (Secure Sockets Layer) protocol specification. Cryptographic protocols that provide secure data transmission in a computer network. They are widely used in web browsers, as well as when working with email, instant messaging, and IP telephony. A TLS-protected connection has one or more of the following properties:

• Security: symmetric encryption protects the transmitted information from being read by unauthorized persons.

• Authentication: The "identity" of the connection participant can be verified using asymmetric encryption.

• Integrity: Each message contains a code (Message Authentication Code, MAC), which can be used to verify that the data has not been changed or lost during transmission.

Since most communication protocols can be used with or without TLS/SSL, when establishing a connection, it is necessary to explicitly indicate to the server whether the client wants to install TLS. One way to achieve this is to use a port where the connection is always established using TLS (for example, 443 for HTTPS). Another way is to use a special command to the server from the client to switch the connection to TLS (for example, STARTTLS for email protocols).

The application layer

HTTP/HTTPS Protocol

HTTP Protocol, or Hyper Text Transfer Protocol, is a protocol for transferring hypertext markup that is used to transfer data on the Internet.

HTTPS is not really a protocol. This extension of the HTTP protocol is a combination of two protocols: HTTP and SSL or HTTP and TLS.

The HTTP server uses the same well-known TCP port 80 (or port 443 for HTTPS) to send responses to client commands. When the HTTP server completes processing the client's command, it returns an ASCII response string that includes a 3-digit numeric status code. The client's software uses this numeric response to determine whether the operation was successful or failed.

SMTP Protocol

The mail transfer protocol.

FTP protocol

An access protocol designed for remote file transfer. In simple words, FTP allows you to view the contents of folders on a remote server via the Internet. Technically, an FTP server is a computer that external users connect to. They run a special FTP client on their computers that attempts to connect. The client allows you to upload and download files from the server. For communication, port 21 is usually used, which is open on the server computer by default. The client connects to it and goes to the control channel.

SSH Protocol

This is a special protocol for transferring data in safe mode. It is very often used for remote control of computers and devices over a network. Port 22.

BGP Protocol

This is the main dynamic routing protocol that is used on the Internet. It is used for autonomous systems.

Routers using the BGP protocol exchange information about network availability. Along with network information, various attributes of these networks are transmitted, which BGP uses to select the best route and configure routing policies. One of the main attributes that is transmitted with route information is a list of autonomous systems through which this information has passed. This information allows BGP to determine where the network is located relative to autonomous systems, eliminate routing loops, and can also be used to configure policies. Port 179.

DHCP protocol

Protocol for automating the assignment of an IP address to a client. It is widely used in modern networks. An IP address can be assigned manually to each client, i.e. to a computer on the local network. But in large networks, this is very time-consuming, and besides, the larger the local network, the higher the probability of a setup error increases. Therefore, the DHCP protocol was created to automate IP assignment. In addition to automating the IP configuration process, DHCP makes it easier to diagnose connections and switch from one subnet to another, leaving notifications for the system administrator in the logs.

When the DHCP server allocates an IP from an area, it leaves a record stating that this address is reserved for the client, indicating the IP expiration date. This period of validity is called the lease time. The rental period can range from 24 hours to several days, weeks or even months, it is set in the settings of the server itself.

The DNS Protocol

DNS (Domain Name System, domain Name System) is a technology that provides the browser with the ability to find a specific site by its name using DNS servers.

The domain name system does not work in a virtual space, but on certain physical devices. All domain data is stored in record format on computers equipped with the appropriate software.

The user enters the domain name in the browser's address bar, and the domain name converter accesses the DNS server. After receiving the IP address, the server transmits it to the user's browser.

What is the address?

First, we access our database (if we have already searched for this site before), if not, we go to the operating system database (if we have already entered the address, but for example we deleted the cache, the hosts file), if not, we access the database of our provider (beeline, MTS), if not – we turn to the root DNS server (domain zones of the country), there are 13 of them in total.

RDP Protocol

The RDP protocol is a protocol for connecting a user to a remote desktop via a terminal server. The principle of operation of RDP is based on the TCP protocol. The client-server connection takes place at the transport layer. After initialization, the user authenticates. In case of successful confirmation, the server transfers control to the client.

The RDP protocol internally supports virtual channels through which additional operating system functions are transmitted to the user, for example, you can print a document, play a video, or copy a file to the clipboard.

SMB Protocol

The SMB protocol is a network protocol for file sharing that allows computer applications to read and write files, as well as request services from server programs on a computer network. The SMB protocol can be used on top of TCP/IP or other network protocols. Using the SMB protocol, an application (or the user using it) can access files and other resources of a remote server. This allows applications to read, create, and update files on a remote server. SMB can also communicate with any server program that is configured to receive SMB client requests.

LDAP Protocol

The LDAP Protocol, or Lightweight Directory Access Protocol, is an open protocol used to store and retrieve data from a directory with a hierarchical structure. Typically used to store information about an organization, its assets, and users, LDAP is a flexible solution for defining any type of entity and its properties.

LDAP, or Lightweight Directory Access Protocol, is a communication protocol that defines the methods in which a directory service can be accessed. More generally, LDAP shapes the way data inside a directory service should be presented to users, defines the requirements for the components used to create data records inside a directory service, and describes the way in which various primitive elements are used to compose records.

Telnet Protocol

The TCP-based telnet protocol allows you to send simple text commands to a remote server to manually manage processes and enable interaction between them. Despite the widespread switch to SSH, the utility continues to be widely used.