Skip to content

Networking Concepts

A short theory page without the heavy copy-paste and image clutter from older cheat sheets.

OSI and TCP/IP

OSI

  1. Physical
  2. Data Link
  3. Network
  4. Transport
  5. Session
  6. Presentation
  7. Application

TCP/IP

  1. Link
  2. Internet
  3. Transport
  4. Application

In practice, it is useful to think about it like this:

  • L2: Ethernet, MAC, VLAN, ARP
  • L3: IPv4, IPv6, routing, ICMP
  • L4: TCP, UDP
  • L7: DNS, HTTP, SSH, SMTP

IP Addressing

Example:

192.168.10.25/24

  • 192.168.10.0 is the network
  • 192.168.10.25 is the host address
  • /24 is the prefix length

Private IPv4 Ranges

  • 10.0.0.0/8
  • 172.16.0.0/12
  • 192.168.0.0/16

Special Addresses

  • 127.0.0.1 loopback
  • 0.0.0.0 unspecified or default
  • 255.255.255.255 broadcast
  • 169.254.0.0/16 link-local or APIPA

IPv4 vs IPv6

  • IPv4 uses 32 bits
  • IPv6 uses 128 bits
  • IPv6 is written as hex groups separated by :
  • In dual-stack environments, troubleshooting must account for both stacks, not just IPv4

Routing

A router makes decisions based on the route table. If no more specific route exists, traffic usually goes through the default gateway.

Useful questions:

  • Is there a route to the target network?
  • What is the next hop?
  • Is the return path symmetric?

NAT

NAT rewrites the source or destination address. The most common DevOps case is a private workload reaching the outside world through a single public IP.

DNS

DNS resolves names into records such as:

  • A
  • AAAA
  • CNAME
  • MX
  • TXT
  • NS
  • PTR

Basic flow:

  1. The client talks to a resolver.
  2. The resolver goes to the root if needed.
  3. Then it queries the TLD.
  4. Then it reaches the authoritative nameserver.
  5. The answer is cached according to TTL.

Proxy

  • a forward proxy acts on behalf of the client
  • a reverse proxy accepts traffic for an application and forwards it to a backend

The most common reverse proxy in infrastructure work is Nginx.

Firewall and Ports

  • a TCP or UDP port is a transport-layer concept
  • connection refused usually means the host is reachable but no service is listening
  • timeout more often points to a firewall, routing issue, or silently dropped traffic

Practice

  • During troubleshooting, think in layers rather than in tool names.
  • If DNS is broken, that does not automatically mean the whole network is broken.
  • If ping works, that does not guarantee TCP 443 works too.