Basics of Computer Networking

Computer networking is a cornerstone of modern technology, enabling the interconnected systems that
power the Internet, business communications, and everyday digital interactions. Understanding the
fundamentalsofcomputernetworkingisessentialforanyoneinvolvedintechnology,from enthusiaststo
professionals. This article will explore the basics of computer networking, including network types,
components, protocols, and essential services like the Domain Name System (DNS).
What is a Computer Network?
A computer network is a collection of interconnected devices that share resources and information.
These devices can include computers, servers, printers, and other hardware. Networks allow for the
efficient exchange of data, enabling various applications such as email, file sharing, and internet
browsing.
How Does a Computer Network Work?
Basics building blocks of a Computer network are Nodes and Links. A Network Node can be illustrated as
Equipment for Data Communication like a Modem, Router, etc., or Equipment of a Data Terminal like
connecting two computers or more. Link in Computer Networks can be defined as wires or cables or free
space of wireless networks.
TheworkingofComputerNetworkscanbesimplydefinedasrulesorprotocolswhichhelpinsending and receiving
data via the links which allow Computer networks to communicate. Each device has an IP Address, that
helps in identifying a device.
Basic Terminologies of Computer Networks
 Network: A network is a collection of computers and devices that are connected together to enable
communication and data exchange.
 Nodes: Nodes are devices that are connected to a network. These can include computers, Servers,
Printers, Routers, Switches, and other devices.
 Protocol: A protocol is a set of rules and standards that govern how data is transmitted over a
network. Examples of protocols include TCP/IP, HTTP, and FTP.
 Topology: Network topology refers to the physical and logical arrangement of nodes on a network.
The common network topologies include bus, star, ring, mesh, and tree.
 Service Provider Networks: These types of Networks give permission to take Network Capacity and
Functionality on lease from the Provider. Service Provider Networks include Wireless
Communications, Data Carriers, etc.
 Types of Enterprise Computer Networks
 LAN: A Local Area Network (LAN)is a network that covers a small area, such as an office or a home.
LANs are typically used to connect computers and other devices within a building or a campus.
 WAN: A Wide Area Network (WAN)is a network that covers a large geographic area, such as a city,
country, or even the entire world. WANs are used to connect LANs together and are typically used for
long-distance communication.
 Cloud Networks: Cloud Networks can be visualized with a Wide Area Network (WAN) as they can be
hosted on public or private cloud service providers and cloud networks are available if there is a
demand. Cloud Networks consist of Virtual Routers, Firewalls, etc.
These are just a few basic concepts of computer networking. Networking is a vast and complex field, and
there are many more concepts and technologies involved in building and maintaining networks. Now we
are going to discuss some more concepts on Computer Networking.
 Open-system:Asystemthatisconnectedtothenetworkandisreadyforcommunication.
 Closed-system:Asystemthatisnotconnectedtothenetworkandcan’tbecommunicatedwith.
Types of Computer Network Architecture
Computer Network fall sunder these broad Categories:
 Client-Server Architecture: Client-Server Architecture is a type of Computer Network Architecture in
which Nodes can be Servers or Clients. Here, the server node can manage the Client Node Behavior.
 Peer-to-Peer Architecture: In P2P (Peer-to-Peer) Architecture, there is not any concept of a Central
Server. Each device is free for working as either client or server.
 Network Devices
An interconnection of multiple devices, also known as hosts, that are connected using multiple paths for the
purpose of sending/receiving data or media. Computer networks can also include multiple
devices/mediumswhichhelpinthecommunicationbetweentwodifferentdevices;theseareknown as Network
devices and include things such as routers, switches, hubs, and bridges.
Network Topology
The NetworkTopologyisthelayoutarrangementofthedifferentdevicesinanetwork.Common examples include
Bus, Star, Mesh, Ring, and Daisy chain.

Network Protocols
A protocol is a set of rules or algorithms which define the way how two entities can communicate across the
network and there exists a different protocol defined at each layer of the OSI model. A few such protocols
are TCP, IP, UDP, ARP, DHCP, FTP, and so on.
Transmission Control Protocol/Internet Protocol(TCP/IP)
Function:Thefoundationalprotocolsuiteoftheinternet,enablingreliablecommunication.
Components:
TCP:Ensuresdataisdeliveredreliablyandinorder.
IP:RoutesdatapacketstotheirdestinationbasedonIPaddresses.
Hypertext Transfer Protocol(HTTP) and HTTPS Function: The
protocols used for transmitting web pages. HTTP:
Unsecured communication.
HTTPS:SecuredcommunicationusingSSL/TLSencryption.
Simple Mail Transfer Protocol (SMTP)
Function: Protocol for sending email.
Components:WorkswithotherprotocolslikePOP3andIMAPforemailretrieval.
FileTransferProtocol(FTP)
Function:Protocolfortransferringfilesbetweencomputers.
Components:Includescommandsforuploading,downloading,andmanagingfilesonaremoteserver.
DynamicHostConfigurationProtocol(DHCP)
Function: Automatically assigns IP addresses to devices on a network.
Components: Reduces manual configuration and IP address conflicts.
Function: Translates human-friendly domain names into IP addresses.
Components: Ensures seamless navigation on the internet.
Unique Identifiers of Network
Hostname: Eachdeviceinthenetworkisassociatedwithauniquedevicenameknownas Hostname.
Type“hostname”inthecommandprompt(AdministratorMode)andpress‘Enter’,this displays the
hostname of your machine.
 HostName

IPAddress(InternetProtocoladdress):AlsoknownastheLogicalAddress,theIPAddressisthe network address of

the system across the network. To identify each device in the world-wide-web, the Internet Assigned
Numbers Authority (IANA) assigns an IPV4 (Version 4) address as a unique identifier to each device on the
Internet. The length of an IPv4 address is 32 bits, hence, we have 232 IP addresses available. The length of
an IPv6 address is 128 bits.
In Windows Type “ipconfig” in the command prompt and press ‘Enter’, this gives us the IP address of the
device. For Linux, Type “ifconfig” in the terminal and press ‘Enter’ this gives us the IP address of
thedevice.
MAC Address (Media Access Control address): Also known as physical address, the MAC Addressis the
unique identifier of each host and is associated with its NIC (Network Interface Card). A MAC address is
assigned to the NIC at the time of manufacturing. The length of the MAC address is: 12-nibble/ 6 bytes/
48 bits Type “ipconfig/all”in the command prompt and press ‘Enter’, this gives us the MAC address.
Port: A port can be referred to as a logical channel through which data can be sent/received to an
application. Any host may have multiple applications running, and each of these applications is identified
using the port number on which they are running.
A port number is a 16-bit integer, hence, we have 216 ports available which are categorized as shown
below:
PortTypes Range

WellknownPorts 0–1023

RegisteredPorts 1024–49151

EphemeralPorts 49152–65535

Number of ports: 65,536

Range: 0 – 65535
Type“netstat-a”inthecommandpromptandpress‘Enter’,thislistsalltheportsbeingused.
 ListofPorts

Socket: The unique combination of IP address and Port number together is termed a Socket.
Other Related Concepts
DNSServer: DNSstandsfor DomainNameSystem. DNSisbasicallyaserverthattranslatesweb addresses or
URLs (ex: www.google.com) into their corresponding IP addresses. We don’t have to remember all the IP
addresses of each and every website. The command ‘nslookup’ gives you the IP address of the domain you
are looking for. This also provides information on our DNS Server.

DomainIPAddress

TypesofSwitchesinComputerNetwork
Switchesincomputernetworks are devices thatconnectmultipledevices (like computers,and printers)
withinanetwork.Theymanagedatatrafficefficientlybydirectingdataonlytothedevicesthatneedit,enhancing
network performance. Unlike hubs, switches operate at the data link layer (Layer 2) of the OSI model, making
decisions based on MAC addresses. They are crucial for creating reliable and fast local area networks (LANs).
Switches are the connectivity points of an Ethernet network. These are small devices that can receive data
from multiple input ports and send it to the specific output port that takes data to its intended destination
in the network.
CharacteristicsofaSwitch
Beforewediveintodifferenttypesof switches,let’sunderstand somekeyfeaturesofaswitch:
 In a switch, two important things to know are its “poles” and “throws.” A pole is where an electrical
contactismade,andathrowishowmanydifferent contactseachpolecan connectto.Thenumberof poles
 and throws tells you how the switch works and what it can connect to in a circuit.
 Inswitches,youoftenfind twostandardtypes:Single,whichhasonecontactpointoroneconnection,
andDouble,whichhastwo contactpointsortwoconnections.Thesetermsdescribe howswitchesare built
and what they can do in electronic devices.
 If aswitchhasmorethantwopolesorthrows,weusuallyjuststatethenumberdirectly.Forexample,a switch
with three poles and six throws is called a “3P6T” switch.
 Momentaryswitches,likepushbuttons,makecontactonlywhiletheyarepressed.They’reusedfor brief
actions or as long as you hold the button.
 Latchedswitches,ontheotherhand,maintaintheircontactpositionuntiltheyareswitchedtothe other
position.
TypesofSwitchesinComputerNetwork
Therearedifferenttypesofswitches inanetwork.Theseare:
 Mechanical Switches
o SinglePole SingleThrowSwitch (SPST)
o SinglePoleDoubleThrowSwitch (SPDT)
o DoublePoleSingleThrowSwitch(DPST)
o DoublePoleDoubleThrowSwitch (DPDT)
o ToggleSwitch
o Limit Switch
o PressureSwitches
o Temperature Switches
o JoystickSwitch
o Rotary Switches
 ElectronicSwitches
o Power Diode
o MOSFET
o SCR
 ManagedSwitches
o Smart Switches
o Enterprise-ManagedSwitches
o LAN Switches
o PoESwitches
 UnmanagedSwitches
 Layer2Switches
 Layer3Switches
Mechanical Switches
Mechanical switches are physical switches that you activate by physically moving, pressing, releasing, or
touching their contacts. Mechanical switches come in different types depending on things like how theyare
activated (manual, limit, or process switches), how many contacts they have (single or multi-contact
switches), the number of poles and throws (like SPST, DPDT, SPDT), their design and operation (push
button, toggle, rotary, joystick), and whether they are momentary or locked.
Someimportantmechanicalswitchesarediscussbelow:SinglePoleSingleThrowSwitch (SPST)
 Thisisasimple ONandOFFswitch thathasoneinput contact andoneoutput contact.
 Itcontrolsasinglecircuit,eitherallowingcurrenttoflow(ON)orstoppingit (OFF).
 TheSPSTswitchcanhavecontactsthatarenormallyopen(notconnectedinthedefaultstate)or
normally closed (connected in the default state).
SinglePoleDoubleThrow Switch (SPDT)
 Thisswitchhasthreeterminals:oneistheinputcontact andtheothertwoareoutput contacts.
 It hastwoONpositionsandoneOFFposition.
 Typically,theseswitchesareusedtoalternatebetween twooutputsforagiveninput.
 The contact that isconnectedtotheinputbydefaultiscalledthenormallyclosed contact,andthe
contact that is connected during the ON operation is called the normally open contact.
DoublePoleSingleThrow Switch (DPST)
 Thisswitchhasfourterminals:twoareinput contactsandtwoareoutput contacts.
 ItfunctionsliketwoseparateSPSTswitchesthatworksimultaneously.
 ThereisonlyoneONposition,butbothswitchescanactivatetheirrespectivecontactsatthesame time,
connecting each input to its corresponding output.
 WhenintheOFFposition,bothswitchesareopen.
 Theseswitchesareusedtocontroltwodifferentcircuitssimultaneously.
 Thecontactsofthisswitch canbeeithernormallyopen ornormallyclosed configurations.
DoublePoleDoubleThrow Switch (DPDT)
 ThisisadualON/OFFswitch withtwoONpositions.
 Ithassixterminals:twoinput contactsandfouroutput contacts.
 ItworksliketwoseparateSPDTswitchesoperatingatthesametime.
 Inoneposition,thetwoinput contactsareconnectedtoonesetofoutputcontacts.Intheother
position, the input contacts are connected to the other set of output contacts.
ToggleSwitch
 Atoggleswitchismanuallyoperatedusingahandle,lever,orrockingmechanism.It’softenusedto control
lights.
 Theseswitchestypicallyhave multiplepositionsfortheirlevers,suchasSPDT,SPST,DPST,andDPDT.
 Theycanhandlehigh currents,upto10amps,orsmallcurrents.
 Toggleswitchescomeinvariousratings,sizes,and stylesfordifferentapplications.
 TheONpositioncanbeatanyleverposition,butconventionally,thedownwardposition isconsidered ON or
closed.
Limit Switch
 Theyaredesignedtooperatebasedonthepresenceorabsenceofobjects,orthemovementof
machinery rather than human hand operation.
 Theseswitchesuseabumper-typearmthatreactswhenanobjectmakescontact withit.Whenthis
happens, it triggers a change in the position of the switch contacts.
Pressure Switches
 Theseswitchesarewidelyusedinindustrialsettingstomonitorthepressureofhydraulicand
pneumatic systems.
 Dependingonthepressurerangetheymeasure,theyareclassifiedintodiaphragm-operated,metal
bellow, and piston-type pressure switches.
 Inallthesetypes,apressure sensingelementtriggersasetofcontacts,whichcanbeeitherdouble- pole or
single-pole.
 Thesymbolfortheseswitchesfeaturesahalf-circleconnectedtoaline,withthe flat part.
 Theycanbeconfiguredasnormallyopenornormallyclosed switches.
Temperature Switches
 Themostcommonheatsensingelementisthebimetallicstrip,whichworksbyutilizingthermal
expansion.
 Bimetallicstripsaremadebybondingtwometalswithdifferentratesofthermal expansion.
 Whentemperaturechanges,thestripbendsorwarps,activatingtheswitchcontacts.
 Anothermethod usesamercuryglasstube:asthebulbheatsup,themercuryinside expands,creating
pressure that triggers the switch contacts.
JoystickSwitch
 Joystickswitchesarehandheld controldevicesusedinportableequipment.Theyhavealeverthat moves
in multiple directions.
 Whenyoumovethelever,itactivates oneormoreswitchcontacts.
 Joysticksaregreatforcontrolling movementslikeup,down,left,and right.
 They’recommonlyusedinmachinery,cablecontrols,andcranes.
Rotary Switches
 Theseswitchesareusedtoconnectonelinetoseveralothers.
 They’refoundinelectricalmeters(forrangeselection),communicationdevices(forchannelselection), and
multi-band radios (for band selection).
 Theseswitchescomeinvariousconfigurationslikesinglepole12-way,3-pole4-way,2-pole6-way,and 4-pole
3-way, depending on the number of poles (lines connected) and throws (ways to connect)
 Theyhaveaknob(movingcontact)thatconnectswithmultiplefixed contacts.
ElectronicSwitches
Electronic switches operatedifferentlyfrom mechanical switchesbecausetheydon’t need physical contact to
control a circuit. Instead, they use semiconductor technology to activate and deactivate. Electronic
switches are often referred to as Solid State switches because they lack physical moving parts andtherefore
have no physical contacts. Semiconductor switches, such as transistors, SCRs, MOSFETs, TRIACs, and IGBTs,
are commonly used to control various appliances like motor drives and HVAC equipment. These solid state
switches come in different types and sizes, catering to consumer, industrial, and automotive needs with
varying ratings.
PowerDiode
 Adiodecanswitchbetweentwostates:ahighimpedancestateandalowimpedance state.These states
control how easily electricity can pass through it.
 DiodesaremadefromsemiconductormaterialslikeSilicon andGermanium.Forpowerdiodes,Silicon is
commonly used because it can handle higher currents and temperatures at the junction where the
materials meet.
 Adiodeiscreatedbyjoiningtogethertwotypesofsemiconductors:p-typeandn-type.Thisjunction is called a
PN junction.
 A diode has two parts, the anode and the cathode, which are its two terminals. These terminals
determinehowelectricityflowsthroughthediode,allowingittocontrolcurrent inelectroniccircuits.
MOSFET
 The MOSFET is a very popular semiconductor device used for switching in electronics. It’s called a
MetalOxideSemiconductor FieldEffectTransistor.It’sknownforbeingunipolar,meaningitusesonly one
type of charge carrier, and it can switch on and off very quickly, even at high frequencies.
 Inelectronicpowerapplications,theMOSFETisthego-tochoice.Ithasthreeimportant parts:thedrain (where
theoutput goes),the source(which isthecommon connection),and the gate(whereyou giveit commands).
SCR
 ASiliconControlledRectifier(SCR)isahigh-speedswitchingdevicecommonlyusedforpowercontrol
applications. It operates as a unidirectional switch similar to a diode, with three terminals: anode,
cathode, and gate.
 ToturnanSCRONorOFF,youcontrolitsgateinputandadjustthebiasingconditionsbetweenthe anode
and cathode terminals.
 TheSCRisstructured withfourlayersofalternatingP(positive)andN(negative)semiconductor
materials. The boundaries between these layers form junctions labeled as J1, J2, and J3. These
junctions play a critical role in the SCR’s operation and switching characteristics.
ManagedSwitches
These types of switches have many features like the highest levels of security, precision control, and full
management of the network. These are used in organizations containing a large network and can be
customized to enhance the functionality of a certain network. These are the most costly option but their
scalability makes them an ideal option for a network that is growing. They are achieved by setting a simple
network management protocol(SNMP).
Advantages
 Controlovernetwork traffic.
 Enhancedsecurityand performance.
 Remotemanagementandmonitoringcapabilities.
Disadvantages
 Moreexpensivethanunmanagedswitches.
 Requirestechnicalexpertisetosetupand configure.
TypesofManagedSwitches
Smart Switches
These switches offer basic management features with the ability to create some levels of security but have
a simpler management interface than the other managed switches. Thus they are often called partially
managed switches. These are mostly used in fast and constant LANs which support gigabit data transfer
and allocations. It can accept the configuration of VLANs (Virtual LAN).
Enterprise-ManagedSwitches
They have features like the ability to fix, copy, transform and display different network configurations,
along with a web interface SNMPagent and command-line interface. These are also known as fully
managed switches and are more expensive than smart switches as they have more features that can be
enhanced. These are used in organizations that contain a large number of ports, switches, and nodes.
LAN Switches
These are also known as Ethernet switches or data switches and are used to reduce network congestion or
bottleneck by distributing a package of data only to its intended recipient. These are used to connectpoints
on a LAN.
PoESwitches
PoE switches are used in PoE technology which stands for power over Ethernet that is a technology that
integrates data and power on the same cable allowing power devices to receive data in parallel to power.
Thus these switches provide greater flexibility by simplifying the cabling process.
UnmanagedSwitches
These are the switches that are mostly used in home networks and small businesses as they plug in and
instantly start doing their job and such switches do not need to be watched or configured. These require
only small cable connections. It allows devices on a network to connect such as a computer to a computer
or a computer to a printer in one location. They are the least expensive switches among all categories.
Advantages
 Simpletoinstalland operate.
 Inexpensive
Disadvantages
 Lackofcontrolovernetworktraffic.
 Limitedsecurityand performance.
Layer2 Switches
These are the most common type of switches used inlocal area networks(LANs). They operate at the data
link layer (Layer 2) of theOSI modeland are used to connect devices within a network, such as computers,
printers, and servers. Ethernet switches forward Ethernet frames based on MAC addresses.
Advantages
 Fastandefficienttrafficforwarding.
 Canhelpreducenetworkcongestion.
Disadvantages
 Limitedcontrolovernetworktraffic.
 No supportforLayer3 protocols.
Layer3 Switches
These switches combine the features of traditional Layer 2 Ethernet switches with routing capabilities
foundinrouters.TheycanmakeforwardingdecisionsbasedonIPaddressesaswellasMACaddresses,allowing
them to route traffic between different subnets or VLANs (Virtual Local AreaNetworks).
Advantages
 Advancedroutingcapabilities.
 Networksegmentation.
 Increasedperformanceand scalability.
Disadvantages
 MoreexpensivethanLayer 2switches.
 Requirestechnicalexpertisetoconfigureandmanaged.
 Top5Usesof aNetwork Switch
Whensettingupnetworkswitches, ITmanagersshould keeptheseusecasesandapplications in mind:
UsesofNetworkSwitches
 Connectwithmultiplehostssimultaneously.
 Offloadnetworktraffic:reducetheamountofdatathattravelsthroughanetworkbydivertingsome of it to
alternative paths or methods.
 OptimizeLANbandwidth: improvetheefficiencyofdatatransferwithinalocalareanetworktoensure faster
and smoother communication between devices.
 Populate theMACaddress table:fillinthetablethatmapsMACaddressestotheir corresponding
network ports, enabling the network switch to efficiently forward data to the correct devices.
EnableMACfilteringandotheraccesscontrolfeatures: activatesettingsthatallowanetworkdevice to permit or
deny connections based on the MAC addresses of devices trying to access the network, enhancing security
and control over network access.

What is a Router?

ARouterisanetworkingdevicethatforwardsdatapacketsbetweencomputernetworks.Oneor morepacket-
switched networksor subnetworks can be connected using a router. By sending data packets to their
intended IP addresses, it manages traffic between different networks and permits several devices to share
an Internet connection.
Let us understand this by a very general example, suppose you search forwww.google.comin your web
browser then this will be a request that will be sent from your system to Google`s server to serve that
webpage, now your request which is nothing but a stream of packets don`t just go to the google`s server
straightaway they go through a series of networking devices known as a router which accepts this packets
and forwards them to correct path and hence it reaches to the destination server. A router has several
interfaces by which it can connect to several host systems. Routers are the devices that are operated onthe
Network Layer of the OSI Model, these are the most common devices used in networking.

HowDoesRouterWork?
 Arouterdetermines apacket’s future pathbyexaminingthedestination IPaddressoftheheaderand
comparing it to the routing database. The list of routing tablesoutlines how to send the data to a
specific network location. They use a set of rules to determine the most effective way to transmit
thedatatothespecifiedIPaddress.
 To enable communication between other devices and the internet, routers utilize a modem, such as a
cable, fiber, or DSL modem. Most routers include many ports that can connect a variety of devices to
theinternetsimultaneously. In ordertodecidewheretodeliverdataandwhere trafficiscomingfrom, it
needs routing tables.
 A routingtableprimarilyspecifiesthe router’s defaultpath. Asa result,itmight notdeterminethe
optimumpathtoforward thedataforaparticular packet.Forinstance,theofficerouterdirectsall
networks to its internet service provider through a single default channel.
 Static and dynamic tables come in two varieties in the router. The dynamic routingtables are
automaticallyupdatedbydynamicroutersbasedonnetworkactivity,whereasthestaticroutingtables
are configured manually.
TypesofRouter
Thereareseveraltypesof routers.Someofthemarementionedbelow:
1. BroadbandRouters: These areoneoftheimportant kindsof routers.Itisusedtododifferenttypesof things.
it is used to connect computersor it is also used to connect to the internet.
2. Wirelessrouters:Theseroutersareusedtocreateawirelesssignalinyourofficeorhome.
3. WiredRouters:WiredRouterisusedtoconnectsmultiplewireddevicesusingaEthernetcable,Ittakes the
transmission data from the modem and distribute it to a further network, it is widely used in schools
and small offices.
4. EdgeRouters:Asthename indicates,thesearelocatedattheedgesusuallyconnectedtoanInternetService
Provider, and distribute packets across multiple packets.
5. CoreRouters:Coreroutersdistributepacketswithinthesamenetwork.Themaintaskistocarryheavy data
transfers.
6. VirtualRouter:Theyareimplementedusingasoftwareonthevirtualmachine,andtheyaremore flexible
and scalable.
7. PortableRouters:Theyare usedtocreateprivateWi-Fiandhence designedfor easyportability.
FunctionsofRouter
Therouterperformsbelowmajorfunctions:
1. Forwarding: The router receives the packets from its input ports, checks its header, performs some
basicfunctionslikechecking checksum,andthenlooksuptotheroutingtabletofindtheappropriate output
port to dump the packets onto, and forwards the packets onto that output port.
2. Routing: Routing is the process by which the router ascertains what is the best path for the packet to
reachthedestination, Itmaintains aroutingtablethat ismadeusingdifferentalgorithmsbytherouter only.
3. NetworkAddressTranslation (NAT):RoutersuseNATtotranslatebetweendifferent IPaddressranges. This
allows devices on a private network to access the internet using a single public IP address.
4. Security:Routerscanbeconfiguredwithfirewallsandothersecurityfeaturestoprotectthenetwork from
unauthorized access, malware, and other threats.
5. Quality of Service (QoS): Routers can prioritize network traffic based on the type of data being
transmitted.Thisensuresthatcriticalapplicationsandservicesreceiveadequatebandwidthandare not
affected by lower-priority traffic.
6. VirtualPrivateNetwork(VPN)connectivity:Routerscanbeconfiguredtoallowremoteusersto
connect securely to the network using a VPN.
7. Bandwidth management: Routers can be used to manage network bandwidthby controlling the
amountofdatathatisallowedtoflowthroughthenetwork.Thiscanpreventnetworkcongestionand ensure
that critical applications and services receive adequate bandwidth.
8. Monitoringanddiagnostics:Routerscanbeconfiguredtomonitornetworktrafficandprovide
diagnostics information in the event of network failures or other issues. This allows network
administrators to quickly identify and resolve problems.
ArchitectureofRouter
Agenericrouterconsistsofthefollowingcomponents:
1. Input Port: Thisistheinterfaceby whichpacketsare admitted intothe router, itperforms severalkey
functions as terminating the physical link at the router, this is done by the leftmost part in the below
diagram,andthemiddlepartdoestheworkofinteroperatingwiththelink-layerlikedecapsulation,in the last
part of the input port the forwarding table is looked up and is used to determine the appropriate
output port based on the destination address.
2. Switching Fabric: This istheheart ofthe Router,It connectsthe input ports with theoutput ports. It is
kindofanetworkinsideanetworkingdevice.Theswitchingfabriccanbeimplemented inseveralways some
of the prominent ones are:
 Switchingviamemory:Inthis,wehaveaprocessorwhichcopiesthepacketfrominputportsand sends it
to the appropriate output port. It works as a traditional CPU with input and output ports acting
as input and output devices.
 Switchingviabus: Inthisimplementation, wehave abusthat connectsalltheinput portstoallthe output
ports.On receivingapacketanddetermining whichoutputport itmustbedeliveredto,the
inputportputsaparticular token onthepacketandtransfersittothebus. All outputportscan see
thepacketsbut theywill bedelivered to the output port whose token hasbeen put in, the token is
then scraped off by that output port and the packet is forwarded
 Switchingviainterconnectionnetwork:Thisisamoresophisticatednetwork,hereinsteadofa single
bus we use a 2N bus to connect n input ports to n output ports.
3. Output Port:Thisisthesegmentfrom whichpacketsaretransmitted outof therouter.Theoutputport looks
at its queuing buffers (when more than one packets have to be transmitted through the same output
port queuing buffers are formed) and takes packets, does link layer functions, and finally transmits the
packets to an outgoing link.
4. Routing Processor: It executes the routing protocols, and it works like a traditional CPU. It employs
variousroutingalgorithmslikethelink-statealgorithm,distance-vectoralgorithm,etc.topreparethe
forwarding table, which is looked up to determine the route and the output port.

SecurityChallengesin Router
There are several challenges faced by the router, due to which an unauthorized access is taken by another
party. Here below are some security challenges in router:
2. VulnerabilityExploits
Firmwareisautomaticallyinstalled on allhardware-based routerstoassisttheoperationof therouter.Like any
other programme, router firmware frequently has flaws that hackers could use against it. Vendors of
routers usually release updates to fix these flaws. Router firmware needs to be updated on a frequentbasis
as a result. Attackers have the ability to monitor traffic on unpatched routers and utilise them as part of a
botnet.
3. DDoSAttacks
Distributed Denial-Of-Service (DDoS) attacks against network infrastructure frequently target both large
and small organisations. Network outages can be caused by unmitigated network layer DDoS attacks,which
can overload routers or bring them down. Using Cloudflare Magic Transit is one way to defend networks
and routers against DDoS attacks of this nature.
4. AdministrationCredentials
To carry out administration tasks, a set of admin credentials is included with every router. The default
values for these credentials are “admin” for the username and “admin” for the password. As soon as
possible, change the username and password to something more secure since, if they are not changed,
attackers can use them to remotely take over the router. They are aware of the typical default values for
these credentials.
Advantagesof Router
 Easier Connection: Sharing a single network connection among numerous machines is the main
advantage of router. This enables numerous people to connect to the internet, boosting total
productivity.Inaddition,routershaveconnectionsbetweenvariousmediaandnetworkdesigns.
 Security: Undoubtedly, installing a router is the first step in securing a network connection. Because
usingamodemtoconnect directlytotheinternetexposesyourcomputertoseveralsecurityrisks.So that
the environment is somewhat secure, routers can be utilized as an intermediary between two
networks. While not a firewall or antivirusreplacement.
 NATUsage:RoutersuseNetworkAddressTranslation(NAT)tomapmultipleprivateIPaddressesinto one
public IP address. This allows for a better Internet connection and information flow between all
devices connected to the network.
 Supports Dynamic Routing: The router employs dynamic routing strategies to aid in network
communication.Theinternetwork’soptimumpathischosenthroughdynamicrouting.Additionally,it
creates collision and broadcast domains. Overall, this can lessen network traffic.
 Filtering of Packets: Switching between packets and filtering packets are two more router services. A
collectionoffilteringrulesareusedbyrouterstofilterthenetwork.Thepacketsareeither allowedor passed
through.
Disadvantagesof Router
 Slower:Routersanalyzemultiple layersofinformation,fromthephysicallayertothenetworklayer, which
slows down connections. The same issue can also be encountered when multiple devices are
connected to these network devices, causing “connection waiting”.
 HighCost:Theyaremoreexpensivethansomeothertoolsforsystemsadministration.Thisincludes
security, extension, and the focal point. As a result, routers are typically not the greatest option for
issues.
 Needforconfiguration:Theroutermustbeproperlyconfiguredtoworkproperly.Ingeneral,themore
complex the intended use, the more configuration is required. This requires professional installation,
which can add to the cost of buying a router.
 QualityIssues:Thetimetransitionsarenotalwaysaccurate.Evenyet,somemoderndevicesusethe
2.4GHzband,whichisfrequentlydeactivated.Thesekindsofseparationsarefrequentlypossiblefor those
who live in apartments and condominiums.
Bandwidthshortages:Dynamicroutingtechniquesusedbyrouterstosupportconnectionstendto cause
network overhead, consuming a lot of bandwidth. This leads to a bandwidth shortage that
significantly slows down the internet connection between connected devices.
Applicationsof Router
Thereareseveralapplicationsofrouterbecausenowadaysroutersarewidelyusedinmostofthe networking
communication for better communication:
 Hardwareequipment,suchasserversfromBSC,MGW,IN,SGSN,andotherremotelocationnetworks, is
connected to these networks via routers.
 Itisutilisedinbothwiredandwirelesscommunication sinceitsupportsahighspeedofdata
transmission due to its utilisation of STM connections for connectivity.
 Routersarefrequentlyused byinternetserviceproviderstotransferdata,such asaudio,video,image, and
email, from one location to another. Additionally, it can transmit data globally by utilising the
destination’sIPaddress.
 Routersprovide accesscontrol. Itcanbesetupsothatsomeuserscan accessallofthedatawhile others
can access just a subset of it.
Routing Protocol
The router can recognise other routers on the network and decide on a dynamic basis where to deliver all
network messages through the routing protocol. Several protocols exist, some of which are listed below:
 Open ShortestPath First: Aspacketstravelacrossseveralnetworks,it isutilisedtodeterminethe
optimal path for them to take in order to arrive at their destination.
 Border Gateway Protocol (BGP): It facilitates information sharing between edge routers to control
internet packetrouting.Forrouters,itoffersnetworkstability.Itcaneasilyswitchtoanothernetwork
connection to transfer the packets.
 InteriorGatewayRoutingProtocol (IGRP):IGRPoutlinestheprotocolforexchangingroutingdata
between gatewaysinside the separatenetworks.Therouting informationcan then beusedbythe
other network protocols to decide how data packets should be routed.
 EnhancedInteriorGatewayRoutingProtocol(EIGRP):Thisprotocolrequestsaroutertorouteits
neighbours if it cannot find a path to a destination from the routing tables. The neighbours then
forward the request to further neighbours until a router finds the path.
 Exterior GatewayProtocol (EGP):Itisalsofrequentlyusedforthecommunication ofroutingtabledata
between internet hosts.
YoucanalsoreferthearticleDifference between Router andModem.
FrequentlyAskedQuestiononIntroductionofaRouter– FAQs
HowRouterisdifferentfromWi-Fi?
A router is not just forWi-Fi, even though it can broadcast a wireless signal (Wi-Fi) to connected and
enabled devices. In addition, routers provide wired connectivity to the Internet. Once the router has
established a hardwired orEthernetconnection to the Internet, it can then translate that connection into Wi-
Fi signal that multiple devices can pick up.
WhatisdifferencebetweenModemandRouter?
A modem, often knownas anISP, is adevicethat links your home networktoyour internet serviceprovider. A
router is a device that enables all of your wired and wireless devices to access the internet simultaneously
and to communicate with one another.

OSI Model:-
OSI stands for Open Systems Interconnection. It is a reference model that specifies standards for
communications protocols and also the functionalities of each layer. The OSI has been developed by the
InternationalOrganizationForStandardizationanditis7layerarchitecture.EachlayerofOSIhas different
functions and each layer has to follow different protocols. The 7 layers are as follows:
The OSI model, created in 1984 by ISO, is a reference framework that explains the process of transmitting
databetweencomputers.Itisdividedintosevenlayersthatworktogethertocarryout specialised network
functions , allowing for a more systematic approach to networking.
 OSIModel

DataFlow InOSIModel
When we transfer information from one deviceto another, it travels through 7 layers of OSI model. First
datatravelsdownthrough 7layers fromthesender’sendandthen climbsback7layersonthereceiver’s end.
DataflowsthroughtheOSImodelinastep-by-stepprocess:
 ApplicationLayer:Applicationscreatethe data.
 PresentationLayer:Dataisformattedandencrypted.
 SessionLayer:Connectionsareestablished andmanaged.
 TransportLayer:Dataisbrokenintosegmentsforreliabledelivery.
 NetworkLayer :Segmentsarepackagedintopacketsand routed.
 DataLinkLayer: Packetsare framedand senttothenextdevice.
 PhysicalLayer:Framesareconvertedintobitsandtransmittedphysically.
Eachlayeraddsspecificinformationtoensurethedatareachesitsdestinationcorrectly,andthesesteps are
reversed upon arrival.

Let’slookatit with anExample:

Luffysendsane-mailtohisfriendZoro.
Step1:Luffyinteractswithe-mailapplicationlikeGmail ,outlook,etc.Writeshisemailtosend.(This happens in Layer
7: Application layer )
Step2: Mailapplicationpreparesfordatatransmissionlikeencryptingdataandformattingitfor transmission. (This
happens in Layer 6: Presentation Layer )
Step 3:There is a connection established between the sender and receiver on the internet. (This
happensin Layer 5: Session Layer )
Step4:Emaildataisbrokenintosmallersegments.Itaddssequencenumberanderror-checking information to
maintain the reliability of the information. (This happens in Layer 4: Transport Layer )
Step 5: Addressing of packets is done in order to find the best route for transfer. (This happens inLayer 3:
Network Layer )
Step 6:Data packetsareencapsulated into frames, then MAC address is added for localdevices and then it
checks for error using error detection. (This happens in Layer 2: Data Link Layer )
Step7: LastlyFramesaretransmittedintheformofelectrical/opticalsignalsoveraphysicalnetwork medium like
ethernet cable or WiFi.
After the email reaches the receiver i.e. Zoro, the process will reverse and decrypt the e-mail content.
Atlast, the email will be shown on Zoro’s email client.

PhysicalLayer–Layer 1
The lowest layer of the OSI reference model is the physical layer. It is responsible for the actual physical
connection between the devices. The physical layer contains information in the form ofbits.It is responsible
for transmitting individual bits from one node to the next. When receiving data, this layer will get the signal
received and convert it into 0s and 1s and send them to the Data Link layer, which will putthe frame back
together.

FunctionsofthePhysicalLayer
 BitSynchronization:Thephysicallayerprovidesthesynchronizationofthebitsbyprovidingaclock. This
clock controls both sender and receiver thus providing synchronization at the bit level.
 Bit RateControl:ThePhysicallayeralsodefinesthetransmission ratei.e.thenumberof bitssentper
second.
 PhysicalTopologies:Physicallayerspecifieshowthedifferent,devices/nodesarearrangedina
network i.e. bus, star, or mesh topology.
 TransmissionMode:Physicallayeralsodefineshowthedataflowsbetweenthetwoconnected
devices. The various transmission modes possible are Simplex, half-duplex and full-duplex.
Note:
 Hub,Repeater,Modem,andCables arePhysicalLayerdevices.
 NetworkLayer,DataLinkLayer,andPhysicalLayerarealsoknownasLowerLayersorHardware Layers .
DataLinkLayer(DLL)–Layer 2
The data link layer is responsible for the node-to-node delivery of the message. The main function of this
layer is to make sure data transfer is error-free from one node to another, over the physical layer. When a
packet arrives in a network, it is the responsibility of the DLL to transmit it to the Host using its
MACaddress.
TheDataLinkLayerisdividedintotwo sublayers:
 LogicalLinkControl (LLC)
 MediaAccessControl (MAC)
The packet received from the Network layer is further divided into frames depending on the frame size of
the NIC(Network Interface Card). DLL also encapsulates Sender and Receiver’s MAC address in the header.
The Receiver’s MAC address is obtained by placing an ARP(Address Resolution Protocol)request onto the
wire asking “Who has that IP address?” and the destination host will reply with its MAC address.
FunctionsoftheDataLink Layer
 Framing: Framingisafunctionofthedatalinklayer.Itprovidesawayforasendertotransmitasetof bits that
are meaningful to the receiver. This can be accomplished by attaching special bit patterns to the
beginning and end of the frame.
 PhysicalAddressing:Aftercreatingframes,theDatalinklayeraddsphysicaladdresses(MAC
addresses ) of the sender and/or receiver in the header of each frame.
 Error Control:Thedatalinklayerprovidesthemechanismoferrorcontrolinwhichitdetectsand
 retransmits damaged or lost frames.
 FlowControl:Thedatarate mustbeconstant onboth sideselsethedatamayget corruptedthus,flow control
coordinates the amount of data that can be sent before receiving an acknowledgment.
 AccessControl:Whenasinglecommunicationchannelissharedbymultipledevices,theMACsub- layer
ofthedata linklayer helpstodetermine whichdevicehascontrolover the channel at agiven time.

Note:
 Packet intheDataLinklayeris referredtoas Frame.
 DataLinklayerishandledby theNIC(NetworkInterfaceCard)anddevicedriversof host machines.
 Switch&BridgeareDataLinkLayer devices.
NetworkLayer–Layer 3
The network layer works for the transmission of data from one host to the other located in different
networks. It also takes care of packet routing i.e. selection of the shortest path to transmit the packet,from
the number of routes available. The sender & receiver’sIP addresses are placed in the header by the
network layer.
FunctionsoftheNetwork Layer
 Routing:Thenetworklayerprotocolsdeterminewhichrouteissuitablefromsourcetodestination. This
function of the network layer is known as routing.
 Logical Addressing: To identify each device inter-network uniquely, the network layer defines an
addressingscheme.Thesender&receiver’sIPaddressesareplacedintheheaderbythenetworklayer. Such an
address distinguishes each device uniquely and universally.
Note:
 SegmentintheNetworklayerisreferredtoasPacket.
 Networklayerisimplementedbynetworkingdevicessuchasroutersandswitches.
TransportLayer–Layer 4
The transport layer provides services to the application layer and takes services from the network layer.
The data in the transport layer is referred to asSegments. It is responsible for the end-to-end delivery of
the complete message. The transport layer also provides the acknowledgment of the successful data
transmission and re-transmits the data if an error is found.
Atthesender’sside:Thetransportlayerreceivestheformatteddatafromtheupperlayers, performs
Segmentation, and also implementsFlow and error controlto ensure proper data transmission. It also adds
Source and Destinationport numbers in its header and forwards the segmented data to the Network Layer.
Note:Thesenderneedstoknowtheportnumberassociatedwiththereceiver’sapplication.
Generally, this destination port number is configured, either by default or manually. For example, when a
web application requests a web server, it typically uses port number 80, because this is the default port
assigned to web applications. Many applications have default ports assigned.
Atthereceiver’sside:Transport Layerreadstheportnumberfromitsheader and forwardstheDatawhich it has
received to the respective application. It also performs sequencing and reassembling of the segmented
data.
FunctionsoftheTransportLayer
 Segmentation andReassembly: Thislayeracceptsthemessagefromthe(session)layer,andbreaksthe
message into smaller units. Each of the segments produced has a header associated with it. The
 transport layer at the destination station reassembles the message.
 Service Point Addressing: To deliver the message to the correct process, the transport layer header
includesatypeofaddresscalled servicepointaddressorport address.Thusbyspecifyingthisaddress, the
transport layer makes sure that the message is delivered to the correct process.
ServicesProvidedbyTransportLayer
 Connection-OrientedService
 ConnectionlessService
1. Connection-OrientedService:Itisathree-phaseprocessthatincludes:
 ConnectionEstablishment
 Data Transfer
 Termination/disconnection
Inthistypeoftransmission,thereceivingdevicesendsanacknowledgment,backtothesourceaftera packet or group
of packets is received. This type of transmission is reliable and secure.
2. Connectionless service: It is a one-phase process and includes Data Transfer. In this type of
transmission, the receiver does not acknowledge receipt of a packet. This approach allows for much faster
communication between devices. Connection-oriented service is more reliable than connectionlessService.
Note:
 DataintheTransportLayeriscalledSegments.
 TransportlayerisoperatedbytheOperatingSystem.ItisapartoftheOSandcommunicates withthe
Application Layer by making system calls.
 Thetransportlayeriscalledas HeartoftheOSI model.
 DeviceorProtocol Use:TCP, UDPNetBIOS,PPTP
SessionLayer–Layer 5
This layer is responsible for the establishment of connection, maintenance of sessions, and authentication,
and also ensures security.
FunctionsoftheSession Layer
 SessionEstablishment,Maintenance,andTermination: Thelayerallowsthetwoprocessesto
establish, use, and terminate a connection.
 Synchronization:Thislayerallowsaprocesstoaddcheckpointsthatareconsideredsynchronization
points in the data. These synchronization points help to identify the error so that the data is re-
synchronized properly, and ends of the messages are not cut prematurely and data loss is avoided.
 DialogController:Thesession layerallowstwosystemstostartcommunicationwitheachotherinhalf- duplex
or full-duplex.
Note:
 Allthebelow3layers(includingSessionLayer)are integratedasasinglelayerintheTCP/IPmodelas the
“Application Layer”.
 Implementationofthese3layersisdonebythenetworkapplicationitself.Thesearealsoknown as
Upper Layers or Software Layers.
 DeviceorProtocolUse:NetBIOS,PPTP.
Example
Let us consider a scenario where a user wants to send a message through some Messenger application
running in theirbrowser.The“Messenger ”hereactsastheapplication layerwhich provides theuserwith an
interface to create the data. This message or so-calledDatais compressed, optionally encrypted (if the data
is sensitive), and converted into bits (0’s and 1’s) so that it can be transmitted.

CommunicationinSessionLayer
 PresentationLayer –Layer 6
The presentation layer is also called theTranslation layer. The data from the application layer is extracted
here and manipulated as per the required format to transmit over the network.
FunctionsofthePresentationLayer
 Translation:Forexample,ASCIItoEBCDIC.
 Encryption/Decryption:Dataencryption translatesthedataintoanotherformorcode.Theencrypted data
is known as the ciphertext and the decrypted data is known as plain text. A key value is used for
encrypting as well as decrypting data.
 Compression: Reducesthenumberofbitsthatneedtobetransmittedonthenetwork. Note:
Device or Protocol Use: JPEG, MPEG, GIF.
Application Layer–Layer 7
At the very top of the OSI Reference Model stack of layers, we find the Application layer which is
implemented by the network applications. These applications produce the data to be transferred over the
network. This layer also serves as a window for the application services to access the network and for
displaying the received information to the user.
Example:Application–Browsers,SkypeMessenger,etc.
Note: The application Layer is also called Desktop Layer.
Device or Protocol Use : SMTP.
FunctionsoftheApplicationLayer
Themainfunctionsoftheapplication layeraregiven below.
 NetworkVirtualTerminal(NVT):Itallowsauserto logonto aremote host.
 FileTransferAccessandManagement(FTAM):Thisapplicationallowsauserto
access files in a remote host, retrieve files in a remote host, and manage or
control files from a remote computer.
 MailServices:Provideemail service.
 DirectoryServices:Thisapplicationprovidesdistributeddatabasesources
and access for global information about various objects and services.
Note:The OSI model acts as a reference model and is not implemented on the Internet because of its
lateinvention. The current model being used is the TCP/IP model.

OSIModel– Layer Architecture

InformationFor
LayerNo Layer Name Responsibility m (Data Unit) Deviceor Protocol

Helpsinidentifying
the client and
Application Layer Message SMTP
synchronizing
7 communication.

PresentationLay Data from the Message JPEG,MPEG,GIF

6 er applicationlayeris

InformationForm
LayerNo Layer Name Responsibility (Data Unit) Deviceor Protocol
 extracted and
manipulated in the
requiredformatfor
transmission.

Establishes
Connection,
Message(or
Maintenance,
SessionLayer encrypted Gateway
Ensures
message)
Authenticationand
5 Ensures security.

Take Service from

NetworkLayerand
TransportLayer Segment Firewall
provide it to the
4 Application Layer.

Transmission of
datafromonehost
Network Layer toanother,located Packet Router
in different
3 networks.

NodetoNode
DataLink Layer Delivery of Frame Switch, Bridge
2 Message.

Establishing
Physical Hub,Repeater,Modem,
PhysicalLayer Bits
Connections Cables
1 betweenDevices.
OSIvsTCP/IPModel
TCP/IPprotocol(TransferControlProtocol/InternetProtocol)wascreatedbyU.S.Departmentof Defense’s
Advanced Research Projects Agency (ARPA) in 1970s.
SomekeydifferencesbetweentheOSImodelandtheTCP/IPModelare:
 TCP/IP model consists of 4 layers but OSI model has 7 layers. Layers 5,6,7 of the OSI model are
combinedintotheApplicationLayerofTCP/IPmodelandOSIlayers1and2arecombinedinto
Network Access Layers of TCP/IP protocol.
 TheTCP/IPmodelisolderthantheOSImodel,hence itisafoundationalprotocolthatdefineshow should
data be transferred online.
 ComparedtotheOSImodel,theTCP/IPmodelhaslessstrict layerboundaries.
 All layers of the TCP/IP model are needed for data transmission but in the OSI model, some
applicationscanskipcertain layers.Onlylayers1,2and3oftheOSImodelarenecessaryfordata
transmission.

OSIvsTCP/IP

TCP/IPModel
TheTCP/IPmodelisafundamentalframeworkforcomputernetworking.ItstandsforTransmissionControl
Protocol/Internet Protocol, which are the core protocols of the Internet. This model defines how data is
transmitted over networks, ensuring reliable communication between devices. It consists of four layers:the
Link Layer, the Internet Layer, the Transport Layer, and the Application Layer. Each layer has specific
functions that help manage different aspects of network communication, making it essential for
understanding and working with modern networks.
TCP/IP was designed and developed by the Department of Defense (DoD) in the 1960s and is based on
standard protocols. The TCP/IP model is a concise version of the OSI model. It contains four layers, unlike
the seven layers in the OSI model. In this article, we are going to discuss the TCP/IP model in detail.
TCP/IP model was developed alongside the creation of the ARPANET, which later became the foundationof
the modern internet. It was designed with a focus on the practical aspects of networking at the time.The
lower-level hardware details and physical transmission medium were largely abstracted away in favor of
higher-level networking protocols.
What DoesTCP/IP Do?
The main work of TCP/IP is to transfer the data of a computer from one device to another. The main
condition of this process is to make data reliable and accurate so that the receiver will receive the same
information which is sent by the sender. To ensure that, each message reaches its final destination
accurately, the TCP/IP model divides its data into packets and combines them at the other end, whichhelps
in maintaining the accuracy of the data while transferring from one end to another end. The TCP/IP model
is used in the context of the real-world internet, where a wide range of physical media and network
technologies are in use. Rather than specifying a particular Physical Layer, the TCP/IP model allows for
flexibility in adapting to different physical implementations.
DifferenceBetweenTCPandIP
Feature TCP(TransmissionControl Protocol) IP(InternetProtocol)

Ensuresreliable,ordered,anderror-
Providesaddressingandroutingof
Purpose checked delivery of data between
packets across networks.
applications.

Type Connection-oriented Connectionless

Managesdatatransmissionbetween Routes packets of data from the

Function devices, ensuring data integrity and sourcetothedestinationbasedonIP
order. addresses.

No,IPitselfdoesnothandleerrors; relies
Yes,includeserrorcheckingand
ErrorHandling on upper-layer protocols like TCP.
recovery mechanisms.

Flow Control Yes,includesflowcontrol mechanisms. No

Congestion Control Yes,managesnetwork congestion. No

Feature TCP(TransmissionControl Protocol) IP(InternetProtocol)

Breaksdataintosmallerpacketsand Breaksdataintopacketsbutdoesnot
Data Segmentation
reassemblesthematthedestination. handle reassembly.

HeaderSize Larger,20-60bytes Smaller,typically20bytes

Doesnotguaranteedelivery,
Reliability Providesreliabledata transfer
reliability, or order.

Transmission Yes,acknowledgesreceiptofdata
No
Acknowledgment packets.

How DoestheTCP/IPModel Work?

Whenever we want to send something over the internet using the TCP/IP Model, the TCP/IP Model divides
the data into packets at the sender’s end and the same packets have to be recombined at the receiver’s
end to form the same data, and this thing happens to maintain the accuracy of the data. TCP/IP model
divides the data into a 4-layer procedure, where the data first go into this layer in one order and again in
reverse order to get organized in the same way at the receiver’s end.
Formore,youcanrefertoTCP/IPinComputerNetworking.
Layers of TCP/IP Model
 ApplicationLayer
 TransportLayer(TCP/UDP)
 Network/InternetLayer(IP)
 NetworkAccessLayer
TCP/IPandOSI
1. NetworkAccessLayer
It is a group of applications requiring network communications. This layer is responsible for generating the
data and requesting connections. It acts on behalf of the sender and the Network Access layer on the
behalf of the receiver. During this article, we will be talking on the behalf of the receiver.
The packet’s network protocol type, in this case, TCP/IP, is identified by network access layer. Error
prevention and “framing” are also provided by this layer.Point-to-Point Protocol (PPP)framing and Ethernet
IEEE 802.2 framing are two examples of data-link layer protocols.
2. InternetorNetworkLayer
This layer parallels the functions of OSI’s Network layer. It defines the protocols which are responsible for
the logical transmission of data over the entire network. The main protocols residing at this layer are as
follows:
 IP: IPstands for Internet Protocol and it is responsible for delivering packets from the source host to
the destination host by looking at the IP addresses in the packet headers. IP has 2 versions: IPv4 and
IPv6.IPv4istheonethatmostwebsitesareusingcurrently.ButIPv6isgrowing asthenumberofIPv4
addresses is limited in number when compared to the number of users.
 ICMP:ICMPstandsforInternet ControlMessageProtocol.Itisencapsulated withinIPdatagramsandis
responsible for providing hosts with information about network problems.
 ARP:ARPstandsforAddressResolutionProtocol.Itsjobistofindthehardware addressofahostfrom a known
IP address. ARP has several types: Reverse ARP, Proxy ARP, Gratuitous ARP, and Inverse ARP.
The Internet Layer is a layer in the Internet Protocol (IP) suite, which is the set of protocols that define the
Internet.TheInternetLayerisresponsibleforroutingpacketsofdatafromonedevicetoanotheracrossa
network. It does this by assigning each device a unique IP address, which is used to identify the device and
determine the route that packets should take to reach it.
3. TransportLayer
The TCP/IP transport layer protocols exchange data receipt acknowledgments and retransmit missing
packets to ensure that packets arrive in order and without error. End-to-end communication is referred to
as such. Transmission Control Protocol (TCP) and User Datagram Protocol are transport layer protocols at
this level (UDP).
 TCP:ApplicationscaninteractwithoneanotherusingTCPasthoughtheywerephysicallyconnectedby a
circuit. TCP transmits data in a way that resembles character-by-character transmission rather than
separate packets. A starting point that establishes the connection, the whole transmission in byte
order, and an ending point that closes the connection make up this transmission.
 UDP: The datagram delivery service is provided by UDP, the other transport layer protocol.
Connectionsbetweenreceiving and sendinghostsarenotverifiedbyUDP.Applicationsthattransport
littleamountsofdatauseUDPratherthanTCPbecause it eliminatestheprocesses of establishingand
validating connections.
4. ApplicationLayer
This layer is analogous to the transport layer of the OSI model. It is responsible for end-to-end
communication and error-free delivery of data. It shields the upper-layer applications from thecomplexities
of data. The three main protocols present in this layer are:
 HTTP and HTTPS: HTTPstands for Hypertext transfer protocol. It is used by the World Wide Web to
manage communications between web browsers and servers. HTTPS stands for HTTP-Secure. It is a
combinationofHTTPwithSSL(SecureSocketLayer).Itisefficientincaseswherethebrowserneedsto fill out
forms, sign in, authenticate, and carry out bank transactions.
 SSH:SSHstandsforSecureShell.ItisaterminalemulationssoftwaresimilartoTelnet.ThereasonSSH is
preferred is because of its ability to maintain the encrypted connection. It sets up a secure session
over a TCP/IP connection.
 NTP: NTPstands for Network Time Protocol. It is used to synchronize the clocks on our computer to
one standard time source. It is very useful in situations like bank transactions. Assume the following
situation without the presence of NTP. Suppose you carry out a transaction, where your computer
readsthetimeat 2:30PM whiletheserverrecordsitat2:28PM.Theservercan crash verybadlyif it’s out of
sync.
The host-to-host layer is a layer in the OSI (Open Systems Interconnection) model that is responsible for
providing communication between hosts (computers or other devices) on a network. It is also known asthe
transport layer.
Somecommonusecasesforthehost-to-host layerinclude:
 Reliable Data Transfer: The host-to-host layer ensures that data is transferred reliably between hosts
byusingtechniqueslikeerror correction andflowcontrol.Forexample,if apacketofdataislostduring
transmission, the host-to-host layer can request that the packet be retransmitted to ensure that all
data is received correctly.
 Segmentation and Reassembly: The host-to-host layer is responsible for breaking up large blocks of
dataintosmallersegmentsthatcanbetransmitted overthenetwork,andthenreassemblingthedata
atthedestination.Thisallowsdatatobetransmittedmoreefficientlyandhelpstoavoidoverloading the network.
 Multiplexing and De-multiplexing: The host-to-host layer is responsible for multiplexing data from
multiple sources onto a single network connection, and then de-multiplexing the data at the
destination.Thisallowsmultipledevicestosharethesamenetworkconnectionandhelpstoimprove the
utilization of the network.
 End-to-EndCommunication:Thehost-to-hostlayerprovidesaconnection-orientedservicethatallows
hosts to communicate with each other end-to-end, without the need for intermediate devices to be
involved in the communication.
Example: Consider a network with two hosts, A and B. Host A wants to send a file to host B. The host-to-
host layer in host A will break the file into smaller segments, add error correction and flow control
information, and then transmit the segments over the network to host B. The host-to-host layer in host B
will receive the segments, check for errors, and reassemble the file. Once the file has been transferred
successfully, the host-to-host layer in host B will acknowledge receipt of the file to host A.
In this example, the host-to-host layer is responsible for providing a reliable connection between host A
and host B, breaking the file into smaller segments, and reassembling the segments at the destination. It is
also responsible for multiplexing and de-multiplexing the data and providing end-to-end communication
between the two hosts.
WhyTCP/IPModelDoesNot HavePhysicalLayer
The physical layer is not covered bythe TCP/IP model because thedata link layer is considered the point at
which the interface occurs between the TCP/IP stock and the underlying network hardware. Also, it is
designed to be independent of the underlying physical media. This allows TCP/IP to be flexible and
adaptable to different types of physical connections, such as Ethernet, Wi-Fi, fiber optics, or even older
technologies like dial-up modems. The physical layer is typically handled by hardware components and
standards specific to the physical medium being used, like Ethernet cables or radio waves for Wi-Fi.
OtherCommonInternet Protocols
TCP/IP Model covers many Internet Protocols. The main rule of these Internet Protocols is how the data is
validated and sent over the Internet. Some Common Internet Protocols include:
 HTTP(HypertextTransferProtocol):HTTPtakescareofWebBrowsersandWebsites.
 FTP(FileTransferProtocol): FTPtakescareofhowthefileistobesentovertheInternet.
 SMTP(SimpleMailTransfer Protocol):SMTPisusedtosendandreceivedata.
Difference between TCP/IP and OSI Model
TCP/IP OSI

TCPreferstoTransmission ControlProtocol. OSIreferstoOpen Systems Interconnection.

TCP/IPuses boththesessionandpresentationlayer in the OSIusesdifferentsessionandpresentationlayers.

application layer itself.

TCP/IPfollowsconnectionlessahorizontalapproach. OSIfollowsavertical approach.

TheTransportlayerinTCP/IPdoesnotprovide assurance IntheOSImodel,thetransportlayerprovides

delivery of packets. assurance delivery of packets.

ProtocolscannotbereplacedeasilyinTCP/IPmodel. WhileintheOSImodel,Protocolsarebetter

TCP/IP OSI

coveredandareeasytoreplacewiththe technology
change.

TCP/IP model network layer only provides Connectionless and connection-oriented services
connectionless (IP) services. The transport layer (TCP) are provided by the network layer in the OSI
provides connections. model.

AdvantagesofTCP/IPModel
 Interoperability:TheTCP/IPmodelallowsdifferenttypesofcomputersandnetworkstocommunicate with
each other, promoting compatibility and cooperation among diverse systems.
 Scalability:TCP/IPishighlyscalable,makingitsuitableforbothsmallandlargenetworks,fromlocal area
networks (LANs) to wide area networks (WANs) like the internet.
 Standardization:Itisbasedonopenstandardsandprotocols,ensuringthatdifferentdevicesand
software can work together without compatibility issues.
 Flexibility:Themodelsupportsvariousroutingprotocols,datatypes,andcommunicationmethods,
making it adaptable to different networking needs.
 Reliability:TCP/IPincludeserror-checkingandretransmissionfeaturesthatensurereliabledata
transfer, even over long distances and through various network conditions.
DisadvantagesofTCP/IP Model
 Complex Configuration:SettingupandmanagingaTCP/IPnetworkcanbecomplex,especiallyforlarge
networks with many devices. This complexity can lead to configuration errors.
 SecurityConcerns:TCP/IPwasnotoriginallydesignedwithsecurityinmind.Whiletherearenowmany
security protocols available (such as SSL/TLS), they have been added on top of the basic TCP/IP model,
 which can lead to vulnerabilities.
 InefficiencyforSmallNetworks:Forverysmallnetworks,theoverheadandcomplexityoftheTCP/IP model
may be unnecessary and inefficient compared to simpler networking protocols.
 LimitedbyAddressSpace:AlthoughIPv6addressesthisissue,theolderIPv4systemhasalimited address
space, which can lead to issues with address exhaustion in larger networks.
 Data Overhead: TCP, the transport protocol, includes a significant amount of overhead to ensure
reliabletransmission.Thiscanreduceefficiency,especiallyforsmalldatapacketsorinnetworkswhere speed
is crucial.

DomainNameSystem(DNS)inApplication Layer:-
TheDomainNameSystem(DNS)isliketheinternet’sphonebook.Ithelpsyoufindwebsitesby translating easy-to-
remember names (like www.example.com) into the numerical IP addresses (like 192.0.2.1) that computers
use to locate each other on the internet. Without DNS, you would have to remember long strings of
numbers to visit your favorite websites.
Domain Name System (DNS) is a hostname used for IP address translation services. DNS is a distributed
database implemented in a hierarchy of name servers. It is an application layer protocol for message
exchange between clients and servers. It is required for the functioning of the Internet.
WhatistheNeedforDNS?
Every host is identified by the IP address but remembering numbers is very difficult for people also the IP
addressesarenotstaticthereforeamappingisrequiredtochangethedomainnametotheIPaddress. So DNS is
used to convert the domain name of the websites to their numerical IP address.
TypesofDomain
Therearevariouskindsofdomains:
 GenericDomains:.com(commercial),.edu(educational),.mil(military),.org(nonprofitorganization),
.net(similartocommercial)allthesearegenericdomains.
 CountryDomain:.in(India).us.uk
 Inverse Domain: if we want to know what is the domain name of the website. IP to domain name
mapping. So DNS can provide both the mapping for example to find the IP addresses of
geeksforgeeks.org then we have to type
nslookupwww.geeksforgeeks.org

TypesofDNS

OrganizationofDomain
It is very difficult to find out the IP addressassociated with a website because there are millions ofwebsites
and with all those websites we should be able to generate the IP address immediately, there should not be
a lot of delays for that to happen organization of the databaseis very important.
 RootDNSServer

 DNS Record: Domain name, IP address what is the validity? what is the time to live? and all the
information related to that domain name. These records are stored in a tree-like structure.
 Namespace: Set of possible names, flat or hierarchical. The naming system maintains a collection of
bindings of names to values – given a name, a resolution mechanism returns the correspondingvalue.
 NameServer:Itisanimplementationoftheresolutionmechanism.
DNS=NameserviceinInternet–Azoneisanadministrativeunit,andadomainisasubtree.
Name-to-AddressResolution
The host requests the DNS name server to resolve the domain name. And the name server returns the IP
address corresponding to that domain name to the host so that the host can future connect to that IP
address.

Name-to-AddressResolution

 Hierarchy of Name Servers Root Name Servers: It is contacted by name servers that can not resolve
the name. It contacts the authoritative name server if name mapping is not known. It then gets the
mapping and returns the IP address to the host.
 Top-level Domain (TLD) Server: It is responsible for com, org, edu, etc, and all top-level country
domains like uk, fr, ca, in, etc. They have info about authoritative domain servers and know the
names and IP addresses of each authoritative name server for the second-level domains.
 AuthoritativeNameServersaretheorganization’sDNSservers,providingauthoritativehostnames to IP
mapping for organization servers. It can be maintained by an organization or service provider. In order
to reachcse.dtu.in we have to ask the root DNS server, then itwill point out to the top-level
 domain server and then to the authoritative domain name server which actually contains the IP
address. So the authoritative domain server will return the associative IP address.
DomainNameServer
Theclientmachinesends a requestto thelocalnameserver,which,if therootdoes notfindthe address in its
database, sends a request to the root name server, which in turn, will route the query to a top-level
domain (TLD) or authoritative name server. The root name server can also contain some hostName to IP
addressmappings.TheTop-leveldomain(TLD)serveralwaysknowswhotheauthoritativenameserver
is.SofinallytheIPaddressisreturnedtothelocalnameserverwhichinturnreturnstheIPaddressto the host.

DomainNameServer

HowDoesDNSWork?
The working of DNS starts with converting a hostname into an IP Address. A domain name serves as a
distinctiveidentificationforawebsite.ItisusedinplaceofanIPaddresstomakeitsimplerfor consumers to visit
websites. Domain Name System works by executing the database whose work is tostore the name of hosts
which are available on the Internet. The top-level domain server stores address information for top-level
domains such as .com and .net, .org, and so on. If the Client sends the request, then the DNS resolver
sends a request to DNS Server to fetch the IP Address. In case, when it does not contain that particular IP
Address with a hostname, it forwards the request to another DNS Server. WhenIP Address has arrived at
the resolver, it completes the request over Internet Protocol.
Formore,youcanrefertoWorkingofDNSServer.

HowDoesDNSWorks?
AuthoritativeDNSServerVsRecursiveDNSResolver
Parameters
AuthoritativeDNSServer RecursiveDNSResolver

HoldstheofficialDNSrecords for a Resolves DNS queries on behalf

Function of clients
domain

Provides answers to specific Actively looks up information

Role
DNS queries for clients

Responds with authoritative Queries other DNS servers for

QueryHandling
DNS data DNS data

Doesn’t directly interact with Serves end-users or client

ClientInteraction
end-users applications

Stores the DNS records for Looks up data from other DNS
DataSource
specific domains servers

Generally, doesn’t perform Caches DNS responses for

Caching
caching faster lookups

Does not participate in the Actively performs recursive

HierarchicalResolution
recursive resolution name resolution

IP address may vary depending

IPAddress Hasafixed,knownIPaddress
on ISP

Manages a specific DNS zone Does not manage any specific

ZoneAuthority
(domain) DNS zone

WhatisDNSLookup?
DNS Lookup or DNS Resolution can be simply termed as the process that helps in allowing devices and
applications that translate readable domain names to the corresponding IP Addresses used by the
computers for communicating over the web.
WhatAreTheStepsinaDNSLookup?
Often, DNS lookup information is stored temporarily either on your own computer or within the DNS
system itself. There are usually 8 steps involved in a DNS lookup. If the information is already stored
(cached),someofthesestepscanbeskipped,makingtheprocessfaster.Hereisanexampleofall8 steps when
nothing is cached:
1. Ausertypes“example.com”intoawebbrowser.
2. TherequestgoestoaDNSresolver.
 3. Theresolverasksarootserverwheretofindthetop-leveldomain(TLD)serverfor.com.
4. Therootservertellstheresolvertocontactthe.comTLDserver.
5. Theresolverthenasksthe.comTLDserverfortheIPaddressof“example.com.”
6. The.comTLDservergivestheresolvertheIPaddressofthedomain’snameserver.
7. Theresolverthenasksthedomain’snameserverfortheIPaddressof“example.com.”
8. Thedomain’snameserverreturnstheIPaddresstotheresolver.

WorkingofDNS

DNSServersInvolvedinLoadingaWebpage
Uponloadingthewebpage,severalDNSServersareresponsiblefortranslatingthedomainnameinto the
corresponding IP Address of the web server hosting the website. Here is the list of main DNS servers
involved in loading a Webpage.
 LocalDNSResolver
 RootDNSServers
 Top-LevelDomain(TLD)DNSServers
 AuthoritativeDNSServers
 WebServer
This hierarchical system of DNS servers ensures that when you type a domain name into your webbrowser, it
can be translated into the correct IP address, allowing you to access the desired webpage onthe internet.
FormoreinformationyoucanreferDNSLook-Uparticle.
WhatisDNSResolver?
DNS Resolveris simply called a DNS Client and has the functionality for initiating the process of DNSLookup
which is also called DNS Resolution. By using the DNS Resolver, applications can easily access
differentwebsites and services presenton the Internet by using domain names thatare very much friendly
to the user and that also resolves the problem of remembering IP Address.
WhatAreTheTypesofDNSQueries?
TherearebasicallythreetypesofDNSQueriesthatoccurinDNSLookup.Thesearestatedbelow.
 Recursive Query: In this query, if the resolver is unable to find the record, in that case, DNS client
wants the DNS Server will respond to the client in any way like with the requested source record or
an error message.
 Iterative Query: Iterative Query is the query in which DNS Client wants the best answer possible
from the DNS Server.
 Non-Recursive Query: Non-Recursive Query is the query that occurs when a DNS Resolver queries a
DNS Server for some record that has access to it because of the record that exists in its cache.
WhatisDNSCaching?
DNSCachingcanbesimplytermedastheprocessusedbyDNSResolversforstoringthepreviouslyresolvedinformation
ofDNSthatcontainsdomainnames,andIPAddressesforsometime.Themain
principleofDNSCachingistospeeduptheprocessoffutureDNSlookupandalsohelpinreducingthe overall time
of DNS Resolution.

What is Firewall?
Afirewallisanetworksecuritydevice,eitherhardwareorsoftware-
based,whichmonitorsallincoming and outgoing traffic and based on a defined set of
security rules accepts, rejects, or drops that specific traffic.
 Accept:allowthe traffic
 Reject: blockthetrafficbutreplywithan“unreachableerror”
 Drop:blockthetrafficwithno reply
A firewall is a type of network security device that filters incoming and outgoing network
traffic with security policies that have previously been set up inside an organization. A
firewall is essentially the wall that separates a private internal network from the open
Internet at its very basic level.

HistoryandNeedFor Firewall
Before Firewalls, network security was performed byAccess Control Lists(ACLs) residing
on routers. ACLs are rules that determine whether network access should be granted or
denied to specific IP address. But ACLs cannot determine the nature of the packet it is
blocking. Also, ACL alone does not have the capacityto keep threats out of the network.
Hence, the Firewall was introduced. Connectivity to the Internet is no longer optional for
organizations. However, accessing the Internet provides benefits to the organization; it
also enables the outside world to interact with the internal network of the organization.
This creates a threat to the organization. In order to secure the internal network from
unauthorized traffic, we need a Firewall.
WorkingofFirewall
Firewall match the network traffic against the rule set defined in its table. Once the rule is
matched, associate action is applied to the network traffic. For example, Rules are
defined as any employee from Human Resources department cannot access the data
from code server and at the same time another rule is defined like system administrator
can access the data from both Human Resource and technical department. Rules can be
defined on the firewall based on the necessity and security policies of the organization.
From the perspective of a server, network traffic can be either outgoing or incoming.
Firewall maintains a distinct set of rules for both the cases. Mostlytheoutgoing traffic,
originated from the server itself, allowed to pass. Still, setting a rule on outgoing traffic is
always better in order to achieve more security and prevent unwanted communication.
Incoming traffic is treated differently. Most traffic which reaches on the firewall is one of
these three major Transport Layer protocols- TCP,UDPorICMP. All these types have a
source address and destination address. Also, TCP and UDP have port numbers. ICMP
uses type code instead of port number which identifies purpose of that packet.
Default policy:It is very difficult to explicitly cover every possible rule on the firewall. For
this reason, the firewall must always have a default policy. Default policy only consists of
action (accept, reject or drop). Suppose no rule is defined about SSH connection to the
server on the firewall. So, it will follow the default policy. If default policy on the firewall
is set toaccept, then any computer outside of your office can establish an SSH connection
to the server. Therefore, setting default policy asdrop(or reject) is always a good practice.
Types ofFirewall
Firewallscanbecategorizedbasedontheir generation.
2. PacketFilteringFirewall
Packet filtering firewall is used to control network access by monitoring outgoing and
incoming packetsand allowing them to pass or stop based on source and destination IP
address, protocols, and ports. It analyses traffic at the transport protocol layer (but
mainly uses first 3 layers). Packet firewalls treat each packet in isolation. They have no
abilityto tell whether a packet ispart ofan existing stream of traffic. Only It can allow or
deny the packets based on unique packet headers. Packet filtering firewall maintains a
filtering table that decides whether the packet will be forwarded or discarded. From the
given filtering table, the packets will be filtered according to the following rules:

 Incomingpacketsfromnetwork192.168.21.0areblocked.
 IncomingpacketsdestinedfortheinternalTELNETserver(port 23)areblocked.
 Incomingpacketsdestinedforhost192.168.21.3are blocked.
 Allwell-knownservicestothenetwork192.168.21.0areallowed.
3. StatefulInspectionFirewall
Stateful firewalls (performs Stateful Packet Inspection) are able to determine the
connection state of packet, unlike Packet filtering firewall, which makes it more efficient.
It keeps track of the state ofnetworks connection travelling across it, such as TCP streams.
So the filtering decisions would not only be based on defined rules, but also on packet’s
history in the state table.
4. Software Firewall
A software firewall is any firewall that is set up locally or on a cloud server. When it comes
to controlling the inflow and outflow of data packets and limiting the number of networks
thatcan be linkedto a single
device, they may be the most advantageous. But the problem with software firewall is
they are time- consuming.
5. Hardware Firewall
They also go by the name “firewalls based on physical appliances.” It guarantees that the
malicious data is halted before it reaches the network endpoint that is in danger.
6. ApplicationLayer Firewall
Application layer firewall can inspect and filter the packets on any OSI layer, up to the
application layer. It
hastheabilitytoblockspecificcontent,alsorecognizewhencertainapplicationandprotocols
(likeHTTP,FTP) are being misused. In other words, Application layer firewalls are hosts
that run proxy servers. A proxy firewall prevents the direct connection between either
side of the firewall, each packethas to pass through the proxy.
7. NextGenerationFirewalls (NGFW)
NGFW consists of Deep Packet Inspection, Application Inspection, SSL/SSHinspection and
many functionalities to protect the network from these modern threats.
8. ProxyServiceFirewall
This kind of firewall filters communications at the application layer, and protects the
network. A proxy firewall acts as a gateway between two networks for a particular
application.
9. Circuit LevelGatewayFirewall
ThisworksastheSessionslayerofthe OSIModel’s.Thisallowsforthesimultaneoussetupof
twoTransmission Control Protocol(TCP) connections. It can effortlessly allow data packets
to flow without using quite a lot of computing power. These firewalls are ineffective
because they do not inspect data packets; if malware is found in a data packet, they will
permit it to pass provided that TCP connections are established properly.
FunctionsofFirewall
 Everypieceofdatathatentersorleavesacomputernetworkmustgo viathefirewall.
 Ifthedatapacketsaresafelyrouted viathefirewall,alloftheimportant dataremainsintact.
 Afirewalllogseach datapacket thatpassesthrough it,enablingtheusertokeeptrackof
allnetwork activities.
 Sincethedataisstored safelyinsidethedatapackets,itcannotbealtered.
 Everyattemptforaccesstoouroperatingsystemisexaminedbyourfirewall,which
alsoblockstraffic from unidentified or undesired sources.
WhoInventedFirewalls?
The firewall keeps changing and getting better because different people have been
working on it since the late 1980s to the mid-90s. Each person added new parts and
improved versions of the firewall before it became what weuseinmodern
times.Thismeansthefirewallisalwaysevolving tobecomemoreeffective and secure.
JeffMogul,PaulVixie,andBrianReid
In the late 1980s, Mogul, Reid, and Vixie worked at Digital Equipment Corp (DEC) on
packet-filtering technology. This tech became important for future firewalls. They started
the idea of checking external connections before they reach computers on an internal
network. Some people think this packet filter was the first firewall, but it was really a part
of the technology that later became true firewall systems.
KshitijiNigam,WilliamCheswick,DavidPresotto,StevenBellovin,andJanardanSharma
In the late 1980s to early 1990s, researchers at AT&T Bell Labs worked on a new type of
firewall called the circuit-level gateway. Unlike earlier methods, this firewall didn’t need
to reauthorize connections for each data packet but instead vetted and allowed ongoing
connections. From 1989 to 1990, Presotto, Sharma, and Nigam developed this
technology, and in 1991, Cheswick and Bellovin continued to advance firewall technology
based on their work.
Marcus Ranum
From 1991 to 1992, Ranum introduced security proxies at DEC, which became a crucial
part of the first application-layerfirewall product.Knownasthe
SecureExternalAccessLink(SEAL)product,itwasbased
on earlier work by Reid, Vixie, and Mogul at DEC. SEAL marked the first commercially
available firewall, pioneering the way for enhanced network security through application-
level protection.
GilShwed andNirZuk
From 1993 to 1994, at Check Point, Gil Shwed and developer NirZuk made major
contributions to creating the first widely-used and easy-to-use firewall product called
Firewall-1. Gil Shwed pioneered stateful inspection technology, filing a U.S. patent in
1993. Following this, NirZuk developed a user-friendly graphical interfacefor Firewall-1 in
1994.These innovationswerepivotalin makingfirewalls accessible and popular among
businesses and homes, shaping their adoption for years to come.
ImportanceofFirewalls
So, what does a firewall do and why is it important? Without protection, networks are
vulnerable to any traffic trying to access your systems, whether it’s harmful or not. That’s
why it’s crucial to check allnetwork traffic.
When you connect personal computers to other IT systems or the internet, it opens up
many benefits like collaboration, resource sharing, and creativity. But it also exposes your
network and devices to risks like hacking, identity theft, malware, and online fraud.
Once a malicious person finds your network, they can easily access and threaten it,
especially withconstant internet connections.
Using a firewall is essential for proactive protection against these risks. It helps users
shield their networks from the worst dangers.
WhatDoesFirewallSecurityDo?
A firewall serves as a security barrier for a network, narrowing the attack surface to a
single point of contact. Instead of every device on a network being exposed to the
internet, all traffic must first gothroughthefirewall.Thisway,thefirewallcanfilter
andblocknon-permitted traffic, whether it’scomingin or going out. Additionally, firewalls
help create a record of attempted connections, improving security awareness.
WhatCanFirewallsProtect Against?
 InfiltrationbyMaliciousActors:Firewallscanblocksuspiciousconnections,preventingea
vesdropping and advanced persistent threats (APTs).
 ParentalControls:Parentscanusefirewallstoblocktheirchildrenfromaccessingexplicitwebco
ntent.
 WorkplaceWebBrowsingRestrictions:Employerscanrestrictemployeesfromusingt
hecompany network to access certain services and websites, like social media.
 NationallyControlledIntranet:Governmentscanblockaccesstocertainwebcontentands
ervicesthat conflict with national policies or values.
Byallowingnetworkownerstosetspecificrules,firewallsoffercustomizableprotectionforvariouss
cenarios, enhancing overall network security.
AdvantagesofUsing Firewall
 Protection From Unauthorized Access: Firewalls can be set up to restrict incoming
traffic from
particularIPaddressesornetworks,preventinghackersorothermaliciousactorsfromeasil
yaccessing a network or system. Protection from unwanted access.
 Prevention of Malwareand OtherThreats:
Malwareandotherthreatprevention:Firewalls canbe set
uptoblocktrafficlinkedtoknownmalwareorothersecurityconcerns,assistinginthedefens
eagainst these kinds of attacks.
 ControlofNetworkAccess: Bylimitingaccesstospecified
individualsorgroupsforparticularserversor applications, firewalls can be used to
restrict access to particular network resources or services.
 MonitoringofNetworkActivity:Firewallscanbesetuptorecordandkeeptrackofal
lnetwork activity.
 Regulation
Compliance:Manyindustriesareboundbyrulesthatdemandtheusageoffirewallsor
other security measures.
 NetworkSegmentation:Byusingfirewallstosplitupabiggernetworkintosmallersubnets,
theattack surface is reduced and the security level is raised.
Disadvantagesof UsingFirewall
 Complexity:Settingupandkeepingupafirewallcanbetime-
consuminganddifficult,especiallyfor bigger networks or companies with a wide
variety of users and devices.
 Limited Visibility: Firewalls may not be able to identify or stop security risks that
operate at other
levels,suchastheapplicationorendpointlevel,becausetheycanonlyobserve
andmanagetrafficat the network level.
 FalseSenseofSecurity:Somebusinessesmayplaceanexcessiveamountofrelianceonth
eirfirewall and disregard other crucial security measures like endpoint security or
intrusion detection systems.
  Limitedadaptability:Becausefirewallsarefrequentlyrule-
based,theymightnotbeabletorespondto fresh security threats.
 PerformanceImpact:Networkperformancecanbesignificantlyimpactedbyfirewalls,p
articularlyif they are set up to analyze or manage a lot of traffic.
 LimitedScalability:Becausefirewallsareonlyabletosecureonenetwork,businessesthath
aveseveral networks must deploy many firewalls, which can be expensive.
 LimitedVPNsupport:SomefirewallsmightnotallowcomplexVPNfeatureslikesplittunnel
ing,which could restrict the experience of a remote worker.
 Cost:Purchasingmanydevicesoradd-
onfeaturesforafirewallsystemcanbeexpensive,especiallyfor businesses.
Conclusion
In conclusion, firewalls play a crucial role in safeguardingcomputers and networks. By
monitoring and controlling incoming and outgoing data, they help prevent unauthorized
access and protect against cyber threats. Using a firewall is a smart way to enhance
security and ensure a safer online experience for users and organizations alike.
ImportantQuestiononFirewall
Question:Apacketfilteringfirewallcan[ISROCS2013]?
(A)Blocksomehostsfromaccessingthe network
Can Network Speeds Be Slowed Down
by a Firewall?
Yes,Networkspeedscanbesloweddownb
yafirewall. How do firewall stop
traffic?
Thefirewallactsasaconstantfilter,analyzingincomingdataandblockinganythingthatappears
suspicious from entering your network to protect system.
CanFirewallsStop Worms?
Yes, Installing a firewall helps prevent worms and malicious software from infecting a computer
in addition to blocking unwanted traffic.

Open Shortest Path First (OSPF) is one such dynamic routing protocol. It is called a dynamic protocol as
it is able to dynamically exchange routing information between the routers that are the nearest
neighbors.
In this blog, we will learn what the OSPF protocol is and how it works. We will also learn about the
different states of the OSPF protocol. In the end, we will also discuss the advantages and disadvantages
of the protocol.
In the previous blog , we learned about the types of FHRPs in detail. I definitely recommend you go
through that blog before jumping to this blog.
Let us now start learning about the OSPF protocol!
What is the OSPF Protocol?
Open Shortest Path First (OSPF) is an Interior Gateway Protocol (IGP) that has an algorithm type of Link-
State.
This is how a link-state protocol functions:
When we use a link-state routing protocol, every router creates a ‘connectivity map’ of the network.
To make this happen, each router advertises information about its interfaces (connected networks) to
its neighbors. These advertisements are passed along to other routers until all the other routers in the
network develop the same map of the network.
Therefore, it is very important to note that each of the routers then uses this same map to calculate the
best routers for each destination.
Since more information is shared, link-state protocols use more resources on the router.
The link-state routers react faster to the changes in the network than the distance vector routers.
Now, let us understand the OSPF in detail:
If we expand the term OSPF, it is Open Shortest Path First.
It uses the Shortest Path First algorithm which is also called Dijkstra’s algorithm. This algorithm is
named after the name of a Dutch computer scientist.
There are three versions of OSPF:

OSPFv1: This is the first version of OSPF created in the year 1989. It is no longer in use.
OSPFv2: This is the second version of OSPF created in 1998. It is used in IPv4. This version is important
for CCNA 200-301.
OSPFv3: This is the latest version of OSPF created in the year 2008. This version is used for IPv6 and as
well as for IPv4.
The routers store information about networks in Link State Advertisements (LSAs) which are organized
in a structure called the Link State Database (LSDB).
Routers flood the LSAs until all the routers in the OSPF area develop the same map of the network
(LSDB).
This flooding is similar to switches when they receive a broadcast frame or an unknown unicast frame.
In OSPF, flooding means that they send the LSAs to all of their OSPF neighbors.
How OSPF Works?
The basic functioning of OSPF is carried out through LSA Flooding. As we know by now, the OSPF
chooses the shortest path for the routers. The main process involves the sharing of LSAs and
determining the best route to each destination.
This is how OSPF works in three main steps:
The first step is to become neighbors with other routers connected to the same segment.
Then the routers exchange the Link State Advertisements (LSAs) with neighbor routers.
After that, each router independently calculates the best routes to each destination. Then it inserts all of
these into the routing table.
What are the Different States of OSPF?
The network devices that use the OSPF protocol undergo certain states. The various states of OSPF are
as follows:
Down:
No “Hello” packets are received on the interface in the down state. The downstate means that the OSPF
adjacency process has not begun yet.
INIT:
The “Hello” packets are received from other routers in the INIT state.
2WAY:
In this state, a bidirectional connection is formed. Both routers receive “Hello” packets from other
routers.
Exstart:
In this state, the exchange of NULL DBD takes place. Similar to the First Hop Redundant Protocol (FHRP),
the election of the master and slave router occurs. The router with the higher router ID becomes the
master while the router with the lower router ID becomes the slave. This decides which router sends
the DBD first.

Exchange:
The actual DBDs are exchanged in this state.
Loading:
The Link State Advertisements (LSAs) along with LSUs and LSRs are exchanged in this state.
Full:
All the information is synced in this state. It is only after the Full state that the OSPF routing begins!
Therefore, there are a total of seven states of OSPF that the routers undergo before the actual OSPF
routing begins.
What are the Advantages of OSPF?
The following are the major advantages of the OSPF protocol:
OSPF can be configured on both IPv4 and IPv6 versions of IPs.
It can carry out load balancing.
It uses the SPF algorithm to present a loop-free technology.
It is not Cisco proprietary. It can run on many routers.
It is a classless protocol.
It has unlimited hop counts.
It works very fast.
What are the Disadvantages of OSPF?
The following are the disadvantages of the OSPF protocol:
It needs extra storage. Therefore, it means that it needs an extra CPU process to run the SPF algorithm.
It needs more RAM to save adjacency topology.
It is very complex. Therefore, it’s very difficult to troubleshoot.
Bottom Line:
This marks the end of the OSPF blog. So far, we have learned what the OSPF protocol is and why it is
called a Link-State Protocol. We have also understood the working of the protocol.
Then, we learned the different states the routers undergo before the actual OSPF process begins. At last,
we looked over the advantages and disadvantages of the OSPF protocol.

What is BGP?
Border Gateway Protocol (BGP) is the postal service of the Internet. When someone drops a letter into a
mailbox, the Postal Service processes that piece of mail and chooses a fast, efficient route to deliver that
letter to its recipient. Similarly, when someone submits data via the Internet, BGP is responsible for
looking at all of the available paths that data could travel and picking the best route, which usually
means hopping between autonomous systems.
BGP is the protocol that makes the Internet work by enabling data routing. When a user in Singapore
loads a website with origin servers in Argentina, BGP is the protocol that enables that communication
to happen quickly and efficiently.
What is an autonomous system?
The Internet is a network of networks. It is broken up into hundreds of thousands of smaller networks
known as autonomous systems (ASes). Each of these networks is essentially a large pool of routers
run by a single organization.

If we continue to think of BGP as the Postal Service of the Internet, ASes are like individual post office
branches. A town may have hundreds of mailboxes, but the mail in those boxes must go through the
local postal branch before being routed to another destination. The internal routers within an AS are like
mailboxes. They forward their outbound transmissions to the AS, which then uses BGP routing to get
these transmissions to their destinations.

The diagram above illustrates a simplified version of BGP. In this version there are only six ASes on the
Internet. If AS1 needs to route a packet to AS3, it has two different options:
Hopping to AS2 and then to AS3:
AS2 → AS3
Or hopping to AS6, then to AS5, AS4, and finally to AS3:
AS6 → AS5 → AS4 → AS3
In this simplified model, the decision seems straightforward. The AS2 route requires fewer hops than the
AS6 route, and therefore it is the quickest, most efficient route. Now imagine that there are hundreds of
thousands of ASes and that hop count is only one part of a complex route selection algorithm. That is
the reality of BGP routing on the Internet.
The structure of the Internet is constantly changing, with new systems popping up and existing systems
becoming unavailable. Because of this, every AS must be kept up to date with information regarding
new routes as well as obsolete routes. This is done through peering sessions where each AS connects to
neighboring ASes with a TCP/IP connection for the purpose of sharing routing information. Using this
information, each AS is equipped to properly route outbound data transmissions coming from within.
Here is where part of our analogy falls apart. Unlike post office branches, autonomous systems are not
all part of the same organization. In fact, they often belong to competing businesses. For this reason,
BGP routes sometimes take business considerations into account. ASes often charge each other to carry
traffic across their networks, and the price of access can be factored into which route is ultimately
selected.
Who operates BGP autonomous systems?
ASes typically belong to Internet service providers (ISPs) or other large organizations, such as tech
companies, universities, government agencies, and scientific institutions. Each AS wishing to
exchange routing information must have a registered autonomous system number (ASN). Internet
Assigned Numbers Authority (IANA) assigns ASNs to Regional Internet Registries (RIRs), which then
assigns them to ISPs and networks. ASNs are 16 bit numbers between one and 65534 and 32 bit
numbers between 131072 and 4294967294. As of 2018, there are approximately 64,000 ASNs in use
worldwide. These ASNs are only required for external BGP.
What is the difference between external BGP and internal BGP?
Routes are exchanged and traffic is transmitted over the Internet using external BGP (eBGP).
Autonomous systems can also use an internal version of BGP to route through their internal networks,
which is known as internal BGP (iBGP). It should be noted that using internal BGP is NOT a requirement
for using external BGP. Autonomous systems can choose from a number of internal protocols to connect
the routers on their internal network.
External BGP is like international shipping. There are certain standards and guidelines that need to be
followed when shipping a piece of mail internationally. Once that piece of mail reaches its destination
country, it has to go through the destination country’s local mail service to reach its final destination.
Each country has its own internal mail service that does not necessarily follow the same guidelines as
those of other countries. Similarly, each autonomous system can have its own internal routing protocol
for routing data within its own network.
What are BGP attributes?
Overall, BGP tries to find the most efficient path for network traffic. But as noted above, hop count is not
the only factor BGP routers use for finding those paths. BGP assigns attributes to each path, and these
attributes help routers select a path when there are multiple options. Many routers allow administrators
to customize attributes for more granular control over how traffic flows on their networks. Some
examples of BGP attributes are:
Weight: A Cisco-proprietary attribute, this tells a router which local paths are preferred.
Local preference: This tells a router which outbound path to select.
Originate: This tells a router to choose routes it added to BGP itself.
AS path length: Similar to the example diagram above, this attribute tells a router to prefer shorter
paths.
There are several other BGP attributes as well. All these attributes are ordered by priority for BGP
routers — so that, for example, a BGP router first checks to see which route has the highest weight, then
checks local preference, then checks to see if the router originated the route, and so on. (So, if all routes
received have an equal weight, the router selects a path based on local preference instead.)
BGP flaws and how to address them
In 2004, a Turkish ISP called TTNet accidentally advertised incorrect BGP routes to its neighbors. These
routes claimed that TTNet itself was the best destination for all traffic on the Internet. As these routes
spread further and further to more autonomous systems, a massive disruption occurred, creating a one-
day crisis where many people across the world were not able to access some or all of the Internet.
Similarly, in 2008, a Pakistani ISP attempted to use a BGP route to block Pakistani users from visiting
YouTube. The ISP then accidentally advertised these routes with its neighboring ASes and the route
quickly spread across the Internet’s BGP network. This route sent users trying to access YouTube to a
dead end, which resulted in YouTube’s being inaccessible for several hours.
Another incident along these lines occurred in June 2019, when a small company in Pennsylvania
became the preferred path for routes through Verizon's network, causing much of the Internet to
become unavailable to users for several hours.
These are examples of a practice called BGP hijacking, which does not always happen accidentally. In
April 2018, attackers deliberately created bad BGP routes to redirect traffic that was meant for
Amazon’s DNS service. The attackers were able to steal over $100,000 worth of cryptocurrency by
redirecting the traffic to themselves.
BGP hijacking can be used for several kinds of attacks:
Phishing and social engineering through re-routing users to fake websites
Denial-of-service (DoS) through traffic blackholing or redirection
On-path attacks to modify exchanged data, and subvert reputation-based filtering systems
Impersonation attacks to eavesdrop on communications
Incidents like these can happen because the route-sharing function of BGP relies on trust, and
autonomous systems implicitly trust the routes that are shared with them. When peers announce
incorrect route information (intentionally or not), traffic goes where it is not supposed to, potentially
with malicious results.
How to secure BGP
Fortunately, some progress has been made in securing BGP. Most notably, a security framework for
routing called Resource Public Key Infrastructure (RPKI) was introduced in 2008. RPKI uses
cryptographically signed records called Route Origin Authorization (ROAs) to validate which network
operator is allowed to announce an organization’s IP addresses using BGP. This ensures that only
authorized parties are announcing an organization’s prefixes.
But RPKI’s existence alone is not enough. If large networks do not follow BGP security best practices,
they can spread large-scale hijacking attacks. Currently, over 50% of the top Internet providers
support RPKI to some extent, but a larger majority is needed to fully secure BGP. Network operators
can protect their networks by implementing RPKI and using network alerting technology like Cloudflare
Route Leak Detection. This feature helps prevent BGP hijacking attacks by letting customers know
when unauthorized parties are advertising their prefixes.

Proxy Server Definition

A proxy server is a system or router that provides a gateway between users and the internet. Therefore,
it helps prevent cyber attackers from entering a private network. It is a server, referred to as an
“intermediary” because it goes between end-users and the web pages they visit online.
When a computer connects to the internet, it uses an IP address. This is similar to your home’s street
address, telling incoming data where to go and marking outgoing data with a return address for other
devices to authenticate. A proxy server is essentially a computer on the internet that has an IP address
of its own.
Proxy Servers And Network Security
Proxies provide a valuable layer of security for your computer. They can be set up as web filters
or firewalls, protecting your computer from internet threats like malware.
This extra security is also valuable when coupled with a secure web gateway or other email
security products. This way, you can filter traffic according to its level of safety or how much traffic your
network—or individual computers—can handle.
How to use a proxy? Some people use proxies for personal purposes, such as hiding their location while
watching movies online, for example. For a company, however, they can be used to accomplish several
key tasks such as:
Improve security
Secure employees’ internet activity from people trying to snoop on them
Balance internet traffic to prevent crashes
Control the websites employees and staff access in the office
Save bandwidth by caching files or compressing incoming traffic
Click to See Larger Image

How A Proxy Works

Because a proxy server has its own IP address, it acts as a go-between for a computer and the internet.
Your computer knows this address, and when you send a request on the internet, it is routed to the
proxy, which then gets the response from the web server and forwards the data from the page to your
computer’s browser, like Chrome, Safari, Firefox, or Microsoft Edge
How to get a proxy
There are hardware and software versions. Hardware connections sit between your network and the
internet, where they get, send, and forward data from the web. Software proxies are typically hosted by
a provider or reside in the cloud. You download and install an application on your computer that
facilitates interaction with the proxy.
Often, a software proxy can be obtained for a monthly fee. Sometimes, they are free. The free versions
tend to offer users fewer addresses and may only cover a few devices, while the paid proxies can meet
the demands of a business with many devices.
How Is the server set up?
To get started with a proxy server, you have to configure it in your computer, device, or network. Each
operating system has its own setup procedures, so check the steps required for your computer or
network.
In most cases, however, setup means using an automatic configuration script. If you want to do it
manually, there will be options to enter the IP address and the appropriate port.
How does the proxy protect computer privacy and data?
A proxy server performs the function of a firewall and filter. The end-user or a network administrator
can choose a proxy designed to protect data and privacy. This examines the data going in and out of
your computer or network. It then applies rules to prevent you from having to expose your digital
address to the world. Only the proxy’s IP address is seen by hackers or other bad actors. Without your
personal IP address, people on the internet do not have direct access to your personal data, schedules,
apps, or files.
With it in place, web requests go to the proxy, which then reaches out and gets what you want from the
internet. If the server has encryption capabilities, passwords and other personal data get an extra tier of
protection.
Benefits Of A Proxy Server
Proxies come with several benefits that can give your business an advantage:
Enhanced security: Can act like a firewall between your systems and the internet. Without them,
hackers have easy access to your IP address, which they can use to infiltrate your computer or network.
Private browsing, watching, listening, and shopping: Use different proxies to help you avoid getting
inundated with unwanted ads or the collection of IP-specific data. With a proxy, site browsing is well-
protected and impossible to track.
Access to location-specific content: You can designate a proxy server with an address associated with
another country. You can, in effect, make it look like you are in that country and gain full access to all
the content computers in that country are allowed to interact with. For example, the technology can
allow you to open location-restricted websites by using local IP addresses of the location you want to
appear to be in.
Prevent employees from browsing inappropriate or distracting sites: You can use it to block access to
websites that run contrary to your organization’s principles. Also, you can block sites that typically end
up distracting employees from important tasks. Some organizations block social media sites like
Facebook and others to remove time-wasting temptations.
Types Of Proxy Servers
While all proxy servers give users an alternate address with which to use the internet, there are several
different kinds—each with its own features. Understanding the details behind the list of proxy types will
help you make a choice based on your use case and specific needs.
Forward proxy
A forward proxy sits in front of clients and is used to get data to groups of users within an internal
network. When a request is sent, the proxy server examines it to decide whether it should proceed with
making a connection.
A forward proxy is best suited for internal networks that need a single point of entry. It provides IP
address security for those in the network and allows for straightforward administrative control.
However, a forward proxy may limit an organization’s ability to cater to the needs of individual end-
users.
Transparent proxy
A transparent proxy can give users an experience identical to what they would have if they were using
their home computer. In that way, it is “transparent.” They can also be “forced” on users, meaning they
are connected without knowing it.
Transparent proxies are well-suited for companies that want to make use of a proxy without making
employees aware they are using one. It carries the advantage of providing a seamless user experience.
On the other hand, transparent proxies are more susceptible to certain security threats, such as SYN-
flood denial-of-service attacks.
Anonymous proxy
An anonymous proxy focuses on making internet activity untraceable. It works by accessing the internet
on behalf of the user while hiding their identity and computer information.
A anonymous proxy is best suited for users who want to have full anonymity while accessing the
internet. While anonymous proxies provide some of the best identity protection possible, they are not
without drawbacks. Many view the use of anonymous proxies as underhanded, and users sometimes
face pushback or discrimination as a result.
High anonymity proxy
A high anonymity proxy is an anonymous proxy that takes anonymity one step further. It works by
erasing your information before the proxy attempts to connect to the target site.
The server is best suited for users for whom anonymity is an absolute necessity, such as employees who
do not want their activity traced back to the organization. On the downside, some of them, particularly
the free ones, are decoys set up to trap users in order to access their personal information or data.
Distorting proxy
A distorting proxy identifies itself as a proxy to a website but hides its own identity. It does this by
changing its IP address to an incorrect one.
Distorting proxies are a good choice for people who want to hide their location while accessing the
internet. This type of proxy can make it look like you are browsing from a specific country and give you
the advantage of hiding not just your identity but that of the proxy, too. This means even if you are
associated with the proxy, your identity is still secure. However, some websites automatically block
distorting proxies, which could keep an end-user from accessing sites they need.
Data center proxy
Data center proxies are not affiliated with an internet service provider (ISP) but are provided by another
corporation through a data center. The proxy server exists in a physical data center, and the user’s
requests are routed through that server.
Data center proxies are a good choice for people who need quick response times and an inexpensive
solution. They are therefore a good choice for people who need to gather intelligence on a person or
organization very quickly. They carry the benefit of giving users the power to swiftly and inexpensively
harvest data. On the other hand, they do not offer the highest level of anonymity, which may put users’
information or identity at risk.
Residential proxy
A residential proxy gives you an IP address that belongs to a specific, physical device. All requests are
then channeled through that device.
Residential proxies are well-suited for users who need to verify the ads that go on their website, so you
can block cookies, suspicious or unwanted ads from competitors or bad actors. Residential proxies are
more trustworthy than other proxy options. However, they often cost more money to use, so users
should carefully analyze whether the benefits are worth the extra investment.
Public proxy
A public proxy is accessible by anyone free of charge. It works by giving users access to its IP address,
hiding their identity as they visit sites.
Public proxies are best suited for users for whom cost is a major concern and security and speed are not.
Although they are free and easily accessible, they are often slow because they get bogged down with
free users. When you use a public proxy, you also run an increased risk of having your information
accessed by others on the internet.
Shared proxy
Shared proxies are used by more than one user at once. They give you access to an IP address that may
be shared by other people, and then you can surf the internet while appearing to browse from a
location of your choice.
Shared proxies are a solid option for people who do not have a lot of money to spend and do not
necessarily need a fast connection. The main advantage of a shared proxy is its low cost. Because they
are shared by others, you may get blamed for someone else’s bad decisions, which could get you
banned from a site.
SSL proxy
A secure sockets layer (SSL) proxy provides decryption between the client and the server. As the data is
encrypted in both directions, the proxy hides its existence from both the client and the server.
These proxies are best suited for organizations that need enhanced protection against threats that the
SSL protocol reveals and stops. Because Google prefers servers that use SSL, an SSL proxy, when used in
connection with a website, may help its search engine ranking. On the downside, content encrypted on
an SSL proxy cannot be cached, so when visiting websites multiple times, you may experience slower
performance than you would otherwise.
Rotating proxy
A rotating proxy assigns a different IP address to each user that connects to it. As users connect, they are
given an address that is unique from the device that connected before it.
Rotating proxies are ideal for users who need to do a lot of high-volume, continuous web scraping. They
allow you to return to the same website again and again anonymously. However, you have to be careful
when choosing rotating proxy services. Some of them contain public or shared proxies that could expose
your data.
Reverse proxy
Unlike a forward proxy, which sits in front of clients, a reverse proxy is positioned in front of web
servers and forwards requests from a browser to the web servers. It works by intercepting requests
from the user at the network edge of the web server. It then sends the requests to and receives replies
from the origin server.
Reverse proxies are a strong option for popular websites that need to balance the load of many
incoming requests. They can help an organization reduce bandwidth load because they act like another
web server managing incoming requests. The downside is reverse proxies can potentially expose
the HTTP server architecture if an attacker is able to penetrate it. This means network administrators
may have to beef up or reposition their firewall if they are using a reverse proxy.

What is an IP Addressing?
Each device that uses a network receives an IP address and a special identifier number. IP Addresses are
necessary for routing data packets between devices and enabling Internet communication between
devices. Dotted decimal notation, which depicts four sets of bit. The network, separated by periods, is
the most common way to express IP addresses. The address is 32 bits, and every number corresponds to
a byte of the address.
There are two primary forms of IP addresses IPv4 and IPv6. Because of the 32-bit length and the limited
amount of unique IPv4 addresses, subnets and various methods for storing IP addresses have been
developed. There are many more unique addresses available for IPv6 addresses that are 128-bit.
Advantages of IP Addressing
You can generate a unique Identification Number with the help of IP Addressing for each device.
For performing Data Routing, IP Addressing is necessary between different networks.
You can access the device, servers, etc. with the internet with the help of IP Addressing,
Disadvantages of IP Addressing
Only a limited number of IPv4 Addresses can be accessed with the help of IP Addressing.
You will find complexity in configuring the IP Addresses.
If the IP Addresses are exposed, there is a very high chance of security threats.
What is a Subnetting?
A network is divided into smaller subnetworks, or subnetworks, through the process known as a
subnetwork. For this purpose, a network part of the IP address is created by taking bits from the host
part. The host party identifies the specific device on the subnetwork, while the network party identifies
the subnetwork as a whole.
The sub-network enables network managers to create more controllable and segmented networks for
performance or security needs. For example, a large enterprise could segment its network into
subnetworks for multiple divisions or locations.
Advantages of Subnetting
A Subnet can use the IP Addresses effectively as it divides large networks into smaller ones.
A Subnet can introduce additional security to the IP Addresses.
A Subnet can increase the performance by reducing the network traffic.
Disadvantages of Subnetting
If you want to expand or change the Subnet structure, it will be a bit difficult.
To design the Subnetted Network, you have to perform good calculations and planning.
If the configuration of the Subnet is not correct, it can bring many external threats.
Difference Between IP Addressing and Subnetting

Parameters IP Addressing Subnetting

Assign unique identifiers to Divide a network into smaller subnetworks for better
Purpose devices on a network. management and performance.

Divides a network into smaller subnets by borrowing bits

Assigns unique IP addresses
from the host portion of the IP address to create a network
to devices on a network.
Process portion.

Each device on the network The network is broken down into smaller subnets, each
Result has a unique IP address. with its unique network ID and range of IP addresses.

Enables devices to Improves network performance and security by reducing

communicate with each network congestion, isolating network traffic, and making
Benefits other over the Internet. it easier to manage IP address assignments and security.

Types IPv4 and IPv6 CIDR (Classless Inter-Domain Routing)

Dotted decimal notation Subnet mask (e.g., 255.255.255.0) or CIDR notation

Notation (e.g., 192.168.0.1) (e.g., /24)

32 bits (IPv4) or 128 bits Variable (depends on the number of bits borrowed for the
Length (IPv6) network portion of the IP address).

Example 192.168.0.1 192.168.0.0/24

Conclusion
In conclusion, subnetting and IP addressing are both crucial ideas in computer networking. In contrast to
subnetting, which involves partitioning a network into smaller subnetworks, IP addressing involves giving
each device on a network a distinct address. The sub-network enables network managers to create
smaller, more manageable networks that can be split for performance or security reasons.
There are many routing protocols in the networking domain that define a set of rules on how data
should be transmitted.