1.

Introduction to Computer Networking

What is a Computer Network?

computer network is a set of different devices connected to each other to facilitate communication
and data exchange. A network can be as small as two computers linked by a cable or as vast as the

Internet, which is the world's largest computer network, connecting billions of devices
simultaneously. The term "computer network" has evolved; with the rise of smart devices like
phones, cars, and even refrigerators connecting to the internet, the term

"Internet of Things" (IoT) is often more appropriate. Every time you stream a video, browse a
website, or send an email, you are using a computer network to retrieve data from remote servers.

The Need for Addressing

For devices to communicate over a network, they must have unique addresses. There are two
primary types of addresses:

• MAC (Media Access Control) Address: A permanent, hardware-level address built into the
device's Network Interface Card (NIC) by the manufacturer.

• IP (Internet Protocol) Address: A logical, network-level address that can be assigned

dynamically (temporarily) or statically (permanently). It identifies a device on a specific
network.

Each device on a network, such as a laptop or smartphone, will have both a unique MAC address and
an IP address to participate in communication.

2. Models of Network Communication

To ensure devices from different manufacturers can understand each other, they follow standardized
rules, or

protocols. Networking models provide a framework for understanding how these protocols work
together in layers to transmit data. The two most important models are the OSI model and the
TCP/IP model.

The TCP/IP Model

The TCP/IP model is a practical, four-layer model that describes how data communication occurs on
the Internet. Its name comes from two of its most important protocols: the Transmission Control
Protocol (TCP) and the Internet Protocol (IP). The layers are independent, meaning a change in one
layer does not require a change in the others.

Layer 4: Application Layer

• Function: This is the top layer where user-facing applications and network services reside. It
provides the data that needs to be sent across the network.

• Protocols: HTTP/HTTPS (web browsing), FTP (file transfer), SMTP (email), DNS (domain name
resolution), DHCP (IP address assignment).
Layer 3: Transport Layer

• Function: Establishes end-to-end communication and ensures reliable data delivery between
two devices. It handles flow control and error checking.

• Protocols:

o TCP (Transmission Control Protocol): A reliable, connection-oriented protocol. It

establishes a session before sending data and guarantees delivery by retransmitting
lost data packets.

o UDP (User Datagram Protocol): An unreliable, connectionless protocol. It sends data

without establishing a session, making it faster but without any guarantee of
delivery.

Layer 2: Internet Layer

• Function: Responsible for connecting different networks, finding the optimal path between
them, and routing packets from a source to a destination.

• Protocols: IP (IPv4, IPv6), ICMP (Internet Control Message Protocol), and various routing
protocols.

Layer 1: Network Access Layer

• Function: The lowest layer, responsible for the physical transmission of data over the media,
such as cables or wireless signals.

• Protocols/Technologies: Ethernet, Wi-Fi, Bluetooth.

The OSI Model

The Open Systems Interconnection (OSI) model is a more theoretical, seven-layer model that is often
used for educational purposes because it breaks down the networking process into more granular
steps.

Layer
OSI Layer Function PDU
#

7 Application Provides network services directly to user applications. Data

Translates, encrypts, and compresses data (e.g., character encoding

6 Presentation Data
like UTF-8).

5 Session Establishes, manages, and terminates sessions between applications. Data

Provides reliable or unreliable end-to-end data transmission

4 Transport Segment
(TCP/UDP).

Handles logical addressing (IP) and path determination (routing)

3 Network Packet
between networks.

Manages physical addressing (MAC), error detection, and framing for

2 Data Link Frame
a single link.
Layer
OSI Layer Function PDU
#

Transmits raw binary data (bits) over a physical medium (cables,

1 Physical Bits
radio waves).

Export to Sheets

Comparing the TCP/IP and OSI Models

The TCP/IP model's layers correspond to multiple layers in the OSI model.

TCP/IP Model Layers Corresponding OSI Model Layers

Application Application (7), Presentation (6), Session (5)

Transport Transport (4)

Internet Network (3)

Network Access Data Link (2), Physical (1)

Export to Sheets

Bits, Bytes, and Protocol Data Units (PDUs)

• Bit (Binary Digit): The smallest unit of information, represented as a 0 or 1.

• Byte: A group of 8 bits. One byte can represent a single character, like 'A'.

• Protocol Data Unit (PDU): The name for a piece of data at a specific layer of the OSI model.
As data moves down the layers, it is given a different name: Data (Layers 7-5), Segment
(Layer 4), Packet (Layer 3), Frame (Layer 2), and Bits (Layer 1).

Encapsulation and Decapsulation

Encapsulation is the process of adding protocol information (a header) at each layer as data moves
down from the Application layer to the Physical layer on the sending device.

1. Application Layer: Creates user data.

2. Transport Layer: Adds a TCP or UDP header (creating a segment).

3. Internet/Network Layer: Adds an IP header with source and destination IP addresses

(creating a packet).

4. Network Access/Data Link Layer: Adds an Ethernet header with source and destination MAC
addresses (creating a frame) and a trailer for error checking.

5. Physical Layer: The frame is converted into bits and sent over the physical medium.

Decapsulation is the reverse process. The receiving device removes the headers at each layer as the
data moves up, reading the information and passing the payload up to the next layer until the
original data reaches the application.
3. Network Performance Characteristics

The performance of a computer network is measured using several key metrics.

• Bandwidth: The maximum theoretical amount of data that can be transmitted over a link in
a given amount of time, measured in bits per second (bps). For example, 100 megabits per
second (Mbps) means 100 million bits can be sent per second. The effective bandwidth
between two devices is determined by the slowest link in the path, known as the

bottleneck.

• Throughput: The actual measured amount of data that is successfully transferred over a link,
which is always lower than the bandwidth due to overhead from protocol headers and
network delays.

• Latency: The one-way delay for data to travel from a source to a destination, measured in
milliseconds (ms). It is the sum of several types of delays:

o Processing Delay: Time taken by routers and switches to process the packet header.

o Queuing Delay: Time a packet spends waiting in a queue (buffer) before being
transmitted.

o Transmission Delay: Time it takes to push all of the packet's bits onto the link.

o Propagation Delay: Time it takes for a bit to travel the physical distance of the link.

• Round-Trip Time (RTT): The total time for a signal to be sent from a source to a destination
and for a response to be received back at the source. This is what the

ping utility measures.

• Jitter: The variation in latency over time for different packets in the same data stream. High
jitter can disrupt real-time applications like video calls, causing broken audio or video.

• Packet Loss: Occurs when network packets fail to reach their destination due to network
congestion, hardware failures, or other errors. Reliable protocols like TCP can recover from
packet loss by retransmitting the lost data.

4. The Physical and Data Link Layers (Ethernet)

Ethernet is the most popular set of protocols used at the Data Link (Layer 2) and Physical (Layer 1)
layers. It defines how devices communicate over both wired and wireless media. The standards are
created by the Institute of Electrical and Electronics Engineers (IEEE).

• IEEE 802.3: The standard for wired Ethernet over copper or fiber optic cables.

• IEEE 802.11: The standard for wireless networking (Wi-Fi), with various versions like 802.11n
and 802.11ac.

Physical Media

• Copper Cable: Uses electrical signals to transmit data. It consists of twisted pairs of wires to
reduce interference. Common types include Unshielded Twisted Pair (UTP) and Shielded
 Twisted Pair (STP), with different categories (e.g., Cat 6) supporting different speeds, up to 10
Gigabits per second (Gbps). The standard connector is

RJ45.

• Fiber Optic Cable: Transmits data using pulses of light, making it immune to electrical
interference and capable of much higher speeds (up to 100 Gbps) and longer distances (up
to 100 kilometers). It is more expensive and is used for network backbones and connections
between continents.

• Wireless: Uses radio waves to transmit data, offering flexibility and mobility. However, it is a
shared medium, making it susceptible to interference and collisions.

Network Interface Card (NIC)

Network Interface Card (NIC) is the hardware component that allows a device to connect to a
network. Every NIC, whether wired or wireless, has a unique MAC address burned into it by the
manufacturer.

MAC Addresses

MAC (Media Access Control) address is a 48-bit unique hardware identifier used to address devices
at the Data Link layer.

• Format: It is typically written as six groups of two hexadecimal characters, separated by

colons or dashes (e.g., 3C:5A:B4:01:23:45). A hexadecimal character can be represented by 4
bits.

• Structure: The 48-bit address is split into two parts:

o Organizational Unique Identifier (OUI): The first 24 bits, assigned by the IEEE to a
specific manufacturer (e.g., Cisco, Apple).

o NIC-Specific: The last 24 bits, assigned by the manufacturer to be unique for that
specific device.

• Types of MAC Addresses:

o Unicast: An address assigned to a single NIC, used for one-to-one communication.

o Multicast: An address representing a group of devices. Packets sent to this address

are received by all devices in the group.

o Broadcast: A special address (FF:FF:FF:FF:FF:FF) that sends a frame to all devices on

the same local network.

Network Switches

network switch is a Layer 2 device that connects multiple devices on a local area network (LAN). Its
primary function is to forward Ethernet frames to their correct destination as efficiently as possible.
 • How it Works: A switch learns the MAC addresses of the devices connected to each of its
ports by inspecting the source MAC address of incoming frames. It stores this information in
a

MAC address table. When a frame arrives, the switch looks at the destination MAC address, checks
its table, and forwards the frame only to the port where the destination device is located.

• Unknown Destinations: If the destination MAC address is not in its table, the switch will
flood the frame, sending it out to all ports except the one it came in on.

Ethernet Frame Format

An Ethernet frame is the PDU at the Data Link layer and has a specific structure.

Field Length Description

Preamble & A sequence of bits used by the receiving NIC to synchronize with
8 bytes
SFD the incoming signal and identify the start of the frame.

Destination
6 bytes The MAC address of the receiving device.
MAC

Source MAC 6 bytes The MAC address of the sending device.

0x0800
Type 2 bytes Identifies the protocol of the payload (e.g.,
for IPv4).

Payload 46-1500
The data received from the Network layer (e.g., an IP packet).
(Data) bytes

Frame Check Sequence (or Cyclic Redundancy Check). An error-

FCS (CRC) 4 bytes checking value. If the receiving device calculates a different
value, the frame is considered corrupt and is discarded.

Export to Sheets

Duplex and Collisions

• Full-Duplex: Communication where a device can send and receive data simultaneously. This
is standard for modern wired Ethernet connections.

• Half-Duplex: Communication where a device can only either send or receive at one time, but
not both. This is how Wi-Fi operates.

• Collision: Occurs in a half-duplex environment when two or more devices try to transmit
data at the same time on a shared medium. The signals interfere, corrupting the data.

• Collision Domain: A segment of a network where collisions can occur. On an old hub-based
network, all devices were in one large collision domain. On a modern switched network,
each port on the switch is its own separate collision domain, effectively eliminating collisions
in wired, full-duplex links.

• Collision Handling:
 o CSMA/CD (Carrier Sense Multiple Access with Collision Detection): Used in wired
Ethernet. Devices listen to see if the line is free before transmitting. If a collision is
detected, they stop, wait a random amount of time, and try again.

o CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance): Used in

wireless (Wi-Fi) networks. Devices listen for a clear channel and may reserve a time
slot to transmit, attempting to avoid collisions before they happen.

5. The Network Layer: IP Addressing and Routing

The Network Layer (Layer 3) is responsible for logical addressing and moving packets across different
networks, a process known as

routing.

Why We Need Layer 3

While Layer 2 (switches and MAC addresses) is effective for small local networks, it doesn't scale
well. A large network of only switches would suffer from:

• Broadcast Storms: A single broadcast frame would be forwarded by every switch to every
device, flooding the network and consuming all available bandwidth.

• Large MAC Address Tables: Switches would need to store the MAC addresses of every device
on the massive network, which is inefficient and can exceed their memory limits.

Routers and IP addresses solve this by dividing large networks into smaller, manageable logical
networks (or

subnets), and routers control the flow of traffic, including broadcasts, between them.

IP Addresses

An

IP (Internet Protocol) address is a logical address that identifies a device on a network.

• IPv4 vs. IPv6:

o IPv4: The older, 32-bit address format (e.g., 192.168.1.1). It consists of four decimal
numbers (octets), each ranging from 0 to 255. There are approximately 4.3 billion
possible IPv4 addresses, which have now been exhausted.

o IPv6: The newer, 128-bit address format (e.g.,

2001:0db8:85a3:0000:0000:8a2e:0370:7334). It uses hexadecimal characters and
provides a virtually limitless number of addresses.

• IP Address Types:

o Unicast: An address for a single device, used for one-to-one communication.

o Multicast: An address for a group of devices, used for one-to-many communication.

o Broadcast: An address that sends a packet to all devices on a particular network

(e.g., 255.255.255.255 for a local broadcast).
Public vs. Private IP Addresses

Due to the scarcity of IPv4 addresses, a system of public and private addressing was created.

• Private IP Addresses: These are non-routable on the public Internet. They are meant to be
used only within a private local network (e.g., your home or office). The ranges are defined in
RFC 1918:

o 10.0.0.0 to 10.255.255.255 (Class A)

o 172.16.0.0 to 172.31.255.255 (Class B)

o 192.168.0.0 to 192.168.255.255 (Class C)

• Public IP Addresses: These are unique, globally routable addresses assigned by Internet
Service Providers (ISPs). Any IP address not in the private ranges is considered public.

• Network Address Translation (NAT): This is the technology used by routers to allow devices
with private IP addresses to communicate with the Internet. The router translates the private
source IP address of an outgoing packet to its own public IP address and reverses the process
for incoming packets.

Static vs. Dynamic Addressing

• Static IP: An IP address that is manually configured and does not change. This is typically
used for servers, printers, or other devices that need a consistent address.

• Dynamic IP: An IP address that is automatically assigned to a device for a temporary period.
This is managed by a

DHCP (Dynamic Host Configuration Protocol) server, which is often built into home routers. Most
client devices (laptops, phones) use dynamic addressing.

IPv4 Packet Header

The IPv4 packet header contains crucial information for routing the packet. Key fields include:

Field Description

Version Identifies the IP version (value is 4).

IHL Header length in 32-bit words.

Differentiated Services Code Point, used for prioritizing traffic (Quality of

DSCP
Service).

Total Length The total size of the packet (header + data) in bytes.

Identification, Flags, Fields used for fragmenting large packets into smaller pieces for
Fragment Offset transmission and reassembling them at the destination.

A counter that is decremented by each router that processes the packet. If

Time to Live (TTL)
it reaches 0, the packet is discarded to prevent infinite routing loops.
Field Description

Identifies the transport layer protocol of the payload (e.g., 6 for TCP, 17
Protocol
for UDP).

An error-checking value for the header only. It must be recalculated by

Header Checksum
every router since the TTL changes.

Source IP Address The 32-bit IP address of the sending device.

Destination IP Address The 32-bit IP address of the receiving device.

Export to Sheets

Routers and Routing

router is a Layer 3 device whose main purpose is to receive incoming packets, look at their
destination IP address, and forward them to the next network on the path to their final destination.

• Routing Table: Every router maintains a routing table, which is a list of known networks and
the path to reach them. A routing table entry typically contains:

o Network and Mask: The destination network prefix (e.g., 10.2.10.0/24).

o Next-Hop Router: The IP address of the next router to send the packet to.

o Outgoing Interface: The local interface on the router to use to send the packet.

• Routing Decision: When a packet arrives, the router performs a lookup in its routing table to
find the best match for the destination IP address. Routers use the

longest prefix match rule: if a destination matches multiple routes, the router will choose the most
specific route (the one with the longest subnet mask). If no specific route is found, the packet is sent
to the

default route (0.0.0.0/0), which typically points towards the Internet.

6. Subnetting

A network is defined by a

network prefix (the network portion of an IP address) and a network mask (which specifies how
many bits are in the network portion). For example, in

192.168.1.100 with a mask of /24 (or 255.255.255.0), the first 24 bits (192.168.1) are the network
portion, and the last 8 bits (.100) are the host portion.

• Network Address: The address where all host bits are zero (e.g., 192.168.1.0). This address
represents the network itself.

• Broadcast Address: The address where all host bits are one (e.g., 192.168.1.255). This
address is used to send a packet to all hosts on the network.
 • Host Addresses: All addresses between the network and broadcast addresses can be
assigned to devices.

• Calculating Available Hosts: The number of usable host addresses in a network is 2^h - 2,
where h is the number of host bits. The "-2" accounts for the reserved network and
broadcast addresses.

What is Subnetting?

Subnetting is the process of taking a single, large network and dividing it into multiple smaller
networks, called subnets. This is done by "borrowing" bits from the host portion of the address and
adding them to the network portion, thus extending the network mask.

Why Subnet?

1. Reduce Broadcast Domain Size: Each subnet is a separate broadcast domain, meaning
broadcasts are contained within that subnet and do not flood the entire organization's
network.

2. Efficient Use of IP Addresses: It allows for more efficient allocation of IP addresses,

especially public ones, by creating subnets of the appropriate size for different departments
or locations.

3. Improved Security and Management: It allows network administrators to apply different

security policies to different subnets.

7. Supporting Protocols and Communication Flow

ARP (Address Resolution Protocol)

ARP operates at the boundary of Layer 2 and Layer 3 and is crucial for local network communication.

• Purpose: To resolve a known IP address to its corresponding MAC address. A device needs
the destination MAC address to create the Layer 2 Ethernet frame, but applications typically
only work with IP addresses.

• Process:

1. A device (Host A) wants to send a packet to another device (Host B) on the same
local network. It knows Host B's IP address but not its MAC address.

2. Host A sends an ARP Request as a broadcast frame (FF:FF:FF:FF:FF:FF) to the entire

local network. The request essentially asks, "Who has IP address

x.x.x.x? Please tell me your MAC address.".

3. All devices on the LAN receive and process the request, but only Host B, whose IP
address matches the request, will respond.

4. Host B sends an

ARP Reply directly (unicast) to Host A, saying, "I have that IP address, and my MAC address is
yy:yy:yy:yy:yy:yy.".
 5. Host A receives the reply and stores the IP-to-MAC mapping in its ARP cache for
future use. It can now create the Ethernet frame and send the packet.

ICMP (Internet Control Message Protocol)

ICMP is a network layer protocol used by devices to send control messages and report errors. It is not
used for end-user data transmission.

• Purpose: Its most common use is for diagnostics. The

ping utility uses ICMP Echo Request and Echo Reply messages to test connectivity to another device
and measure round-trip time. The

traceroute (or tracert on Windows) utility uses ICMP to discover the path (the sequence of routers)
that packets take to a destination.

End-to-End Communication Flow

Case 1: Communication within the Same Network

1. Application: A user on PC1 (192.168.1.5) wants to access a resource on PC2 (192.168.1.7).

2. Network Logic: PC1 compares its IP and mask with the destination IP and determines they
are on the same local network.

3. ARP: PC1 checks its ARP cache for the MAC address of 192.168.1.7. If not found, it performs
an ARP request/reply process to learn it.

4. Encapsulation: PC1 creates the packet with a destination IP of 192.168.1.7 and then creates
the frame with the destination MAC of PC2.

5. Transmission: The frame is sent to the local switch, which forwards it directly to the port
connected to PC2.

Case 2: Communication to a Different Network

1. Application: A user on PC1 (192.168.1.5) wants to access Google's server (8.8.8.8).

2. Network Logic: PC1 determines that the destination IP 8.8.8.8 is on a different network.
Therefore, it knows it must send the packet to its

default gateway (the local router). Let's say the router's IP is

192.168.1.1.

3. ARP: PC1 needs the router's MAC address, not Google's. It checks its ARP cache for the MAC
of 192.168.1.1. If not found, it performs an ARP request for the router's MAC.

4. Encapsulation:

o Packet (Layer 3): The source IP is 192.168.1.5, and the destination IP is 8.8.8.8. This

never changes during the journey.

o Frame (Layer 2): The source MAC is PC1's MAC, but the destination MAC is the
router's MAC.

5. Routing:
 o The switch sends the frame to the router.

o The router receives the frame, sees its own MAC as the destination, and
decapsulates it to inspect the IP packet.

o The router looks up

8.8.8.8 in its routing table and finds the next-hop router on the path to the destination.

o The router re-encapsulates the packet in a new frame. The new source MAC is the
router's outgoing interface MAC, and the new destination MAC is that of the next-
hop router.

o This process of decapsulating and re-encapsulating at Layer 2 happens at every

router along the path until the packet reaches the final network where Google's
server resides.

8. The Transport Layer: TCP and UDP

The Transport Layer (Layer 4) is responsible for process-to-process communication, using

ports to deliver data to the correct application on a device. It also provides reliability and flow
control.

Multiplexing and Demultiplexing

• Multiplexing: On the sending device, the transport layer takes data from multiple
applications (e.g., a web browser, an email client, a music app), adds the appropriate TCP or
UDP headers, and passes the segments down to the network layer. This allows multiple
applications to share the same network connection.

• Demultiplexing: On the receiving device, the transport layer reads the destination port
number in the incoming segments and directs the data to the correct application waiting on
that port.

Ports and Sockets

• Ports: A 16-bit number (0-65535) used to identify a specific application or process on a

device.

o Well-Known Ports (0-1023): Reserved for standard services (e.g., HTTP on port 80,
HTTPS on 443, SSH on 22).

o Registered Ports (1024-49151): Can be registered by companies for their

applications.

o Dynamic/Private Ports (49152-65535): Used by client applications as temporary

source ports when initiating a connection.

• Socket: An endpoint for communication, uniquely identified by a combination of five values:

(1) Protocol (TCP/UDP), (2) Source IP, (3) Source Port, (4) Destination IP, and (5) Destination
Port. A server can handle thousands of simultaneous client connections because each
connection creates a unique socket.
TCP (Transmission Control Protocol)

TCP is a

reliable, connection-oriented protocol. It is used for applications that require guaranteed data
delivery, like web browsing, file transfers, and email.

• Three-Way Handshake (Connection Establishment): Before any data is sent, TCP establishes
a connection using a three-step process:

1. SYN: The client sends a segment with the SYN (synchronize) flag set to the server.

2. SYN-ACK: The server responds with a segment that has both the SYN and ACK
(acknowledgment) flags set.

3. ACK: The client sends a final segment with the ACK flag set, confirming the
connection is established.

• Reliability: TCP uses sequence numbers to track each byte of data sent and
acknowledgments from the receiver to confirm receipt. If an acknowledgment is not
received within a certain time, TCP will retransmit the data, ensuring no data is lost.

• Flow Control: TCP uses a window size to manage the rate of data transmission, preventing
the sender from overwhelming the receiver.

• Connection Teardown: When the data transfer is complete, a similar process using the FIN
(finish) flag is used to gracefully close the connection.

• TCP Header: The TCP header is complex, containing fields for source/destination ports,
sequence/acknowledgment numbers, flags (SYN, ACK, FIN, RST), window size, and a
checksum for error detection.

UDP (User Datagram Protocol)

UDP is a

unreliable, connectionless protocol. It is used for applications that prioritize speed and low overhead
over reliability, such as live video/audio streaming, online gaming, and DNS.

• "Best-Effort" Delivery: UDP simply sends segments (called datagrams) without establishing a
connection or waiting for acknowledgments. There is no guarantee that the data will arrive,
or that it will arrive in order.

• Speed: Because it has very little overhead (no handshakes, sequencing, or

acknowledgments), UDP is much faster than TCP.

• UDP Header: The UDP header is very simple, containing only four fields: source port,
destination port, length, and a checksum.

TCP (Transmission Control UDP (User Datagram

Feature
Protocol) Protocol)

High (guaranteed Low (best-effort, no

Reliability
delivery, in-order) guarantees)
 TCP (Transmission Control UDP (User Datagram
Feature
Protocol) Protocol)

Connection-Oriented Connectionless (no

Connection
(three-way handshake) handshake)

Speed Slower Faster

Low (8-byte
Overhead High (20+ byte header)
header)

Flow
Yes (sliding window) No
Control

Web (HTTP/S), Email Streaming, Gaming,

Use Cases
(SMTP), File Transfer (FTP) VoIP, DNS, DHCP

Export to Sheets

9. Advanced Routing Topics

Autonomous System (AS)

The Internet is not a single, monolithic network; it is a "network of networks." An

Autonomous System (AS) is a large network or a group of networks under a single administrative
control, such as a major ISP (e.g., Comcast, AT&T), a large tech company (e.g., Google, Amazon), or a
university. Each AS is assigned a unique

Autonomous System Number (ASN) by a regional internet registry.

IGP vs. EGP Routing Protocols

Routing protocols are used by routers to dynamically share information about reachable networks.
They are divided into two main categories:

1. Interior Gateway Protocol (IGP): Used for routing within a single Autonomous System. The
goal of an IGP is to find the fastest and most efficient path inside its own network. Examples
include:

o OSPF (Open Shortest Path First): A widely used link-state protocol that builds a
complete map of the network to calculate the best path.

o EIGRP (Enhanced Interior Gateway Routing Protocol): A Cisco-proprietary distance-

vector protocol.

o RIP (Routing Information Protocol): An older distance-vector protocol that

determines the best path based on hop count (number of routers).

2. Exterior Gateway Protocol (EGP): Used for routing between different Autonomous Systems.
The primary goal of an EGP is to enforce policies about which traffic can cross AS boundaries.
 o BGP (Border Gateway Protocol): This is the one and only EGP used on the modern
Internet. BGP routers exchange reachability information for large blocks of public IP
addresses. BGP routers are configured to filter out and not advertise private IP
address ranges (RFC 1918).

Link-State vs. Distance-Vector Protocols

This describes how routing protocols operate:

• Distance-Vector: Routers only know about their directly connected neighbors. They advertise
their routes to their neighbors, telling them the "distance" (metric, e.g., hop count) to each
destination. This is sometimes called "routing by rumor" because routers trust the
information their neighbors give them without having a full picture of the network topology.
RIP and BGP are distance-vector protocols.

• Link-State: Each router builds a complete map (a topological database) of the entire network
within its area. They do this by flooding information about the status of their own links ("link-
states") to all other routers. With a full map, each router can independently calculate the
shortest path to every destination. OSPF is a link-state protocol. Link-state protocols converge
faster after a network change but require more CPU and memory.

CIDR and Route Summarization

• CIDR (Classless Inter-Domain Routing): The modern approach to IP addressing that ignores
the old "class" system (Class A, B, C) and instead uses variable-length subnet masks (e.g., /24,
/26, /12). This allows for much more flexible and efficient allocation of IP addresses. Every
route in a modern routing table is a CIDR prefix (network + mask).

• Route Summarization (or Aggregation): The process of combining multiple, more specific
network routes into a single, less specific (or "summary") route. For example, instead of
advertising sixteen separate

/16 networks, a router can advertise a single /12 route that encompasses all of them. This is crucial
for keeping routing tables on the Internet at a manageable size.