Networking Diaries #004

Hello Network!??

Welcome to the fourth entry of the Networking Diaries! I’m really enjoying this—recapping what I’ve learnt is both helpful and fun. I’m glad I've been consistent with it : ) I truly appreciate all the engagement so far! In this entry, I'll be reflecting on what I learnt in the fourth week of The NetClan LiNE program.

So, week 4 kicked off with the selection of our presentation topic. In the Net Clan LiNE program, each core module of the CCNA study curriculum concludes with a presentation. There are three core modules in total, and the presentation marks the completion of each one. Each group selects a topic to research and present. My group, Net Zone, chose Ethernet Switching as our topic. More on our presentation and how it went coming soon.

The week’s focus was on ICMP, the Transport layer (TCP), and the Application layer.

So, in the second entry, I briefly introduced ICMP, a messaging protocol found at the Network layer (L3) of the OSI model. This week, I got to understand its functionality.

ICMP exists in two versions: ICMPv4 (for IPv4 networks) & ICMPv6 (for IPv6 networks, with additional features).

ICMP messages serve critical network functions, including:

• Host Reachability: determines whether a device is available on the network.
• Destination or Service Unreachable: indicates when a destination cannot be reached due to issues like network failures or firewall restrictions.
• Time Exceeded: used when a packet's lifespan expires before reaching its destination.

A key function I explored was the ICMP Echo Request, which tests host reachability. This forms the basis of the ping utility. When a device sends an echo request, the receiving device responds with an Echo Reply, confirming its availability.

I learnt about Ping and it’s use in testing and measuring network performance. Interesting fact: the first ping attempt often times out if the network needs to perform ARP (for IPv4) or ND (for IPv6) before sending the echo request.

Here’s what I know about using ping for different network tests:

1. Local Loopback Test: ping 127.0.0.1 (for IPv4) or ping ::1 (for IPv6) confirms that the IP configuration on the local host is correct.
2. Default Gateway Test: verifies a hosts ability to communicate with its local network router. A successful ping means both the host and router interface are operational.
3. Remote Host Test: determines whether a local device can communicate across an internetwork.

Another interesting tool I learnt about was Traceroute (tracert in Windows, traceroute in Linux/macOS). This command maps the path a data packet takes to reach a destination and helps with troubleshooting. It does so using the Time to Live (TTL) field in IPv4 or the Hop Limit in IPv6. When a packet’s TTL expires at a hop, the router returns a "Time Exceeded" message, revealing its presence in the path.

That wrapped up my learning of L3. Up next is The Transport layer (L4)!

L4 serves as the interface between the Application layer and the lower layers of the OSI model. It ensures data is properly transmitted between devices, whether over a reliable, connection-oriented protocol like TCP or a faster, connectionless protocol like UDP.

L4 consists of two core protocols: Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). Each protocol has its own PDU—TCP segments data into segments, while UDP sends datagrams.

L4 is responsible for tracking conversations between devices, segmenting data for transmission and reassembling it at the destination, adding header information to ensure correct delivery, identifying applications through port numbers, and facilitating multiplexing, which allows multiple applications to share the same network connection.

TCP is a stateful, connection-based protocol that establishes a dedicated connection between sender and receiver before data transfer begins. It ensures reliable communication through several mechanisms:

• Flow control regulates data transmission to prevent overwhelming the receiver.
• Acknowledgments (ACKs) confirm successful data reception.
• Sequence numbers ensure data is received in the correct order.

TCP also includes error checking and retransmission to handle lost or corrupted packets. The following applications use TCP: HTTP/HTTPS for web browsing, FTP for file transfers, and SMTP, POP3, and IMAP for email communication. These applications require reliable, ordered, and error-checked data delivery, making TCP the ideal choice.

Unlike TCP, UDP is stateless and sends data without establishing a prior connection. It does not include features like acknowledgments, retransmission, or sequencing, making it less reliable but much faster. This makes UDP ideal for real-time applications where speed is more critical than reliability.

Applications that use UDP include DNS, which resolves domain names to IP addresses, VoIP for voice communication, and streaming services for video and gaming. These applications benefit from the low latency and reduced overhead that UDP provides.

Then, I explored the TCP and UDP headers

The TCP header contains several important fields that define how a connection is established and maintained. One of the most critical parts is the control bits/ flags, which indicate specific actions within a TCP session:

• The SYN (Synchronize) flag initiates a connection.
• The ACK (Acknowledgment) flag confirms received data.
• The FIN (Finish) flag signals the end of a session.
• The RST (Reset) flag abruptly closes a connection.
• The PSH (Push) flag ensures data is sent immediately.
• The URG (Urgent) flag prioritizes urgent data over other transmissions.

TCP connections are established through a Three-Way Handshake. First, the client sends a SYN packet to initiate the connection. The server responds with a SYN-ACK to acknowledge the request. Finally, the client sends an ACK, confirming the connection is established.

When a session is over and data transmission is complete, TCP follows a structured four-step process to terminate the session: One device sends a FIN request to end the session, and the other device acknowledges with an ACK. The second device then sends its own FIN request, which is again acknowledged by an ACK, officially closing the session.

To improve efficiency, TCP employs different types of acknowledgments:

• Expectational Acknowledgment ensures that the receiver confirms receipt of expected data.
• Selective Acknowledgment (SACK) allows the receiver to acknowledge only specific portions of received data, minimizing retransmissions.

Another important concept is Sliding Window Flow Control. Instead of sending a packet and waiting for an acknowledgment before sending the next one, the receiver continuously adjusts the sending window size based on its processing capacity. This improves efficiency by allowing data transmission to continue while acknowledgments are received.

That concluded my study of Transport layer (L4).

Next up were the upper layers of the OSI model (L5 – L7), collectively known as the Application layer. This layer ensures communication between user applications and the underlying network and is divided into three sublayers:

• Session Layer (L5): manages the initiation, maintenance, and termination of communication sessions. It ensures sessions remain active, restarts them if they become idle, and coordinates data exchange between devices.
• Presentation Layer (L6): handles data formatting, compression, and encryption, ensuring that transmitted data is in a readable format for the receiving system. It also sets standards for file formats like .jpg, .mp4, .png, .gif, and .mkv, ensuring compatibility across different devices and applications.
• Application Layer (L7): defines how applications communicate over the network. It structures, transmits, and interprets messages between applications, providing a direct interface between software and network services.

I learnt that the upper layers of the OSI model handle web, email, and file-sharing protocols.

Web protocols define how web browsers and servers interact. HTTP/HTTPS operates as a request/response protocol, where common message types include:

• GET (retrieves data).
• POST (submits data).
• PUT (updates existing data).

Email protocols regulate how emails are sent and received. They include:

• SMTP (Simple Mail Transfer Protocol) is used for sending emails.
• POP3 (Post Office Protocol v3) and IMAP (Internet Message Access Protocol) manage email retrieval and synchronization across devices.

The Domain Name System (DNS) plays a critical role in translating domain names into IP addresses. It follows a hierarchical structure, ensuring efficient name resolution across the internet.

Another key protocol in this layer is DHCP (Dynamic Host Configuration Protocol), which dynamically assigns IP addresses to devices in a network.

In IPv4, this process involves four steps: DISCOVER, OFFER, REQUEST, and ACKNOWLEDGE (ACK) or DORA as Emmanuel Sam had mentioned during a live session.

In IPv6, a similar process occurs using SOLICIT, ADVERTISE, INFORMATION REQUEST, and REPLY messages.

File sharing and network resource access was quite an interesting topic. Protocols involved include: FTP (File Transfer Protocol) allows file transfers between a client and a server. It uses two separate ports—port 21 for control communication and port 20 for data transfer.

Finally, I read about the SMB (Server Message Block) which is a request/response protocol used for sharing network resources such as files, directories, printers, and serial ports. It is the primary file-sharing protocol for Windows networks, though Apple macOS also supports SMB. Linux and UNIX systems use Samba, an open-source implementation of SMB, to enable compatibility with Windows-based networks.

And that’s a wrap on week 4! It’s amazing to see how everything connects, and I’m excited to keep building on this knowledge! What are your thoughts on these concepts? Let me know in the comments!

Till next time,

Chinwendu.