Back to guides
beginner

Networking Fundamentals: Core Concepts

Last updated: September 20, 2025 · 10 min read

Computer networking is the foundation of modern computing. Understanding how data travels across networks is essential for anyone working in software development, system administration, or cybersecurity.

This guide covers the fundamental concepts of networking, focusing on the theoretical foundations that underpin all network communication.

Network Models

The OSI Model

The Open Systems Interconnection (OSI) model is a conceptual framework that standardizes network communication into seven layers. Each layer has specific responsibilities and communicates with the layers directly above and below it.

Layer Name Function Examples
7 Application User interface and application services HTTP, FTP, SMTP, DNS
6 Presentation Data formatting, encryption, compression SSL/TLS, JPEG, ASCII
5 Session Session management, authentication NetBIOS, RPC
4 Transport End-to-end delivery, flow control TCP, UDP
3 Network Logical addressing, routing IP, ICMP, ARP
2 Data Link Physical addressing, frame delivery Ethernet, Wi-Fi, MAC
1 Physical Bit transmission over physical medium Cables, signals, voltages

Data flows down through the layers when sending (encapsulation) and up through the layers when receiving (decapsulation).

Encapsulation

As data moves down the OSI layers, each layer adds its own header (and sometimes trailer) information:

  1. Application data is created
  2. Transport layer adds TCP/UDP header (segment)
  3. Network layer adds IP header (packet)
  4. Data Link layer adds MAC header and trailer (frame)
  5. Physical layer converts to bits for transmission

The reverse process occurs at the receiving end.

The TCP/IP Model

The TCP/IP model is a more practical, implementation-focused model with four layers:

TCP/IP Layer OSI Equivalent Protocols
Application 5, 6, 7 HTTP, DNS, FTP, SSH
Transport 4 TCP, UDP
Internet 3 IP, ICMP, ARP
Network Access 1, 2 Ethernet, Wi-Fi

The TCP/IP model is what the Internet actually uses, while OSI remains valuable as a teaching and reference model.

IP Addressing

IPv4

IPv4 addresses are 32-bit numbers, typically written in dotted decimal notation:

192.168.1.100

Each octet represents 8 bits, ranging from 0 to 255.

Address Classes (Historical)

The original classful addressing system divided the IP space:

Class First Octet Default Mask Networks Hosts per Network
A 1-126 255.0.0.0 126 16,777,214
B 128-191 255.255.0.0 16,384 65,534
C 192-223 255.255.255.0 2,097,152 254
D 224-239 Multicast - -
E 240-255 Reserved - -

Note: 127.x.x.x is reserved for loopback (localhost).

Private Address Ranges

Reserved for internal networks (RFC 1918):

Class Range CIDR
A 10.0.0.0 - 10.255.255.255 10.0.0.0/8
B 172.16.0.0 - 172.31.255.255 172.16.0.0/12
C 192.168.0.0 - 192.168.255.255 192.168.0.0/16

These addresses are not routable on the public Internet and require NAT for external communication.

Special Addresses

Address Purpose
0.0.0.0 Default route, unspecified
127.0.0.1 Loopback (localhost)
255.255.255.255 Broadcast
169.254.x.x Link-local (APIPA)

Subnetting

Subnetting divides a network into smaller, more manageable segments.

Subnet Masks

A subnet mask determines which portion of an IP address identifies the network and which identifies the host:

IP:     192.168.1.100
Mask:   255.255.255.0
Network: 192.168.1.0
Host:   .100

CIDR Notation

Classless Inter-Domain Routing (CIDR) notation expresses the subnet mask as a prefix length:

CIDR Subnet Mask Hosts
/8 255.0.0.0 16,777,214
/16 255.255.0.0 65,534
/24 255.255.255.0 254
/25 255.255.255.128 126
/26 255.255.255.192 62
/27 255.255.255.224 30
/28 255.255.255.240 14
/29 255.255.255.248 6
/30 255.255.255.252 2

Calculating Subnets

To subnet a network:

  1. Determine how many subnets or hosts you need
  2. Calculate the required bits to borrow from the host portion
  3. Calculate the new subnet mask
  4. Determine the network addresses for each subnet

Example: Divide 192.168.1.0/24 into 4 subnets

  • Need 2 bits for 4 subnets (2^2 = 4)
  • New mask: /26 (255.255.255.192)
  • Subnets: 192.168.1.0/26, 192.168.1.64/26, 192.168.1.128/26, 192.168.1.192/26
  • Each subnet has 62 usable hosts

Network and Broadcast Addresses

For any subnet:

  • First address: Network address (not usable for hosts)
  • Last address: Broadcast address (not usable for hosts)
  • Usable hosts: Total addresses - 2

Transport Layer Protocols

TCP (Transmission Control Protocol)

TCP provides reliable, ordered, connection-oriented communication.

Characteristics:

  • Connection establishment via three-way handshake
  • Guaranteed delivery with acknowledgments
  • Flow control using sliding window
  • Congestion control
  • In-order delivery
  • Error detection and retransmission

Three-way handshake:

  1. Client sends SYN
  2. Server responds with SYN-ACK
  3. Client sends ACK

Connection termination uses a four-way handshake with FIN and ACK flags.

TCP Header Fields:

Field Size Purpose
Source Port 16 bits Sender’s port
Destination Port 16 bits Receiver’s port
Sequence Number 32 bits Byte position in stream
Acknowledgment 32 bits Next expected byte
Flags 6 bits SYN, ACK, FIN, RST, PSH, URG
Window Size 16 bits Flow control
Checksum 16 bits Error detection

UDP (User Datagram Protocol)

UDP provides fast, connectionless, unreliable communication.

Characteristics:

  • No connection establishment
  • No guaranteed delivery
  • No ordering guarantees
  • Lower overhead than TCP
  • Suitable for real-time applications

UDP Header Fields:

Field Size Purpose
Source Port 16 bits Sender’s port
Destination Port 16 bits Receiver’s port
Length 16 bits Datagram length
Checksum 16 bits Error detection (optional in IPv4)

TCP vs UDP

Aspect TCP UDP
Connection Connection-oriented Connectionless
Reliability Guaranteed delivery Best effort
Ordering In-order No ordering
Speed Slower (overhead) Faster
Use cases Web, email, file transfer Streaming, DNS, gaming

Network Layer Protocols

IP (Internet Protocol)

IP provides logical addressing and routing across networks.

IPv4 Header Fields:

Field Purpose
Version IP version (4 or 6)
Header Length Size of header
TTL Hop limit to prevent loops
Protocol Upper layer protocol (TCP=6, UDP=17)
Source IP Sender’s address
Destination IP Receiver’s address
Checksum Header integrity

ICMP (Internet Control Message Protocol)

ICMP is used for network diagnostics and error reporting.

Common ICMP types:

Type Name Purpose
0 Echo Reply Ping response
3 Destination Unreachable Routing failure
8 Echo Request Ping request
11 Time Exceeded TTL expired

ARP (Address Resolution Protocol)

ARP maps IP addresses to MAC addresses within a local network.

Process:

  1. Host needs MAC address for destination IP
  2. Sends ARP broadcast: “Who has 192.168.1.1?”
  3. Owner responds with its MAC address
  4. Mapping is cached in ARP table

Routing

Routing Concepts

Routers forward packets between networks using routing tables.

A routing table entry contains:

  • Destination network
  • Subnet mask
  • Next hop (gateway)
  • Interface
  • Metric (cost)

Static vs Dynamic Routing

Static routing:

  • Manually configured routes
  • Simple, predictable
  • Does not adapt to network changes
  • Suitable for small networks

Dynamic routing:

  • Routes learned automatically
  • Adapts to topology changes
  • Requires routing protocols
  • More complex, more overhead

Routing Protocols

Interior Gateway Protocols (within an AS):

Protocol Type Metric
RIP Distance Vector Hop count
OSPF Link State Cost
EIGRP Hybrid Composite

Exterior Gateway Protocols (between ASes):

  • BGP (Border Gateway Protocol): The routing protocol of the Internet

Default Gateway

The default gateway is the router that handles traffic destined for networks not in the local routing table. When a host doesn’t have a specific route, it forwards packets to the default gateway.

DNS (Domain Name System)

DNS translates human-readable domain names to IP addresses.

DNS Hierarchy

. (root)
|-- com
|   |-- example
|       |-- www
|-- org
|-- net

Record Types

Type Purpose Example
A IPv4 address -> 93.184.216.34
AAAA IPv6 address IPv6 equivalent of A
CNAME Alias www -> example.com
MX Mail server example.com -> mail.example.com
NS Name server Authoritative DNS server
TXT Text data SPF, DKIM, verification
PTR Reverse lookup IP -> domain

DNS Resolution Process

  1. Client queries local resolver
  2. Resolver checks cache
  3. If not cached, queries root server
  4. Root refers to TLD server
  5. TLD refers to authoritative server
  6. Authoritative returns answer
  7. Response cached at each level

NAT (Network Address Translation)

NAT allows multiple devices to share a single public IP address.

Types of NAT

Static NAT: One-to-one mapping between private and public addresses.

Dynamic NAT: Pool of public addresses shared among internal hosts.

PAT (Port Address Translation): Single public IP with different ports for each internal host. Also called NAT overload.

How PAT Works

  1. Internal host initiates connection
  2. Router replaces source IP with public IP
  3. Router assigns unique source port
  4. Router maintains translation table
  5. Return traffic is translated back

DHCP (Dynamic Host Configuration Protocol)

DHCP automatically assigns IP configuration to hosts.

DHCP Process (DORA)

  1. Discover: Client broadcasts request for IP
  2. Offer: Server offers IP configuration
  3. Request: Client requests offered IP
  4. Acknowledge: Server confirms assignment

Information Provided

  • IP address
  • Subnet mask
  • Default gateway
  • DNS servers
  • Lease duration

Ethernet and Switching

MAC Addresses

MAC (Media Access Control) addresses are 48-bit hardware addresses:

AA:BB:CC:DD:EE:FF

First 24 bits: OUI (Organizationally Unique Identifier) - identifies manufacturer. Last 24 bits: Device identifier.

Switch Operation

Switches learn MAC addresses and forward frames intelligently:

  1. Frame arrives on port
  2. Switch learns source MAC and port association
  3. Switch looks up destination MAC
  4. If known, forward to specific port
  5. If unknown, flood to all ports (except source)

VLANs (Virtual LANs)

VLANs logically segment a physical network:

  • Separate broadcast domains
  • Improved security
  • Better traffic management
  • Configured on managed switches

Trunk ports carry traffic for multiple VLANs using 802.1Q tagging.

IPv6

IPv6 addresses the exhaustion of IPv4 addresses.

Address Format

128-bit addresses written in hexadecimal:

2001:0db8:85a3:0000:0000:8a2e:0370:7334

Shortened:

2001:db8:85a3::8a2e:370:7334

Address Types

Type Purpose Prefix
Global Unicast Public addresses 2000::/3
Link-Local Local segment only fe80::/10
Unique Local Private (like RFC 1918) fc00::/7
Multicast One-to-many ff00::/8
Loopback Localhost ::1/128

Key Differences from IPv4

  • Larger address space (2^128 addresses)
  • Simplified header
  • No broadcast (uses multicast)
  • Built-in IPsec support
  • Stateless autoconfiguration (SLAAC)
  • No NAT required (in theory)

Conclusion

Understanding these networking fundamentals provides the foundation for working with any networked system. The concepts of layered models, addressing, routing, and protocols apply regardless of the specific technologies in use.

Key takeaways:

  1. The OSI and TCP/IP models provide frameworks for understanding network communication
  2. IP addressing and subnetting determine network organization
  3. TCP and UDP serve different use cases based on reliability requirements
  4. Routing moves packets between networks
  5. Supporting protocols like DNS, DHCP, and ARP make networking practical

These fundamentals remain constant even as specific technologies evolve.