Networking model
Networking model

Networking model

What is Network ?

A network is 2 or more devices connected together to communicate and share resources (files, movies, songs, web pages, etc).

Some requirements when communicate between 2 computers

  • These computers need to be connected by cable. In real life, almost cases, they are connected indirectly because there are some devices between that connection: Router, Switch.
  • We need to identify sender and receiver on the network by: IP address ~ Internet Protocol
  • Two computers communicate by sharing messages. To ensure they understand each other, they need to use the same protocols. Protocol/ rule governs the structure/format of messages - the "language" of communication. Like we met somebody, we assume that they talk in English so English is protocol
  • NIC - Network Interface Card

How a computer get IP address ?

Phase 1. When you connect your PC/ Laptop to Router

notion image
When you provide electricity to Router, mainboard will start a application at default IP, eg: 192.168.0.1 When you connect your PC to that Router via cable, Router will grant local IP to your PC.
In this case, Router is DHCP Server ~ Dynamic Host Configuration Protocol
To setup Router’s configuration, you can access default IP of Router: 192.168.0.1 in Browser.

Phase 2. When your Router connects to the internet

notion image
When your Router connects to the internet ( another router from ISP ~ Internet Service Provider), Router will get public IP, eg: 118.69.118.141

How network communication works ?

To understand communication process from sender to receiver, we use OSI model ~ Open Systems Interconnection.
It's a conceptual framework or reference model
OSI model has 7 layers.
Layer 7: Application
Layer 6: Presentation
Layer 5: Session
Layer 4: Transport
Layer 3: Networking
Layer 2: Data link
Layer 1: Physical
⇒ Each computer will apply 7 layers of OSI model
The other devices like Switch, Router have its own layers in OSI model.
Router: Layer 3 - 2 - 1
Switch: Layer 2 - 1
Scenario: when you use Browser to view website udemynote.com. It means your computer communicate to my blog ‘s server or computer which host udemynote.com website.

Layer 7: Application

Responsibility: work with user to prepare data to ready for network
Each software applications require network will be treated as application in layer 7
notion image
Application layer is as interface to the network.
In here,
From your computer, Browser is layer 7. Layer 7 is visualized via browser to:
  • render web page
  • init request by HTTP protocol
  • use DNS
From udemynote.com website, applications can be Web server application.
There are some common Web server applications: Node.js, Apache, Nginx, etc. But my website (udemynote) uses Vercel Edge Network ~ acts like CDN + Nginx.

Layer 6: Presentation

Responsibility: format data
Key functions:
  • Encode/Decode: Character encoding conversion (ASCII, EBCDIC, Unicode, UTF-8, etc.)
  • Encryption/Decryption - securing data for transmission: SSL, TLS
  • Compression/Decompression - reducing data size which takes less bandwidth to deliver easily Example: gzip (GNU zip) is a data compression algorithm that reduces file/data size before sending it over the network. Without gzip → send 80KB With gzip → send ~12KB (up to 70% smaller)

Layer 5: Session

Responsibility: keeping connection is alive.
Key functions:
  • Establish, manage, and terminate communication sessions between applications

Layer 4: Transport

Responsibility: delivery segments to right application/ service.
FYI, Client use applications ~ Server use services.
Client make request ~ Server fulfill the request.
Services are applications which are designed to run in the background.
Key functions:
  • Segmentation & Reassembly
  • Separate connection
    • What application send request ?
    • Which service receive request ?
      • ⇒ By Port Address: src - des
      These ports are stored in header.
Example:
src port: 49152 ← Chrome
des port: 443 ← Nginx Sometimes we see Nginx configuration like
server {
        listen               443 ssl;
}
What is segment ?
notion image
Segment is unit of data in Layer 4
notion image
Layer 4 takes data and break into Segment ( smaller pieces ) to delivery easily in the network.
So how to glue they back together to able to display at the Application layer ?
We need to control data flow via ordered protocol - TCP
From that,  it guarantees the Application layer always gets data in the correct order and complete.
I will share detail in TCP in other article.
 
There are 2 main protocols in Layer 4 — and a few others less commonly used:
notion image
Unreliable delivery like teacher talk (delivery data) & don’t care student understand or not.
Size of Datagram in UDP > size of Segment in TCP ⇒ allow to send more data ⇒ UDP is faster
notion image

Layer 3: Network

Responsibility: route packet from source to destination
notion image
IP address identifies end device on a network.

Layer 2: Data link

Responsibility: transfer frame between two directly connected devices on the same network
notion image
Mac address is unique and can’t change
[?] How to get mac address of next device ? - ARP Resolution
If PC want to send data to the internet, next device will be Router which connects to the internet.
Based on IP of next device, we can detect its own Mac Address.
notion image
To view ARP cache
// Command: arp -a
? (192.168.0.1) at 00:1a:2b:3c:4d:5e on en0 permanent [ethernet]
To send data into LAN (Local Area Network), === IMAGE ===
When PC_A want to access service from PC_B, it requires to know local IP of PC_B first.
Then PC_A will send ARP request to get Mac Address of PC_B and update Mac Address of PC_B to be destination Mac Address in the package. From that, when send request to Switch, Switch will forward that to PC_B

Layer 1: Physical

Responsibility: convert bits into electrical, light, or radio signals

How NIC know when the Frame begin/end ?

NIC ( Network Interface Card ) is hardware component which handles layer 1 & layer 2.
NIC is required to connect to the internet.
Frame is wrapped with a header (prefix) and a trailer (suffix) to mark its boundaries
Example: prefix - 10101011/ suffix - 10101010
When the NIC receives a signal (just bunch of 0 & 1), it scans for the matching prefix pattern to know where the frame begins, and the suffix to know where it ends — allowing it to extract the actual frame data in between.

Complete flow when a browser sends data to a server

PC_A send request to PC_B
notion image
Encapsulation Flow
  1. At Layer 7, 6, 5 Browser makes a request with prepared data in body
  1. At Layer 4, in case we use TCP protocol, that data is broken down into Segment.
    1. Segment will be added:
      1. Port-numbers: src - 7713 (Browser PC_A), des - 443 (Server Application PC_B)
      2. Sequence numbers
  1. At Layer 3, above segment will be added IP address in header to be packet.
    1. IP address: src - 192.168.0.3 (Local IP PC_A), des - 24.239.145.49 (Public IP PC_B)
  1. At Layer 2, that packet will be added Mac address in header to be frame.
    1. Mac address: src - B2-AD-D6-84-37-E1 (PC_A Mac address), des - 00:1A:2B:3C:4D:5E (Router_A Mac address)
    2. Moreover, Frame will be wrapped follow pattern: header + actually Frame + trailer. From that, NIC can distinguish when the Frame begin/end.
  1. At Layer 1, Frame will be converted to signals to transmit to next hop (Router_A).
 
Transmission Flow
  1. PC_A send Frame to Switch_A
    1. At Switch_A:
    2. At Layer 1, it receives signals and converts to bits
    3. At Layer 2, Switch_A examines the frame header to:
      1. Read the destination MAC address
      2. Read the source MAC address and update its MAC address table
          3. MAC Address Table
---------------------------------------------------------
MAC Address          Port    VLAN    Age (seconds)
---------------------------------------------------------
00:1A:2B:3C:4D:5E    1       1       120     //Router_A
B2-AD-D6-84-37-E1    2       1       45      //PC_A
xx:xx:xx:xx:xx:xx    3       1       300
xx:xx:xx:xx:xx:xx    4       1       180
---------------------------------------------------------
          notion image
      3. Look up the destination MAC (Router’s Mac Address) in its MAC address table and identify destination port (physical port on Switch)
        1. Forwarding decision:
            • If destination MAC is in the table → forwards frame only to that specific port
            • If destination MAC is unknown → floods frame to all ports except the incoming port
            • If destination MAC is a broadcast (FF:FF:FF:FF:FF:FF) → floods to all ports
          • This case, Switch_A forwards Frame to Port 1 which connects to Router_A
    4. At Layer 1, Switch_A converts the frame bits to signals and transmits
  1. Switch_A forwards that Frame to Router_A
    1. At Router_A:
      1. At Layer 1, Router_A receives signals and converts them to bits
      2. At Layer 2, Router_A extracts Packet from Frame by removing Mac Address, trailer
      3. At Layer 3, it examines the packet header to:
        1. Read the destination IP address (PC_B Public IP) and make routing decisions based on its routing table
            2. Routing Table
-------------------------------------------------------------------
Destination 
Network         Subnet Mask      Next Hop        Interface   Metric
-------------------------------------------------------------------
192.168.0.0     255.255.255.0    0.0.0.0         eth0 (LAN)       0
                                                 (192.168.0.1)
118.69.118.140  255.255.255.252  0.0.0.0         eth1 (WAN)       0
                                                 (118.69.118.141)
0.0.0.0         0.0.0.0          118.69.118.142  eth1 (WAN)       1
-------------------------------------------------------------------
Entry 1 - Local Network (LAN):
Network: 192.168.0.0/24 (192.168.0.1 - 192.168.0.254)
Next Hop: 0.0.0.0 (directly connected)
Interface: eth0 - Internal LAN interface connected to the switch 
and PCs
Purpose: All traffic for local PCs goes here

Entry 2 - ISP Network (WAN):
Network: 118.69.118.140/30 (small network with ISP router)
Next Hop: 0.0.0.0 (directly connected)
Interface: eth1 - External WAN interface connected to ISP
Purpose: Direct connection to ISP's router

Entry 3 - Default Route (Internet):
Network: 0.0.0.0/0 (matches everything)
Next Hop: 118.69.118.142 (ISP's router IP)
Interface: eth1 - Send via WAN interface
Purpose: All internet traffic goes to ISP's router
            PC_B Public IP is 24.239.145.49 which isn’t in Routing Table ⇒ Base on Entry 3, package will navigate to next hop (ISP Router)
        2. When package needs to go to the internet, Router_A needs to be translate src IP. Because, currently src IP is 192.168.0.3 ( PC_A local IP ), with this IP, receiver (PC_B) may be confused with another PC on the same local network.. The translation process is called NAT (Network Address Translation)
            3. Original Packet from PC_A:
┌─────────────────────────┐
│ Source IP: 192.168.0.3  │← Private IP (not routable on internet)
│ Dest IP: 24.239.145.49  │← Router_B Public IP
│ Source Port: 7713       │← PC_A Application Port
│ Dest Port: 443          │← PC_B Service Port
└─────────────────────────┘

NAT Translation Table
-----------------------------------------------------------------
Inside Local       Inside Port    Outside Global    Outside Port
-----------------------------------------------------------------
192.168.0.2        xxxx           118.69.118.14     12345
192.168.0.3        7713           118.69.118.14     12346
192.168.0.4        xxxx           118.69.118.14     12347
-----------------------------------------------------------------

118.69.118.14 - Public IP of Router_A
We need to translate port 7713 -> 12346 as well, because we have
multiple PCs in local network, this port can be duplicated.
        3. Packet will update new translated src IP and new translated src Port.
        4. Then Layer 3 passes that package to Layer 2.
      4. At Layer 2, Router_A re-encapsulates the packet into a new frame with:
        1. New src MAC: Router_A MAC Address - (current device keep frame)
        2. New des MAC: ISP Router - next hop MAC address - (next device receive frame)
        3. New trailer
        4. Pass down new Frame to Layer 1.
      5. At Layer 1, Frame will be converted to signals to transmit to next hop (connected ISP Router on the internet).
  1. Router_A forwards that Frame to ISP Router ( the internet )
  1. When a packet travels across the internet, the frame is recreated with new MAC addresses at each router hop. The packet (with source and destination IP) stays the same until it reaches the final destination device with the matching destination IP.
 
Decapsulation Flow
Router_B receives a packet (encapsulated in a Frame) which has a destination IP matching the Router_B 's Public IP.
  1. At Router_B, it will extract Frame to get des Port. Based on that, it will lookup the destination Port in the NAT table to find the corresponding inside Local IP and inside Port.
      2. NAT Translation Table at Router_B
-----------------------------------------------------------------
Inside Local       Inside Port    Outside Global    Outside Port
-----------------------------------------------------------------
192.168.0.2        xxxx           24.239.145.49     12345
192.168.0.3        443            24.239.145.49     443
192.168.0.4        xxxx           24.239.145.49     12346
-----------------------------------------------------------------
Port 443 uses a 1:1 port mapping (443→443) since it's a common port 
forwarding scenario for hosting a web server.
  1. Router_B translates the packet by replacing:
      • Destination IP: Public IP → PC_B local IP (192.168.0.3)
      • Destination Port: Outside Port → PC_B port (443)
  1. Re-encapsulate the modified packet into a new Frame with the PC_B's MAC address
  1. Forward the Frame to the Switch, which then delivers it to the destination PC