Networking Concepts
Networking Concepts#
Prerequisite: This lesson covers the networking theory you need before configuring Linux networking. If you are already comfortable with IP addresses, subnets, DNS, and DHCP, you can skim this and move to the next lesson.
Concepts#
IP Addresses#
Every device on a network has an IP address — a numeric identifier that allows other devices to find and communicate with it.
IPv4#
The most common format. Four numbers (0-255) separated by dots:
192.168.1.100
10.0.0.5
172.16.0.1
There are approximately 4.3 billion possible IPv4 addresses (2^32). They are running out, which is why IPv6 exists.
Private vs Public Addresses#
| Range | Class | Purpose |
|---|---|---|
10.0.0.0 – 10.255.255.255 |
Private (Class A) | Internal networks |
172.16.0.0 – 172.31.255.255 |
Private (Class B) | Internal networks |
192.168.0.0 – 192.168.255.255 |
Private (Class C) | Home/office networks |
| Everything else | Public | Internet-routable |
127.0.0.0/8 |
Loopback | Localhost (your own machine) |
Your home router has a public IP from your ISP and assigns private IPs to devices on your local network. This is called NAT (Network Address Translation).
Subnet Masks and CIDR#
A subnet mask defines which part of an IP address identifies the network and which part identifies the device.
IP: 192.168.1.100
Subnet mask: 255.255.255.0
├── Network ──┤ Host │
192.168.1 .100
CIDR notation is a shorthand: /24 means the first 24 bits are the network part.
| CIDR | Subnet Mask | Hosts | Example |
|---|---|---|---|
/8 |
255.0.0.0 |
~16M | 10.0.0.0/8 |
/16 |
255.255.0.0 |
~65K | 172.16.0.0/16 |
/24 |
255.255.255.0 |
254 | 192.168.1.0/24 |
/32 |
255.255.255.255 |
1 | A single host |
In 192.168.1.0/24:
- Network address:
192.168.1.0(the subnet itself) - Usable range:
192.168.1.1to192.168.1.254 - Broadcast:
192.168.1.255(sent to all hosts on the subnet) - Default gateway: Usually
192.168.1.1(the router)
Gateway and Routing#
The default gateway is the router that forwards traffic to other networks (including the internet). When your machine needs to reach an IP outside its subnet, it sends the packet to the gateway.
Your PC (192.168.1.100) → Gateway (192.168.1.1) → Internet
DNS — Domain Name System#
DNS translates human-readable domain names to IP addresses:
google.com → 142.250.80.46
The resolution process:
- You type
google.comin your browser. - Your system checks
/etc/hosts(local static mappings). - If not found, it asks the DNS resolver configured in
/etc/resolv.conf. - The resolver queries DNS servers (recursive resolution) and returns the IP.
- Your browser connects to that IP.
Common DNS servers:
| Provider | Primary | Secondary |
|---|---|---|
8.8.8.8 |
8.8.4.4 |
|
| Cloudflare | 1.1.1.1 |
1.0.0.1 |
| Quad9 | 9.9.9.9 |
149.112.112.112 |
DHCP — Dynamic Host Configuration Protocol#
DHCP automatically assigns network settings to devices. When your machine connects to a network:
- It broadcasts a DHCP Discover (“I need an IP address”).
- The DHCP server (usually the router) responds with a DHCP Offer (IP, subnet mask, gateway, DNS servers).
- Your machine sends a DHCP Request (“I accept this offer”).
- The server sends a DHCP Acknowledge (“Confirmed, it’s yours”).
The assigned IP has a lease time — after it expires, the client must renew it.
Most home and office networks use DHCP. Servers often use static IPs (manually configured) for stability.
TCP vs UDP#
Data travels over the network using protocols:
| Protocol | TCP | UDP |
|---|---|---|
| Full name | Transmission Control Protocol | User Datagram Protocol |
| Connection | Connection-oriented (handshake) | Connectionless |
| Reliability | Guaranteed delivery, ordered | Best-effort, no guarantee |
| Speed | Slower (overhead for reliability) | Faster (minimal overhead) |
| Use cases | Web (HTTP), email, SSH, file transfer | DNS, streaming, gaming, VoIP |
Ports#
A port is a number (1-65535) that identifies a specific service on a machine. An IP address gets you to the machine; a port gets you to the service.
192.168.1.100:22 → SSH on that machine
192.168.1.100:80 → HTTP (web server) on that machine
192.168.1.100:443 → HTTPS on that machine
| Port Range | Name | Purpose |
|---|---|---|
| 1-1023 | Well-known ports | System services (requires root to bind) |
| 1024-49151 | Registered ports | Application services |
| 49152-65535 | Dynamic/ephemeral | Temporary client-side connections |
Common ports:
| Port | Service |
|---|---|
| 22 | SSH |
| 25 | SMTP (email sending) |
| 53 | DNS |
| 80 | HTTP |
| 443 | HTTPS |
| 3306 | MySQL |
| 5432 | PostgreSQL |
| 8080 | HTTP alternative |
The Network Stack Summary#
Application (HTTP, SSH, DNS)
↓
Transport (TCP or UDP + port)
↓
Network (IP + routing)
↓
Link (Ethernet, Wi-Fi + MAC address)
↓
Physical (cables, radio waves)
Lab#
Exercise 1: Check Your Network Configuration#
# Your IP address
ip addr show
# Your default gateway
ip route show default
# Your DNS configuration
cat /etc/resolv.conf
# Your hostname
hostname
Exercise 2: Examine /etc/hosts#
cat /etc/hosts
# You should see at least:
# 127.0.0.1 localhost
# This means "localhost" resolves to 127.0.0.1 (your own machine)
Exercise 3: DNS Resolution#
# Resolve a domain name
host google.com
# More detailed
dig google.com +short
# Or nslookup
nslookup google.com
# Check which DNS server you are using
cat /etc/resolv.conf | grep nameserver
Exercise 4: View Listening Ports#
# See which ports are open on your system
sudo ss -tlnp
# t = TCP, l = listening, n = numeric (don't resolve names), p = show process
# Common entries you might see:
# :22 → sshd
# :53 → systemd-resolved (DNS)
# :631 → cupsd (printing)
Exercise 5: Check Connectivity#
# Ping your gateway (check local network)
ip route | grep default # find your gateway IP
ping -c 3 $(ip route | grep default | awk '{print $3}')
# Ping an external server
ping -c 3 8.8.8.8
# Ping a domain name (tests DNS too)
ping -c 3 google.com
Review#
1. What is an IP address?
A numeric identifier assigned to each device on a network, used to route data to and from that device. IPv4 addresses have four octets (e.g., 192.168.1.100).
2. What is the difference between a private and public IP address?
Private IPs (10.x.x.x, 172.16-31.x.x, 192.168.x.x) are used on internal networks and are not routable on the internet. Public IPs are globally unique and internet-routable. NAT on the router translates between them.
3. What does /24 mean in CIDR notation?
The first 24 bits of the IP address are the network part. The remaining 8 bits are for hosts. This corresponds to a subnet mask of 255.255.255.0, allowing 254 usable host addresses.
4. What does DNS do?
DNS translates human-readable domain names (google.com) to IP addresses (142.250.80.46) so your computer can connect to them.
5. What does DHCP do?
DHCP automatically assigns network configuration (IP address, subnet mask, default gateway, DNS servers) to devices when they connect to a network, so you do not have to configure them manually.
6. What is the difference between TCP and UDP?
TCP is connection-oriented and guarantees delivery and ordering (used for HTTP, SSH, email). UDP is connectionless and does not guarantee delivery (used for DNS, streaming, gaming). TCP is more reliable; UDP is faster.
7. What is a port?
A number (1-65535) that identifies a specific service on a machine. The IP address identifies the machine; the port identifies the service. For example, port 22 is SSH, port 80 is HTTP.
8. What is the default gateway?
The router that forwards traffic from your local network to other networks (including the internet). It is the “exit” from your subnet.
Previous: Practical Scripts | Next: Network Configuration