| Concept | Explanation | Commands / Key Info |
|---|---|---|
| IP Addresses | Numerical labels assigned to devices on a network. IPv4 uses 32 bits; IPv6 uses 128 bits. Unique within a network. | Check IP (Linux): ip addr show, ifconfig (deprecated) |
| Private vs Public IP | Public IP is routable on the internet; private IP is used within a local network (not routable publicly). | Reserved private ranges: 10.x.x.x, 172.16.x.x–172.31.x.x, 192.168.x.x |
| Subnetting | Dividing a network into smaller subnetworks to organize and improve efficiency. | CIDR Notation: /24 => 255.255.255.0 Calculate: ipcalc |
| Subnet Masks | Subnet masks define which portion of an IP address is the network and which is the host. For example, 255.255.255.0 (/24) means the first 24 bits are the network, leaving 8 bits for hosts. This allows 256 IP addresses (254 usable for hosts). Common Subnet Masks: - /8 → 255.0.0.0 (16 million addresses) - /16 → 255.255.0.0 (65,536 addresses) - /24 → 255.255.255.0 (256 addresses) - /30 → 255.255.255.252 (4 addresses, 2 usable) |
Calculate usable hosts: 2n - 2, where n = number of host bits Example: /24 → 28 - 2 = 254 usable hosts |
| IPv4 vs IPv6 | IPv4 is 32-bit, running out of addresses. IPv6 is 128-bit, supports vast address space, built-in security features (IPsec). | Example IPv6 Format: 2001:0db8:85a3:0000:0000:8a2e:0370:7334 |
| TCP vs UDP | TCP is connection-oriented, reliable (e.g., for HTTP, SSH). UDP is connectionless, faster but no built-in reliability (e.g., DNS). | Common Ports: TCP 80 (HTTP), 443 (HTTPS); UDP 53 (DNS) |
| ICMP | Internet Control Message Protocol; used for error messages and diagnostics (e.g., ping). |
Ping: ping <host> |
| DNS | Translates domain names to IP addresses. Hierarchical structure with resolvers, root, TLD, authoritative servers. | Check DNS Records: nslookup, dig |
| DHCP | Dynamically assigns IP addresses to clients. Provides IP, subnet mask, default gateway, DNS servers. | Often handled by routers or dedicated DHCP servers |
| NAT | Network Address Translation. Converts private IP to public IP (and vice versa) to allow internet access from private networks. | Masquerading: Usually on home routers or in cloud VPC gateways |
| Proxies | Intermediary servers that forward client requests; can be used for caching, filtering, anonymity. | Forward Proxy: Client → Proxy → Internet |
| Firewalls | Filters inbound/outbound traffic based on rules (ports, IPs, protocols). | Linux: iptables, ufw |
| SSH | Secure Shell protocol for encrypted remote login and command execution. Uses port 22 by default. | Usage: ssh user@host, key-based auth: ssh-keygen, ssh-copy-id |
| HTTP & HTTPS | HTTP (port 80) is stateless, plain text. HTTPS (port 443) is HTTP over TLS/SSL for encryption. | cURL Example: curl -I https://example.com |
| HTTP Requests | Methods (GET, POST, PUT, DELETE), headers, status codes (200 OK, 404 Not Found). | Common debugging: curl -X GET/POST ... |
| REST APIs | Style of architecture for web services using HTTP methods and stateless interactions. | Common Tools: curl, Postman |
| SSL/TLS | Cryptographic protocols for securing communication (HTTPS). TLS is the successor to SSL. | Check certificate: openssl s_client -connect host:443 |
| VPC (Virtual Private Cloud) | Isolated virtual network in cloud environments. Allows subnets, firewalls, routing rules. | GCP Example: Creating subnets, firewall rules in the VPC |
| Load Balancing | Distributing network traffic across multiple servers. Improves availability and scalability. | Types: L4 (TCP/UDP) LB, L7 (HTTP/HTTPS) LB |
| VPN | Secure tunnel between networks or devices over the internet (e.g., IPSec, OpenVPN). | OpenVPN Example: openvpn --config <file> |
| Routes & Gateways | Routes define the path network traffic follows. Gateways connect different networks or subnets. | Often configured in routing tables or via cloud console |
| CIDR (Classless Inter-Domain Routing) | Notation like /24 describing how many bits are used for the network part of the address. |
Examples: 192.168.1.0/24 => 256 addresses |
| Traceroute | Diagnoses path taken by packets to a destination, helps with network troubleshooting. | Linux/macOS: traceroute <host>; Windows: tracert <host> |
| Netstat / ss | Shows active connections, listening ports, routing tables. Used for debugging network issues. | Linux: ss -tuln, netstat -an (older) |
| Packet Capture | Captures packets for analysis (e.g., Wireshark, tcpdump). Helpful for debugging. | tcpdump: tcpdump -i eth0 port 80 |
| Latency/Bandwidth | Latency is the time taken for data to travel, bandwidth is maximum data transfer rate. | Tools like ping and iperf |