________Networking — Guide

Introduction — Why Networking Is Foundational

Networking is how computers talk. From a single HTTP request to a global distributed database replication, networks transport data reliably, quickly, and securely. For software engineers, clear networking understanding helps you design scalable systems, debug production issues, and answer placement interviews with confidence.

This guide blends conceptual clarity with real-world patterns used by companies in production — plus interview problems that companies ask.

Real-World Examples & Architecture Patterns

Real systems combine many networking components. Below are common patterns with concrete examples.

Web Service (typical)

Client → CDN → Load Balancer → Fleet of App Servers → Database. Each arrow is a network hop: CDN at edge reduces latency and bandwidth; load balancer distributes connections; backend services talk over internal network/VPC to databases and caches.

Microservices + Service Mesh

Service-to-service communication is often over HTTP/2 or gRPC. A service mesh (e.g., Istio, Linkerd) handles mTLS, retries, circuit breaking, and observability at the network layer, decoupling concerns from application code.

Real-time Streaming

Systems like Kafka and WebSocket services rely on long-lived TCP connections and careful backpressure handling. Ingest nodes receive high QPS and often use partitioning + replication to scale.

CDN & Edge Caching

Companies use CDNs (Cloudflare, Akamai) to cache static assets close to users. Dynamic personalization is handled by edge logic + origin fetches.

OSI vs TCP/IP — Layered Thinking

Layers help you reason: each layer provides services to the layer above and uses services from the layer below.

  1. Layer 1 — Physical: Bits on wire, cables, Ethernet PHY, fiber.
  2. Layer 2 — Data Link: MAC addresses, switches, Ethernet frames, ARP, VLANs.
  3. Layer 3 — Network: IP addresses, routing, fragmentation.
  4. Layer 4 — Transport: TCP (reliable), UDP (unreliable).
  5. Layer 5-7 — Session/Presentation/Application: TLS, HTTP, DNS, SMTP, application protocols.

Think: if a ping fails, start bottom-up — physical/cable, link/switch, IP, transport, then app layer.

Physical & Data Link — Ethernet, Wi‑Fi, Frames

Ethernet Basics

Ethernet frames wrap IP packets. Key fields: destination MAC, source MAC, EtherType, payload, FCS (CRC). Standard speeds: 1Gbps, 10Gbps, 40/100Gbps in data centers.

Wireless (Wi‑Fi)

Wi‑Fi adds variable latency, interference, and lower reliability. Protocols (802.11ac/ax) support MIMO, channel bonding. Important for mobile services and capacity planning.

ARP — Address Resolution Protocol

-- ARP example (conceptual)
Host A wants IP 10.0.0.5 -> sends ARP broadcast "Who has 10.0.0.5?"
Host B replies with MAC -> A caches mapping

ARP poisoning is a common attack vector — use static ARP entries only where appropriate and use secure network controls.

Switching, MAC Tables & VLANs

Layer 2 switches learn MAC addresses and forward frames to correct ports. VLANs partition broadcast domains using 802.1Q tags — common for separating production, management, and tenant networks.

Switching Table Example

When a switch learns that MAC X is on port 3, it records it and forwards frames to that port — avoids flooding.

Trunking & Access Ports

Trunk ports carry multiple VLANs between switches; access ports belong to a single VLAN for endpoint hosts.

IP Addressing & Subnetting — IPv4 & IPv6 (Placement Essentials)

IP is the layer-3 addressing scheme. IPv4 uses 32-bit addresses (e.g., 192.168.1.1); IPv6 uses 128-bit addresses for scalability.

Subnetting (IPv4) — Example

CIDR notation: 192.168.10.0/24 means IPs from 192.168.10.0 to 192.168.10.255 (256 addresses, usable host count 254).

-- Example: split 192.168.10.0/24 into two /25 subnets
192.168.10.0/25  -> 192.168.10.0 - 192.168.10.127
192.168.10.128/25 -> 192.168.10.128 - 192.168.10.255

Subnetting Trick (Placement tip)

To find host count: hosts = 2^(32 - prefix) - 2 (exclude network & broadcast for IPv4). For quick mental math: /24=254, /26=62, /27=30.

IPv6 Basics

Compressed notation (2001:db8::1). No broadcast—uses multicast. Auto-configuration via SLAAC and DHCPv6.

Routing — Static, OSPF, BGP & How the Internet Forwards

Static Routing

Manual route entries for small networks. Simple but not scalable.

Interior Gateway Protocols — OSPF

OSPF is link-state: routers share topology, compute shortest paths via Dijkstra. Good for intra-AS routing with fast convergence.

Exterior Gateway Protocol — BGP

BGP advertises prefixes between autonomous systems (AS). It's path-vector-based and policy-driven (not shortest-path). BGP handles route selection by policy, AS_PATH, local_pref, MED, and communities.

BGP Practical Example

A multi-homed organization advertises its IP prefixes to two ISPs. Use local_pref to prefer one ISP for outbound traffic and AS_PATH prepending to influence inbound paths.

# BGP concept snippet (not real config)
neighbor 203.0.113.1 remote-as 65001
network 198.51.100.0/24
set local-preference 200 for routes received from ISP-A to prefer them

BGP safety: route filtering, max-prefix limits, TTL/security and RPKI origin validation to avoid hijacks.

Transport Layer — TCP vs UDP, 3‑way Handshake, Congestion Control

TCP — Reliable, Ordered Stream

TCP provides reliable, in-order delivery with flow control and congestion control. Key fields: sequence number, ack number, flags (SYN, ACK, FIN), window size.

Three-Way Handshake

Client -> Server: SYN (seq=x)
Server -> Client: SYN-ACK (seq=y, ack=x+1)
Client -> Server: ACK (ack=y+1)
Connection established

Connection Teardown

FIN/ACK exchange; TIME_WAIT state prevents delayed segments from conflicting with new connections.

Congestion Control (TCP Reno/CUBIC)

TCP increases congestion window (cwnd) by additive-increase, multiplicative-decrease on loss. Modern Linux uses CUBIC for better performance on high-bandwidth links.

UDP — Lightweight, Best Effort

Use UDP for low-latency apps (DNS, VoIP, gaming) or when the app implements its own reliability (QUIC builds on UDP).

Application Layer — HTTP, DNS, TLS, SMTP, gRPC

HTTP & HTTPS

HTTP is stateless and text-based (HTTP/1.1). HTTP/2 and HTTP/3 (QUIC) improve multiplexing and reduce head-of-line blocking. HTTPS = HTTP over TLS for encryption and server authentication.

DNS — The Internet Phonebook

DNS resolves names to records: A (IPv4), AAAA (IPv6), CNAME (alias), MX (mail), TXT (SPF/DMARC). Authoritative servers answer for zones; recursive resolvers cache results for speed.

TLS Basics

TLS handshake negotiates cipher suite and establishes shared keys via public-key cryptography. Use TLS 1.3 where possible (faster handshakes, improved security).

Example: DNS over HTTPS (DoH)

Privacy-aware resolvers use DoH or DoT (DNS over TLS) to encrypt DNS queries to resolvers.

NAT, DHCP, VPNs & Cloud Networking

NAT — Network Address Translation

NAT maps private addresses to a public IP for Internet access. Port Address Translation (PAT) multiplexes many private hosts through one public IP using port numbers.

DHCP — Dynamic Host Configuration

DHCP assigns IP addresses and network configuration (gateway, DNS) dynamically. Use reservations for predictable endpoint addressing.

VPN — Secure Private Connectivity

VPNs (IPsec, OpenVPN, WireGuard) create encrypted tunnels between networks or endpoints. WireGuard is modern and lightweight with simpler key management.

Cloud VPC Patterns

Cloud providers offer Virtual Private Clouds (VPC) with subnets, route tables, security groups (firewall-like), and NAT gateways. Architect with private subnets for databases and public subnets only for frontends.

Load Balancers, CDNs & Caching Strategies

Load Balancers

Layer 4 (TCP) vs Layer 7 (HTTP) load balancers. L7 can do content-based routing, sticky sessions, and TLS termination. Use health checks to route around unhealthy instances.

CDNs & Edge

CDNs cache content at edge PoPs. Cache-control headers control freshness. CDNs reduce origin load, lower latency, and mitigate DDoS to some degree.

Caching Patterns

  • Cache-aside: application populates cache on miss.
  • Read-through: cache handles loading and writes through to DB.
  • Write-through: writes go to cache then storage (simplifies consistency).

Security: Firewalls, TLS, DDoS & Practical Hardening

Security spans multiple layers: network ACLs, host firewalls, application authentication, and encryption.

Firewalls & ACLs

Stateful firewalls track connections and allow return traffic. Network ACLs (stateless) filter based on IP/port rules. Use least-privilege rules and avoid wide open security groups.

DDoS Mitigation

Mitigation combines edge filtering (CDN/WAF), autoscaling, rate limiting, and upstream scrubbing services. Plan for capacity and failover.

TLS Practical Tips

  • Use strong cipher suites and TLS 1.2+ (prefer 1.3).
  • Enable certificate rotation and automated renewal (Let's Encrypt or managed CA).
  • HSTS to prevent downgrade attacks for web services.

Troubleshooting: Tools & Techniques

When networks misbehave, use methodical steps to isolate the layer and component causing issues.

Common Tools

  • ping — ICMP reachability and RTT measurement.
  • traceroute / tracepath — path discovery and per-hop latency.
  • tcpdump / tshark — packet capture for in-depth analysis.
  • ss / netstat — socket and connection states.
  • dig / nslookup — DNS resolution debugging.

Example Debug Flow

  1. Reproduce the issue and capture a timestamp.
  2. Ping the remote host to check basic reachability.
  3. Traceroute to find where latency spikes or packets drop.
  4. Capture packets on client/server to correlate timestamps and reset flags, retransmissions.
  5. Inspect application logs and system metrics for overload or resource bottlenecks.
# Capture TCP handshake to/from host
sudo tcpdump -i eth0 tcp and host 198.51.100.5 and port 443 -w capture.pcap

Placement-Ready Interview Questions — Practice & Reveal Solutions

Below are common interview-style problems. Try to solve them first; click "Reveal Solution" to check. These are the types of questions asked by tech companies during interviews and screenings.

Q1 — Subnetting Puzzle (Easy)

You have network 10.0.0.0/22. You need at least 4 subnets with equal sizes. What CIDR prefix should you use for each subnet? List the first subnet ranges.

Q2 — TCP Sequence / Retransmission (Medium)

Client sends SYN (seq=100). Server replies SYN-ACK (seq=300, ack=101). Client sends ACK (ack=301). Now client sends data with seq=101 length=1000 bytes. Server never ACKs (packet loss). Explain what happens, and how TCP retransmission/backoff behaves.

Q3 — BGP Path Selection (Advanced)

AS 65010 receives a prefix from two neighbors: path A via AS path [65020, 65030], local_pref=100; path B via AS path [65040], local_pref=200. Which path is preferred and why? What if AS_PATH is prepended on path B?

Q4 — Design: High-Availability Load Balancer (Design)

Design a highly available global load balancing solution for a web app across two regions with active-active deployment. Include health checks, session stickiness, and failover considerations.

Q5 — Practical: Why is traceroute showing an asterisk (*) at some hop?

Explain the possible reasons and how you'd investigate.

Cheat Sheet & Common Commands

# Ping
ping -c 5 example.com

# Traceroute
traceroute example.com
# on Linux: traceroute -T -p 443 example.com (TCP traceroute)

# DNS lookups
dig A example.com
dig +short NS example.com

# Capture traffic
sudo tcpdump -i any host 198.51.100.5 -w out.pcap

# Check open TCP sockets
ss -tulpn

# Check routing table
ip route show

# Show ARP cache
ip neigh show

Summary & Next Steps

Networking knowledge helps you reason about real system design and debug production issues. Practice subnetting, read RFCs for protocols you use, capture packets to build intuition, and work through the interview problems above until you can explain them clearly and quickly.

Next pages: Operating Systems, Computer Architecture, and Probability & Analytics will follow with the same level of depth and placement-focused questions.