What Is Computer Networking?
Connected computing devices that can exchange data and share resources with each other.

Types of computer networks

Here’s the core ones, based on geographical area:

PAN (Personal Area Network)

very short-range (meters) network connecting personal devices around one user.

WPAN (Wireless Personal Area Network) is the wireless variant

LAN (Local Area Network)

Usually trusted internal network confined to a building, campus, home or Small Office/Home Office (SOHO) setups.
However, internal networks should not be automatically trusted

WLAN (Wireless Local Area Network): is the Wireless version of LAN

CAN (Campus Area Network)

A network of interconnected LANs within a limited geographical area, like a university or military base. It is larger than a LAN but smaller than a MAN.

MAN (Metropolitan Area Network)

network spanning a city or metropolitan area.

WAN (Wide Area Network)

large-scale networks covering regions, countries, or the globe. Internet is the largest WAN.

However, the Internet is not the only WAN. International companies also maintain isolated networks that span several WANs and connect company computers worldwide.

A worldwide network such as the Internet is also known as a (GAN) Global Area Network
The term GAN exists academically but is rarely used in practice, the Internet is usually described simply as a WAN.

Note:
These classifications are just conceptual and sometimes overlap in real-world networks.

Storage Network Types

SAN (Storage Area Network)

A specialized, high-speed network that provides block-level network access to storage. It moves storage traffic off the regular LAN to improve performance. Usually contained within a single Data Center.

NAS (Network Attached Storage)

Dedicated storage device that provides file-level storage to multiple users and devices over a network.
Shared file-level storage means multiple users access the same files and folders over the network, with the storage device managing permissions and file structure.

you may also hear DAS (Direct Attached Storage) which is a storage directly connected to a single computer, no network involved.

Collision Domain vs Broadcast Domain

In networking, the Medium is the physical or wireless path that carries bits and a Domain means an area of the network where a certain rule applies

Collision Domain

A collision happens when two devices send data at the same time on the same shared medium so their signals interfere and destroy each other.

Broadcast Domain

A broadcast is a message sent from one device to all other devices within the same specific network area. Devices that receive these messages are part of the same broadcast domain

Duplex

The Latin word duplex means “twofold” or “double”, derived from duo (two) and plico (to fold or plait), it historically signifies something composed of two parts, divided, or two-faced.

In networking, duplex refers to: The communication mode that determines whether devices can send and receive data simultaneously or only one direction at a time.

Types of Duplex Communication

There are three types in communication theory, but Ethernet mainly uses two:

Half-Duplex (HDX)

Data can flow in both directions, but not at the same time.

  • If two devices send at the same time, collision occurs.
  • Uses CSMA/CD (Carrier Sense Multiple Access with Collision Detection) in Ethernet.

Full-Duplex (FDX)

Data can flow in both directions simultaneously. Devices can send and receive at the same time.

Simplex

The 3rd type, which is not primarily used by modern Ethernet.

Data flows in one direction only. One device sends, the other only receives.

Duplex Mode Collisions? CSMA/CD Needed?
Half-Duplex Yes Yes
Full-Duplex No No
Simplex No No

NIC (Network Interface Card / Controller)

A NIC is the hardware or software component that allows a node to connect to a network. A node is any device that can send, receive, or forward data on a network.

NIC converts data into network signals, handles MAC addressing and manages frame transmission.

MAC Address (Media Access Control)

Every network interface (NIC) has a MAC address, which is:

  • 48-bit = 12 hex digits = 6 bytes

Appears in several common formats, most often with colons 00:1A:2B:3C:4D:5E (Linux) or:

  • hyphens 00-1A-2B-3C-4D-5E (Windows)
  • 3-part period 001a.2b3c.4d5e (Cisco)
  • single continuous string 001A2B3C4D5E

Some interfaces can have multiple MACs.

OUI (Organizationally Unique Identifier)

It is the first 24 bits (first 6 hexadecimal digits) of a MAC address, used to identify the manufacturer/vendor of a network device.
Assigned by IEEE Registration Authority to ensure uniqueness across all devices worldwide.

The last 24 bits are assigned by the manufacturer to uniquely identify the interface.

Network Transmission Types (Delivery Methods)

These define how data is sent from one device to others in a network:

1. Unicast

One-to-one communication. Data is sent from one sender to one specific receiver.

2. Broadcast

One-to-all communication within the same broadcast domain.
Every NIC listens for its own MAC address and the broadcast MAC address FF:FF:FF:FF:FF:FF

3. Multicast

Multicast can be one-to-many or many-to-many distribution.
Multicast is a group communication method in which data is sent to multiple selected receivers, allowing one or more senders to communicate with a multicast group.

4. Anycast

One-to-nearest (or best) communication. Data is sent to the closest receiver based on routing metrics.

Hub

A very basic networking device receives electrical signals from one port and repeats (broadcasts) them to all other ports. It does not examine frames or MAC addresses. It simply repeats bits.

  • OSI Layer: Layer 1 (Physical layer)
  • Collision Domain: All ports share the same collision domain
  • Broadcast Domain: All ports share the same broadcast domain
  • Duplex: Half-duplex

Switch

Smarter than a hub
Sends frames to the correct port based on MAC addresses (after learning), but still floods broadcasts and unknown traffic.

Reduces collisions and improves network efficiency used in LANs, almost all modern networks use switches instead of hubs.

  • OSI Layer: Layer 2 (Data Link layer)
  • Collision Domain: Each port has its own collision domain
  • Broadcast Domain: All ports share the same broadcast domain
  • Duplex: Full-duplex

Bridge

Connects two network segments to work as a single network. Can filter traffic based on MAC addresses, reduce collisions.

  • OSI Layer: Layer 2 (Data Link layer)
  • Collision Domain: Each port has its own collision domain
  • Broadcast Domain: All ports share the same broadcast domain
  • Duplex: Full-duplex

Router

Connects different networks together, determines the best path for data to travel to reach its destination (uses IP addresses).

A router can access the internet if it has a WAN connection to an ISP (via a modem or direct fiber/ethernet handoff).

  • OSI Layer: Layer 3 (Network layer)
  • Collision Domain: Each interface has its own collision domain
  • Broadcast Domain: Does not forward broadcasts by default (each interface is its own broadcast domain)
  • Duplex: Full-duplex

Modem (Modulator-Demodulator)

Connects your local network to your Internet Service Provider, converts network signals into a format suitable for the ISP’s medium (copper, coax, or fiber).

Can it route? Usually no. A standalone modem just passes the internet connection; it doesn’t manage multiple devices or assign IP addresses.

  • OSI Layer: Layer 1 (Physical layer)
  • Collision Domain: Usually a single port, so not applicable
  • Broadcast Domain: Usually a single port, so not applicable
  • Duplex: Full-duplex

Modulation: Converting digital data into a signal that can travel over a physical medium.

Demodulation: Converting the received signal back into digital data.

Repeater

A simple device that regenerates or amplifies signals to extend network range. Boosts weak signals to prevent data loss over long distances.

Access Point (AP)

A device that allows wireless devices to connect to a wired network, provides Wi-Fi access by connecting wireless devices to a switch or router.

Firewall

A security device that filters traffic between networks, blocking unauthorized access and allowing safe traffic. Can be software, hardware, or both.
Not all firewalls are routers, a firewall enforces security policy; routing is not its primary role.

Gateway

A device or software that connects two networks that use different protocols. It acts as a translator between networks.

Every router can act as a gateway because it connects your LAN to another network. Sometimes your modem + router combo is called a gateway because it both connects to the ISP and routes traffic.

in short: any device that connects two networks (with possible protocol translation)

Default Gateways

Devices in a subnet only know about local hosts to reach a different subnet or the internet they send all packets to the default gateway

Networking Topologies

A network topology is the physical or logical layout of how devices (nodes) are connected.
There isn’t a single fixed number, but here’s the most common ones:

1. Bus

Structure: One main cable (backbone) with all devices connected to it

All devices are connected to a single communication line called the backbone. When a device sends data, it travels along the bus and every device sees it, but only the intended recipient accepts it. Its advantages include simplicity and low cost for small networks, but the network is fragile because a failure in the main line can bring down the whole system. Troubleshooting can be difficult, and the number of devices is limited by cable length and signal degradation. Bus topologies were common in older Ethernet networks but are rarely used today.

2. Star (Most Common)

Structure: All devices connect to a central device, such as a switch, hub, or router.

This central device manages communication between all nodes. Star topology is easy to expand, allows devices to fail without affecting others, and simplifies network management and troubleshooting. The downside is that the central device is a single point of failure, and more cabling is required compared to a bus topology. This is the most common layout for modern LANs, both in homes and offices.

3. Ring (legacy systems)

Structure: Each device connects to two others, forming a circle or closed loop.

Data travels around the ring in one or both directions, and each node regenerates the signal as it passes through. Ring topology can provide predictable performance in small networks, but it is vulnerable because a failure in a single node or connection can disrupt the entire network unless a secondary loop is implemented. Ring networks were used historically in Token Ring setups and are still seen in some fiber optic metropolitan networks.

4. Mesh

Structure: Each device is connected to multiple other devices, sometimes to every other device in a full mesh.

This creates multiple paths for data to travel, making the network highly redundant and resilient to failures. The disadvantage is the complexity and cost of cabling and configuration, which grows exponentially as the number of nodes increases. Mesh topologies are used in critical networks where reliability is essential, such as the backbone of the Internet or financial trading networks.

5. Tree (Hierarchical)

Structure: Formed by connecting multiple star topologies in a hierarchy.

A central root device connects to intermediate devices, which in turn connect to leaf nodes. Tree topology is scalable and allows segmentation of the network, making management and troubleshooting easier. However, if the root device fails, large portions of the network can be affected, and it requires more cabling than a simple star. It is commonly used in large corporate LANs and campus networks.

6. Hybrid

Structure: Combination of multiple topologies like Star + Mesh

This type of topology is flexible and scalable, allowing network designers to optimize for reliability, performance, and cost. The complexity and expense of hybrid networks are higher, and troubleshooting requires careful mapping of the combined structure. Hybrid topologies are standard in real-world enterprise networks and service provider infrastructures.

7. Point-to-Point

Structure: The simplest type of network, consisting of a direct connection between two nodes.

This setup is fast, simple, and free from interference from other devices. Its limitations are that it cannot easily scale beyond two nodes, and connecting additional devices requires creating new dedicated links. Point-to-point connections are commonly used for direct links between routers, switches, or server-to-server communication.

Networking Models

Networking models are conceptual frameworks used to describe how data moves from one computer to another across a network.
They do not send data themselves, they help us design, understand, implement, and troubleshoot networks.

The two most important models are:

  • OSI Model (7 layers)
  • TCP/IP Model (4 layers)

OSI model

The OSI (Open Systems Interconnection) model is a reference model created by ISO.
It explains how communication should work, not how it is implemented.

ISO (International Organization for Standardization)
ISO is an independent, non-governmental international organization. It brings global experts together to agree on the best ways of doing things.

Packet Transfers

A packet transfer is the complete journey of data from an application on one computer, across the network to an application on another computer

This journey happens layer by layer, using the OSI or TCP/IP model.
Each layer speaks its own language and uses its own data format, called a PDU (Protocol Data Unit)

A PDU name tells you what a piece of data is called at a specific layer of a networking model. Each layer (except Physical) adds its own control information, usually as a header.

Layer Name Main Function PDU Examples
7 Application Provides network services to end-user applications Data HTTP, FTP, SMTP, DNS
6 Presentation Data formatting, encryption, compression Data TLS/SSL, JPEG, MP3
5 Session Manages sessions between systems Data NetBIOS session, RPC
4 Transport End-to-end communication, reliability, ports Segment (TCP) / Datagram (UDP) TCP, UDP
3 Network Logical addressing & routing Packet IP, ICMP, IPSec
2 Data Link MAC addressing, framing Frame Ethernet, ARP
1 Physical Transmission of raw bits over medium Bits Cables, voltage, radio signals

Application (Layer 7)

Handles user requests and provides network services to applications, it’s not the app itself, but the network services they use. like for example HTTP, HTTPS, FTP, SMTP, DNS all sit here.

PDU name: Data

At layer 7, 6 and 5, the information is still pure application content, no networking structure has been added yet
so there’s no need to differentiate it yet, so it stays Data

Presentation (Layer 6)

This layer makes sure both sides agree on how data looks. It handles encryption, decryption, compression, and character encoding.

PDU name: Data

Session (Layer 5)

Establishes, manages, and terminates sessions (logical connections) between applications.

PDU name: Data

Transport (Layer 4)

ensures end-to-end communication between applications by segmenting data, managing flow, and handling errors, using protocols like TCP and UDP
Ensures reliable or fast delivery of data between endpoints.

PDU name: Segment

Used when the protocol is TCP cuz Data is segmented into smaller pieces called Segments

Each piece gets: Source port, Destination port, Sequence number, Acknowledgment infoand this allow reliable delivery with ordering and retransmission

PDU name: Datagram

Used when the protocol is UDP as Data + telegram = sent without guarantee

Network (Layer 3)

The Network Layer is responsible for moving data from one device to another across different networks.
If two devices are on the same network, Layer 2 can handle it, but if they are on different networks or subnets, Layer 3 is required.

The Network Layer assigns logical addresses (IP addresses).

PDU name: Packet

At this layer, data gets: Source IP / Destination IP and more, so it can travel between networks

Layer 2 answers the question of how do we send a block of data from one device to another on the same local network

Everything at Layer 2 is local it does not care about the internet. It only cares about devices on the same network

PDU name: Frame

A frame is how data moves inside a local network. The packet is wrapped in a structure suitable for the local network which is the frame

It includes: Source MAC address, destination MAC address, error-checking (CRC) and more

Physical (Layer 1)

Transmission of raw bits over a physical medium.

PDU name: Bits

This is raw transmission: 1s and 0s or Electrical signals or Light pulses or Radio waves

Encapsulation (Sending Data)

Encapsulation is the process of wrapping data with headers (and sometimes trailers) as it moves DOWN the OSI layers before being sent across the network.

Data
↓
Segment
↓
Packet
↓
Frame
↓
Bits

Decapsulation (Receiving Data)

Decapsulation is the reverse process, removing headers as data moves UP the OSI layers.

Bits
↑
Frame
↑
Packet
↑
Segment
↑
Data

TCP/IP model

Layer Layer Name Main Function PDU Examples
4 Application Network services & application interface Data HTTP, FTP, SMTP, DNS
3 Transport End-to-end communication, reliability, ports Segment (TCP) / Datagram (UDP) TCP, UDP
2 Internet Logical addressing & routing Packet IP, ICMP, IPSec
1 Network Access Physical transmission & data link functions Frame / Bits Ethernet, Wi-Fi, ARP

Unlike OSI, which is theoretical, TCP/IP model was built from real, working protocols.

TCP/IP merges layers because in reality, some OSI layers don’t need to be separate.

  • OSI Layers 5-7 combined into Application Layer
  • OSI Layers 1-2 combined into Network Access Layer
DoD Model (Department of Defense Model)

The DoD Model is the original networking model, created by DARPA under the U.S. Department of Defense in the 1970s, it was built for real military communication, not education.

  • Could survive partial destruction (nuclear resilience)
  • Could route around failures
  • Worked across different hardware vendors

This model later became what we now call TCP/IP.

IPv4 (Internet Protocol version 4)

A 32-bit logical address, used to uniquely identify devices on a network. Each IP address has 32 bits, split into 4 parts (octets), each octet = 8 bits

Example:

192.168.1.10

In binary:

11000000.10101000.00000001.00001010

Each octet represents 8 bits, making a total of 32 bits per address.

IPv4 had 32 bits = 2^32 addresses = 4294967296 (~4.3 billion)

IPv4 addresses were divided into classes:

Class 1st Octet of IP Address Default Subnet Mask / prefix Network / Host Structure Number of Networks Max Hosts per Network
A 1 - 126 255.0.0.0 (/8) N.H.H.H 126 16,777,214
B 128 - 191 255.255.0.0 (/16) N.N.H.H 16,384 65,534
C 192 - 223 255.255.255.0 (/24) N.N.N.H 2,097,152 254
D 224 - 239 Multicast
E 240 - 254 Experimental/Reserved

Subnet Mask

Which part of the IP identifies the network. Which part identifies the host

A subnet is a group of IP addresses that share the same network prefix (same subnet mask)
All devices in a subnet can reach each other without a router and are in the same broadcast domain

A subnet mask is a 32-bit number that tells the computer these bits belong to the network, and these bits belong to the host

Example:

IP Address:   192.168.1.10
Subnet Mask:  255.255.255.0

Let’s look at it in binary:

IP:     11000000.10101000.00000001.00001010
Mask:   11111111.11111111.11111111.00000000

Where the mask has 1, that part is the network.
Where the mask has 0, that part is the host.

  • Network part = 192.168.1
  • Host part = 10

Broadcast Address

If all host bits = 1 that IP is used to send data to all devices in the subnet

Example:

IP:    192.168.1.255
Mask:  255.255.255.0

IP:     11000000.10101000.00000001.11111111
Mask:   11111111.11111111.11111111.00000000

Everything in between is usable host addresses:

192.168.1.1
192.168.1.2
192.168.1.3
192.168.1.4
...
192.168.1.254

So some addresses can’t be used in every subnet, which are:

  • First address = The network itself address (Network Address) 192.168.1.0
  • Last address = Broadcast address 192.168.1.255

CIDR Notation

Instead of writing long subnet masks, we use CIDR (Classless Inter-Domain Routing)

192.168.1.0/24

/24 = first 24 bits are network and remaining 8 bits = host

Shorter and easier to read

Host calculation:

Host bits = 32 - prefix (CIDR)

Usable hosts = 2^(host bits) - 2

Example /24:

  • Host bits = 32 - 24 = 8
  • Usable hosts = 2⁸ = 256 - 2 = 254

Example /28:

  • Host bits = 32 - 28 = 4
  • Total addresses = 2⁴ = 16
  • Usable hosts = 14

Subnetting

Splitting a large network into smaller networks.

Example: Split /24 into 4 subnets

192.168.1.0/24

Know what /24 means:

/24 = 255.255.255.0

Binary:

11111111.11111111.11111111.00000000

Every bit you borrow doubles the number of subnets.

So:

  • 1 borrowed bit = 2 subnets
  • 2 borrowed bits = 4 subnets
  • 3 borrowed bits = 8 subnets

That’s why we use:

2^n

Where n = number of borrowed bits

So for 4 subnets you borrowed 2 bits from the host portion.

11111111.11111111.11111111.11000000

Remaining host bits = 6

2⁶ = 64 total addresses
64 - 2 = 62 usable

Changed to /26

/26 = 255.255.255.192

The subnet size is:

256 - 192 = 64

So each subnet jumps by 64

Subnet Network Usable Hosts Broadcast
1 192.168.1.0/26 .1 - .62 .63
2 192.168.1.64/26 .65 - .126 .127
3 192.168.1.128/26 .129 - .190 .191
4 192.168.1.192/26 .193 - .254 .255

Special IPv4 addresses

Special IPv4 addresses are reserved blocks not for general internet use, serving specific network functions

0.0.0.0

Represents no specific address. Used as a source address during boot or to mean any address

127.0.0.1

A loopback address is an IP address that sends network traffic back to the same machine instead of going out to the network.
The loopback interface is virtual. Everything stays inside the OS. The traffic never leaves the system. Each device has its own loopback interface.

127.0.0.1 the most common loopback address but the entire range 127.0.0.0 - 127.255.255.255 is reserved for loopback.

It allows a computer to communicate between applications on the same device, test networking software and run servers locally

Example:

If you run a web server on your computer and visit:

http://127.0.0.1

You are accessing your own computer, you are visiting yourself.

Loopback vs localhost

localhost = hostname

127.0.0.1 = IP address

They usually point to the same place, but localhost depends on system configuration.

169.254.x.x

link-local address (specifically APIPA in IPv4).

It is automatically assigned when a device fails to get an IP address from a DHCP server.
Even though it’s not private, it is also not public, it cannot be routed on the internet, and routers will drop it.

APIPA (Automatic Private IP Addressing)

Used mainly by Windows (but supported by others)

Range: 169.254.0.0 - 169.254.255.255

Private vs Public IPv4 Addresses

A public IP address is an address that can be accessed over the Internet.

  • Assigned by ISPs or regional authorities.

  • Must be globally unique.

  • Any device on the Internet can see these addresses.

  • Traffic to a public IP goes through the Internet and routers worldwide.

A private IP address is used only inside a local network.

  • Cannot be routed on the Internet.
  • Multiple organizations can use the same private IP ranges internally.
  • Requires NAT (Network Address Translation) or a proxy to access the Internet.
Private IPv4 Address Ranges
Range Class Network Size Size
10.0.0.0 - 10.255.255.255 A 16,777,214 hosts /8
172.16.0.0 - 172.31.255.255 B 1,048,574 hosts /12
192.168.0.0 - 192.168.255.255 C 65,534 hosts /16

NAT (Network Address Translation)

NAT is a technique that translates private (internal) IP addresses into public (external) IP addresses, and vice versa.
Since we havea a IPv4 shortage and public IPv4 addresses are limited. It allows multiple devices on a private network to share a single public IP address when accessing the Internet.

Static NAT

One-to-one mapping

Internal IP to specific public IP

Dynamic NAT

Many-to-many mapping from a pool of public IPs

Internal IP gets any available public IP temporarily, limited by the number of public IPs in the pool

PAT (Port Address Translation) / NAT Overload

Many-to-one mapping

Uses ports to differentiate connections, this is the most common NAT type in homes.

Routing

Routing is simply choosing the next network to send a packet to, it’s the process routers use to decide the next hop for a packet so it reaches its destination

Not the final destination just the next step is called a hop

Static Routing

also known as non-adaptive routing which doesn’t change the routing table unless the network administrator changes or modifies them manually.

Dynamic Routing

also known as adaptive routing, automatically updates the routing table whenever there is a change in the network topology. It uses complex algorithms to calculate routes, but it is less secure compared to static routing.

When a change occurs, routers exchange messages and recalculate the routes to ensure updated routing information is shared across the network.

Routing Tables

A routing table is a map the router or device uses to decide where to send network traffic.

Routing Protocols

IGMP (Internet Group Management Protocol)

IGMP is used to manage multicast groups on IPv4 networks. Hosts tell routers which multicast streams they want to receive, and routers forward traffic only to those hosts. It’s commonly used in streaming and IPTV.

RIP (Routing Information Protocol)

RIP is a distance-vector routing protocol. Routers share their routing tables every 30 seconds, using hop count as the metric. It’s simple and works for small or legacy networks, but it’s limited to 15 hops.

OSPF (Open Shortest Path First)

OSPF is a link-state routing protocol. Routers share information about network links to calculate the shortest path using bandwidth as the cost. It’s widely used in medium-to-large enterprise networks.

EIGRP (Enhanced Interior Gateway Routing Protocol)

EIGRP is an advanced distance-vector protocol (Cisco proprietary). It calculates routes based on bandwidth, delay, reliability, and load for faster convergence. It’s common in Cisco enterprise networks.

BGP (Border Gateway Protocol)

BGP is a path-vector protocol used to route traffic between autonomous systems (AS) on the Internet. It selects routes based on AS paths and policies, and is the backbone of global Internet routing.

TTL (Time To Live)

A value in the IP packet header that limits the lifespan of the packet. Prevent packets from looping forever if routing loops exist.

Every router (hop) decrements TTL by one. If TTL reaches 0, the router drops the packet and may send an ICMP “Time Exceeded” message.

Fragmentation

The process of breaking a large IP packet into smaller pieces (fragments) so it can traverse a network link with a smaller Maximum Transmission Unit (MTU): The largest packet size a link can carry.

If a packet is bigger than the MTU, it cannot pass through without being fragmented.

VLANs (Virtual LANs)

A logical segmentation of a physical network at the data link layer (Layer 2) that groups devices into distinct broadcast domains, even if they share the same physical switches

IPsec (Internet Protocol Security)

IPsec is a suite of protocols used to secure IP communications by authenticating and encrypting each IP packet between devices. It operates at the network layer (Layer 3), so it can protect all traffic between two endpoints.

IPv6 (Internet Protocol version 6)

IPv6 uses 128-bit addresses instead of 32-bit

128 bits, usually written as 8 groups of 4 hex digits separated by colons:

2001:0db8:85a3:0000:0000:8a2e:0370:7334

Leading zeros can be omitted:

2001:db8:85a3::8a2e:370:7334

Double colon :: represents one or more consecutive zero groups, but can appear only once in an address.