TCP/IP Tutorial for Beginner

By Xah Lee. Date: . Last updated: .

This is a basic tutorial on TCP/IP, for beginner programer or scientists. In a hour, you should have a basic understanding.

TCP/IP is a set of protocols, and is the primary tech of the internet. When you browse the web, send email, chat online, online gaming, TCP/IP is working busily underneath.

What is a protocol?

A protocol is a set of agreeed-upon rules and procedures, such as what format to use, what data mean specifically, when should data be send, what are the numbers in the data mean exactly, their order, what commands exist/allowed, what error code are there and their meaning, etc.

When two computers exachange data, they can understand each other if both follow specific format and rules in a protocol.

The Internet Protocol (aka TCP/IP protocol suite) is a set of rules and procedures, and computers that use this protocol then can communicate meaningfully.

Basic Scenario

Suppose you are sending email, or downloading a file, or chat with a friend online, or visiting a web page. What happens underneath?

You application (email, chat, etc) breaks the data into thousands of tiny independent pieces. Each piece is called a Datagram (aka packet). Each datagram has embedded with it the destination IP address. Your computer send this datagram to your Router (aka “link”), and your router send it to a appropriate node (another router or computer) on the network that's closer to the destination. That router again send it to a another node (router) on the network that's closer to the destination. This process continues until the designated machine with the IP address receives it. This is done for each and every datagram. On the receiving machine, it re-assembles all these datagrams into the original whole piece in the right order, and send it to the right application on that machine (the email server, or web server, or chat server. (which in turn, repeat the same thing to send it to your friend's machine.))

Computer/software follow a set of standardized rules of procedure when talking to each other. This standardized rules of procedure used for internet is called the TCP/IP Internet protocol suite.

Wikipedia links:

Important Hardware: Network Adapter, Router

Network Interface Controller

First, you have Network interface controller (NIC) (aka network interface card, network adapter, LAN adapter, network card). It's a piece of hardware that lets your computer talk to the internet. All internet-capable device has at least one. Today's computer usually has two, one for Ethernet (wired) and one for wireless.

Network interface controller

Ethernet RJ45 cable 2017 03 13 22348
Ethernet cable, for wired internet.
usb network adapter 68283
USB wireless network adapter. This is used if your computer does not have wireless network adapter builtin.

Usually, on phone, laptob, the wireless network adapter is builtin.

network adapter card 2017 03 13
Network adapter card. This is used if your computer does not have wired ethernet builtin.

How to list all Network Adapters?

Type ip link or ifconfig -a.

◆ ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 2c:27:d7:28:2b:ae brd ff:ff:ff:ff:ff:ff

the eth0 is the Network Adapter. The 2c:27:d7:28:2b:ae is that adapter's MAC address.

the lo one is “loopback” MAC address. It is not a physical network adapter. Don't worry if you don't know what it is for now.

We'll use Linux commands as examples here. For Microsoft Windows, see: Windows: Networking Commands.


Then, the second most important hardware is Router. Router transfer packets between computers.

home wifi router 77349
wireless router for home use. router
home wifi router ports 2017 03 13
Home wireless router ports.

The Network Adapter (wired or wireless) in your computer send signals to the router, then the router either send it to other computer in your home, or send it to the internet via physical cable or phone line connected to it (typically a device called Cable Modem) .

Avaya ERS-8600 router
A router for industrial use. It can support 40k Ethernet connections. Avaya ERS 8600 image source

Typically, each internet device start with its software sending info to the Network Adapter, then the Network Adapter send it to a router, then router send it to another router, and so on, until a router send it to a destination computer's Network Adapter. (the destination is usually a corporation's machine, we call it “server”. (e.g. when you use facebook, twitter, google search, or websites.) The server, either stores your info (e.g. photos), or send it to another user. (e.g. chat/email.))

Router is sometimes called Gateway. (in more technical context, “gateway” may mean a “protocol converter”, that is, a router that connects to networks that uses different protocols.)

MAC Address = Hardware Address = Physical Address

Each Network Adapter has a ID, called MAC address (aka hardware address, physical address). This ID is burned into the hardware. (“MAC” is abbreviation for “Media Access Control” (the name is historical).)

MAC address is a 48 bits number. Usually written as 6 groups of 2 hex digits. For example, 01-23-45-67-89-ab or 01:23:45:67:89:ab. Each 2 hex is a octet.

octet means 8 bits. The term “byte” is not used because byte was not always 8 bits in the past.

Octet = 8 bits = 2^8 bits (8 binary digits) = 16^2 bits (2 hexadecimal digits) = 256 values.

bit means binary digit. A binary digit is either 1 or 0. e.g. 4 bits looks like this: 1001, or 0011, or 1100, etc.

How to find the MAC address of the Network Adapters on my machine?

Type ip link or ifconfig -a.

◆ ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 2c:27:d7:28:2b:ae brd ff:ff:ff:ff:ff:ff

the eth0 is the netkwork adapter. The 2c:27:d7:28:2b:ae is that adapter's MAC address.

the lo one is “loopback” MAC address. It is not a physical network adapter. Don't worry if you don't know what it is for now.

IP Address

IP address is used to identify all internet devices. (Each internet device may have one or more IP address.) It's part of the IP protocol.

There are 2 versions of IP address: IPv4 and IPv6.

IPv4 is the older standard. Because it's only 32 bits, good for 2^32 unique address (about 4.2 billion). This is not enough since late 1990s. So, IPv6 was invented.

as of today 2018-04-30, 23% of internet devices use IPv6. See stat at

ipv4 address notation diagram
IPv4 address notation
ipv6 address notation diagram
IPv6 address notation

How to find the IP address of my network adapter?

Type ip addr or ifconfig -a.

◆ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 2c:27:d7:28:2b:ae brd ff:ff:ff:ff:ff:ff
    inet brd scope global eth0
    inet6 fe80::2e27:d7ff:fe28:2bae/64 scope link
       valid_lft forever preferred_lft forever

The eth0 is your network adapter. The is its current IP address.

How to find the IP address of my router?

Type ip route. The line containing “default” has the IP address of default router.

◆ ip route
default via dev eth0  proto static dev eth0  scope link  metric 1000 dev eth0  proto kernel  scope link  src  metric 1

The is the router's IP address.

Host, Hostname

A “host” typically refers to a particular computer (or internet device). A Hostname is basically just a name for a machine. It is used mostly as a human-friendly form to identify a machine. A host/machine may have more than one IP address (because it can have multiple Network Adapter, or, a computer can be setup to function as a router, etc.).

How to find my hostname?

Type hostname

Network vs Host

Each node on the internet is grouped into the concept of “network”. For example, all computers in a company is one network. Same thing for all computer in a government organization, school, homeoffice. Each is usually grouped into one or more “network”.

Each internet device (host) is then a part of a network. A router connects to more than one network (by definition).

(Hosts in a network is not necessarily near each other physically.)

IP Address Structure: Network, Host, Special Addresses

IP addresses are divided into 2 parts: network and host. The beginning bits are the network, the rest are host.

When a router gets a packet, it needs to know where to send this packet to (of all devices connected to it). Ultimately, this is done by a look-up table called Routing table (aka Routing Information Base, RIB) When the “network” part of a destination IP address matches the “network” part of a “from/origin” IP address, then the router knows it's from the same network, so it can send to the host machine. Else, it is a different network, it can send it to another router.

(partitioning the IP address into 2 parts (network and host) is a way to makes routing more efficient. For example, if you have to route street address, it's good to have a structure of {country, state, county}, so that you first find out which country it is for, then just search address within that country, and you first find out which state it is for, so you don't have to search all address in al statets, etc. Without this country/state/county/zip-code etc structure, you need to search giant flat table of addresses, which is very inefficient. For the same reason, is the network/host division of the IP address.)

Classful Network (HISTORY!)

Classful network

In the old days (before 1994), the network part is fixed to be one of {8 bits, 16 bits, or 24 bits}, called {class A network, class B network, class C network}.

Whether the network part is {8 bits, 16 bits, or 24 bits} is determined by the first few bits.

Classful Network Architecture
ClassLeading bitsRange of first octet (decimal)Number of networksNumber of addresses per network
A00 to 1272^7 = 1282^24 = 16777216
B10128 to 1912^14 = 163842^16 = 65536
C110192 to 2232^21 = 20971522^8 = 256

There's also class D and E, both for special purposes.

Classful Network Architecture
ClassLeading bitsRange of first octet (decimal)Purpose
D1110224 to 239For multicast (sent to multiple networks. (“broadcast” is sent to all hosts))
E11110240 to 247Reserved/Experimental

Classful Network scheme is no longer used.

Classless Inter-Domain Routing (CIDR)

Classful design isn't efficient. Because either you have a network with too many hosts, or a network with not enough hosts. A solution is Classless Inter-Domain Routing (CIDR), which is used today.

With CIDR, the number of bits for network part varies. It's written like this, meaning the first 24 bits are network.

Netmask: Network Bitmask

Each IPv4 address comes with a 32 bits number called bitmask. Bitmask is used to indicate how many bits are the network part. The network bits are 1, and host bits are 0.

For example, if a IP address has a bitmask of 11111111 11111111 00000000 00000000, it means the first 16 bits of the IP address is network, and rest the host.

CIDR notation is a human-readable notation of IP address with bitmask to indicate network/host part. Like this: x.x.x.x/n, where the x.x.x.x is the usual dotted decimal notation for IP address, and the n is the number of bits for the network part. This notation is sometimes called “CIDR prefix”.

Here's a table of CIDR notation and the corresponding bitmask.

CIDR notation
CIDR prefixdotted decimalbitmask
/0x.x.x.x00000000 00000000 00000000 00000000
/1128.x.x.x10000000 00000000 00000000 00000000
/2192.x.x.x11000000 00000000 00000000 00000000
/3224.x.x.x11100000 00000000 00000000 00000000
/4240.x.x.x11110000 00000000 00000000 00000000
/5248.x.x.x11111000 00000000 00000000 00000000
/6252.x.x.x11111100 00000000 00000000 00000000
/7254.x.x.x11111110 00000000 00000000 00000000
/8255.x.x.x11111111 00000000 00000000 00000000
/9255.128.x.x11111111 10000000 00000000 00000000
/10255.192.x.x11111111 11000000 00000000 00000000
/11255.224.x.x11111111 11100000 00000000 00000000
/12255.240.x.x11111111 11110000 00000000 00000000
/13255.248.x.x11111111 11111000 00000000 00000000
/14255.252.x.x11111111 11111100 00000000 00000000
/15255.254.x.x11111111 11111110 00000000 00000000
/16255.255.x.x11111111 11111111 00000000 00000000
/17255.255.128.x11111111 11111111 10000000 00000000
/18255.255.192.x11111111 11111111 11000000 00000000
/19255.255.224.x11111111 11111111 11100000 00000000
/20255.255.240.x11111111 11111111 11110000 00000000
/21255.255.248.x11111111 11111111 11111000 00000000
/22255.255.252.x11111111 11111111 11111100 00000000
/23255.255.254.x11111111 11111111 11111110 00000000
/24255.255.255.x11111111 11111111 11111111 00000000
/25255.255.255.12811111111 11111111 11111111 10000000
/26255.255.255.19211111111 11111111 11111111 11000000
/27255.255.255.22411111111 11111111 11111111 11100000
/28255.255.255.24011111111 11111111 11111111 11110000
/29255.255.255.24811111111 11111111 11111111 11111000
/30255.255.255.25211111111 11111111 11111111 11111100
/31255.255.255.25411111111 11111111 11111111 11111110
/32255.255.255.25511111111 11111111 11111111 11111111

subnet, subnet mask


network subnetting diagram
Creating a subnet by dividing the host identifier image source

IPv4 Special Address: All 0 or All 1

When the network part of a IP address or the host part of a IP address is all 0 or all 1, it has special meaning.

IPv4 Reserved IP addresses

Reserved IP addresses

Reserved IPv4 addresses
RangeDescription network (only valid as source address) network Address Space (for autoconfig) network Protocol Assignments, documentation and examples to IPv4 relay network benchmark tests, documentation and examples, documentation and examples multicast (former Class D network) (former Class E network)

Private network

IANA-reserved private IPv4 network ranges
private IPv4 network rangesStartEndNo. of addresses
24-bit block (/8 prefix, 1 × A) 777 216
20-bit block (/12 prefix, 16 × B) 048 576
16-bit block (/16 prefix, 256 × C) 536

Any user may use any of the reserved blocks. Typically, a network administrator will divide a block into subnets; for example, many home routers automatically use a default address range of through (

TCP/IP Protocol Layers

IP stack connections
TCP/IP data flow. The solid lines is the actual data connection. The dotted lines are abstract connection.
  • “Host” means a computer.
  • The “process” means a running software program, such as web browser.
  • The “link” means “router”.
  • {Ethernet, fiber, satellite} are physical links (For example, cable or radio wave transmissions.)
[image source ]

TCP/IP is a set of protocols that are logically separated into 4 layers. They are:

Each layer down covers more detail about how to send a datagram.

Here's a human example. If i send you a letter, i'm not concerned about how it gets there, by car, by plane, boat, or who delivers the letter, or what happens if its raining. All I care, is the mail content and address, and whether you got the letter (and how soon you can get it). This is the highest level. But beneath it, there must be a system, such as address system, transportation system, government law or structure for delivering mail, etc.

In TCP/IP, the highest layer, the Application Layer, is concerned only about software sending some content (a sequence of bytes) to another address such as email address or URL or IP address. The lowest layer, the link layer, is concerned about how to actually connect hardware things physically, over cable/wire or radio waves. Such as the design of the cable, the electric signals.

Here's more detail about each layer.

Application layer (process-to-process): This is the high level layer. Application layer are protocols that focus communication from a high-level perspective, the application's perspective. Such as send/receive the data. The format of the data. For example, {HTTP (web), SMTP (email), DHCP (automatic host config)} are protocols at this level.

Transport layer (host-to-host): provides end-to-end communication services for applications. The transport layer provides convenient services such as connection-oriented data stream support, reliability, flow control, and multiplexing. Two most used protocols in this layer are TCP and UDP.

Internet layer (internetworking): The internet layer is about exchanging datagrams across machines. This layer defines the addressing and routing structures used in TCP/IP. The primary example is the IP (Internet Protocol), which defines IP addresses. Its function in routing is to send datagrams to the next router that is closer to the destination IP address.

Link layer: This layer is pretty much about physical connection technology. That is, translating packets to various electric or optical wire signals, or wireless by radio waves or satellite transmission. The Ethernet, it's cable, is considered a standard of the link layer.

UDP encapsulation
Sample encapsulation of data in TCP/IP. At top, the highests abstraction layer, the data is simply what we want to send, such as email content. Then, the data is broken into many small Datagrams (aka packets). Below it, the Transport layer, it shows a datagram. It adds a “header” to the datagram. This header contain info such as how exactly we send it, should be connection oriented or not, etc. Below it, the IP header, contains even more lower level info. And so on. [image source ]

Port Number

port → a integer number. It serves as a address for software application to talk to TCP. IP address is used to identify a computer. Once the packet arrived on the computer, the port number serves as a address to identify the software that send/receive messages. Port (computer networking)

Port number is used by TCP and UDP.

port is a 16-bits number. Port numbers are divided into three ranges:

Well-known ports are those from 0 through 1023. Examples:

here's a complete list. List of TCP and UDP port numbers


Network socket is basically a API for programs to talk to the network. A socket address is a combination of IP address and a port number. 〔Network socket

So, when a browser, or email app, want to talk to the internet, they speak to the socket. The socket is usually provided by the Operating System as a API. The programer don't have to worry about TCP/IP details, he just create a socket (by calling a function or new object), specify IP address, port number, and type of connection, and call functions/methods to send/receive data on it.

Here's sample doc of coding socket in different languages:

Connection Oriented vs Connectionless

There are 2 types of connection in TCP/IP: 1. connection oriented 2. connectionless.

TCP/IP by nature is a connectionless network, because each datagram is independent. This is called Packet switching networking technology. (meaning, lots of small data “packets” are sent. Each one independent of another. They swarm towards destination, by routing (the “switch” part))

Packet Switching is in contrast to circuit switching tech.

Circuit Switching network is a connection-oriented networking approach. when a caller calls another, a electric circuit is established between the callers. It is used by early analog telephone networks. Circuit switching network in a sense dedicates the cable (or channel, medium) per active call/connection. Circuit switching

JT Switchboard 770x540
A telephone operator manually connecting calls with cord pairs at a telephone switchboard. Photo taken in 1975. (photo by Joseph A Carr. Used with permission) image source

However, a packet switching network (tcp/ip) can emulate the effects of physical connection by using protocols that acknowledge transmission, then establishing a virtual connection. TCP does this.

Here's how connection-oriented networking works. When a packet is sent, the receiver sends back acknowledgement. If the sender don't receive this, it re-sends. When a session of communication is over, the sender and receiver say goodbye to each other, therefore “closes” the connection. In this way, communication is established as if thru physical connection, even though the data units transmitted is actually discrete and goes thru many routers that doesn't have any notion about who is connected to whom.

TCP connection
TCP protocol connection. image source

IP Datagram

An IP packet consists of a header section and a data section.

An IP packet has no data checksum or any other footer after the data section. Typically the link layer encapsulates IP packets in frames with a CRC footer that detects most errors, and typically the end-to-end TCP layer checksum detects most other errors.


List of IP protocol numbers

IPv4 Header Format
Offsets Octet 0 1 2 3
Octet Bit 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
0 0 Version IHL DSCP ECN Total Length
4 32 Identification Flags Fragment Offset
8 64 Time To Live Protocol Header Checksum
12 96 Source IP Address
16 128 Destination IP Address
20 160 Options (if IHL > 5)

Routing schemes: unicast, anycast, multicast, broadcast


The Internet Protocol addressing system recognize 3 main types of addressing.

Transmission Control Protocol (TCP)

Transmission Control Protocol

TCP provides a communication service at an intermediate level between an application program and the Internet Protocol (IP). That is, when an application program desires to send a large chunk of data across the Internet using IP, instead of breaking the data into IP-sized pieces and issuing a series of IP requests, the software can issue a single request to TCP and let TCP handle the IP details.

TCP Header
Offsets Octet 0 1 2 3
Octet bit 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
0 0 Source port Destination port
4 32 Sequence number
8 64 Acknowledgment number (if ACK set)
12 96 Data offset Reserved
0 0 0
Window Size
16 128 Checksum Urgent pointer (if URG set)
Options (if ‹data offset› > 5. Padded at the end with "0" bytes if necessary.)

Sequence number has 2 meanings depending on SYN flag in the datagram is on or off.

UDP (User Datagram Protocol)

User Datagram Protocol

UDP send datagrams without prior communications to set up special transmission channels or data paths.

UDP uses a simple transmission model with a minimum of protocol mechanism. It has no handshaking dialogs, and thus exposes any unreliability of the underlying network protocol to the user's program. As this is normally IP over unreliable media, there is no guarantee of delivery, ordering or duplicate protection. UDP provides checksums for data integrity, and port numbers for addressing different functions at the source and destination of the datagram.

UDP is suitable for purposes where error checking and correction is either not necessary or performed in the application, avoiding the overhead of such processing at the network interface level. Time-sensitive applications often use UDP because dropping packets is preferable to waiting for delayed packets, which may not be an option in a real-time system.[2] If error correction facilities are needed at the network interface level, an application may use the Transmission Control Protocol (TCP) or Stream Control Transmission Protocol (SCTP) which are designed for this purpose.

Datagram Congestion Control Protocol (DCCP)

Stream Control Transmission Protocol (SCTP)

Address Resolution Protocol (ARP)

Address Resolution Protocol = a protocol that creates a look-up table for mapping IP address to MAC address.

Each host has a ARP cache. If a host want to send data to another host in the same segment, it checks if the MAC address is in the ARP cache, if not, the host sends a broadcast called ARP request frame. The receiver with the IP address will respond and give it's MAC address.

Reverse Address Resolution Protocol (RARP) is obsolete, replaced by Bootstrap Protocol (BOOTP) then by Dynamic Host Configuration Protocol (DHCP).

Internet Control Message Protocol (ICMP)

Internet Control Message Protocol

The Internet Control Message Protocol (ICMP) is one of the core protocols of the Internet Protocol Suite. It is chiefly used by the operating systems of networked computers to send error messages indicating, for example, that a requested service is not available or that a host or router could not be reached. ICMP can also be used to relay query messages. It is assigned protocol number 1.

ICMP differs from transport protocols such as TCP and UDP in that it is not typically used to exchange data between systems, nor is it regularly employed by end-user network applications (with the exception of some diagnostic tools like ping and traceroute).

ICMP for Internet Protocol version 4 (IPv4) is also known as ICMPv4. IPv6 has a similar protocol, ICMPv6.

ICMP, often used by router to send messages back to host to indicate problems. Here's common scenarios.


Internet Group Management Protocol

The Internet Group Management Protocol (IGMP) is a communications protocol used by hosts and adjacent routers on IP networks to establish multicast group memberships. IGMP is an integral part of IP multicast.

IGMP can be used for one-to-many networking applications such as online streaming video and gaming, and allows more efficient use of resources when supporting these types of applications.

IGMP is used on IPv4 networks. Multicast management on IPv6 networks is handled by Multicast Listener Discovery (MLD) which uses ICMPv6 messaging in contrast to IGMP's bare IP encapsulation.


Routing is one of the most important element in internet, because it is routing that moves data.

By definition, a router has 2 or more network adapters, because a router is used to forward data between different networks. For home routers, usually one end is connected to a cable modem or DSL modem to the internet, and the other hand are Ethernet ports for the home network.

The most critical part is the routing table. Routing table can be manually setup, called static routing, but is almost always constructed automatically by other “discovery” protocols, called dynamic routing. (because, manually setting up the routing table is humanly impossible when there are more than a handful of networks.) Routing table can still be manually adjusted, however.

Routing Table

Routing table

Routing table, aka Routing Information Base (RIB), is a data table stored in a router or a computer that lists the routes to particular network destinations, and in some cases, metrics (distances) associated with those routes. The routing table contains information about the topology of the network immediately around it.

The construction of routing tables is the primary goal of routing protocols. Static routes are entries made in a routing table by non-automatic means and which are fixed rather than being the result of some network topology “discovery” procedure.

How to see the routing table of my computer?

Type ip route or route. Sample output:

◆ route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         UG    0      0        0 eth0
link-local      *          U     1000   0        0 eth0     *        U     1      0        0 eth0
◆ ip route
default via dev eth0  proto static dev eth0  scope link  metric 1000 dev eth0  proto kernel  scope link  src  metric 1

Your home computer's routing table is usually very short, because it's not a router. It basically just contain the destination of the router in your network.

Routing Protocols

The job of Routing Protocol is to fill the routing table.

There are 2 major types of routing protocol:

A link-state routing protocol is one of the two main classes of routing protocols used in packet switching networks for computer communications (the other is the distance-vector routing protocol). Examples of link-state routing protocols include open shortest path first (OSPF) and intermediate system to intermediate system (IS-IS).

The link-state protocol is performed by every router in the network. The basic concept of link-state routing is that every node constructs a map of the connectivity to the network, in the form of a graph, showing which nodes are connected to which other nodes. Each node then independently calculates the next best logical path from it to every possible destination in the network. The collection of best paths will then form the node's routing table.

This contrasts with distance-vector routing protocols, which work by having each node share its routing table with its neighbors. In a link-state protocol the only information passed between nodes is connectivity related.

Routing Information Protocol RIP. A distance vector routing protocol.

A RIP router broadcasts update message every 30 seconds. It can also request update.

Open Shortest Path First OSPF (a link-state routing protocol).

hop count

Routing loop problem

Core router

A core router is a router designed to operate in the Internet backbone, or core. To fulfill this role, a router must be able to support multiple telecommunications interfaces of the highest speed in use in the core Internet and must be able to forward IP packets at full speed on all of them. It must also support the routing protocols being used in the core. A core router is distinct from an edge router: edge routers sit at the edge of a backbone network and connect to core routers.

Autonomous System (Internet)

Dynamic Host Configuration Protocol (DHCP)

Dynamic Host Configuration Protocol

Zero configuration networking

Tunneling protocol

Computer networks use a tunneling protocol when one network protocol (the delivery protocol) encapsulates a different payload protocol. By using tunneling one can (for example) carry a payload over an incompatible delivery-network, or provide a secure path through an untrusted network.

Virtual private network

Simple Service Discovery Protocol (SSDP)

Simple Network Management Protocol

Network segment. A term for a portion of network. For example, An Ethernet hub is a device for connecting multiple Ethernet devices together and making them act as a single network segment.

Ethernet hub

Network switch A switch is a telecommunication device which receives a message from any device connected to it and then transmits the message only to the device for which the message was meant. This makes the switch a more intelligent device than a hub (which receives a message and then transmits it to all the other devices on its network).

Promiscuous mode

In computer networking, promiscuous mode or promisc mode is a mode for a wired network interface controller (NIC) or wireless network interface controller (WNIC) that causes the controller to pass all traffic it receives to the central processing unit (CPU) rather than passing only the frames that the controller is intended to receive. This mode is normally used for packet sniffing that takes place on a router or on a computer connected to a hub (instead of a switch) or one being part of a WLAN. The mode is also required for bridged networking for hardware virtualization.

In IEEE 802 networks such as Ethernet, token ring, and IEEE 802.11, and in FDDI, each frame includes a destination Media Access Control address (MAC address). In non-promiscuous mode, when a NIC receives a frame, it normally drops it unless the frame is addressed to that NIC's MAC address or is a broadcast or multicast frame. In promiscuous mode, however, the card allows all frames through, thus allowing the computer to read frames intended for other machines or network devices.


IEEE 802.11

Service set (802.11 network)

common problems

See: How to Diagnose Computer Networking Problems


firewall 21570
image source

Firewall (computing) filters traffic. Firewall can be classified by their power:

placement of firewall:

Firewall can be software based or hardware. The function of a firewall is often parts of other services or device. Most home OS has software based firewall. Some routers can also do some firewall functions, or be a powerful firewall. Firewall can also be a proxy server.

on Linux, Firewall framework is netfilter (iptables). For a intro, see: Linux: What's Netfilter, iptables, Their Differences?

Port scanner

DNS and host file

Hosts (file)

Domain Name System


Wide area network

Integrated Services Digital Network ISDN

High-Level Data Link Control HDLC


Asynchronous Transfer Mode




diskeynote talk by Radia Perlman at 2013

If you have a question, put $5 at patreon and message me.