Easy Study Guide

Chapter 5

Fundamental Concepts

  • Control Plane: The network-wide logic that determines the end-to-end path taken by packets from source to destination.

  • Data Plane: The local, per-router function that moves packets from a router's input interface to the appropriate output interface (forwarding).

  • Routing: The process of determining "good" paths (routes) from sending hosts to receiving hosts through a network of routers.

  • Forwarding: The local action of transferring a packet from an input link interface to an output link interface.

Routing Algorithms & Approaches

  • Per-Router Control: The traditional approach where individual routing algorithm components in every router interact to determine routes.

  • Software-Defined Networking (SDN): An approach where a logically centralized remote controller computes and installs forwarding tables in routers.

  • Link-State (LS) Algorithms: A global routing approach where all routers have complete topology and link cost information (e.g., Dijkstra's Algorithm).

  • Distance Vector (DV) Algorithms: A decentralized, iterative approach where routers only know costs to neighbors and exchange information with them (e.g., Bellman-Ford Algorithm).

Protocols

  • OSPF (Open Shortest Path First): A classic link-state intra-AS routing protocol that uses Dijkstra's algorithm to compute forwarding tables.

  • BGP (Border Gateway Protocol): The standard inter-domain routing protocol, often called the "glue that holds the Internet together," used to connect different Autonomous Systems.

  • ICMP (Internet Control Message Protocol): Used for network-level error reporting and queries.

  • SNMP (Simple Network Management Protocol): A protocol used for network management and configuration.

Key Mathematical & Scalability Terms

  • Bellman-Ford Equation: The dynamic programming foundation for Distance Vector algorithms: $D_x(y) = \min_v \{ c_{x,v} + D_v(y) \}$.

  • Autonomous System (AS): Also known as a "domain," it is an aggregate of routers managed by a single administrative entity.

  • Count-to-Infinity Problem: A specific issue in Distance Vector routing where "bad news" (like link cost increases) travels slowly, potentially causing long-lasting routing loops.

Chapter 6

1. Fundamental Terminology

  • Nodes: Hosts and routers that are part of the network.

  • Links: Communication channels connecting adjacent nodes (e.g., wired, wireless, LANs).

  • Frame: The layer-2 packet that encapsulates a network-layer datagram.

  • Link Layer Responsibility: Transferring a datagram from one node to a physically adjacent node over a link.

2. Link Layer Services

  • Framing: Encapsulating datagrams into frames, adding headers and trailers, and using MAC addresses (not IP) to identify source and destination.

  • Reliable Delivery: Ensuring data transfer between adjacent nodes, which is crucial for high-error links like wireless.

  • Error Detection/Correction:

    • Parity Checking: Uses a single bit or two-dimensional parity to detect/correct single-bit errors.

    • Internet Checksum: Treats segment contents as 16-bit integers to detect flipped bits.

    • Cyclic Redundancy Check (CRC): A powerful method using a "generator" bit pattern to detect burst errors; widely used in Ethernet and WiFi.

3. Multiple Access Protocols (MAC)

When multiple nodes share a single broadcast channel, these protocols prevent or manage interference (collisions).

  • Channel Partitioning:

    • TDMA (Time Division): Access in "rounds" where each station gets a fixed-length slot.

    • FDMA (Frequency Division): Channel spectrum is divided into fixed frequency bands.

  • Random Access:

    • ALOHA/Slotted ALOHA: Nodes transmit immediately or in slots; collisions are handled by retransmitting with probability $p$.

    • CSMA (Carrier Sense): "Listen before transmit." If the channel is idle, transmit; if busy, defer.

    • CSMA/CD (Collision Detection): Used in wired Ethernet; aborts transmission immediately if a collision is detected.

  • "Taking Turns": Includes Polling (centralized master) and Token Passing (nodes pass a control message to take turns).

4. LAN Addressing & ARP

  • MAC Address: A 48-bit "flat" address burned into the Network Interface Card (NIC) ROM, used for local delivery.

  • ARP (Address Resolution Protocol): Used to determine a node's MAC address when only its IP address is known.

    • ARP Table: Stores <IP; MAC; TTL> mappings.

    • ARP Query: Broadcast to all nodes on a LAN to find a specific IP-to-MAC mapping.

5. Ethernet & Switches

  • Ethernet: The dominant wired LAN technology. It is connectionless and unreliable (no ACKs/NAKs at the link layer).

  • Ethernet Switch: A link-layer device that is "transparent" to hosts and "self-learning".

    • Self-Learning: Switches build a forwarding table by recording the incoming interface of every frame they receive.

    • Filtering/Forwarding: If a destination is in the table, the switch forwards the frame to the specific interface; otherwise, it floods (sends to all interfaces).

6. Summary Comparison

Feature

Router

Switch

Layer

Network Layer (Layer 3)

Link Layer (Layer 2)

Device Role

Examines IP headers

Examines MAC headers

Tables

Routing algorithms compute tables

Self-learning via flooding/MACs

Chapter 7

This cheat sheet covers the essential concepts and terms from Chapter 7: Wireless and Mobile Networks.

1. Wireless Network Components

  • Wireless Hosts: Laptop, smartphone, IoT devices; may be stationary or mobile.

  • Base Station: Typically connected to the wired network. Responsible for sending/receiving packets to/from wireless hosts in its coverage area (e.g., Access Points in WiFi, gNodeB in 5G).

  • Wireless Link: Connects hosts to base stations or other hosts. It has unique characteristics like varying signal strength and interference.

  • Infrastructure Mode: Hosts connect to a base station (the "infrastructure") which connects them to the wider Internet.

  • Ad Hoc Mode: No base station; nodes can only transmit to other nodes within link range.

2. Physical Layer Characteristics

  • Decreasing Signal Strength: Radio signals attenuate as they propagate through matter (path loss).

  • Interference from Other Sources: Standard 2.4 GHz radio frequencies are shared by WiFi, cordless phones, and even microwave ovens.

  • Multipath Propagation: Radio signals reflect off objects, arriving at the destination at slightly different times.

  • SNR (Signal-to-Noise Ratio): The ratio of the strength of the signal to the background noise. A higher SNR makes it easier to extract the signal.

  • BER (Bit Error Rate): As SNR decreases, BER increases. To maintain a low BER at lower SNR, networks must switch to lower transmission rates.

3. WiFi (802.11) and CSMA/CA

  • BSS (Basic Service Set): The fundamental building block of WiFi, containing wireless stations and an Access Point (AP).

  • Channels: The 2.4 GHz or 5 GHz bands are divided into channels; APs choose specific channels to minimize interference with neighbors.

  • Scanning:

    • Passive: Host listens for Beacon frames sent by APs.

    • Active: Host broadcasts a Probe Request and receives Probe Responses.

  • CSMA/CA (Collision Avoidance): Unlike Ethernet, WiFi cannot detect collisions while transmitting. It uses:

    • RTS/CTS (Request/Clear to Send): Optional reservation frames to solve the Hidden Terminal Problem (where two nodes can't hear each other but both can hear the AP).

    • ACKs: The link layer uses acknowledgments to confirm receipt because the chance of error is high.

4. Cellular Networks (4G/5G)

  • 4G (LTE) Architecture:

    • UE (User Equipment): Your mobile device.

    • eNodeB: The base station.

    • MME (Mobility Management Entity): Handles device authentication and tracking.

    • P-GW (PDN Gateway): The gateway to the public Internet.

  • 5G Changes: Moves toward a "Service-Based Architecture" and uses gNodeB for higher speeds and lower latency.

  • Handoff: The process of a mobile device switching from one base station's coverage to another without dropping the connection.

5. Mobility Principles

  • Home Network: The permanent "home" of the mobile device.

  • Visited Network: The network the device is currently roaming in.

  • Permanent Address: The IP address assigned by the home network (stays constant).

  • Care-of-Address (COA): A temporary address assigned by the visited network.

  • Indirect Routing: Packets go from the correspondent to the Home Agent, then are tunneled to the mobile device in the visited network.

  • Direct Routing: The correspondent learns the COA and sends packets directly to the mobile device.

6. Other Wireless Technologies

  • Bluetooth (802.15.1): Low power, short range, "Personal Area Network" (PAN) using a TDM (Time Division Multiplexing) master/slave relationship.

  • 4G/5G (Wide Area): Range in kilometers, used for mobile broadband.

  • IoT (LoRa, Zigbee): Designed for very low power consumption and small data rates over long periods (e.g., smart meters).

Chapter 8

This cheat sheet covers the essential principles and protocols from Chapter 8: Network Security.

1. The Four Pillars of Network Security

  • Confidentiality: Only the sender and intended receiver should "understand" the message contents. Achieved via encryption.

  • Authentication: The sender and receiver want to confirm the identity of each other (confirm you are who you say you are).

  • Message Integrity: Ensuring the message is not altered (either maliciously or by accident) during transmission.

  • Access and Availability: Services must be accessible and available to users (protection against DoS attacks).

2. Cryptography Principles

  • Symmetric Key Cryptography: Sender and receiver share the same exact secret key (e.g., AES, DES).

    • Challenge: How do you securely share the key in the first place?

  • Public Key (Asymmetric) Cryptography: * Public Key: Known to everyone (used to encrypt).

    • Private Key: Known only to the owner (used to decrypt).

    • RSA Algorithm: The most common implementation based on the difficulty of factoring large prime numbers.

3. Message Integrity & Digital Signatures

  • Cryptographic Hash Function: Takes an input and produces a fixed-size string (e.g., SHA-256). It is computationally infeasible to find two different messages with the same hash.

  • MAC (Message Authentication Code): A "checksum" created using a shared secret to ensure integrity and authenticity.

  • Digital Signature: The sender "signs" a message by encrypting the message hash with their private key. Anyone can verify it using the sender's public key.

  • Certification Authority (CA): A trusted third party that binds a public key to a specific entity by issuing a Digital Certificate.

4. Securing Higher Layers

  • Transport Layer (TLS/SSL): Provides confidentiality, integrity, and authentication for TCP connections (HTTPS). Uses a "handshake" to establish keys.

  • Network Layer (IPsec): Secures data between "host-to-host" or "gateway-to-gateway." It encrypts the entire IP datagram (Tunnel Mode).

  • Email Security (PGP): Uses a mix of symmetric and asymmetric encryption to provide security for inherently "offline" communication.

5. Network Defenses

  • Firewalls: Isolates an organization's internal network from the public Internet.

    • Stateless Packet Filtering: Inspects individual packets based on IP/Port.

    • Stateful Packet Filtering: Tracks the state of TCP connections to prevent unauthorized incoming traffic.

    • Application Gateways: Filters based on application-specific data (e.g., a proxy).

  • Intrusion Detection Systems (IDS): Performs Deep Packet Inspection to look for known attack signatures or anomalies within the packet payload, beyond just headers.

6. Common Attacks

  • Eavesdropping: Sniffing packets to read confidential data.

  • Impersonation (Spoofing): Faking a source IP address.

  • Man-in-the-Middle (MITM): An attacker sits between two parties, intercepting and potentially altering communication.

  • Denial of Service (DoS): Flooding a server with so many requests that it becomes unavailable to legitimate users.