Classroom Public page

Week 1: What Is a Network?

1,147 words

Before you can read a packet, you need a model of what packets are and where they live. This week you build that model: the layered architecture that every networking protocol slots into, and why the layers exist.

Theme

When you send an HTTP request to a server, your browser hands bytes to your operating system, which wraps them in a TCP segment, which gets wrapped in an IP packet, which gets wrapped in an Ethernet frame, which gets converted to electrical or optical signals on a wire. The server's hardware unwraps all of that in reverse. The model that describes this unwrapping sequence is the basis of every protocol you will study in this course. This week you build the model before touching any specific protocol.

Reading (~45 minutes)

  1. Kurose & Ross, Ch 1 §1.1-1.3 ("What is the Internet?", "The Network Edge", "The Network Core"): the packet-switched internet at a high level; hosts, links, routers
  2. Kurose & Ross, Ch 1 §1.5 ("Protocol Layers and Their Service Models"): OSI vs TCP/IP; what a layer is; why layers exist
  3. Optional: Wikipedia, "OSI model" (the table in the introduction listing all 7 layers with their functions)

Lecture outline (~2 hours)

Section 1: What a network is

  • A network is a set of devices connected by communication links, able to exchange data
  • The Internet is a network of networks: your home network connects to your ISP; your ISP connects to backbone providers; backbone providers interconnect at Internet Exchange Points
  • No single owner, no single router. The Internet is built from thousands of independent networks that agree on a common set of protocols
  • Physical substrate: copper wire (short distances), fiber optic (long distances, including undersea cables), radio (Wi-Fi, cellular)

Section 2: Packets and packet switching

  • Data travels in chunks called packets, not as a continuous stream
  • Each packet contains a header (addressing and control information) and a payload (the actual data)
  • Packet switching: routers read the destination address in each packet's header and forward it toward the destination. Each router makes an independent forwarding decision. Packets from the same conversation can take different paths.
  • Circuit switching (older phone network model): a dedicated path is reserved for the duration of a call. Packet switching reuses links more efficiently.

Section 3: The OSI model

  • OSI (Open Systems Interconnection) model: 7 layers, each responsible for a specific function
  • The key idea: each layer provides a service to the layer above it and uses the service of the layer below it. Each layer communicates logically with its peer layer on the other end.
Layer Name Example protocols
7 Application HTTP, DNS, SMTP, FTP
6 Presentation TLS (encryption), MIME
5 Session (largely absorbed into application layer in practice)
4 Transport TCP, UDP
3 Network IP (IPv4, IPv6)
2 Data Link Ethernet, Wi-Fi (802.11)
1 Physical copper wire, fiber, radio
  • OSI is a reference model. Real protocols do not map cleanly to it. Use it as a vocabulary tool, not a strict guide.

Section 4: The TCP/IP model

  • TCP/IP model: 4 layers, matching how the Internet is actually built
Layer TCP/IP name Maps to OSI layers Examples
4 Application 5-7 HTTP, DNS, SMTP
3 Transport 4 TCP, UDP
2 Internet 3 IP
1 Link 1-2 Ethernet, Wi-Fi
  • Most practitioners think in TCP/IP layers, not OSI layers. But the OSI names (layer 3, layer 4) are still used as shorthand.

Section 5: Headers all the way down

  • Encapsulation: as data moves down the stack on the sender's machine, each layer adds a header (and sometimes a trailer)
  • At the receiver, each layer strips its header and hands the payload up to the next layer
  • What a packet actually looks like on the wire:
[ Ethernet header | IP header | TCP header | HTTP request | Ethernet trailer ]
  • Wireshark shows this as a tree: you can expand each header and see its fields. The packet-detail pane is a direct visual map of encapsulation.

Section 6: Your first Wireshark capture

  • Open the academy pcap-tools workbench at /pcap-tools/
  • Load smoke-tcp-syn-dns.pcap: a minimal capture with two protocol types
  • In Wireshark, click a packet. The middle pane shows the layer tree. The bottom pane shows raw bytes.
  • Identify: which bytes are the Ethernet header? Which are the IP header? Which are the TCP or DNS payload?
  • The layer tree in Wireshark is a direct display of encapsulation. Each row in the tree corresponds to one header.

Labs (~90 minutes)

No separate lab file for week 1. The lab is the pcap-tools workbench exercise above:

  1. Open the pcap-tools workbench at /pcap-tools/
  2. Load smoke-tcp-syn-dns.pcap (or tall-100-frames.pcap for a longer capture)
  3. For each of 3 packets: name every layer you can see in the protocol tree; record the source and destination at the Ethernet layer (MAC addresses) and at the IP layer (IP addresses)
  4. Write a one-paragraph description of what you think happened in the capture, based solely on the layer structure you observed
  5. Commit the paragraph (as a text file) to your net-101/ Git repository as week-1-observations.txt

Artifact: week-1-observations.txt committed to Git.

Independent practice (~7 hours)

  1. Read Kurose & Ross Ch 1 fully; take notes on anything that surprises you
  2. Read Stevens TCP/IP Illustrated Ch 1 ("Overview"): note how Stevens organizes the protocol family compared to Kurose-Ross
  3. Load smoke-tcp-syn-dns.pcap again in pcap-tools. Open the display-filter bar. Type dns and press Enter. How many packets remain? Now type tcp. How many? What does the filter do to packets that do not match?
  4. Look up "Internet Exchange Point" and read how IXPs work. Where is the nearest IXP to you?
  5. Look up "autonomous system" (AS) and read the definition. What AS number does your ISP use? (You can find this at https://bgp.he.net/ by looking up your IP address.)

Reflection prompts (~30 minutes)

  1. The OSI model has 7 layers and the TCP/IP model has 4. The Internet runs on TCP/IP, not OSI. Why do people still teach the OSI model?
  2. Packet switching reuses links efficiently because packets from many different conversations share the same wire. What is the tradeoff? What problem does packet switching NOT solve?
  3. "Headers all the way down" means every layer adds overhead. A 1-byte payload in a TCP/IP packet is still wrapped in 40+ bytes of headers. Is this overhead worth it? What does each header layer buy you?
  4. When Wireshark displays a packet, it decodes every header automatically. Before that decoding exists, a network engineer reading a capture sees raw bytes. How would you identify where the IP header ends and the TCP header begins if you had no decoder?
  5. The Internet has no single owner. What does that mean for reliability? For censorship? For who can see your traffic?

What comes next

Week 2 zooms into the link layer: Ethernet frames, MAC addresses, and ARP. You will open your first capture that shows a device learning where another device is on the local network.