Networking Concept For Devops

Networking fundamentals are essential for understanding how data is transferred and communicated between devices. Here are the key concepts:

1. Network Types

• LAN (Local Area Network): A network that covers a small geographic area, like a home, office, or building.
• WAN (Wide Area Network): A network that covers a large geographic area, such as a city, country, or even global connections.
• MAN (Metropolitan Area Network): A network that spans a city or a large campus.
• PAN (Personal Area Network): A network for personal devices, typically within a range of a few meters.

2. Network Topologies

• Bus Topology: All devices are connected to a single central cable.
• Star Topology: All devices are connected to a central hub or switch.
• Ring Topology: Each device is connected to two other devices, forming a circular pathway.
• Mesh Topology: Devices are interconnected, with multiple paths for data to travel.

3. IP Addressing

• IPv4: Uses a 32-bit address space, typically represented in dot-decimal format (e.g., 192.168.1.1).
• IPv6: Uses a 128-bit address space, represented in hexadecimal (e.g., 2001:0db8:85a3:0000:0000:8a2e:0370:7334).

4. Subnetting

• Subnet Mask: Divides an IP address into the network and host portions (e.g., 255.255.255.0).
• CIDR (Classless Inter-Domain Routing): Notation for specifying IP addresses and their associated routing prefix (e.g., 192.168.1.0/24).

5. DNS (Domain Name System)

• Translates human-readable domain names (e.g., www.example.com) into IP addresses.

6. Routing

• Static Routing: Manually configured routing tables.
• Dynamic Routing: Automatically updated routing tables using protocols like OSPF, RIP, or BGP.

7. Switching

• Layer 2 (Data Link Layer): Uses MAC addresses to forward frames.
• Layer 3 (Network Layer): Uses IP addresses to route packets.

8. Protocols

• TCP/IP (Transmission Control Protocol/Internet Protocol): The foundational protocols for the internet, ensuring reliable communication.
• UDP (User Datagram Protocol): A connectionless protocol used for time-sensitive transmissions.
• HTTP/HTTPS (Hypertext Transfer Protocol/Secure): Protocols for transferring web pages.
• FTP (File Transfer Protocol): Used for transferring files.
• SMTP (Simple Mail Transfer Protocol): Used for sending emails.

9. Network Devices

• Router: Directs data packets between different networks.
• Switch: Connects devices within a single network, forwarding data based on MAC addresses.
• Hub: A basic device that broadcasts data to all devices in a network.
• Modem: Converts digital data to analog for transmission over phone lines.
• Access Point: Allows wireless devices to connect to a wired network.

10. Security

• Firewall: Controls incoming and outgoing network traffic based on security rules.
• VPN (Virtual Private Network): Creates a secure connection over a public network.
• Encryption: Protects data by converting it into a secure format during transmission.

OSI Model

The OSI (Open Systems Interconnection) model is a conceptual framework used to understand network interactions in seven layers:

1. Physical Layer: Transmits raw bit streams over a physical medium (cables, radio frequencies).
2. Data Link Layer: Provides node-to-node data transfer and error detection (Ethernet, Wi-Fi).
3. Network Layer: Manages data routing and forwarding (IP).
4. Transport Layer: Ensures reliable data transfer (TCP, UDP).
5. Session Layer: Manages sessions between applications.
6. Presentation Layer: Translates data between the application and network (encryption, compression).
7. Application Layer: Provides network services to end-users (HTTP, FTP, SMTP).

Switching

What is Switching?

Switching is the process of directing data packets between devices within the same network or local area network (LAN). Switches operate primarily at the Data Link Layer (Layer 2) of the OSI model but can also function at the Network Layer (Layer 3).

Types of Switches

1. Layer 2 Switches: Operate at the Data Link Layer. They use MAC addresses to forward data within the same network.
2. Layer 3 Switches: Also known as multilayer switches, these operate at both the Data Link Layer and the Network Layer. They can perform routing functions and use IP addresses to forward packets.

How Switching Works

• MAC Address Table: Switches maintain a MAC address table that maps MAC addresses to specific ports.
• Forwarding: When a switch receives a frame, it checks the destination MAC address. If the address is in the MAC address table, the switch forwards the frame to the corresponding port.
• Flooding: If the MAC address is not in the table, the switch floods the frame to all ports except the one it was received on.
• Learning: As switches receive frames, they learn the MAC addresses of devices connected to each port and update the MAC address table.

Routing

What is Routing?

Routing is the process of directing data packets between different networks. Routers operate at the Network Layer (Layer 3) of the OSI model and use IP addresses to determine the best path for forwarding packets.

Types of Routing

1. Static Routing: Routes are manually configured and do not change unless modified by an administrator.
2. Dynamic Routing: Routes are automatically adjusted based on network conditions using routing protocols like OSPF, RIP, or BGP.

How Routing Works

• Routing Table: Routers maintain a routing table that contains information about network paths.
• Forwarding: When a router receives a packet, it checks the destination IP address and uses the routing table to determine the best path for forwarding the packet.
• Protocols: Dynamic routing protocols help routers exchange information and update routing tables to reflect network changes.

Differences Between Switching and Routing

• Layer: Switching operates at Layer 2, while routing operates at Layer 3.
• Function: Switching connects devices within the same network, while routing connects different networks.
• Addressing: Switching uses MAC addresses, whereas routing uses IP addresses.

DNS (Domain Name System)

The Domain Name System (DNS) is a hierarchical and decentralized naming system for devices connected to the internet or a private network. It translates human-readable domain names (like www.example.com) into IP addresses (like 192.168.1.1), allowing users to access websites and other resources using easy-to-remember names instead of numerical IP addresses.

Key Components of DNS

1. Domain Names: Structured in a hierarchical manner, from top-level domains (TLDs) like .com, .org, .net, to second-level domains like example in example.com, and subdomains like www in www.example.com.
2. DNS Zones: Segments of the DNS namespace, managed by a specific organization or administrator. Each zone contains information about a portion of the DNS namespace.
3. DNS Records: Entries in the DNS database that provide information about domain names, including IP addresses, mail servers, and other services.

Types of DNS Records

• A (Address) Record: Maps a domain name to an IPv4 address.
• AAAA (IPv6 Address) Record: Maps a domain name to an IPv6 address.
• CNAME (Canonical Name) Record: Alias of one domain name to another.
• MX (Mail Exchange) Record: Specifies the mail servers for a domain.
• TXT (Text) Record: Holds arbitrary text data, often used for verification and configuration purposes.
• NS (Name Server) Record: Specifies the authoritative name servers for a domain.
• PTR (Pointer) Record: Maps an IP address to a domain name (reverse DNS lookup).
• SRV (Service) Record: Specifies information about available services.

How DNS Works

1. DNS Query: When a user types a domain name into a browser, a DNS query is initiated.
2. Recursive Resolver: The user's device sends the query to a recursive resolver, often provided by the ISP or a third-party DNS service like Google DNS (8.8.8.8).
3. Root Name Servers: The resolver queries root name servers, which respond with the address of the TLD name servers.
4. TLD Name Servers: The resolver then queries the TLD name servers, which respond with the address of the authoritative name servers for the domain.
5. Authoritative Name Servers: The resolver queries the authoritative name servers, which respond with the final IP address of the domain.
6. Response: The resolver returns the IP address to the user's device, which can then connect to the target server.

Key Networking Concepts

1. IP Addressing: Assigning unique addresses to devices in a network to identify and communicate with each other.
2. Subnets: Dividing a network into smaller, manageable segments to improve performance and security.
3. DNS (Domain Name System): Translating human-readable domain names into IP addresses.
4. Routing: Directing data packets between networks based on IP addresses.
5. Firewalls: Controlling incoming and outgoing network traffic based on predetermined security rules.
6. Load Balancers: Distributing network or application traffic across multiple servers to ensure reliability and performance.
7. VPN (Virtual Private Network): Creating a secure connection over the internet between remote users and a private network.
8. NAT (Network Address Translation): Modifying network address information in IP packet headers to map private addresses to public addresses.

Practical Implementation

1. IP Addressing

Assigning an IP Address to a Network Interface:

bash:
sudo ip addr add 192.168.1.100/24 dev eth0 
sudo ip link set dev eth0 up        

2. Subnetting

Creating and Managing Subnets: You can define subnets in your network configuration files or use tools like ipcalc to calculate subnet ranges.

bash:
sudo apt-get install ipcalc ipcalc 192.168.1.0/24        

3. DNS

Configuring DNS Resolution: Edit /etc/resolv.conf to set your DNS servers.

bash:
sudo nano /etc/resolv.conf        

Add the following lines:

Copy code:
nameserver 8.8.8.8 
nameserver 8.8.4.4        

4. Routing

Adding Routes:

bash:
sudo ip route add 192.168.2.0/24 via 192.168.1.1        

Displaying Routing Table:

bash:
ip route show        

5. Firewall

Using iptables for Firewall Rules:

bash:
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT 
sudo iptables -A INPUT -j DROP        

Saving Firewall Rules:

bash:
sudo iptables-save > /etc/iptables/rules.v4        

6. SSH

Setting Up SSH Access:

bash:
sudo apt-get install openssh-server 
sudo systemctl enable ssh 
sudo systemctl start ssh        

Connecting to a Remote Server via SSH:

bash:
ssh user@remote-server-ip        

7. NAT

Setting Up NAT using iptables:

bash:
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE 
sudo iptables -A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT 
sudo iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT        

Enabling IP Forwarding:

bash:
sudo sysctl -w net.ipv4.ip_forward=1        

8. Testing DNS Configuration

Using dig to Test DNS:

bash:
dig @localhost example.com        

Using nslookup to Test DNS:

bash:
nslookup example.com 127.0.0.1        

Practical Use in DevOps

Automating Network Configuration with Ansible

Example Ansible Playbook for Network Configuration:

yaml:
---
- name: Configure network settings
  hosts: all
  become: yes
  tasks:
    - name: Assign IP address
      command: ip addr add 192.168.1.10/24 dev eth0

    - name: Bring up network interface
      command: ip link set dev eth0 up

    - name: Add static route
      command: ip route add 192.168.2.0/24 via 192.168.1.1

    - name: Add static MAC address entry
      command: bridge fdb add 00:11:22:33:44:55 dev eth0