Learn Some Linux Series - Networking Part 1

This is part 1 of several parts in this interesting series. It will seem like more of an essay than tutorial, but for beginners, you may not find such information in a simple tutorial elsewhere, so I am sure you will like it and it will be fun to read thru.

For our Linux machine to be online or even be able to print and access a network drive / a network attached system(NAS), it needs to be plugged in via Ethernet port or connected to wireless network (Wireless AP) that itself is attached the network via a wired port.

Our Linux machines or for that matter anything that needs to be online or be accessible on the network, including printers, generally have a wired port, also called Ethernet port or Interface, or Network Interface Card (NIC). Some devices may only have a wireless port (a virtual port as there is no physical port, but inside they do have a corresponding Radio card to transmit and receive data via wireless called Wi-Fi).

Wireless or wired port could be connected to your own private network (home or work/school) for internet and access to local resources (like a network printer or a file server (NAS), or to a public network (hotel / airport / cafe / school or office Guest Wi-Fi) to get to Internet. Properly setup Public networks will only let you go to Internet and also isolate you from anyone else that is on the same Public network for security reasons.

So whether your PC / laptop / Network printer is connected via wired or wireless, ultimately, the next device up that provides you services, will be connected via a wired Ethernet port to rest of network to get to Internet or other local network resources.

LAN (Local Area Network) is a term used to describe a wired network that is private to your home or office or school. A WAN (Wide Area Network) is term used to describe connectivity to outside of your network. WAN could be private linkages (called circuits or private line) between multiple branch offices / retail stores linked / meshed together to regional offices, which then may link into Headquarters or datacenters. These private circuits may be leased lines from local Telcos (telephone companies or ISP or Service Providers) in the form of MPLS (which is a routed / L3 service) or Metro Ethernet or Virtual Private Line Service (VPLS, a L2 service) or even dark fiber service, which is a fiber line extension end to end. L2 and L3 will be explained later, when we will talk about MAC address and IP address.

WAN can also be used to describe a link to internet (via ISP). You will find such markings on the typical home routers or firewalls.

Network equipment consists of Network switches, Network Routers and Network Firewalls and various other things including server load balancers, proxy servers and other special purpose appliances in the form of dedicated antivirus / antispam / web filtering appliances and many others like Network Attached Storage (NAS), external drive cages that carries multiple hard drives, attached to servers via suitable interfaces / ports (like eSATA, iSCSI, fiber channel).

Network switches are appliances that terminates (connects) the end wired devices like PCs, Phones, printers, servers, wireless Access Points (APs or sometimes written as WAPs) and many such devices. There can be a hierarchy of network switches (edge switches or access switches are closest to user devices like PCs, phones, printers, distribution switches, are the a large building level consolidation switches that will connect to various edge switches spread over a large building and these distribution switches will then connect to core switches, which are fast switches, with high speed ports and glue all the distribution switches or in smaller setups, will directly terminate the edge switches or a mix.

The links connecting the switches together are called uplinks. The uplinks could be copper (to support 1, 2.5 and 5Gig, Gbps, or gigabit per second speed) up to 100 meters or fiber cabling for distances exceeding 100 meters or for bandwidth exceeding 1Gig, like 10, 25, 40 or 100Gig uplinks found in datacenters or Telco or large universities or special scientific setups.

The uplinks can also be bundled (teamed) multiple copper or fiber links for redundancy (resiliency) or for increased bandwidth.

While we are at Network Switches and LAN, there is another concept of VLAN or Virtual LANs, while there is no concept of virtualization as you would have heard of putting multiple virtual servers or virtual machines (VMs, or Instances) in one physical larger configuration server hardware, VLANs essentially split a single LAN into multiple VLANs so that each VLAN behaves like its own LAN, wherein we can configure the switch to isolate the VLANs from each other or restrict in certain ways as to what is allowed in terms of communication between them, or simply to improve performance in a larger network by cutting down on the broadcast and multicast traffic (will talk about these concepts little later).

The isolation between VLANs in a LAN or physical network in a single site, is generally achieved by applying some sort of Access Control List (ACL) on the Core or Distribution Switch.

There is a a concept of layering of communication among two peer devices on a LAN or WAN. You can research and read more about OSI (Open Systems Interconnections, with Open implying open standards based) 7 Layer conceptual model. Basically, we have Layer 1 which consists of the physical cabling (like Ethernet copper Category or CAT6, CAT5e, CAT5, in the increasing order of capacity to carry data rates of 10Gbps about 100 feet on CAT6 and 5Gbps and below up to 330 feet or 100 meters and 5Gbps or lower on CAT5e for up to 330 feet, 1Gbps for about 50 feet on CAT5 or 100Mbps for up to 330 feet and also older CAT3 for 10Mbps up to 330 feet, and fiber cabling of Multimode (typical inside offices or datacenter) carrying up to 10Gbps on new Optical Mode, OM4 or OM3 (Violet/Aqua or Aqua colored) for 1500 feet and 1000 feet respectively for 10Gig and much longer range for 1Gig transmission speeds. You will come across older OM2 or even OM1 fiber (these are orange colored) and they only allow maybe 75 feet for 10Gig and 500 feet for 1Gig. There are some special expensive fiber transceivers (transmitter and receiver modules that you plug into switch ports that are normally blank, unlike copper ports which are built-in) that can allow much longer range to carry 10Gig over older fiber cabling (if you work in IT, marketing and aggressive sales may push you to install new OM3/OM4 etc for 10Gig though you can easily save money by retaining old OM2 and just use some expensive Fiber transceivers (also called SFP or SFP+ for 1 and 10Gig respectively and they stand for Small Form-Factor Pluggable, to distinguish it from much wider older styled that were called GBIC to stand for GigaBit Interface Converter to convert fiber to copper behind). You may have also heard of a term Media converter, which is an external small box that takes fiber on one end, and converts to traditional copper Ethernet port on other side. This unit needs separate AC / DC power supply also.

Another example of Layer 2 link will be a radio wireless bridge that connect two buildings or two sites together in a clear Line of Sight (LOS) situations within a shorter range of few hundred feet to maybe 3 to 5 Kilometers with small antennas (a square patch or dish type) on rooftops pointing to each other, as long as you can see the other end from one end and clear intervening trees and building clutter. You can of course go much longer range (as typical Wireless ISPs will do) with towers and taller buildings or shooting form hill top to hilltop or down to valley.

After data from other end ingresses into local device over Ethernet port via cabling or radio link in the form of serial bits reception, next level of processing happens at Layer 2, which is also called MAC layer (media access control) wherein data stream is assembled back into frames and error detection and correction is done. MAC address comes from this L2 definition, as data is only sent by sender to the recipient device that has the target MAC address specified by the sender. MAC addresses are unique (generally factory set / burned-in) for each Ethernet port (NIC), while there is provision in certain devices like firewalls to change / clone the WAN port MAC to a different one (generally to the old one if you are migrating and your ISP was authenticating you based on your MAC address). MAC address could be your national ID number that never changes for you, like a SSN in US or SIN in Canada. VLANs also work at L2, though for each of IT administration, we will normally assign different IP subnet to each different VLAN we will have. While two different VLANs cannot have overlapping IP subnets, we can have multiple IP subnets into a single VLANs.

Do note that mac address based communication will only happen within the same LAN (and if you have VLANs then only within same VLAN based switch ports attached devices) or at the initial hop or final hop of the end to end communication over the WAN.

After the data stream is assembled into correct L2 frames by the MAC layer, they carry a Layer 3 (L3) packet information (called packet headers) that include the IP address of the receiver. The IP address is a L3 address, which is not fixed (like your phone number or your home address) and this address can be statically defined to remain fixed (as in case of servers or other such appliances) so that it never changes unless you change it, or it can be automatically set to a dynamic changeable address via DHCP process. DHCP is Dynamic Host Configuration Protocol. Host was a term used in the past to refer to a computer or server, when they were really big machines, but it is still used in the network infrastructure side of things to name them via hostname. Try issuing hostname and also hostnamectl on your RPi or server and see the output. Our phones and PCs / laptops are generally good to work with DHCP addressing.

Configuration in DHCP implies network address configuration, wherein not only IP address is allocated to a host or machine set for DHP or dynamic addressing, but it also provides things like subnet mask (sometimes simply written as mask), gateway and DNS servers and scores of other parameters which could be things like timezone, time sync (NTP) server address, special options like a phone to find its server for configuration download and for it to join the PBX and for wireless APs to find and join its wireless controller.

IP address as needed for L3 end to end communication between two peer devices, is divided into various address blocks. IPv4 is the vast majority in use over the internet and also within the LAN for private communication. Note IPv1 thru IPv3 were all developed and used internally during research phases. Similarly IPv5 was also internal testing and commercial one the next one is IPv6. With IPv4 originally designed not considering wide spread use for commercial internet or for gross misunderstanding when giving out huge chunks to companies and universities, wherein they hardly used a fraction, caused IPv4 to be exhausted. So no new IPv4 is being given out to companies or ISPs, but ISPs have plenty of IPv4 stock available and they keep using it for their customers at least in US/Canada. For Cell phones, many countries / Mobile carriers are using IPv6, while some in North America actually give out private IPs to cell phones.

When quick depletion of IPv4 was realized to happen in near future, years ago by authorities responsible to govern the allocation and control of IP addressing, there was still many block or ranges of IPs available and they came out with three ranges for Private IP addressing that can only be used within your LAN (and underlying VLANs) and they will not be allowed over the Internet. So that allowed same IP ranges to be used by different users. As long as there is no private linkages between sites, same private IP blocks could be used. And if you had multiple sites that you wanted to link together, like multiple branches of offices to a HQ office, you will use a different IP block (a subnet) for each office site and that will not be used in another site of the same company (or school or retail store etc).

The IPv4 (or henceforth let us just call it IP) consists of 4 sets of numbers each ranging from 0 to 255 and separated by dots or period for easy reading and specifying, like The 0 and 255 and many others are set for many other use than private or public internet use. Each of these 4 sets of numbers are constructed in binary (the language of 0 and 1 that computers understand and work on) set of 8 numbers called bits. So complete IP address comprises of a number of 32 bits in 4 blocks of 8 bits each. The permutations and combinations of these 8 bits of 0 and 1 will range from 0 to 255.

The three address blocks that were set aside for private use are, and is the first IP of the block that spans from to The /16 denotes that first two blocks of 8 are set for designating the network number and last sets of two numbers are for use by the hosts within that block. The full range will result into more than 64000 IPs. Of course we will not need so many IPs in a small home or office or even school. Neither that will be good for network performance as we will talk about later.

So we generally will break that huge /16 block into smaller blocks called subnets. /24 block will result into 255 subnets into /16 full block. So we can then use these /24 in various vlans and across sites. And then a branch can then fuhrer divide allocated /24 subnet into smaller subnets like /26 or even /28 for 64 or 16 IPs for their VLANs.

The subnet mask can be either represented as in /24 or For /16, it will be and for /28, it will be Essentially you divide it into first in full parts of 8 and represent each such part as 255 and then remaining number will be less than 255. While /16 or /24 is easy to comprehend, for /28, we have 3 full 8s (255) and then remainder of 4 (we take square of 4 and then reduce it by 1 and then subtract from 255 for final number of 240). So it became Similarly you will arrive at for /29 and for /27 etc.

First IP of any subnet is called network address and last number is called broadcast address. If we take an example of, then represents the network address for this subnet and as broadcast address. Next /28 in same range starts at as network address and as broadcast address for subnet of

second private IP block is which is much larger than /16 for 16 times more addresses, and it ranges from to

And third private IP block is which is further 16 times larger and ranges from to

We will further discuss network address and broadcast and many such things in subsequent parts to continue this series of several parts.


Glad that this helped understand some of basic but confusing topics. Make sure to read thru the whole series, to better understand most of how networking works in Linux and in IT system. There are other tutorials in this series and I keep adding as I find some time.