Learn Some Linux Series - Networking Part 2

Continuing from Part 1, we will talk about more things on basics of networking before we delve into actual configuration of few things for our servers and appliances to be online. Simple desktop or RPi environment running off of dynamic private IPs (DHCP) will not bother you to configure network settings as the backend DHCP server takes care of that for these end user machines.

Broadcast is a term used in networking for same frames (L2 level data units) to be sent to every machine within the same LAN (or if you have segmented your LAN into VLANs, then broadcast frames confine into a particular VLAN). Why broadcast frames? Well, when we have a end user machine connect into a network (be it wireless or wired), it does not have an IP address to start communicating. Neither does it know who to ask for IP address. And since it does not yet have IP address (L3 concept), it is at L2 (since it has a mac address which is generally unique). In such situation, it simply broadcasts the request in the L2 environment, which is restricted to local LAN or VLAN. In small setup without VLANs, there is always a default VLAN number 1. So even a small home LAN without VLANs is actually a VLAN 1 setup.

The broadcast request for obtaining an IP address within confines of a LAN / VLAN will be received by every machine on that LAN / VLAN. In small setup, the home router or firewall will be serving the DHCP IPs (also called DHCP leases as it is given out for a leased term). And since router or firewall also has its interface in the same LAN, it receives the DHCP request as every other machine also does.

All machines that don’t have DHCP service running on them, will reject the request and not respond back, but the DHCP server will accept it and make its offer. Since DHCP server received the request coming in from a defined source mac address, it can now send the response back in a unicast manner in a point to point basis. Now there is some handshake between these two devices to lease the IP and end user device thus has IP address allocated, along with other essential items like subnet mask, gateway, DNS servers etc, plus a DHCP lease duration.

The device thus gets into a L3 communication mode with IP address allowing it to route the traffic outside of its own subnet / VLAN with the help of gateway which know how to get to outside the local LAN / VLAN / subnet. For most small setup, outside the LAN implies Internet.

You can override few things under IP settings (like in a windows machine, open command prompt, type ncpa.cpl and then select your Local Area Network Ethernet NIC, double click it, go to IPv4, Properties and you can change from dynamic to static for IP and / or for DNS. Not recommended for most end devices, but network techs, engineers and programmers may need to assign a static IP to their laptop / machine for various reasons (like for initial configuration of a device that has a default IP say and you will set your machine to (or anything other than 0.1, until You will also match the subnet mask (in this case or /24). Since you are directly connected to the device for its configuration, you will not need to go outside the subnet or to internet, so you can leave gateway and DNS as blank. if you do for testing, you will then populate the gateway (which in this case is 0.1) and DNS (which could be 0.1 as a typical home router or firewall or ISP modem, will also act as DNS caching proxy server). If I did not already mention, DNS is heart of Internet and is responsible for resolving the website names into their corresponding Public IP addresses as IP address is the actual destination that browser needs to send the request over to.

Another handy thing when initial programming the home routers / firewalls / wireless APs or any IOT is that we may need to change its IP to fit into our IP schema of our local LAN or a VLAN. If its user guide says its default IP is with a mask of /24, then as above, we assign a static IP of say 0.2 to talk to it, but then we need to change its IP to say with a mask of /24 and gateway of In that case, the moment you will make a change and apply it, we will lose access to it, and we will need to go back to our computer and change its IP to say To avoid this going back and forth (especially if you have multiple such devices to configure), you can assign additional IP(s) to windows machine under the same place where we assigned it a static IP, by hitting Advanced button and then it allows us to add a new IP. Specify in there with mask of Note there is no option for gateway as on a machine (or at least on a NIC), you can only have a single gateway, else any packet destined to outside the network will have no way to know which gateway to use, especially for same subnet IPs, but being a bad practice anyway, windows will not let you add a different gateway even for the different subnet IP). You can of course have the final IP set up first as static with correct gateway and then have the default IP subnet based IP as second IP as normally you will not need gateway on the vendor default IP.

Do note that we don’t want to have multiple IPs in the same subnet (like and on same NIC. There are some special use cases though that allows it. One case is hosting multiple websites on the same server (like Windows IIS webserver) wherein we can then peg different IPs to different websites.

Similarly, we can assign multiple IPs (of course in different subnets) in Linux OS as well. And with same subnets for use with multiple websites using virtualhosts configuration. We will cover that when we get to actual network configuration portion.

Another use of broadcast is for devices to communicate within the same subnet. Within same subnet (within same VLAN), communication happens with mac address. The application of course will use IP or DNS name (FQDN, Fully Qualified Domain Name like service1.ourdomain.com) to get to the server (or even to gateway), but under the hood, it uses DNS resolution from name to IP using the DNS query sent to configured DNS sever and then it uses its own subnet mask to hash the destination IP to find out if it is within its own subnet or outside. If it is within its own subnet, then it needs to know the mac address of that destination IP and if it is outside its own subnet, then it needs to take help of the gateway to route the packet out of the network and so it now needs to know the mac address of the gateway.

A protocol called ARP (address resolution protocol) is used by sending machine to get mac address of the destination it needs to deliver its packet to. Again, since sender does not know who owns the destination mac, it just sends a broadcast that is received by everyone within same VLAN and also by gateway and this request includes IP and request IP holder to send a unicast response back with its mac address. Correct receiver knows its own IP, so only that one will reply back with its mac address in a unicast manner back to sender. Sender then caches that mac address against that IP generally for 5 minutes. So if there is no frequent communication between these two devices, it will time out and ARP will be sent out again.

Broadcast address is the last IP of the subnet. For example subnet will have address represent the network address (used for routing purposes) and for broadcast purposes.

In a large network, we can see that there can be frequent DHCP and ARP request going on. Broadcast are very small packets, but broadcast is a high priority CPU interrupt and that means all machines will need to stop doing but they are doing and take a look at this packet and then drop it or act on it and then go back to what they were doing. So in a large network, this can cause slow downs, not from any bandwidth use, but from CPU interrupts. So we like to keep number of devices on a network smaller and divide / segment the network into various vlans. Different vlans / subnets also then allow us to isolate or limit communication between different vlans for security and compliance purposes as well.

To allow inter-vlan communication, the upstream core or distribution switch is utilized, which will have a leg in each of these vlans and that leg (a vlan interface or a subinterface of a physical interface) will have an IP address that will server as gateway for that vlan devices. So instead of a home router, you will have a core or distribution switch act as router or gateway for multi vlan scenarios.

Another thing we need to discuss is that in multiple VLANs scenarios, you will have a server VLAN that has DHCP server on it. And then multiple user vlans or special purpose vlans (like DMZ for putting in semi trusted devices in or to put internet accessible servers in them, like a web server or email server). In such multi vlan environment, a DHCP request from a user vlan will not be able to get to server vlan as broadcast does not traverse vlan boundary. In such situations, we will again use help of our distribution or core switch based IP acting as gateway for that vlan. Since DHCP request will be seen by the gateway present in that vlan, sitting on the core or distribution switch, we will let that routing switch to relay the DHCP request over to the DHCP server in server vlan. This concept in called dhcp-relay or dhcp-helper. Under each such vlan interface IP on our routing switch (or simply capable router), we will configure the IP address of the DHCP server(s), so any oncoming DHCP broadcast requests will be converted to unicast by router and sent to this configured DHCP server. This request includes IP of the VLAN interface and thus DHCP server which will have these multiple DHCP scopes (DHCP IP ranges in different subnets with other parameters) can then use the this included IP address to then give out an IP address in the same subnet as was the IP of the VLAN interface. This IP goes back to the router, which then send it over to the originating DHCP request sender.

Other option in smaller setups will be to have separate physical interfaces on the DHCP server in the separate VLANs and that way DHCP server can listen to DHCP requests from all these separate VLAN devices and then respond back to via corresponding NIC.

There is also a concept of multicasting, which allows a sender to send a packet to not all, but to multiple recipients. Since broadcast causes slow downs, multicasting if setup can be used for special applications (like Music on Hold, MOH in PBX to send the same music stream to multiple on hold parties at any time, or for Security IP cameras to stream their feeds to multiple security camera systems, network video recorders (NVRs). In absence of multicast configured properly, all multicast will become broadcast and thus cause slowdowns on network. Multicast uses a L2 protocol called IGMP to snooping on the multicast subscription requests that are generated by application running on these clients, being sent to multicast servers and thus relays stream coming in from server port(s) to these multicast clients only. Also note that multicast can jump across the vlan boundaries with the help of multicast routing protocols like PIM (L3) and using multicasting gateways

Multicast is also used by Apple TVs Airplay and Android / Chromecast devices to discover the audio / video content sitting in a different vlan by using Bonjour multicast or multicast DNS (mDNS) configuration. You have enough information and lingo to now make a suitable Google search if you need to know more about multicasting. And contrary to what we may think, the Netflix or Amazon does not use multicasting as it is meant for one way live streaming only. These companies will use many ISPs in your local areas to periodically dump into large storage boxes to cache the content so that hundreds of simultaneous users can be supported unicast streams at any time.

We will come back to network switches, routers, firewalls, Wireless APs and many other things in next and following sections of this tutorial.