# Comprehensive Guide to Computer Networking: From Basics to Advanced (2025 Edition) **Last Updated:** August 16, 2025 **Overview:** This document provides a full, end-to-end explanation of computer networking, compiling all concepts discussed in the conversation. It starts from the fundamentals of the OSI model (layers 1 to 9, including joke layers) and extends to advanced topics such as routing protocols with a focus on OSPF and BGP (including 2025 trends), physical media, addressing modes, Wi-Fi, NAT, VPNs, proxies, SOCKS5, WireGuard, Tailscale, Batfish, IEC power cables, network cable types, speeds, distances, ARP, troubleshooting, DNS and record types. The content is verbose, detailed, and example-heavy, with worked exercises, runnable labs using GNS3, LocalStack, Docker, Terraform, Python, and AWS, verbal walkthroughs for listening, and a trivia section with questions, answers, and explanations. The structure is logical and self-contained for easy copy-pasting and reference. ## Introduction Computer networking is the foundation of modern communication, enabling data exchange from simple local connections to global internet-scale systems. This guide covers everything from the physical transmission of bits to high-level application protocols and 2025 trends like QUIC, RPKI, ASPA, SRv6, and zero-trust architectures. It is designed as a practical resource with examples you can work through, labs you can run, and trivia to test your knowledge. We take the OSI model's joke layers seriously as reminders of real-world challenges. All labs assume a Linux environment (e.g., Ubuntu 22.04+) with tools like Docker, GNS3, Terraform, Python, and access to AWS or LocalStack for simulation. ## OSI Model (Layers 1–9, Including Joke Layers) The OSI (Open Systems Interconnection) model is a conceptual framework for understanding network interactions. It has seven official layers, with two joke layers added for practical realities. Each layer builds on the one below, abstracting complexity. ### Layer 1: Physical The Physical layer deals with the raw transmission of bits over a medium, including signaling, media types, connectors, speeds, distances, and power. It handles how data is converted into electrical, optical, or radio signals. - **Signaling and Media:** Bits are transmitted as voltages (copper), light pulses (fiber), or radio waves (wireless). For copper, differential signaling reduces noise; for fiber, lasers or LEDs modulate light; for wireless, modulation schemes like OFDM are used. - **Copper Media Types and Standards:** - 10BASE-T: 10 Mbps over twisted pair (Cat3 or better), max distance 100m. - 100BASE-TX: 100 Mbps (Cat5), max 100m. - 1000BASE-T: 1 Gbps (Cat5e/Cat6), max 100m, uses all 4 pairs with PAM-5 encoding. - 10GBASE-T: 10 Gbps (Cat6/Cat6a), max 55m on Cat6 or 100m on Cat6a, heavy DSP for crosstalk. - Higher speeds (25/40GBASE-T): Cat7/Cat8, shorter distances (30m or less), shielded for interference. - **Fiber Media Types and Standards:** - Single-Mode Fiber (SMF, OS1/OS2): Small core (8–10 µm), long distances (up to 80–100 km for 10GBASE-LR), uses lasers. Ideal for telecom backhauls. - Multimode Fiber (MMF): Larger core (50/62.5 µm), shorter distances (up to 2 km for 10G), uses LEDs. Variants: - OM1: 1G up to 275m. - OM3: 10G up to 300m, 40/100G up to 100m. - OM4: 10G up to 400m, 40/100G up to 150m. - OM5: Wideband, supports 400G SWDM up to 150m. - **Connector Types:** - Copper: RJ-45 (8P8C) for twisted pair. - Fiber: LC (small form-factor, duplex), SC (square push-pull), ST (twist-lock bayonet), MTP/MPO (multi-fiber for parallel optics like 40G SR4). - **IEC Power Cables:** - IEC 60320 standards for networking gear. - C13 → C14: Standard for PCs, servers, switches (up to ~10–15A, 250V). - C19 → C20: Higher-draw (up to ~16–20A, 250V) for core switches, UPS, blade chassis. - C7 (figure-8) and C5 (cloverleaf): Low-power adapters. - Regional plugs: AU/NZ uses AS/NZS 3112 (Type I, three flat pins) to connect to IEC cables. - PDUs (Power Distribution Units): Rack-mounted strips with metering/remote switching; use dual PDUs for redundancy. - **Speeds and Distances Examples:** - 10GBASE-T on Cat6a: 10 Gbps at 100m. - 100GBASE-LR4 on SMF: 100 Gbps at 10km. - 40GBASE-SR4 on OM4 MMF: 40 Gbps at 150m. - **Worked Example:** Calculate effective distance for a 10G link on OM3 MMF. Standard: 300m. But factor in loss (connectors add 0.3dB each); if loss exceeds budget, shorten the run. - **Troubleshooting at Layer 1:** Check link lights, replace cables, verify connector polarity (fiber TX/RX), test with cable certifier. Example: No link? Use ethtool eth0 to check speed/duplex; if mismatched, force negotiation. ### Layer 2: Data Link This layer organizes bits into frames, handles MAC addressing, error detection, and local delivery. It includes Ethernet, Wi-Fi, switches, ARP, VLANs, spanning tree, and LACP. - **Frames and MAC Addresses:** Frames include destination/source MAC (48-bit, e.g., AA:BB:CC:DD:EE:FF), EtherType (e.g., 0x0800 for IP), payload, FCS (checksum). Switches learn MACs to forward frames. - **ARP (Address Resolution Protocol):** Resolves IPv4 to MAC. Request: "Who has 192.168.1.1? Tell 192.168.1.77." Reply: "Is-at AA:BB:CC:DD:EE:FF." (RFC 826). - **Neighbor Discovery (ND):** IPv6 equivalent to ARP, uses ICMPv6 for solicitation/advertisement, plus router discovery (RFC 4861). - **VLANs (802.1Q):** Tags frames with 12-bit VLAN ID (1–4094), TPID 0x8100. Allows segmentation on shared links. - **Spanning Tree Protocol (STP):** Prevents loops. Variants: STP (802.1D, slow 30–50s convergence), RSTP (802.1w, fast <1s), MSTP (802.1s, VLAN-mapped). Guards: BPDU Guard, Root Guard. - **LACP (802.1AX, formerly 802.3ad):** Bonds links into LAG. Modes: Active (initiates), Passive (waits). Hashing by L2/L3/L4 for load balancing. - **Wi-Fi (802.11):** Layer 2 over radio. Bands: 2.4GHz (crowded, long range), 5GHz (DFS, shorter range), 6GHz (clean, Wi-Fi 6E/7). Standards: Wi-Fi 6 (ax: OFDMA, MU-MIMO), Wi-Fi 7 (be: MLO, 320MHz channels). Security: WPA3 (SAE, PMF required), OWE (encrypted open). Roaming: 802.11k/v/r. - **Worked Example (VLAN Tagging):** Frame without VLAN: [Dst MAC | Src MAC | EtherType | Payload | FCS]. With VLAN: [Dst MAC | Src MAC | 0x8100 | VID | EtherType | Payload | FCS]. Example VID 10 in hex: 0x000A. - **Worked Example (STP Election):** Three switches connected in triangle. Lowest bridge ID wins root. Ports transition: blocking → listening → learning → forwarding. - **Troubleshooting at Layer 2:** Duplex mismatch: Check ethtool eth0 for full/half; symptoms: CRC errors. Loop: High CPU from broadcasts. ARP table: ip neigh show. ### Layer 3: Network This layer handles logical addressing and routing packets across networks. It includes IP, ICMP, routing protocols, and addressing modes. - **IPv4 and IPv6:** IPv4 (32-bit, dotted quad), IPv6 (128-bit, hex colon). IPv4 depletion led to NAT; IPv6 has built-in features like ND. - **Classful vs Classless Addressing:** - Classful (legacy): Fixed prefixes based on first octet (A /8, B /16, C /24). Wasteful. - Classless (CIDR): Variable prefixes (/12, /27). Supports VLSM for efficient allocation. - **Common Ranges:** - Private IPv4 (RFC 1918): 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16. - CGNAT: 100.64.0.0/10 (ISP internal). - Loopback: 127.0.0.0/8. - Link-local: 169.254.0.0/16. - IPv6: ULA fc00::/7 (fd00::/8 random), link-local fe80::/10, loopback ::1, docs 2001:db8::/32 (RFC 4291). - **Subnetting:** Divide networks. Formula: Usable hosts = 2^(32 - prefix) - 2. - Worked Example 1: 10.23.200.45/20. - Mask: 255.255.240.0. - Third octet: 200 & 240 = 192. - Network: 10.23.192.0/20, broadcast 10.23.207.255, hosts 10.23.192.1–10.23.207.254 (4094 usable). - Worked Example 2 (VLSM): 172.20.0.0/16 into /22, /23, /24, /26. - /22: 172.20.0.0–3.255 (1022 hosts). - /23: 172.20.4.0–5.255 (510 hosts). - /24: 172.20.6.0–6.255 (254 hosts). - /26: 172.20.7.0–7.63 (62 hosts). - IPv6: Use /64 for subnets (SLAAC requires it). Example: fd12:3456:789a::/48 → fd12:3456:789a:1::/64. - **Addressing Modes:** - Unicast: One-to-one (default traffic, e.g., web browsing). - Broadcast: One-to-all on subnet (IPv4 only, e.g., 255.255.255.255; used for ARP, DHCP Discover). - Multicast: One-to-many (e.g., IPTV, OSPF Hellos; IPv4 224.0.0.0/4, IPv6 ff00::/8). - Anycast: One-to-nearest (by routing metric; e.g., DNS roots like 8.8.8.8, announced from multiple POPs; RFC 1546). - Incast: Many-to-one (fan-in bursts in data centers, overwhelms buffers; mitigate with ECN/DCTCP, RFC 8257, pacing/L4S, RFC 9330). - **ICMP:** Diagnostics (ping, traceroute). Example: ping uses echo request/reply. - **Routing Protocols:** - OSPF (Interior Gateway Protocol): Link-state, Dijkstra SPF, areas (backbone 0), LSAs (Type 1 Router, 3 Summary, 5 External), supports VLSM, fast convergence. v2 IPv4 (RFC 2328), v3 IPv6 (RFC 5340). Area types: normal, stub, NSSA. - Worked Example: In a triangle topology, OSPF elects DR/BDR, computes ECMP paths. - BGP (Exterior Gateway Protocol): Path-vector, scales the internet. eBGP (inter-AS), iBGP (intra-AS, full mesh or reflectors). Decision order: Weight, LOCAL_PREF, AS_PATH length, ORIGIN, MED, etc. Attributes: Communities (RFC 1997), Large Communities (RFC 8092), ADD-PATH (RFC 7911). - 2025 Trends: RPKI/ROV (RFC 6480/6811, validates origins), ASPA (path validation drafts), BGP-LS (SDN topology), SRv6 (RFC 8986, IPv6 segment routing for path control), EVPN/VXLAN (RFC 8365, DC overlays), BMP (RFC 7854, monitoring), Flowspec (RFC 8955, filtering). BGP hijacks remain a risk. - Worked Example: eBGP peering: Advertise prefix, set LOCAL_PREF 200 for preferred path. - **Troubleshooting at Layer 3:** ping/traceroute/mtr for reachability, ip route get for path, ip neigh for ARP/ND. Example: No route? Check default gateway. ### Layer 4: Transport Manages end-to-end delivery with segments/datagrams, ports (0–65535), and reliability. - **TCP:** Connection-oriented, reliable, ordered, congestion/flow control. Handshake: SYN → SYN-ACK → ACK. Example: TCP port 80 (HTTP), 443 (HTTPS). - **UDP:** Connectionless, low-latency, no guarantees. Example: UDP port 53 (DNS queries), 67/68 (DHCP). - **QUIC (RFC 9000):** UDP-based, combines TCP reliability + TLS, multiplexing for HTTP/3 (RFC 9114). 2025 heavy use for mobile/streaming. - **Worked Example:** TCP congestion: Slow start doubles window until loss, then AIMD (additive increase, multiplicative decrease). - **Troubleshooting at Layer 4:** netstat -tuln for ports, tcpdump tcp port 443 for flags (SYN, RST). ### Layer 5: Session Manages session establishment, maintenance, and termination. Example: RPC, gRPC, NetBIOS, session IDs in web apps. ### Layer 6: Presentation Handles data formatting, encryption, compression, serialization. Example: TLS/SSL (RFC 8446), JSON, ASN.1, character encoding (UTF-8). ### Layer 7: Application User-facing protocols. Example: HTTP/S (RFC 9110 semantics, HTTP/3 over QUIC), DNS, SMTP, SSH, FTP. ## TCP/IP Model A practical 4-layer alternative to OSI: - Link (OSI 1–2): Ethernet, ARP/ND, Wi-Fi. - Internet (OSI 3): IP, ICMP, routing. - Transport (OSI 4): TCP, UDP, QUIC. - Application (OSI 5–7): HTTP/3, DNS, TLS, SMTP. Host requirements: RFC 1122/1123. ## HTTP Models HTTP defines web interactions: - Semantics (RFC 9110): Methods (GET, POST), status (200, 404), headers. - HTTP/1.1 (RFC 9112): Text-based, chunked transfer, keep-alive. - HTTP/2: Binary, multiplexed over TCP. - HTTP/3 (RFC 9114): Over QUIC (UDP), lower latency. Example: curl --http3 https://example.com uses QUIC for faster handshakes. ## Core Protocols and Services ### DHCP Automates IP assignment (RFC 2131). DORA process: Discover (broadcast), Offer, Request, Acknowledge. UDP 67 (server), 68 (client). Relays forward across subnets. Example Config (ISC DHCP): ``` subnet 10.10.10.0 netmask 255.255.255.0 { range 10.10.10.100 10.10.10.199; option routers 10.10.10.1; option domain-name-servers 10.10.10.53, 10.10.10.54; default-lease-time 3600; max-lease-time 86400; } ``` DHCPv6 (RFC 8415): For IPv6, coexists with SLAAC. ### DNS and Record Types Resolves hostnames to IPs via hierarchy: Root → TLD → Authoritative. DNSSEC for security, DoH/DoT for privacy (2025 standard). Record Types: - A: Hostname → IPv4 (e.g., example.com A 93.184.216.34). - AAAA: Hostname → IPv6 (e.g., AAAA 2606:2800:220:1:248:1893:25c8:1946). - MX: Mail exchange (e.g., MX 10 mail.example.com, priority 10). - CNAME: Alias (e.g., www.example.com CNAME example.com). - NS: Nameserver delegation (e.g., NS ns1.example.com). - TXT: Arbitrary text (e.g., SPF "v=spf1 mx -all", DKIM, DMARC). - PTR: Reverse (e.g., 34.216.184.93.in-addr.arpa PTR example.com). - SRV: Service locator (e.g., \_sip.\_tcp.example.com SRV 10 60 5060 sipserver.example.com, port/protocol/priority/weight). - SOA: Zone authority (primary NS, admin email, serial, refresh/retry/expire/min TTL). - Glue Records: A/AAAA for NS in same zone to avoid loops. - DNSSEC Records: RRSIG (signatures), DNSKEY (keys), DS (delegation signer). Worked Example: dig example.com A → recursive resolution. For DNSSEC: dig +dnssec example.com. ## Layer 2 Protocols ### Spanning Tree Prevents loops. STP (802.1D): Slow convergence. RSTP (802.1w): Fast. MSTP (802.1s): Multiple instances. Example Config: ``` spanning-tree mode rapid-pvst spanning-tree vlan 10 priority 4096 # Root spanning-tree portfast edge default spanning-tree bpduguard enable ``` Worked Example: Triangle topology: Elect root, block one port. ### LACP Bonds links (802.1AX). Active/Passive modes, hashing L2/L3/L4. Linux Example: ``` ip link add bond0 type bond mode 802.3ad miimon 100 lacp_rate fast ip link set enp3s0 master bond0 ip link set enp4s0 master bond0 ip addr add 198.51.100.10/24 dev bond0 ip link set bond0 up ``` Worked Example: Bond two 1G links, pull one—traffic continues. ### Wi-Fi Bands: 2.4GHz (1/6/11 channels in AU), 5GHz (DFS), 6GHz (Wi-Fi 6E/7). Wi-Fi 6 (ax): OFDMA, MU-MIMO. Wi-Fi 7 (be): MLO, 320MHz. Security: WPA3 (SAE, PMF), OWE. Roaming: 802.11k/v/r. hostapd Example: ``` ssid=corp-wlan wpa=2 wpa_key_mgmt=SAE rsn_pairwise=CCMP ieee80211w=2 bss=wlan0_1 ssid=guest-open wpa_key_mgmt=OWE rsn_pairwise=CCMP ieee80211w=2 ``` Worked Example: Channel plan: Use 1/6/11 in 2.4GHz to avoid overlap. ## NAT, VPNs, Proxies, SOCKS5 ### NAT Types: SNAT/PAT (many-to-one), 1:1, Hairpin, NAT64/DNS64 (IPv6 to IPv4, RFC 6146/6147), CGNAT (100.64.0.0/10, RFC 6598). nftables Example: ``` nft add table ip nat nft add chain ip nat postrouting { type nat hook postrouting priority 100 ; } nft add rule ip nat postrouting oif "eth0" masquerade ``` Worked Example: Masquerade 10.0.0.0/24 out eth0; check conntrack -L for mappings. ### VPNs - IPsec: AH (integrity), ESP (confidentiality + integrity). - OpenVPN: User-space, flexible. - WireGuard: Kernel, modern crypto (ChaCha20, Curve25519), UDP, minimal code. WireGuard Config Example (Host A): ``` [Interface] Address = 10.100.0.1/24 PrivateKey = ListenPort = 51820 [Peer] PublicKey = AllowedIPs = 10.100.0.2/32 Endpoint = b.example.net:51820 PersistentKeepalive = 25 ``` Generate keys: wg genkey | tee private.key | wg pubkey > public.key. Start: wg-quick up wg0. Tailscale: WireGuard + control plane for NAT traversal, MagicDNS, ACLs. Quick Start: ``` curl -fsSL https://tailscale.com/install.sh | sh sudo tailscale up --ssh --accept-routes tailscale ip -4; tailscale status ``` Worked Example: Split-tunnel: AllowedIPs = 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 (RFC 1918 only via VPN). ### Proxies and SOCKS5 - HTTP Proxy: App-level, understands HTTP (CONNECT for TLS). - SOCKS5 (RFC 1928): Generic TCP/UDP relay, UDP associate. Example: ``` ssh -D 1080 user@bastion # SOCKS5 curl --socks5 localhost:1080 https://example.com ``` Worked Example: UDP test with socat: socat UDP-RECV:5300 PROXY:127.0.0.1:239.1.1.1:5300,socksport=1080. Reverse Proxy: Ingress (e.g., Nginx for TLS offload). ## ARP and Neighbor Discovery ARP: Resolves IP to MAC on link (RFC 826). Example: tcpdump arp shows "Who has?" requests. ND: IPv6 version (RFC 4861), ICMPv6 for solicitation/advertisement. Worked Example: sudo tcpdump -i eth0 arp → Trigger with ping; see request/reply. ## Troubleshooting Workflow Logical layer-by-layer approach: - L1: Link lights, cable seating, polarity, IEC power, PSU LEDs. Test with certifier, ethtool eth0 for speed/duplex. - L2: MAC tables (show mac address-table), duplex mismatches (CRC errors), VLAN tags (tcpdump vlan), STP state, LACP status. - L3: Ping/traceroute, ARP/ND (ip neigh), routes (ip route get), subnet masks. - L4-7: Ports (netstat -tuln), TCP flags (tcpdump tcp), DNS (dig), firewalls (nft list ruleset). - Cross-Layer: Batfish for config validation, Python for automation. Worked Example: Duplex mismatch: ethtool shows half-duplex; symptoms: collisions, low throughput. Fix: force full-duplex. Heuristics: Breaks at 64KB → MTU. Breaks after 10min → ARP expiry. ## Hands-On Labs (Verbal Walkthroughs) These are narrated as if spoken, for listening while setting up. Labs use GNS3 (virtual topologies), Docker (containers), Terraform (IaC), Python (scripts), LocalStack (AWS simulation), AWS (real cloud). ### Lab 1: Cables, Power, and ARP Goal: Verify physical connectivity and ARP resolution. Verbal Walkthrough: First, the basics: power and cabling. In your lab, use IEC C13 to C14 for switches—check LEDs for dual PSUs on separate PDUs. For cables, use Cat6a for 10G up to 100m. Now ARP: Two Docker containers on a network. When one pings, it sends "Who has IP?" broadcast. Watch with tcpdump. Steps: 1. docker network create testnet --subnet 172.18.0.0/24 2. docker run -it --net testnet --name host1 alpine sh (repeat for host2) 3. In host1: ping host2 4. Host: tcpdump -i br- arp -vv 5. Expected: "Who has?" request, reply with MAC. Debug: Check subnet (ip addr), interfaces up. 6. Extend: Add fiber simulation in GNS3—virtual link with OM4 for 150m 100G. ### Lab 2: Switching, VLANs, and Spanning Tree Goal: Setup VLANs, observe STP loop prevention. Verbal Walkthrough: Drop two switches in GNS3, connect in loop—broadcast storm without STP. Enable RSTP, set root priority. Add VLANs 10/20, trunk ports. Hosts in different VLANs can't talk without router. Steps: 1. GNS3: Two IOSvL2 switches, two links (loop). 2. Config: spanning-tree mode rapid-pvst; vlan 10; switchport mode trunk on ports. 3. Set root: spanning-tree vlan 10 priority 4096 on one. 4. Show spanning-tree: One port blocked. 5. Pull link: Reconvergence <1s. 6. Expected: Root elected, ports alternate/blocking. Debug: tcpdump stp for BPDUs. ### Lab 3: Link Aggregation with LACP Goal: Bond links for redundancy/bandwidth. Verbal Walkthrough: Connect two links host-to-switch. Without LACP, STP blocks one. Enable LACP active, hash L3+L4. Pull cable—no downtime. Steps: 1. Linux: ip link add bond0 type bond mode 802.3ad miimon 100 lacp_rate fast 2. Add slaves: ip link set enp3s0 master bond0 (repeat). 3. IP: ip addr add 198.51.100.10/24 dev bond0; up. 4. Switch: interface Port-channel1; channel-group 1 mode active on ports. 5. cat /proc/net/bonding/bond0 6. Expected: Slaves up, hashing. Debug: ethtool bond0. ### Lab 4: Routing with OSPF Goal: Dynamic routing with ECMP. Verbal Walkthrough: Three FRR containers in triangle. Config OSPF networks in area 0. Adjacencies form, routes populate with multiple next-hops. Pull link—converges to alternate path. Steps: 1. Docker Compose: Three FRR, networks 10.0.12.0/24, etc. 2. frr.conf: router ospf; network 10.0.12.0/24 area 0 (repeat). 3. vtysh -c "show ip ospf neighbor" 4. Show ip route: ECMP. 5. Expected: Full adjacencies, balanced paths. Debug: debug ip ospf adj. ### Lab 5: Border Routing with BGP Goal: eBGP peering with policy and RPKI. Verbal Walkthrough: Two AS, config eBGP, advertise prefixes. Add LOCAL_PREF policy. Enable RPKI—invalid origins rejected. Steps: 1. Docker: r1 (AS65001), r2 (AS65002). 2. frr.conf: router bgp 65001; neighbor remote-as 65002; network 203.0.113.0/24. 3. Add rpki cache; validation-state invalid reject. 4. Show bgp summary: Established. 5. Expected: Routes with valid state. Debug: show bgp ipv4 uni. ### Lab 6: NAT and DHCP Goal: Assign IPs, NAT private to public. Verbal Walkthrough: DNSMasq for DHCP in Docker. Client requests IP via DORA. NAT with nftables—masquerade traffic out. Steps: 1. docker network create dhcpnet --subnet 172.31.0.0/24 2. DNSMasq: docker run -d --net dhcpnet --ip 172.31.0.2 jpillora/dnsmasq --dhcp-range=172.31.0.100,172.31.0.199,12h 3. Client: docker run -it --net dhcpnet alpine udhcpc -i eth0 -vv 4. NAT: nft add rule ip nat postrouting oif eth0 masquerade 5. Test: Client curls external site. 6. Expected: DORA in logs, NAT connections. Debug: conntrack -L. ### Lab 7: VPNs and Proxies Goal: Tunnel with WireGuard/Tailscale, proxy with SOCKS5. Verbal Walkthrough: WireGuard keys, config peers, ping tunnel. Tailscale for NAT traversal. SOCKS5 with ssh -D, curl through it. Steps: 1. WireGuard: wg genkey, config wg0, wg-quick up. 2. Tailscale: tailscale up, check status. 3. SOCKS5: ssh -D 1080 bastion; curl --socks5 localhost:1080 https://example.com 4. Expected: Handshake, relayed traffic. Debug: wg show. ### Lab 8: Overlay Networks (VXLAN/EVPN) Goal: Stretch L2 over L3. Verbal Walkthrough: FRR with VXLAN interfaces, map VLAN to VNI, BGP EVPN distributes MAC/IP. Steps: 1. Docker FRR: Create VXLAN1000, enable EVPN. 2. Test: Remote hosts in same VLAN communicate. 3. Expected: show bgp l2vpn evpn shows mappings. Debug: tcpdump vxlan. ### Lab 9: Cloud Integration with LocalStack and Terraform Goal: VPC with subnets, toggle local/real AWS. Verbal Walkthrough: LocalStack docker, Terraform provider with mode var. Create VPC/subnet/IGW. Verify describe-subnets. Switch to AWS. Steps: 1. docker run localstack 2. Terraform: variable mode, providers.tf with endpoints for local. 3. main.tf: aws_vpc lab { cidr_block = "10.0.0.0/16" } 4. apply -var mode=local 5. aws --endpoint http://localhost:4566 ec2 describe-subnets 6. Change mode=aws, apply. 7. Expected: VPC in both. Debug: Terraform logs. ### Lab 10: Troubleshooting Scenarios Goal: Simulate/debug issues. Verbal Walkthrough: Pull fiber—link down logs. Mis-trunk VLAN—tcpdump untagged drops. Mismatch OSPF areas—no adjacencies. AS_PATH loop—route dropped. Steps: 1. GNS3: Break link, check logs. 2. VLAN: tcpdump vlan. 3. OSPF: show ip ospf neighbor. 4. BGP: show bgp summary. 5. Expected: Layer-by-layer diagnosis. Debug: Batfish reachability queries. ## Networking Trivia Questions and Answers with Explanations Verbose trivia section for reinforcement. Q1. How many layers in OSI, including joke? A: 9 (7 official + user, financial). Explanation: OSI organizes protocols; joke layers highlight human/financial issues. Q2. RFC for TCP/IP hosts? A: 1122 (L3–4), 1123 (L5–7). Explanation: Define end-host behavior for interoperability. Q3. OSI layer for TLS? A: Presentation (L6). Explanation: Handles encryption/formatting. Q4. Cat6a max distance at 10G? A: 100m. Explanation: Controls crosstalk; Cat6 limited to 55m. Q5. Multimode vs single-mode fiber? A: Multimode: larger core, short distance; single-mode: small core, long distance. Explanation: Dispersion in multimode limits range. Q6. Dominant fiber connector? A: LC duplex for serial, MPO/MTP for parallel. Explanation: LC compact; MPO for multi-fiber. Q7. IEC connectors for servers? A: C13/C14 standard, C19/C20 high-draw. Explanation: Match amperage to avoid overloads. Q8. Max VLANs in 802.1Q? A: 4094. Explanation: 12-bit ID, reserves 0/4095. Q9. STP purpose? A: Prevent Ethernet loops. Explanation: Blocks redundant paths to stop storms. Q10. STP vs RSTP vs MSTP? A: STP slow, RSTP fast, MSTP VLAN-mapped. Explanation: RSTP <1s convergence; MSTP scales large networks. Q11. WPA3 replaces what? A: WPA2-PSK with SAE. Explanation: Resists dictionary attacks. Q12. Wi-Fi standard with OFDMA? A: 802.11ax (Wi-Fi 6). Explanation: Subdivides channels for multi-user efficiency. Q13. IPv4 Class B private range? A: 172.16.0.0/12. Explanation: RFC 1918 for non-routable IPs. Q14. 169.254.0.0/16 meaning? A: APIPA link-local. Explanation: Auto-config on DHCP fail. Q15. IPv6 APIPA equivalent? A: fe80::/10 link-local. Explanation: Mandatory for ND. Q16. Anycast? A: One address, multiple locations; routing picks nearest. Explanation: Scales DNS/CDNs. Q17. Incast? A: Many-to-one buffer overflow in DCs. Explanation: Mitigate with ECN/DCTCP. Q18. DNS ports? A: 53 UDP (queries), TCP (transfers). Explanation: TCP for large responses. Q19. QUIC replaces? A: TCP + TLS over UDP. Explanation: Low-latency for HTTP/3. Q20. DNS A record? A: Hostname to IPv4. Explanation: Basic resolution. Q21. AAAA record? A: Hostname to IPv6. Explanation: Quad A for 128-bit. Q22. MX record? A: Mail exchange with priority. Explanation: Routes email. Q23. CNAME? A: Alias to hostname. Explanation: Redirects without duplication. Q24. NS record? A: Nameserver delegation. Explanation: Points to authoritative servers. Q25. TXT record? A: Text for SPF/DKIM/DMARC. Explanation: Email security policies. Q26. PTR record? A: IP to name (reverse). Explanation: Logging/validation. Q27. SRV record? A: Service locator (port/protocol/priority/weight). Explanation: e.g., SIP servers. Q28. SOA record? A: Zone authority (serial/timers). Explanation: Manages replication. Q29. Glue records? A: A/AAAA for NS in same zone. Explanation: Breaks circular queries. Q30. DNSSEC? A: Adds RRSIG/DNSKEY/DS for signing. Explanation: Prevents poisoning. Q31. OSPF algorithm? A: Dijkstra SPF. Explanation: Computes paths from link-state. Q32. OSPF backbone? A: Area 0. Explanation: Inter-area connectivity. Q33. iBGP vs eBGP? A: iBGP intra-AS, eBGP inter-AS; iBGP split-horizon. Explanation: Requires reflectors/mesh. Q34. BGP outbound attribute? A: LOCAL_PREF. Explanation: Higher preferred. Q35. BGP inbound? A: AS_PATH prepend/communities. Explanation: Influences peers. Q36. RPKI? A: Validates prefix origins. Explanation: Cryptographic anti-hijack. Q37. IPsec ESP vs AH? A: ESP encrypts + authenticates; AH authenticates only. Explanation: ESP for privacy. Q38. WireGuard speed? A: Small code, modern crypto, kernel. Explanation: Beats legacy VPNs. Q39. Tailscale base? A: WireGuard + DERP + control plane. Explanation: Easy NAT traversal. Q40. HTTP vs SOCKS5 proxy? A: HTTP parses web; SOCKS5 forwards raw. Explanation: SOCKS5 protocol-agnostic. Q41. Proxy ports? A: 3128, 8080, 1080. Explanation: Defaults like Squid. Q42. Duplex mismatch? A: Collisions, CRC errors, low throughput. Explanation: Full/half mismatch. Q43. Ping of death? A: Oversized ICMP >65k bytes. Explanation: Crashed old stacks. Q44. Smurf attack? A: Spoofed ICMP to broadcast. Explanation: Amplification DDoS. Q45. ARP outside subnet? A: No response; to gateway. Explanation: Link-local only. Q46. Hosts in /26? A: 62 usable. Explanation: 64 total -2. Q47. IPv4 max TTL? A: 255. Explanation: Hop decrement. ## 2025 Trends QUIC/HTTP/3 mainstream. Zero Trust identity-based. RPKI/ASPA secure BGP. EVPN/VXLAN replace VLANs. SRv6 path control. L4S low-latency. eBPF/P4 programmable networks. ## Appendix: Quick Reference and Sources - IPv4 Private: 10/8, 172.16/12, 192.168/16. - Sources: RFCs (1918, 9000, etc.), IEEE, Wi-Fi Alliance, FRR docs, WireGuard whitepaper, Tailscale.