-
Notifications
You must be signed in to change notification settings - Fork 0
EN_Network
somaz edited this page Mar 30, 2026
·
25 revisions
A summary of networking concepts for DevOps engineers. Click each link for full details.
- HTTP: Protocol for transferring data between browser and server without encryption
- HTTPS: Encrypted HTTP using SSL/TLS
- TLS (Transport Layer Security): Successor to SSL — stronger encryption
- HTTP Methods: GET(read), POST(create), PUT(full update), PATCH(partial update), DELETE(remove)
- Idempotent: Same request sent multiple times yields the same result (GET, PUT, DELETE)
- HTTP Status Codes: 2xx(success), 3xx(redirect), 4xx(client error), 5xx(server error)
- IPsec VPN: Encrypts entire IP packets at OSI Layer 3
- SSL/TLS VPN: Encrypts application data at OSI Layer 5-6 (web-based)
- Physical (Layer 1): Electrical signal transmission (Ethernet, Wi-Fi)
- Data Link (Layer 2): Reliable data transfer, MAC addresses (Ethernet, PPP)
- Network (Layer 3): Routing and packet forwarding (IP, ICMP, ARP, BGP)
- Transport (Layer 4): Data delivery guarantee and error recovery (TCP, UDP)
- Session (Layer 5): Connection management (NetBIOS, RPC)
- Presentation (Layer 6): Data format conversion and encryption (SSL, JPEG)
- Application (Layer 7): Application services (HTTP, FTP, DNS, SMTP)
- BGP (Border Gateway Protocol): Standard internet backbone routing protocol (EGP between ASes)
- OSPF: Link State algorithm-based intra-AS routing (IGP)
- AS (Autonomous System): A group of routers under one administrative policy
- AS-PATH: BGP path attribute showing the sequence of ASes
- Hub & Spoke: Network topology with a central hub and multiple spokes
- NAT/PAT: IP/port address translation for private network internet access
- Recursive DNS: Queries Root → TLD → Authoritative on behalf of the client
- Authoritative DNS: Server that holds the actual IP for a domain
- TTL: Cache validity duration for DNS records
- DNS Records: A(IPv4), AAAA(IPv6), CNAME(alias), MX(mail), TXT(verification)
- DNSSEC: Verifies DNS response integrity using digital signatures
- DNS Cache Poisoning: Attack that hijacks traffic by injecting forged DNS responses
- Reverse Proxy: Receives requests on behalf of backend servers (NGINX, HAProxy)
- Forward Proxy: Sends requests on behalf of clients
- Load Balancing Algorithms: Round Robin, Least Connections, IP Hash, Weighted
- SSL Termination: Centralized SSL encryption/decryption at the reverse proxy
- Circuit Breaker: Isolates failing services to prevent cascade failures
- Service Mesh: Infrastructure layer managing microservice-to-microservice communication (Istio, Linkerd)
- Sidecar Pattern: Proxy container deployed alongside each service (Envoy)
- mTLS: Mutual TLS authentication between services
- API Gateway: Single entry point for all client requests (Rate Limiting, Auth, Routing)
- MTU (Maximum Transmission Unit): Maximum packet size per transmission (default 1500 bytes)
- MSS (Maximum Segment Size): Max TCP data size = MTU - IP Header - TCP Header
- PMTUD (Path MTU Discovery): Automatically discovers the minimum MTU along a path
- BPF (Berkeley Packet Filter): Packet filtering expressions used by tcpdump and Wireshark
- TCP Congestion Control: Slow Start → Congestion Avoidance → Fast Recovery
- ARP Spoofing: Attack that modifies MAC-IP mapping using forged ARP replies
- STP (Spanning Tree Protocol): Loop prevention protocol (IEEE 802.1D)
Covers the difference between HTTP and HTTPS communication, TLS encryption, and the certificate-based trust model that underpins secure web traffic.
→ Details
Explains the OSI 7-layer and TCP/IP 4-layer models, the AS system, BGP routing protocol, STP/RSTP loop prevention, and Hub & Spoke network architecture with real-world examples.
→ Details
Covers how DNS resolution works, key record types, and a comparison of IPsec VPN vs SSL/TLS VPN with practical selection criteria for each use case.
→ Details
Compares Service Mesh (Istio, Linkerd) vs API Gateway — when to use each — and explains Reverse Proxy architecture, load balancing algorithms, and SSL termination patterns.
→ Details