Learn/cs fundamentals/Computer Networks
Intermediate~18 min read

Computer Networks

OSI model, TCP/IP stack, HTTP/HTTPS, DNS, TCP vs UDP, and TLS — how the internet works.

TCP/IPHTTPDNSOSI Model

How the Internet Works

Computer networks allow machines to exchange data. The internet is a global network of networks, bound together by agreed-upon protocols. Understanding networking is essential for building APIs, debugging latency, implementing authentication, and understanding security.

The OSI Model (7 Layers)

The OSI (Open Systems Interconnection) model is a conceptual framework that describes how data moves from one device to another through seven distinct layers. Each layer has a specific responsibility and communicates with the layers directly above and below it.

#LayerRoleExamples
7ApplicationHuman-facing protocolsHTTP, HTTPS, DNS, FTP, SMTP, WebSocket
6PresentationData encoding, encryption, compressionTLS/SSL, JSON, XML, JPEG encoding
5SessionSession management, authenticationSession tokens, TLS handshake setup
4TransportEnd-to-end delivery, ports, flow controlTCP, UDP
3NetworkLogical addressing, routingIP, ICMP, routers
2Data LinkNode-to-node transfer, MAC addressesEthernet, Wi-Fi, switches
1PhysicalBits over a mediumCables, fibre, radio waves, voltage

Memory trick

"All People Seem To Need Data Processing" — Application, Presentation, Session, Transport, Network, Data Link, Physical.

TCP vs UDP

Both TCP and UDP operate at Layer 4 (Transport). They take data from applications, wrap it with port numbers, and hand it to IP for routing.

FeatureTCPUDP
ConnectionConnection-oriented (3-way handshake)Connectionless
ReliabilityGuaranteed delivery, retransmissionBest-effort, no retransmission
OrderingIn-order deliveryMay arrive out of order or not at all
SpeedSlower (overhead of ACK, retransmit)Faster, low latency
Use casesHTTP/HTTPS, email, file transfer, SSHDNS, video streaming, online gaming, VoIP

TCP 3-Way Handshake

Client                    Server
  |  -- SYN (seq=x) ------>  |   Client: "I want to connect, my seq starts at x"
  |  <-- SYN-ACK (seq=y, ack=x+1) -- |   Server: "OK, my seq starts at y, ack your x"
  |  -- ACK (ack=y+1) ---->  |   Client: "Confirmed"
  |     CONNECTION OPEN      |

// Connection close: FIN → FIN-ACK → FIN → ACK (4-way)

HTTP and HTTPS

HTTP (HyperText Transfer Protocol) is the application-layer protocol of the web. It's request-response: a client sends a request, the server replies. HTTPS wraps HTTP in TLS for encryption.

HTTP Methods

MethodMeaningIdempotent
GETRetrieve resource; no body in requestYes
POSTCreate resource or submit data; body requiredNo
PUTReplace entire resource at URIYes
PATCHPartially update resourceDepends
DELETEDelete resourceYes
OPTIONSList allowed methods (preflight for CORS)Yes

Common Status Codes

RangeCodes
2xx Success200 OK · 201 Created · 204 No Content
3xx Redirect301 Moved Permanently · 302 Found · 304 Not Modified
4xx Client Error400 Bad Request · 401 Unauthorized · 403 Forbidden · 404 Not Found · 409 Conflict · 422 Unprocessable
5xx Server Error500 Internal Server Error · 502 Bad Gateway · 503 Service Unavailable · 504 Gateway Timeout

DNS — Domain Name System

DNS is the internet's phone book — it translates human-readable hostnames (e.g., google.com) into IP addresses. It's a hierarchical, distributed database.

// DNS resolution for "www.example.com":
1. Browser cache? → use it
2. OS resolver cache (/etc/hosts)? → use it
3. Recursive resolver (ISP or 8.8.8.8):
   a. Ask root nameserver → "I don't know, ask .com TLD server"
   b. Ask .com TLD server  → "I don't know, ask example.com nameserver"
   c. Ask example.com NS   → "www is at 93.184.216.34"
4. Cache result with TTL, return to browser

// Record types:
A     → IPv4 address
AAAA  → IPv6 address
CNAME → Canonical name alias (redirect to another hostname)
MX    → Mail exchange server
TXT   → Arbitrary text (SPF, DKIM, domain verification)

TLS — Transport Layer Security

TLS (what people often call SSL) encrypts data between client and server. HTTPS = HTTP over TLS. TLS ensures: confidentiality (encrypted), integrity (tamper detection), and authentication (server identity via certificate).

// TLS 1.3 handshake (simplified)
Client → Server:  ClientHello (supported cipher suites, key share)
Server → Client:  ServerHello (chosen cipher, key share, certificate)
Client:           Verify certificate against trusted CAs
Client → Server:  Finished (encrypted with shared secret)
Server → Client:  Finished
// Handshake complete — all subsequent data is encrypted

// The shared secret is derived via key exchange (e.g., ECDHE)
// without ever transmitting the secret itself over the wire

IP Addressing

Every device on a network has an IP address — a unique identifier. IPv4 uses 32-bit addresses (e.g., 192.168.1.1); IPv6 uses 128-bit (e.g., 2001:db8::1). CIDR notation (e.g., 192.168.1.0/24) specifies a range — the /24 means 24 bits are the network prefix, leaving 8 bits for hosts (256 addresses).

Private IP ranges (RFC 1918): 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16. These are not routable on the public internet — NAT (Network Address Translation) maps them to public IPs.

Key Takeaways

  • OSI has 7 layers; in practice, focus on 4 (Transport: TCP/UDP), 3 (Network: IP), and 7 (Application: HTTP/DNS).
  • TCP = reliable, ordered, connection-oriented. UDP = fast, unreliable, connectionless.
  • HTTP is stateless — cookies and sessions add state on top of it.
  • DNS TTL controls how long answers are cached; low TTL means faster propagation, more DNS queries.
  • TLS encrypts with symmetric keys exchanged asymmetrically — the certificate proves who you're talking to.