10. Networking Basics

Understanding networking fundamentals is essential for system design. Every distributed system relies on networks for communication between clients, servers, services, and databases.

OSI Model

The Open Systems Interconnection model defines 7 layers of networking:

Layer Name Protocol Examples System Design Relevance
7 Application HTTP, HTTPS, DNS, gRPC, WebSocket API design, load balancing (L7)
6 Presentation SSL/TLS, JPEG, JSON encoding Encryption, data serialization
5 Session Session management WebSocket connections
4 Transport TCP, UDP Reliability, load balancing (L4)
3 Network IP, ICMP Routing, subnets, VPCs
2 Data Link Ethernet, ARP LAN communication
1 Physical Cables, fiber, wireless Hardware infrastructure

In practice, the TCP/IP model (4 layers) is more commonly referenced:

┌─────────────────┐
│   Application   │  HTTP, DNS, gRPC
├─────────────────┤
│   Transport     │  TCP, UDP
├─────────────────┤
│   Internet      │  IP
├─────────────────┤
│   Network       │  Ethernet, WiFi
│   Access        │
└─────────────────┘

IP (Internet Protocol)

Every device on a network has an IP address — a unique identifier for routing packets.

IPv4

  • 32-bit address: 192.168.1.100
  • ~4.3 billion addresses (exhausted).
  • Private ranges: 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16.

IPv6

  • 128-bit address: 2001:0db8:85a3:0000:0000:8a2e:0370:7334
  • ~ addresses.
  • Gradually replacing IPv4.

CIDR (Classless Inter-Domain Routing)

Notation for IP ranges:

10.0.0.0/24 = 10.0.0.0 to 10.0.0.255 (256 addresses)
10.0.0.0/16 = 10.0.0.0 to 10.0.255.255 (65,536 addresses)
10.0.0.0/8  = 10.0.0.0 to 10.255.255.255 (16.7 million addresses)

The number after / is the subnet mask bits. The remaining bits define the host range.

TCP (Transmission Control Protocol)

A connection-oriented, reliable transport protocol.

Three-Way Handshake

Client ──[SYN]──→ Server         # Client requests connection
Client ←──[SYN-ACK]── Server     # Server acknowledges
Client ──[ACK]──→ Server         # Client confirms → Connection established

Connection Teardown (Four-Way Handshake)

Client ──[FIN]──→ Server         # Client wants to close
Client ←──[ACK]── Server         # Server acknowledges
Client ←──[FIN]── Server         # Server wants to close
Client ──[ACK]──→ Server         # Client acknowledges → Connection closed

TCP Features

Feature Description
Ordered delivery Packets arrive in sequence
Reliable delivery Lost packets are retransmitted
Flow control Receiver controls send rate (sliding window)
Congestion control Adapts to network congestion (slow start, AIMD)
Error detection Checksums detect corruption

TCP Use Cases

  • HTTP/HTTPS (web traffic)
  • Database connections
  • File transfers (FTP, SFTP)
  • Email (SMTP, IMAP)
  • SSH

UDP (User Datagram Protocol)

A connectionless, unreliable transport protocol.

Client ──[Datagram]──→ Server    # No handshake, no ACK, no ordering

UDP Characteristics

Feature Description
No connection setup No handshake overhead
No guaranteed delivery Packets may be lost
No ordering Packets may arrive out of order
No congestion control Sender sends at whatever rate
Low overhead Minimal header (8 bytes vs TCP's 20+ bytes)
Fast Much lower latency than TCP

UDP Use Cases

  • DNS queries
  • Video/audio streaming (RTP)
  • Online gaming
  • VoIP (Voice over IP)
  • IoT sensor data
  • QUIC (HTTP/3 transport layer)

DNS (Domain Name System)

DNS translates domain names to IP addresses — the "phone book" of the internet.

DNS Resolution Flow

Browser → "What is google.com?"
    │
    ├─→ Browser cache (check first)
    ├─→ OS cache (/etc/hosts)
    ├─→ Local DNS Resolver (ISP or 8.8.8.8)
    │       │
    │       ├─→ Resolver cache (check first)
    │       ├─→ Root DNS Server → "Ask .com TLD server"
    │       ├─→ TLD Server (.com) → "Ask ns1.google.com"
    │       └─→ Authoritative Server → "142.250.80.46"
    │
    └─→ Browser caches result, connects to 142.250.80.46

DNS Record Types

Record Purpose Example
A Map domain to IPv4 example.com → 93.184.216.34
AAAA Map domain to IPv6 example.com → 2606:2800:220:1:248:...
CNAME Alias one domain to another www.example.com → example.com
MX Mail server example.com → mail.example.com
NS Nameserver for the domain example.com → ns1.example.com
TXT Arbitrary text (verification, SPF) example.com → "v=spf1 ..."
SRV Service discovery (host + port) _sip._tcp.example.com → sipserver.example.com:5060
PTR Reverse DNS (IP → domain) 34.216.184.93 → example.com

DNS in System Design

Pattern Description
GeoDNS Return different IPs based on client location
DNS load balancing Return multiple A records; client picks one (round-robin)
Failover Health-checked DNS records; remove unhealthy IPs
Low TTL Short cache time allows fast IP changes (failover)
High TTL Long cache time reduces DNS lookup overhead

DNS TTL Trade-offs

Low TTL (e.g., 60s) High TTL (e.g., 86400s)
Fast failover Slow failover
More DNS queries Fewer DNS queries
Higher DNS load Lower DNS load
Quick IP changes Stale IPs possible

HTTP/HTTPS

HTTP/1.1

  • One request per TCP connection (or keep-alive with pipelining).
  • Text-based headers.
  • Head-of-line blocking: second request waits for first to complete.

HTTP/2

  • Multiplexing: Multiple requests over a single TCP connection.
  • Header compression (HPACK): Reduces header overhead.
  • Server push: Server sends resources before client requests them.
  • Binary framing: More efficient than text.
  • Stream prioritization: Important resources first.

HTTP/3 (QUIC)

  • Built on UDP instead of TCP.
  • Eliminates TCP head-of-line blocking.
  • Built-in TLS 1.3 (encrypted by default).
  • Faster connection setup (0-RTT).
  • Better performance on lossy/mobile networks.
HTTP/1.1:  [TCP handshake] + [TLS handshake] + [Request] = 3+ RTTs
HTTP/2:    [TCP handshake] + [TLS handshake] + [Multiplexed requests] = 2+ RTTs
HTTP/3:    [QUIC handshake (includes TLS)] + [Request] = 1 RTT (0-RTT on reconnect)

HTTPS (TLS/SSL)

Client ──[ClientHello]──→ Server
Client ←──[ServerHello + Certificate]── Server
Client ──[Key Exchange]──→ Server
Client ←→ [Encrypted Application Data] ←→ Server

TLS versions:
| Version | Status | Notes |
|---------|--------|-------|
| SSL 3.0 | Deprecated | Insecure (POODLE attack) |
| TLS 1.0 | Deprecated | Insecure |
| TLS 1.1 | Deprecated | Insecure |
| TLS 1.2 | Active | Widely used, secure |
| TLS 1.3 | Active | Fastest, most secure, recommended |

Network Design for Distributed Systems

VPC (Virtual Private Cloud)

An isolated network within a cloud provider:

┌──────────────────── VPC (10.0.0.0/16) ──────────────────────┐
│                                                              │
│  ┌──── Public Subnet (10.0.1.0/24) ────┐                   │
│  │ [Load Balancer] [Bastion Host]       │ ← Internet access │
│  └──────────────────────────────────────┘                   │
│                      │                                       │
│  ┌──── Private Subnet (10.0.2.0/24) ───┐                   │
│  │ [App Server 1] [App Server 2]        │ ← No direct       │
│  └──────────────────────────────────────┘   internet access  │
│                      │                                       │
│  ┌──── Private Subnet (10.0.3.0/24) ───┐                   │
│  │ [Database Primary] [Database Replica] │ ← Most restricted │
│  └──────────────────────────────────────┘                   │
│                                                              │
└──────────────────────────────────────────────────────────────┘

Latency Reference (Datacenter to Datacenter)

Route Approximate Latency
Same rack < 0.5 ms
Same datacenter 0.5-1 ms
Same region (different AZ) 1-2 ms
Cross-region (US East ↔ US West) 40-70 ms
Cross-continent (US ↔ Europe) 80-120 ms
US ↔ Asia 150-200 ms

Bandwidth vs Throughput vs Latency

Concept Definition Analogy
Bandwidth Maximum data transfer rate of a link Width of a highway
Throughput Actual data transfer rate achieved Number of cars passing per hour
Latency Time for one unit of data to travel from A to B Time for one car to drive end-to-end

Bandwidth-Delay Product (BDP):

The amount of data "in flight" on the network at any given time.

Summary

Concept Key Point
TCP Reliable, ordered — use for most application communication
UDP Fast, unreliable — use for streaming, gaming, DNS
DNS Domain → IP resolution; use for load balancing and failover
HTTP/2 Multiplexing over single TCP connection
HTTP/3 UDP-based (QUIC), fastest connection setup
VPC Isolated cloud network with public/private subnets
Latency Within DC: <1ms; cross-continent: 100-200ms