Skip to main content

Documentation Index

Fetch the complete documentation index at: https://resources.devweekends.com/llms.txt

Use this file to discover all available pages before exploring further.

Networking Mastery Course

Welcome to the Networking Mastery course! This comprehensive course takes you from networking fundamentals to advanced topics like container networking and service mesh, with practical scenarios that explain how real systems work.
TCP/IP Stack Overview
Course Duration: 40-50 hours
Difficulty: Beginner to Advanced
Prerequisites: Basic computer literacy

Course Overview

This course is designed to give you both breadth and depth in networking. We cover:

Fundamentals

OSI/TCP-IP models, protocols, and how the internet works

IP & Subnetting

CIDR, private/public IPs, subnetting calculations

NAT & Routing

How private networks access internet, BGP, OSPF

DNS Deep Dive

Zones, records, propagation, troubleshooting

Security

Firewalls, Security Groups, NACLs, Zero Trust

Cloud & Containers

AWS VPC, Docker, Kubernetes networking

What Makes This Course Different

Real-World Scenarios

Complete end-to-end flows: “What happens when you type google.com?”

Practical Examples

Actual commands, configurations, and troubleshooting steps

Common Confusions Addressed

“Can two companies use the same private IP?” - We explain it all.

Interview Ready

Covers topics frequently asked in system design interviews

Course Structure

Part 1: Foundations (Modules 1-6)

ModuleTopicKey Concepts
1OverviewNetwork types, Internet basics
2OSI & TCP/IP Models7 layers, encapsulation
3Physical & Data LinkMAC addresses, Ethernet, switching
4Network LayerIP addressing basics, routing intro
5Transport LayerTCP vs UDP, handshakes, flow control
6Application LayerHTTP, DNS, DHCP

Part 2: Security & Advanced Basics (Modules 7-8)

ModuleTopicKey Concepts
7Network SecurityFirewalls, VPNs, TLS, attacks
8Advanced NetworkingSDN, Cloud basics, IPv6 intro

Part 3: Deep Dives (Modules 9-15)

ModuleTopicKey Concepts
9IP Addressing MasteryCIDR, subnetting, private vs public
10NAT Deep DivePAT, NAT Gateway, port forwarding
11Routing MasteryStatic/dynamic, BGP, OSPF, route tables
12DNS Deep DiveZones, records, TTL, propagation
13Load BalancingL4/L7, algorithms, reverse proxies
14TroubleshootingTools, techniques, common issues
15VPNs & TunnelingIPsec, OpenVPN, WireGuard

Part 4: Real World (Modules 16-18)

ModuleTopicKey Concepts
16Network ScenariosEnd-to-end flows, common patterns
17Firewalls & Security Groupsiptables, NACLs, Zero Trust
18Container NetworkingDocker, Kubernetes, Service Mesh

Who This Course Is For

  • Software Engineers who want to understand what happens beneath the API calls
  • DevOps Engineers deploying and troubleshooting cloud infrastructure
  • Cloud Architects designing VPCs and network topologies
  • Anyone preparing for system design interviews
  • Curious minds who want to truly understand how the internet works

Prerequisites

  • Basic understanding of computers and command line
  • No prior networking knowledge required
  • Access to a computer for hands-on practice (optional but recommended)

1.1 What is a Computer Network?

A computer network is a set of computers sharing resources located on or provided by network nodes. The computers use common communication protocols over digital interconnections to communicate with each other. Think of a network like a postal system. Every house (device) has an address. Roads (links) connect houses. And everyone agrees on the same conventions — you write the address on the front, put a stamp on it, and the postal service knows how to deliver it. Without those shared rules, mail would never arrive. Networking protocols serve exactly the same purpose for data.

Key Components

  • Nodes: Devices like computers, servers, phones — any endpoint that can send or receive data. Your smart thermostat counts.
  • Links: Physical or wireless connections (cables, fiber, Wi-Fi). These are the “roads” data travels over.
  • Protocols: Rules governing data exchange (TCP/IP, HTTP). Without protocols, two devices would be like people shouting at each other in different languages.
Common Misconception: Many beginners think “the network” is the internet. The internet is one network — the biggest one — but your home Wi-Fi is also a network, and so is the Bluetooth connection between your phone and earbuds. Networks exist at every scale.

1.2 Types of Networks

  • LAN (Local Area Network): Connects devices within a limited area (home, office). When you print from your laptop to your office printer, that is LAN traffic. Typical speeds: 1 Gbps over Ethernet. Latency is under 1 ms because everything is physically close.
  • WAN (Wide Area Network): Covers a broad area (e.g., the Internet). When you access a website hosted in another country, your data crosses a WAN. Higher latency (50-200 ms) because of the physical distance and the number of routers (hops) in between.
  • MAN (Metropolitan Area Network): Connects users across a city. Think of a university campus with multiple buildings linked by fiber, or a city-wide municipal Wi-Fi network.
  • PAN (Personal Area Network): Individual workspace (Bluetooth, AirDrop). Range is typically under 10 meters.
Practical tip: When troubleshooting, knowing the network type helps you narrow the problem. If only your device is affected, it is likely a PAN or LAN issue. If everyone in the office is affected, it is a LAN problem. If users across multiple offices are affected, look at the WAN link.

1.3 The Internet

The Internet is a global system of interconnected computer networks that use the Internet protocol suite (TCP/IP) to link devices worldwide. It is not one network owned by one company — it is a network of networks, stitched together by agreements between thousands of organizations (ISPs, cloud providers, universities, governments).

How it works (High Level)

  1. Client sends a request (e.g., your browser asks for google.com).
  2. Router directs the traffic — like a postal sorting office reading the destination address and forwarding the letter to the next stop.
  3. ISP connects your local network to the internet backbone — the high-capacity fiber links that span continents.
  4. Server processes the request and sends a response back through the same chain in reverse.

What actually happens at the packet level

When you click a link, your browser does not send a single message. It sends many small packets — typically 1,500 bytes each. Each packet carries the destination address (IP) and a sequence number so the receiver can reassemble them in the correct order, even if packets arrive via different routes. This is like tearing a book into pages, mailing each page separately, and numbering them so the recipient can put the book back together.
A packet taking a “wrong turn” is more common than you think. Packets can be dropped by overloaded routers, arrive out of order, or even be duplicated. TCP (covered in Module 5) exists specifically to handle all of these problems. UDP does not — which is why some video calls briefly pixelate.

Next Module

Module 2: Network Models

Understand the OSI and TCP/IP models.

Interview Deep-Dive

Strong Answer:
  • The browser first checks its local DNS cache, then the OS cache, then sends a DNS query to the configured resolver (often the ISP or 8.8.8.8) to translate google.com into an IP address like 142.250.190.46. That query itself is a UDP packet on port 53.
  • Once the IP is resolved, the browser initiates a TCP three-way handshake (SYN, SYN-ACK, ACK) to port 443 on the destination server. This establishes a reliable connection.
  • Inside that TCP connection, a TLS handshake occurs — the client and server negotiate encryption parameters, the server presents its certificate, and both sides derive a shared session key.
  • Only then does the browser send the actual HTTP GET request inside the encrypted TLS tunnel. The server processes it and sends back the HTML response.
  • At each stage, the data is encapsulated: the HTTP payload is wrapped in a TCP segment, which is wrapped in an IP packet, which is wrapped in an Ethernet frame. At the router, NAT translates your private IP to the public IP before the packet hits the internet. Return traffic reverses the whole process.
Follow-up: You mentioned NAT translates the private IP. What would happen if NAT was not involved — say, your device had a public IP directly?The flow would be almost identical except the source IP in the IP header would already be globally routable. The router would simply forward the packet without rewriting addresses. This is actually how IPv6 is designed to work — every device gets a globally unique address, eliminating the need for NAT entirely. The trade-off is that without NAT acting as an implicit barrier, you rely entirely on firewalls and host-based security to prevent unsolicited inbound connections.
Strong Answer:
  • First, I would clarify the scope: is it one user, one office, or everyone? That immediately narrows the problem to a PAN/LAN issue versus a WAN issue.
  • I start at Layer 1: is the cable plugged in? Is there a link light on the switch port and the NIC? For Wi-Fi, is the device associated with the access point? Over half of “network down” tickets I have seen trace back to Layer 1.
  • If Layer 1 checks out, I move to Layer 3: does the device have an IP address (or is it on 169.254.x.x, indicating DHCP failure)? Can it ping the default gateway? If it can ping the gateway but not 8.8.8.8, that is a WAN or routing issue upstream.
  • If pings to 8.8.8.8 work but nslookup google.com fails, the problem is DNS, not “the internet.” I would check DNS server configuration or try a different resolver.
  • If DNS resolves fine but curl https://google.com times out, I would run traceroute to see where packets are being dropped and check for firewall rules blocking outbound traffic on port 443.
  • The key mental model is: start at the bottom of the stack and work up. You cannot have a working Layer 7 if Layer 3 is broken.
Follow-up: You mentioned DHCP failure showing up as 169.254.x.x. Why that specific range, and what does the device actually do when DHCP fails?169.254.0.0/16 is the APIPA (Automatic Private IP Addressing) or link-local range defined in RFC 3927. When a device sends DHCP Discover broadcasts and gets no response after several retries, it self-assigns a random address in that range. The device then uses ARP probing to check that the chosen address is not already in use on the local segment. This lets two devices on the same link communicate even without a DHCP server, but the addresses are not routable beyond the local network segment. In practice, seeing a 169.254 address is a clear signal to check whether the DHCP server is reachable and whether the DHCP pool is exhausted.
Strong Answer:
  • Yes, absolutely. This is the entire point of private IP addressing combined with NAT. Both companies can use the exact same private range internally because private IPs are only meaningful within their own network — they never appear on the public internet.
  • When Company A’s device at 192.168.1.5 sends a packet to Google, Company A’s router performs PAT (Port Address Translation): it rewrites the source IP to Company A’s unique public IP (say 203.0.113.10) and assigns a unique source port. The NAT table records this mapping.
  • Company B’s router does the same thing, but with Company B’s different public IP (say 198.51.100.20). From Google’s perspective, it sees two completely different source IP:port pairs. There is zero ambiguity.
  • When Google sends responses back, each response is addressed to the respective public IP:port. Each router looks up its NAT table and translates the destination back to the correct private IP and port on the internal network.
  • The reason this works is that private IP addresses (RFC 1918) are explicitly not routed on the internet backbone. ISPs and backbone routers drop packets with private source or destination addresses. NAT is the translation layer that bridges the two worlds.
Follow-up: What breaks when both companies need to establish a direct VPN tunnel between their networks, given they use the same private IP range?This is a classic problem called overlapping address space. If Company A’s VPN endpoint tries to route traffic to 192.168.1.0/24 at Company B, the local routing table cannot distinguish between “192.168.1.5 in my own network” and “192.168.1.5 at Company B.” Both match the same route. The standard solution is to use NAT on one or both sides of the VPN tunnel to translate the overlapping ranges into non-overlapping ranges. For example, Company B’s 192.168.1.0/24 might be presented as 10.99.1.0/24 through the tunnel. AWS Transit Gateway and similar products have built-in support for this scenario. The deeper lesson is that when designing networks, choosing non-overlapping CIDR ranges from the start (especially using the 10.0.0.0/8 space, which is large enough for unique allocations) avoids this pain entirely.
Strong Answer:
  • These are the Protocol Data Units (PDUs) at different layers of the networking stack. A segment is the Layer 4 (Transport) unit — it contains TCP or UDP headers plus the application data. A packet is the Layer 3 (Network) unit — it wraps the segment with IP headers containing source and destination IP addresses. A frame is the Layer 2 (Data Link) unit — it wraps the packet with MAC addresses and a Frame Check Sequence for error detection.
  • The distinction matters because different devices operate at different layers and only inspect their own PDU. A Layer 2 switch looks at frames — it reads MAC addresses to decide which port to forward to, but it never touches the IP header inside. A Layer 3 router looks at packets — it reads the destination IP to make routing decisions but does not inspect the TCP segment inside. A Layer 7 load balancer reads everything, all the way up to the HTTP request.
  • In practice, this explains why a Layer 4 load balancer is faster than a Layer 7 one: it reads less of the data. It also explains MTU issues — the frame payload is typically limited to 1500 bytes (the MTU). If an IP packet exceeds the MTU, it must be fragmented, which adds overhead and can cause issues with VPNs and tunnels that add extra headers, shrinking the effective MTU.
  • The way I think about it: encapsulation is like nesting envelopes. Each layer adds its own envelope with its own addressing. At each hop, the outer envelope (frame) is stripped and replaced, but the inner envelopes (packet and segment) stay intact until the destination.
Follow-up: If the MAC addresses in the frame change at every hop but the IP addresses stay the same, how does a router know what MAC address to put in the next frame?The router uses ARP (Address Resolution Protocol) on the local segment. When the router needs to forward a packet to the next hop, it checks its ARP cache for the mapping of that next-hop IP to a MAC address. If the mapping is not cached, it broadcasts an ARP request on the local segment asking “who has IP X?” The device with that IP responds with its MAC address. The router then constructs a new frame with the next-hop’s MAC as the destination. This is why ARP spoofing attacks work — an attacker can respond to ARP requests with their own MAC, redirecting traffic through their machine. On IPv6, this role is handled by NDP (Neighbor Discovery Protocol) instead of ARP.