CoursifyCoursify

Computer Networks: Architecture, Protocols, Operation, and Security

Computer Networks: Architecture, Protocols, Operation, and Security

Verified Sources
Jun 18, 2026

A computer network is a system of devices, links, and software protocols that enables hosts to exchange data across local, metropolitan, wide-area, and global environments. The Internet is the largest practical example: it uses packet-based communication, standardized addressing, routing, and layered protocols to move data between heterogeneous systems .

At the core of modern networking is packet switching, where application data is segmented into packets, each packet is forwarded through intermediate devices, and the receiver reassembles the original message. This design allows links to be shared efficiently among many conversations, unlike circuit-switched systems that reserve a fixed path for an entire session .

Networks are usually studied through layering. Layered models separate concerns: physical signaling, local delivery, internetwork routing, transport reliability, and application semantics. The OSI model is a conceptual seven-layer reference model, while the TCP/IP model is the practical foundation of the Internet protocol suite .

Key learning outcomes for this section:

CompetencyWhat you should be able to explain
Network architectureHow hosts, switches, routers, and links cooperate
Layered modelsWhy OSI and TCP/IP separate networking responsibilities
AddressingHow MAC addresses, IP addresses, ports, and names differ
ForwardingHow switches forward frames and routers forward packets
ReliabilityHow TCP provides ordered, reliable delivery over IP
SecurityHow segmentation, encryption, firewalls, and monitoring reduce risk

Footnotes

  1. RFC 1122: Requirements for Internet Hosts — Communication Layers - Foundational specification describing Internet host communication layers and TCP/IP requirements.

  2. Internet Society: A Brief History of the Internet - Historical overview of packet switching, ARPANET, and Internet development.

  3. ISO/IEC 7498-1: Open Systems Interconnection Basic Reference Model - International standard defining the OSI reference model.

Computer Networking Full Course - OSI Model Deep Dive with Real Life Examples

Network Components and Topologies

A network is built from endpoint devices, intermediary devices, links, and protocols. A host may be a laptop, server, phone, printer, virtual machine, or container. A switch connects devices inside a local area network, while a router connects separate IP networks and chooses next hops for packets .

A LAN usually operates over Ethernet or Wi-Fi. A WAN connects remote sites through carrier links, leased lines, VPNs, or public Internet paths. A topology describes how nodes are arranged and how traffic flows.

Common topology patterns:

TopologyDescriptionStrengthLimitation
StarDevices connect to a central switch or access pointEasy to manage and troubleshootCentral device can become a failure point
MeshDevices or routers have multiple interconnectionsHigh resilience and path diversityMore expensive and complex
BusDevices share one communication mediumSimple historical designPoor scalability and fault isolation
TreeHierarchical arrangement of switches and routersScales well for enterprisesUpper-layer failures affect many users
HybridCombination of several designsFlexible and realisticRequires careful planning

Footnotes

  1. Cisco: What Is a Network Switch? - Vendor-neutral educational explanation of switching and network device roles.

LayerNameMain function
7ApplicationUser-facing network services such as web and email
6PresentationData representation, serialization, encryption concepts
5SessionDialog control and session coordination
4TransportEnd-to-end delivery using TCP or UDP
3NetworkLogical addressing and routing with IP
2Data LinkLocal frame delivery with Ethernet or Wi-Fi
1PhysicalElectrical, optical, or radio transmission

The OSI model is primarily a teaching and design reference that clarifies responsibilities across seven layers .

Footnotes

  1. ISO/IEC 7498-1: Open Systems Interconnection Basic Reference Model - International standard defining the OSI reference model.

Addressing: MAC, IP, Ports, and Names

Networking uses several kinds of identifiers because different layers solve different problems. A MAC address identifies an interface on a local link. An IP address identifies a host or interface within an IP network. A port number identifies an application conversation on a host.

IPv4 uses 32-bit addresses, commonly written in dotted-decimal form such as 192.0.2.10; IPv6 uses 128-bit addresses, commonly written in hexadecimal colon-separated notation such as 2001:db8::10 . IPv6 was designed with a vastly larger address space and improved support for modern Internet growth .

A subnet groups addresses under a common prefix. For example, 192.0.2.0/24 indicates that the first 24 bits are the network prefix, leaving 8 bits for host addresses. Classless Inter-Domain Routing, or CIDR, allows flexible address allocation and route aggregation .

The DNS translates names such as example.com into addresses that machines can route to. DNS is hierarchical and distributed, using zones, authoritative servers, recursive resolvers, and cached records to scale globally .

Footnotes

  1. RFC 791: Internet Protocol - Original IPv4 specification defining IP datagrams, addressing, and fragmentation.

  2. RFC 8200: Internet Protocol, Version 6 Specification - Current IPv6 specification describing IPv6 packet format and addressing architecture.

  3. RFC 4632: Classless Inter-domain Routing - Specification and discussion of CIDR addressing and route aggregation.

  4. RFC 1034: Domain Names — Concepts and Facilities - Core DNS architecture specification explaining the distributed domain name system.

Think in Layers During Troubleshooting

When a connection fails, isolate the layer. Check physical link first, then local addressing, IP routing, transport ports, DNS, and finally the application. This prevents guessing and mirrors how layered network models separate responsibilities .

Footnotes

  1. ISO/IEC 7498-1: Open Systems Interconnection Basic Reference Model - International standard defining the OSI reference model.

How a Web Request Travels Across a Network

  1. 1
    Step 1

    The client asks DNS for the IP address associated with a domain name. DNS may return IPv4 A records, IPv6 AAAA records, or both, depending on the domain and resolver configuration .

    Footnotes

    1. RFC 1034: Domain Names — Concepts and Facilities - Core DNS architecture specification explaining the distributed domain name system.

  2. 2
    Step 2

    The client compares the destination IP address with its local subnet. If the destination is remote, the client sends the packet to its default gateway, usually a router .

    Footnotes

    1. Cisco: What Is a Network Switch? - Vendor-neutral educational explanation of switching and network device roles.

  3. 3
    Step 3

    Application data is wrapped in a transport header, then an IP header, then a link-layer frame. This encapsulation allows each layer to add the information needed for its own scope.

  4. 4
    Step 4

    A switch forwards the Ethernet frame within the LAN using link-layer information. Switches learn which MAC addresses are reachable through which ports .

    Footnotes

    1. Cisco: What Is a Network Switch? - Vendor-neutral educational explanation of switching and network device roles.

  5. 5
    Step 5

    Routers inspect the destination IP address, consult routing tables, decrement the packet lifetime field, and forward the packet toward the next hop .

    Footnotes

    1. RFC 791: Internet Protocol - Original IPv4 specification defining IP datagrams, addressing, and fragmentation.

  6. 6
    Step 6

    At the destination, the receiver decapsulates the frame and packet, passes the segment to TCP or UDP, and uses the destination port to deliver data to the correct application process .

    Footnotes

    1. RFC 9293: Transmission Control Protocol - Modern TCP specification describing reliable ordered transport behavior.

  7. 7
    Step 7

    The server sends response data back through the same layered process. The return path may differ from the forward path because IP routing is packet-based and can be asymmetric.

Switching, Routing, and Forwarding

A switch operates primarily at the data-link layer. It forwards frames within the same LAN. Ethernet switches maintain forwarding tables that associate MAC addresses with switch ports, reducing unnecessary traffic compared with older shared-medium designs .

A router operates at the network layer. It forwards packets between networks based on destination IP prefixes. Routers use routing tables populated by static configuration, directly connected networks, or dynamic routing protocols.

A routing table usually contains:

FieldPurpose
Destination prefixNetwork range such as 203.0.113.0/24
Next hopNeighbor router or interface used to reach the destination
MetricPreference value used to compare routes
InterfaceLocal outgoing link
Route sourceStatic, connected, or learned dynamically

A key distinction is that switching is local and link-specific, while routing is logical and network-wide. Switches ask, “Which port reaches this MAC address?” Routers ask, “Which next hop reaches this IP prefix?”

Footnotes

  1. Cisco: What Is a Network Switch? - Vendor-neutral educational explanation of switching and network device roles.

Relative Scope of Common Network Identifiers

Illustrative comparison of how far each identifier is normally meaningful in a network path.

Transport Protocols: TCP, UDP, and QUIC

The transport layer provides process-to-process communication. TCP provides reliable byte-stream delivery, retransmission, flow control, congestion control, and ordered data delivery . UDP provides datagram delivery with lower overhead but without TCP-style reliability or ordering guarantees .

TCP is appropriate when correctness and ordered delivery matter, such as web transfers, file downloads, email delivery, and remote administration. UDP is appropriate when applications can tolerate loss or implement their own recovery, such as voice, video, gaming, telemetry, and DNS queries.

QUIC is a modern transport protocol that runs over UDP and integrates security, multiplexing, and connection migration. HTTP/3 uses QUIC rather than TCP, helping reduce connection setup costs and avoiding some head-of-line blocking issues associated with TCP-based multiplexing .

Transport-layer comparison:

FeatureTCPUDPQUIC
Connection modelConnection-orientedConnectionlessConnection-oriented over UDP
ReliabilityBuilt inNot built inBuilt in
OrderingOrdered byte streamMessage datagrams onlyStream-based delivery
Congestion controlBuilt inApplication-dependentBuilt in
EncryptionUsually via TLS above TCPOptional at application layerIntegrated with TLS 1.3 concepts
Typical usesHTTPS, SSH, emailDNS, VoIP, streamingHTTP/3, modern web transport

The simplified throughput relationship often used in performance analysis is:

ThroughputData transferredTransfer time\text{Throughput} \approx \frac{\text{Data transferred}}{\text{Transfer time}}

Latency-sensitive applications care not only about throughput, but also about jitter, packet loss, and round-trip time.

Footnotes

  1. RFC 9293: Transmission Control Protocol - Modern TCP specification describing reliable ordered transport behavior.

  2. RFC 768: User Datagram Protocol - UDP specification defining connectionless datagram transport.

  3. RFC 9000: QUIC — A UDP-Based Multiplexed and Secure Transport - QUIC transport protocol standard.

UDP Is Not Automatically Faster in Practice

UDP has less protocol overhead than TCP, but application performance depends on loss recovery, congestion behavior, path quality, and implementation. A poorly designed UDP application can perform worse than TCP and can harm shared networks .

Footnotes

  1. RFC 768: User Datagram Protocol - UDP specification defining connectionless datagram transport.

Application Protocols and Services

Application protocols define the meaning of exchanged messages. HTTP defines semantics for web requests and responses, including methods, status codes, headers, and representation metadata . DNS defines distributed name resolution. SMTP, IMAP, and related protocols support email. SSH supports secure remote administration. DHCP helps hosts obtain IP configuration automatically.

A client-server model is common: browsers request pages from web servers, mail clients retrieve messages from mail servers, and applications query databases through network APIs. A peer-to-peer model distributes service roles among participating nodes.

Typical protocol stack for loading a secure website:

LayerExample
ApplicationHTTP semantics
SecurityTLS encryption and authentication
TransportTCP, or QUIC for HTTP/3
InternetIPv4 or IPv6
LinkEthernet, Wi-Fi, cellular, or other access technology

TLS protects data in transit and authenticates servers using certificates. TLS 1.3 simplified older handshake designs and removed many obsolete cryptographic options .

Footnotes

  1. RFC 9110: HTTP Semantics - Current HTTP semantics specification for methods, status codes, and message meaning.

  2. RFC 8446: The Transport Layer Security Protocol Version 1.3 - TLS 1.3 specification for secure network communication.

1# Test basic IP reachability 2ping 8.8.8.8 3 4# Trace the route to a destination 5tracert example.com 6 7# Query DNS records 8nslookup example.com 9 10# Show local IP configuration 11ipconfig /all

A Layered Network Troubleshooting Method

  1. 1
    Step 1

    Confirm that cables, wireless association, link lights, VLAN membership, and interface status are correct. Many apparent application failures begin as link-layer failures.

  2. 2
    Step 2

    Inspect IP address, subnet prefix, default gateway, and DNS server configuration. A host with an incorrect prefix or gateway may reach local devices but fail to reach remote networks.

  3. 3
    Step 3

    Ping the default gateway or another local device. Success suggests that local link-layer communication is functioning.

  4. 4
    Step 4

    Ping or trace toward a known external IP address. If remote IP connectivity works but names fail, the issue may be DNS rather than routing.

  5. 5
    Step 5

    Query DNS directly. Compare resolver behavior with authoritative answers where appropriate because DNS caching and stale records can produce misleading symptoms .

    Footnotes

    1. RFC 1034: Domain Names — Concepts and Facilities - Core DNS architecture specification explaining the distributed domain name system.

  6. 6
    Step 6

    Check whether the required TCP or UDP port is reachable. Firewalls, access control lists, service binding, and NAT rules can block specific ports even when IP reachability works.

  7. 7
    Step 7

    Review logs, protocol errors, certificates, authentication failures, HTTP status codes, and server-side resource limits. Application-layer failures often appear only after lower layers are healthy.

Network Security Fundamentals

Network security combines prevention, detection, response, and recovery. A firewall enforces traffic policy between zones or hosts. Network segmentation limits the blast radius of failures and attacks. A VPN protects traffic across untrusted networks.

Security objectives are often summarized as confidentiality, integrity, and availability:

ObjectiveNetwork interpretationExample control
ConfidentialityPrevent unauthorized disclosure of trafficTLS, VPNs, encryption
IntegrityPrevent unauthorized modificationMessage authentication, TLS
AvailabilityKeep services reachable and resilientRedundancy, DDoS protection, monitoring

Firewalls are effective when deployed as part of a broader architecture that includes least privilege, patching, authentication, logging, and incident response . Encryption protects data in transit, but it does not replace endpoint security or sound access control.

Footnotes

  1. NIST SP 800-41 Rev. 1: Guidelines on Firewalls and Firewall Policy - NIST guidance on firewall technologies, policy, and network security architecture.

Flat Networks Increase Attack Impact

If every host can freely reach every other host, one compromised endpoint can more easily spread laterally. Segmentation, firewall policy, and identity-aware access controls reduce this risk .

Footnotes

  1. NIST SP 800-41 Rev. 1: Guidelines on Firewalls and Firewall Policy - NIST guidance on firewall technologies, policy, and network security architecture.

Selected Milestones in Computer Networking

Packet Switching Concepts

1960s

Packet switching emerged as a foundational idea for sharing communication links efficiently among many conversations ."

Footnotes

  1. Internet Society: A Brief History of the Internet - Historical overview of packet switching, ARPANET, and Internet development.

ARPANET Begins Operation

1969

ARPANET connected early research sites and influenced later packet-switched internetworking designs ."

Footnotes

  1. Internet Society: A Brief History of the Internet - Historical overview of packet switching, ARPANET, and Internet development.

IPv4 Specification

1981

RFC 791 defined IPv4, including datagram format, addressing, fragmentation, and best-effort packet delivery ."

Footnotes

  1. RFC 791: Internet Protocol - Original IPv4 specification defining IP datagrams, addressing, and fragmentation.

TCP/IP Becomes Core Internet Protocol Suite

1983

TCP/IP became the operational foundation for Internet communication, separating reliable transport from IP packet delivery ."

Footnotes

  1. RFC 1122: Requirements for Internet Hosts — Communication Layers - Foundational specification describing Internet host communication layers and TCP/IP requirements.

IPv6 Specification Published

1998

IPv6 introduced 128-bit addressing and a revised IP header architecture to support Internet growth ."

Footnotes

  1. RFC 8200: Internet Protocol, Version 6 Specification - Current IPv6 specification describing IPv6 packet format and addressing architecture.

QUIC Standardized

2021

QUIC was standardized as a UDP-based transport protocol supporting secure, multiplexed connections ."

Footnotes

  1. RFC 9000: QUIC — A UDP-Based Multiplexed and Secure Transport - QUIC transport protocol standard.

Common Misconceptions and Edge Cases

Computer Networking Key Terms

1 / 8
13%
Question · Term

Packet switching

Click to reveal
Answer · Definition

A communication method that splits data into packets forwarded independently across shared links.

Design Principles for Reliable Networks

Good network design balances scalability, performance, security, and operability. A scalable design uses hierarchical addressing, route summarization, modular topology, and predictable failure domains. A secure design applies least privilege, segmentation, encryption, centralized logging, and tested incident response. An operable design includes documentation, monitoring, configuration management, and change control.

Important design metrics include:

MetricMeaningWhy it matters
BandwidthMaximum transmission capacity of a linkDetermines potential data rate
LatencyTime for data to travel from source to destinationAffects responsiveness
JitterVariation in latencyImportant for voice, video, and gaming
Packet lossPercentage of packets that fail to arriveReduces quality and throughput
AvailabilityProportion of time a service is usableMeasures reliability
Mean time to repairAverage recovery time after failureMeasures operational resilience

A useful availability approximation is:

Availability=UptimeUptime+Downtime\text{Availability} = \frac{\text{Uptime}}{\text{Uptime} + \text{Downtime}}

For example, a service that is down for 8.76 hours per year has approximately 99.9%99.9\% annual availability. Higher availability usually requires redundancy, monitoring, tested failover, and disciplined operations rather than only faster hardware.

Design for Failure, Not Just Normal Operation

Reliable networks assume that links, devices, software, and configurations can fail. Redundant paths, clear routing policy, monitoring, backups, and tested recovery procedures are central to resilient design.

Knowledge Check

Question 1 of 5
Q1Single choice

Which statement best describes packet switching?

Explore Related Topics

1

Algorithms: Foundations, Analysis, and Design Paradigms

Algorithms are formal, step‑by‑step procedures that transform inputs into correct outputs, and their study intertwines correctness, efficiency, and appropriate data representations.

  • Correctness is proved via invariants, induction, or contradiction, while efficiency is measured with asymptotic notation (OO, Θ\Theta, Ω\Omega) and space usage.
  • Common design paradigms include divide‑and‑conquer (e.g., merge sort, binary search), dynamic programming, greedy methods, backtracking, and branch‑and‑bound.
  • Choice of data structures (arrays, heaps, graphs, etc.) directly impacts algorithm performance.
  • Typical algorithm families—sorting, searching, BFS/DFS—illustrate the trade‑offs in time (O(nlogn)O(n\log n) vs O(n2)O(n^2)) and scalability.
  • A standard development lifecycle proceeds from problem specification, representation, paradigm selection, analysis, to implementation and testing.
2

Data Communication Components: Various Connection Topology, Protocols and Standards

Data communication fundamentals are presented, detailing the five essential components, common physical and logical topologies, protocol layering (OSI and TCP/IP), and the standards bodies that ensure interoperability.

  • Core components: message, sender, receiver, transmission medium, protocol; transmission modes include simplex, half‑duplex, and full‑duplex.
  • Topologies: bus, star, ring, mesh, tree, hybrid—each balancing cost, fault tolerance, scalability, and complexity.
  • Protocols define syntax, semantics, and timing; OSI (7 layers) and TCP/IP (4 layers) use key protocols such as IP, TCP, UDP, HTTP.
  • Standards from ISO, ITU‑T, IEEE (e.g., 802.3 Ethernet, 802.11 Wi‑Fi) and IETF guarantee vendor‑independent communication.
  • Design guidance: align requirements with appropriate topology, media, protocol stack, and verify compliance with relevant standards.
3

Systems Programming: Processes, Memory, Concurrency, and Operating-System Interfaces

Coursify logoBrowse all research articles