Networking Cheatsheet — BitWithBite

🌐 Computer Networks

Networking Complete Cheatsheet

OSI model, TCP/IP, DNS, HTTP, protocols, firewalls and cloud networking.

📖 10 sections

⏱ 24 min read

✅ Quizzes included

🌙 Dark mode

01 OSI Model ▼

NETWORKOSI 7-Layer Model

LAYER 7: APPLICATION
  Protocols: HTTP/S, FTP, SMTP, DNS, SSH, DHCP
  What it does: User-facing services and application data
  Example: Your browser requesting a webpage

LAYER 6: PRESENTATION
  Protocols: SSL/TLS, JPEG, MPEG, ASCII
  What it does: Encryption, compression, encoding

LAYER 5: SESSION
  Protocols: NetBIOS, RPC, PPTP
  What it does: Establishes, manages, terminates sessions

LAYER 4: TRANSPORT
  Protocols: TCP, UDP
  What it does: End-to-end delivery, error checking, ports
  TCP segment | UDP datagram

LAYER 3: NETWORK
  Protocols: IP, ICMP, OSPF, BGP
  What it does: Routing, logical addressing (IP)
  IP packet

LAYER 2: DATA LINK
  Protocols: Ethernet, Wi-Fi (802.11), PPP, ARP
  What it does: Node-to-node, MAC addresses, switches
  Frame

LAYER 1: PHYSICAL
  Standards: RJ45, fiber optic, coaxial, radio waves
  What it does: Bits on wire/air, voltage levels, timing
  Bits

💡

Memory: 'All People Seem To Need Data Processing' = Application Presentation Session Transport Network Data-link Physical

02 TCP/IP Suite ▼

NETWORKTCP vs UDP

TCP (Transmission Control Protocol):
  ✅ Reliable — guaranteed delivery
  ✅ Ordered — arrives in sequence
  ✅ Error checking — retransmits lost packets
  ❌ Slower — overhead of handshake + acknowledgments
  Used for: HTTP, HTTPS, SSH, FTP, email

TCP 3-Way Handshake:
  Client → SYN → Server
  Client ← SYN-ACK ← Server
  Client → ACK → Server
  (Connection established)

UDP (User Datagram Protocol):
  ✅ Fast — no handshake, no guarantees
  ✅ Low latency
  ❌ No guarantee of delivery or order
  Used for: DNS, VoIP, video streaming, online games

TCP Header fields:
  Source port | Dest port | Sequence # | Ack #
  Flags (SYN/ACK/FIN/RST) | Window size | Checksum

Port

Logical endpoint. 0-1023: well-known. 1024-49151: registered. 49152-65535: ephemeral.

Socket

IP address + port = socket. Identifies a specific connection endpoint.

MTU

Maximum Transmission Unit. Max packet size. Ethernet: 1500 bytes.

03 IP Addressing ▼

NETWORKIP Addressing

IPv4: 32-bit dotted decimal (x.x.x.x)  — ~4.3 billion addresses
IPv6: 128-bit hex (2001:db8::1)        — 340 undecillion addresses

Private IP ranges (RFC 1918 — not routed on internet):
  10.0.0.0    — 10.255.255.255      (/8  — Class A)
  172.16.0.0  — 172.31.255.255      (/12 — Class B)
  192.168.0.0 — 192.168.255.255     (/16 — Class C)

Subnet Mask:
  192.168.1.100 / 24   → subnet: 192.168.1.0, hosts: 192.168.1.1-254
  /24 = 256 addresses (254 usable)
  /16 = 65,536 addresses
  /8  = 16,777,216 addresses

CIDR Notation:
  192.168.1.0/24 = 192.168.1.0 to 192.168.1.255

Special addresses:
  127.0.0.1       = localhost (loopback)
  0.0.0.0         = all interfaces
  255.255.255.255 = broadcast
  169.254.x.x     = link-local (APIPA — when DHCP fails)

NAT

Network Address Translation. Maps private IPs to single public IP. Home router does this.

DHCP

Automatically assigns IP to devices on network. Dynamic Host Configuration Protocol.

04 DNS ▼

NETWORKDNS Resolution

1. User types: www.bitwithbite.com
2. Browser checks local DNS cache
3. OS checks /etc/hosts file
4. Query sent to Recursive Resolver (ISP or 8.8.8.8)
5. Resolver checks its cache
6. Resolver queries Root DNS server (13 root server clusters)
7. Root says: .com nameserver is at x.x.x.x
8. Resolver queries .com TLD nameserver
9. TLD says: bitwithbite.com is at y.y.y.y (authoritative)
10. Resolver queries authoritative nameserver
11. Returns A record: 123.456.789.0
12. Browser connects to that IP

Common DNS Record Types:
  A      → domain to IPv4        bitwithbite.com → 1.2.3.4
  AAAA   → domain to IPv6        bitwithbite.com → 2001::1
  CNAME  → alias to another name www → bitwithbite.com
  MX     → mail server           → mail.bitwithbite.com
  TXT    → text records           SPF, DKIM, domain verification
  NS     → name servers           who answers for this domain
  SOA    → start of authority
  PTR    → reverse lookup (IP → domain)

💡

DNS TTL controls how long records are cached. Lower TTL = faster propagation of changes but more DNS queries.

05 HTTP & HTTPS ▼

NETWORKHTTP/HTTPS

HTTP Methods:
  GET     → Read (safe, idempotent)
  POST    → Create (not idempotent)
  PUT     → Replace (idempotent)
  PATCH   → Partial update
  DELETE  → Delete (idempotent)
  HEAD    → GET without body (check headers)
  OPTIONS → Allowed methods (CORS preflight)

HTTP Status Codes:
  1xx Informational: 100 Continue, 101 Switching Protocols
  2xx Success:       200 OK, 201 Created, 204 No Content
  3xx Redirect:      301 Moved Permanently, 302 Found, 304 Not Modified
  4xx Client Error:  400 Bad Request, 401 Unauth, 403 Forbidden, 404 Not Found
  5xx Server Error:  500 Internal Error, 502 Bad Gateway, 503 Unavailable

HTTP/1.1 vs HTTP/2 vs HTTP/3:
  HTTP/1.1: 1 request per TCP connection (head-of-line blocking)
  HTTP/2:   Multiplexing — multiple requests on 1 connection
  HTTP/3:   Uses QUIC (UDP-based) — faster, better mobile

HTTPS = HTTP + TLS encryption
  TLS handshake → certificate validation → session key → encrypted

💡

HTTP/2 is now default in modern browsers. Use TLS for everything — Let's Encrypt provides free certificates.

06 Common Protocols ▼

Protocol	Port	Purpose
HTTP	80	Web traffic (unencrypted)
HTTPS	443	Secure web traffic (TLS)
FTP	20/21	File transfer
SFTP	22	Secure file transfer over SSH
SSH	22	Secure remote shell
SMTP	587	Send email (submission)
IMAP	993	Receive email (SSL)
POP3	995	Download email (SSL)
DNS	53	Domain name resolution (UDP)
DHCP	67/68	IP address assignment
NTP	123	Network time protocol
SNMP	161	Network device management
RDP	3389	Windows remote desktop
MySQL	3306	MySQL database
PostgreSQL	5432	PostgreSQL database
MongoDB	27017	MongoDB database
Redis	6379	Redis cache
Elasticsearch	9200	Elasticsearch search

07 Firewalls & Security ▼

Firewall

Controls inbound/outbound traffic based on rules. Stateful or stateless.

iptables

Linux firewall. Rules: ACCEPT, DROP, REJECT. Tables: filter, nat, mangle.

ufw

Ubuntu Firewall — simpler interface over iptables. ufw allow 22, ufw enable.

DMZ

Demilitarized Zone. Network segment with public-facing servers between two firewalls.

IDS

Intrusion Detection System. Monitors, alerts on suspicious traffic. (Snort, Suricata)

IPS

Intrusion Prevention System. Blocks suspicious traffic automatically.

VPN

Virtual Private Network. Encrypts traffic, creates private tunnel. WireGuard, OpenVPN.

Zero Trust

Never trust, always verify. Even inside network, every request authenticated.

NETWORKiptables basics

# View rules
iptables -L -n -v

# Allow SSH
iptables -A INPUT -p tcp --dport 22 -j ACCEPT

# Allow established connections
iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT

# Block everything else
iptables -A INPUT -j DROP

# Rate limit (DDoS protection)
iptables -A INPUT -p tcp --dport 80 -m limit --limit 100/min -j ACCEPT

08 Wireless Networks ▼

Wi-Fi standards

802.11ax (Wi-Fi 6) latest. 802.11ac (Wi-Fi 5) common. 802.11n (Wi-Fi 4).

2.4GHz vs 5GHz

2.4GHz: farther range, more interference. 5GHz: faster, shorter range.

SSID

Service Set Identifier. Wi-Fi network name.

WPA3

Latest Wi-Fi security. Better than WPA2. Uses SAE handshake.

BSSID

MAC address of access point. Unique per AP.

Hidden SSID

AP doesn't broadcast name. Still discoverable by sniffing.

Channel

Frequency sub-band. Channels 1,6,11 non-overlapping on 2.4GHz.

MIMO

Multiple Input Multiple Output. Multiple antennas for more throughput.

💡

For best home Wi-Fi: use 5GHz for close devices, 2.4GHz for far devices. Use channels 1, 6, or 11 on 2.4GHz to avoid interference.

09 Cloud Networking ▼

VPC

Virtual Private Cloud. Isolated virtual network in cloud. AWS VPC, GCP VPC.

Subnet

Subdivision of VPC. Public (internet-routable) or private (internal only).

Internet Gateway

Allows VPC to connect to internet. Attached to VPC.

NAT Gateway

Allows private subnets to reach internet without being reachable.

Security Group

Stateful firewall for EC2 instances. Allow rules only (no deny).

NACL

Network ACL. Stateless subnet-level firewall. Allow AND deny rules.

Route Table

Rules for routing traffic. Each subnet has a route table.

Peering

Connect two VPCs directly. VPC Peering (same account) or Transit Gateway.

NETWORKAWS VPC architecture

Internet
    ↓
Internet Gateway
    ↓
VPC (10.0.0.0/16)
  ├── Public Subnet (10.0.1.0/24)
  │     └── Load Balancer / NAT Gateway
  ├── Private Subnet (10.0.2.0/24)
  │     └── App Servers (EC2)
  └── Private Subnet (10.0.3.0/24)
        └── Database (RDS)

10 Mini Quizzes ▼

❓ Quiz 1

What happens during a TCP 3-way handshake?

TCP 3-way handshake: 1) Client sends SYN. 2) Server responds SYN-ACK. 3) Client sends ACK. Connection established. Then data transfer begins. UDP skips this entirely.

❓ Quiz 2

Which DNS record type maps a domain to an IPv4 address?

A record (Address record) maps a domain name to an IPv4 address. AAAA record maps to IPv6. CNAME is an alias. MX is for mail servers.