diff --git a/selected/http_to_phy.md b/selected/http_to_phy.md index 510e655..618b3fa 100644 --- a/selected/http_to_phy.md +++ b/selected/http_to_phy.md @@ -133,3 +133,84 @@ Good learning resources for ARP: - TLS/SSL - Inspection and Testing Tools: tcpdump, wireshark, netcat and more - HTTP/2, HTTP/3 + + +## NET RAMBLE + +physical cables -- bits on wire / optics +BGP -- Major Routing Hub to Major Routing Hub +https://blog.benjojo.co.uk/post/bgp-battleships + +IP Distribution via IANA / ICANN +-- blocks of IPv4 addresses auctioned to autonomous systems / organizations, who communication routing tables for blocks via BGP + +TTL / congestion control / TCP_NODELAY vs TCP_QUICKACK / TCP_CORK +https://news.ycombinator.com/item?id=9048947 + +DNS -- Domain Name Registrars who own TLDs (ex: .com, .org, .io) +https://www.iana.org/domains/root/db +https://messwithdns.net/ +https://wizardzines.com/zines/dns/ +https://jvns.ca/blog/2022/05/10/pages-that-didn-t-make-it-into--how-dns-works-/ + +Switching -- on the Ethernet / MAC level, layer 2, VLANs can happen here +<> +Spanning Tree Protocol -- solves ARPSTORMs + +Link speed negotiation + +(intel) NUC with two (usb) NICs -- VMs that would tag traffic with VLAN. +Ethernet packet tagged with VLAN 1, + +| 1 1 1 1 1 1 1 2 | | 2i 2o | +| 2 | | NUC | +| 2 | | | + +layer 2 ethernet -- hamachi / layer 3 ip -- openvpn + +Router in bridge mode -- Router A <=====> Router B + +Hubs are layer 1 +Switches are layer 2 +Routers are layer 3 + +Home "router" is a router / switch combo + +Network Topology -- this is mostly outside my wheelhouse; infiniband/optics? + +"crossover cable" +A B +TX ---\/--- TX +RX ---/\--- RX + +"standard cable" +A B +TX -------- TX +RX -------- RX + + +Switch maintains an ethernet routing table, uses mac addresses to determine which ports need to be routed to other ports + +TTL -- preventing packets from hopping forever on layer 3 connections, ICMP is a totally separate thing +ICMP -- https://en.wikipedia.org/wiki/Internet_Control_Message_Protocol + +SEND CHEESEBURGER TO GOOGLE +A -> HR -> ISP -> | | | | -> GOOGLE +subnet 192.168.1.X +HR -> ISP | DESTINATION UNREACHABLE {ICMP 3} | TIME EXCEEDED {ICMP 11} TTL Expires +Blocking ICMP is messy, be careful! + +https://en.wikipedia.org/wiki/Black_hole_(networking) +PING sends ICMP | TTL +traceroute {ICMP 30} tells each router on the chain to send back a response, they don't have to, they can just send through. +`traceroute bad.horse` + +Network Tomography -- Mapping networks by gathering a bunch of timing data sending packets between nodes +https://en.wikipedia.org/wiki/Network_tomography + +DHCP is automatic IP handouts +But also, it tells you where your mail server is, how to get fortune cookies, and is a source of fun vulnerabilities + +TLS 1.2/1.3 +https://tls12.ulfheim.net/ +bearSSL \ No newline at end of file