The Network Devices
Firing up the browser and googling www.youtube.com to watch your favorite you tuber is so satisfying. But have you ever thought that how does information travel the world so fast and reaches you? What enables it? What is that box actually doing which you switch on and off to fix the internet and flex to your grandparents that you are “The tech guy”. Well how about instead of just pretending - we actually become one?
So all the information in the world - believe it or not - is actually just a series of 0s and 1s. Yeah - it kinda looks like this - 010100101010101001010101011011111100101010010…
What? Doesn’t make sense? Don’t worry it isn’t meant to. That’s for the dumb computer not us majestic humans. Yes - the computer is dumb because it only does what we tell it to. In fact all the data that is going in and out - the computer is not actually the one ensuring it reaches where it needs to. Some other forces are in play. And these forces - well actually hardware - are what we call network devices.
So lets go at them one by one.
How data actually flows between computers
So this is an important section. Data flows between computers not as streams of 0s and 1s - even tho it does.
I mean we need some control and order. So what we do - we decide a fixed size of bits - these individual 0s and 1s are called each a single bit. We call this fixed size sequence of bits a packet - or more specifically a data packet - well because it has data. Now we transfer this. And of course - to transfer it we need to send it over something. Like how can you transfer water continuously between two containers ? We need a medium like a pipe. Similarly here we use wires. Now they can be anything ranging from Ethernet cables to CAT cables , twisted pair and the most powerful ones yet - optical fiber.
Now the computer doesn’t understand what these wires are speaking. Its like a different universe for the computer. It needs it stream of 0s and 1s. And for that it uses a device called Modem.
Modem
Modem huh? Sounds pretty modern. What could it mean huh? Well its actually just short for modulator de-modulator. Half of computer science names are just their meaning themselves wrapped in an extra layer of vocabulary. Now what is the job of a modem?
Well its simple - its task is to convert a signal from a physical medium into readable bits our computer can understand. A modem may be of different types based on what kind of cables it can translate , how many devices it allows to be connected to the internet at a given time etc. Physically its just a hardware device computers use to connect to wires.
Now I would have loved to move to the router but I think before that we should establish some prerequisites so that we don’t have trouble understanding it.
MAC Address
The MAC address - meaning Media Access Control address is the unique address or identification of a certain network device. From routers to computers to mobile phone - everything with a network interface has a MAC address. Its just is unique identifier for a device network interface. Basically speaking it is the name of the device that is given to it during its time of birth so that its socially identifiable.
Notice the use of the term network interface. A device has a MAC address for the part that connects to a network - if we have a device that can connect to the network in two different ways like a laptop can using Ethernet and wifi it can have 2 mac addresses.
The MAC address tends to hold the information of the device and the manufacturer. It is a 48 bit number. meaning there are 2^48 unique mac addresses possible in the world - meaning OVER 281 Trillion combinations.
We surely ain’t exhausting them anytime soon.
IP Address
The IP address is an address that is used to identify a device over a network. Yes Yes I know what you are thinking - dude but we have MAC address already - why do we need to deal with this? Well because when MAC addresses were made people did not foresee a problem to solve which IP was required.
And that problem was - that when we have too many devices in the world right now - it won’t be efficient to understand who has what address. And well - so we needed a type of address that can be resolved easily . Basically IP address maps MAC address locally. So if we have an IP address we can find the MAC address of a device in the local network. IP address is useful because its hierarchical in nature.
In the global network we cannot find the MAC address but that usually isn’t required since our packet will reach their device at the end.
If MAC address is your name given to you by birth - IP address is what an organization assigns you - like your roll number when you join school.
Also we have 2 types of IP addresses - public and private.
There can be two people sharing same private IP address but never people sharing the same public IP address. For example google has a fixed IP address - 8.8.8.8 .
This is possible through NAT - network address translation that masks all private IP addresses behind a single public IP.
And IP address - specifically an IPv4 address is a 32 bit number and is usually represented in 4 numbers separated from dots each ranging from 0-255.
Example": 32.245.15.7 | 0.0.0.0 etc.
Now before we move onto Routers lets just talk about 2 more devices - a switch and a hub.
Hub
We will not talk about what a hub is. Lets invent it.
Suppose you are a guy in 1950s and have multiple computers in a room. You are tasked to create a device that can enable these computers to talk to each other. So what is the simplest thing you can do - connect all the wires - but wait that would corrupt the data. So a simple device - that takes in data - and sends it to everyone. Well that’s what is called a hub. Doesn’t get more simple than that.
Switch
Now imagine you broke mom’s favorite vase and need to tell your sister because you know she knows where to buy it from. You text her - and guess what the hub does - it broadcasts the message to everyone - and now mum is coming in with da Broom… So what can we do? Well that is the problem a switch solves.
It takes in data packet. The data packet has the information of who sent it and where to send it in form of MAC address [we send request to IP but IP gets eventually resolved to MAC address]. Each device in the switch is connected to a port via some cable. The switch memorizes which port = which mac address. Now when we send our data packet with the destination mac address the switch knows - okay send the packet through this port.
A switch and a hub each create what we call a local network. And internet is nothing but a network of networks. So now we need to connect our local network to the BIG network - and finally we will use it - our router.
Router
A router is a device that assigns IP addresses to all devices its connected to - and connects to other nearby routers. It has its own public IP and uses it to connect our local network to the internet.
So how does it work?
First we provide the IP of the device we want to contact. The switch checks and finds it doesn’t have its mac address locally. So the request is forwarded to the router. The router resolves the IP based on its routing table and finds which router should it forward to next which would be the closest to resolve this IP. This process continues until the address is resolved. The routing tables are based off of some algorithms that helps to hierarchically decode IP addresses efficiently. The router is a complex device with multiple mechanisms for routing IP addresses as well as assigning IP address to the the devices locally. It can be said as to what is actually holding up the internet.
Firewall
A firewall is a system composed of hardware and/or software that prevents the entry of unauthorized data packets to a private network. Now this is important even for regular users these days but its especially important for private networks owned by organizations as they have to ensure the smooth operation of their services as well as data security.
For example - in an organization with multiple servers and private computers if someone else manages to flood the server with too many requests to overwhelm the server preventing other rightful users for accessing their content - then it would spell trouble for the organization. This is called a D-DOS attack - Distributed Denial of Services. Similar other things are possible - like malicious data in the packet - a packet requesting a port number that we are not using - (why would anyone randomly want access to it). If its using a protocol that we are not expecting etc.
The job of the firewall is to judge all the packets inbound to the network and perform one of the 3 operations - its kind of same as job hunting.
Accept (Got da Job)
Reject (Got rejected politely with reasons stated)
Drop (Ghosting - no acceptance but no reply either but they have discarded your resume)
Its generally considered a safe practice to set the default to drop or reject for any kind of packets you haven’t set up any predefined rules for - because an attack can be in any form and the firewall should only allow packets it knows is meant for the network.
A firewall can be set up both as a software or a combination of hardware and software. It can be used to protect the entire network or it can also be used to protect only a single computer.
The set of rules that are defined for the firewall to use are defined using the access control list.
As we can see the firewall can filter based on IP address, protocol , destination and port address. This makes our network more secure and less vulnerable.
Now that we have ensured what goes in - how does it get converted - how it reaches us - we are ready for a general overview of how the network looks like…
The Network View
As of now this is how our network looks like:
Data moves in the internet first to firewall where it gets accepted or rejected. Then if it gets accepted it reaches the router. The router then sends the data to switch which then sends it to the device its meant to go to deciding based off its MAC address. The router also has a job to check if a packet belongs to its network and if not it will send it to another router which has its destination IP to be closer.
A firewall is an optional construct that may or may not be deployed - even tho its very secure it might not be a use case for everyone. Overall this is how the flow of data remains.
Now lets zoom out a bit since we need to address a different kind of system for a different kind of purpose. After covering that - we will connect our mental model to the entire flow of data from client to a server through routers and then to server from an organization POV - because the above was your (client) POV.
Load Balancers
Now think like this - if you have a vada pav shop - and turns it it became too popular. So customers come flooding in. We can’t handle that many. So what do we do? We duplicate the recipe and create another branch to handle half of the customer load. But the customers only know your shop address. So what do you do? Well you would need a specific entry check which directs the customers equally to both shops (assume nearby shops). This entry check is called a load balancer.
Now in real world when we create a software service we run it on servers. But if a server cannot handle the amount of users that try to access it - there will be a lot of waiting time for the users. We don’t want that - so we introduce what is called as a load balancer - this can be a separate server or another hardware. As an endpoint we only expose this load balancer’s IP address. When this LB receives a request it redirects the traffic to the server based on some factors like if equally powerful servers processing same stuff - then a round robin routing would work , but if we have certain powerful servers it gets more request. In general the load balancer checks the state of the servers and directs request according to that. This also ensures that if a server dies randomly the client doesn’t have to wait. Also it is important to note that all communication is handled via the load balancer. Sometimes a load balancer may route a certain client to a specific server because the server could be maintaining some stateful functions.
Now it feels like - that if a server cannot handle so many requests - how would a load balancer be able to. Well that is because a load balancer does far less work than what a server does. And even if requests are more that a single load balancer can’t handle it then there are load balancers for load balancers which do less work and are made more powerful .
A load balancer can do a lot of work other than re-routing requests. It can act as the first layer firewall ensure that if a server dies the clients are routed to a different one, servers are routed to based on how much load they are currently handling and autos-scaling if needed.
A load balancer is an extremely robust system that forms the backbone of scalable software architecture.
Network View from an organization’s Perspective
So first of all a data packet comes from a client. It would pass into the first load balancer. From there it will be routed to another load balancer or maybe directly towards the server. During the process there can be firewalls for the load balancers , routers and even directly for the servers. Here now the packet will go to the router. The router will direct the packet to the switch which in turn will forward it to the relevant system. This will create a secure and scalable application that can be used in production. In this process the load balancers keep track of what server is up and running , how much load it has and a record of which client it is talking to. The data transfer happens via the load balancer because it must ensure reliability over this large user base.
This is how it looks like.
With this we conclude our network devices.