Networking¶
DNS¶
- DNS Zone is an administrative boundary that allows managing one or more domain and sub-domains.
- Each zone must have one primary name server and at least one secondary name server
- Server Types
- Recursive Resolver: first server contacted by client for resolution, unless cached, asks root name server
- Root name server: directs to appropriate TLD name server
- TLD Name server: directs to the authoritative name server
- Authoritative name server: final step, returns IP if it's
Arecord, or alias name if it'sCNAMErecord
Record Types¶
- SOA: Start of Authority, information about server that supplies other records
- NS: Name Server Used by top level DNS to redirect traffic to content DNS server
- A, AAAA: Address, IP6
- MX: Mail Exchange, defines mail server for the domain
- TTL: Time To Live (typically 2 days, but can be lowered to 5 minutes)
- CNAME: Canonical Name points to an A record, can’t point to Zone Apex Record
- Zone Apex Record: naked domain name (without subdomain)
- Alias: AWS/Route53 specific, like CNAME but can point to Zone Apex Record
- PTR: reverse DNS, IP to domain
- NS: Name server
IP6¶
- smallest subnet can be
::/64if auto configuration is desired
OSI Layers¶
| Num | Unit | Layer | Type | Function |
|---|---|---|---|---|
| 1 | bits | physical | Media | Media signal, binary transmission |
| 2 | frame | data link | Media | physical addressing (MAC & LLC) |
| 3 | packet | network | Media | path determination and logical addressing |
| 4 | segment | transport | Host | end-to-end connection and reliability |
| 5 | data | session | Host | inter-host communication |
| 6 | data | presentation | Host | data representation and encryption |
| 7 | data | application | Host | network process and application |
Active Directory¶
- Components: Forests, Domains, Resources (includes Users,Groups)
- Forest is the top level component
- Forest contains one or more domains and name is derived from the root domain
- domains within a forest trust each other, i.e. user authenticated by one domain, can access resources belonging to another domain
- separate forests don't trust each other unless connected by cross-forest trusts
- v/s Google Cloud
- AD considers users as resources and thus are managed within a domain. GCP, except for service accounts, users are managed by Cloud Identity or Google Workspace
HTTP Return Codes¶
429: too many requests408: request timed out