Network fundamentals

In the world of system design, networks are the glue that binds different components together. Whether you're building a web application, a distributed system, or even a simple backend service, understanding how networks work is key to ensuring smooth communication, security, and performance. In this chapter, we will discuss some core aspects of networking that are crucial for building scalable and reliable systems.

---

1. Basics of Computer Networks

Let’s start with the foundation. A computer network is a collection of interconnected devices (computers, servers, routers, etc.) that communicate with each other. It’s like the postal system for data: it lets different devices send and receive information in the form of packets. When a user interacts with an online service (say, your food delivery app), these packets are constantly being sent back and forth between their device and the servers that power the app.

Types of Networks:

1. Local Area Network (LAN): This is a network that connects devices in a limited area like a building or a campus. For example, an office network where computers and printers communicate over a wired or wireless connection. The key feature of a LAN is that it’s fast and usually confined to a small space.

Example: In a typical office, employees’ computers are connected to printers, file servers, and sometimes even phones over a LAN. This setup allows fast sharing of resources.

1. Wide Area Network (WAN): This covers a broader area and connects multiple LANs. Think of the internet as the largest example of a WAN. It’s how different parts of the world can communicate with each other.

Example: Imagine a large corporation with offices in New York, London, and Tokyo. The offices have LANs internally, but to communicate with each other, they use a WAN, likely leveraging the internet or private connections.

Network Layers and the OSI Model:

To understand how networks operate, we use the OSI Model, which divides networking into seven layers:

1. Physical Layer: This is the hardware aspect—cables, switches, and wireless transmission.
2. Data Link Layer: Manages communication between devices on the same local network.
3. Network Layer: Determines how data packets are sent from one device to another (e.g., routing).
4. Transport Layer: Ensures reliable transmission of data, manages flow control, and handles errors (this is where TCP operates).
5. Session Layer: Manages the connection between two devices, ensuring sessions stay open while needed.
6. Presentation Layer: Translates data formats so that systems understand each other.
7. Application Layer: Where applications like browsers and email clients operate. This is where the data you interact with comes into play.

Most of the time in system design, we focus on layers 3 to 7, especially when dealing with communication protocols, security, and data flow.

---

2. HTTP/HTTPS, TCP/IP, DNS, and Load Balancers

HTTP/HTTPS:

HTTP (Hypertext Transfer Protocol) and HTTPS (HTTP Secure) are the primary protocols used for communication on the web. They define how messages are formatted and transmitted between clients (like browsers) and servers.

• HTTP is the protocol behind the requests you make to websites. For instance, when you load a webpage, your browser makes an HTTP request to the server hosting that webpage, and the server sends back an HTTP response with the page’s contents.

Example: You type "www.fooddelivery.com" in your browser, and it sends an HTTP request to fetch the home page.

• HTTPS is the secure version of HTTP. It encrypts the data being transmitted, ensuring that sensitive information like passwords and credit card numbers isn’t intercepted by attackers.

Example: When a user places an order on your food delivery app, HTTPS ensures that their payment details are encrypted and secure as they travel from their device to your servers.

TCP/IP:

TCP (Transmission Control Protocol) and IP (Internet Protocol) are two of the fundamental protocols that power the internet.

• TCP ensures reliable communication between devices. It breaks down messages into packets and ensures they are delivered correctly and in the right order. If packets get lost along the way, TCP retransmits them. This makes it great for applications where data integrity is crucial, like file transfers or web browsing.

Example: If your food delivery app is sending customer details to the server, TCP ensures that the entire message gets delivered without missing any parts.

• IP is responsible for addressing and routing packets to the correct destination. Think of IP addresses as the addresses on envelopes; they tell the network where to send data.

Example: When you make a request from your phone, it uses your IP address to route data to the server. The server has its own IP address, allowing packets to return to you correctly.

TCP/IP together form the backbone of internet communication. It’s like a reliable postal service: TCP ensures the package contents are intact, and IP ensures it gets to the right place.

DNS (Domain Name System):

DNS is like the internet’s phone book. Instead of remembering IP addresses (which are like phone numbers for servers), we use domain names like "www.example.com." DNS resolves these names into IP addresses, so your device knows where to send the request.

• Example: When a user types "www.fooddelivery.com" in their browser, their device queries a DNS server to find the IP address associated with that domain, then makes a request to that server.

Load Balancers:

A load balancer is crucial when scaling horizontally. It’s a tool that distributes incoming traffic across multiple servers to ensure no single server is overwhelmed. This makes your system more scalable and fault-tolerant.

• Example: Imagine it’s lunchtime, and everyone’s trying to place orders on your food delivery app. You have 10 servers ready to handle requests, but instead of all traffic going to one server, the load balancer spreads the requests evenly. This ensures that no one server gets overloaded, preventing downtime and ensuring fast response times for users.

---

3. Content Delivery Networks (CDN)

CDNs are a brilliant way to reduce latency and improve performance for users spread across different locations. A CDN is a distributed network of servers placed across the globe that store cached versions of your content. When a user requests something from your website, the CDN serves that content from the server closest to them rather than from your main server, reducing the time it takes to load.

Example: Let’s say your food delivery app has customers in India and the U.S., but your main servers are located in Europe. Without a CDN, users in India might experience slow load times because their requests have to travel all the way to Europe. But with a CDN, a server in India can serve cached images, restaurant details, and static content, making the app feel faster.

Benefits of CDNs:

• Reduced Latency: Since data is served from a server closer to the user, they experience faster load times.
• Load Distribution: A CDN helps reduce the load on your main servers by offloading requests for static content like images, CSS files, and scripts.
• Improved Availability: Even if your main servers go down, the CDN can continue serving cached versions of your site, improving availability.

---

4. SSL, TLS, and Security in Networking

Security is a major concern in any system, and the primary technologies to ensure secure communication over networks are SSL (Secure Sockets Layer) and TLS (Transport Layer Security). These protocols encrypt the data being sent between clients and servers, ensuring that sensitive information, like passwords and payment details, is protected from eavesdroppers.

SSL and TLS:

• SSL was the original protocol for securing communication, but it has largely been replaced by the more secure TLS. When you see "https://" in the URL of a website, it means that the connection is secured using SSL/TLS.

Example: In your food delivery app, when a user submits their credit card information to make a payment, the data is encrypted using TLS before being sent to the server. This ensures that even if someone intercepts the data, they can’t read it because it’s encrypted.

• Handshake Process: TLS uses a handshake process to establish a secure connection. The client (user’s browser) and the server exchange cryptographic keys to establish a secure connection. Once the connection is established, all subsequent communication is encrypted.

Example: When a user opens your app, their device and your servers go through this handshake to agree on how to encrypt the data before any sensitive information, like login details or payment info, is transmitted.

Importance of Security in Networking:

In any system where data travels across networks, security is paramount. Here are some key security practices for ensuring a secure system:

• Encryption: Always encrypt sensitive data in transit using protocols like TLS to prevent man-in-the-middle attacks.
• Firewall Protection: Use firewalls to restrict access to your servers. Only allow trusted traffic through predefined ports and block unauthorized attempts.
• API Rate Limiting: Protect your system from DDoS (Distributed Denial of Service) attacks by limiting the number of requests each client can make within a certain time window.

Example: Let’s say a malicious actor tries to overwhelm your food delivery app by sending millions of fake requests. API rate limiting can throttle these requests and prevent the system from crashing.

• Security Monitoring: Use monitoring tools to detect unusual traffic patterns or potential intrusions. Tools like **Intrusion Detection Systems (

IDS)** can help alert you when there’s an attempt to breach your network.

Certificates:

To enable SSL/TLS, you need an SSL certificate, which verifies the identity of your website or server. Certificates are issued by trusted entities called Certificate Authorities (CAs), which guarantee that your website is legitimate.

Example: When you purchase an SSL certificate for your food delivery app’s domain, it’s issued by a CA like Let’s Encrypt or DigiCert. This tells users that their data is safe and that they’re actually interacting with your app, not an imposter.

Two-Factor Authentication (2FA):

Implementing 2FA is an additional layer of security, requiring users to provide two forms of identification (typically something they know, like a password, and something they have, like a mobile device). This makes it much harder for attackers to compromise accounts.

Example: In your food delivery app, enabling 2FA for users can help prevent unauthorized access even if their password is stolen.