The very basics

What is a network

A network is typically considered to be two or more computers (or networkable devices) joined together such that they can communicate with one another in a defined and logical fashion. Networks vary in size dramatically between something as simple as the network formed by your computer and your ADSL router at home, all the way up to the Internet which is a globe-spanning network whose purpose is, in part, to allow you to read this article.

How does my computer find networks?

Depending on your operating system, and the particular choices you have made when installing it, there are a number of ways in which it might be keeping track of, connecting to, and making use of networks. Also you might have different physical kinds of network you could join, such as wired Ethernet or Wi-Fi networks.

Most modern Linux-based desktop operating systems tend to use a piece of software called Network Manager which looks after the details of connecting to networks for you. Under the bonnet Network Manager will be handling choice of network interface, acquiring an address on the network and dealing with finding out how to locate other systems on the network.

Under the bonnet

Network Interfaces

Your computer, particularly if it is a laptop, may have many network interfaces. There may be an Ethernet port on the computer, into which you can plug a cable the other end of which is plugged into another networking device such as a switch or router. Alternatively your computer may be fitted with a Wi-Fi interface which allows your computer to attach to a Wi-Fi access point or router without needing a cable.

Some network interfaces are virtual. In a common UNIX system you will have at least one virtual network interface -- the local loopback interface. This interface exists so that every UNIX computer in isolation is still capable of being a network. This simplifies network software design considerably since it never has to consider the case of there being no network at all.

Addresses, what they are and how to get them

On the network there needs to be a way to identify each device. This is called an address. Each network interface automatically comes with one address called its MAC address which uniquely identifies the network interface hardware itself. At the next level up, the protocols which run on the network itself define addressing schemes. The two common protocols you will hear of are IP version 4 and IP version 6 (or IPv4 and IPv6 for short).

In IPv4, an address is four small (less than 256) numbers, separated by dots. For example, the address is one which every computer has (the local loopback address). There are a number of well known IPv4 addresses such as which we will come to later.

Most small networks operate a protocol to allocate addresses to devices when they turn up. This is commonly the dynamic host configuration protocol, or DHCP. This protocol allows a device to connect to a previously entirely unknown network and obtain the information it needs to be a good citizen of the network (an address) and details on how to find access to the wider world (the address of the network's routers).

Name resolution

If all we had were numeric addresses then our lives would be at a very sad and difficult place. Fortunately there exists a number of mechanisms for turning more easily remembered names into the numeric addresses they are for. This process is called name resolution and almost every networked system in existence uses it to find the addresses of systems it needs to talk to.

In the early days of networking, this name to address mapping was simply maintained in a text file on every host. This file is still in existence on many systems as /etc/hosts although typically it contains nothing more than localhost and possibly the computer's name.

These days we use a system called the DNS which allows computers to not need to pre-know the names of everything they wish to connect to.

The wider world

The DNS and common record types

The Domain Name System (DNS) is a distributed (but not decentralised) system for turning names into addresses (and back again). The DNS is centralised by virtue of there being a well known (and agreed upon) set of root name servers whose addresses are built into most software associated with serving the DNS.

The DNS is essentially a distributed database where the data stored within it is sharded and the workload (and authority) distributed according to ownership information encoded in the configuration of the root name servers (or other name servers further down the chain). This delegation of service is done by separating the desired lookup by dots. For example, a name in the DNS might be and as such, be split into yakking branchable and com. The authority for com can be looked up from the root name servers, then those can be queried for who knows about branchable and that will be another name server which can then be queried for yakking which will (hopefully) result in an address which can then be connected to, to retrieve useful articles containing information you wish to know. These sharded names are the 'domains' which give rise to the name: DNS.

The DNS database consists of a number of different record types. The most commonly encountered ones are:

  • NS: Name server records -- these state the name servers for a given DNS domain. For example, the NS records for list the names and as being the name servers for the domain
  • A: Address records -- These give the address of a given name. For example a DNS entry may connect to the address
  • CNAME: Canonical name records -- These give the canonical name of an alias name. For example, you may have a DNS entry which says that the name is more correctly known as simply
  • MX: Mail Exchanger records -- These indicate for a given domain name where the computers are which provide the mail service for that domain. For example, you may have an entry which says that the MX for is 10 which means that at priority 10, handles email for

Given these different record types, it's possible that a given name may have many records. All record types can coexist with one another to a greater or lesser extent, although in practice, CNAME records do not co-exist very well with most other record types.

The Whois system

Along with the DNS, there is a mechanism for mapping these domain names (and indeed addresses) to their owners. The whois system links together domain names and address blocks with their legal owning entities. There are a number of well known whois servers. These are the servers operated by the regional organisations charged with maintaining the DNS and whois data.

Via the RIR servers a whois client can find out who owns various network entities such as addresses, names or network blocks. For example, if you issue the command whois at the command line, you may get output including who registered the name, who is technically in charge of it, and which internet registry is providing registration services.

Protection (Firewalls)

Fundamentally a network is an intrinsically open world. If you can connect to the network (which might involve either physically being able to plug into it or perhaps knowing the password for the Wi-Fi network) then you can determine the other users of the network and connect to them indiscrimately.

In order to protect devices on the network there is a class of software called a firewall. A firewall might protect one network from another network or one device from a network, or some combination thereof. Firewalls essentially limit who can connect to whom and for what purposes. They exist at many levels of the networking stack and have many many features and operations they can perform.

Further reading

If you wish to know more about networking, you might look up information about:

Also you might want to have a play with:

You might want to play with these commandline tools:

If you're interested in firewalls, you might investigate

And if you simply wish to know more about networking in a general sense then you could do worse than to look at: