Linux HowTo: Networking Concepts

Here is a little dabbler to Linux Network Concepts for those of you wannabe Nerds out there..
=====

-VPN    -a n/w that uses a public telecom n/w like the Internet to provide remote network access.
    -the goal of vpn is to provide same level of security as a private n/w at a fraction of the cost.
    -vpns came in vogue in around 2k when leased lines were the only option at a high cost.
    -vpns actually spelled the end of leased lines.
    -vpns provide security by encapsulating the traffic between the two nodes in cryptographic tunnels.
    -vpns use several protocols for providing security - eg ssh, ipsec (ip security), ssl etc.

-Tunneling protocol-
    -a n/w protocol that encapsulates payload of another n/w protocol.
    -this is routinely used in vpn.
    -tunneling usually has two protocols operating - the 'delivery protocol' that encapsulates the 'payload protocol'
-eg:    -delivery protocol = ssh, payload protocol = smb; ssh + smb = ssh tunneling protocol.

-Port Forwarding-
    -Also called Port Mapping.
    -Changing of the destn addr and/or port on a packet.
    -this permits public hosts (eg on the Internet) to connect to a specific host within a private lan.
-scenarios of Port Forwarding:
    -running a public http server within a private lan at port 80
    -permitting ssh access to hosts on the private lan from the Internet at port 22
    -permitting ftp access to hosts on the private lan from the Internet at port 21.
-Port Forwarding is achieved by-
    -iptables cmd     in linux
   
-Note:    -In a typical home lan via a router, the Internet sees only the router which holds the public ip addr.
    -the hosts behind the router are invisible to the Internet.
    -Port forwarding on the router permits communications by external hosts with services provided within a private lan

-PAT    -Port Addr Translation-
    -Permits communication between hosts on a private n/w and hosts on a public n/w.
    -It allows a single IP addr to be used by many hosts on a private n/w.   
    -PAT device (usually router) transparently modifies IP packets as they pass through it.
    -PAT device modifies the senders IP Addr and Port number (to a public ip and port)
    -PAT is subset of NAT.
    -PAT is also known as NAT overload.
    -PAT operates on layer 3 & 4 (network, transport resp). NAT operates only on layer 3.

-Socket    -ip + port pair        (much like a telephone line and its extn).
    -the socket needs to be known by both source and target host for communication to happen.

-Note:    -ICMP packets dont have source and target port numbers (TCP and UDP do).
    -NAT Translates IP addr only. 1to1 IP translation also called Static NAT.
    -PAT Translates IP addr + port (ie socket). Also called NAT overload.
-Compare this with traditional TV networks...
-Cable TV-
    -Provides TV Broadcast in the form of Radio Freq Signals over optical fiber or coaxial cables.
    -This is different from traditional TV Broadcast via radio waves over-the-air.
    -Cable TV networks have a high bandwidth.