In the modern digital world, core protocols and technologies support the internet’s ability to provide easy, safe, and seamless connectivity. These core network protocols and services all provide underpinning services: DNS, DHCP, HTTP/HTTPS, NAT, and VPN. This report explains each service and protocol, their functions, fundamental significance, and applications in specific real-world scenarios.
1. DNS (Domain Name System)
The Domain Name System, or “DNS,” is sometimes referred to as the Internet’s telephone book. Computers identify each other using IP addresses, but humans find domain names like www.google.com much easier to remember. DNS takes these names and looks them up to find the IP Address (e.g., 142.250.182.206), which routers and servers use to talk to each other.
When someone inputs a website URL into a browser, DNS resolution occurs via a DNS query. This type of query can traditionally pass through several entities before the user ends up at a webpage, essentially:
- Device cache or local DNS cache (i.e., on the computer or router)
- Recursive Resolver (provided, typically, by your Internet Service Provider)
- Root DNS Server
- TLD Server (top-level domain, like .com, or .org)
- Authoritative DNS Server (a DNS server, or service, that holds the actual IP record of the domain being resolved)
If everything goes correctly, the IP address is returned and the browser accesses the website. DNS is important for a lot more than looking up a website. DNS also makes each email address unique, organizes sub-domains, and can help or hurt network performance. Because everything is so important, DNS can be subject to mismanagement or criminal actions. Two such methods are DNS spoofing and DNS poisoning, where users are redirected to a malicious website instead of their intended destination.
2. DHCP (Dynamic Host Configuration Protocol)
Dynamic Host Configuration Protocol (DHCP) makes it easy to assign IP addresses within a network. Instead of having to manually configure all the IP addresses, devices (clients) can request and receive the following utomatically:
- An IP address
- Subnet mask
- Default gateway
- DNS server addresses
The DHCP server (which is typically running on a standalone server or running in a router) manages a pool of IP addresses and assigns them to devices for a limited time. The initial DHCP processes performed by the client and the server, often called DORA, include:
- Discovery – Client broadcasts a request for an IP.
- Offer – Server sends a request for an available IP.
- Request – Client requests to use that IP.
- Acknowledgment – Server recognizes the assignment.
In networks (especially larger networks), DHCP reduces an administrator’s workload. However, DHCP can be exploited by attackers using Rogue DHCP servers, which assign an incorrect configuration to devices on the network.
3. HTTP and HTTPS (HyperText Transfer Protocol / Secure)
HTTP (HyperText Transfer Protocol) is the basis for data communication on the World Wide Web. It determines how browsers and web servers interact and communicate text, images, videos, and other content. HTTP utilizes port 80 and is stateless, meaning each request is handled independently by the server.
The standard HTTP protocol does not encrypt any content, however, and is therefore vulnerable to eavesdropping, man-in-the-middle attacks, and data manipulation. To address the vulnerabilities presented by standard HTTP, HTTPS (HTTP Secure) was implemented as a layer, in which SSL/TLS is placed on top of HTTP to provide:
- Confidentiality – The protocol encrypts any given data.
- Integrity – The data cannot be manipulated.
- Authentication – It uses digital certificates to authenticate the identity of a web server.
HTTPS uses port 443 and is critical for any website that transfers sensitive content. This includes forms that utilize logins, banking, or e-commerce websites. HTTPS provides Technologies such as RSA encryption and TLS handshakes to provide trust using the certificates issued by Certificate Authorities (CA).
4. NAT (Network Address Translation)
NAT (Network Address Translation) is a technique routers use to change IP address information in packet headers while information is coming or going. NAT enables multiple devices on a private network (typically using IPs similar to 192.168.x.x) to share a single public IP address to communicate with the internet.
There are multiple types of NAT:
– Static NAT: A one-to-one mapping of private IPs to public IPs.
– Dynamic NAT: A Pool of public IP addresses for NAT devices to use.
– Port Address Translation (PAT): Many-to-one mapping and distinguished by port numbers. This is one that we typically use in our homes.
Using NAT enables the conservation of IPv4 addressing, adds a minimal layer of security, and enables the internal devices to communicate without those devices populating the internet directly. NAT does create some complexities for applications that require a direct connection, for example, online gaming or VoIP, unless port forwarding is set up.
5. VPN (Virtual Private Network)
A Virtual Private Network (VPN) is a secure, encrypted tunnel for data to traverse between a user’s local device and a remote server or network. The main uses of a VPN include:
– Providing privacy and anonymity by hiding the user’s IP.
– Securely transmitting data using untrusted networks (for example, public Wi-Fi).
– Bypassing geo-restrictions and censorship.
VPNs are implemented over protocols such as:
– OpenVPN – open-source, secure, and widely supported.
– IPSec – a protocol used for site-to-site tunnels.
– WireGuard – a newer, faster, and simpler vpn protocol.
Enterprises use VPNs to provide remote users with connectivity to internal resources, while individual users use them for privacy and access control. Not all VPN service providers can be trusted; some log user activity or inject ads.
Conclusion
DNS, DHCP, HTTP/HTTPS, NAT, and VPN are all critical elements that comprise how the internet works today. DNS and DHCP make addressing and resolution easier in the new era. HTTP/HTTPS help to describe how data travels across the internet, and NAT helps to make IP space more manageable, as well as offer basic security. VPNs are critical in the area of privacy and secure communications. A solid understanding of these services is essential for individuals entering into a networking or cybersecurity field, as all these services are the backbone of digital articulation and detection in our time.
