| technology | networking - David Chapman
12 Most Important Protocols to Learn for Networking
A strong networking foundation forms the bedrock of any successful IT career. Learning networking basics requires absorbing and retaining a lot of information. The terminology alone is mind-boggling. As a result, networking can be challenging to pick up, especially if you are new to IT. To that end, let's explore 12 important networking protocols every IT professional needs to know.
1. Address Resolution Protocol (ARP)
ARP is a protocol used in the TCP/IP stack to assist in mapping Layer 2 MAC addresses into IP addresses. This protocol is important to understand because ARP lookups get cached. That cache can corrupt. Or just become stale and provide incorrect results. Often this can be corrected simply by clearing that cache on the appropriate devices.
2. Spanning Tree Protocol (STP)
Spanning Tree is an extremely important protocol. In enterprise switches it typically is enabled by default. STP has a few flavors, depending on the OEM, but they all do a very important thing: prevent network loops from happening.
Sometimes network loops occur when connecting redundant connections between switches but not properly setting up LACP. It can also occur when end users try to sneak a hub or switch in under their desk to connect more devices and want to connect multiple ports for more bandwidth.
On the flipside, leaving STP enabled on ports connected to workstations can prevent protocols like DHCP from working. The port will block traffic for a set period of time to try to detect the loop before traffic occurs. Some STP implementations do this longer than a standard DHCP attempt.
3. IEEE 802.1Q
IEEE 802.1Q is more of a standard than a protocol but is just as important. Many times referred to as simply dot1Q, this is the standard for VLAN tagging. It allows for a multiplexing of different VLANs over the same wire by prepending a VLAN header. Prior to this, OEMs had their own proprietary standards which were not interoperable.
Dot1Q allows multiple VLANs to be multiplexed over a single or set of uplinks. Without it, each VLAN would need its own uplink to the next switch. Routers would also need separate uplinks to each VLAN.
TCP/IP is a suite of related protocols. At Layer 3, the Internet Protocol (IP) operates allowing for routing. At Layer 4, TCP and UDP operate giving you a stateful and stateless option. ICMP falls under this suite of protocols but does not transport data and is typically used for diagnostics.
Most networking uses this stack. It is important to understand so that you know which protocols to use for troubleshooting. ICMP is great for testing latency but sometimes you need to use UDP based tools when ICMP is blocked. For bandwidth and latency testing, UDP is probably better at latency while TCP is great for overall bandwidth.
At Layer 3, understanding how IP addresses and subnets work along with the routing of this traffic can help you troubleshoot issues with traffic getting to its destination.
Hypertext Transfer Protocol (HTTP) is a higher layer protocol used by applications. This is important because it is so widely used. Not only do web pages and web services use it but VPN tunnels and web sockets have been known to use it as well.
The use case for understanding HTTP is that most online services now use this. If there are performance issues or errors, it can be helpful to understand HTTP. This is particularly so in the case that you have to resort to using a browser debugger to help determine an error. Sometimes HTTP error codes are buried or hidden in the HTTP results such that a browser doesn't show them but they are there.
File Transfer Protocol (FTP) is a legacy protocol that has been around for quite some time. It is still in use although other mechanisms or protocols are usually preferred when possible. Usually it is a highly reliable protocol that allows sending and receiving files.
This protocol has a few different methods and flavors so understanding those nuances is very helpful. Legacy FTP has a control channel and data channel. The data channel two modes, active and passive. One uses the control channel to set up a server on the client for the data transfer while the other allows the server to specify TCP ports to initiate the data connection over.
On top of that is FTP over SSL/TLS. This is broken down into explicit and implicit. The difference being that one explicitly indicates a TLS connection should start via STARTTLS command while the other implies TLS simply by connecting to a specific TLS port. FTP is by far one of the more complex protocols to understand because of all of these nuances that have been added over the years.
7. Network Time Protocol (NTP)
Network Time Protocol is extremely important, particularly for the security of the network. It helps ensure system and device time are accurate. Many newer authentication protocols depend on accurate time to work, while security appliances require accurate timestamps to effectively work.
Many highly secured environments have a set of internal authoritative time servers. These time servers connect to a specific set of configured external time servers. Typically all internal machines are only allowed to connect to the internal authoritative servers. This helps ensure the environment is completely in sync by a trust hierarchy of time.
8. Internet Group Management Protocol (IGMP)
IGMP is an extremely important protocol as it relates to IP multicast. It allows nodes to indicate their multicast memberships to routers so that routers can send only those nodes the multicast streams they have subscribed to.
Realtime video is a prime use case of this protocol. In an intranet many users may want to watch a real time corporate video but if the company is very large, sending it individually to every end user's machine could saturate the network. IGMP helps with that by sending it once downstream to the switches at which point they split it out and deliver it to the individual machines connected to those switches.
9. Simple Mail Transfer Protocol (SMTP)
SMTP is a mail transmission protocol that has been around since the early 1980s and updated over the years. It is still the standardized method for mail servers to communicate with each other when transmitting emails.
If you use Exchange (On Prem or Online), G-Suite, Gmail or any other email provider, SMTP is the protocol their edge mail servers use to send mail from one organization to another. Often, it is the protocol that is used internally as well but not always. Being able to understand SMTP can help you manually inject mail for testing as well as understand SMTP headers to detect bottlenecks in the delivery.
10. Secure Shell (SSH)
SSH has been around since the mid 1990s and has been replacing legacy protocols like telnet ever since. SSH is an encrypted remote connection and file transfer protocol which continually receives security updates as new encryption technology comes out.
Many UNIX, Linux, and network administrators are in SSH sessions regularly. These are command line sessions into remote machines. It is similar to RDP sessions on Windows servers, except image if those RDP sessions only opened to a command prompt. On Windows, Putty is the most widely used terminal, but on UNIX workstations an SSH executable is native to the operating systems.
11. Border Gateway Protocol (BGP)
BGP is typically used for internet routing but many times internal MPLS circuits will use it as well. It is important to understand this protocol in the event that you encounter it within a network. The most common use case for this protocol is the internet. The backbone of the internet's routing is determined by data interchanged by BGP between internet routers.
It is possible to have an internet router without BGP but typically that means the routers upstream from you are handling BGP. Understanding BGP can help you learn to properly set up redundant internet connections. You can also set up BGP peering in such a way that physical connections can be brought on to help latency of specific users.
12. Open Shortest Path First (OSPF)
OSPF is a fairly common interior routing protocol. While it is usually a matter of just turning it on, more complex environments do have configurations for the protocol. A common use case for OSPF is a scenario where you have multiple data centers that change over time.
When you bring online new subnets in one datacenter, OSPF and protocols like it help you avoid having to put static routes on all of the equipment at each data center when a new subnet is brought online.
Having a strong understanding of networking is essential to any IT career. Networking is where it all starts. As this list demonstrates, though, there's a lot of concepts and terminology to know and understand. And as networking continues to evolve, it will be important for IT pros to expand their knowledge base. This is why at CBT Nuggets, we are fond of saying that to be successful in IT, you need to be a lifelong learner.