Network Protocols Explained — TCP, UDP, IP Addressing & DNS

Network protocols are the rules that govern how data travels between computers — defining everything from packet format to error handling and congestion control.

What You’ll Learn

In this tutorial, you’ll learn how TCP and UDP differ, the TCP three-way handshake, flow and congestion control, IP addressing and subnetting, and how DNS resolves domain names.

Why It Matters

Every time you load a website, send an email, or stream a video, network protocols are working. Understanding them helps you debug connectivity issues, optimize performance, and build reliable networked applications.

Real-World Use

When you visit a website, your browser performs a DNS lookup, opens a TCP connection via the three-way handshake, negotiates TLS, sends HTTP requests, and manages flow control to avoid overwhelming the server. Doda Browser’s network stack implements all these protocols to ensure fast and reliable page loads.

sequenceDiagram
  participant Client
  participant Server
  Client->>Server: SYN (Seq=100)
  Server->>Client: SYN-ACK (Seq=300, Ack=101)
  Client->>Server: ACK (Seq=101, Ack=301)
  Note over Client,Server: Connection Established
  Client->>Server: HTTP GET /
  Server->>Client: HTTP 200 OK (Data)
  Client->>Server: FIN
  Server->>Client: ACK
  Server->>Client: FIN
  Client->>Server: ACK
  Note over Client,Server: Connection Closed

TCP vs UDP

TCP Three-Way Handshake

Before data transfers, TCP establishes a connection with three messages:

1. SYN: Client sends a SYN packet with a random sequence number (e.g., 100) to the server
2. SYN-ACK: Server responds with SYN-ACK, acknowledging the client’s sequence (Ack=101) and sending its own sequence (Seq=300)
3. ACK: Client sends ACK acknowledging the server’s sequence (Ack=301)

After this, data transfer begins. The handshake ensures both sides are reachable and agree on initial sequence numbers.

import socket
import threading
import time

class TCPSimulator:
    def __init__(self):
        self.state = "CLOSED"

    def connect(self, server_ip="192.168.1.1"):
        print(f"[CLIENT] State: {self.state}")
        print(f"[CLIENT] Sending SYN (Seq=100) to {server_ip}")
        self.state = "SYN_SENT"
        time.sleep(0.1)

        print(f"[SERVER] Received SYN (Seq=100)")
        print(f"[SERVER] Sending SYN-ACK (Seq=300, Ack=101)")
        time.sleep(0.1)

        print(f"[CLIENT] Received SYN-ACK (Seq=300, Ack=101)")
        print(f"[CLIENT] Sending ACK (Seq=101, Ack=301)")
        self.state = "ESTABLISHED"
        print(f"[CLIENT] State: {self.state} — Connection established!")
        return True

    def send_data(self, data):
        if self.state != "ESTABLISHED":
            print("Not connected!")
            return
        seq = 101
        ack = 301
        print(f"[CLIENT] Sending {len(data)} bytes (Seq={seq})")
        time.sleep(0.1)
        print(f"[SERVER] Received {len(data)} bytes (Ack={seq + len(data)})")
        print(f"[SERVER] Sending ACK (Seq={ack}, Ack={seq + len(data)})")

tcp = TCPSimulator()
tcp.connect()
tcp.send_data("Hello, Server!")

Expected output:

[CLIENT] State: CLOSED
[CLIENT] Sending SYN (Seq=100) to 192.168.1.1
[SERVER] Received SYN (Seq=100)
[SERVER] Sending SYN-ACK (Seq=300, Ack=101)
[CLIENT] Received SYN-ACK (Seq=300, Ack=101)
[CLIENT] Sending ACK (Seq=101, Ack=301)
[CLIENT] State: ESTABLISHED — Connection established!
[CLIENT] Sending 14 bytes (Seq=101)
[SERVER] Received 14 bytes (Ack=115)
[SERVER] Sending ACK (Seq=301, Ack=115)

Flow Control and Congestion Control

Flow control prevents a fast sender from overwhelming a slow receiver. TCP uses a sliding window — the receiver advertises how much data it can accept.

Congestion control prevents the network from being overloaded. TCP uses algorithms like Slow Start, Congestion Avoidance, and Fast Recovery to adjust the sending rate.

IP Addressing and Subnetting

An IPv4 address is 32 bits, usually written as four octets (e.g., 192.168.1.0). A subnet mask determines which part is the network and which is the host.

def subnet_info(ip_cidr):
    ip_str, prefix = ip_cidr.split("/")
    prefix = int(prefix)
    ip_parts = [int(x) for x in ip_str.split(".")]

    ip_bin = sum(p << (8 * (3 - i)) for i, p in enumerate(ip_parts))
    mask = (0xFFFFFFFF << (32 - prefix)) & 0xFFFFFFFF
    network = ip_bin & mask
    broadcast = network | (~mask & 0xFFFFFFFF)

    def to_ip(n):
        return ".".join(str((n >> (8 * (3 - i))) & 0xFF) for i in range(4))

    hosts = 2 ** (32 - prefix) - 2
    print(f"IP: {ip_str}/{prefix}")
    print(f"Mask: {to_ip(mask)}")
    print(f"Network: {to_ip(network)}")
    print(f"Broadcast: {to_ip(broadcast)}")
    print(f"Usable hosts: {hosts}")
    print(f"First host: {to_ip(network + 1)}")
    print(f"Last host: {to_ip(broadcast - 1)}")

subnet_info("192.168.1.0/24")
print()
subnet_info("10.0.0.0/16")

Expected output:

IP: 192.168.1.0/24
Mask: 255.255.255.0
Network: 192.168.1.0
Broadcast: 192.168.1.255
Usable hosts: 254
First host: 192.168.1.1
Last host: 192.168.1.254

IP: 10.0.0.0/16
Mask: 255.255.0.0
Network: 10.0.0.0
Broadcast: 10.0.255.255
Usable hosts: 65534
First host: 10.0.0.1
Last host: 10.0.255.254

ARP and DNS

ARP (Address Resolution Protocol) maps IP addresses to MAC addresses on a local network. When a host knows the IP but not the MAC, it broadcasts an ARP request.

DNS (Domain Name System) resolves human-readable domain names (example.com) to IP addresses (93.184.216.34).

Common Mistakes

1. Confusing TCP and UDP: TCP guarantees delivery but has overhead. UDP is faster but unreliable. Choose based on whether you need reliability or speed.
2. Not handling TIME_WAIT on servers: After closing a TCP connection, the server stays in TIME_WAIT for 2×MSL. Too many connections can exhaust ports.
3. Using private IPs on the internet: Addresses like 192.168.x.x, 10.x.x.x, and 172.16-31.x.x are private — they’re not routed on the public internet.
4. Forgetting about MTU: The maximum transmission unit (usually 1500 bytes). Larger packets get fragmented, reducing performance.
5. Ignoring DNS caching: Every DNS lookup adds latency. Cache DNS results locally to reduce resolution time.

Practice Questions

1. Why does TCP need a three-way handshake? To establish that both sides are reachable, synchronize sequence numbers, and prevent duplicate connections from old SYN packets.

2. What’s the difference between flow control and congestion control? Flow control prevents the sender from overwhelming the receiver. Congestion control prevents the sender from overwhelming the network.

3. What is a subnet mask? A 32-bit number that separates the network and host portions of an IP address. 255.255.255.0 means the first 24 bits are the network.

4. How does DNS resolution work? The client queries a recursive resolver, which queries root servers → TLD servers → authoritative name servers to find the IP address.

5. What is ARP used for? ARP resolves a known IP address to an unknown MAC address on the local network.

Challenge

Use Wireshark to capture a TCP three-way handshake when you visit a website. Identify the SYN, SYN-ACK, and ACK packets. What are the sequence numbers?

Real-World Task

Run nslookup example.com and nslookup google.com. How do the IP addresses differ? What do the TTL values mean?

Mini Project: Port Scanner

Build a TCP port scanner in Python that attempts connections to a range of ports on a target host. Report open, closed, and filtered ports.

Security angle: Network protocol knowledge is essential for security. Understanding TCP handshakes, packet structure, and DNS helps you detect network scans, DNS spoofing, and man-in-the-middle attacks.

What’s Next

Built by the developers of Doda Browser, DodaZIP, and Durga Antivirus Pro.

What’s Next

Congratulations on completing this Network Protocols tutorial! Here’s where to go from here:

• Practice daily — Consistency is more important than long study sessions
• Build a project — Apply what you learned by building something real
• Explore related topics — Check out other tutorials in the same category
• Join the community — Discuss with other learners and share your progress

Remember: every expert was once a beginner. Keep coding!