Networking - bobbae/gcp GitHub Wiki
https://en.wikipedia.org/wiki/Computer_network
Data Communication and Computer Networking provides the rules and regulations that allow computers with different operating systems, languages, cabling, and locations to share resources and communicate with each other.
https://book.systemsapproach.org/index.html
Introduction
Google Cloud Platform includes software-defined networking, hybrid connectivity, network performance optimization, network security, service mesh deployment, NAT, load balancing, and routing.
GCP implements software-defined network that provides fast and reliable connections to users around the world.
Google Cloud customers enjoy significantly improved intra-zone network latency with the Andromeda software-defined network (SDN) stack that underpins all of Google Cloud. Snap is a userspace networking system that supports Google’s rapidly evolving needs with flexible modules that implement a range of network functions, including edge packet switching, virtualization for our cloud platform, traffic shaping policy enforcement, and a high-performance reliable messaging and RDMA-like service.
https://cloud.google.com/blog/products/networking/networking-announcement-at-google-cloud-next22/
Google's own Jupiter network fabrics can deliver more than 1 Petabit/sec of total bisection bandwidth. To put this in perspective, such capacity would be enough for 100,000 servers to exchange information at 10Gb/s each, enough to read the entire scanned contents of the Library of Congress in less than 1/10th of a second.
From data centers to subsea cables, GCP connects customers in different regions around the world.
https://cloud.google.com/blog/topics/developers-practitioners/googles-subsea-fiber-optics-explained
https://cloud.google.com/blog/products/infrastructure/google-network-infrastructure-investments
GCP Network stack
https://cloud.google.com/blog/products/networking/networking-spotlight-2022
GCP networking 101
https://github.com/jesuispy/networking-101-gcp-sheet
GCP Network Options
GCP provides various Network Service Options.
GCP Network Analyzer
https://cloud.google.com/network-intelligence-center/docs/network-analyzer/overview
GCP IP and DNS
IP Addresses
https://cloud.google.com/compute/docs/ip-addresses
Unused IP addresses are charged more on GCP
https://cloud.google.com/vpc/network-pricing#ipaddress
Internal DNS
https://cloud.google.com/compute/docs/internal-dns
General Networking 101
https://www.youtube.com/watch?v=0hN-dyOV10c
OSI Model
The Open Systems Interconnection model (OSI model) is a conceptual model that characterises and standardises the communication functions of a telecommunication or computing system without regard to its underlying internal structure and technology.
Recommendation X.200 describes seven layers, labelled 1 to 7.
TCP/IP
The Internet protocol suite, commonly known as TCP/IP, is the set of communications protocols used in the Internet and similar computer networks. The current foundational protocols in the suite are the Transmission Control Protocol (TCP) and the Internet Protocol (IP).
Protocol Wars
https://wikipedia.org/wiki/Protocol_Wars
CIDR
Classless Inter-Domain Routing is a method for allocating IP addresses and for IP routing. The Internet Engineering Task Force introduced CIDR in 1993 to replace the previous classful network addressing architecture on the Internet. Its goal was to slow the growth of routing tables on routers across the Internet, and to help slow the rapid exhaustion of IPv4 addresses.
Routing
IP routing deals with routes of Internet Protocol (IP) packets within and across IP networks.
https://en.wikipedia.org/wiki/Routing_table
DNS
The Domain Name System (DNS) is a hierarchical and decentralized naming system for the Internet or a private network. It translates domain names to the numerical IP addresses.
Ethernet
Ethernet is a family of wired computer networking technologies commonly used in local area networks (LAN), metropolitan area networks (MAN), and wide area networks (WAN).
Network Switch
A network switch (also called switching hub, bridging hub, and, by the IEEE, MAC bridge) is networking hardware that connects devices on a computer network by using packet switching to receive and forward data to the destination device.
Multi-layer Switch
A multilayer switch (MLS) is a computer networking device that switches on OSI layer 2 like an ordinary network switch and provides extra functions on higher OSI layers.
Open vSwitch
Open vSwitch, sometimes abbreviated as OVS, is an open-source implementation of a distributed virtual multilayer switch.
Open Compute Project Whitebox Switches
https://www.opencompute.org/wiki/Networking/SpecsAndDesigns
Network Router
A router is a networking device that forwards data packets between computer networks. Routers perform the traffic directing functions on the Internet.
Brouter
A bridge router or brouter is a network device that works as a bridge and as a router.
Switch vs Router
https://www.guru99.com/router-vs-switch-difference.html
Routing Protocols
A routing protocol specifies how routers communicate with each other to distribute information that enables them to select routes between nodes on a computer network.
Subnetwork
A subnetwork or subnet is a logical subdivision of an IP network. The practice of dividing a network into two or more networks is called subnetting.
Network Learning Resources
CompTIA Network+ full course
https://www.youtube.com/watch?v=qiQR5rTSshw&list=RDCMUC8butISFwT-Wl7EV0hUK0BQ
Networking End to End
https://www.youtube.com/playlist?list=PLIivdWyY5sqJ0oXcnZYqOnuNRsLF9H48u
Two-Tier vs. Three Tier Architecture
Networking point of view
https://www.wwt.com/article/comparing-two-tier-three-tier-data-center-networks
Database point of view
Designing your network infrastructure
https://cloud.google.com/architecture/framework/system-design/networking
Securing your network
https://cloud.google.com/architecture/framework/security/network-security
Optimizing networking cost
https://cloud.google.com/architecture/framework/cost-optimization/networking
Network Connectivity Center
https://cloud.google.com/network-connectivity-center
Site to cloud
Automatic exchange of routes between on-premises and multiple VPCs
Transit network
https://cloud.google.com/vpc/docs/vpc-peering#transit-network
Router virtual appliance
https://cloud.google.com/network-connectivity/docs/network-connectivity-center/partners
Cloud Router
https://cloud.google.com/network-connectivity/docs/router
Site to site
Voice trading in the cloud
VPC to VPC
https://cloud.google.com/architecture/best-practices-vpc-design#connecting_multiple_networks
VPC Peering
https://cloud.google.com/vpc/docs/vpc-peering
Hybrid Connectivity
https://cloud.google.com/hybrid-connectivity
Firewall policies
https://cloud.google.com/vpc/docs/firewalls
Transit VPC
https://cloud.google.com/vpc/docs/vpc-peering#transit-network
Firewall topology to connect VPCs together
Private Google Access
https://cloud.google.com/vpc/docs/private-google-access
Network Features
CDN
Cloud CDN (Content Delivery Network) uses Google's globally distributed edge points of presence to cache external HTTP(S) load balanced content close to your users. Caching content at the edges of Google's network provides faster delivery of content to your users while reducing serving costs.
https://www.sciencedirect.com/science/article/pii/S2352864817300731
Using CDN and Load Balancing
https://www.youtube.com/watch?v=NedNhOg_TgA
Setting up Cloud CDN with backend storage bucket
Cloud CDN leverages Google Cloud global external HTTP(S) load balancers to provide routing, health checking, and Anycast IP support.
https://cloud.google.com/cdn/docs/setting-up-cdn-with-bucket
VPN
VPN extends a private network across a public network and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network.
https://en.wikipedia.org/wiki/Virtual_private_network
GCP Cloud VPN
https://cloud.google.com/network-connectivity/docs/vpn/concepts/overview
VLAN
A virtual LAN (VLAN) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer (OSI layer 2).
BGP
Border Gateway Protocol is a standardized exterior gateway protocol designed to exchange routing and reachability information among autonomous systems (AS) on the Internet. BGP is classified as a path-vector routing protocol, and it makes routing decisions based on paths, network policies, or rule sets configured by a network administrator.
https://en.wikipedia.org/wiki/Border_Gateway_Protocol
https://cloud.google.com/network-connectivity/docs/router/how-to/configuring-bgp
Path vector, Distance vector, Link state and Hybrid
https://cloud.google.com/vpc/docs/routes
https://www.techtarget.com/searchnetworking/definition/split-horizon
https://www.geeksforgeeks.org/difference-between-static-and-dynamic-routing/
MPLS
Multiprotocol Label Switching (MPLS) is a routing technique in telecommunications networks that directs data from one node to the next based on short path labels rather than long network addresses.
MPLS supports a range of access technologies, including T1/E1, ATM, Frame Relay, and DSL.
https://en.wikipedia.org/wiki/Multiprotocol_Label_Switching
https://cloud.google.com/network-connectivity/docs/interconnect/support/faq
Virtual switches and isolation
https://dl.acm.org/doi/pdf/10.1145/3229616.3229618
Hybrid Connectivity
https://cloud.google.com/hybrid-connectivity
Cloud Interconnect
Enterprise-grade connections to your Google VPC via interconnect directly to a Google location with Dedicated Interconnect, or flexible bandwidth options with Partner Interconnect.
https://cloud.google.com/network-connectivity/docs/interconnect
https://cloud.google.com/network-connectivity/docs/how-to/choose-product#cloud-interconnect
Cloud VPN
Connect your on-premises or other public cloud networks to your Google VPC securely over the internet through IPsec VPN.
https://cloud.google.com/network-connectivity/docs/vpn
Cloud Interconnect
Interconnect extends your on-premises network to Google's network through a highly available, low latency connection.
Peering with Google
If you can meet Google's requirements, connect directly with Direct Peering, or choose a partner with Carrier Peering.
https://jayendrapatil.com/google-cloud-peering/
Direct Peering
Direct Peering enables you to establish a direct peering connection between your business network and Google's edge network and exchange high-throughput cloud traffic.
https://cloud.google.com/network-connectivity/docs/direct-peering
Carrier Peering
Carrier Peering enables you to access Google applications, such as Google Workspace, by using a service provider to obtain enterprise-grade network services that connect your infrastructure to Google.
https://cloud.google.com/network-connectivity/docs/carrier-peering
VLAN and Interconnect
https://cloud.google.com/network-connectivity/docs/interconnect/support/faq#interconnect-attachments
BGP and MPLS
https://cloud.google.com/network-connectivity/docs/interconnect/support/faq#self-mpls-vpn
Network Connectivity Center
https://cloud.google.com/network-connectivity/docs/network-connectivity-center/concepts/overview
Hubs
Spokes
Cloud Load Balancing
Load Balancer distributes user traffic across multiple instances of your applications. By spreading the load, load balancing reduces the risk that your applications experience performance issues.
Assembling and managing distributed applications using Google Cloud Networking solutions
https://cloud.google.com/blog/products/networking/networking-spotlight-2022
Cloud NAT
Cloud NAT provides fully managed, software-defined network address translation support for Google Cloud.
Moving your internal services to the cloud can bring you a handful of new, useful features, but one of the biggest challenges is protecting your internal endpoints.
https://www.youtube.com/watch?v=bmaarG0IkH8
Cloud Armor
Google Cloud Armor helps protect your infrastructure and applications from distributed denial-of-service (DDoS) attacks by using Google's global infrastructure and security systems.
Setting up Cloud Armor
https://www.youtube.com/watch?v=g_c2KLpnWck
Network Intelligence Center
Network Intelligence Center provides a single console for managing Google Cloud network visibility, monitoring, and troubleshooting.
https://cloud.google.com/network-intelligence-center
Getting started with topology in network intelligence center.
https://www.youtube.com/watch?v=ID7szIL9eew
Firewall Insights
https://cloud.google.com/network-intelligence-center/docs/firewall-insights/concepts/overview
Enabling NetOps with GCP Network Topology
https://medium.com/google-cloud/enabling-netops-with-gcp-network-topology-39bd49a66a98
Network Service Tiers
Network Service Tiers lets you optimize connectivity between systems on the internet and your Google Cloud instances. Premium Tier delivers traffic on Google's premium backbone, while Standard Tier uses regular ISP networks.
https://www.youtube.com/watch?v=wsdgWGE-mwE
Network Telemetry
VPC Flow Logs records a sample of network flows sent from and received by VM instances, including instances used as GKE nodes. These logs can be used for network monitoring, forensics, real-time security analysis, and expense optimization.
https://www.youtube.com/watch?v=as9mXNEcaDo
Traffic Director
Traffic Director is GCP's fully managed traffic control plane for service mesh. With Traffic Director, you can easily deploy global load balancing across clusters and VM instances in multiple regions, offload health checking from service proxies and configure sophisticated traffic control policies.
Service Directory
Service Directory is a managed service that helps reduce the complexity of management and operations by providing a single place to publish, discover, and connect services.
https://www.youtube.com/watch?v=H9UoE_cWIEY
Network Security
Network Security consists of the policies, processes, and practices adopted to prevent, detect and monitor unauthorized access, misuse, modification, or denial of a computer network and network-accessible resources.
https://en.wikipedia.org/wiki/Network_security
LAN
A local area network (LAN) is a computer network that interconnects computers within a limited area such as a residence, school, laboratory, university campus, or office building. By contrast, a wide area network (WAN) not only covers a larger geographic distance but also generally involves leased telecommunication circuits.
Ethernet and Wi-Fi are the two most common technologies in use for local area networks. Other LAN technologies include ARCNET, Token Ring, FDDI and AppleTalk.
https://en.wikipedia.org/wiki/Local_area_network
WAN
A wide area network (WAN) is a telecommunications network that extends over a large geographic area for the primary purpose of computer networking. Wide area networks are often established with leased telecommunication circuits.
https://en.wikipedia.org/wiki/Wide_area_network
NAT
Network address translation (NAT) is a method of mapping an IP address space into another by modifying network address information in the IP header of packets while they are in transit across a traffic routing device.
https://en.wikipedia.org/wiki/Network_address_translation
Firewall
A firewall is a network security system that monitors and controls the incoming and outgoing network traffic based on predetermined security rules.
A firewall rule can contain either IPv4 or IPv6 ranges, but not both.
https://cloud.google.com/vpc/docs/using-firewalls
Netfilter
https://en.wikipedia.org/wiki/Netfilter
Underlay network
The Underlay network is closer to the physical layer. It includes switches, routers, VLANs, and so on. It is the basis on which overlay networks are built.
https://networkingnerd.net/tag/underlay-network/
Overlay network
Overlay network refers to the virtual network layer. It is designed to be highly scalable than the underlying network. For example, while VLANs in the underlying network support only 4096 identifiers, VxLAN can reach up to 16 million ones.
https://book.systemsapproach.org/applications/overlays.html
Kubernetes CNI
A CNI is a link between the container runtime (like Docker or rkt) and the network plugin. A CNI is a set of rules and Go libraries that aid in container/network-plugin integration.
All of the CNIs can be deployed by running a pod or a Daemonset that launches and manages their daemons. Let’s have a look now at the most well-known Kubernetes networking solutions.
Networking Technology
IOT Networking
There are networking technologies for IoT that allow communications between devices.
Cellular IoT networks
https://www.iotforall.com/cellular-iot-explained-nb-iot-vs-lte-m
Time Synchronization
https://www.masterclock.com/support/library/gps-network-time-synchronization
NTP
https://wikipedia.org/wiki/Network_Time_Protocol
PTP
https://wikipedia.org/wiki/Precision_Time_Protocol
Clock synchronization in distributed systems
https://www.geeksforgeeks.org/synchronization-in-distributed-systems/
Vector clock
https://wikipedia.org/wiki/Vector_clock
True time
https://cloud.google.com/spanner/docs/true-time-external-consistency
Timewarp
https://learnyousomeerlang.com/time
Plesiochronous
A plesiochronous system is one where different parts of the system are almost, but not perfectly synchronized.
Isochronous Real-time
https://profinetuniversity.com/profinet-basics/isochronous-real-time-irt-communication/
TDM
https://en.m.wikipedia.org/wiki/Time-division_multiplexing
FDM
https://en.m.wikipedia.org/wiki/Frequency-division_multiplexing
WDM
https://en.m.wikipedia.org/wiki/Wavelength-division_multiplexing
Statistical Multiplexing
https://en.m.wikipedia.org/wiki/Statistical_time-division_multiplexing
TDMA
https://en.m.wikipedia.org/wiki/Time-division_multiple_access
Packet Switching
https://en.m.wikipedia.org/wiki/Packet_switching
Circuit Switching
https://en.m.wikipedia.org/wiki/Circuit_switching
NetDevOps
https://github.com/bobbae/gcp/wiki/DevOps#netdevops
Secure voice trading in the cloud
Qwiklabs
Networking in the Google Cloud
Build and Secure Networks in Google Cloud
Network Performance and Optimization
Network Performance and Optimization
VPC Flow Logs - Analyzing Network Traffic
VPC Networks - Controlling Access