Network

Background and History of NAT NAT (Network Address Translation) is a core technology that translates between private and public IP addresses in network communications. It emerged in the mid-1990s to address the IPv4 address depletion problem and was first standardized through the IETF’s RFC 1631 document in 1994, later revised as RFC 2663 in 1999 to take its current form. The original internet design assumed all devices would have unique public IP addresses, but rapid internet expansion from the late 1980s led to the quick depletion of the 32-bit IPv4 address space (approximately 4.3 billion addresses). NAT was developed as a short-term solution to this problem and has become an essential technology forming the foundation of global network infrastructure. NAT is widely used in everything from home routers to large-scale corporate networks, cloud infrastructure, and mobile communication networks, and even with IPv6 transition underway, it continues to play an important role for legacy system support and security purposes. ...

What is ARP Spoofing? ARP Spoofing is a network attack technique that exploits structural vulnerabilities in the ARP (Address Resolution Protocol), which was standardized through RFC 826 by the IETF in 1982. The attacker sends falsified ARP messages to the network to manipulate the victim’s ARP cache table and intercept or modify normal communication flows. This attack is a form of Man-in-the-Middle (MITM) attack. It is possible because the ARP protocol prioritized efficiency over security during its design phase and did not include authentication or integrity verification mechanisms. ...

The Need for Changing MAC Address MAC address (Media Access Control address) is a unique physical address that identifies network devices. It is permanently assigned to the Network Interface Card (NIC) during manufacturing and is designed to remain unchanged. However, there are situations where you may need to temporarily or permanently change your MAC address for reasons such as security, privacy protection, bypassing network access controls, or setting up test environments. This is particularly useful when using public Wi-Fi or when you want to prevent network tracking. Most Linux distributions, including Ubuntu, provide the ability to change MAC addresses through software. This post explores how to safely and effectively change MAC addresses in Ubuntu. ...

What is a Reverse Shell? A reverse shell is an attack technique that reverses the direction of typical remote access connections. The compromised target system initiates a connection to the attacker’s system, allowing the attacker to access the target’s shell. This remote command execution mechanism exploits a fundamental characteristic of modern network security architectures. Most networks implement “block inbound, allow outbound” firewall policies, and reverse shells bypass this by having the target initiate the connection. This enables attackers to access systems behind restrictive network environments, NAT configurations, and corporate firewalls. ...

Overview In the previous post, we installed the Traefik ingress controller and configured secure access to management interfaces by separating internal and external services. This post covers how to configure DDNS and port forwarding to enable external internet access to services running in the homelab Kubernetes cluster. Network Architecture Summary First, let’s briefly summarize the network architecture configured in the previous post: Internal Load Balancer (192.168.0.200): Exposes only management interfaces like ArgoCD, Longhorn, and Traefik dashboard, accessible only from within the internal network. External Load Balancer (192.168.0.201): Exposes only public services like blogs and personal projects, accessible from the external internet through router port forwarding. ...

Overview In the previous post, we installed the Longhorn distributed storage system to build a persistent storage environment where data is retained even when pods restart or move to different nodes. This post covers installing the Traefik ingress controller on a homelab Kubernetes cluster and configuring secure access to management interfaces from the internal network. Choosing an Ingress Controller There are several methods for exposing Kubernetes services externally in a homelab environment: ...

What is NDP NDP (Neighbor Discovery Protocol) is a core protocol for IPv6 networks officially standardized in 2007 through the IETF’s RFC 4861 document. It integrates the functions of several IPv4 protocols such as ARP (Address Resolution Protocol), ICMP Router Discovery, and ICMP Redirect into one, enabling more efficient and secure network management. Operating on the basis of ICMPv6 (Internet Control Message Protocol version 6), it performs various functions including neighbor node discovery, router discovery, automatic address configuration, duplicate address detection, and path optimization. ...

What is ARP ARP (Address Resolution Protocol) is a network protocol officially standardized in 1982 through the IETF’s RFC 826 document. In TCP/IP network environments, it dynamically discovers the MAC address (physical address) corresponding to a given IP address as an address translation protocol. It operates at the boundary between Layer 2 (Data Link Layer) and Layer 3 (Network Layer) of the OSI 7-layer model, performing the core role of mapping logical addresses (IP) to physical addresses (MAC). ...

Overview When accessing websites on the internet, we use domain names instead of IP addresses. DNS (Domain Name System) is the system that translates these domain names into actual server IP addresses. Often compared to the internet’s phone book, DNS was designed by Paul Mockapetris in 1983 and has since become a core internet infrastructure. It processes billions of DNS queries daily, enabling users to access web services using intuitive domain names like www.example.com without memorizing complex IP addresses like 192.168.0.1 or 2001:4860:4860::8888. ...

Overview Network communication involves complex processes, and understanding these processes systematically requires a standardized reference model. The OSI (Open Systems Interconnection) 7-layer model is a network communication standard published by the International Organization for Standardization (ISO) in 1984. It divides communication between different systems into seven layers, defining how each layer operates independently while cooperating with others to transmit data. This model serves as a fundamental conceptual framework for network engineers and software developers to understand complex communication processes and diagnose problems. ...