Network

Background and History of NAT NAT (Network Address Translation) is a core technology that translates between private and public IP addresses in network communications. It emerged in the mid-1990s as a response to IPv4 address depletion. The first standard appeared in RFC 1631 in 1994, and RFC 2663 revised the concept into its current form in 1999. The early internet assumed that every device would have a unique public IP address, but rapid growth from the late 1980s quickly exhausted the 32-bit IPv4 address space of about 4.3 billion addresses. Although NAT began as a short-term workaround, it became a foundational part of global network infrastructure. It is now used everywhere from home routers to large corporate networks, cloud infrastructure, and mobile communication networks. Even as IPv6 adoption continues, NAT still plays an important role in legacy system support and security. ...

What is ARP Spoofing? ARP Spoofing is a network attack technique that exploits structural vulnerabilities in the ARP (Address Resolution Protocol), which was standardized through RFC 826 by the IETF in 1982. The attacker sends falsified ARP messages to the network to manipulate the victim’s ARP cache table and intercept or modify normal communication flows. This attack is a form of Man-in-the-Middle (MITM) attack. It is possible because the ARP protocol prioritized efficiency over security during its design phase and did not include authentication or integrity verification mechanisms. ...

The Need for Changing MAC Address A MAC address (Media Access Control address) is a unique hardware address that identifies a network device. It is assigned to the Network Interface Card (NIC) during manufacturing, but it can still be changed through software when needed. This can be useful for privacy, security, bypassing network access controls, or setting up test environments. It is especially helpful on public Wi-Fi or when you want to reduce network tracking. Most Linux distributions, including Ubuntu, let you change MAC addresses through software. This post explains how to do it safely and effectively in Ubuntu. ...

What is a Reverse Shell? A reverse shell is an attack technique that reverses the direction of typical remote access connections. The compromised target system initiates a connection to the attacker’s system, allowing the attacker to access the target’s shell. This remote command execution mechanism exploits a fundamental characteristic of modern network security architectures. Most networks implement “block inbound, allow outbound” firewall policies, and reverse shells bypass this by having the target initiate the connection. This enables attackers to access systems behind restrictive network environments, NAT configurations, and corporate firewalls. ...

Overview In the previous post, we installed the Traefik ingress controller and configured secure access to management interfaces by separating internal and external services. This post covers how to configure DDNS and port forwarding to enable external internet access to services running in the homelab Kubernetes cluster. Network Architecture Summary First, let’s briefly summarize the network architecture configured in the previous post: Internal Load Balancer (192.168.0.200): Exposes only management interfaces like ArgoCD, Longhorn, and Traefik dashboard, accessible only from within the internal network. External Load Balancer (192.168.0.201): Exposes only public services like blogs and personal projects, accessible from the external internet through router port forwarding. ...

Overview In the previous post, we installed the Longhorn distributed storage system to build a persistent storage environment where data is retained even when pods restart or move to different nodes. This post covers installing the Traefik ingress controller on a homelab Kubernetes cluster and configuring secure access to management interfaces from the internal network. Choosing an Ingress Controller There are several methods for exposing Kubernetes services externally in a homelab environment: ...

What is NDP NDP (Neighbor Discovery Protocol) is a core IPv6 protocol defined in RFC 4861. It combines the roles of several IPv4-era mechanisms such as ARP (Address Resolution Protocol), ICMP Router Discovery, and ICMP Redirect into a single protocol, making IPv6 network management more consistent and efficient. Built on ICMPv6 (Internet Control Message Protocol version 6), it handles functions such as neighbor discovery, router discovery, automatic address configuration, duplicate address detection, and path optimization. ...

What is ARP ARP (Address Resolution Protocol) is a network protocol defined in RFC 826 by the IETF in 1982. In TCP/IP networks, it dynamically discovers the MAC address (physical address) associated with a given IP address. It sits at the boundary between Layer 2 (Data Link Layer) and Layer 3 (Network Layer) of the OSI 7-layer model and maps logical addresses (IP) to physical addresses (MAC). In network communication, actual data transmission between devices relies on MAC addresses. The upper layer (Network Layer) works with IP addresses, but the lower layer (Data Link Layer) needs the destination’s MAC address to send packets. ARP performs this IP-to-MAC conversion. It broadcasts a query across the network, and only the device that owns the target IP responds. Because of this, ARP is an essential protocol in most local network environments, including Ethernet networks. ...

Overview When accessing websites on the internet, we use domain names instead of IP addresses. DNS (Domain Name System) is the system that translates these domain names into actual server IP addresses. Often compared to the internet’s phone book, DNS was designed by Paul Mockapetris in 1983 and has since become a core internet infrastructure. It processes billions of DNS queries daily, enabling users to access web services using intuitive domain names like www.example.com without memorizing complex IP addresses like 192.168.0.1 or 2001:4860:4860::8888. ...

Overview Network communication involves many interacting processes, and making sense of them requires a standardized reference model. The OSI (Open Systems Interconnection) 7-layer model is a network communication standard published by the International Organization for Standardization (ISO) in 1984. It divides communication between different systems into seven layers, defining how each layer operates independently while cooperating with others to transmit data. This model serves as a fundamental conceptual framework for network engineers and software developers to understand communication processes and diagnose problems. ...