๐ Day 43: DNS, DHCP, NAT & Firewall Basics
Ritesh Singh
Welcome to Day 43 of my Networking & Security journey! ๐ Today, I explored four core networking concepts that power the internet and practiced firewall configuration hands-on.
๐ 1. DNS (Domain Name System)
Definition: DNS translates human-readable domain names (e.g.,
google.com) into IP addresses (e.g.,142.250.182.78) so computers can communicate.How it works:
You type
example.comin a browser.A DNS resolver queries a DNS server.
The server responds with the correct IP address.
Your browser connects to that IP.
๐ Types of DNS Records:
A Record: Maps a domain โ IPv4 address.
AAAA Record: Maps a domain โ IPv6 address.
CNAME: Alias for another domain.
MX Record: Mail exchange (used for email).
๐ก Analogy: Think of DNS as the phonebook of the internet.
๐ก 2. DHCP (Dynamic Host Configuration Protocol)
Definition: A network protocol that automatically assigns IP addresses and other network settings to devices.
Why itโs needed: Without DHCP, every device would need to be manually configured.
How it works (DORA Process):
Discover โ Client broadcasts to find DHCP server.
Offer โ DHCP server replies with an available IP.
Request โ Client requests the offered IP.
Acknowledge โ DHCP server confirms the assignment.
๐ก Analogy: Imagine entering a parking lot where the guard (DHCP server) assigns you an empty parking spot (IP address).
๐ 3. NAT (Network Address Translation)
Definition: NAT allows multiple devices in a private network (e.g.,
192.168.x.x) to share a single public IP when accessing the internet.Types of NAT:
Static NAT: One private โ One public IP.
Dynamic NAT: Many private โ Many public IPs (from a pool).
PAT (Port Address Translation): Many private โ One public IP (most common, e.g., your home Wi-Fi).
๐ก Real-life Example: Your home Wi-Fi has multiple devices, but the ISP sees only one public IP.
๐ฅ 4. Firewalls
A firewall is a security system that monitors and controls incoming and outgoing traffic based on defined rules.
Types of Firewalls:
Hardware Firewall: Dedicated device (e.g., routers with firewall).
Software Firewall: Installed on operating systems (Linux
ufw,iptables).
๐ก Analogy: Think of a firewall as a security guard who checks ID cards before letting people (packets) enter a building (network).
๐ Hands-on Practice
Using ufw (Uncomplicated Firewall)
# Enable UFW
sudo ufw enable
# Check status
sudo ufw status verbose
# Allow SSH (port 22)
sudo ufw allow 22
# Allow HTTP (port 80)
sudo ufw allow 80/tcp
# Deny a specific port (e.g., 23 - Telnet)
sudo ufw deny 23
# Delete a rule
sudo ufw delete allow 80/tcp
Using iptables (Advanced Firewall Rules)
View existing rules
sudo iptables -L -v
Allow incoming HTTP traffic (port 80)
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
Block incoming traffic from a specific IP
sudo iptables -A INPUT -s 192.168.1.100 -j DROP
Allow SSH from a specific subnet
sudo iptables -A INPUT -p tcp -s 192.168.1.0/24 --dport 22 -j ACCEPT
Drop all incoming connections by default
sudo iptables -P INPUT DROP
Save iptables rules (Debian/Ubuntu)
sudo sh -c "iptables-save > /etc/iptables/rules.v4"
๐จโ๐ป Author
Ritesh Singh
๐ LinkedIn | ๐ Hashnode | GitHub
#100DaysOfDevOps #CICD #GitHubActions #DevOps #Beginner #100DaysOfDevOps #Networking #Security #Linux #CloudComputing #Firewalls #DNS #DHCP #NAT
Subscribe to my newsletter
Read articles from Ritesh Singh directly inside your inbox. Subscribe to the newsletter, and don't miss out.
Written by
Ritesh Singh
Ritesh Singh
Hi, Iโm Ritesh ๐ Iโm on a mission to become a DevOps Engineer โ and Iโm learning in public every single day.With a full-time commitment of 8โ10 hours daily, Iโm building skills in: โ Linuxโ Git & GitHubโ Docker & Kubernetesโ AWS EC2, S3โ Jenkins, GitHub Actionsโ Terraform, Prometheus, Grafana I post daily blogs on Hashnode, push projects to GitHub, and stay active on LinkedIn and Twitter/X. Letโs connect, collaborate, and grow together ๐ #100DaysOfDevOps #LearningInPublic #DevOps