Protocol by protocol
Sockets, bytes on the wire, IP, TCP, UDP, QUIC, TLS, DNS, BGP, routing, NAT, load balancing. The foundations every networking program is built on, plus the protocols that carry the bytes — with the operational details that don't make it into the textbooks. Each sub-page is a self-contained walkthrough. The early ones are for someone writing their first networking code; the later ones are for engineers running production traffic.
Twelve sub-pages. Each is a long-form walkthrough with packet captures, RFC references, and the tools network engineers actually use to debug them.
The twelve deep dives
Sockets
The API every networking program uses. Socket types, the lifecycle from socket() through close(), client vs server, blocking vs non-blocking, and the options that actually matter.
Bytes on the wire
Endianness, network byte order, htons and htonl, reading hex dumps, walking a real packet header by header. The byte-level layer underneath every protocol.
IPv4 and IPv6
Addressing, subnetting, ARP and ND, fragmentation, MTU and PMTU, the path of a packet through the kernel's network stack. The layer everything else assumes works.
TCP
The three-way handshake, the state machine, congestion control (Reno, CUBIC, BBR), the fast retransmit, the head-of-line problem. Why TIME_WAIT and CLOSE_WAIT mean different things.
UDP
A datagram, a port, a checksum. When to reach for it. How DNS, QUIC, video, and games all use the simplest transport in the IP family — and how they each rebuild reliability on top.
QUIC and HTTP/3
TCP's head-of-line problem, solved at the protocol level. Multiplexed streams, 0-RTT, connection migration, the integrated TLS handshake. What HTTP/3 actually is, on the wire.
TLS
The handshake, the certificate chain, ALPN, SNI, mTLS, session resumption, 0-RTT and its replay risks. What changed between TLS 1.2 and 1.3, and what to expect from post-quantum.
DNS
Recursive vs authoritative, zones and delegation, caching and TTLs, DNSSEC, DNS over HTTPS and TLS, anycast, EDNS Client Subnet. Most "intermittent" production stories include DNS somewhere.
BGP
Autonomous systems, route propagation, communities, policies, the global routing table. Route leaks, hijacks, RPKI. The reason the internet works at all, and the reason it occasionally doesn't.
Interior routing — OSPF and IS-IS
Link-state protocols, the SPF computation, areas and levels, ECMP, the FIB and the RIB. How routers inside a single network learn each other and recompute when something fails.
NAT and traversal
Cone, restricted-cone, port-restricted, symmetric. STUN, TURN, ICE. Hairpinning, port allocation, and the reason WebRTC needs a TURN relay even with public IPs available somewhere.
Load balancing
L4 vs L7, anycast LBs, consistent hashing, Maglev, the connection-tracking problem. How requests actually arrive at one of N backends without losing connections when backends change.