Networking Glossary – OSI Model Terms Explained

A

ACK — Acknowledgement L4: A TCP flag confirming receipt of bytes up to a given sequence number.
ACL — Access Control List: Ordered set of permit/deny rules on a router, switch or firewall that filters traffic by IP, port or other fields.
AES — Advanced Encryption Standard L6: Symmetric block cipher (128/192/256-bit keys) used by TLS, Wi-Fi (WPA2/WPA3), VPNs and disk encryption.
Anycast L3: One IP address advertised from many locations; routing delivers each request to the topologically nearest instance (used by DNS roots, CDNs).
API — Application Programming Interface L7: A defined set of endpoints/operations one program exposes to another, typically over HTTP(S) (REST, GraphQL, gRPC).
ARP — Address Resolution Protocol L2/L3: Resolves an IPv4 address to a MAC address within the local broadcast domain.
ASN — Autonomous System Number L3: A globally unique number identifying a routing domain on the internet, used by BGP.
Authentication / Authorisation L5+: AuthN proves who you are (password, certificate, MFA). AuthZ decides what you may do (roles, scopes, ACLs).

B

Bandwidth: The theoretical maximum data rate of a link, in bits per second (e.g. 1 Gbps).
BGP — Border Gateway Protocol L3: Path-vector routing protocol that exchanges reachability information between Autonomous Systems on the internet.
Bit rate: Actual rate of bits transferred over a link, often lower than the bandwidth due to overhead and contention.
Bridge L2: Layer 2 device that joins two network segments and forwards frames between them — a switch is effectively a multi-port bridge.
Broadcast L2: A frame or packet delivered to every host on a segment (MAC FF:FF:FF:FF:FF:FF, IPv4 255.255.255.255).
Broadcast domain L2: Set of devices that receive each other's Layer 2 broadcast frames (typically separated by routers/VLANs).
BSSID — Basic Service Set Identifier L2: The MAC address of a Wi-Fi access point's radio; uniquely identifies one AP within an ESS.

C

Cache: Local copy of data (DNS records, web pages, ARP entries) used to avoid repeated lookups across the network.
CDN — Content Delivery Network: Distributed network of edge servers (Cloudflare, Akamai, Fastly) that caches and serves content close to users.
Checksum: Value computed from data so the receiver can detect corruption (used in IP, TCP, UDP, Ethernet FCS, etc.).
CIDR — Classless Inter-Domain Routing L3: Notation like 192.168.0.0/24 expressing the network/host split via prefix length.
Cipher suite L6: A named combination of algorithms negotiated during a TLS handshake (e.g. TLS_AES_128_GCM_SHA256) for key exchange, encryption and integrity.
Collision L1/L2: What happens when two devices transmit on a shared medium at the same time; Ethernet hubs/half-duplex links use CSMA/CD to handle them.
Cookie L7: Small piece of state stored by the browser on behalf of a site, sent back on subsequent HTTP requests (auth, sessions, tracking).
CRC — Cyclic Redundancy Check: Family of hash-style checksums (CRC-16, CRC-32) used by Ethernet, Wi-Fi, USB and storage to detect bit errors.
CSMA/CD & CSMA/CA L2: Carrier Sense Multiple Access — with Collision Detection (Ethernet) or Collision Avoidance (Wi-Fi).

D

Datagram L3/L4: Self-contained packet sent without a prior connection (the natural PDU for IP and UDP).
DDoS — Distributed Denial of Service: Attack that floods a target with traffic from many sources to exhaust bandwidth, sockets or CPU.
Default gateway L3: The next-hop router used when no more specific route matches the destination.
DHCP — Dynamic Host Configuration Protocol L7: Automatically assigns IP addresses, subnet masks, gateways and DNS servers to clients (DORA: Discover / Offer / Request / Ack).
DMZ — Demilitarised Zone: Network segment between the internet and the internal LAN, hosting public-facing services (web, mail) under tighter firewall control.
DNS — Domain Name System L7: Translates human-readable names like example.com to IP addresses.
DNSSEC: Cryptographic signatures on DNS records that let resolvers verify a response hasn't been forged or tampered with.
DoH / DoT — DNS over HTTPS / TLS: Encrypted DNS transports that prevent on-path observers from seeing or modifying DNS lookups.
DSCP — Differentiated Services Code Point: 6-bit field in the IP header used to mark packets for QoS treatment (voice, video, best effort).

E

EAP — Extensible Authentication Protocol L2: Authentication framework used inside 802.1X (enterprise Wi-Fi/wired) with variants like EAP-TLS, PEAP and EAP-FAST.
EIGRP L3: Enhanced Interior Gateway Routing Protocol — Cisco-originated hybrid routing protocol using DUAL for loop-free paths.
Encapsulation: Wrapping data with each layer's header (and sometimes trailer) on the way down the stack.
Endpoint: The terminating device or service in a communication — a host, browser, API server, IoT device, etc.
Ephemeral port L4: Short-lived high-numbered source port (typically 49152–65535) chosen by an OS for outgoing connections.
Ethernet L2: The dominant wired LAN technology (IEEE 802.3), framing data with MAC addresses and an FCS.

F

FCS — Frame Check Sequence L2: CRC-32 trailer appended to an Ethernet frame for error detection.
Firewall: Device or software that filters traffic according to a policy — stateful firewalls track connection state, NGFWs add application awareness.
Flow control L4: Mechanism (e.g. TCP's sliding window) that prevents a fast sender from overwhelming a slow receiver.
FQDN — Fully Qualified Domain Name: A complete DNS name including all labels up to the root, e.g. www.example.com.
Fragmentation L3: Splitting an IP packet into smaller pieces because it exceeds a link's MTU; reassembled at the destination.
Frame L2: The PDU at Layer 2 — for example, an Ethernet frame.
FTP / SFTP / FTPS L7: File transfer protocols: FTP (cleartext, ports 20/21), SFTP (over SSH, port 22), FTPS (FTP + TLS).

G

Gateway: Device that bridges between networks or protocols — in IP networking, usually a router that forwards traffic off the local subnet.
GRE — Generic Routing Encapsulation L3: Tunnelling protocol that wraps arbitrary network-layer packets inside IP — commonly used to tunnel IPv4/IPv6 or build VPNs.

H

Handshake: A multi-step exchange that establishes a connection or session (e.g. TCP 3-way handshake, TLS handshake).
Hop L3: One step in a packet's journey — each router traversed counts as a hop, decrementing the IP TTL.
Host: Any device addressable on a network (laptop, server, phone, IoT thing).
HSRP / VRRP L3: First-Hop Redundancy Protocols that let multiple routers share a virtual gateway IP for seamless failover.
HTTP / HTTPS L7: HyperText Transfer Protocol; the secure variant runs over TLS (Layer 6).
HTTP/2 & HTTP/3 L7: Newer HTTP versions: HTTP/2 multiplexes binary streams over TCP; HTTP/3 runs over QUIC (UDP) for lower latency.
Hub L1: Legacy multi-port repeater that simply rebroadcasts incoming signals to every port — effectively obsolete, replaced by switches.

I

ICMP — Internet Control Message Protocol L3: Used for diagnostics (ping, traceroute) and error reporting at the IP layer.
IDS / IPS — Intrusion Detection / Prevention System: Inspects traffic for malicious patterns. IDS alerts only; IPS sits inline and can drop or reset offending flows.
IGMP — Internet Group Management Protocol L3: Lets IPv4 hosts join and leave multicast groups so routers know where to deliver multicast traffic.
IGP / EGP: Interior vs Exterior Gateway Protocols — IGPs (OSPF, IS-IS, EIGRP) run within an AS; EGPs (BGP) run between ASes.
IP — Internet Protocol L3: Provides logical addressing and best-effort packet delivery (IPv4 and IPv6).
IPsec L3: Suite that adds authentication and encryption at the IP layer (AH, ESP). Underpins many site-to-site and remote-access VPNs.
IPv4 / IPv6 L3: 32-bit (e.g. 192.0.2.1) and 128-bit (e.g. 2001:db8::1) addressing, respectively.
IS-IS L3: Intermediate System to Intermediate System — link-state IGP common in large ISP backbones, similar in spirit to OSPF.
IXP — Internet Exchange Point: Physical facility where ISPs and content networks peer directly to exchange traffic without transiting a third party.

J

Jitter: Variation in packet delay over time. Critical for VoIP/video; buffered out using a jitter buffer.
Jumbo frame L2: Ethernet frame with a payload larger than the standard 1500-byte MTU (typically up to ~9000 bytes), used in storage and data-centre fabrics.

K

Kerberos L5/L7: Ticket-based authentication protocol used in Active Directory and many enterprise environments to avoid sending passwords over the wire.
Keep-alive: Lightweight probe (TCP keep-alive, HTTP Connection: keep-alive) used to detect or hold open idle connections.

L

LACP — Link Aggregation Control Protocol L2: IEEE 802.3ad protocol that bundles multiple physical links into one logical link for bandwidth and redundancy.
LAN / WAN: Local-Area Network (one site) versus Wide-Area Network (multiple sites or the internet).
Latency: Time for a packet to travel from source to destination, usually measured in milliseconds.
Link-local L3: Addresses valid only on the local link — IPv4 169.254.0.0/16 (APIPA) and IPv6 fe80::/10.
Load balancer: Device or service that spreads incoming connections across many back-end servers — L4 (TCP/UDP) or L7 (HTTP-aware).
Loopback: The virtual interface a host uses to talk to itself — IPv4 127.0.0.0/8 (commonly 127.0.0.1) and IPv6 ::1.

M

MAC — Media Access Control address L2: 48-bit hardware address burnt in by the NIC vendor (e.g. 00:1A:2B:3C:4D:5E).
mDNS — Multicast DNS L7: Zero-configuration name resolution on local links using the .local domain (Apple Bonjour, Avahi).
MPLS — Multi-Protocol Label Switching: Forwards packets using short labels instead of IP lookups — widely used by carriers for VPNs and traffic engineering.
MSS — Maximum Segment Size L4: The largest TCP payload, usually MTU − 40 bytes (IPv4 + TCP headers).
MTU — Maximum Transmission Unit L2/L3: The largest payload a link can carry without fragmentation (standard Ethernet: 1500 bytes).
Multicast L3: One-to-many delivery to a group of subscribed hosts (IPv4 224.0.0.0/4, IPv6 ff00::/8).
Multiplexing: Carrying multiple streams over one channel — ports multiplex applications, OFDM multiplexes radio sub-carriers, HTTP/2 multiplexes requests.

N

NAT — Network Address Translation L3/L4: Rewrites IP/port information so many private hosts can share a single public address.
NDP — Neighbour Discovery Protocol L3: IPv6 equivalent of ARP plus router discovery, prefix discovery and SLAAC (RFC 4861).
NetBIOS L5: Legacy session/name service used by older Windows file sharing (NetBIOS over TCP/IP on ports 137–139).
NIC — Network Interface Card: The hardware (or virtual device) that connects a computer to a network.
NTP — Network Time Protocol L7: Synchronises clocks across the internet (UDP port 123); essential for logging, TLS certificate validity and Kerberos.

O

OAuth 2.0 L7: Delegated-authorisation framework that lets apps act on a user's behalf using access tokens, without sharing the password.
OFDM — Orthogonal Frequency-Division Multiplexing L1: Modulation scheme used by Wi-Fi, LTE, 5G that splits a signal across many narrow subcarriers.
OSPF — Open Shortest Path First L3: Link-state interior-gateway routing protocol that computes shortest paths via Dijkstra.
OUI — Organisationally Unique Identifier L2: The first 24 bits of a MAC address, assigned by the IEEE to identify the NIC vendor.

P

Packet L3: The PDU at the Network layer — e.g. an IPv4 packet.
Payload: The actual data carried inside a packet/frame/segment, excluding headers and trailers.
PDU — Protocol Data Unit: Generic name for "the unit of data at this layer" (bit, frame, packet, segment, etc.).
Ping: Diagnostic tool that sends ICMP Echo Requests and measures round-trip time and packet loss.
PoE — Power over Ethernet L1: Delivers electrical power down the same twisted-pair cable as data (IEEE 802.3af / at / bt), powering phones, APs and cameras.
Port L4: 16-bit transport identifier (0–65535) that distinguishes multiple applications on one host.
Proxy L7: Intermediary that relays requests on behalf of clients (forward proxy) or servers (reverse proxy), often adding caching, filtering or TLS termination.
Public-key cryptography: Asymmetric crypto (RSA, ECDSA, Ed25519) where a public key encrypts/verifies and a private key decrypts/signs — the basis of TLS, SSH and PKI.

Q

QoS — Quality of Service: Techniques (classification, queuing, shaping, policing, DSCP) used to prioritise latency-sensitive traffic like voice and video.
QUIC L4: Modern UDP-based transport with built-in TLS 1.3 and multiplexed streams — the foundation of HTTP/3.

R

RADIUS L7: Remote Authentication Dial-In User Service — central AAA server used by Wi-Fi, VPN and switch port authentication (802.1X).
REST L7: Architectural style for HTTP APIs based on resources, verbs (GET/POST/PUT/DELETE) and stateless requests.
RFC — Request for Comments: The IETF document series that defines internet standards (e.g. RFC 791 for IPv4, RFC 9110 for HTTP semantics).
RIP — Routing Information Protocol L3: Old distance-vector IGP using hop count as its metric (max 15). Rare today, but historically important.
Router L3: Device that forwards packets between networks based on IP destination and a routing table.
Routing table: Database of destination prefix → next-hop / interface entries used by a router or host to forward each packet.
RSTP / STP L2: (Rapid) Spanning Tree Protocol — prevents Layer 2 loops in switched networks by blocking redundant paths until needed.
RTT — Round-Trip Time: Time for a packet to go from sender to receiver and back (often measured by ping).

S

SAML L7: Security Assertion Markup Language — XML-based SSO protocol common in enterprises, often paired with identity providers like Okta or Entra ID.
SDN — Software-Defined Networking: Architecture that separates the network's control plane from the data plane, allowing centralised, programmable policy.
Segment L4: The PDU at the Transport layer (TCP segment / UDP datagram).
SIP — Session Initiation Protocol L7: Signalling protocol used to set up, modify and tear down VoIP and video calls; media usually flows over RTP.
Sliding window L4: TCP flow-control mechanism allowing multiple unacknowledged segments in flight up to the window size.
SMTP / IMAP / POP3 L7: Email protocols: SMTP sends mail (ports 25/465/587); IMAP and POP3 retrieve it from a mailbox.
SNAT / DNAT L3/L4: Source NAT rewrites the source IP/port (typical home router); Destination NAT rewrites the destination (used for port forwarding).
SNMP L7: Simple Network Management Protocol — used to poll and trap statistics and events from routers, switches and other devices (UDP 161/162).
SSH L7: Secure Shell — encrypted protocol for remote login, command execution and tunnelling (TCP port 22).
SSID — Service Set Identifier L2: The human-readable name of a Wi-Fi network broadcast by an access point.
Stateful vs Stateless: Stateful devices/protocols remember context across messages (TCP, firewalls with connection tracking); stateless ones don't (UDP, HTTP request-by-request).
Subnet mask L3: Marks which bits of an IP address belong to the network vs the host (e.g. 255.255.255.0 = /24).
Switch L2: Device that learns MAC addresses and forwards frames only out the relevant port.

T

TCP — Transmission Control Protocol L4: Connection-oriented, reliable, ordered byte-stream protocol with flow and congestion control.
Telnet L7: Cleartext remote-terminal protocol (port 23). Long obsolete for management — superseded by SSH — still occasionally used for port testing.
Three-way handshake L4: TCP connection setup: SYN → SYN/ACK → ACK. Synchronises sequence numbers in both directions.
Throughput: Actual measured data rate of a link or flow, accounting for overhead, congestion and loss — always ≤ bandwidth.
TLS — Transport Layer Security L6: Cryptographic protocol that encrypts/authenticates traffic (powers HTTPS and many others).
Topology: The shape of a network's connections — physical (bus, star, ring, mesh) or logical (broadcast domain, routing graph).
Traceroute / tracert: Diagnostic tool that maps the routers between you and a destination by sending packets with increasing TTLs and watching the ICMP "time exceeded" replies.
Trunk L2: Switch port that carries multiple VLANs tagged with 802.1Q headers — used between switches and to VLAN-aware servers.
TTL — Time To Live L3: IP header field decremented at each router; a packet is dropped when TTL reaches 0.

U

UDP — User Datagram Protocol L4: Connectionless, best-effort transport with minimal overhead. Used by DNS, DHCP, VoIP, games.
Unicast: One-to-one delivery to a single specific host — the default for most traffic.
URI / URL: Uniform Resource Identifier identifies a resource; a URL also tells you how to locate it (e.g. https://example.com/page).

V

VLAN — Virtual LAN L2: Logical segmentation of a physical switch into multiple isolated broadcast domains (IEEE 802.1Q).
VoIP — Voice over IP L7: Carrying voice calls over IP networks, typically signalled by SIP and transported by RTP/SRTP.
VPN — Virtual Private Network: Tunnel that carries traffic securely across an untrusted network (e.g. IPsec, WireGuard, OpenVPN).
VRRP L3: Virtual Router Redundancy Protocol — IETF standard alternative to HSRP for first-hop gateway failover.

W

WebSocket L7: Full-duplex protocol layered over HTTP that lets browsers and servers exchange messages in real time (chat, live dashboards, games).
Wi-Fi L1/L2: IEEE 802.11 family of wireless LAN standards (Wi-Fi 6 = 802.11ax, Wi-Fi 7 = 802.11be).
WireGuard: Modern, compact VPN protocol using state-of-the-art cryptography; runs in the Linux kernel and on every major platform.
Wireshark: Free open-source packet analyser used to capture and inspect traffic at any layer.
WPA2 / WPA3 L2: Wi-Fi Protected Access — the security suites that protect Wi-Fi traffic (WPA3 added SAE for stronger password handshakes).

X

X.509: The certificate format used by TLS, S/MIME and most PKI — binds a public key to a subject through a signed chain of trust.