PyCon India 2025

login

Know thy packets: Demystifying network fundamentals with Scapy

In the age of high-level frameworks and AI-driven development, it's easy to treat the network as a black box. But what really happens when your Python code calls requests.get() or communicates with a microservice? What really happens, when you visit a website? This talk peels back the layers of abstraction, returning to the fundamentals of networking that power our increasingly interconnected world.

We'll embark on a journey from the familiar OSI model (remember "Please Do Not Touch Steve's Pet Alligator"?) to the observable reality of network packets. Using Python and the Scapy library, we will dissect the lifecycle of a simple web request. We'll witness the DNS lookup, the dance of the TCP handshake, the secure establishment of a TLS session, and the flow of HTTP/S data.

Forget abstract diagrams; we'll programmatically construct and inspect packets, comparing what Scapy reveals with what your browser does silently. The goal? To empower Python developers to really look at netw

  • Introduction: The "Magic" We Rely On
  • Highlight how modern development often abstracts away network details.
  • Talk about why understanding these fundamentals matters now more than ever (debugging, performance, security, interacting with AI-generated code).
  • Recalling the basics: The OSI Model & Key Players
  • A quick and engaging recap of the OSI model – focus on layers relevant to the talk
  • Introduce the core protocols we'll encounter: DNS, TCP, TLS, HTTP/S – what role does each play at a high level?
  • Scenario 1: The Browser's Journey
  • User types URL in a browser and hits Enter.
  • Show the high-level flow:
    • DNS Query/Response (getting the IP).
    • TCP Handshake (SYN, SYN-ACK, ACK).
    • TLS Handshake.
    • HTTP GET request.
    • HTTP Response.
    • TCP Connection Teardown (FIN, ACK).
  • Make the implicit "magic", explicit.
  • Scenario 2: Python & Scapy Take the Wheel
  • Objective: Replicate parts of the browser's journey using Python and Scapy to see the packets.
  • DNS with Scapy:
    • Use Scapy to craft and send a DNS query.
    • Display the raw request and response packets.
  • TCP Handshake with Scapy:
    • Briefly show how to construct SYN, ACK packets.
  • Crafting an HTTP GET Request with Scapy (over TCP):
    • Use Scapy to send a simple HTTP GET after a conceptual TCP connection.
    • Display the packet. Compare to what the browser has sent.
  • Briefly Touch on TLS (Conceptual with Scapy):
    • Crafting full TLS with raw Scapy is complex, but show where TLS packets would fit.
    • Reinforce the security aspect and what's being encrypted.
  • The broad idea is to use Scapy's dissection capabilities (packet.summary(), packet.show(), accessing specific layers like packet[IP].src) to highlight key fields and relate them back to the OSI model and protocol functions.
  • Key Takeaways & The "Why Now"
  • Demystifying what libraries like requests do.
  • Better debugging of network issues (timeouts, connectivity).
  • Understanding the actual mechanics of HTTP & HTTPS and why it's secure.
  • Foundational knowledge for working with distributed systems, cloud networking, and critically evaluating AI-suggested network solutions.
Prerequisites
  • Basic networking concepts - GET, POST requests
  • Basic knowledge of Python
 Target Audience

Intermediate