Chapter 1 — Introduction to Latest Networking Technologies

Networking, as a discipline, is now in its second major reinvention. The first reinvention moved the world from circuit-switched telephone exchanges to packet-switched data networks between roughly 1970 and 2000. The second is moving the world from fixed-function, vendor-locked, hardware-defined networks to programmable, virtualised, software-defined networks that carry an order of magnitude more devices than there are humans. This chapter establishes the ground that the rest of the subject builds on — what changed, what is driving the change, the reference architectures still used to reason about networks, and the bodies that decide what gets standardised.

1.1 Evolution of latest networking technologies

From the telephone network to the public internet

For almost a century, "the network" meant the Public Switched Telephone Network (PSTN) — a global circuit-switched system where a physical or logical path was reserved end-to-end for the entire duration of a call. The path was dedicated, the bandwidth fixed at 64 kbps per voice channel, the routing decisions made once at call-setup time. This worked beautifully for voice. It scaled poorly to data, which is bursty by nature — a user reading a webpage produces no traffic for seconds at a time, then a burst, then nothing again. Reserving a circuit for that kind of traffic wastes capacity.

The shift began with the ARPANET in 1969, which carried the first packet-switched traffic between four U.S. university nodes. The crucial idea was that data could be cut into small independent packets, each one carrying its own destination address, and each packet routed independently across whatever path was free at that moment. The same physical link could carry packets belonging to many different conversations at once. By 1983, ARPANET migrated from the older NCP protocol to TCP/IP, and that date is the cleanest birthday for the Internet as we know it.

Between 1983 and the mid-1990s the Internet grew quietly inside research and military networks. The arrival of the World Wide Web in 1991, commercial ISPs from 1993 onward, and the dot-com expansion of the late 1990s turned the Internet into mass infrastructure. By the late 1990s most enterprises ran Ethernet LANs internally and leased lines or frame-relay links externally. Routers were specialised hardware boxes from a small number of vendors — Cisco, Juniper, Nortel, Huawei later — and the control logic for each box ran on the box itself.

From wired and fixed to wireless and mobile

Through the 2000s and 2010s the centre of gravity moved from wired desktops to wireless and mobile devices. Three threads ran in parallel:

Wi-Fi evolved from the 2 Mbps 802.11 of 1997, through 11b, 11g, 11n, 11ac to current 11ax (Wi-Fi 6/6E) and 11be (Wi-Fi 7) standards, with each generation roughly multiplying throughput while adding better support for many devices sharing the same airtime.

Cellular mobile networks went through clean generational steps. 1G was analogue voice. 2G (GSM, CDMA) added digital voice and the SMS. 3G (UMTS, HSPA, CDMA2000) brought meaningful mobile data. 4G LTE moved the mobile network to an all-IP architecture, killing the circuit-switched voice core in favour of Voice over LTE. 5G, standardised by 3GPP from Release 15 onward, is the first generation designed not just for human smartphones but for three distinct service classes — high-bandwidth video (eMBB), ultra-low-latency control (URLLC) for industrial use, and massive numbers of low-power IoT devices (mMTC).

Nepal followed this curve with a familiar lag. Nepal Telecom launched GSM service in 1999, 3G in 2007, 4G LTE in 2017, and ran its first 5G trial site in February 2023. Ncell launched commercial 4G in 2017 and ran 5G trials in 2023. Mobile broadband subscribers in Nepal crossed 90% population penetration by the mid-2020s, well ahead of fixed broadband.

From hardware-defined to software-defined

The third and most recent reinvention is the move from networks built out of fixed-function hardware boxes to networks built out of software running on commodity servers and programmable switches. The trigger was scale. By around 2010, large cloud operators — Google, Amazon, Microsoft, Facebook — were running data centres with hundreds of thousands of servers, and the old model of buying expensive proprietary routers, configuring each one by hand, and waiting for the vendor's next firmware release was breaking them operationally and financially.

The answer was Software-Defined Networking (SDN) — separate the decision-making (control plane) from the packet-forwarding (data plane), centralise the control plane in software, and let the data plane be cheap commodity switches that take their forwarding tables from the central controller. The Stanford-led OpenFlow protocol of 2008–2011 gave this architecture a standard interface, and Google's B4 wide-area network deployment in 2013 proved it worked at planetary scale.

Network Function Virtualization (NFV), driven by a 2012 European telecom operators' white paper, applied the same logic to middleboxes — firewalls, load balancers, NATs, deep packet inspection appliances, mobile-core elements. Instead of buying a dedicated hardware appliance for each function, run the function as a virtual machine or container on a generic x86 server. By the late 2010s the major telecom operators had begun moving their mobile-core packet gateways into virtualised, then containerised, then cloud-native form factors. Chapter 4 covers SDN and NFV in depth.

From scarce addresses to abundant addresses

The original IPv4 address space — 32 bits, about 4.3 billion addresses — was generous for an experimental research network of a few hundred hosts. It is nowhere near enough for a world with 18+ billion connected devices. IANA ran out of fresh IPv4 blocks to allocate to the regional registries in February 2011. APNIC, the regional registry covering Nepal, ran out of its general IPv4 pool in April 2011 and has been operating on a one-/22-per-new-member rationing scheme since.

The long-term answer is IPv6, with a 128-bit address space large enough that every grain of sand on Earth could have several billion addresses. IPv6 has been an IETF Standard since RFC 8200 (2017), but adoption is slow because of inertia in old equipment and the temporary relief offered by Network Address Translation (NAT). Nepal's IPv6 adoption rate at the ISP level remained below 5% for most of the 2020s, well behind India (~80% in 2025) and the global average (~45% by mid-2025). Chapter 2 covers IPv6 in depth.

From devices to things, and from cloud to edge

By the mid-2010s the assumption that "a network endpoint is a computer used by a human" no longer held. The Internet of Things (IoT) — sensors, actuators, smart meters, vehicle telematics, agricultural moisture probes, hospital patient monitors — produced more endpoints than humans by around 2018, and is projected to reach 25–30 billion devices by the late 2020s. Most of these devices have tiny CPUs, tiny batteries, and intermittent connectivity, which forced new protocols (CoAP, MQTT, LoRaWAN, NB-IoT) and new architectures (gateway-mediated, mesh-based).

The volume of data produced by these devices, plus the latency demands of real-time applications like industrial automation and augmented reality, broke the assumption that all interesting computation happens in a far-away cloud data centre. Edge computing pushes computation to small data centres physically close to the user or device — at the cell tower, in the factory building, at the ISP's regional point of presence. A self-driving car cannot wait 80 ms for a decision from a cloud in Singapore; it needs the decision within 1–2 ms from a server within a few kilometres. Chapter 5 covers IoT and edge computing in depth.

From defended perimeters to zero trust

For most of the Internet's history, security was a matter of defending a perimeter. Inside the corporate firewall, traffic was trusted; outside, it was not. The model worked when "inside" meant a building with a fixed cable plant and known users. It collapsed once employees worked from home, applications moved to cloud SaaS providers, mobile devices roamed across networks, and supply-chain attackers walked in through a trusted vendor's signed update.

The replacement model is zero trust — never trust by location, always verify by cryptographic identity. Every request is authenticated and authorised regardless of whether the source is inside or outside the corporate network. NIST formalised the framework in SP 800-207 (2020), and a U.S. federal executive order in 2021 mandated zero-trust architecture for federal agencies. Chapter 6 returns to this in the context of next-generation security.

What the next decade looks like

Several threads are clearly visible at the time of writing:

• 6G standardisation is in progress at 3GPP and ITU-R IMT-2030, with first commercial deployments expected around 2028–2030. The headline targets are sub-millisecond latency and integrated sensing-and-communication, where the radio signal simultaneously carries data and senses the physical environment.
• AI/ML in networks is moving from monitoring-and-alerting (anomaly detection in flow data) to active control (RL-trained agents choosing routes, allocating spectrum, deciding when to scale a virtual network function).
• Quantum networking — using entangled photons to distribute cryptographic keys with information-theoretic security — has moved from laboratory benches to fibre testbeds linking metropolitan distances. Pan-Asian and pan-European quantum-network projects are in pilot stages.
• Intent-Based Networking (IBN) abstracts configuration upward: the operator declares the desired outcome ("Branch X must reach the CRM with under 50 ms latency and TLS-encrypted") and the controller works out the device-level configuration.

Chapters 4, 5 and 6 cover these in detail.

1.2 Drivers of latest networking technologies

The forces pushing the network towards its current shape are not technical curiosities — they are pressures from outside the network that the network must adapt to. Each driver here is responsible for at least one named technology in the syllabus that follows.

Traffic volume and asymmetry

Global IP traffic has been roughly doubling every two to three years for two decades. Video accounts for over 80% of that traffic. The traffic is also strongly asymmetric — a streaming user pulls 10 Mbps of video down for every few kbps of control traffic up. This asymmetry breaks any architecture that assumed equal uplink and downlink, which is why DOCSIS, ADSL, and earlier mobile data standards all evolved away from symmetric design.

A single hour of 4K Netflix streaming consumes more data than a year of casual 1990s web browsing. When a popular series releases on a Friday night across Nepal, the upstream peering capacity at NPIX and the international upstream from Nepal to India sees a clear and predictable peak. ISPs in Nepal cache popular video content locally through Netflix Open Connect, Google Global Cache and Akamai nodes to keep this traffic off the expensive international link.

Latency-sensitive applications

Many of the applications that now define commercial value cannot tolerate the 100–300 ms round-trip that an ordinary trans-continental TCP path produces. A cloud-gaming session feels broken above 50 ms. An augmented-reality overlay on a surgeon's microscope is unusable above about 20 ms. A factory robot arm following a vision-based control loop needs sub-millisecond cycle times. The mobile-network response — URLLC in 5G, multi-access edge computing (MEC), local breakout to nearby edge sites — exists to meet these numbers.

Device count and addressing pressure

There were about 4 billion connected devices globally in 2015. There were about 18 billion by 2024. The forecast is 30+ billion by 2030. The IPv4 address space cannot represent this number even with aggressive NAT. The medium-term answer is IPv6, with its 128-bit space. The short-term answer has been Carrier-Grade NAT (CGN) — also called CGNAT or NAT444 — where the ISP shares a single public IPv4 address across hundreds of subscribers. CGN works but it breaks many protocols that assume an end-to-end address, including some IoT registration flows, peer-to-peer voice calls, certain online games, and abuse-tracking by law enforcement.

WorldLink, Vianet, Subisu, and NTC's FTTH service in Nepal all operate behind CGN for residential subscribers. The push to deploy native IPv6 on home connections is partly to relieve this CGN burden.

Operator cost and operational agility

Telecom operators were paying premium prices for proprietary middleboxes — a vendor's specialised firewall, a different vendor's specialised broadband network gateway, a third vendor's specialised mobile-packet gateway. Each box had its own management interface, its own software-update cycle, its own training requirement. NFV's appeal to operators was largely economic: replace the specialised hardware with VNFs (virtual network functions) on standard servers, manage them with the same orchestration system used for cloud workloads, and reduce both capital expenditure and the operations burden.

A second part of the agility driver is time-to-market. Spinning up a new service — a new private APN for an enterprise customer, a new content-filtering profile for a school network, a new traffic-shaping policy for a streaming partner — used to require change-control across multiple device classes and could take weeks. With SDN and NFV, the same change can be a software deployment that takes minutes.

Programmability and democratisation

Networks were once configured by typing commands at a CLI on a router, one device at a time. This worked at small scale. It does not work for a hyperscale data centre with 100,000 switches. The industry moved through three programmability waves:

1. Configuration as code — Ansible, Salt, Puppet pushing CLI commands through SSH.
2. Model-driven configuration — NETCONF/YANG, OpenConfig, where the device exposes its configuration as a structured data model.
3. Programmable data planes — P4 and similar languages, where the operator describes how the switch should parse and forward packets, and the description is compiled to silicon. Chapter 4 covers P4 in detail.

Security and trust failures

Every major shift in network architecture also responded to a security failure. The widespread loss of trust in the network perimeter, driven by years of breaches that started from a single compromised laptop inside the office, produced the zero-trust movement. The exposure of unencrypted DNS queries to surveillance and tampering produced DNS-over-HTTPS and DNS-over-TLS. The fact that BGP can be hijacked to redirect global traffic produced RPKI and BGP route origin validation. Chapter 6 deals with the security side of the latest networking environment.

Energy and sustainability

A single hyperscale data centre can draw 100+ megawatts. Globally, data centres and networks together account for roughly 2–3% of electricity demand. As the network grows, energy per bit must come down. Optical networks, more efficient radio access, sleep modes in base stations during low-load hours, and locating data centres in cold climates or near renewable generation all flow from this driver. Nepal Telecom and the NEA have explored hydro-powered data centres as a value proposition for hosting workloads regionally, given Nepal's hydroelectric resource.

New application classes

Smart cities, connected vehicles, telemedicine, precision agriculture, smart grid management — each of these brings its own network demands. A precision agriculture deployment in the Terai might use LoRaWAN to collect soil-moisture readings from thousands of sensors over kilometres, with each sensor running for years on a small battery. A telemedicine link from a district hospital in Karnali to a tertiary hospital in Kathmandu needs reliable bandwidth and low latency for high-resolution imagery during a remote consultation. The two have nothing in common technically; the network must serve both.

1.3 OSI and TCP/IP reference models

A reference model is not a protocol. It is a layered way of describing what a network is supposed to do, separating functions into stacked layers so that each layer talks only to the layer immediately above and below. This separation lets engineers replace one layer's protocol without rebuilding the others — fibre can replace copper at Layer 1 without touching the IP at Layer 3.

The OSI reference model

The OSI (Open Systems Interconnection) reference model is a seven-layer conceptual framework, published by ISO as ISO/IEC 7498-1 in 1984, that decomposes the work of network communication into Physical, Data Link, Network, Transport, Session, Presentation, and Application layers, each providing well-defined services to the layer above.

The seven layers, from bottom to top:

Layer 1 — Physical. Moves raw bits across a physical medium. Defines voltages, light pulses, radio frequencies, cable pinouts, connector shapes. Examples: 1000BASE-T over Cat-6 copper, 10GBASE-LR over single-mode fibre, the OFDM radio waveform of LTE and 5G NR.

Layer 2 — Data Link. Moves frames between two directly connected nodes. Handles framing (where does one frame start and end), physical addressing (MAC addresses), error detection on a per-frame basis, and access to the shared medium where one exists. Examples: Ethernet, Wi-Fi (802.11 MAC), PPP, HDLC. Switches operate at this layer.

Layer 3 — Network. Moves packets between hosts that are not directly connected, possibly across many intermediate networks. Handles logical addressing (IP addresses), routing, fragmentation where needed. Examples: IPv4, IPv6, ICMP, IPsec at the network layer. Routers operate here.

Layer 4 — Transport. Provides end-to-end communication between processes on hosts. Handles segmentation of long messages, reassembly at the far end, reliability (or its deliberate absence), flow control, port-based multiplexing. Examples: TCP, UDP, SCTP, QUIC (which is technically transport over UDP).

Layer 5 — Session. Establishes, manages, and tears down sessions between applications. Handles dialogue control (who sends when), checkpointing, recovery from connection loss. Examples in practice: RPC frameworks, SQL session management, parts of SIP and NetBIOS. In real implementations this layer is often blurred into Layers 4 or 7.

Layer 6 — Presentation. Translates between the application's data representation and a wire format. Handles character encoding (ASCII vs UTF-8), compression, and encryption in some implementations. Examples: TLS encryption is often placed here conceptually, even though it runs above TCP; MIME type negotiation; XML/JSON serialisation.

Layer 7 — Application. The protocols that applications actually speak. Examples: HTTP, SMTP, IMAP, DNS, FTP, SSH, BGP (an application from the OSI viewpoint), MQTT, SIP.

The mnemonic "Please Do Not Throw Sausage Pizza Away" (bottom-up) or "All People Seem To Need Data Processing" (top-down) is the standard student aid.

The TCP/IP reference model

The TCP/IP reference model is the four-layer descriptive model — Network Access, Internet, Transport, and Application — that grew alongside the actual TCP/IP protocols deployed on the Internet, with each layer corresponding to the layer (or group of OSI layers) where the protocols of the real Internet operate.

The TCP/IP model has four layers — though some textbooks split the bottom layer into two and present it as five. From bottom to top:

Network Access (or Link) layer. Combines OSI's Physical and Data Link. Whatever it takes to put an IP packet on the wire and get it to the next hop. Ethernet, Wi-Fi, PPP, the 5G New Radio's data-link function all fall here.

Internet layer. OSI's Network layer. IP (v4 or v6), ICMP, IGMP, IPsec.

Transport layer. OSI's Transport. TCP, UDP, QUIC.

Application layer. Everything from OSI Layer 5 upward — Session, Presentation, Application functions are not separated. HTTP, DNS, SMTP, TLS (because TLS is implemented inside applications as a library), SSH, BGP, SIP, MQTT.

Why two models, and which to use

The OSI model was designed by an international standards committee in the early 1980s as a clean engineering blueprint. It was never widely deployed in its full seven-layer form. The TCP/IP suite was designed by the U.S. military and academic researchers in the 1970s as a working system, and it ran on every Internet host. The OSI model survived because its layering vocabulary is precise and teachable — saying "Layer 2 switch" or "Layer 7 firewall" communicates exactly which functions the box implements.

In practice, engineers use OSI vocabulary to describe what a device does, and TCP/IP to describe how the protocols actually fit together. A modern descriptive answer is expected to know both, to explain their differences, and to map specific protocols onto each.

	OSI (1984)	TCP/IP (deployed)
Layers	7	4 (sometimes 5)
Origin	ISO committee, top-down design	DARPA/research community, bottom-up evolution
Status	Reference model, conceptual	Reference model, matches real protocols
Transport	Connection-oriented assumed	Both TCP (connection-oriented) and UDP (connectionless)
Layer 5/6	Session, Presentation separated	Folded into Application
Network layer	Multiple network-layer protocols anticipated	IP is the single internetwork protocol
Practical use	Vocabulary for describing devices and functions	Vocabulary for describing the protocol stack

A worked walk-through: typing a URL into a browser

Trace what happens when a user in Kathmandu types https://nrb.org.np into Chrome:

1. Application layer: Chrome wants to fetch a webpage over HTTPS. It calls the OS to open a TCP connection to nrb.org.np on port 443.
2. DNS lookup: Before the TCP connection, the OS resolves nrb.org.np to an IP address. The DNS query is a UDP message (or DoH/DoT in modern setups) to the configured resolver — perhaps the WorldLink resolver at the user's home.
3. Transport layer: With the IP address known, the OS opens a TCP connection. The three-way handshake (SYN, SYN-ACK, ACK) sets up the connection.
4. Network layer: Each TCP segment is wrapped in an IP packet with source IP (the user's address) and destination IP (the NRB server). The packet's TTL is decremented at each router hop.
5. Data Link layer: On the user's home network the IP packet is wrapped in an Ethernet or Wi-Fi frame addressed to the home router's MAC. The home router unwraps the frame, looks up its next hop, and re-wraps the packet in a new frame addressed to the upstream WorldLink router.
6. Physical layer: The frame becomes a sequence of electrical or optical or radio signals on the medium.
7. At the other end: The server peels each layer off in reverse. The application data (the encrypted HTTPS request) is delivered to the NRB web server.

This walk-through is the canonical way to demonstrate that you understand layering — what is added by each layer on the way down, what is stripped off on the way up.

Encapsulation

Each layer adds its own header (and sometimes a trailer) to the data it received from the layer above. The result is a nested structure: by the time a typical HTTP request hits the wire, it looks like:

[ Ethernet Header | IP Header | TCP Header | TLS Record | HTTP Request | TLS MAC | Ethernet FCS ]

This nesting is what allows the engineering principle of layer independence — TCP does not care whether it is running over Ethernet, Wi-Fi, fibre, or a satellite link, because it sees only IP below it.

1.4 Network and Internet governing bodies

The Internet is not run by any single organisation. It is governed by a small constellation of bodies, each responsible for a specific category of decision. Understanding who decides what is part of literacy in this field — a question about why a particular protocol behaves a particular way often resolves to "because RFC ____" and a question about why a country has a certain block of IP addresses resolves to "because IANA allocated it to APNIC, which sub-allocated it to NTA / a Nepali ISP."

IETF — Internet Engineering Task Force

The IETF is an open, voluntary, international standards body that develops and publishes the technical specifications of the Internet's protocols as Request for Comments (RFC) documents, operating under the principle of "rough consensus and running code."

The IETF is the body that designs Internet protocols. TCP, IP, IPv6, HTTP, DNS, BGP, TLS, OAuth, QUIC, MPLS — every one of these is an IETF specification. The IETF was formed in 1986 and is administratively housed under the Internet Society (ISOC) and now the IETF Administration LLC.

Three structural points are worth knowing for a descriptive answer.

First, the RFC series is the IETF's output. An RFC is a numbered document — RFC 791 defined IPv4, RFC 8200 defines current IPv6, RFC 8446 defines TLS 1.3, RFC 9293 is the latest TCP specification. RFCs come in several statuses — Standard, Proposed Standard, Internet Standard, Best Current Practice, Informational, Experimental, Historic. Despite the name, an RFC is not a draft you can comment on — once published, the number and content are fixed forever.

Second, the IETF works through Working Groups (WGs) organised by Area. Each WG focuses on one problem space — for example the QUIC WG, the IPv6 Maintenance WG, the SIDR WG (BGP security). Anyone can join the mailing list and contribute. There is no membership fee. There are no national delegations.

Third, the operating principle is rough consensus and running code. The body avoids formal voting. A decision is taken when the room (or mailing list) does not have substantive remaining objections, and when working code has demonstrated the design is implementable.

The IETF meets three times a year in person — once each in Asia, Europe, and the Americas — but most work happens on mailing lists.

IANA — Internet Assigned Numbers Authority

IANA is the technical function, operated since 2016 by the Public Technical Identifiers (PTI) affiliate of ICANN, responsible for coordinating the globally unique values used by Internet protocols — including IP address blocks, autonomous system numbers, DNS root zone, and protocol port numbers.

IANA does not design protocols. It allocates the numbers the protocols use. There are three big categories of IANA-administered numbers:

Number resources. IPv4 and IPv6 address blocks and Autonomous System Numbers. IANA allocates large blocks to the five Regional Internet Registries (RIRs) — APNIC (Asia-Pacific, including Nepal), RIPE NCC (Europe and the Middle East), ARIN (North America), LACNIC (Latin America), AFRINIC (Africa) — which then sub-allocate to ISPs and large enterprises in their region.

Domain names. IANA manages the root zone of the Domain Name System — the file that lists every top-level domain (.com, .np, .gov, .org) and the authoritative servers for each. The root zone is the foundation of the entire DNS hierarchy.

Protocol parameters. Every protocol has fields with numeric values — TCP/UDP port numbers, IP protocol numbers, ICMP type numbers, MIME types, HTTP status codes, TLS cipher suite numbers. IANA keeps the authoritative registries for all of these.

IANA's history is unusual. The function ran on a handshake basis for decades under Jon Postel at USC/ISI, then under U.S. government oversight via ICANN from 1998. In October 2016, the U.S. NTIA formally transitioned IANA oversight to the global multistakeholder community, severing the last formal U.S. government role.

For a Nepali example: when WorldLink became a member of APNIC and was allocated a block of IPv4 addresses, that block traced back through APNIC's pool, which traced back to IANA's allocations of the early IPv4 space to APNIC. Similarly, every .np domain ultimately resolves via the root zone that IANA administers.

ITU — International Telecommunication Union

The ITU is the United Nations specialised agency for information and communication technologies, established in 1865 (originally as the International Telegraph Union), that coordinates global radio-spectrum allocation, develops telecommunication standards, and works to extend connectivity in developing countries.

The ITU is a treaty-based intergovernmental body with 193 member states, including Nepal. It is older than the Internet by more than a century — it began in 1865 as the body coordinating international telegraph traffic. It has three sectors:

ITU-R (Radiocommunication). Coordinates the international use of the radio spectrum. The World Radiocommunication Conference (WRC) meets every three or four years and decides which frequency bands are allocated to which services in which regions. The 5G NR n78 band at 3.5 GHz, the millimetre-wave bands at 26 GHz and 28 GHz, the future IMT-2030 (6G) bands — all are defined through ITU-R processes.

ITU-T (Telecommunication standardisation). Publishes recommendations on telecommunications. Standards include the G-series (SDH, optical transport, fibre), the H-series (video coding — H.264, H.265, H.266), the X-series (data networks, X.509 certificates), Y.2000-series on IMT and NGN.

ITU-D (Development). Works on connectivity in developing countries, capacity building, and policy support. Nepal participates extensively in ITU-D programmes, including IPv6 deployment training and rural connectivity initiatives.

ITU and IETF roles are sometimes confused. The clean separation: IETF designs the Internet's packet protocols, ITU coordinates spectrum and traditional telecom standards. Where they meet — for instance in 5G, where 3GPP (a separate body, see below) does much of the actual protocol design but ITU-R defines the IMT-2020 framework that 5G technologies must qualify under — both bodies are involved.

ICANN — Internet Corporation for Assigned Names and Numbers

ICANN is a U.S.-based non-profit, multi-stakeholder organisation established in 1998 that coordinates the global policies for the unique identifiers of the Internet — domain names, IP addresses, and protocol port numbers — operating IANA through its PTI affiliate and managing the contracts with registries and registrars.

ICANN's primary visible role is the domain-name system. ICANN does not run the domain name servers; it sets policy for them. Some specific responsibilities:

Top-level domain policy. ICANN decides whether and how new top-level domains are added to the root. The expansion of generic TLDs from a small set (.com, .net, .org and a few others) to hundreds (.app, .blog, .dev) happened under ICANN's New gTLD Program from 2012.

Country-code TLD coordination. Each country code TLD — .np for Nepal, .in for India, .uk for the United Kingdom — is administered by a single delegated operator in that country. ICANN manages the delegation. For .np, the delegated operator is Mercantile Communications Pvt. Ltd., which has operated the registry since the 1990s on a non-commercial basis under arrangement with the Nepali government.

Accredited registrars. ICANN accredits the registrars (GoDaddy, Namecheap, and many others) that sell generic-TLD domain names to end users.

Dispute resolution. The Uniform Domain Name Dispute Resolution Policy (UDRP) provides a low-cost arbitration route for trademark holders to challenge domain registrations.

ICANN operates on a multi-stakeholder model — governments, civil society, the technical community, and the business community each have formal advisory roles, with the ICANN Board making final decisions. The Government Advisory Committee (GAC) is the channel through which national governments, including Nepal's, raise concerns.

Other bodies that matter in practice

The four bodies the syllabus names are the headline ones, but a network engineer encounters several others.

IEEE (Institute of Electrical and Electronics Engineers). The IEEE 802 family of standards covers LAN and MAN technologies — 802.3 Ethernet, 802.11 Wi-Fi, 802.15.4 (Zigbee/Thread radio), 802.1Q VLAN tagging, 802.1X authentication. Every Ethernet switch on the market implements IEEE standards.

3GPP (Third Generation Partnership Project). The body that actually writes the mobile-cellular standards — UMTS, LTE, 5G NR. 3GPP releases (Rel-15 was 5G Phase 1 in 2018, Rel-17 was 5G Advanced in 2022, Rel-19 is in progress in 2025–26, and 6G work has begun in study phases) define what every mobile operator and equipment vendor in the world implements. 3GPP is a partnership of seven regional standards bodies, not an independent organisation.

RIRs (Regional Internet Registries). The five regional bodies that sub-allocate addresses from IANA to ISPs and large networks. APNIC (headquartered in Brisbane) covers Nepal and is the practical day-to-day address-allocation contact for Nepali ISPs. APNIC training events and the APRICOT conference are the regular venue for technical exchange among Asia-Pacific ISPs, with strong Nepali participation.

W3C (World Wide Web Consortium). Standardises Web technologies — HTML, CSS, accessibility, the Web platform. Distinct from the IETF, which handles the transport (HTTP, QUIC), while W3C handles the document model.

National bodies. Each country has its own regulator and bodies. In Nepal these include NTA (Nepal Telecommunications Authority) as the licensing and spectrum regulator, npCERT as the national CSIRT under the National Information Technology Centre, and the Cyber Bureau under Nepal Police for criminal investigation. The Department of Information Technology and the Ministry of Communications and Information Technology set ICT policy.

How the bodies fit together — a single example

Consider Nepal Telecom deploying a 5G network using the 3.5 GHz band:

• ITU-R allocated the 3.5 GHz band to IMT services through World Radiocommunication Conference decisions.
• 3GPP specified the 5G New Radio protocols that NTC's base stations and the user's phone speak.
• IEEE specified the Ethernet links inside the operator's core network and the fronthaul to the base stations.
• IETF specified IPv6 and the SRv6 source-routing extension that the operator may use inside its packet core.
• IANA / APNIC allocated the IPv6 and any remaining IPv4 address space that NTC uses for its subscribers and core elements.
• NTA licensed NTC to operate on the 3.5 GHz band in Nepal and set the cost, the coverage obligations, and the spectrum reservation period.
• ICANN administers the root zone that resolves the ntc.net.np and nepaltelecom.com.np domain names NTC uses for its services.

No single body decided how NTC's 5G network would work. Six bodies, each handling a piece, plus the national regulator, together made the deployment possible.