This 13 chapter book sets high expectations in claiming to be a "definitive guide", but at 350 pages, of which about 20% is worked examples, perhaps a thorough introductory guide would be a better description. The text is deliberately designed in a modular fashion and is divided into three sections: Fundamentals, Design Architecture and Security. The introduction contains a good "What you should read" section that explains the book's structure and how to get the best out of it for the categories of beginner, novice, experienced or expert. This is followed by chapter summaries, so you can quickly identify how you can get the most out of this book and find sections of specific interest. I found the authors did a good job of presenting what could be a dry subject in an interesting style that should suit a broad range of readers. The commented C/C++ source code examples are conveniently available from the publisher's website, but annoyingly I found that the examples wouldn't build as provided.
Chapters 1 to 4 in the Fundamentals section cover Networks and Protocol theory, Network Functions, Socket Programming (datagram vs streaming) and Protocols, Sessions and State. Well explained sample code is presented beginning with the Functions chapter as the book moves into practical examples of Ethernet programming.
Chapters 5 to 9 in the Design Architecture section starts with a very interesting chapter examining the various strengths and weaknesses associated with some example client-server architectures including the Apache 2 Web Server, i.e. multiplexing, multiprocessing servers, single process per client vs the process pool approach and multithreaded servers. Guidance on which approach is best for your specific implementation is provided with the pros and cons summarised in a useful one page table. A chat program demonstrates the use of a custom protocol implementation in chapter 6, which is further developed in the case study in chapter 9, where 40 pages are allocated to describing in detail how this application is implemented in C++. Chapters 7 and 8 look at the various design decisions involved in designing a networked application, i.e. TCP vs UDP, custom application protocol vs established protocol, client-server architecture (two or three tier), thick, thin and modular clients and server considerations such daemonising, logging, privilege dropping and chroot jails. These latter security options are covered in greater detail in the Security section (chapters 10 to 13). The Debugging and Development Cycle is specifically covered in chapter 8. This chapter also covers a few tools that could prove useful development aids as well as providing some tips to ease development process, some of which are covered in more detail in the Security section.
Chapter 10 introduces secure communications using Tunnelling, PKI and OpenSSL, along with a client and server example. Authentification and Data Verification methods using the PAM library along with an in-depth look at PKI management code are covered in chapter 11. Chapter 12 covers common security problems and mitigation steps - useful tips that will help you avoid some common coding security vulnerabilities and finishes with a couple of overview paragraphs on the use of Flawfinder and Splint for security vulnerability code analysis.
The Security section is rounded out by an extensive worked PAM/PKI client & server example (10% of the book content), commencing at the design stage - reinforcing the philosophy that security must be considered at the start - not as a bolt on, with the worked example reinforcing material introduced earlier.
The 19 page appendix on IPV6 covers how to handle the expanded addressing provided by IPV6, how to port existing IPV4 applications to IPV6 and tips on how to create applications that will handle both IPV4 and IPV6.
The 15 page index is fairly comprehensive and there is the eBook version for easier searching if you think you'll be using this as a frequent reference book.