TCP/IP Fundamentals - Layer 1 Technology

 

Network Fundamentals – TCP/IP

The TCP/IP protocol suite (Figure 1.10) is a modern adaptation of the OSI model and contains the following five layers:

  • Application Layer
  • Transport Layer
  • Internet Layer
  • Data Link Layer
  • Physical Layer

In some documentation, the Data Link and Physical Layers are grouped together as the Network Access Layer or the Network Interface Layer.

10

Figure 1.10 – TCP/IP Model

TCP/IP Application Layer

The Application Layer in the TCP/IP model covers the functionality of the Session, Presentation, and Application Layers in the OSI reference model. Various protocols can be used in this layer, among which include the following:

  • SMTP and POP3, used to provide e-mail services
  • HTTP, a World Wide Web browser content delivery protocol
  • FTP, used in file transfers
  • DNS, used in domain name translation
  • SNMP, a network management protocol
  • DHCP, used to assign IP addresses to network devices automatically
  • Telnet, used to manage and control network devices

 

TCP/IP Transport Layer

Both the TCP/IP Transport Layer and the Internet Layer are considerably different compared to the corresponding OSI layers. The Transport Layer is based on the following two protocols:

  • Transmission Control Protocol (TCP): This provides a connected-oriented transmission, meaning the path that the data travels on in the network is reliable, as the endpoints establish a synchronized connection before sending the data. Every data packet is acknowledged by the receiving host. File Transfer Protocol (FTP) is an example of a protocol that uses TCP.
  • User Datagram Protocol (UDP): This provides an unreliable, connectionless transmission between hosts. Unlike TCP, UDP does not ensure that the segments arriving at a destination are valid and in the proper order, resulting in integrity verifications and error connection processes in the Application Layer. On the other hand, UDP has a smaller overhead than TCP because the UDP header is much smaller. Trivial File Transfer Protocol (TFTP) is an example of a protocol that uses UDP.

The TCP and UDP protocol data units are segments. Each segment contains a number of fields that carry different information about the data, as shown below in Figure 1.11.

11

Figure 1.11 – TCP and UDP Segment Fields

The UDP fields are as follows:

Field

Size

Description

Source Port Number

16 bits

Identifies the application used by the sender
Destination Port Number

16 bits

Identifies the application used by the receiver
Length

16 bits

The size of the header and the data
Checksum

16 bits

The checksum of the header and the data, used to verify integrity of the segment
Data

Variable

Application Layer data

The TCP fields are as follows:

Field

Size

Description

Source Port Number

16 bits

Identifies the application used by the sender
Destination Port Number

16 bits

Identifies the application used by the receiver
Sequence Number

32 bits

Verifies the correct order of received segments
Acknowledgement Number

32 bits

Verifies the correct order of received segments
Header Length

4 bits

The size of the header
Reserved

6 bits

Unused field
Code Bits

6 bits

Indicates the segment type
Window Size

16 bits

The number of bytes received before sending an acknowledgement
Checksum

16 bits

The checksum of the header and the data, used to verify integrity of the segment
Urgent

16 bits

Marks the end of urgent data
Option

0 to 32 bits

Defines the maximum TCP segment size
Data

Variable

Application Layer data

The TCP header is larger than the UDP header because of all the extra fields needed to ensure a reliable connection.

Port numbers can take values up to 65535. Most of the common applications are assigned well-known port numbers between 1 and 1023 (port number 0 is reserved). Port numbers 1024 through 49151 are registered port numbers, while port numbers 49152 through 65535 define dynamic port numbers (automatically assigned by network devices). Port numbers are used to distinguish between applications running on the same device. Examples of well-known port numbers include the following:

  • HTTP: TCP port 80
  • FTP: TCP port 20 (data) and 21 (control)
  • TFPT: UDP port 69
  • POP3: TCP port 110
  • SMTP: TCP port 25
  • DNS: TCP and UDP port 53
  • SNMP: UDP port 161
  • Telnet: TCP port 23

When a TCP connection is established, it follows a process called a three-way handshake. This process uses SYN and ACK bits in the code bits of the TCP’s Segment, Sequence, and Acknowledgement Number fields. Figure 1.12 below illustrates the three-way handshake process:

12

Figure 1.12 – TCP Operation (Three-way Handshake)

Referring to the figure above, Host A tries to establish a TCP connection with Host B. Host A sends a segment with the SYN bit set, letting the other device know it wants to synchronize. The segment includes the initial sequence number of 5 that Host A is using. Host B accepts the segment to establish a session and sends back a segment with the SYN bit set. Host B also sends the ACK bit to acknowledge that it has received the initial segment sent by Host A. The acknowledgement number represents the next segment it expects to receive, which is 6 (this is also called an expectational acknowledgment). The new segment includes the initial sequence number of Host B, which is 14. Host A replies with an ACK segment that contains a sequence of 6, because this is what Host B is expecting, and acknowledgement number 15, informing Host B that it can send the next segment. This concludes the TCP session’s establishment phase.

The window size informs the remote host about the number of bytes a device will accept before it must send an acknowledgement. However, the window sizes may not match on the two endpoints. Host A has a window size of 2 and Host B has a window size of 3. When Host A sends data, it can send 3 bytes before waiting for an acknowledgement, whereas Host B can send only 2 bytes before receiving an ACK.

Note:    The window size specifies the number of bytes (octets) a device will accept, not the number of segments.

After all the data is sent between the two hosts, the session can be closed. To accomplish this, Host A sends a segment with the FIN bit set, letting Host B know it wants to end the TCP session. The segment includes the sequence number Host B is using at that specific moment, which is 341. Host B acknowledges the request and sends the ACK bit with the acknowledgement number 342 to confirm it has received number 341. The segment also includes the current sequence number of Host B, which is 125. Host B sends a new segment with the FIN bit set, announcing the application it is running also requests closing the session. In the last step before the session is closed, Host A sends an ACK segment with number 126 to confirm it received number 125 from Host B.

TCP/IP Internet Layer

The Internet Layer in the TCP/IP model corresponds to OSI Layer 3 (Network Layer) and includes the following protocols:

  • Internet Protocol (IP): This connectionless protocol offers best-effort delivery of packets in the network, relying on Transport Layer protocols such as TCP to ensure a reliable connection. IP addresses are assigned to each network device or interface in the network. In addition, the IP protocol comes in two flavors: IPv4 and IPv6 (which will be covered later in this manual).
  • Internet Control Message Protocol (ICMP): This protocol sends messages and error reports through the network. The most common application that relies on ICMP is Ping, which sends an ICMP echo message to the destination and expects an ICMP echo reply back to ensure that the destination can be reached and to give information about the delay between the two endpoints.

Referring back to IP, an IPv4 packet contains the following fields, as depicted below in Figure 1.13:

13

Figure 1.13 – IPv4 Packet Fields

Field

Size

Description

Version

4 bits

Identifies the IP version (IPv4 in this case)
Header Length

4 bits

Size of the header
Type of Service (ToS)

8 bits

QoS marking, specifies how the packet should be handled within the network
Total Length

16 bits

The size (in octets) of the header and data
Identification

16 bits

Used when the packet is fragmented
Flags

3 bits

Used when the packet is fragmented
Fragment Offset

13 bits

Used when the packet is fragmented
Time to Live (TTL)

8 bits

Protection against endless loops, decremented by 1 on every router the packet passes through
Protocol

8 bits

Identifies the Layer 4 protocol (TCP, UDP)
Header Checksum

16 bits

The checksum of the header, used to verify its integrity
Source IP Address

32 bits

Source logical IP address
Destination IP Address

32 bits

Destination logical IP address
IP Options and Padding

Variable

Used for debugging
Data

Variable

Transport Layer data

An IPv6 packet contains the following fields, as depicted below Figure 1.14:

14

Figure 1.14 – IPv6 Packet Fields

Field

Size

Description

Version

4 bits

Identifies the IP version (IPv6 in this case)
Traffic Class

8 bits

Similar to the ToS byte in the IPv4 header (QoS marking functionality)
Flow Label

20 bits

Used to identify and classify packet flows
Payload Length

16 bits

The size of the packet payload
Next Header

8 bits

Similar to the Protocol field in the IPv4 header, defines the type of traffic contained within the payload and which header to expect
Hop Limit

8 bits

Similar to the TTL field in the IPv4 header, prevents against endless loops
Source IP Address

128 bits

Source logical IPv6 address
Destination IP Address

128 bits

Destination logical IPv6 address
Data

Variable

Transport Layer data
 

TCP/IP Network Access Layer

The Network Access Layer is comprised of the Data Link Layer and the Physical Layer, and it has the same functionality as in the OSI reference model. A common protocol used at the Data Link Layer is Address Resolution Protocol (ARP), which requests the MAC addresses of a host with a known IP address. Once the MAC address is known, it is used as a destination address in the frames sent in that specific direction.

Layer 2 -Technology

Comments

Popular posts from this blog

Terraform

Different Types of Reports in Scrum - Agile

Scrum Master Interview help - Bootcamp