The TCP/IP Protocol Model in Networking
In our attempt to fully understand the TCP/IP protocol, we first take a good look at the TCP/IP Model that basically sets forth a set of rules and guidelines on how data communication occurs over a network.
Transmission Control Protocol/Internet Protocol (TCP/IP) is the most commonly used protocol in most networking environments of today. The main advantage the protocol offers is connectivity between dissimilar networks of varying sizes, and thus is the protocol used for the internet. TCP/IP is in fact a protocol suite, which means that it contains multiple protocols within it. We take a look at the TCP/IP model to better understand how communication takes place in networks that use this protocol.
The TCP/IP Model
The TCP/IP model is a four layer model that is similar in purpose to the seven layer OSI model. The four layers of the TCP/IP model do map to the seven layers of the OSI Model, but some layers of the TCP/IP model combine multiple layers of the OSI Model (Refer to Image given below). There are several protocols that govern data communication in a TCP/IP based network, and each protocol runs on different layers of the TCP/IP model.
1. The Application Layer
The top most layer of the TCP/IP model is the Application Layer. This layer is responsible for generating the network request on the sending Computer, and to service the same request on the Destination Computer. For example, a user requests to view a web site on his machine (HTTP request generated by the application layer on the user's machine) which gets submitted to a web server (HTTP response generated by the application layer on the server), and the user is able to view the site. The following are some of the common protocols used at the Application Layer:-
a. HyperText Transfer Protocol(HTTP) - The protocol mainly used to view web pages on the internet.
b. Simple Mail Transfer Protocol(SMTP) - The protocol used to send e-mails over the internet.
c. Network News Transport Protocol(NNTP) - The protocol commonly used to send and receive news to newsgroups on the internet.
d. File Transfer Protocol(FTP) - The most popular protocol used for transferring files over the internet.
2. The Transport Layer
After the Application Layer comes the Transport Layer that is responsible for establishing either a connection-oriented or connectionless communication between two systems on a network. This basically translates to session management between the two systems and specific protocols at this level provide the functionality required. Apart from Session Management, the Transport Layer is also responsible for reliable delivery of data (that largely depends on which Transport protocol has been chosen). Two of the most popular Transport Layer protocols are TCP and UDP.
Transmission Control Protocol (TCP)
This is a connection oriented protocol, meaning that it is responsible for establishing, maintaining and terminating a valid session between two computers communicating over the network. Establishment of a session ensures that this protocol also provides reliable delivery of data through constant acknowledgment by both the systems involved. The protocol also provides a way of re-transmitting corrupt or lost data. All these features do produce an overhead which might seem to slow down communication at times, but this overhead is well worth the effort as the data delivery will be reliable. TCP ensures that the data is delivered by using what is called as a Sequence Number and an acknowledgment number. The Sequence number is attached to each piece of data that is sent. The acknowledgment number is attached to each message that is sent back by a system when it receives the data.
The TCP Three-Way Handshake : The connection to a remote system through TCP usually occurs through a process called the TCP Three-Way Handshake. The three phases involved in this process are as follows :-
a. SYN : In the first phase, the sender sends a SYN message to the receiving system. Each data packet is assigned a unique sequence number. This message usually contains the INS or the Initial Sequence number that is basically assigned at the beginning of a transmission.
b. ACK/SYN : In the second phase, the first message(SYN) is being acknowledged(ACK) by the receiving system.
c. ACK : In the final phase, the original sender of the data acknowledges the previous ACK/SYN message it received from the destination system. The sequence number is then incremented to indicate transmission of the next data packet.
A TCP connection is thus established between two systems who want to communicate using this protocol. Disconnecting from a TCP session also involves the exchange of certain messages between the two systems. If a system wants to disconnect, then it sends a FIN message to the destination system. The destination system then replies back with a ACK and FIN message indicating that it has acknowledged the previous FIN message and would also like to terminate the session. The session is finally terminated when the original sending system sends back an ACK message.
User Datagram Protocol (UDP)
This is a connection-less protocol that does not ensure reliable data delivery and just sends off the data to the destination without attempting to establish a session. There is no progress made on the state of the data being sent and thus using a UDP protocol is faster than using TCP.
3. The Internet Layer
The internet layer of the TCP/IP model is resonsible for logical addressing and routing of the packets through and between networks. A few of the protocols that run on this layer are IP (Internet Protocol), ICMP (Internet Control Message Protocol) and ARP (Address Resolution Protocol).
Internet Protocol (IP)
The Internet Protocol provides packet delivery services for the higher layers in the TCP/IP model. The Internet protocol simply sends the data by identifying which system on which network the data needs to go to. An IP header is added by this protocol to the data packet that among other things includes the IP address of the Source and Destination systems.
Internet Control Message Protocol (ICMP)
The ICMP protocol enables systems on a TCP/IP network to share status and error information. This protocol is basically used in detecting network issues. Two very useful applications of this protocol is through the Ping and Tracert functions. The Ping function is used to see if a particular system is live on the network and if it is responding to network requests. The Tracert function shows a network route from the source system to the destination, thereby indicating any issues in the route and where exactly a disruption in connectivity might be occurring.
Address Resolution Protocol (ARP)
The address resolution protocol is responsible for resolving IP addresses(Layer-3 address) to physical machine addresses (Layer-2 address). This happens through a broadcast in which an ARP packet is sent out into the network with the IP address of the intended recipient. The concerned system then replies back with its physical address that is then stored in the ARP cache of the sender. Every system on a network will have an ARP cache that is frequently updated and accessed to send data to a specified machine.
An understanding of the TCP/IP model is the first step towards understanding the widely and commonly used TCP/IP protocol. In the next article, TCP/IP fundamentals, we will take a look at some TCP/IP fundamentals and how it is configured on network systems.