What is the TCP/IP model
Grzegorz Piechnik
Posted on November 30, 2023
The TCP/IP model, whose origins date back to the 1970s, is also called the protocol model. It is designed to define how communication in a network is managed on the basis of protocols in successive layers. This means that devices forming a network, regardless of the operating system used, for example, can communicate with each other. Their communication flow looks the same or similar.
Reading about the TCP/IP model you will come across information about the ISO/OSI model. It should be remembered that this is a theoretical model that covers each of the layers of the TCP/IP model. This means that it points the way in the design of network communications. It is important to know the nomenclature from the ISO/OSI model in order to efficiently navigate through documentation that already refers to its specific layers.
Sending messages in TCP/IP
Data transmission in the TCP/IP model can be described as follows:
- A message is sent from the highest to the lowest layer, and at each layer, more headers are added to the message to ensure proper data delivery - a process called encapsulation. The layers in the TCP/IP model are presented as follows:
- application layer,
- transport layer,
- Internet layer,
- network access layer.
- Data with attached headers is transmitted over the network to the other computer,
- The return data returns from the lowest to the highest layer to the destination.
Each layer consists of protocols that set strict rules for communication between successive layers. However, this does not mean that one protocol per layer. For example, the application layer can use DNS and HTTP protocols simultaneously.
Although the protocols work together, they do not care what their master/slave layer does, but only know how to pass the data they are responsible for.
Application layer
This is the first of the layers, allowing programs and applications to encode data into the appropriate format, which is then passed on to the next layer. Network sockets (internet sockets) are used for this.
When we talk about a network socket, we mean a unique object formed by an Internet address, a communication protocol (from a lower layer) and a port number. The socket itself should not be thought of as a connection, but as an endpoint of a specific connection that provides the ability to transmit and receive data between two different computers. In the following example connect(mysocket, address = "1.2.3.4", port = "80") send(mysocket, "Hello, world!") close(mysocket)) copied beastly from wikipedia, we can see the creation of a network socket object, followed by the transmission of a string through it and the closing of the endpoint.
Socket mysocket = getSocket(type = "TCP")
connect(mysocket, address = "1.2.3.4", port = "80")
send(mysocket, "Hello, world!")
close(mysocket)
We may be confused by the keyword "connect," which suggests that the socket itself is a connection rather than an access point. This has become the subject of discussion, which in a nutshell is due to the misuse of terminology in programming libraries. Nevertheless, we encourage you to visit and read source.
The port number that makes up the socket object depends on the application layer protocol you want to use. Among the most well-known are:
- HTTP protocol - allows the transmission of hypertext documents. We will cover it in detail in subsequent articles,
- DNS protocol - (generally speaking) changes the name of the server to a computer-understandable one.
- FTP protocol - enables bidirectional file transfer between client and server,
- SMTP protocol - enables forwarding of e-mails,
- SSH protocol - enables remote connection with the server.
Transport layer
Each application, depending on the protocols used, names the data structures used in the following application layers differently. The TCP protocol (not to be confused with the TCP/IP model in question) of the transport layer describes the data within it as a segment, while the UDP protocol calls it a datagram. Such data, regardless of its name at the transport layer, gets split into smaller parts, which are sent to the Internet layer with an additional header attached.
The most important transport layer protocols include: TCP, UDP, SCTP, DCCP and RSVP. For the purposes of this article, we will only look at two of them. We'll start with the TCP protocol, which provides a connection between parties through a three-way handshake procedure. What does it look like?
TCP A TCP B
1. CLOSED LISTEN
2. SYN-SENT --> <SEQ=100><CTL=SYN> --> SYN-RECEIVED
3. ESTABLISHED <-- <SEQ=300><ACK=101><CTL=SYN,ACK> <-- SYN-RECEIVED
4. ESTABLISHED --> <SEQ=101><ACK=301><CTL=ACK> --> ESTABLISHED
5. ESTABLISHED --> <SEQ=101><ACK=301><CTL=ACK><DATA> --> ESTABLISHED
- initially, the connection does not exist (CLOSED), and TCP B server is listening for segments.
- TCP A, which could be the client in this case, sends to TCP B (e.g., the server) a SYN segment indicating the synchronization of the next sequence number and the lower value of the sequence number, which is 100. TCP A goes into the SYN-SENT state after transmission, and TCP B goes into the SYN-RECEIVED state after reception.
- If a connection point is agreed to be established, TCP B also transmits the lower value of the sequence number (300) along with an ACK segment that is one larger than the previous one.
- TCP A after receiving goes into ESTABLISHED state and sends to TCP B its segment and ACK segment belonging to TCP B increased by one. TCP B also enters the ESTABLISHED state upon receipt.
- then TCP A can start sending data.
The multitude of abbreviations can make it difficult to understand, but after a few approaches it gets easier 🙂 From the description above we can extract the two most important features that the TCP protocol has. These are:
- reliability - the receiver checks whether the checksum is correct - if so, it sends an acknowledgment of receipt of the message (ACK). If there is no response, the segment is resent,
- sequencing of segments - the sequence number is incremented in subsequent messages, so that they are arranged in the correct order.
The TCP header attached to the message transmitted to the next layer has from 20 to 60 bytes, and its size depends on the optional information entered. Application layer protocols that use TCP include: HTTP, HTTPS, FTP or SMTP.
UDP protocol - is responsible for data transfer without establishing a permanent connection. In addition, it does not provide reliability and ordering of datagrams (equivalent to a segment). As a result, we lose out on the certainty of whether the datagram will arrive, and the transmitted data are independent of each other. Ensuring reliability, however, can be achieved on the application side. In addition, the UDP datagram has only 8 bytes and is much faster than the TCP protocol. So we will use it wherever segment loss does not significantly affect the received information, such as in listening to audio or watching video. UDP is also used for DNS queries by the small size of the transmitted requests and the lack of load on the queried DNS servers.
Internet layer
The main task of the Internet layer is to route packets between successive hosts on the network. Routing (routing) means choosing the most optimal route. The Internet layer also includes routers (also called nodes), which are network devices that connect physical networks. Routers route packets using the IP addresses of the sender and receiver found in the header and routing tables built dynamically. We will already focus on routing itself in a separate article. In order to preview a route with a destination, we will use the command:
traceroute website.com
The most well-known Internet layer protocol is the IP protocol (that's actually how we should write the IPv4 and IPv6 protocols, which differ in version). It is designed to transfer data from one computer to the next. It is worth remembering that the IP protocol is not reliable. On the other hand, using the TCP protocol from the previous layer, the whole thing becomes reliable.
When using one of the IP protocols, there is the creation of smaller datagrams (packets) from those received at the Internet layer.
Network access layer
The network access layer has the task of delivering data packets to other devices on the directly connected network.
WAN technology protocols such as Frame relay and ATM were created to take advantage of the existing telecommunications circuits of their day. Ethernet at the time was limited and not mature enough to replace WAN technology. Today, the Ethernet protocol is used almost everywhere.
So, when using the Ethernet protocol - at the level of the network access layer, IP datagrams are encapsulated into frames, which are then transmitted across the network. In addition, the source address of the network access layer and the address of the destination network access layer (for example, the MAC address) are added to the frame.
Sources
https://www.pcworld.pl/news/TCP-IP-w-pigulce,290576.html\
https://www.ibm.com/docs/en/zvse/6.2?topic=programming-what-is-tcpip-socket-connection\
http://www.crypto-it.net/pl/teoria/protokoly-tcp-ip.html\
https://www.oreilly.com/library/view/tcpip-network-administration/0596002971/ch01.html\
https://www.ietf.org/rfc/rfc793.txt\
https://stackoverflow.com/questions/42456116/understanding-tcp-ip-layering-through-internet-flow\
https://stackoverflow.com/questions/152457/what-is-the-difference-between-a-port-and-a-socket?rq=1
Posted on November 30, 2023
Join Our Newsletter. No Spam, Only the good stuff.
Sign up to receive the latest update from our blog.