Introduction to the TCP/IP SuiteAs mentioned earlier, TCP/IP is the most widely used protocol suite. The relationship between the four layers of the TCP/IP suite and the seven layers of the OSI model is illustrated in Figure B-5. Figure B-5. TCP/IP Protocol Suite
The four layers of the TCP/IP suite are the application layer, transport layer, Internet layer, and network interface layer. The application layer includes the functionality of the OSI application, presentation, and session layers. Applications defined in the TCP/IP suite include the following:
The network interface layer can support a wide variety of LANs and WANs (including those discussed in the "LANs and WANs" section, earlier in this appendix). The transport layer and the Internet layer are detailed in the following sections. TCP/IP Transport Layer ProtocolsThe TCP/IP transport layer includes the following two protocols:
TCP and UDP, being at the transport layer, send segments. Figure B-6 illustrates the fields in a UDP segment and in a TCP segment. Figure B-6. UDP Segments Contain at Least 8 Bytes While TCP Segments Contain at Least 20 BytesThe UDP segment fields are as follows:
The TCP segment fields are as follows:
Notice that the UDP header is much smaller than the TCP header. UDP does not need the sequencing, acknowledgment, or windowing fields because it does not establish and maintain connections. Port number operation, which is the same for both TCP and UDP, is described in the next section. Following that section, the operation of sequence and acknowledgment numbers and windowing are described; these are key to understanding TCP operation. Port NumbersKey Point TCP and UDP use protocol port numbers to distinguish among multiple applications that are running on a single device. Well-known, or standardized, port numbers are assigned to applications so that different implementations of the TCP/IP protocol suite can interoperate. Well-known port numbers are numbers up to 1023; examples include the following:
Port numbers from 1024 through 49151 are called registered port numbers; these are registered for use by other applications. The dynamic ports numbers are those from 49152 through 65535; these can be dynamically assigned by hosts as source port numbers when they create and end sessions. Figure B-7 illustrates a device in Toronto that is opening a Telnet session (TCP port 23) with a device in London. Note that the source port from Toronto is 50051. Toronto records this Telnet session with London as port 50051 to distinguish it from any other Telnet sessions it might have running (because you can have simultaneous multiple Telnet sessions running on a device). The London device receives port number 23 and therefore knows that this is a Telnet session. In its reply, it uses a destination port of 50051, which Toronto knows is the Telnet session it opened with London. Figure B-7. Source and Destination Port Numbers Indicate the Application Being UsedTCP Sequencing, Acknowledgment, and WindowingTo illustrate TCP operation, we follow a TCP session as it is established, data is sent, and the session is closed. Key Point A TCP connection is established by a process called a three-way handshake. This process uses the SYN and ACK bits (in the code bits field in the TCP segment) as well as the sequence and acknowledgment number fields.. The TCP three-way handshake is shown in Figure B-8. Figure B-8. Three-Way Handshake Establishes a TCP Session
In this example, a user in Toronto wants to establish a TCP session with a device in London, for example, to start a Telnet session. The first step in the handshake involves the initiator, Toronto, sending a segment with the SYN bit setthis indicates that it wants to start a session and synchronize with London. This segment also includes the initial sequence number that Toronto is using21 in this example. Assuming that the device in London is willing to establish the session, it returns a segment that also has the SYN bit set. In addition, this segment has the ACK bit set because London is acknowledging that it successfully received a segment from Toronto; the acknowledgment number is set to 22, indicating that London is now expecting to receive segment 22 and therefore that it successfully received number 21. (This is known as an expectational acknowledgment.) This new segment includes the initial sequence number that London is using75 in this example. Finally, Toronto replies with an acknowledgment segment, sequence number 22 (as London is expecting), and acknowledgment number 76 (indicating that it is now expecting number 76 and therefore it has successfully received number 75). The session is now established, and data can be exchanged between Toronto and London. Note The sequence and acknowledgment numbers specify octet numbers, not segment numbers. For ease of illustration purposes here, we are assuming a segment is 1 octet of data. This is not the case in real life, but it simplifies the example so that the concepts are easier to understand. The window size field in the segment controls the flow of the session. It indicates the number of octets that a device is willing to accept before it must send an acknowledgment. Because each host can have different flow restrictions (for example, one host might be very busy and therefore require that a smaller amount of data be sent at one time), each side of the session can have different window sizes, as illustrated in the example in Figure B-9. Figure B-9. Window Size Indicates the Number of Octets a Device Is Willing to Accept Before It Sends an Acknowledgment
In this example, the window size on Toronto is set to 3, and on London, it is set to 2. When Toronto sends data to London, it can only send 2 octets before it must wait for an acknowledgment. When London sends data to Toronto, it can send 3 octets before it must wait for an acknowledgment. Note The window size specifies the number of octets, not the number of segments, that can be sent. For ease of illustration purposes here, we are assuming a segment is 1 octet of data. This is not the case in real life, but it again simplifies the example so that the concepts are easier to understand. The window sizes shown in the example are also small, for ease of explanation purposes. In reality, the window size would be much larger, allowing a lot of data to be sent between acknowledgments. After all the data for the session is sent, the session can be closed. The process is similar to how it was established, using a handshake. In this case, four steps are used, as illustrated in Figure B-10. Figure B-10. Four-Way Handshake Closes a TCP Session
In this example, Toronto wants to close its Telnet session with London. The first step in the handshake involves Toronto sending a segment with the FIN bit set, indicating that it wants to finish the session. This segment also includes the sequence number that Toronto is currently using107 in this example. London immediately acknowledges the request. This segment has the ACK bit set with the acknowledgment number set to 108, indicating that London successfully received number 107. This segment includes the sequence number that London is currently using322 in this example. London then informs its Telnet application that half of the session, the connection from Toronto, is now closed. When the application on the London device requests that the other half of the connection (to Toronto) be closed, London sends a new segment with the FIN bit set, indicating that it wants to close the session. Finally, Toronto replies with an acknowledgment segment with acknowledgment number 323 (indicating that it has successfully received number 322). The session is now closed in both directions. TCP/IP Internet Layer ProtocolsThe TCP/IP Internet layer corresponds to the OSI network layer and includes the IP routed protocol, as well as protocols for address resolution and message and error reporting. ProtocolsThe protocols at this layer include the following:
Note These protocols are all at the TCP/IP Internet layer, corresponding to the OSI model network layer, Layer 3. They run on top of the TCP/IP network interface layer, corresponding to the OSI model Layers 1 and 2the physical and data link layers. Note You might have heard people refer to IP as a LAN protocol; this is because they configure IP on their PCs, which are attached to LANs. In fact, however, IP is a network layer protocolit runs on top of any LAN or WAN. IP DatagramsFigure B-11 illustrates the fields of an IP datagram. Figure B-11. An IP Datagram Contains at Least 20 Bytes
The IP datagram fields are as follows:
|