Lesson 2: TCPIP | MCSE Training Kit: Networking Essentials Plus, Third Edition (IT Professional)

[Previous] [Next]

Transmission Control Protocol/Internet Protocol (TCP/IP) is an industry-standard suite of protocols that provide communications in a heterogeneous (made up of dissimilar elements) environment. In addition, TCP/IP provides a routable, enterprise networking protocol and access to the Internet and its resources. Because of its popularity, TCP/IP has become the de facto standard for what's known as internetworking, the intercommunication in a network that's composed of smaller networks. This lesson examines the TCP/IP protocol and its relationship to the OSI reference model.

After this lesson, you will be able to:

Define the TCP/IP protocol.

Describe the four layers of the TCP/IP protocol and how they relate to the OSI reference model.

Estimated lesson time: 15 minutes

Introduction to TCP/IP

TCP/IP has become the standard protocol used for interoperability among many different types of computers. This interoperability is a primary advantage of TCP/IP. Most networks support TCP/IP as a protocol. TCP/IP also supports routing and is commonly used as an internetworking protocol.

Other protocols written specifically for the TCP/IP suite include:

SMTP (Simple Mail Transfer Protocol) E-mail.

FTP (File Transfer Protocol) For exchanging files among computers running TCP/IP.

SNMP (Simple Network Management Protocol) For network management.

Designed to be routable, robust, and functionally efficient, TCP/IP was developed by the United States Department of Defense as a set of wide area network (WAN) protocols. Its purpose was to maintain communication links between sites in the event of nuclear war. The responsibility for TCP/IP development now resides with the Internet community as a whole. TCP/IP requires significant knowledge and experience on the user's part to install and configure. Using TCP/IP offers several advantages; it:

Is an industry standard As an industry standard, it is an open protocol. This means it is not controlled by a single company, and is less subject to compatibility issues. It is the de facto protocol of the Internet.

Contains a set of utilities for connecting dissimilar operating systems Connectivity from one computer to another does not depend on the network operating system used on either computer.

Uses scalable, cross-platform client-server architecture TCP/IP can expand (or shrink) to meet future needs and circumstances. It uses sockets to make the computer operating systems transparent to one another.

NOTE
A socket is an identifier for a particular service on a particular node on a network. The socket consists of a node address and a port number that identifies the service.

Historically, TCP/IP has had two primary disadvantages: its size and speed. TCP/IP is a relatively large protocol stack that can cause problems in MSDOSbased clients. However, due to the system requirements (processor speeds and memory) on graphical user interface (GUI)-based operating systems, such as Windows NT or Windows 95 and 98, size is not an issue.

TCP/IP Standards

TCP/IP standards are published in a series of documents called Requests for Comment (RFC). Their primary purpose is to provide information or to describe work in progress. Although not originally intended to serve as standards, many RFCs are accepted as true standards.

Internet development is based on the concept of open standards. That is, anyone who wishes to do so can use or participate in developing standards for the Internet. The Internet Architecture Board (IAB) is the committee responsible for managing and publishing RFCs for the Internet. The IAB allows anyone or any company to submit or evaluate an RFC. This includes any proposed idea for changes or new standards. After a reasonable amount of time is allowed for discussion, a newly proposed draft will or will not become a standard.

The InterNIC Directory and Database provided by AT&T is a service that furnishes sources of information about the Internet to the public. The Directory and Database includes the RFCs. This service can be found at www.internic.net on the World Wide Web. Furthermore, RFCs can be downloaded from the following FTP sites:

nis.nsf.net	ftp.ncren.net
nisc.jvnc.net	ftp.sesqui.net
ftp.isi.edu	ftp.nic.it
wuarchive.wustl.edu	ftp.imag.fr

TCP/IP and OSI

The TCP/IP protocol does not exactly match the OSI reference model. Instead of seven layers, it uses only four. Commonly referred to as the Internet Protocol Suite, TCP/IP is broken into the following four layers:

Network interface layer

Internet layer

Transport layer

Application layer

Each of these layers corresponds to one or more layers of the OSI reference model.

Network Interface Layer

The network interface layer, corresponding to the physical and data-link layers of the OSI reference model, communicates directly with the network. It provides the interface between the network architecture (such as token ring, Ethernet) and the Internet layer.

Internet Layer

The Internet layer, corresponding to the network layer of the OSI reference model, uses several protocols for routing and delivering packets. Routers, which are discussed in Chapter 7, "Elements of Network Connectivity," are protocol dependent. They function at this layer of the model and are used to forward packets from one network or segment to another. Several protocols work within the Internet layer.

Internet Protocol (IP)

Internet Protocol (IP) is a packet-switched protocol that performs addressing and route selection. As a packet is transmitted, this protocol appends a header to the packet so that it can be routed through the network using dynamic routing tables. IP is a connectionless protocol and sends packets without expecting the receiving host to acknowledge receipt. In addition, IP is responsible for packet assembly and disassembly as required by the physical and data-link layers of the OSI reference model. Each IP packet is made up of a source and a destination address, protocol identifier, checksum (a calculated value), and a TTL (which stands for "time to live"). The TTL tells each router on the network between the source and the destination how long the packet has to remain on the network. It works like a countdown counter or clock. As the packet passes through the router, the router deducts the larger of one unit (one second) or the time that the packet was queued for delivery. For example, if a packet has a TTL of 128, it can stay on the network for 128 seconds or 128 hops (each stop, or router, along the way), or any combination of the two. The purpose of the TTL is to prevent lost or damaged data packets (such as missing e-mail messages) from endlessly wandering the network. When the TTL counts down to zero, the packet is eliminated from the network.

Another method used by the IP to increase the speed of transmission is known as "ANDing." The purpose of ANDing is to determine whether the address is a local or a remote site. If the address is local, IP will ask the Address Resolution Protocol (ARP), discussed in the next section, for the hardware address of the destination machine. If the address is remote, the IP checks its local routing table for a route to the destination. If a route exists, the packet is sent on its way. If no route exists, the packet is sent to the local default gateway and then on its way.

NOTE
An AND is a logical operation that combines the values of two bits (0, 1) or two Boolean values (false, true) that returns a value of 1 (true) if both input values are 1 (true) and returns a 0 (false) otherwise.

Address Resolution Protocol (ARP)

Before an IP packet can be forwarded to another host, the hardware address of the receiving machine must be known. The ARP determines hardware address (MAC addresses) that correspond to an IP address. If ARP does not contain the address in its own cache, it broadcasts a request for the address. All hosts on the network process the request and, if they contain a map to that address, pass the address back to the requestor. The packet is then sent on its way, and the new information address is stored in the router's cache.

Reverse Address Resolution Protocol (RARP)

A RARP server maintains a database of machine numbers in the form of an ARP table (or cache) which is created by the system administrator. In contrast to ARP, the RARP protocol provides an IP number to a requesting hardware address. When the RARP server receives a request for an IP number from a node on the network, it responds by checking its routing table for the machine number of the requesting node and sending the appropriate IP number back to the requesting node.

Internet Control Message Protocol (ICMP)

The ICMP is used by IP and higher-level protocols to send and receive status reports about information being transmitted. Routers commonly use ICMP to control the flow, or speed, of data between themselves. If the flow of data is too fast for a router, it requests that other routers slow down.

The two basic categories of ICMP messages are reporting errors and sending queries.

Transport Layer

The transport layer, corresponding to the transport layer of the OSI reference model, is responsible for establishing and maintaining end-to-end communication between two hosts. The transport layer provides acknowledgment of receipt, flow control, and sequencing of packets. It also handles retransmissions of packets. The transport layer can use either TCP or User Datagram Protocol (UDP) protocols depending on the requirements of the transmission.

Transmission Control Protocol (TCP)

The TCP is responsible for the reliable transmission of data from one node to another. It is a connection-based protocol and establishes a connection (also known as a session, virtual circuit, or link), between two machines before any data is transferred. To establish a reliable connection, TCP uses what is known as a "three-way handshake." This establishes the port number and beginning sequence numbers from both sides of the transmission. The handshake contains three steps:

The requestor sends a packet specifying the port number it plans to use and its initial sequence number (ISN) to the server.

The server acknowledges with its ISN, which consists of the requestor's ISN, plus 1.

The requestor acknowledges the acknowledgement with the server's ISN, plus 1.

In order to maintain a reliable connection, each packet must contain:

A source and destination TCP port number.

A sequence number for messages that must be broken into smaller pieces.

A checksum to ensure that information is sent without error.

An acknowledgement number that tells the sending machine which pieces of the message have arrived.

TCP Sliding Windows.

Ports, Sockets, and Sliding Windows

Protocol port numbers are used to reference the location of a particular application or process on each machine (in the application layer). Just as an IP address identifies the address of a host on the network, the port address identifies the application to the transport layer, thus providing a complete connection for one application on one host to an application on another host. Applications and services (such as file and print services or telnet) can configure up to 65,536 ports. TCP/IP applications and services typically use the first 1023 ports. The Internet Assigned Numbers Authority (IANA) has assigned these as standard, or default, ports. Any client applications dynamically assign port numbers as needed. A port and a node address together make up a socket.

Services and applications use sockets to establish connections with another host. If applications need to guarantee the delivery of data, the socket chooses the connection-oriented service (TCP). If the applications do not need to guarantee data delivery, the socket chooses the connectionless service (UDP).

A sliding window is used by TCP for transferring data between hosts. It regulates how much information can be passed over a TCP connection before the receiving host must send an acknowledgement. Each computer has both a send and a receive window that it utilizes to buffer data and make the communication process more efficient. A sliding window allows the sending computer to transmit data in a stream without having to wait for each packet to be acknowledged. This allows the receiving machine to receive packets out of order and reorganize them while it waits for more packets. The sending window keeps track of data that has been sent, and if an acknowledgement is not received within a given amount of time, the packets are re-sent.

User Datagram Protocol (UDP)

A connectionless protocol, the UDP, is responsible for end-to-end transmission of data. Unlike TCP, however, UDP does not establish a connection. It attempts to send the data and to verify that the destination host actually receives the data. UDP is best used to send small amounts of data for which guaranteed delivery is not required. While UDP uses ports, they are different from TCP ports; therefore, they can use the same numbers without interference.

Application Layer

Corresponding to the session, presentation, and application layers of the OSI reference model, the application layer connects applications to the network. Two application programming interfaces (APIs) provide access to the TCP/IP transport protocols—Windows Sockets and NetBIOS.

Windows Sockets Interface

Windows Sockets (WinSock) is a networking API designed to facilitate communication among different TCP/IP applications and protocol stacks. It was established so that applications using TCP/IP could write to a standard interface. WinSock is derived from the original sockets that API created for the BSD Unix operating system. WinSock provides a common interface for the applications and protocols that exist near the top of the TCP/IP reference model. Any program or application written using the WinSock API can communicate with any TCP/IP protocol and vice versa.

Exercise 6.2: Comparing OSI and TCP/IP Layers

Exercise 6.2 is designed to help you understand the relationship between the OSI model and Transmission Control Protocol/Internet Protocol (TCP/IP). Because TCP/IP was developed before the OSI reference model was developed, it does not exactly match the seven OSI reference model layers. In this exercise, you will be mapping the four layers of TCP/IP to the seven layers of the OSI model.

The four layers of TCP/IP are the:

Network interface layer.

Internet layer.

Transport layer.

Application layer.

The left column lists the seven layers of the OSI reference model. In the right column, fill in the name of the corresponding TCP/IP layer.

Comparison of OSI and TCP/IP Layers

OSI Layers	TCP/IP Layers
Application layer
Presentation layer
Session layer
Transport layer
Network layer
Data-link layer
Physical layer

Answers

Lesson Summary

The following points summarize the main elements of this lesson:

TCP/IP is an industry-standard suite of protocols providing communication in a heterogeneous environment.

The four layers of TCP/IP are the network-interface layer, Internet layer, transport layer, and application layer.

The TCP protocol works in the transport layer and provides connection-oriented communication between two computers.

The UDP protocol works in the transport layer and provides connectionless communication between two computers.

The network interface layer of TCP/IP maps to the physical and data-link layers of OSI.

The Internet layer of TCP/IP maps to the network layer of OSI.

The transport layer of TCP/IP maps to the transport layer of OSI.

The application layer of TCP/IP maps to the session, presentation, and application layers of OSI.