The IP protocol family, commonly referred to as TCP/IP is an open protocol suite deployed on most operating systems. TCP/IP allows local area networking, wide area networking, and the Internet to function easily in an environment made up of different computers, operating systems, routers, applications, and devices.
Architecture
The TCP/IP architecture or "layers" is made up of 4 layers: network access, Internet, Transport, and Application.
Network Access
Network access is made up of the lowest level of networking that ride on the physical media. Network access protocols include Ethernet, Frame Relay, HDLC, and PPP. The Network Access layer ensures protocols are translated to the necessary electronic signals needed for the media. A communication at the network access level appears as:
Source Hardware Address
Destination Hardware Address
Data
For example, an Ethernet communication would be:
Ethernet Source (Source MAC - Media Access Control)
Ethernet Destination (Destination Mac)
Data
These communication elements are referred to as frames. For example, Ethernet frames.
Internet
The Internet layer defines network addressing and routing, and is the Internet Protocol (as opposed to the IP suite or IP Family of Protocols). IPs are globally unique so that traffic can be be sent to anywhere on the planet. (Network Address Translation [NAT] allows us to reuse addresses behind firewalls, but the rest of the computers on the planet believe they are communicating to a unique address, which happens to be assigned to your NAT on your firewall.)
An IP communication would look like this:
Source IP Address
Destination IP Address
Data
Note that all of this would appear in the data portion of the network access communication, so the complete picture would look like this:
Source MAC
Destination MAC
Source IP
Destination IP
Data
This "process" of "filling in" the data portion of the payload from the lower level protocol is called encapsulation, since you are encapsulating data that the lower protocol only needs to deliver and not worry about the contents.
At the Internet layer, these elelements are referred to as packets. For example, an IP packet.
Transport
The transport layer provides the interface for applications to communicate through. Although the Internet protocol can get packets to their destination, how is the receiving end supposed to know what to do with the packet? The transport layer provides this functionality. The two most common transport protocols are the transport control protocol (TCP) and user datagram protocol (UDP).
How do TCP and UDP provide an interface to the application? By providing source and destination port assignments. For example, port 80 is commonly used for web traffic (http), while email uses port 25 (smtp).
TCP is considered connection oriented, which means that the protocol has capabilities built in to ensure the packet is received and will try to correct the situation with retransmit and checksums to ensure traffic is received. TCP is ideal for protocols such as web and email traffic.
UDP, on the other hand is connectionless and does not guarantee delivery. When would delivery not be important? A common use of UDP is voice--if a packet is lost once in a while, it will typically not be noticed or can be ignored. Even if TCP was used, waiting on a packet to be retransmitted could be worse than dropping the packet--making the conversation choppy.
The encapsulation of a TCP packet looks like this:
Source MAC
Destination MAC
Source IP
Destination IP
Source TCP Port
Destination TCP Port
Data
Transmissions at the transport level are referred to as segments, i.e., TCP segments.
Application
The highest protcol layer is the application protocol. The application protocol defines how two nodes communicate through the application. Application protocols use the transport protocol for the actually transmission, but the Application protocol defines how they communicate within the particular port. For example, web traffic, or the hyper text transport protocol (http) has function to download pages (get), and upload data (put). Email (simple mail transport protocol [SMTP]) provides functions to identify the receiver, the sender, and the contents of the email.
The encapsulation for the Application layer is the final encapsulation and looks like this:
Source MAC
Destination MAC
Source IP
Destination IP
Source TCP Port
Destination TCP Port
Application Protocol Function
Data
Summary
This is a brief introduction to TCP/IP. Please feel free to drop a line with questions or feedback.
