TCP/IP and OSI Models
What is TCP/IP?
TCP/IP stands for Transmission Control Protocol/Internet Protocol and is a suite of communication protocols used to interconnect network devices on the internet. TCP/IP is also used as a communications protocol in a private computer network (an intranet or extranet).
The entire IP suite -- a set of rules and procedures -- is commonly referred to as TCP/IP. TCP and IP are the two main protocols, though others are included in the suite. The TCP/IP protocol suite functions as an abstraction layer between internet applications and the routing and switching fabric.
Four Layers of TCP/IP:
The functionality of the TCP IP model is divided into four layers, and each includes specific protocols.
TCP/IP is a layered server architecture system in which each layer is defined according to a specific function to perform. All these four TCP IP layers work collaboratively to transmit the data from one layer to another.
Application Layer
Allows access to network resources
Transport Layer
Provides a reliable process to send and receive messages
Internet Layer
Moves packets from source to destination
Provides internetworking
Network Interface
Responsible for the transmission between two devices on the same network
Application Layer:
The Application layer interacts with an application program, which is the highest level of the TCP/IP model. The application layer that is closest to the end-user. This means that the application layer allows users to interact with other software applications.
Examples of the application layer are applications such as file transfer, email, and remote login. Some application layer protocols include HTTP, FTP, Post Office Protocol 3 (POP3), Simple Mail Transfer Protocol (SMTP) and Simple Network Management Protocol (SNMP).
HyperText Transfer Protocol (HTTP) Web Browser
What is HTTP?
The Hypertext Transfer Protocol is an application protocol for distributed, collaborative, hypermedia information systems that allows users to communicate data on the World Wide Web.
File Transfer Protocol (FTP):
What is FTP?
The File Transfer Protocol is an application protocol used to send files from computer to computer, with one of them acting as the server, providing the two have an Internet connection.
Secure Shell (SSH):
What is SSH?
The Secure Shell protocol is an application protocol that is used to connect to a device remotely. It has terminal emulation software similar to Telnet. The reason SSH is more preferred is because of its ability to maintain the encrypted connection. It sets up a secure session over a TCP/IP connection.
Post Office Protocol 3 (POP3):
What is POP3?
The Post Office Protocol 3 is an application protocol used for receiving an email by downloading it to your computer from a mailbox on the server of an internet service provider.
Network Time Protocol (NTP):
What is NTP?
The Network Time Protocol is an application protocol that is used to synchronize time between a network of machines.
Simple Mail Transfer Protocol (SMTP):
What is SMTP?
The Simple Mail Transfer Protocol is an application protocol used for sending e-mails over the internet.
Simple Network Management Protocol (SNMP):
What is SNMP?
The Simple Network Management Protocol is an application protocol used as a way for different devices on a network to share information with one another. It allows devices to communicate even if the devices are different hardware and run different software.
What is a port?
A port is a virtual point where network connections start and end. Ports are software-based and managed by a computer's operating system. Each port is associated with a specific process or service. Ports allow computers to easily differentiate between different kinds of traffic: emails go to a different port than webpages, for instance, even though both reach a computer over the same Internet connection.
Note: See the below table for a list of the protocols, a brief description, and their ports.
Transport Layer:
The transport layer is responsible for maintaining end-to-end communications across the network. TCP handles communications between hosts and provides flow control, multiplexing and reliability. The transport protocols include TCP and User Datagram Protocol, which is sometimes used instead of TCP for special purposes.
TCP vs UDP:
Transmission Control Protocol (TCP) – It is known to provide reliable and error-free communication between end systems. It performs sequencing and segmentation of data. It also has acknowledgment features and controls the flow of the data through flow control mechanism. It is a very effective protocol but has a lot of overhead due to such features. Increased overhead leads to increased cost.
User Datagram Protocol (UDP) – On the other hand does not provide any such features. It is the go-to protocol if your application does not require reliable transport as it is very cost-effective. Unlike TCP, which is connection-oriented protocol, UDP is connectionless
Example: Imagine you’re in middle school, there's a cute goth girl across your classroom that you want to send a note to. TCP is like handing her a note and standing there while she reads it waiting for a response (It’s slower, it’s kind of awkward, but you’ll get your answer). UDP is like throwing it at the back of her head and running out of the class (Fast but she may or may not receive the message).
Network Layer:
The network layer, also called the internet layer, deals with packets and connects independent networks to transport the packets across network boundaries. The network layer protocols are IP and Internet Control Message Protocol, which is used for error reporting.
Physical Layer:
The physical layer, also known as the network interface layer or data link layer, consists of protocols that operate only on a link -- the network component that interconnects nodes or hosts in the network. The protocols in this lowest layer include Ethernet for local area networks and Address Resolution Protocol.
Internet Protocol (IP):
What is IP?
IP stands for Internet Protocol and it is responsible for delivering packets from the source host to the destination host by looking at the IP addresses in the packet headers. IP has 2 versions:
IPv4 and IPv6. IPv4 is the one that most of the websites are using currently. But IPv6 is growing as the number of IPv4 addresses are limited in number when compared to the number of users.
Internet Control Message Protocol (ICMP):
ICMP stands for Internet Control Message Protocol. It is encapsulated within IP datagrams and is responsible for providing hosts with information about network problems.
Address Resolution Protocol (ARP):
ARP stands for Address Resolution Protocol. Its job is to find the hardware address of a host from a known IP address. ARP has several types: Reverse ARP, Proxy ARP, Gratuitous ARP and Inverse ARP. We don’t know what these are yet.
What is an IP Address?
By definition:
An IP address is a unique address that identifies a device on the internet or a local network. IP stands for "Internet Protocol," which is the set of rules governing the format of data sent via the internet or local network.
In practice:
An IP address is used to connect, send, or receive data from any other device. This is how any external device is able to communicate to your device over the internet.
Example:
Let’s say you are unable to connect to any google site from your PC. You have already checked your internet options and you are able to connect to the internet/other sites. Since your computer is connected to the World Wide Web, it will use a public DNS server (We will talk about DNS later) to resolve any IP addresses that the system does not already know.
How to obtain your IP address:
There are multiple ways to obtain your IP address. An easy way is to open command prompt or PowerShell (Windows) or terminal (Linux). Running the command “ipconfig” (Windows) or “ifconfig” (Linux) will show the IP address being used.
In powershell, you can run the “get-netadapter” cmdlet to discover all of the network adapters configured in your system. You can then use the cmdlet “get-netipaddress -InterfaceIndex <index #>” to get the IP address of a particular interface.
On Red Hat Linux Distributions, you can use ‘nmcli’ to identify network interfaces and their associated IP addresses. You can also use the command “ip addr”.
Links:
https://www.kaspersky.com/resource-center/definitions/what-is-an-ip-address
What is an IPv4 address?
The internet was born from a research network called ARPANET i.e. a computer network funded by the Advanced Research Projects Agency of the U.S. Department of Defense. On its first day of office in 1969, ARPANET operated across 4 hosts. Each host had a unique address for online communication. The online addresses were identified using 8-bit numbers called the Network Control Protocol (NCP). ARPANET was thus, an 8-bit network. By 1981, it had evolved into a national network connecting 213 hosts across universities and research facilities. Soon, all kinds of networks emerged and so did the need to connect these heterogeneous networks into one big inclusive network. The idea was to maintain the heterogeneous nature of each network and also allow users to communicate across networks. To this end, the first half of the 1970s witnessed Robert Khan (DARPA) and Vint Cerf (NCP) work on a Transmission Control Program and publish their first paper in 1974.
It was implemented through 4 versions, wherein the 3rd version segregated itself into Transmission Control Protocol (TCP) and Internet Protocol (IP). By 1978, the very first draft of TCP/IP v4 was published. By 1981 it became a standard and on 1st January 1983 i.e. “flag day”, ARPANET retired NCP and adopted TCP/IP.
An IPv4 address is a 32-bit binary number.
The thirty-two bits are separated into four groups of eight bits. Each group is called an octet. Each bit has a value.
Each octet contains 8-bits. As you can see in the above image, the first octet is “172”. Underneath each octet is the binary value of that number.
Links:
https://d12vzecr6ihe4p.cloudfront.net/media/965927/wp-binary-and-ip-address-basics-of-subnetting.pdf
https://bluecatnetworks.com/glossary/what-is-ipv4/
How to convert to Binary:
The maximum value an octet can have is 255
Each octet contains 8 bits. There are four octets in an IPv4 Address
Let's break down Octet 1 - 172
Can you remove 128 from 172? Yes (172 - 128 = 44)
Can you remove 64 from 44? No
Can you remove 32 from 44? Yes (44 - 32 = 12)
Can you remove 16 from 12? No
Can you remove 8 from 12? Yes (12 - 8 = 4)
Can you remove 4 from 4? Yes (4 - 4 = 0)
The binary value of 172 is: 10101100
Repeat the steps above for the following IP addresses:
192.10.254.64
254.90.86.12
252.49.96.147
159.152.116.54
210.177.117.190
170.109.155.199
Uses of TCP/IP
TCP/IP can be used to provide remote login over the network for interactive file transfer to deliver email, to deliver web pages over the network and to remotely access a server host's file system. Most broadly, it is used to represent how information changes form as it travels over a network from the concrete physical layer to the abstract application layer. It details the basic protocols, or methods of communication, at each layer as information passes through.
Links:
https://www.techtarget.com/searchnetworking/definition/TCP-IP
The OSI Model
The OSI Model (Open Systems Interconnection Model) is a conceptual framework used to describe the functions of a networking system. The OSI model characterizes computing functions into a universal set of rules and requirements in order to support interoperability between different products and software. In the OSI reference model, the communications between a computing system are split into seven different abstraction layers: Physical, Data Link, Network, Transport, Session, Presentation, and Application.
Physical Layer:
The lowest layer of the OSI Model is concerned with electrically or optically transmitting raw unstructured data bits across the network from the physical layer of the sending device to the physical layer of the receiving device. It can include specifications such as voltages, pin layout, cabling, and radio frequencies. At the physical layer, one might find “physical” resources such as network hubs, cabling, repeaters, network adapters or modems.
Data Link layer:
At the data link layer, directly connected nodes are used to perform node-to-node data transfer where data is packaged into frames. The data link layer also corrects errors that may have occurred at the physical layer.
The data link layer encompasses two sub-layers of its own. The first, media access control (MAC), provides flow control and multiplexing for device transmissions over a network. The second, the logical link control (LLC), provides flow and error control over the physical medium as well as identifies line protocols.
Network layer:
The network layer is responsible for receiving frames from the data link layer, and delivering them to their intended destinations based on the addresses contained inside the frame. The network layer finds the destination by using logical addresses, such as IP (internet protocol). At this layer, routers are a crucial component used to quite literally route information where it needs to go between networks.
Transport layer:
The transport layer manages the delivery and error checking of data packets. It regulates the size, sequencing, and ultimately the transfer of data between systems and hosts. One of the most common examples of the transport layer is TCP or the Transmission Control Protocol.
Session Layer:
The session layer controls the conversations between different computers. A session or connection between machines is set up, managed, and terminated at layer 5. Session layer services also include authentication and reconnections.
Presentation Layer:
The presentation layer formats or translates data for the application layer based on the syntax or semantics that the application accepts. Because of this, it is sometimes also called the syntax layer. This layer can also handle the encryption and decryption required by the application layer.
Application Layer:
At this layer, both the end user and the application layer interact directly with the software application. This layer sees network services provided to end-user applications such as a web browser or Office 365. The application layer identifies communication partners, resource availability, and synchronizes communication.
Comments
Post a Comment