• he Datalink layer consists of methods and protocols that operate only on a link, which is the network component that interconnects nodes or hosts in the network.  Protocols in the layer include Ethernet and ARP.


• The  Internet or Networking layer connects independent networks to transport the packets containing the data across network boundaries. Protocols are IP and ICMP.


• The  Transport layer handles communications between hosts and is responsible for flow control, reliability and multiplexing. Protocols include TCP and UDP.


• The  Application layer standardizes data exchange for applications. Protocols include HTTP, FTP, POP3, SMTP, and SNMP.


• TCP/IP technically applies to network communications where the TCP transport is used to deliver data across IP networks. A so-called "connection-oriented" protocol, TCP works by establishing a virtual connection between two devices via a series of request and reply messages sent across the physical network.


• Most computers users have heard the term TCP/IP even if they don't know what it means. The average person on the internet works in a predominately TCP/IP environment. Web browsers, for example, use TCP/IP to communicate with Web servers. Millions of people use TCP/IP every day to send email, chat online and play online games without knowing how it works.

How TCP/IP Works

TCP/IP Protocol Architecture

TCP/IP protocols map to a four-layer conceptual model known as the DARPA model, named after the U.S. government agency that initially developed TCP/IP. The four layers of the DARPA model are: Application, Transport, Internet, and Network Interface. Each layer in the DARPA model corresponds to one or more layers of the seven-layer Open Systems Interconnection (OSI) model.

The following figure shows the TCP/IP protocol architecture.

TCP/IP Protocol Architecture

Note

• The architectural diagram above corresponds to the Internet Protocol TCP/IP and does not reflect IP version 6. To see a TCP/IP architectural diagrm that includes IPv6, see How IPv6 Works in this technical reference.

Network Interface layer

The Network Interface layer (also called the Network Access layer) handles placing TCP/IP packets on the network medium and receiving TCP/IP packets off the network medium. TCP/IP was designed to be independent of the network access method, frame format, and medium. In this way, TCP/IP can be used to connect differing network types. These include local area network (LAN) media such as Ethernet and Token Ring and WAN technologies such as X.25 and frame Relay. Independence from any specific network media allows TCP/IP to be adapted to new media such as asynchronous transfer mode (ATM).

The Network Interface layer encompasses the Data Link and Physical layers of the OSI model. Note that the Internet layer does not take advantage of sequencing and acknowledgment services that might be present in the Network Interface layer. An unreliable Network Interface layer is assumed, and reliable communication through session establishment and the sequencing and acknowledgment of packets is the function of the Transport layer.

Internet layer

The Internet layer handles addressing, packaging, and routing functions. The core protocols of the Internet layer are IP, ARP, ICMP, and IGMP.

• The Internet Protocol (IP) is a routable protocol that handles IP addressing, routing, and the fragmentation and reassembly of packets.


• The Address Resolution Protocol (ARP) handles resolution of an Internet layer address to a Network Interface layer address, such as a hardware address.


• The Internet Control Message Protocol (ICMP) handles providing diagnostic functions and reporting errors due to the unsuccessful delivery of IP packets.


• The Internet Group Management Protocol (IGMP) handles management of IP multicast group membership.

The Internet layer is analogous to the Network layer of the OSI model.

Transport layer

The Transport layer (also known as the Host-to-Host Transport layer) handles providing the Application layer with session and datagram communication services. The core protocols of the Transport layer are Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP).

• TCP provides a one-to-one, connection-oriented, reliable communications service. TCP handles the establishment of a TCP connection, the sequencing and acknowledgment of packets sent, and the recovery of packets lost during transmission.


• UDP provides a one-to-one or one-to-many, connectionless, unreliable communications service. UDP is used when the amount of data to be transferred is small (such as data that fits into a single packet), when you do not want the overhead of establishing a TCP connection, or when the applications or upper layer protocols provide reliable delivery.

The TCP/IP Transport layer encompasses the responsibilities of the OSI Transport layer.

Application layer

The Application layer lets applications access the services of the other layers and defines the protocols that applications use to exchange data. There are many Application layer protocols and new protocols are always being developed.

The most widely known Application layer protocols are those used for the exchange of user information:

• The Hypertext Transfer Protocol (HTTP) is used to transfer files that make up the Web pages of the World Wide Web.


• The File Transfer Protocol (FTP) is used for interactive file transfer.


• The Simple Mail Transfer Protocol (SMTP) is used for the transfer of mail messages and attachments.


• Telnet, a terminal emulation protocol, is used for logging on remotely to network hosts.

Additionally, the following Application layer protocols help facilitate the use and management of TCP/IP networks:

• The Domain Name System (DNS) is used to resolve a host name to an IP address.


• The Routing Information Protocol (RIP) is a routing protocol that routers use to exchange routing information on an IP internetwork.


• The Simple Network Management Protocol (SNMP) is used between a network management console and network devices (routers, bridges, intelligent hubs) to collect and exchange network management information.

Examples of Application layer interfaces for TCP/IP applications are Windows Sockets and NetBIOS. Windows Sockets provides a standard application programming interface (API) under Windows Server 2003. NetBIOS is an industry-standard interface for accessing protocol services such as sessions, datagrams, and name resolution. More information on Windows Sockets and NetBIOS is provided later in this chapter.

The TCP/IP Application layer encompasses the responsibilities of the OSI Session, Presentation, and Application layers.

TCP/IP Core Protocols

The TCP/IP protocol component that is installed in your network operating system is a series of interconnected protocols called the core protocols of TCP/IP. All other applications and other protocols in the TCP/IP protocol suite rely on the basic services provided by the following protocols: IP, ARP, ICMP, IGMP, TCP, and UDP.

IP

IP is a connectionless, unreliable datagram protocol primarily responsible for addressing and routing packets between hosts. Connectionless means that a session is not established before exchanging data. Unreliable means that delivery is not guaranteed. IP always makes a “best effort” attempt to deliver a packet. An IP packet might be lost, delivered out of sequence, duplicated, or delayed. IP does not attempt to recover from these types of errors. The acknowledgment of packets delivered and the recovery of lost packets is the responsibility of a higher-layer protocol, such as TCP. IP is defined in RFC 791.

An IP packet consists of an IP header and an IP payload. The following table describes the key fields in the IP header.