Security Diaries All About Security
Related Articles
Every basic you need to know about TCP/IP model
Hey there! We are spending our most of the time on the internet, you know that there are more than 1.5 trillion devices are connected to our internet right now. Have you ever thought, how all these devices are connected and communicating each other without any interruption? yes, TCP/IP is one of those pillars which build our present INTERNET. By the end of this article you will understand what is TCP/IP stack, how it came to existence. You can consider this article as introduction to networking tutorial from security diaries.
WHAT IS TCP/IP?
Transmission control protocol \internet protocol is protocol suite which provides end-to-end communication between two or more devices. Communication will be like sending data in the form of small packets. Much like the atom is the smallest unit of a cell, a packet is the smallest unit of transmitted information over the Internet. This is the basic of networking.
As we can see in the name those are two layers of protocols TCP and IP
TCP is responsible for dividing the information into small junks called packets.
IP is responsible for a locational aspect of communication devices which helps in routing the packets from correct source to destination. More precisely and simply IP is used to deliver content to the client or server. the telecommunications industry has transformed from sending bits to gigabytes with an exponential growth in innovation
Where and when it was started?
Well, to answer this question we need to go a few decades back. This brief history makes it clear how the Internet has evolved from a private network to a global one in less than 40 years. There are some networks like telephone and telegraph before computer networks
But those networks deal with the data which are having constant-rate communication after the established connection between two computers. Well, coming to computer networks deals with bursty data (which means data comes with different rates). So, to overcome this world is waiting for the invention of packet switching mechanism.
In 1961 finally, packet switching network was proposed by Paul Baran. This guy was one of the persons in making the first network possible. Here comes the ARPANET.
ARPANET
The Advanced Research Projects Agency (ARPA) in the Department of Défense (DOD) was interested in finding a way to connect computers so that the researchers they funded could share their findings, thereby reducing costs and eliminating duplication of effort. But the problem here is Computers from different manufacturers were unable to communicate with one another because we don’t have any proper rules which we call them as protocols now for communication of devices.
In 1967, ARPA presented its ideas for the Advanced Research Projects Agency Network (ARPANET). A small network with few computers (not necessarily from the same manufacturer) would be attached to a specialized computer called IMP (interface message processor). In return, IMP’s would be connected to each other. Each IMP had to be able to communicate with other IMPs as well as with its own attached host.
By 1969, ARPANET was a reality. Four nodes, at the University of California at Los Angeles (UCLA), the University of California at Santa Barbara (UCSB), Stanford Research Institute (SRI), and the University of Utah, were connected via the IMPs to form a network. Software called the Network Control Protocol (NCP) provided communication between the hosts. But it wasn’t over still we can’t be able to communicate with the computers in another network.
TCP/IP:
Thanks to Vint Cerf and Bob Kahn who invented TCP/IP. They wanted to link dissimilar networks (communication between one network computer to another network computer) so that a host on one network could communicate with a host on another. But they encountered some problems with diverse packet sizes, diverse interfaces, and diverse transmission rates, as well as differing reliability requirements. So, to overcome those problems they came with a solution which changed the world yes that was TCP/IP. It specifies how data should be packetized, addressed, transmitted, routed, and received. In October 1977, an internet consisting of three different networks (ARPANET, packet radio, and packet satellite) was successfully demonstrated. Communication between networks was now possible. IP would handle datagram routing while TCP would be responsible for higher level functions such as segmentation, reassembly, and error detection.
The original TCP/IP protocol suite was defined as four software layers built upon the hardware. Today, however, TCP/IP is thought of as a five-layer model. Let us have a look at both.
HOW TCP/IP WORK?
TCP/IP protocol suite is a layered architecture as we can see in the above image. Such that the working of this model involves 5 layers with each layer having its own responsibility. Encapsulation of data with respective headers of each layer at sender side and decapsulation of data at receiver side will summarize the communication between them.
For better understanding let us construct a small networking with two switches, one router, off course a source and a destination too.
This is the physical representation of our network. Now let’s see how the communication happens at logical level by implementing layered architecture of TCP/IP.
We have total five network devices in our network now. Source and destination hosts, two link layer switches, and one router. Communication between source and destination will carry on by passing data through this devices layer by layer.
First sender (A) interacts with the topmost layer like Application layer for sending any message or data to his girlfriend at the destination (B). The message then moves to the next layer that is Transport layer and encapsulated with the header of that layer. Like the same way, the message from the application layer will move downwards through all the five layers and encapsulated with the respective headers of each layer. Finally, the message reaches the bottom to physical layer.
Here the message is going to convert into electric pulses and ready to fly into the air or else they will travel through a wired medium. At the receiver end, it will be a bottom-up approach that is the message sent by her boyfriend will be slowly decapsulated layer-by-layer and finally, at the top application layer, she could read the message sent by her boyfriend. In between, the message is going to travel through two switches and one router for reaching the correct destination(B). In switches only, link layer and a physical layer included it doesn’t have top three layers. Likewise, the router is also having an only network, link, and physical layers. The job for a switch in the network is to connect the computers and other devices like printers together but in our network, we don’t have that sought of setup for just to mention we used it.
Coming to the router, it is used for routing the data packets for best possible traversal path to reach the destination. Although a router is always involved in one network layer, it is involved in n combinations of the link and physical layers in which n is the number of links the router is connected to. The reason is that each link may use its own data-link or physical protocol. In the above network, our router was connected to two different networks. One which is the source(A) and another is for destination(B) networks. Each network may be using different link-layer and physical-layer protocols the router needs to receive a packet from source network based on one pair of protocols and deliver it to destination network based on another pair of protocols. Although each switch in the above figure has two different connections, the connections are on the same network, which uses only one set of protocols. This means that, unlike a router, a link-layer switch is involved only in one data-link and one physical layer.
To make it easy to understand I just removed switches from our network. Now you can observe the duty of top three layers Application and Transport layers are end-to-end. Whereas rest of the two are host-to-host. The packets created by top three layers should not be changed by the intermediate devices like routers and link layer switches. The packets created at bottom two layers will change by only routers not link layer switch. Now, our question is why they changing at these two layers. We will be going to learn that now. For this, we need to go a bit deeper into layers.
APPLICATION LAYER
This is the topmost layer in the TCP\IP protocol suite probably user interface of the web to the end user. The logical connection in this layer is host-to-host communication. In another way, we can say that communication at this layer is program-to-program that is the program running on the sender side will going to communicate with the program at the receiver side. So, process-to-process is the responsibility of this layer. It deals with the protocols like HTTP(HYPERTEXT TRANSFER PROTOCOL) acts as bridge to WWW-World Wide Web in transferring web pages and text content, FTP-FILE TRANSFER PROTOCOL used for transferring files over web, SMTP/ SIMPLE MAIL TRANSFER PROTOCOL used when dealing with e-mails, SSH/SECURE SHELL PROTOCOL used for accessing site remotely, TELNET-TERMINAL NETWORK similar to SSH but less security, DNS/ DOMAIN NAME SYSTEM provides services like resolving IP into domain names. Any application that runs on the system belongs to application layer.
TRANSPORT LAYER
The transport layer is next to application layer and takes message or data from the application layer to encapsulate into user datagrams or packets depending on the protocol used. The transport layer provides end-to-end communication services for applications and responsible for delivering data to the appropriate application process on the host computers. These include forming data segments and adding source and destination port numbers in the header of each packet. Together with the source and destination IP address, the port numbers constitute a network socket. It provides services such as connection-oriented data stream support, reliability, flow control, and multiplexing.
We can say that transport layer is the backbone of the whole TCP/IP suite. The two main protocols used in this layer are TCP (TRANSMISSION CONTROL PROTOCOL) and UDP (USER DATAGRAM PROTOCOL)
TCP is a reliable protocol. TCP provides extensive error and flows control to ensure the successful delivery of data. TCP is called as a connection-oriented protocol. Applications that need reliable data stream service will rely on TCP.
Major Internet applications such as the World Wide Web, email, remote administration, and file transfer rely on TCP.
UDP is not a reliable protocol. There are no error checking, flow control, or congestion control for UDP and is designed for situations when extensive control features are not necessary. UDP is called as a connectionless protocol. when a packet is corrupted or lost a new protocol, Stream Control Transmission Protocol (SCTP) is designed to respond to new applications that are emerging in the multimedia. UDP may be used for multicasting and broadcasting since retransmissions are not possible to a large number of hosts. UDP typically gives higher throughput and shorter latency and is therefore often used for real-time multimedia communication where packet loss occasionally can be accepted, for example, IP-TV and IP-telephony, and for online computer games.
NETWORK LAYER
It is the third layer of TCP\IP protocol suite one of the most important layers. The network layer is responsible for creating a connection between the source and the destination computers. The communication at this layer is host-to-host. In this layer routing, the packets and port forwarding will be done. It is also responsible for the routing through intermediate routers in between the source and destination. Network layer protocols exist on every host or router. The router examines the header fields of all the IP packets that pass through it. Well, coming to protocols used in this layer are IP, ICMP, ECN, IGMP, IPsec and many more. We should mainly focus on IP(INTERNET PROTOCOL) is everywhere in the network that defines the format of the packet, called a datagram at the network layer.
IP also defines the format and the structure of addresses used in this layer. IP is also responsible for routing a packet from its source to its destination, which is achieved by each router forwarding the datagram to the next router in its path. IP is connectionless, a data packet can travel from a sender to a recipient without the recipient having to send an acknowledgment. The network layer also includes unicast (one-to-one) and multicast (one-to-many) routing protocols. The network layer also has some auxiliary protocols that help IP in its delivery and routing tasks. The Internet Control Message Protocol (ICMP) helps IP to report some problems when routing a packet. The Internet Group Management Protocol (IGMP) helps IP in multitasking. The Dynamic Host Configuration Protocol (DHCP) helps IP to get the network-layer address for a host. The Address Resolution Protocol (ARP) is a protocol that helps IP to find the link-layer address of a host when its network layer address is given.
DATA LINK LAYER
Data link layer is responsible for taking the datagram and moving it across the noses in a network. The data packet received from the above layer (network layer) is called as datagram in data link layer. There may be several bunches of networks that a datagram can travel from the host to the destination. The routers are responsible for choosing the best path in each network to pass over them. This layer is also responsible for error detection and also error correction. It also ensures that incoming data has been received successfully by analyzing bit patterns at special places in the frames. It depends on the protocols working on that layer. Usually, nowadays all networks are standardized with very efficient and sophisticated protocols to make the communication more reliable and flexible. Error checking and correction at each end, if error or packet loosed during the data transmission this layer is used to rectify those errors by retransmitting the loosed packet that is the integrity of the packet will be carried out by the protocols in this layer.
TCP\IP dose not defined any particular protocols for this layer. Any standard and proprietary protocols will support. The data link layer takes the datagram from the network layer and encapsulates into frames. And then those frames are being passes to the physical layer. The data link layer frame includes source and destination addresses, data length and other related Ethernet information to enhance communication.
The data link layer is further divided into two sublayers the first sublayer is the media access control (MAC) layer. The MAC layer allows the data link layer to provide the best data transmission and manage data flow control. The second sublayer is the logical link control (LLC). It manages error checking and data flow over a network.
PHYSICAL LAYER
It is the lowest level layer in the TCP\IP suite. Although it is the lowest layer there is also one more important thing to notice that was transmission medium. In general, mostly we use wired equipment for transmitting data. But the fact here is we are not transmitting data (binary) actually, we are about to transmitting electric pulses or optical signals. In wireless, we are transmitting radio signals. Where physical layer is responsible for converting the binary data received from higher layers to electric pulses or signals which will be further transmitted through wired or wireless. There are several protocols in physical layer that transform a bit into a signal.
Why TCP is used with TCP/IP not alone as TCP?
TCP is a protocol that is used to encapsulate the data or pack the data to send it to the target from the source. TCP just packs the data but don’t know where to send it. Here comes TCP/IP, stack or suite whatever you call it as. TCP/IP stack implements IP with TCP and helps to deliver data to the targets.
