TCP/IP protocols add a header to data inherited from the

layer above it
Layers 7, 6, and 5 - Data and instructions, known as
payload
Layer 4 – A Transport Layer protocol, usually TCP or
UDP, adds a header to the payload
• Includes a port number to identify the receiving app
Layer 3 - Network layer adds it own header and becomes a
packet
Layer 2 - packet is passed to Data Link layer on NIC,
which encapsulates data with its own header and trailer,
creating a frame
Three characteristics of TCP:
• Connection-oriented - TCP ensures that a connection
or session is established by using a three-step process called
a three-way handshake
Three transmissions are sent before data
transmission:
• Step 1 – a request for a connection (SYN)
• Step 2 – a response to the request (SYN/ACK)
• Step 3 – a connection is established (ACK)
Sequence numbers will be increased by the number of bits
included in each received
segment
• Confirms the correct length of message was received
• Sequencing and checksums - TCP sends a character
string called a checksum that is checked by the destination
host along with a sequence number for each segment
• Flow control - gauges rate of transmission based on
how quickly recipient can accept data

UDP provides no error checking, sequencing, or flow

control, no three-way handshake
 • This makes UDP more efficient than TCP carrying
messages within one data packet, but does not guarantee
delivery of data
 Useful for live audio or video transmissions over the
Internet

: Source port, Destination port, Length, and Checksum

• Use of Checksum field in UDP is optional in IPv4, but
required in IPv6

IP enables TCP/IP to internetwork

• To traverse more than one LAN segment and type of
network through a router
IP does not guarantee delivery of data and no session is
established before data is transmitted(IP depends on TCP to
ensure)

IPv6 Packets
• IPv6 uses a different packet format than IPv4
• IPv6 can accommodate the much longer IPv6
addresses
• There is no Fragment offset field
• IPv6 hosts adjust their packet sizes to fit the
requirements of the network before sending IPv6 messages

ICMP can indicate the following:

• When part of a network is congested
• When data fails to reach its destination
• When data has been discarded because the allotted
TTL(time-to-live) has expired
ICMP announces transmission failures to the sender but
does not correct errors it detects.
ARP is a Layer 2 protocol that uses IPv4 to discover the
MAC address of a host or node on the (only)local network in
Layer 3 and relies on broadcasting
Two types of entries:
• Dynamic - created when a client makes an ARP request
that could not be satisfied by data already in the ARP table
• Static - those someone entered manually using the ARP
utility (arp -a command)

NDP (Neighbor Discovery Protocol) information carried in

ICMPv6 messages
automatically detects neighboring devices and automatically
adjusts when nodes fail or are removed

NDP offers several ICMPv6 message types:

• RA (router advertisement)
• RS (router solicitation)
• Redirect
• NS (neighbor solicitation)
• NA (neighbor advertisement)

Ethernet is the most important data link layer standard

 Capable of running on a variety network media
 Offers excellent throughput
 The most popular network technology
 Adds both a header and a trailer to the payload(creates
frame)
 Theheader+Frame(inc.MAC)CheckSequence
(FCS)=18-byte “frame” data frame from 46 to
1500 bytes
 MTU(max transmission unit) routers allow at 3rd layer

Key Encryption
A random string of characters:
 Generates unique data block(ciphertext)
Created according to algorithms
Two categories:
Private uses only one key, which is secure between
sender and receiver.
Public relies on receiver that can be safe by anyone
IPsec:
-defines rules for encryption, authentication and key
management for TCP/IP transmissions
-creates secure connections in five steps
1. IPsec initiation
2. Key management
3. Security negotiations
4. Data transfer
5. Termination
Operates in two modes
Transport and Tunnel mode