Host to Network Layer Protocols

● The Host-to-Network Layer (Network Access Layer) is the lowest layer responsible
for the physical connection between devices on a local network.
● It handles data transmission over the hardware components and focuses on the
protocols required for local network communication and access.
● The network access layer of TCP/IP encompasses all the functionality of both
the Data Link and Physical layers of the OSI network model.
● Encapsulation, framing, media access, physical addressing, as well as all the
physical standards associated with cabling, connectors, encoding all occur
here.
● Each network to access layer protocol defines a specific frame type in which to
encapsulate a packet for delivery within the network segment.
● If all devices on the media use the same network to access protocol and standard,
the frame type is understood and the frame is delivered to the appropriate device.
SLIP (Serial Line Internet Protocol)
● SLIP was developed by Rick Adams in 1984.
● Serial Line Internet Protocol (SLIP) is a network protocol used for
connecting computers to the internet over serial connections, such
as dial-up lines.
● It is a simple protocol for transmitting IP packets over serial
connections (such as telephone lines or direct serial cable
connections). It is used to encapsulate IP packets and transport them
to the other end of the connection through the serial line.
● SLIP was one of the first protocols used for dial-up internet connections,
allowing remote access to networks before the development of PPP
(Point-to-Point Protocol), which eventually replaced it.
● SLIP was created to allow computers to connect to the Internet over
dial-up connections. When a computer connects to the Internet
using SLIP, it makes a serial connection to a modem or other
serial device.

SLIP protocol has limitations :

1. One of the most significant disadvantages is the absence of
error-checking methods. It SLIP does not identify or retransmit
packets that are lost or corrupted during transmission. As a result,
SLIP is regarded as an unreliable protocol.
2. Another limitation of SLIP is that it does not have authentication
techniques. This means that data sent through a SLIP connection is
insecure and can be intercepted and accessed by unauthorised
users.
Working : SLIP is a very simple protocol that performs basic encapsulation of IP packets for
transmission over serial links.
1. Encapsulation : SLIP encapsulates an IP packet by adding a special delimiter (end byte) to
signal the start and end of each packet.
2. Framing : SLIP frames the IP packet but doesn't provide any error correction, encryption, or
packet header management.
3. Transmission : The framed packet is sent over the serial connection to the receiving device.
Since SLIP only frames packets without additional information, it lacks features like error detection
or addressing.
SLIP originated as a simple protocol for framing an IP packet-an Internet Protocol packet that
consists of an IP header (which includes the source and destination IP addresses), followed by
data (the data sent from source to destination).
SLIP frame has a very simple format, comprising of payload and a flag that acts as an end
delimiter. The flag is generally a special character. If this flag is present in the data, then an
escape sequence precedes it, so that the receiver does not consider it as the end of the frame
Advantages of SLIP :
1. SLIP has a simple structure with minimal overhead, which allows fast transmission on
low-bandwidth connections.
2. SLIP is a simple protocol that encapsulates IP packets for transmission over serial links, making it
easy to implement.
3. SLIP played an important role in the early days of the internet, allowing simple remote access
over dial-up connections.
4. SLIP is an efficient protocol that does not include any unnecessary overhead, which makes it
ideal for low-bandwidth connections.
Disadvantages of SLIP :
1. SLIP does not have built-in error detection or correction, meaning corrupted data cannot be
identified or corrected.
2. SLIP requires manual configuration for settings like IP addresses, making it less user-friendly.
3. SLIP does not support user authentication, making connections vulnerable to unauthorized
access.
4. SLIP does not support addressing information or packet size control, which limits its flexibility and
makes it inefficient for more complex networks.
PPP (Point-to-Point Protocol)
● Point-to-Point Protocol (PPP) is a more advanced protocol for establishing
a TCP/IP connection over any point-to-point link, including dial-up serial
links.
● PPP is a protocol within the Network Access Layer (Host-to-Network Layer)
of TCP/IP model. This layer is responsible for managing the direct
connections between devices on the same network and provides physical
transmission of data over a medium, such as serial dial-up link.
● PPP became one of the most common protocols used for Internet access at
that time with the basic purposes was to provide Internet access to users.
● PPP is a TCP/IP protocol that is used to connect one computer system to
another.
● A PPP connection exists when two systems physically connect through a
telephone line. PPP is designed to establish a direct connection between two
network nodes.
PPP (Point-to-Point Protocol) is used to connect two network devices. PPP is frequently used for connecting
to the Internet through dial-up, DSL, cable, or other types of connection.

PPP has various advantages over SLIP that make it a more robust and secure protocol :
1. PPP includes error detection and correction techniques to ensure that data is reliably transferred over
the connection. PPP will detect and retransmit a packet if it is lost or corrupted during transmission.
2. PPP has procedures for verifying the identification of the connecting devices. This prevents
unauthorised access and potential security breaches by ensuring that only authorised users can
access the network.
3. PPP has encryption techniques to prevent unauthorised users from eavesdropping and interception of
data transmitted over the connection.

Link establishment, authentication, and network layer protocol configuration are the three stages of
mechanism of PPP.
● During the Link Establishment stage, two devices negotiate and come to terms on connection settings
such as error correction methods.
● The two devices authenticate each other's identities during the authentication stage using protocols
such as the Password Authentication Protocol (PAP).
● The two devices negotiate the network layer protocol to be used, such as IP, and specify the required
settings for that protocol during the Network Layer Protocol Configuration stage.
PPP frame
format
● Flag field (1 byte) : The flag field identifies the boundaries of PPP frame i.e. each frame begins
and ends with flag field. This field is 1 byte in length.
● Address field (1 byte) : This field contains a value indicating that the packet is addressed to all
recipients. Address field indicates the address of destination. Address field is 1 byte (8 bits).
When the address field contains all 1's i.e. 11111111, this indicates that all stations are to accept
the frames (broadcast).
● Control field (1 byte) : PPP normally runs in connectionless mode therefore control field is set to
11000000. This indicates unnumbered frames i.e. frame does not contain sequence numbers and
there is no flow or error control.
● Protocol field (2 bytes) : Protocol field defines the information of data field. The protocol field is
5 1 or 2 byte long.
● Data field : The data field contains the actual data to transmit, plus padding if necessary. The
length of this field is variable.
● Frame Check Sequence (FCS) : The FCS field is 24 byte long and contains CRC code. It
checks length of all fields in frame.
Advantages of PPP over SLIP :
1. Multi-Protocol Support : PPP allows multiple types of network layer protocols (IP,
IPv6, etc.) to use the same link, making it versatile for different types of networks.
2. Error Detection and Reliability : Through its FCS, PPP ensures data integrity over
the link, which is especially useful on error-prone connections like dial-up.
3. Authentication : PAP and CHAP authentication provide a layer of security, verifying
the identity of each endpoint.
4. Compression Support : PPP supports compression to optimize data transfer speeds
over low-bandwidth links.
5. Link Management : LCP continuously monitors and manages the link quality and
configuration, providing stability to the connection.
Disadvantages of PPP over SLIP :
1. PPP helps one-on-one networks but doesn't work for many links.
2. Setting it up of PPP can be more complex than other protocols.
3. Cost : Installation costs of PPP may be higher than others.
Internet Layer Protocols
● In the TCP/IP model, the Internet Layer is responsible
for routing packets across network boundaries.
● It provides logical addressing, packet forwarding, and
routing, enabling data to travel from the source to the
destination across interconnected networks.
● The main protocols in the Internet Layer include Internet
Protocol (IP), Address Resolution Protocol (ARP),
Reverse Address Resolution Protocol (RARP), Internet
Control Message Protocol (ICMP).
IP (Internet Protocol)
● The Internet Protocol (IP) is protocol of the TCP/IP network
model operating within the Internet Layer.
● The main function of this layer is to route data packets
between devices across different networks, allowing for
end-to-end communication over the internet.
● IP provides a mechanism for addressing and delivering
packets to their intended destinations, regardless of network
infrastructure differences, and enables data to traverse multiple
networks efficiently.
Functions of Internet Protocol (IP) :
1. Logical Addressing :
● In addressing IP assigns a unique identifier, known as an IP address, to
each device on a network. This logical address allows devices to
communicate across diverse networks and helps routers to determine the
best path for each data packet.
● IPv4 uses 32-bit addresses (e.g., 192.168.1.1), while IPv6 uses 128-bit
addresses. (e.g.. 2001:0018:85a3:0000:0000:8a2e:0370:7334), allowing
for vastly more unique addresses.
2. Packet Routing :
● IP determines the most efficient path for data to travel from source to
destination across interconnected networks.
● Routers use IP headers to forward packets to their intended destinations,
analyzing source and destination addresses to determine the best route.
3. Fragmentation and Reassembly :
● IP handles fragmentation, where large packets are broken down
into smaller fragments to accommodate different network
requirements (such as varying Maximum Transmission Units, or
MTU sizes).
● At the destination, IP reassembles these fragments into the
original packet, ensuring successful data delivery.
4. Encapsulation and Decapsulation :
● IP encapsulates data from the transport layer (such as TCP or
UDP segments) into IP packets and adds a header containing
crucial information.
● Upon reaching the destination, the IP layer removes its header,
allowing the transport layer data to be processed.
IP Header Format : The header that IP applies to the data it receives from the
transport layer protocol is typically 20 bytes long. The datagram format is shown :
1. Type of Service (1 byte) : This field contains a code that specifies the
service priority for the datagram. This is a rarely used feature that enables a
system to assign a priority to a datagram that routers observe while forwarding
it through an internetwork. The values provide a trade-off among delay,
throughput and reliability.
2. Fragment Offset (13 bits) : When a datagram is fragmented, the system
inserts a value in this field that identifies this fragment's place in the datagram.
3. Internet Header Length (IHL, 4 bits) : This field specifies the length of the
datagram header, in 32-bit (4-byte) words. The typical length of a datagram
header is five words (20 bytes), but if the datagram includes additional options,
it can be longer, which is the reason for having this field.
4. Header Checksum (2 bytes) : This field contains a checksum value
computed on the IP header fields only (and not the contents of the Data field)
for the purpose of error detection.
5. Data (variable) : This field contains the information generated by the protocol
specified in the Protocol field. The size of the field depends on the data-link
layer protocol used by the network over which the system will transmit the
datagram.
6. Source IP Address (4 bytes) : This field specifies the IP address of the
system that generated the datagram.
7. Time to Live (TTL, 1 byte) : This field specifies the number of networks that
the datagram should be permitted to travel through on the way to its destination.
Each router that forwards the datagram reduces the value of this field by one. If
the value reaches zero, the datagram is discarded.
8. Flags (3 bits) : This field contains bits used to regulate the datagram
fragmentation process.
9. Options (variable) : This field is present only when the datagram contains
one or more of the 16 available IP options. The size and content of the field
depends on the number and the nature of the options.
10. Total Length (2 bytes) : This field specifies the length of the
datagram, including that of the Data field and all of the header fields, in
bytes.
11. Version (4 bits) : This field specifies the version of the IP protocol
used to create the datagram. The version in current use is 4, but IP
version 6 is currently in development.
12. Protocol (1 byte) : This field contains a code that identifies the
protocol that generated the information found in the Data field.
13. Identification (2 bytes) : This field contains a value that uniquely
identifies the datagram. The destination system uses this value to
reassemble datagrams that have been fragmented during transmission.
14. Destination IP Address (4 bytes) : This field specifies the IP
address of the system for which the datagram is destined.
Advantages of IP :
1. Interoperability: IP provides a universal protocol that allows devices from
different manufacturers to communicate across different networks.
2. Scalability: IP addressing system enables networks of any size to be managed
and organized efficiently.
3. Flexibility: IP supports different data transmission modes, including unicast
(one-to-one), multicast (one-to-many), and broadcast (one-to-all on a local network).
4. Reliability: Features like TTL, error-checking, and fragmentation make IP a
robust protocol for data delivery across multiple networks.
Disadvantages of IP :
1. Lack of Delivery Guarantees: IP is a connectionless protocol and does not
guarantee data delivery, order, or integrity.
2. Security Limitations: While IPv6 includes IPSec support, IPv4 lacks inherent
security features, making data vulnerable to interception.
ARP (Address Resolution Protocol)
● The Address Resolution Protocol (ARP) is a protocol in the
Internet Layer of the TCP/IP model.
● ARP is used to map an IP address to a physical machine
address, known as a MAC (Media Access Control) address.
● This is essential for communication within a local network, as data
needs to be delivered to a specific device's hardware address on that
network segment.
● ARP is a protocol for mapping an Internet Protocol address (IP
address) to a physical machine address (MAC address).
● ARP maps an IP address to its corresponding physical network
address.
Working : When a device wants to communicate with another device on the same
local network, it uses ARP to determine the destination device's MAC address based
on its IP address.
1. ARP Request :
When a device (e.g., Host X) needs to send data to another device (e.g., Host Y) on
the same local network, it checks its ARP cache (a table storing recently used
IP-to-MAC address mappings).
If Host X doesn't have Host Y's MAC address in its ARP cache, it broadcasts an ARP
Request packet on the network, asking "who has IP address Χ.Χ.Χ.Χ?" (where X.X.X.X
is Host Y's IP address).
2. ARP Reply :
All devices on the local network receive the ARP request, but only Host Y recognizes
its IP address in the request.
Host Y sends an ARP Reply back to Host X with its MAC address.
3. Updating the ARP Cache :
Host X receives the ARP Reply and updates its ARP
cache with the IP-to-MAC mapping for Host Y, allowing
Host X to use this information for future communications.

4. Data Transmission :
With the MAC address now known, Host X can
encapsulate the data into a frame with Host Y's MAC
address as the destination and send it over the network.
● The address resolution protocol uses a simple message format
that contains one address resolution request or response.
● Mapping high-level (IP) addresses to hardware addresses is
called address resolution.
● The size of the ARP message depends on the upper layer and
lower layer address sizes, which are given by the type of
networking protocol (usually IPv4) in use and the type of
hardware or virtual link layer that the upper layer protocol is
running on.
● Every ethernet board ever manufactured comes equipped with
48-bit ethernet address. The protocol used for asking their
question and getting reply is called ARP.
ARP Message Format
1. Target Protocol Address (4 bytes) : This field contains the IP
address of the system for which the message is intended.
2. Sender Protocol Address (4 bytes) : This field contains the IP
address of the system generating the message.
3. Protocol Size (1 byte) : This field specifies the size of the
addresses in the Sender Protocol Address and Target Protocol
Address fields, in bytes. For IP addresses, the value is 4.
4. Opcode (2 bytes) : This field specifies the function of the packet
namely, ARP Request, ARP Reply, RARP Request or RARP reply.
5. Target Hardware Address (6 bytes) : This field contains the
hardware address of the system for which the message is destined.
In ARP request messages, this field is left blank.
6. Sender Hardware Address (6 bytes) : This field contains the hardware
address of the system generating the message.
7. Protocol Type (2 bytes) : This field identifies the type of addresses in
the Sender Protocol Address and Target Protocol Address fields. The
hexadecimal value for IP addresses is 0800, (the same as the Ethertype
code for IP).
8. Hardware Type (2 bytes) : This field identifies the type of hardware
addresses in the Sender Hardware Address and Target Hardware Address
fields. For Ethernet and Token Ring networks, the value is 1.
9. Hardware Size (1 byte) : This field specifies the size of the addresses in
the Sender Hardware Address and Target Hardware Address fields, in
bytes. For Ethernet and Token Ring networks, the value is 6.
Advantages of ARP :
1. Efficiency : ARP reduces the need for manual configuration by
automatically mapping IP addresses to MAC addresses within a
network.
2. Network Communication : ARP is essential for allowing devices on the
same network to communicate, making it foundational for local data
exchange.
Disadvantages of ARP :
1. ARP is vulnerable to ARP spoofing and ARP poisoning, in which an
attacker can send forged ARP responses to intercept, modify, or disrupt
traffic between devices on a local network.
2. ARP requests are broadcast across the network, which can lead to
excessive broadcast traffic on large networks.
RARP (Reverse Address Resolution Protocol)
● RARP (Reverse Address Resolution Protocol) is a networking
protocol used to link a MAC address with an IP address.
● In simple words, ARP is a protocol that maps an IP address to a
MAC address while RARP is a protocol maps a MAC address to
an IP address.
● Main purpose of RARP is to allow a device, typically a diskless
workstation or device without a preconfigured IP address, to
obtain its IP address from a network server using only its MAC
address.
● RARP is designed to work in situations where a device only
knows its hardware (MAC) address but does not have an
assigned IP address.
Working :
1. RARP Request :
● When a device without an IP address (such as a newly booted device or a diskless
workstation) connects to a network, it sends a RARP request as a broadcast message.
● This request contains the device's MAC address and essentially asks, "what is my IP
address?".
2. RARP Server :
● A RARP server on the local network, often a router or another network server configured
to handle RARP requests, listens for these requests.
● The RARP server has a mapping table that associates MAC addresses with their
corresponding IP addresses.
3. RARP Reply :
● Upon receiving the RARP request, the RARP server looks up the MAC address in its
mapping table.
● If it finds an entry for that MAC address, it responds with the corresponding IP address in
a RARP reply.
● The device receives the reply and configures itself with the provided IP address, enabling
it to communicate on the network.
Message format of RARP
1. Hardware Type (16-bits) : the type of interface the sender seeks an answer for.
2. Protocol Type (16-bits) : The high-level software address type provided.
3. HLEN (8-bits) : Length of arbitrary physical address.
4. PLEN (8-bits) : Length of arbitrary protocol address.
5. Operation (16-bits) : The specific type of operation requested.
(i) ARP request (ii) ARP response
6. Sender HA (6-octets) : The sender's actual hardware address, scalable up to six
bytes.
7. Sender IP (4-octets) : The sender's IP address, always 32-bits.
8. Target HA (6-octets) : The destination node's hardware address, scalable up to
six bytes.
9. Target IP (4-octets): The destination node's IP address, always 32-bits.
Advantages of RARP Protocol :
1. Simplification of device configuration and management for those lacking
storage or configuration files for storing their IP addresses.
2. Reduction of overhead and complexity by eliminating manual assignment of
individual IP addresses to each device.
Disadvantages of RARP Protocol :
1. RARP requires a static mapping of MAC addresses to IP addresses, which can
be difficult to maintain on large networks.
2. It requires a RARP server on each network segment, which increases both cost
and maintenance overhead for network infrastructure.
3. Broadcasting is relied upon by RARP, causing consumption and potential
network congestion.
4. There is no provision for security or authentication mechanisms to verify the
identity or validity of devices requesting or receiving IP addresses.
ICMP (Internet Control Message Protocol)
● Internet Control Message Protocol (ICMP) operates at the Internet Layer in the
TCP/IP network model.
● Its primary function is to support IP by providing feedback on network issues,
reporting errors, and assisting in diagnostic functions.
● ICMP does not carry application data but instead provides crucial information about
the health and status of the network, enabling troubleshooting and error reporting.
ICMP Message Encapsulation : ICMP itself is a network layer protocol, however its messages
are not passed directly to the data link layer, the message is first encapsulated inside IP
datagram before going to the lower layer.
ICMP message has header and data
area
Complete ICMP message is treated as
data in IP datagram
Complete IP datagram is treated as
data in physical network frame.
In ICMP message format First 4 bytes of header are the same for all message types, last
4 differ.
● Type field in header defines type of message.
● Code field in header specified reason for particular message type.
● Checksum in header is calculated over entire message.
● Data in error messages carries information for finding original packet that had error.
● Data in query messages carries extra information based on type of query.
Error Reporting Messages :
1. Destination Unreachable : When the subnet or a router cannot locate the destination Or When a packet
with DF bit, cannot be delivered because a 'small-packet' network stands in the way

2. Time Exceeded : When a packet is dropped because its counter has reached zero. This event is a
symptom that packets are looping enormous congestion or the time values are being set too low.

3. Parameter Problem : Indicates that an illegal value has been detected in the header field Indicates a bug
in the sending host's IP software Or Possibly in the software of a router transited.

4. Source Quench : To throttle hosts that send too many packets, when a host receives this message, it
slows down sending packets

5. Redirect : Is used when a router notices that a packet seems to be routed wrong It is used by the router
to tell the sending host about the probable error.

Query Messages :

1. ECHO and ECHO Reply : To see if a given destination is reachable and alive, upon receipt of ECHO
message, the destination is expected to send an ECHO REPLY message back.

2. TimeStamp and TimeStamp Reply : Similar to ECHO queries, except that the arrival time of the
message and departure time of the reply are recorded in the reply. This facility is used to measure network
performance.
Advantages of ICMP :
1. Efficient Troubleshooting : ICMP provides essential tools for diagnosing network issues,
helping network administrators quickly locate and resolve problems.
2. Error Reporting : ICMP informs hosts of issues in packet delivery, aiding in troubleshooting
and helping users adjust to network conditions.
3. Control and Diagnostic Functions : ICMP is a core protocol in the Internet Layer of the
TCP/IP model, providing critical control and diagnostic functions like error reporting, network
testing and so on.
4. Network Performance and Connection Monitoring : The tools for network performance and
connection monitoring commonly employ ICMP to identify the existence of issues that the
network team has to resolve.
Disadvantages of ICMP :
1. ICMP can be exploited in various attacks, such as ICMP flooding (a type of DoS attack).
2. ICMP has lack of data transmission because it does not carry application data.
Transport Layer Protocols
● The Transport Layer in the TCP/IP network model is responsible
for enabling communication between applications on different
devices across a network.

● It provides end-to-end communication services, error detection

and recovery, and data flow control.

● The main protocols used at this layer are Transmission Control

Protocol (TCP) and User Datagram Protocol (UDP).
TCP (Transmission Control Protocol)
● TCP is a connection-oriented protocol that provides reliable, ordered, and error-checked
delivery of data.
● TCP offers reliable delivery service. Reliability is achieved by assigning a sequence number to
each segment transmitted.
Features of TCP :
1. Reliability : TCP ensures reliable data transmission by retransmitting lost packets, acknowledging received
packets, and providing error-checking.
2. Flow Control : TCP uses a sliding window mechanism to control the data flow and prevent overwhelming the
receiver.
3. Congestion Control : TCP implements algorithms like slow start and congestion avoidance to minimize
network congestion and optimize performance.
4. Data Segmentation and Reassembly : TCP divides data into segments that are reassembled in the correct
order at the destination.
5. Point-to-Point Communication : A TCP connection has two end points that is a sender and a destination.
6. Reliability : TCP guarantees that data will be delivered without loss, duplication or transmission errors.
TCP Packet Format
A minimal header of TCP requires 20 octets, with the information shown
below :
1. Source Port (16-bits) : This is the number of the calling port.
2. Destination Port (16-bits) : This is the number of the called port.
3. Sequence Number (32-bits) : This number ensures that data is
processed in the right sequence. The number represents the byte
sequence number of the first octet of the enclosed data and will be
incremented accordingly in subsequent segments.
4. Acknowledgement Number (32-bits) : This represents the next
expected TCP octet.
5. Data Offset (4-bits) : This is the number of 32-bit words in the TCP
header.
6. Reserved (6-bits) : This is set to zero.
7. Flags (6-bits) : These control the setup and termination of the connection, and data flow :
URG : Urgent pointer field significant.
ACK : Acknowledgement field significant.
PHS : Push function.
RST : Reset connection.
SYN : Synchronize sequence numbers.
FIN : No more data from sender.
8. Window (16-bits) : This is the receive window size, indicating the number of octets the
sender is willing to accept.
9. Checksum (16-bits) : This is a checksum based on the IP address fields and the TCP
header and length.
10. Urgent Pointer (16-bits) : This point to the first octet that follows the urgent data, allowing
the receiver to know how much urgent data is coming.
11. Options (Variable) : Currently, only the maximum TCP segment size is defined.
The actual data stream follows the header. When used in conjunction with IP, an IP header that
takes care of routing the information between two hosts using their IP address information
would prefix TCP header.
Advantages of TCP :
1. TCP is a reliable protocol ensures accurate and complete data delivery through
error-checking, acknowledgments, and retransmissions.
2. TCP offers data integrity via maintaining data order and checks for corruption,
making it suitable for applications where data accuracy is critical.
3. TCP gives flow and congestion control in which it adjusts the transmission rate
based on network capacity, preventing congestion and optimizing data transfer
efficiency.
Disadvantages of TCP :
1. The connection setup, acknowledgments, and error-checking mechanisms
increase overhead, making TCP slower than simpler protocols like UDP.
2. TCP requires more network resources than UDP.
3. It can be more complex to implement than UDP.
UDP (User Datagram Protocol)
● User Datagram Protocol (UDP) is a key protocol in the Transport Layer of the TCP/IP
model. Unlike TCP, UDP is a connectionless and lightweight protocol that provides
unreliable but fast data transmission.

● UDP is a simple protocol used for process to process transmission. It is an unreliable,

connectionless protocol for applications that do not require flow control or error
control.

● UDP provides a connectionless datagram service that offers unreliable, best-effort delivery
of data transmitted in messages. This means that neither the arrival of datagrams nor the
correct sequencing of delivered packets is guaranteed.

● UDP is ideal for applications where speed is prioritized over reliability, making it
especially useful for real-time applications that can tolerate occasional data loss, like
video streaming or online gaming.

● UDP utilizes ports to allow application-to-application communication. The port field is 16-bits so
the valid range is 0 to 65,535.
Features of UDP :
1. Connectionless : UDP sends data without establishing a
connection, which reduces overhead and allows for faster
transmission.
2. Unreliable : UDP does not provide retransmission or
acknowledgment mechanisms, so packet delivery is not guaranteed.
3. Low Overhead : UDP has a simpler structure and less overhead
than TCP, which makes it faster and more suitable for real-time
applications.
4. No Flow Control or Congestion Control : UDP does not adjust the
data transmission rate based on network conditions.
UDP Packet
Format

UDP is a minimal message-oriented transport layer protocol. The UDP header consists of
following fields of which two are optional.
1. Source Port : This field identifies the sending port when meaningful and should be
assumed to be the port to reply if needed. If not used then it should be zero.
2. Destination Port : This field identifies the destination port and is required.
3. Length : A 16-bit field that specifies the length of the entire datagram: header and data.
The minimum length is 8 bytes since that's the length of the header.
4. Checksum : The 16-bit checksum field is used for error-checking of the header and data.
5. Data : The encapsulated higher-layer message to be sent.
Advantages of UDP :
1. Without the need for connection establishment, flow control, or
retransmission, UDP provides faster data transmission, ideal for
real-time applications.
2. UDP can efficiently support broadcast and multicast transmission,
which is useful for applications like live video streaming to multiple
recipients.

Disadvantages of UDP :
1. There are no guarantees that data will arrive or that packets will arrive
in order. This can lead to data loss or out-of-order packets.
2. UDP does not adapt to network conditions, which can lead to
congestion in high-traffic situations
Application Layer Protocols
● The application layer of TCP/IP model provides the services that
user applications use to communicate over the network.
● The application layer in the TCP/IP network model is the topmost
layer, where user-level communication occurs.
● The application layer provides protocols and services that allow
applications to communicate over the network, handling the
specific needs of end-user processes like web browsing, email,
file transfer, and remote login.
● The most common protocols in Application Layer in the TCP/IP
model includes FTP, HTTP, SMTP, BOOTP and so on.
FTP (File Transfer Protocol)
● File Transfer Protocol (FTP) is a standard protocol within the
Application Layer of the TCP/IP model, specifically designed for
transferring files between a client and a server over a
network.
● FTP allows users to upload, download, and manage files on a
remote server, and it supports both binary and text file transfers.
● FTP is the simplest and most secure way to exchange files
over the Internet.
● The most common use for FTP is to download files from the
Internet.
Features of FTP :
1. Connection-Oriented Protocol : FTP operates over a
connection-oriented communication, typically using TCP, which ensures
reliable data transfer. FTP establishes two separate connections
between the client and server :
Control Connection (Port 21) used for sending commands from the
client to the server and for receiving responses.
Data Connection (Port 20 or dynamic) used to transfer the actual file
data between the client and server.
2. Separate Control and Data Channels : The dual-channel architecture
of FTP allows commands and data to be transmitted simultaneously over
different ports, making FTP efficient for larger file transfers.
Control commands (e.g., to list files, change directories) are sent over
one channel, while file data is sent over the other.
3. Support for Authentication : FTP supports basic authentication
using a username and password. However, these credentials are
transmitted in plaintext, making them vulnerable to interception.
For secure file transfers, FTPS (FTP Secure) or SFTP (SSH File
Transfer Protocol), which encrypts both the commands and data, is
recommended over standard FTP.
4. Active and Passive Modes :
Active Mode : The client opens a port and listens, while the server
actively connects to the client's port for the data connection. This mode
may face issues with firewalls or NAT configurations.
Passive Mode : The server opens a port and waits for the client to
connect. This mode is commonly used in network environments with
firewalls, as it requires only outgoing connections from the client.
Architecture of FTP :
The server has two major components and the client has two major
components.
The control connection is made between the control processes at server
and client side while the data connection is made between the data transfer
processes.
One more thing that is very
important about control and data
connection is that, the control
connection remains open during
entire FTP interactive session,
while the data connection is
opened when the user wants to
transmit a file and then it is
closed after file transfer.
Working :
● File Transfer Protocol is one of the
earliest Internet protocols, and is still
used for uploading and downloading
files between clients and servers.
● An FTP client is an application that
can issue FTP commands to an FTP
server, while an FTP server is a
service or daemon running on a
server that responds to FTP
commands from a client.
● FTP commands can be used to
change directories, change transfer
modes between binary and ASCII,
upload files, and download files.
● FTP uses Transmission Control Protocol (TCP) for reliable network
communication by establishing a session before initiating data transfer.
● TCP port number 21 on the FTP server listens for connection attempts
from an FTP client and is used as a control port for establishing a
connection between the client and server, for allowing the client to send an
FTP command to the server, and for returning the server's response to the
command
● Once, a control connection has been established, the server opens port
number 20 to form a new connection with the client for transferring the
actual data during uploads and downloads.
● We require two types of protocols for transferring the files on the network
i.e., FTP and TFTP (Trivial File Transfer Protocol). FTP is a standard
mechanism provided by TCP/IP for copying a file from one host to another.
FTP uses a range of standardized commands and responses to facilitate
communication between the client and server.
Some of the key FTP commands are given in following table :
Advantages of FTP :
1. Efficient for Large Files : FTP is optimized for high-speed data transfer, making it
suitable for moving large files between systems.
2. Directory Management : FTP allows users to navigate directories, delete, rename,
and organize files on the remote server.
3. Resumable Transfers : FTP supports resuming interrupted transfers, which is
beneficial for unreliable connections or large file uploads.
Disadvantages of FTP :
1. Lack of Encryption : FTP transmits data, including passwords, in plaintext, which
makes it insecure for sensitive data unless a secure variant (FTPS or SFTP) is used.
2. Complex Configuration : Setting up an FTP server with proper security configurations
can be complex, requiring management of permissions, access rights, and
passive/active settings.
3. Firewall Issues in Active Mode : Active mode may face difficulties with firewalls or
NAT, as it requires the server to connect back to the client.
HTTP (Hypertext Transfer Protocol)
● Hypertext Transfer Protocol (HTTP) is a fundamental
Application Layer protocol in the TCP/IP model.
● It is the protocol used to transfer data, especially web
pages, between clients (usually web browsers) and
servers over the internet.
● HTTP is the foundation of data communication on the World
Wide Web (WWW) and operates on a request-response
model.
Features of HTTP :
1. HTTP follows a client-server architecture. The client (typically a web
browser) sends an HTTP request to the server, which processes the
request and responds with an HTTP response.
2. HTTP is stateless, meaning each request is independent, and the server
does not retain any knowledge of previous requests from the client.
3. HTTP follows a request-response model where the client sends an
HTTP request to the server, and server sends an HTTP response back.
4. HTTP uses Port 80 by default for communication between clients and
servers.
5. HTTPS (HTTP Secure) uses Port 443 and is the secure version of
HTTP, which adds encryption via SSL/TLS (Secure Sockets
Layer/Transport Layer Security) to protect the confidentiality and integrity of
the data being transferred.
Working of HTTP using a Transaction :
HTTP transaction between the client and server. HTTP uses the services of TCP,
HTTP itself is a stateless protocol, which means that the server does not keep
information about the client.
The client initializes the transaction by sending a request. The server replies by
sending a response.
Request Message : The format of request is shown in Fig. 4.24. A request
message consists of a request line, a header and sometimes a body. An HTTP
request is sent from the client (usually a web browser) to the server to request a
specific resource.
Request Line : The first line in a request message is called request line.
There are three fields in this line separated by some character delimiter.
The fields are called methods, URL and version. The method field defines
the request type.
The built in HTTP request methods are:
Response Message : A response message consists of a status line, header lines,
a blank line and sometimes a body. The HTTP response is sent from the server
back to the client after processing the HTTP request.

Status Line : The first line in a response message is called the status line. There
are three fields in this line separated by spaces and terminated by a carriage
return and linefeed. The first field defines the version of HTTP protocol, currently
1.1. The status code field defines the status of the request. It consists of three
digits. Whereas the codes in the 100 range are only informational, the codes in the
200 range indicate a successful request. The codes in the 300 range redirect the
client to another URL, and the codes in the 400 range indicate an error at the
client site. Finally, the codes in the 500 range indicate an error at the server site.

Body : The body contains the document to be sent from the server to the client.
The body is present unless the response is an error message.
Advantages of HTTP :
1. HTTP supports distributed and scalable web architectures, making it a
foundation for web-based services.
2. HTTP is simple to implement and widely supported by browsers and servers.
3. In HTTP each request is independent, simplifying server design and reducing
memory usage.
Disadvantages of HTTP :
1. HTTP is stateless, it doesn't natively support session management, requiring
additional mechanisms (e.g., cookies or sessions) for managing user state.
2. Standard HTTP transmits data in plaintext, which can be intercepted and
modified, leading to potential security vulnerabilities.
3. Due to the stateless nature of HTTP, establishing a new connection for each
request can introduce some performance overhead, especially for applications
requiring many interactions.
SMTP (Simple Mail Transfer Protocol)
● Simple Mail Transfer Protocol (SMTP) is an Application Layer protocol in the TCP/IP
model that is used to send and route emails between email clients and servers.
● SMTP defines the rules for transferring electronic mail (email) across networks and is
fundamental to the functioning of email systems on the internet.
● SMTP is a connection oriented, text based protocol in which a mail sender
communicates with a mail receiver by issuing command strings and supplying necessary
data over a reliable ordered data stream channel, typically a Transmission Control Protocol
(TCP) connection.
● SMTP is standard application layer protocol for delivery of e-mail over a TCP/IP
internetwork such as the Internet.
● E-mail system is implemented with the help of Message Transfer Agents (MTA). There are
normally two MTA's in each mailing system: One for sending emails and another for
receiving emails.
● The formal protocol that defines the MTA client and server in the internet is called Simple
Mail Transfer Protocol (SMTP).
By referring the diagram, SMTP is used two times. That is between the sender and
sender's mail server and between the sender's mail server and receiver's mail
server.
Another protocol is used between the receiver's mail server and receiver. SMTP simply
defines how commands and responses must be sent back and forth. SMTP is a simple
ASCII protocol. It establishes a TCP connection between a sender and port number 25 of
the receiver. After exchanging all the email, the connection is released.
Features of SMTP :
1. SMTP is a text-based protocol, which means email messages, commands,
and responses are transmitted as plain text.
2. SMTP follows a client-server architecture where the email client (sender)
communicates with the email server to send an email, and the recipient's
email server receives the email.
3. SMTP is a push protocol, meaning it pushes the email from the sending
client to the receiving email server. Once, the email is delivered to the
recipient's mail server, other protocols like IMAP or POP3 are typically used to
retrieve the email from the server.
4. SMTP typically operates on Port 25 for unsecured communication between
email servers.
5. SMTP operates in a session-based manner, where multiple commands can
be sent within a single connection, and each session is initiated and
closed after email transfer is completed.
Advantages of SMTP :
1. SMTP is a relatively simple, text-based protocol, in which one or more
recipients of a message are specified along with the message text and
possibly other encoded objects.
2. SMTP is easy to implement and higher speed.
3. SMTP is universally supported by all email servers and clients, making it
the standard for email transmission.
4. SMTP is a reliable and robust protocol for sending emails..
Disadvantages of SMTP :
1. SMTP lacks built-in encryption and authentication, making it vulnerable to
attacks like email interception and spoofing.
2. SMTP is only used for sending emails; other protocols (e.g., POP3 or
IMAP) are required for retrieving and storing emails.
 TELNET
● TELNET is an Application Layer protocol in the TCP/IP network model used for
remote access to servers, routers, and other network devices.
● TELNET stands for TELecommunication NETwork, is a protocol used for
remote communication.
● TELNET enables a client to establish a command-line interface (CLI) session
on a remote device, allowing users to interact with the system as if they were
physically present.
Features of Telnet :
1. Telnet operates on a client-server model. The client
initiates a connection to the server, which then
establishes a session where commands can be sent and
responses received.
2. Telnet is a character-based protocol, meaning it transmits
characters in plain text, one at a time.
3. Telnet allows users to open a command-line session on a
remote device, execute commands, and manage systems
remotely.
4. Telnet typically operates over Port 23. The Telnet client
connects to this port on the remote device to initiate a session.
A TELNET session typically consists of the following steps :
1. Connection Establishment :
● The TELNET client initiates a connection to the Telnet server by connecting to Port 23.
● The server accepts the connection and initiates a login prompt.
2. Login and Authentication :
● The client is prompted for a username and password. If valid credentials are provided,
the session is established, allowing the client to issue commands.
● TELNET does not encrypt this login information, which can be a security risk.
3. Command Execution :
● Once authenticated, the user can send commands (like Open, Close. Set. Quit/Exit and so
on) to the remote server. The commands are processed, and the output is displayed
on the client's screen. This allows users to control and configure the remote device
directly from the Telnet client.
4. Session Termination :
● The session can be terminated by entering an exit command, closing the Telnet window,
or issuing a disconnect command on the client.
● Once, disconnected, any unsaved data will be lost, as Telnet does not support session
continuity.
Advantages of TELNET :
1. TELNET is simple to implement and does not require complex configurations.
2. It allows convenient remote management, making it useful for tasks like
network troubleshooting and system configuration.
3. TELNET supports real-time character transmission, providing an interactive
environment for command execution.
Disadvantages of TELNET :
1. TELNET transmits data in plain text, making it vulnerable to interception,
password sniffing, and other attacks.
2. Due to the lack of encryption, TELNET is unsuitable for modern secure
communications and is often replaced by SSH.
3. TELNET is limited to basic command-line access and does not support
features like file transfer or graphical interfaces, which are available in other
remote access protocols.
 BOOTP
● Bootstrap Protocol (BOOTP) is an Application Layer protocol in the TCP/IP network model.
● It is used primarily to assign IP addresses and provide bootstrapping information to
diskless workstations or devices in a network.
● The Bootstrap Protocol is a networking protocol used to by a client for obtaining an IP address
from a server.

Features of BOOTP :
1. Bootstrapping Information :
● BOOTP provides critical boot information such as the IP address of the server, the client's
IP address, a gateway IP, and the location of the boot file.
● This boot file is typically an operating system image used to initialize diskless workstations or
network devices that lack a hard drive.
2. IP Address Assignment :
● BOOTP assigns an IP address to a client device, allowing it to communicate on the network.
● Unlike DHCP, BOOTP typically provides a fixed IP address for each device rather than
dynamically allocating from a pool.
3. Protocol Layering :
● BOOTP operates over the UDP layer for transmission, which provides a lightweight and efficient
transport mechanism for IP assignment messages.
4. Client-Server Model :
● BOOTP follows a client-server model. The client broadcasts a request for an IP address,
and the BOOTP server responds with the necessary configuration details.
● Communication is done over UDP, with the client using UDP port 68 and the server using UDP
port 67.

5. Static IP Allocation :
● BOOTP relies on a static configuration, where each device's MAC address is mapped to an
IP address in the server's configuration file.
● This static nature limits flexibility compared to DHCP, which dynamically assigns IP addresses
from a pool.

When BOOTP server receives the request, it search the database for that request, place the
information in a single BOOTP reply message and returns the reply to the requesting computer.

In a single step a computer can obtain information such as the IP address of computers, servers
name and IP address, the IP address of default router. BOOTP broadcasts each request. It uses
IP to send a request and receive a response.
BOOTP Packet Format :
1. OP: It specify whether the message is a request or a reply.
2. HTYPE: It is network hardware type field used for specifying type of
hardware used.
3. HLEN: It is length of a hardness address field indicates length.
4. HOPS: It specifies how many servers forwarded the request.
5. Transaction Identifier: It provides a value that a client can use to determine
if an incoming response matches its request.
6. Second Elapsed: Total elapsed time since the computer began to boot. This
time is in seconds.
7. Unused: In the original specification for BOOTP, this 2 byte field was not
used.
8. Client IP Address: If the client already knows its own address it will fill in
that address in this 4-byte field and if not the value for this field should be zero.
9. Your IP Address: Used fir BOOTP server supply an IP address to a client
requesting 1. It is a 4-byte field, the number of bytes needed to store an IP address.
10. Router IP Address: If a BOOTP proxy server is being used, the address in this
4-byte field is the address of the router or other device performing the proxy function.
11. Client Hardware Address: If the client already knows its own IP address, it will
place the IP address into this 4-byte field. The client must fill in this required field
because the typical BOOTP server uses it in an index of values it keeps track of for its
clients.
12. Server Host Name: This field can be up to 64 bytes in length and contains a
null-terminated ASCII string of characters that represent the server's hostname on the
network.
13. Boot Filename: This field can be up to 128 characters in length and is used to
supply the client with the filename it can download and use to boot.
14. Vendor-Specific Area: These 64 bytes are set aside to store vendor-specific
optional information.
Advantages of BOOTP :
1. Diskless Boot Support : BOOTP supports diskless clients by providing network
boot information, making it useful in environments where devices lack storage.
2. Automated IP Configuration : BOOTP automates the assignment of IP addresses,
reducing manual configuration.
3. Static Allocation : BOOTP provides consistent IP addresses for devices, which can
be beneficial for devices that need a fixed IP.
Disadvantages of BOOTP :
1. Less Efficient for Large Networks : In larger, dynamic networks, BOOTP's static
configuration requirements can become cumbersome to manage.
2. Lack of Dynamic Addressing : BOOTP is limited to static IP mappings, which lack
the flexibility of dynamic assignment found in DHCP.
3. Limited Configuration Options : BOOTP offers fewer configuration options and
parameters compared to DHCP.
DHCP
● Dynamic Host Configuration Protocol (DHCP) is an Application Layer
protocol in the TCP/IP network model.
● DHCP used for automatically assigning IP addresses and other network
configuration parameters to devices on a network.
● By simplifying IP address management and allowing devices to connect to
networks without manual configuration. DHCP is essential for efficient and scalable
network operations, especially in environments where devices frequently join and
leave the network.
● DHCP is a protocol that automatically assigns a unique IP address to each
device that connects to a network.
● DHCP runs in a client/server mode, where server sets up a pool of available
IP addresses for a network.
Features of DHCP :
1. DHCP operates on a client-server model, where the client
(device needing configuration) sends a request, and the
DHCP server responds with configuration parameters.
2. DHCP dynamically assigns IP addresses to devices from a
pool, or "scope." of addresses, enabling flexible and efficient IP
management.
3. DHCP enables automated IP address assignment and network
configuration, essential for scalable and flexible network
management.
When we connect to a network, the device is considered a client and the router
is the server. In order to successfully connect to a network via DHCP, the
following steps must take place.
1. When a client detects it has connected to a DHCP server, it sends a
DHCPDISCOVER request.
2. The router either receives the request or redirects it to the appropriate
DHCP server.
3. If the server accepts the new device, it will send a DHCPOFFER message
back to the client, which contains the client device's MAC address and the
IP address being offered.
4. The client returns a DHCPREQUEST message to the server, confirming it
will use the IP address.
5. Finally, the server responds with a DHCPACK acknowledgement message
that confirms the client has been given access (or a "lease") for a certain
amount of time.
DHCP consists of following two Components :
1. A protocol that delivers host-specific configuration parameters from a DHCP server to a
host.
2. A mechanism for the allocation of temporary or permanent network addresses to hosts.
DHCP server may have three methods of allocating IP-addresses :
1. Static Allocation : The DHCP server allocates an IP address based on a table with MAC
address/IP address pairs, which are manually filled Only requesting clients with a MAC
address listed in this table will be allocated an IP address.
2. Dynamic Allocation : A network administrator assigns a range of IP addresses to DHCP,
and each client computer on the LAN is configured to request an IP address from the
DHCP server during network initialization.
3. Automatic Allocation : The DHCP server permanently assigns a free IP address to a
requesting client from the range defined by the administrator. This is like dynamic
allocation, but the DHCP server keeps a table of past IP address assignments, so that it
can preferentially assign to a client the same IP address that the client previously had.
Among these three-method static and dynamic method are the most popular for
implementation.
Messages used by DHCP :
1. DHCPDiscover : Client broadcast to locate available servers. It is assumed at least one of the
servers will have resources to fulfill the request, (may include additional pointers to specific
services required e.g. particular subnet, minimum time limit etc.).
2. DHCPOffer : Server to client in response to DHCP Discover with offer of configuration
parameters.
3. DHCPRequest : Client broadcast to servers requesting offered parameters from one server
and implicitly declining offers from all others. (also important in case of lease renewal if the
allotted time is about to expire).
4. DHCPDecline : Client to server indicating configuration parameters invalid.
5. DHCPRelease : Client to server relinquishing network address and cancelling current lease. (in
6 case of a graceful shutdown DHCP server is sent a DHCP Release by the host machine).
6. DHCPAck : Server to client with configuration parameters, including committed Network
address.
7. DHCPNack : Server to client refusing request for configuration parameters (e.g. requested 7
network address already allocated).
Advantages of DHCP :
1. DHCP automatically configures devices with necessary network settings,
reducing setup time and complexity.
2. DHCP is easy to implement and does automatic assignment of IP
addresses to requesting clients. Hence, manual configuration time of IP
addresses can be reduced.
3. DHCP allows network administrators to control IP address assignment and
configuration from a central server, simplifying network management.
4. The implementation of DHCP does not require any additional costs.
Disadvantage of DHCP :
1. DHCP is vulnerable to various attacks such as IP spoofing.
2. Client is not able to access the network in the absence of the DHCP
server.