TCP/IP protocol architecture

Origins of TCP/IP
• Transmission Control Protocol/Internet Protocol (TCP/IP)
– Resulted from a coordinated effort by the U.S. Department
of Defense (DOD)
• Advanced Research Projects Agency (ARPA)
– Charged with creating a wide area network (WAN)
– Results were TCP/IP and ARPANET
• DOD funded two projects
– The adaptation of TCP/IP to work with UNIX
– The inclusion of the TCP/IP protocol with Berkeley UNIX
(BSD UNIX)

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 2

 Overview of the TCP/IP Protocol Suite

• The TCP/IP model explains how the protocol suite works

to provide communications
– Four layers: Application, Transport, Internetwork, and
Network Interface

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 3

 History and Future of TCP/IP
• The U.S. Department of
Defense (DoD) created the
TCP/IP reference model
because it wanted a
network that could survive
any conditions.
• Some of the layers in the
TCP/IP model have the
same name as layers in the
OSI model.
 TCP/IP PROTOCOL SUITE
• The layers in the TCP/IP protocol suite do not
exactly match those in the OSI model. The
original TCP/IP protocol suite was defined as
having four layers: host-to-network, internet,
transport, and application. However, when
TCP/IP is compared to OSI, we can say that the
TCP/IP protocol suite is made of five layers:
physical, data link, network, transport, and
application.
 Cont…
• When the TCP/IP model was designed, the session and
presentation layers from the OSI model were bundled into the
application layer of the TCP model.

• This means that issues of representation, encoding, and dialog

control are handled in the application layer rather than in
separate lower layers as in the OSI model.

• This design assures that the TCP/IP model provides maximum

flexibility at the application layer for developers of software.

• The TCP/IP protocols that support file transfer, e-mail, and remote
login are probably the most familiar to users of the Internet.
 Topics discussed in this section:

• Physical and Data Link Layers

• Network Layer
• Transport Layer
• Application Layer
CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 8
 Figure 2.16 TCP/IP and OSI model

2.9
 The TCP/IP Protocol Suite
The DoD and OSI models are alike in design and concept
and have similar functions in similar layers.

10
 Encapsulation in the TCP/IP Suite
User data

Application
Application
Header User data
TCP
TCP Header Application data

IP TCP segment

IP Header TCP Header Application data

Ethernet
IP datagram
Driver
Ethernet Ethernet
Header
IP Header TCP Header Application data Trailer

Ethernet frame
Copyright by Jorg Liebeherr 98, 99
 TCP/IP Protocol Suite

User User User User Application

Process Process Process Process Layer

TCP UDP Transport

Layer

ICMP IP IGMP Network

Layer

Hardware
ARP RARP Link Layer
Interface

Media
Copyright by Jorg Liebeherr 98, 99
 Quiz
 Name one function of the network layer

Copyright by Jorg Liebeherr 98, 99

 Figure 2.17 Addresses in TCP/IP

2.14
 Figure 2.18 Relationship of layers and addresses in TCP/IP

2.15
 Example 2.1

A node with physical address 10 sends a frame to a node

with physical address 87. The two nodes are connected
by a link (bus topology LAN). As the figure shows, the
computer with physical address 10 is the sender, and the
computer with physical address 87 is the receiver.

2.16
 Figure 2.19 Physical addresses

2.17
 Application Layer
• Handles high-level protocols, issues of
representation, encoding, and dialog control.
• The TCP/IP protocol suite combines all application
related issues into one layer and ensures this data is
properly packaged before passing it on to the next
layer.
TCP/IP Applications
 Application Layer

• Protocols at the TCP/IP Application layer include:

– File Transfer Protocol (FTP)
– Trivial File Transfer Protocol (TFTP)
– Network File System (NFS)
– Simple Mail Transfer Protocol (SMTP)
– Terminal emulation protocol (telnet)
– Remote login application (rlogin)
– Simple Network Management Protocol (SNMP)
– Domain Name System (DNS)
– Hypertext Transfer Protocol (HTTP)

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 20

Protocol Architectures and Networks
or ports

21
 Well Known Port Numbers
The following port numbers should be memorized:
NOTE:
The curriculum forgot to mention one of the most important port numbers.
Port 80 is used for HTTP or WWW protocols. (Essentially access to the internet.)
 DNS
Imagine the difficulty of remembering the IP addresses of tens, hundreds, or even
thousands of Internet sites. A domain naming system was developed in order to
associate the contents of the site with the address of that site.

The Domain Name System (DNS) is a system used on the Internet for translating
names of domains and their publicly advertised network nodes into IP addresses.

A domain is a group of computers that are associated by their geographical location

or their business type. A domain name is a string of characters, number, or both.

There are more than 200 top-level domains on the Internet, examples of which
include the following:
.us – United States
.uk – United Kingdom

There are also generic names, which examples include the following:
.edu – educational sites
.com – commercial sites
.gov – government sites
.org – non-profit sites
.net – network service
 FTP
FTP is a reliable, connection-oriented service that uses TCP to
transfer files between systems that support FTP.

The main purpose of FTP is to transfer files from one computer to

another by copying and moving files from servers to clients, and from
clients to servers.

Data transfer can occur in ASCII mode or in binary mode.

These modes determine the encoding used for data file, which in the
OSI model is a presentation layer task.

After the file transfer has ended, the data connection terminates
automatically.
 TFTP
TFTP is a connectionless service that uses User Datagram Protocol
(UDP).

TFTP is used on the router to transfer configuration files and Cisco

IOS images and to transfer files between systems that support TFTP.

TFTP is designed to be small and easy to implement.

Therefore, it lacks most of the features of FTP.

TFTP can read, write, or mail files to or from a remote server but it
cannot list directories and currently has no provisions for user
authentication.

It is useful in some LANs because it operates faster than FTP and in

a stable environment it works reliably.
 HTTP
Hypertext Transfer Protocol (HTTP) works with the World Wide Web,
which is the fastest growing and most used part of the Internet.

A Web browser is a client-server application, which means that it

requires both a client and a server component in order to function.

A Web browser presents data in multimedia formats on Web pages

that use text, graphics, sound, and video.

The Web pages are created with a format language called Hypertext
Markup Language (HTML).

Hyperlinks make the World Wide Web easy to navigate. A hyperlink

is an object, word, phrase, or picture, on a Web page that links to a
new Web page.

The Web page contains an address location known as a Uniform

Resource Locator (URL).
URL
 SNMP
The Simple Network Management Protocol (SNMP) is an
application layer protocol that facilitates the exchange of
management information between network devices.

SNMP enables network administrators to manage network

performance, find and solve network problems, and plan for
network growth.

SNMP uses UDP as its transport layer protocol.

 SNMP
Network Management System
NMS executes applications that monitor and control
managed devices.

The bulk of the processing and memory resources

required for network management are provided by
NMS.

One or more NMSs must exist on any managed

network.
 SNMP
Managed Devices
Managed devices are network nodes that contain an
SNMP agent and that reside on a managed network.

Managed devices collect and store management

information and make this information available to
NMSs using SNMP.

Managed devices, sometimes called network

elements, can be routers, access servers, switches,
and bridges, hubs, computer hosts, or printers.
 SNMP
Agents
Agents are network-management software
modules that reside in managed devices.

An agent has local knowledge of management

information and translates that information into
a form compatible with SNMP.
SNMP – Managed Network
 Telnet
Telnet client software provides the ability to login to a remote Internet host
that is running a Telnet server application and then to execute commands
from the command line.

A Telnet client is referred to as a local host.

Telnet server, which uses special software called a daemon, is referred to

as a remote host.

The Telnet operation uses none of the processing power from the
transmitting computer. Instead, it transmits the keystrokes to the remote
host and sends the resulting screen output back to the local monitor. All
processing and storage take place on the remote computer.

Telnet works at the application layer of the TCP/IP model.

Therefore, Telnet works at the top three layers of the OSI model:
• The application layer deals with commands.
• The presentation layer handles formatting, usually ASCII.
• The session layer transmits.
 Transport Layer
Five basic services:
• Segmenting upper-layer application data
• Establishing end-to-end operations
• Sending segments from one end host to another end
host
• Ensuring data reliability
• Providing flow control
Transport Layer Protocols
 Flow Control
As the transport layer sends data segments, it tries to ensure that data is not lost.
A receiving host that is unable to process data as quickly as it arrives could be a
cause of data loss.

Flow control avoids the problem of a transmitting host overflowing the buffers in
the receiving host. The two hosts communicate and then establish a data-transfer
rate that is agreeable to both.
 Basic Windowing
Data packets must be
delivered to the
recipient in the same
order in which they
were transmitted to
have a reliable,
connection-oriented
data transfer.

The protocol fails if

any data packets are
lost, damaged,
duplicated, or
received in a different
order.

An easy solution is to
have a recipient
acknowledge the
receipt of each packet
before the next
packet is sent.
Sliding Window
 Sliding Window
with Different Window Sizes
TCP Sequence & Acknowledgement
 TCP
Transmission Control Protocol (TCP) is a connection-oriented Layer 4
protocol that provides reliable full-duplex data transmission.

TCP is part of the TCP/IP protocol stack. In a connection-oriented

environment, a connection is established between both ends before the
transfer of information can begin.

TCP is responsible for breaking messages into segments, reassembling

them at the destination station, resending anything that is not received,
and reassembling messages from the segments.

TCP supplies a virtual circuit between end-user applications.

The protocols that use TCP include:

• FTP (File Transfer Protocol)

• HTTP (Hypertext Transfer Protocol)
• SMTP (Simple Mail Transfer Protocol)
• Telnet
 TCP
The figure shows the different fields
within the TCP header.

42
 UDP
User Datagram Protocol (UDP) is the connectionless transport protocol
in the TCP/IP protocol stack.

UDP is a simple protocol that exchanges datagrams, without

acknowledgments or guaranteed delivery. Error processing and
retransmission must be handled by higher layer protocols.

UDP uses no windowing or acknowledgments so reliability, if needed, is

provided by application layer protocols.

UDP is designed for applications that do not need to put sequences of

segments together.

The protocols that use UDP include:

• TFTP (Trivial File Transfer Protocol)

• SNMP (Simple Network Management Protocol)
• DHCP (Dynamic Host Control Protocol)
• DNS (Domain Name System)
 TCP and UDP Port Numbers
Both TCP and UDP use port (socket) numbers to pass information to the upper
layers.

Port numbers are used to keep track of different conversations crossing the
network at the same time.

Application software developers agree to use well-known port numbers that are
issued by the Internet Assigned Numbers Authority (IANA).

Port numbers have the following assigned ranges:

Numbers below 1024 are considered well-known ports numbers.

Numbers above 1024 are dynamically assigned ports numbers.

Registered port numbers are those registered for vendor-specific applications.

Most of these are above 1024.
 UDP
This figure clearly illustrates UDP’s markedly low overhead
as compared to TCP’s hungry usage.

45
 Key concepts of Host to Host
Protocols
TCP UDP
Sequenced Unsequenced
Reliable Unreliable
Connection-oriented Connectionless
Virtual circuit Low overhead
Acknowledgments No acknowledgment
Windowing flow control No windowing or flow
control

46
Key Protocols and Port Numbers

TCP UDP
Telnet 23 SNMP 161
SMTP 25 TFTP 69
HTTP 80 DNS 53
FTP 21
DNS 53
HTTPS 443

47
 Network Layer Protocols and Internet Protocol (IP)

Provides services
to exchange data
over the network
between end
devices.

4 Processes:
Addressing
Encapsulation
Routing
Decapsulation
 Internet Layer
• The purpose of the Internet layer is to send packets
from a network node and have them arrive at the
destination node independent of the path taken.
• Internet layer protocols:
– Internet Protocol (IP)
– Internet Control Message Protocol (ICMP)
– Address Resolution Protocol (ARP)
– Reverse Address Resolution Protocol (RARP)
Internet Layer Protocols
 Internetwork Layer

• ARP
– A routed protocol
– Maps IP addresses to MAC addresses
– ARP tables contain the MAC and IP addresses of other
devices on the network

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 51

 Internetwork Layer (continued)

• ARP (continued)
– When a computer transmits a frame to a destination on
the local network
• It checks the ARP cache for an IP to MAC address mapping
for the destination node
• ARP request
– If a source computer cannot locate an IP to MAC address
mapping in its ARP table
• It must obtain the correct mapping

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 52

 Internet Layer
ARP

ARP resolves IP addresses to Ethernet (MAC) addresses.

53
 Internetwork Layer (continued)

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 54

 Internetwork Layer (continued)

• ARP request (continued)

– A source computer broadcasts an ARP request to all hosts
on the local segment
• Host with the matching IP address responds this request
• ARP request frame
– See Figure 3-7
• ARP cache life
– Source checks its local ARP cache prior to sending packets
on the local network

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 55

Internet Layer
RARP

56
 Internet Layer
ICMP
Internet Control Message Protocol (ICMP)
works at the Network layer and is used by IP
for many different services.

• ICMP is a management protocol and

messaging service provider for IP.
• Its messages are carried as IP datagrams.

ICMP packets have the following

characteristics:
• They can provide hosts with information about
network problems.
• They are encapsulated within IP datagrams.
57
 Internet Layer
ICMP
E0 of LAB_B goes down. What happens?

58
 Internetwork Layer (continued)
• Routers and ARP
– ARP requests use broadcasts
– Routers filter broadcast traffic
– Source must forward the frame to the router

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 59

 Internetwork Layer (continued)
• ARP tables
– Routers maintain ARP tables to assist in transmitting
frames from one network to another
– A router uses ARP just as other hosts use ARP
– Routers have multiple network interfaces and therefore
also include the port numbers of their NICs in the ARP
table
• The Ping utility
– Packet Internet Groper (Ping) utility verifies connectivity
between two points
– Uses ICMP echo request/reply messages

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 60

Network Layer protocols
 Internet Protocol version 4 (IPv4) –most widely used
 Internet Protocol version 6 (IPv6) – future use…soon!
 Novell Internetwork Packet Exchange (IPX)
 AppleTalk
 Connectionless Network Service (CLNS/DECNet)
 Network Layer Protocols and Internet Protocol (IP)
 Unreliable? Simply means that IP does not have the
capability to manage & recover from missing or corrupt
packets.

Depends on
TCP to
manage the
reliability
factor. It just
gets data
from point A
to point B
Network Layer Protocols and Internet Protocol (IP)
 Source/Destination IP addresses get added at the network
layer (layer 3).
Network Layer Protocols and Internet Protocol (IP)
 IP packet looks like this. Now let’s break down the 6 key
fields.
Packet Forwarding
 Decisions have to be made at each DEVICE along the path
until the packet reaches its final destination
Routing packets
 Routers and routing tables
 3 main features: Destination network, next-hop, and the
metric. Discuss the routing table below.

Discuss
routing table
information –
know these !
 IP Address as a
32-Bit Binary Number
Binary and Decimal Conversion
IP Address Classes
IP Address Classes
IP Addresses as Decimal Numbers
 Hosts for Classes of
IP Addresses

Class A (24 bits for hosts) 224 - 2* = 16,777,214 maximum hosts

Class B (16 bits for hosts) 216 - 2* = 65,534 maximum hosts
Class C (8 bits for hosts) 28 - 2* = 254 maximum hosts
*
Subtracting the network and broadcast reserved address
IP Addresses as Decimal Numbers
 Network Access Layer
• The network access layer is
concerned with all of the
issues that an IP packet
requires to actually make a
physical link to the network
media.
• It includes the LAN and
WAN technology details,
and all the details contained
in the OSI physical and data
link layers.
 Network Interface Layer

• Plays the same role as the Data Link and Physical layers of
the OSI model
• The MAC address, network card drivers, and specific
interfaces for the network card function at this level
• No specific IP functions exist at this layer
– Because the layer’s focus is on communication with the
network card and other networking hardware

CCNA Guide to Cisco Networking Fundamentals, Fourth Edition 76

 Similarities of the OSI and TCP/IP models

• Both have layers.

• Both have application layers, though they include
very different services.
• Both have comparable transport and network layers.
• Packet-switched, not circuit-switched, technology is
assumed.
• Networking professionals need to know both models.
 Differences of the OSI and TCP/IP models

• TCP/IP combines the presentation and session layer

into its application layer.
• TCP/IP combines the OSI data link and physical layers
into one layer.
• TCP/IP appears simpler because it has fewer layers.
• TCP/IP transport layer using UDP does not always
guarantee reliable delivery of packets as the
transport layer in the OSI model does.