Data Communication and Computer Networks

Chapter 4: Protocols
Draw anything that comes to
your mind when you hear the
term computer networking or
simply network
 Network Protocols

• A network protocol is an established set of rules that determine how data is

transmitted between different devices in the same network.
• Essentially, it allows connected devices to communicate with each other,
regardless of any differences in their internal processes, structure or design.
• Similar to the way that speaking the same language simplifies communication
between two people, network protocols make it possible for devices to interact
with each other because of predetermined rules built into devices’ software
and hardware.
• Neither local area networks (LAN) nor wide area networks (WAN) could
function the way they do today without the use of network protocols.
• Network protocols take large-scale processes and break them down into small,
specific tasks or functions.
• This occurs at every level of the network, and each function must cooperate at
each level to complete the larger task at hand.
• The term protocol suite refers to a set of smaller network protocols working in
conjunction with each other.
• Network protocols are typically created according to industry standard by
various networking or information technology organizations.
• Among the groups that have defined and published different network protocols
are:
• The Institute of Electrical and Electronics Engineers (IEEE),
• The Internet Engineering Task Force (IETF),
• The International Organization for Standardization (ISO),
• The International Telecommunications Union (ITU) and
• The World Wide Web Consortium (W3C).
• While network protocol models generally work in similar ways, each
protocol is unique and operates in the specific way detailed by the
organization that created it.
• There are thousands of different network protocols, but they all
perform one of three primary actions:
• Communication
• Network management
• Security
• Each type is necessary to use network devices swiftly and safely, and
they work together to facilitate that usage.
• Network Communication Protocols
• Computer networks can't exist without these protocols.
• These protocols formally describe the formats and rules by which data is transferred
over the network.
• Communication protocols also handle authentication and error detection as well as the
syntax, synchronization and semantics that both analog and digital communications
must abide by to function.
• HTTP – often referred to as the protocol of the internet an application layer protocol that allows the
browser and server to communicate.
• TCP – Transmission Control Protocol (TCP) separates data into packets that can be shared over a
network. These packets can then be sent by devices like switches and routers to the designated
targets.
• IP – Internet Protocol (IP) is similar to TCP, this protocol is used by the internet to route and address
data across networks so that it arrives at the right destination.
• UDP – User Datagram Protocol (UDP) works in a similar way to TCP, the key difference between the
two is that TCP ensures a connection is made between the application and server, but UDP does not.
• IRC – Internet Relay Chat (IRC) is a text-based communication protocol. Software clients are used to
communicate with servers and send messages to other clients. This protocol works well on networks
with a large number of distributed machines.
• SSH – Secure Socket Shell (SSH) is a security-based protocol, built primarily for system admins. It allows
• Network Management Protocols
• Network management protocols help define the policies and procedures used to monitor,
manage and maintain your computer network, and help communicate these needs across
the network to ensure stable communication and optimal performance across the board.
• Generally, network managers can use a management protocol to troubleshoot connections
between host and client devices.
• Management protocols provide network managers with the host connection's status,
availability, packet or data loss, and other related information about the health of the
network connection.
• The policies managed by management protocols can be applied to all devices on the
network, including computers, switches, routers and even servers.
• Two of the most common types of network management protocols include Simple Network
Management Protocol (SNMP) and Internet Control Message Protocol (ICMP).
• SNMP –This TCP-based protocol allows administrators to view and modify endpoint information to alter
behavior of devices across the network.
• SNMP relies on the use of agents to collect and send data to an overarching SMNP manager, which in turn queries
agents and gets their responses.
• ICMP – Internet Control Message Protocol (ICMP) is primarily used for diagnostic purposes.
• Managed devices on the network can use this protocol to send error messages, providing information regarding
network connectivity issues between devices.
• Network Security Protocols
• Network security protocols work to ensure that data in transit over the network's
connections stays safe and secure.
• Usually, network security protocols rely on encryption and cryptography to secure data
so that only special algorithms, formulas and logical keys can make this data accessible.
• Some of the most popular protocols for network security include Secure Socket Layer
(SSL), Secure File Transfer Protocol (SFTP) and Secure Hypertext Transfer Protocol
(HTTPS).
• SSL – A Secure Socket Layer (SSL) is a network security protocol primarily used for ensuring secure
internet connections and protecting sensitive data. This protocol can allow for server/client
communication as well as server/server communication.
• Data transferred with SSL is encrypted to prevent it from being readable.
• SFTP – Secure File Transfer Protocol (SFTP), as its name might suggest, is used to securely transfer files
across a network.
• Data is encrypted and the client and server are authenticated.
• HTTPS – Secure Hypertext Transfer Protocol is the secure version of HTTP.
• Data sent between the browser and server are encrypted to ensure protection.
 Protocol suites & Industry Standards
• Protocol and standard compliance protects data, resources, and networks.
• Protocol and standard compliance are crucial to network security for these
reasons:
• Interoperability: Protocols and standards allow devices and systems to communicate.
• These protocols ensure network components can function together, avoiding risks and security gaps
produced by incompatible or unsupported systems.
• Security Baseline: Protocols and standards contain security principles and best practices
that help secure network infrastructure.
• These protocols allow organizations to protect sensitive data via encryption, authentication, and
access controls.
• Vulnerability Management: Network security protocols and standards help organizations
find and fix vulnerabilities.
• Many standards require regular security assessments, vulnerability scanning, and penetration testing
to discover network infrastructure flaws.
• Organizations can prevent cyberattacks and address vulnerabilities by following these compliance
criteria.
 Layered Models
• Layered Architecture in a computer network is defined as a model where a
whole network process is divided into various smaller sub-tasks.
• These divided sub-tasks are then assigned to a specific layer to perform only
the dedicated tasks.
• A single layer performs only specific type of task.
• To run the application and provide all types of services to clients a lower layer
adds its services to the higher layer present above it.
• Therefore layered architecture provides interactions between the sub-systems.
• If any type of modification is done in one layer it does not affect the next
layer.
Features of Layered Architecture
• Use of Layered architecture in computer network provides with the feature of modularity and
distinct interfaces.
• Layered architecture ensures independence between layers, by offering services to higher
layers from the lower layers and without specifying how this services are implemented.
• Layered architecture segments as larger and unmanageable design into small sub tasks.
• In layer architecture every network has different number of functions, layers and content.
Elements of Layered Architecture
• There are three different types of elements of a layered architecture. They are described
below:
• Service: Service is defined as a set of functions and tasks being provided by a lower layer to a higher layer.
• Each layer performs a different type of task. Therefore, actions provided by each layer are different.
• Protocol: Protocol is defined as a set rules used by the layer for exchanging and transmission of data with
its peer entities.
• These rules can consist of details regarding a type of content and their order passed from one layer to another.
• Interface: Interface is defined as a channel that allows to transmit the messages from one layer to the
other.
• Protocol layering
• As discussed previously, a protocol defines the rules that both the sender and receiver
and all intermediate devices need to follow to be able to communicate effectively.
• When communication is simple, we may need only one simple protocol; when the
communication is complex, we may need to divide the task between different layers, in
which case we need a protocol at each layer, or protocol layering.
• Example:
• Assume Maria and Ann are neighbors with a lot of common ideas. Communication between Maria and
Ann takes place in one layer, face to face, in the same language.
• First, Maria and Ann know that they should greet each other when they meet.
• Second, they know that they should confine their vocabulary to the level of their friendship.
• Third, each party knows that she should refrain from speaking when the other party is speaking.
• Fourth, each party knows that the conversation should be a dialog, not a monolog: both should have
the opportunity to talk about the issue.
• Fifth, they should exchange some nice words when they leave.
• We can see that the protocol used by Maria and Ann is different from the
communication between a professor and the students in a lecture hall.
• The communication in the second case is mostly monolog; the professor talks most
of the time unless a student has a question, a situation in which the protocol
dictates that she should raise her hand and wait for permission to speak.
• In this case, the communication is normally very formal and limited to the subject
being taught.
• Assume that Ann is offered a higher-level position in her company, but needs to
move to another branch located in a city very far from Maria. The two friends still
want to continue their communication and exchange ideas because they have
come up with an innovative project to start a new business when they both retire.
• They decide to continue their conversation using regular mail through the post office.
• However, they do not want their ideas to be revealed by other people if the letters are
intercepted.
• They agree on an encryption/decryption technique.
• The sender of the letter encrypts it to make it unreadable by an intruder; the receiver of the letter
decrypts it to get the original letter.
• But for the moment we assume that Maria and Ann use one technique that
makes it hard to decrypt the letter if one does not have the key for doing so.
• Now we can say that the communication between Maria and Ann takes place in
three layers, as We assume that Ann and Maria each have three machines that
can perform the task at each layer.
 The TCP/IP Model

• TCP/IP is a protocol suite (a set of protocols organized in different layers) used

in the Internet today.
• It is a hierarchical protocol made up of interactive modules, each of which
provides a specific functionality.
• The term hierarchical means that each upper level protocol is supported by the
services provided by one or more lower level protocols.
• The original TCP/IP protocol suite was defined as four software layers built upon
the hardware.
• Today, however, TCP/IP is thought of as a five-layer model.
 Layers of TCP/IP Model

• There are five layers in the TCP/IP model.

• Each layer works in order to coordinate another layer above or below it.
• Let us assume that computer A communicates with computer B.
• As the above figure shows, we have five communicating devices in this communication:
• source host (computer A),
• the link-layer switch in link 1,
• the router,
• the link-layer switch in link 2, and
• the destination host (computer B).
• Each device is involved with a set of layers depending on the role of the device in the internet.
• The two hosts are involved in all five layers; the source host needs to create a message in the
application layer and send it down the layers so that it is physically sent to the destination host.
• The destination host needs to receive the communication at the physical layer and then deliver it
through the other layers to the application layer.
• The router is involved in only three layers;
• there is no transport or application layer in a router as long as the router is used only for routing (direction finding).
• Although a router is always involved in one network layer, it is involved in n combinations of link and physical layers in
which n is the number of links the router is connected to.
• The reason is that each link may use its own data-link or physical protocol.
• For example, in the above figure, the router is involved in three links, but the message sent from source A to destination B is
involved in two links.
• Each link may be using different link-layer and physical-layer protocols; the router needs to receive a packet from link 1 based
on one pair of protocols and deliver it to link 2 based on another pair of protocols.
• A link-layer switch in a link, however, is involved only in two layers, data-link and physical.
Physical Layer
• We can say that the physical layer is responsible for carrying individual bits in a
frame across the link.
• Although the physical layer is the lowest level in the TCP/IP protocol suite, the
communication between two devices at the physical layer is still a logical
communication because there is another, hidden layer, the transmission media,
under the physical layer.
• Two devices are connected by a transmission medium (cable or air).
• We need to know that the transmission medium does not carry bits; it carries
electrical or optical signals.
• So the bits received in a frame from the data-link layer are transformed and
sent through the transmission media, but we can think that the logical unit
between two physical layers in two devices is a bit.
• There are several protocols that transform a bit to a signal.
• Data-link Layer
• We have seen that an internet is made up of several links (LANs and WANs)
connected by routers.
• There may be several overlapping sets of links that a datagram can travel from
the host to the destination.
• The routers are responsible for choosing the best links.
• However, when the next link to travel is determined by the router, the data-link
layer is responsible for taking the datagram and moving it across the link.
• The link can be a wired LAN with a link-layer switch
• We can also have different protocols used with any link type.
• In each case, the data-link layer is responsible for moving the packet through
the link.
• TCP/IP does not define any specific protocol for the data-link layer.
• It supports all the standard and proprietary protocols.
• Any protocol that can take the datagram and carry it through the link suffices
for the network layer.
• The data-link layer takes a datagram and encapsulates it in a packet called a
frame.
• Each link-layer protocol may provide a different service.
• Some link-layer protocols provide complete error detection and correction,
some provide only error correction.
• Network Layer
• The network layer is responsible for creating a connection between the source
computer and the destination computer.
• The communication at the network layer is host-to-host.
• However, since there can be several routers from the source to the destination,
the routers in the path are responsible for choosing the best route for each
packet.
• We can say that the network layer is responsible for host-to-host
communication and routing the packet through possible routes.
• Again, we may ask ourselves why we need the network layer? We could have
added the routing duty to the transport layer and dropped this layer.
• One reason, as we said before, is the separation of different tasks between different
layers.
• The second reason is that the routers do not need the application and transport layers.
Separating the tasks allows us to use fewer protocols on the routers.
• The network layer in the Internet includes the main protocol, Internet Protocol (IP)
that defines the format of the packet, called a datagram at the network layer.
• IP also defines the format and the structure of addresses used in this layer.
• IP is also responsible for routing a packet from its source to its destination, which is achieved by
each router forwarding the datagram to the next router in its path.
• IP is a connectionless protocol that provides no flow control, no error control, and no congestion
control services.
• This means that if any of these services is required for an application, the application should rely
only on the transport-layer protocol.
• A routing protocol does not take part in routing (it is the responsibility of IP), but it
creates forwarding tables for routers to help them in the routing process.
• The network layer also has some auxiliary protocols that help IP in its delivery and
routing tasks.
• The Internet Control Message Protocol (ICMP) helps IP to report some problems when routing a
packet.
• The Internet Group Management Protocol (IGMP) is another protocol that helps IP in
multitasking.
• The Dynamic Host Configuration Protocol (DHCP) helps IP to get the network-layer address for a
host.
• Transport Layer
• The logical connection at the transport layer is also end-to-end.
• The transport layer at the source host gets the message from the application layer,
encapsulates it in a transport layer packet (called a segment or a user datagram in
different protocols) and sends it, through the logical (imaginary) connection, to the
transport layer at the destination host.
• In other words, the transport layer is responsible for giving services to the
application layer: to get a message from an application program running on the
source host and deliver it to the corresponding application program on the
destination host.
• We may ask why we need an end-to-end transport layer when we already have an
end-to-end application layer? The reason is the separation of tasks and duties.
• The transport layer should be independent of the application layer.
• In addition, we will see that we have more than one protocol in the transport layer,
which means that each application program can use the protocol that best matches
its requirement.
• As we said, there are a few transport-layer protocols in the Internet, each designed for
some specific task.
• The main protocol, Transmission Control Protocol (TCP), is a connection-oriented protocol that
first establishes a logical connection between transport layers at two hosts before transferring
data.
• It creates a logical pipe between two TCPs for transferring a stream of bytes.
• TCP provides:
• flow control (matching the sending data rate of the source host with the receiving data rate of the destination
host to prevent overwhelming the destination),
• error control (to guarantee that the segments arrive at the destination without error and resending the
corrupted ones), and
• congestion control to reduce the loss of segments due to congestion in the network.
• The other common protocol, User Datagram Protocol (UDP), is a connectionless
protocol that transmits user datagrams without first creating a logical connection.
• In UDP, each user datagram is an independent entity without being related to the previous or
the next one (the meaning of the term connectionless).
• UDP is a simple protocol that does not provide flow, error, or congestion control. Its simplicity,
which means small overhead, is attractive to an application program that needs to send short
messages and cannot afford the retransmission of the packets involved in TCP, when a packet is
corrupted or lost.
• Application Layer
• The logical connection between the two application layers is end to-end.
• The two application layers exchange messages between each other as though
there were a bridge between the two layers.
• However, we should know that the communication is done through all the
layers.
• Communication at the application layer is between two processes (two
programs running at this layer).
• To communicate, a process sends a request to the other process and receives a
response.
• Process-to-process communication is the duty of the application layer.
• The application layer in the Internet includes many predefined protocols, but a
user can also create a pair of processes to be run at the two hosts.
• The Hypertext Transfer Protocol (HTTP) is a vehicle for accessing the World Wide Web
(WWW).
• The Simple Mail Transfer Protocol (SMTP) is the main protocol used in electronic mail (e-
mail) service.
• The File Transfer Protocol (FTP) is used for transferring files from one host to another.
• The Terminal Network (TELNET) and Secure Shell (SSH) are used for accessing a site
remotely.
• The Simple Network Management Protocol (SNMP) is used by an administrator to
manage the Internet at global and local levels.
• The Domain Name System (DNS) is used by other protocols to find the network-layer
address of a computer.
• The Internet Group Management Protocol (IGMP) is used to collect membership in a
group.
Encapsulation at the Source Host
• At the application layer, the data to be exchanged is referred to as a message.
• A message normally does not contain any header or trailer, but if it does, we refer to the
whole as the message.
• The message is passed to the transport layer.
• The transport layer takes the message as the payload, the load that the
transport layer should take care of.
• It adds the transport layer header to the payload, which contains the identifiers of the
source and destination application programs that want to communicate plus some more
information that is needed for the end-to end delivery of the message, such as
information needed for flow, error control, or congestion control.
• The result is the transport-layer packet, which is called the segment (in TCP) and the user
datagram (in UDP).
• The transport layer then passes the packet to the network layer.
Encapsulation at the Source Host
• The network layer takes the transport-layer packet as data or payload and adds
its own header to the payload.
• The header contains the addresses of the source and destination hosts and some more
information used for error checking of the header, fragmentation information, and so on.
• The result is the network-layer packet, called a datagram.
• The network layer then passes the packet to the data-link layer.
• The data-link layer takes the network-layer packet as data or payload and adds
its own header, which contains the link-layer addresses of the host or the next
hop (the router).
• The result is the link-layer packet, which is called a frame.
• The frame is passed to the physical layer for transmission.
Decapsulation and Encapsulation at the Router
• At the router, we have both decapsulation and encapsulation because the
router is connected to two or more links.
• After the set of bits are delivered to the data-link layer, this layer decapsulates
the datagram from the frame and passes it to the network layer.
• The network layer only inspects the source and destination addresses in the
datagram header and consults its forwarding table to find the next hop to
which the datagram is to be delivered.
• The contents of the datagram should not be changed by the network layer in
the router unless there is a need to fragment the datagram if it is too big to be
passed through the next link.
• The datagram is then passed to the data-link layer of the next link.
• The data-link layer of the next link encapsulates the datagram in a frame and
passes it to the physical layer for transmission.
• Decapsulation at the Destination Host
• At the destination host, each layer only decapsulates the packet
received, removes the payload, and delivers the payload to the next-
higher layer protocol until the message reaches the application layer.
• It is necessary to say that decapsulation in the host involves error
checking.
• Addressing
• Any communication that involves two parties needs two addresses: source address
and destination address.
• Although it looks as if we need five pairs of addresses, one pair per layer, we
normally have only four because the physical layer does not need addresses; the
unit of data exchange at the physical layer is a bit, which definitely cannot have an
address.
• There is a relationship between the layer, the address used in that layer, and the
packet name at that layer.
• At the application layer, we normally use names to define the site that provides services,
such as someorg.com, or the e-mail address, such as [email protected].
• At the transport layer, addresses are called port numbers, and these define the application-
layer programs at the source and destination.
• Port numbers are local addresses that distinguish between several programs running at the same time.
• At the network-layer, the addresses are global, with the whole Internet as the scope. A
network-layer address uniquely defines the connection of a device to the Internet.
• The link-layer addresses, sometimes called MAC addresses, are locally defined addresses,
each of which defines a specific host or router in a network (LAN or WAN).
• Multiplexing and Demultiplexing
• Since the TCP/IP protocol suite uses several protocols at some layers, we can
say that we have multiplexing at the source and demultiplexing at the
destination.
• Multiplexing in this case means that a protocol at a layer can encapsulate a
packet from several next-higher layer protocols (one at a time);
• Demultiplexing means that a protocol can decapsulate and deliver a packet to
several next-higher layer protocols (one at a time).
 THE OSI MODEL
• Although, when speaking of the Internet, everyone talks about the TCP/IP
protocol suite, this suite is not the only suite of protocols defined.
• Established in 1947, the International Organization for Standardization (ISO) is a
multinational body dedicated to worldwide agreement on international
standards.
• Almost three-fourths of the countries in the world are represented in the ISO.
• An ISO standard that covers all aspects of network communications is the Open
Systems Interconnection (OSI) model.
• It was first introduced in the late 1970s.
• An open system is a set of protocols that allows any two different systems to
communicate regardless of their underlying architecture.
• The purpose of the OSI model is to show how to facilitate communication
between different systems without requiring changes to the logic of the
underlying hardware and software.
• The OSI model is not a protocol; it is a model for understanding and designing
a network architecture that is flexible, robust, and interoperable.
• The OSI model was intended to be the basis for the creation of the protocols in
the OSI stack.
• It consists of seven separate but related layers, each of which defines a part of
the process of moving information across a network.
• When we compare the two models, we find that two layers, session and
presentation, are missing from the TCP/IP protocol suite.
• These two layers were not added to the TCP/IP protocol suite after the
publication of the OSI model.
• The application layer in the suite is usually considered to be the combination of
three layers in the OSI model.
• Two reasons were mentioned for this decision.
• First, TCP/IP has more than one transport-layer protocol. Some of the functionalities of the session
layer are available in some of the transport-layer protocols.
• Second, the application layer is not only one piece of software. Many applications can be
developed at this layer. If some of the functionalities mentioned in the session and presentation
layers are needed for a particular application, they can be included in the development of that
piece of software.
• The OSI model appeared after the TCP/IP protocol suite.
• Most experts were at first excited and thought that the TCP/IP protocol would be fully
replaced by the OSI model.
• This did not happen for several reasons.
• First, OSI was completed when TCP/IP was fully in place and a lot of time and money had been
spent on the suite; changing it would cost a lot.
• Second, some layers in the OSI model were never fully defined.
• For example, although the services provided by the presentation and the session layers were listed in the
document, actual protocols for these two layers were not fully defined, nor were they fully described, and the
corresponding software was not fully developed.
• Third, when OSI was implemented by an organization in a different application, it did not show a
high enough level of performance to entice the Internet authority to switch from the TCP/IP
protocol suite to the OSI model.
 Overview of familiar Protocols
• 1. Address Resolution Protocol (ARP)
• ARP translates IP addresses to MAC addresses and vice versa so LAN endpoints can communicate with
one another.
• ARP is necessary because IP and MAC addresses are different lengths.
• IP version 4 (IPv4) addresses are 32 bits.
• IPv6 addresses are 128 bits.
• MAC addresses -- a device's physical hardware number -- are 12 hexadecimal digits split into six pairs.
• Translations between these addresses must occur for proper device communication.
• ARP isn't required every time devices attempt to communicate because the LAN's host stores the
translated addresses in its ARP cache.
• As a result, the ARP translation process is mainly used when new devices join the network.
• 2. Border Gateway Protocol (BGP)
• BGP makes the internet work.
• This routing protocol controls how packets pass through routers in an autonomous system (AS) -- one
or multiple networks run by a single organization or provider -- and connect to different networks.
• BGP can connect endpoints on a LAN to one another, and it can connect endpoints in different LANs to
one another over the internet.
• 3. Domain name system (DNS)
• DNS is a database that includes a website's domain name and its corresponding IP
addresses.
• DNS translates the domain name into IP addresses, and these translations are included
within the DNS.
• 4. Dynamic Host Configuration Protocol (DHCP)
• DHCP assigns IP addresses to network endpoints so they can communicate with other
network endpoints over IP.
• 5. File Transfer Protocol (FTP)
• FTP is a client-server protocol, with which a client requests a file and the server supplies
it.
• FTP runs over TCP/IP -- a suite of communications protocols -- and requires a command
channel and a data channel to communicate and exchange files, respectively.
• Clients request files through the command channel and receive access to download, edit
and copy the file, among other actions, through the data channel.
• FTP has grown less popular as most systems began to use HTTP for file sharing. However,
FTP is a common network protocol for more private file sharing, such as in banking.
• 6. Hypertext Transfer Protocol (HTTP)
• Like FTP, HTTP is a file sharing protocol that runs over TCP/IP.
• HTTP connects to the domain's server and requests the site's HTML, which is the code
that structures and displays the page's design.
• 7. Internet Protocol (IP)
• IP functions similarly to a postal service. When users send and receive data from their
device, the data gets spliced into packets.
• Packets are like letters with two IP addresses: one for the sender and one for the
recipient.
• After the packet leaves the sender, it goes to a gateway, like a post office, that directs it
in the proper direction.
• Packets continue to travel through gateways until they reach their destinations.
• IP is commonly paired with TCP to form TCP/IP, the overall internet protocol suite.
• Together, IP sends packets to their destinations, and TCP arranges the packets in the
correct order, as IP sometimes sends packets out of order to ensure the packets travel
the fastest ways.
• 8. Simple Mail Transfer Protocol (SMTP)
• SMTP is the most popular email protocol, is part of the TCP/IP suite and controls how
email clients send users' email messages.
• Email servers use SMTP to send email messages from the client to the email server to the
receiving email server. However, SMTP doesn't control how email clients receive
messages -- just how clients send messages.
• 9. Telnet
• Telnet is designed for remote connectivity, and it establishes connections between a
remote endpoint and a host machine to enable a remote session.