The Transmission Control Protocol/Internet Protocol (TCP/IP) can be considered to represent two distinct protocols within the TCP/
IP protocol suite, although in actuality there are numerous protocols, most of which are seldom used. Due to the popularity of those two protocols, and the fact that a majority of traffic is transferred using them, the members of the protocol suite include TCP and IP and are collectively referred to as TCP/IP.
In Figure 2.2 a general comparison of the structure of the TCP/IP protocol suite to the OSI Reference Model is provided.
“General comparison” is used because the protocol suite consists of hundreds of applications, of which only a handful are shown.
A second reason that Figure 2.2 represents a general comparison is because the TCP/IP protocol suite actually begins above the data link layer. Although the physical and data link layers are not part of the TCP/IP protocol suite, they are shown in Figure 2.2
Figure 2.2 Comparing the TCP/IP protocol suite to the ISO Reference Model.
to provide a frame of reference to the ISO Reference Model as well as to facilitate an explanation of the role of two special pro-tocols within the TCP/IP protocol suite. For example, Ethernet local area networks, which are defined at the first two layers of the ISO OSI Reference Model, are IEEE standards that, although they interact with TCP/IP, are not defined as TCP/IP standards.
As a matter of digression but of interest, ANSI, which was tasked with developing communications standards, literally passed the buck and tasked the IEEE with developing LAN standards. This is how the IEEE’s efforts in the area of 802.x standards became recognized around the world.
2.2.1 The TCP/IP Network Layer
The TCP/IP protocol suite actually begins at the third layer of the ISO OSI Reference Model, which is the network. The network layer of the TCP/IP protocol stack primarily consists of the IP, a messaging protocol referred to as the ICMP and an ARP, which resolves layer 2 and layer 3 addresses, as we shortly note.
The IP protocol includes an addressing scheme that identifies the source and destination address of the packet being transported. In TCP/IP terminology the unit of data being transmitted at the net-work layer is referred to as a datagram, although it is also commonly referred to as a packet.
2.2.2 IP
The IP provides the addressing capability that allows datagrams to be routed between networks. The current version of IP is IPv4, under which IP addresses consist of 32 bits. As this book goes to press the last IPv4 addresses were assigned, which has resulted in a growing emphasis for Internet service providers (ISPs) as well as major web-sites to migrate to IPv6, which has a 128-bit addressing capability.
This expanded addressing capability ensures that every person on the globe can be assigned a unique address for multiple devices with extra capacity to spare. Thus the primary goal for expanding IP addressing was accomplished through the development and deployment of IPv6.
As an additional rationale, IPv6 enables security and other functions
to occur more naturally and will be described later in this book. For now we simply become familiar with IP addressing.
2.2.2.1 IPv4 Addressing There are five classes of IPv4 addresses, referred to as Class A through Class E, with Classes A, B, and C having their 32 bits subdivided into a network portion and a host por-tion. The network portion of the address defines the network where a particular host resides, while the host portion of the address identifies a unique host on the network. In Chapter 4 we examine the Internet Protocol in detail, to include its current method of 32-bit addressing as well as the 128-bit addressing of IPv6.
2.2.2.2 IPv6 Addressing The primary motivation for creating IPv6 was to rectify the addressing limitations associated with the use of IPv4. In addition to expanding the number of available addresses, backward compatibility was required, as well as developing a mecha-nism to incorporate design evolutions through the use of a header that enables additional subheaders to be incorporated into data flow.
2.2.2.2.1 IPv6 Address Size In IPv4, IP addresses are 32 bits long;
these are usually grouped into four octets of 8 bits each. Thus the the-oretical IPv4 address space is 232, or 4,294,967,296 addresses. Since each extra bit assigned to the address size doubles the address space, expanding IP addresses to 128 bits results in a significant increase in possible addresses to 2128, or 340,282,366,920,938,463,463,374,6 07,431,768,211,456 addresses for those of us mathematically inclined to work with powers of two. Because this number by far exceeds the number of grains of sand on the earth, IPv6 addresses provide mul-tiple levels of hierarchy that are lacking in IPv4. For example, a uni-cast address where communications occur directly from an originator to a receiver is indicated by the prefix 001 in the first three bits of the address. The remaining 125 bits can be used as a global routing prefix (64 bits, to include the first three bits set to 001 for a unicast address), which indicates a network ID or prefix of the address used for routing, 16 bits for a subnet identifier, and the remaining 64 bits functioning as an interface identifier. In Chapter 4 we examine the wonderful world of IP addressing, to include the types of IP addresses supported under IPv4 and IPv6.
2.2.2.3 ARP One of the more significant differences between the data link layer and the network layer is the method of addressing used at each. At the data link layer, LANs such as Ethernet and Token-Ring networks use 48-bit MAC addresses. In addition, most tablet computers have a built-in Ethernet port that is commonly used for connecting to a cable or DSL modem in the home. In comparison, TCP/IP currently uses either 32-bit or 128-bit addresses depend-ing upon the version of IP in use. Thus the delivery of a packet or datagram flowing at the network layer to a station on a LAN, even when the computer is directly connected to a network via a cable or DSL modem, requires an address conversion. That address conver-sion is performed by the ARP, whose operation is covered in detail in Chapter 4.
2.2.2.4 ICMP The ICMP, as its name implies, represents a proto-col used to convey control messages. Such messages range in scope from routers responding to a request that cannot be honored, with a
“destination unreachable” message flowing back to the requestor, to messages that convey diagnostic tests and responses. An example of the latter is the echo request/echo response pair of ICMP datagrams that is more popularly referred to collectively as ping.
ICMP messages are conveyed with the prefix of an IP header to the message. Thus we can consider ICMP to represent a layer 3 protocol in the TCP/IP protocol suite. We will examine the structure of ICMP messages as well as the use of certain messages in Chapter 4 when we look at the network layer of the TCP/IP protocol suite in detail. As you might surmise, there are two versions of ICMP, ICMPv4 and ICMPv6, with the one in use dependent upon which version of TCP/
IP is in use. In Chapter 4 we will cover both ICMPv4 and ICMPv6.
2.2.3 The Transport Layer
As indicated in Figure 2.2, there are two transport layer protocols supported by the TCP/IP protocol suite: TCP and UDP.
2.2.3.1 TCP TCP is an error-free, connection-oriented protocol.
This means that prior to data being transmitted by TCP the protocol requires the establishment of a path between source and destination
as well as an acknowledgment that the receiver is ready to receive information. After the flow of data commences, each unit, which is referred to as a TCP segment, is checked for errors at the receiver.
If an error is detected through a checksum process, the receiver will request the originator to retransmit the segment. Thus TCP repre-sents an error-free, connection-oriented protocol where error correc-tion is performed by retransmission.
The advantages associated with the use of TCP as a transport pro-tocol relate to its error-free, connection-oriented functionality. For the transmission of relatively large quantities of data or important information, it makes sense to use this transport layer protocol. The connection-oriented feature of the protocol means that it will require a period of time for the source and destination to exchange handshake information. In addition, the error-free capability of the protocol may be redundant if the higher layer in the protocol suite also performs error checking. Recognizing the previously mentioned problems, the developers of the TCP/IP protocol suite added a second transport layer protocol referred to as UDP.
2.2.3.2 UDP The UDP is a connectionless, best-effort, non-error-checking transport protocol. UDP was developed in recognition of the fact that some applications, such as the transport of real-time dig-itized voice, may require small pieces of information to be transferred, and the use of a connection-oriented protocol would result in a sig-nificant overhead to the transfer of data. Because a higher layer in the protocol suite could perform error checking, error detection and cor-rection could also be eliminated from UDP. Because UDP transmits a piece of information referred to as a UDP datagram without first establishing a connection to the receiver, it is also called a best-effort protocol. To ensure that a series of UDP datagrams are not transmit-ted into a black hole if a receiver is not available, the higher layer in the protocol suite using UDP as a transport protocol will wait for an acknowledgment. If one is not received within a predefined period of time, the application can decide whether to retransmit or cancel the session. For example, in a Voice over IP environment the retrans-mission of a datagram transporting voice would result in a delay dis-tortion that would make the reconstructed voice sound awkward,
which explains why real-time Voice over IP implementations do not retransmit datagrams.
In examining Figure 2.2 you will note that certain applications use TCP as their transport protocol, while other applications use UDP.
In general, applications that require data integrity, such as remote ter-minal transmission (Telnet), file transfer (FTP), secure web browsing (HTTPS), and electronic mail, use TCP as their transport proto-col. In comparison, applications that transmit relatively short packets, such as the Domain Name Service (DNS) and the Simple Network Management Protocol (SNMP) that is used to perform network man-agement operations, use UDP.
Two relatively new TCP/IP applications take advantage of both the TCP and UDP transport protocols. Those applications are Voice over IP (VoIP) and Video over IP. VoIP commonly uses TCP to set up a call and convey signaling information to the distant party.
After all, it’s extremely important to be able to access the correct distant party. Because real-time voice cannot be delayed by retrans-mission if an error is detected, there is no need to perform error detection. Thus digitized voice samples are commonly transmitted using UDP once a session is established using TCP. Similarly, video applications, which include digitization of output from web cams and other types of cameras and digitized voice from microphones, initiate a call using TCP and then transmit digitized video and voice via UDP.
2.2.4 The Application Layer
The development of the TCP/IP protocol suite predated the develop-ment of ISO’s OSI Reference Model. At the time the TCP/IP pro-tocol suite was initially developed functions above the transport layer were combined into one entity that represented an application. Thus the TCP/IP protocol suite does not include separate session and pre-sentation layers. Now that we have an appreciation for the manner by which the TCP/IP protocol stack can be compared and contrasted to the OSI Reference Model, we conclude this chapter by examining the flow of data within a TCP/IP network.