TCP/IP model

From Wikipedia, the free encyclopedia

Internet protocol suite
5. Application layer

DHCPDNSFTPHTTPIMAP4IRCMIMEPOP3SIPSMTPSNMPSSHTELNETTLS/SSLRPCRTPSDPSOAP

4. Transport layer

TCPUDPRSVPDCCPSCTP

3. Network layer

IP (IPv4IPv6) • ARPBGPICMPIGMPIGPRARP

2. Data link layer

ATMBluetooth (PAN-Profile)DTMEthernetFDDIFrame RelayGPRSModemsPPPWi-Fi

1. Physical layer

Bluetooth RFEthernet physical layerISDNModemsRS232SONET/SDHUSBWi-Fi

This box: view  talk  edit

The TCP/IP model or Internet reference model, sometimes called the DoD model (DoD, Department of Defense), ARPANET reference model, is a layered abstract description for communications and computer network protocol design. It was created in the 1970s by DARPA for use in developing the Internet's protocols, and the structure of the Internet is still closely reflected by the TCP/IP model. It has fewer, less rigidly defined layers than the commonly referenced OSI model, and thus provides an easier fit for real-world protocols.

No document officially specifies the model; different names are given to the layers by different documents, and different numbers of layers are shown by different documents. There are versions of this model with four layers and with five layers. The original four-layer version of the model has

  • Layer 4 - Process Layer or Application Layer - This is where the "higher level" protocols such as SMTP, FTP, SSH, HTTP, etc. operate.
  • Layer 3 - Host-To-Host (Transport) Layer - This is where flow-control and connection protocols exist, such as TCP. This layer deals with opening and maintaining connections, ensuring that packets are in fact received.
  • Layer 2 - Internet or Internetworking Layer - This layer defines IP addresses, with many routing schemes for navigating packets from one IP address to another.
  • Layer 1 - Network Access Layer - This layer describes the physical equipment necessary for communications, such as twisted pair cables, the signalling used on that equipment, and the low-level protocols using that signalling.

In modern text books, the model has evolved into a five-layer version that splits Layer 1 into a Physical layer and a Network Access layer, corresponding to the physical layer and data link layer of the OSI model. The Internet or Internetworking layer is named Network layer.

Contents

[edit] Layers in the TCP/IP model

The layers near the top are logically closer to the user while those near the bottom are logically closer to the physical transmission of the data.

Each layer has an upper layer protocol and a lower layer protocol (except the top/bottom protocols, of course) that either use said layer's service or provide a service, respectively.

IP suite stack showing the physical network connection of two hosts via two routers and the corresponding layers used at each hop
Enlarge
IP suite stack showing the physical network connection of two hosts via two routers and the corresponding layers used at each hop
Sample encapsulation of data within a UDP datagram within an IP packet
Enlarge
Sample encapsulation of data within a UDP datagram within an IP packet

Viewing layers as providing or consuming a service is a method of abstraction to isolate upper layer protocols from the nitty gritty detail of transmitting bits over, say, Ethernet and collision detection while the lower layers avoid having to know the details of each and every application and its protocol.

This abstraction also allows upper layers to provide services that the lower layers cannot, or choose not, to provide. For example, IP is designed to not be reliable and is a best effort delivery protocol. This means that all transport layers must choose whether or not to provide reliability and to what degree. UDP provides data integrity (via a checksum) but does not guarantee delivery; TCP provides both data integrity and delivery guarantee (by retransmitting until the receiver receives the packet).

This model is in some ways lacking.

  1. For multipoint links with their own addressing systems (e.g. Ethernet) an address mapping protocol is needed. Such protocols can be considered to be below IP but above the existing link system.
  2. ICMP & IGMP operate on top of IP but do not transport data like UDP or TCP.
  3. The SSL/TLS library operates above the transport layer (utilizes TCP) but below application protocols.
  4. The link is treated like a black box here. This is fine for discussing IP (since the whole point of IP is it will run over virtually anything) but is less helpful when considering the network as a whole.

The third and fourth examples are perhaps better explained using the OSI model while the first two are still problematic.

[edit] OSI model comparison

The IP protocol suite (and corresponding protocol stack), and its layering model, were in use before the OSI model was established and since then the TCP/IP model has been compared with the OSI model numerous times in books and classrooms. Also, OSI layer numbers are generally used for describing the capabilities of network equipment.

The two can roughly be related but are not a perfect match. The first striking difference is the layer count. The TCP/IP model uses four or five layers while the OSI model uses seven.

The three top layers in the OSI model — the application layer, the presentation layer and the session layer — are lumped into one layer in the TCP/IP model). The reason is that, albeit the functionality of these layers may be supported by TCP/IP protocol suite, these layers do not exist as separate processes with standardized Application Programming Interfaces (APIs). The session layer roughly corresponds to the Telnet virtual terminal functionality, which is part of text based protocols such as HTTP and SMTP TCP/IP model application layer protocols. It also corresponds to TCP and UDP port numbering, which is considered as part of the transport layer in the TCP/IP model. The presentation layer has similarities to the MIME standard, which also is used in HTTP and SMTP.

Much like the TCP/IP model, the OSI model is also not rich enough at the lower layers to capture the true workings of the IP suite. For example, an "internetworking layer" is needed to fit in between the network and transport layers to address where ICMP and IGMP reside. Additionally, a layer between the network and data link layer is needed for ARP and RARP. It also suffers from being designed for simple network setups having only a single data link layer (for example an ADSL user tunneling into a corporate network could have IP over PPTP over IP over PPPoA over the ADSL link)

One example of where the OSI model is better used is showing where SSL/TLS fits in. Typically, SSL/TLS is used as a session protocol that is an upper layer protocol for TCP or UDP but is a lower layer protocol for numerous protocols (HTTP, SFTP, etc.) or any application that operates over a stunnel or secure virtual private network.

7 Application HTTP, SMTP, SNMP, FTP, Telnet, ECHO, SIP, SSH, NFS, RTSP, XMPP, Whois, ENRP
6 Presentation XDR, ASN.1, SMB, AFP, NCP
5 Session ASAP, TLS, SSL, ISO 8327 / CCITT X.225, RPC, NetBIOS, ASP
4 Transport TCP, UDP, RTP, SCTP, SPX, ATP, IL
3 Network IP, ICMP, IGMP, IPX, BGP, OSPF, RIP, IGRP, EIGRP, ARP, RARP, X.25
2 Data Link Ethernet, Token ring, HDLC, Frame relay, ISDN, ATM, 802.11 WiFi, FDDI, PPP
1 Physical 10BASE-T, 100BASE-T, 1000BASE-T, SONET/SDH, T-carrier/E-carrier, various 802.11 physical layers

There are several mnemonics for remembering the order of the layers in the OSI model.

[edit] The layers

The following is a description of each layer in the IP suite stack.

[edit] Application layer

The application layer is used by most programs for network communication. Data is passed from the program in an application-specific format, then encapsulated into a transport layer protocol.

Since the IP stack has no layers between the application and transport layers, the application layer must include any protocols that act like the OSI's presentation and session layer protocols. This is usually done through libraries.

Data sent over the network is passed into the application layer where it is encapsulated into the application layer protocol. From there, the data is passed down into the lower layer protocol of the transport layer.

The two most common lower layer protocols are TCP and UDP. Common services have specific ports assigned to them (HTTP has port 80; FTP has port 21; etc.) while clients use ephemeral ports.

Routers and switches do not utilize this layer but bandwidth throttling applications do.


[edit] Transport layer

The transport layer's responsibilities include end-to-end message transfer capabilities independent of the underlying network, along with error control, fragmentation and flow control. End to end message transmission or connecting applications at the transport layer can be categorized as either:

  1. connection-oriented e.g. TCP
  2. connectionless e.g UDP

The transport layer can be thought of literally as a transport mechanism e.g. a vehicle whose responsibility is to make sure that its contents (passengers/goods) reach its destination safely and soundly.

The transport layer provides this service of connecting applications together through the use of ports. Since IP provides only a best effort delivery, the transport layer is the first layer to address reliability.

For example, TCP is a connection-oriented protocol that addresses numerous reliability issues to provide a reliable byte stream:

  • data arrives in-order
  • data has minimal error-correctness
  • duplicate data is discarded
  • lost/discarded packets are resent
  • includes traffic congestion control

The dynamic routing protocols which technically fit at this layer in the TCP/IP Protocol Suite (since they run over IP) are generally considered to be part of the Network layer; an example is OSPF (IP protocol number 89).

The newer SCTP is also a "reliable", connection-oriented, transport mechanism. It is stream-oriented — not byte-oriented like TCP — and provides multiple streams multiplexed over a single connection. It also provides multi-homing support, in which a connection end can be represented by multiple IP addresses (representing multiple physical interfaces), such that if one fails, the connection is not interrupted. It was developed initially for telephony applications (to transport SS7 over IP), but can also be used for other applications.

UDP is a connectionless datagram protocol. Like IP, it is a best effort or "unreliable" protocol. Reliability is addressed through error detection using a weak checksum algorithm. UDP is typically used for applications such as streaming media (audio and video, etc) where on-time arrival is more important than reliability, or for simple query/response applications like DNS lookups, where the overhead of setting up a reliable connection is disproportionately large.

DCCP is currently under development by IETF. It provides TCP's flow control semantics, while keeping UDP's datagram service model visible to the user.

Both TCP and UDP are used to carry a number of higher-level applications. The applications at any given network address are distinguished by their TCP or UDP port. By convention certain well known ports are associated with specific applications. (See List of TCP and UDP port numbers.)

RTP is a datagram protocol that is designed for real-time data such as streaming audio and video. RTP is a session layer that uses the UDP packet format as a basis yet is said to sit within the transport layer of the Internet protocol stack.

[edit] Network layer

As originally defined, the Network layer solves the problem of getting packets across a single network. Examples of such protocols are X.25, and the ARPANET's Host/IMP Protocol.

With the advent of the concept of internetworking, additional functionality was added to this layer, namely getting data from the source network to the destination network. This generally involves routing the packet across a network of networks, known as an internetwork or (lower-case) internet.[1]

In the Internet protocol suite, IP performs the basic task of getting packets of data from source to destination. IP can carry data for a number of different upper layer protocols; these protocols are each identified by a unique protocol number: ICMP and IGMP are protocols 1 and 2, respectively.

Some of the protocols carried by IP, such as ICMP (used to transmit diagnostic information about IP transmission) and IGMP (used to manage IP Multicast data) are layered on top of IP but perform internetwork layer functions, illustrating an incompatibility between the Internet and the IP stack and OSI model. All routing protocols, such as BGP, OSPF, and RIP are also really part of the network layer, although they might seem to belong higher in the stack.

[edit] Data link layer

The link layer, which is the method used to move packets from the network layer on two different hosts, is not really part of the Internet protocol suite, because IP can run over a variety of different link layers. The processes of transmitting packets on a given link layer and receiving packets from a given link layer can be controlled both in the software device driver for the network card, as well as on firmware or specialist chipsets. These will perform data link functions such as adding a packet header to prepare it for transmission, then actually transmit the frame over a physical medium.

For Internet access over a dial-up modem, IP packets are usually transmitted using PPP. For broadband Internet access such as ADSL or cable modems, PPPoE is often used. On a local wired network, Ethernet is usually used, and on local wireless networks, IEEE 802.11 is usually used. For wide-area networks, either PPP over T-carrier or E-carrier lines, Frame relay, ATM, or packet over SONET/SDH (POS) are often used.

The link layer can also be the layer where packets are intercepted to be sent over a virtual private network. When this is done, the link layer data is considered the application data and proceeds back down the IP stack for actual transmission. On the receiving end, the data goes up the IP stack twice (once for routing and the second time for the VPN).

The link layer can also be considered to include the physical layer, which is made up of the actual physical network components (hubs, repeaters, fiber optic cable, coaxial cable, network cards, Host Bus Adapter cards and the associated network connectors: RJ-45, BNC, etc), and the low level specifications for the signals (voltage levels, frequencies, etc).

[edit] Physical Layer

The Physical layer is responsible for encoding and transmission of data over network communications media. It operates with data in the form of bits that are sent from the Physical layer of the sending (source) device and received at the Physical layer of the destination device.

Ethernet, Token Ring, SCSI, hubs, repeaters, cables and connectors are standard network devices that function at the Physical layer. The Physical layer is also considered the domain of many hardware-related network design issues, such as LAN and WAN topology and wireless technology too.

[edit] Hardware and software implementation

Normally the application programmes are in charge of layer 5 protocols (the application layer), while the layer 3 and 4 protocols are services provided by the TCP/IP stack in the operational system. Microcontroller firmware in the network adapter typically handle layer 2 issues, supported by a driver software in the operational system. Non-programmable analog and digital electronics are normally in charge of the physical layer, typically using a application specific integrated circuit (ASIC) chipset for each radio interface or other physical standard.

However, hardware or software implementation is not stated in the protocols or the layered reference model. High-performance routers are to a large extent based on fast non-programmable digital electronics, carrying out layer 3 switching. In modern modems and wireless equipment, the physical layer may partly be implemented using programmable DSP processors or software radio (soft radio) programmable chipsets, allowing the chip to be reused in several alternative standards and radio interfaces instead of separate circuits for each standard, and facilitating. The Apple Geoport concept was an example of CPU software implementation of the physical layer, making it possible to emulate some modem standards.

[edit] See also

In other languages