TCP/IP Advanced Guide

Leave A Reply

In this article, we will take a look at the TCP/IP protocol

stack to help us better understand how TCP/IP functions
in the network. We'll look at the Department of Defense
(DoD) protocol layers and the Open Systems Interconnect
(OSI) model to help us better understand how the
protocols and utilities function at the various layers. This
is what I think to be a very easy ISO/OSI and DoD
overview. But I guess that will be up to the readers.
First of all I'm going to talk about ISO/OSI.
The Open Systems Interconnect Model (OSI)
The Open Systems Interconnect (OSI) model was
developed by the International Standards Organization
(ISO) and helps to identify how the functions of the
protocols relate to each other. By showing how the
functions relate, we'll define how the parts of the protocol
stack connect to permit machines to effectively
communicate. As we look at the OSI model, remember it
is just a model concept- we don't actually see it when two
hosts work together :]. The model, however, is the
standard and to communicate we must adhere to it.
Basically if two computers that are have similar
configuration, they will communicate. If their not, you
may end up get nasty error messages, failure to initialize
services, or no communication at all.
The OSI Model contains seven layers:

-Application Layer
-Presentation Layer
-Transport Layer
-Network Layer
-Datalink Layer
-Physical Layer
The chart below compares the layers of the ISO-OSI
model to the layers of the DoD model. These models give
us a sense of how the communication is expected to take
place. Moving from the highest layers down to the wire,
we see the application needs to be able to operate
without being concerned about identifying all of the
lower-level hardware and maintaining drivers for each
device.
http://img.microsoft.com/library/media/1033/technet/ima
ges/archive/winntas/maintain/fig2-1.gif
1. The Application Layer provides support to any end
user application programming interface. This layer is
responsible for working with the originated data stream
and communicates them with lower levels. Examples of
Applications Programming Interface (API) would be Mail
API (MAPI), MS Fax API (FAPI), Telephone API (TAPI), and
internet Server API (ISAPI).
2. The Presentation Layer provides platform to platform
translation of syntax for the purpose of data exchange.
Modification of data according to a common set of rules is
done at this layer. Compression and encryption, for
instance, are also done here.

3. The Sessions Layer provides for the establishment,

maintenance, and recovery form failures that occur
between applications. When 2 computers establish a
session to share data, control of the flow and direction,
and the recovery of missing and corrupt data, is the
responsibility of this layer. Depending on the type of
application, you might see a simplex, a half-duplex, or a
full-duplex of data flow. Simplex is a one-way data flow.
Half duplex is basically the same as simplex but implies
that there is a duplex channel to permit full duplex if
configured to do it. Full duplex provides two-way data
flow. By providing appropriate checkpoint methods, the
wire between both the computers can stay full of data.
Only the data that does not make it properly to the other
computer needs to be resent.
4. The Transport Layer guarantees the data is delivered
in the right order and in a reliable manner. Here again we
consider error checking and correction as a means to put
the information in the right order and to make certain
that the whole message is received.
5. The Network Layer provides routing between
internetworks and shields the layers above from the
details of the lower layers (the physical topology for
example). It is at this level that we first find addressing
(IP Address)
6. The Datalink Layer provides reliable transfer of data
across the physical link (i.e. the LAN cable). The datalink
layer functions to provide formatting, error detection, link
management, and data flow control. Again we find
addressing, this time at the hardware layer (Example:

Hardware address of the network interface card.)

7. The Physical Layer accepts data from the datalink
layer and puts in the right format for the physical
medium. this layer specifies the requirements for the wire
such as voltage levels, connector types, and handshake.
Department of Defense (DoD) Overview
More than one theory can be used to identify how
components in the TCP/IP protocol stack connect
dissimilar systems. This is how each Microsoft TCP/IP
component or utility fits this model.
The DoD four-layer mode contains:
Network Interface Layer
Internet Layer
Transport (transmission) Layer
Application Layer (known earlier as process layer)
The Network Interface Layer is the lowest layer in the
model. It is responsible for putting frames on and off the
wire. In order to get the frames to higher levels, which is
where the routing and switching take place, there must
be information that permits computers to find each other
on the subnetwork. This is the network address of the
network card. The Network Interface Card (NIC) contains
a hardware address that is mapped to and used by the
higher level protocols to pass the information up and
down the stack and back and forth across the wire.
TCP/IP can be used in a wide variety of LAN, WAN, and
dial-up environments. Supported LAN typed include:
Ethernet, Token Ring, Fiber Distributed Data Interface

(FDDI), and ARCnet. Supported WAN types include serial

lines and packet-switched networks such as X.25, Frame
Relay, and ATM. Metropolitan Area Network (MAN) types
of topologies supported using TCP/IP are the same as the
previously mentioned WAN types.
Each of the LAN, MAN, WAN, and Dial-up types have
different requirements for cables, signaling, data
encoding, and so on. The Network Interface layer
specifies is the equivilent to the Datalink and Physical
layers of the OSI Model as shown up on the chart.
The Internet Layer has protocols that provide three
specific serives:
1. A connectionless delivery service
2. A mechanism to break the data up into individual
packets of frames on the transmitting side and to put
back together on the recievers side. This is process I
believe is also known as Fragmentation and Reassembly.
3. The routing functions necessary to interoperate with
other networks.
Five protocols are implemented at this layer:
-The Internet Protocol (better known as IP) which
addresses and routes packets
-The Address Resolution Protector (ARP) which determines
the hardware address at the recieving host.
-Internet Control Message Protocol (ICMP) which sends
error messages to the IP when problems crop up.
-Internet Group Management Protocol (IGMP) which
informs the routers of the availability of multicast groups.
These protocols do their jobs by encapsulating internet

datagrams and running all the necessary routing

algorithms. (A datagram is a connectionless or one way
communication--It is sent with no configuration. Just like
when you send a letter to someone) The user data
orriginates in one of the higher level protocols and is
passed down to the internet layer. The router, then,
examines the IP of the datagram to determine whether
the destination is local or not (remote). If both machines
are on the same network (this is called a local network),
the datagram is forwarded directly to the destination of
the host. If the destination is on another network (this is
called a remote network), the datagram is forwarded to
the default gateway (locally attached gateway--router--to
remote networks).
When a network joins the Internet, the administrator
must apply for and recieve a valid IP network and host
the number from Internet and Information Center
(InterNIC). The hosts carry out the functions mentioned
here through the use of these numbers, which, when
combined, is known as an IP address.
The Transport Layer has protocols that provide
communications sessions between connected computers.
The desired method of data delivery determines the
transport protocol. The two transport protocols provided
within TCP/IP are the transmission control protocols, and
the User Datagram Protocol (UDP). TCP provides the
virtual circuit service to make the end-to-end connection
for the applications. Data Transfer is made reliable
throught the use of connections and acknowledgements.
The UDP provides delivery but does not use connections
or acknowledgements, so it is less reliable but faster.

These connectionless protocols I think are define

unreliable because nothing is telling you the data was
received at the right place. If that's confusing, try to think
of it as a letter. You send the message but their is no way
of knowing it reached it's intended recipient. A
connection-oriented protocol however is kind of like
making a phone call. You can tell the person on the other
side received the message, and possibly understood it.
The terms "host-to-host" or transmission layer are used
interchangeably with the transport layer. The Transport
Layer is responsible for error detection and correction in
the DoD model and is analogous to the Transport Layer in
the OSI model.
In the Application Layer Microsoft implements two
program interfaces at the application layer to allow the
applications to utilize the services of the TCP/IP Protocol
Stack. These are Windows Sockets and NetBIOS.
The windows sockets interface provide a standard API
under Microsoft Windows to many transport protocols
such as IPX and TCP/IP. This open standard library of
function calls, data structures, and programming
procedures permits Windows applications to take
advantage of the TCP/IP. This will pretty much allow you
to exchange data with foreign or non-NetBIOS systems.
NetBIOS provides a standard interface to protocols that
support NetBIOS naming and message services, like
TCP/IP and NetBEUI. NetBIOS is used in Microsoft products
to permit application communication, with lower layer
protocols as well. Three TCP ports provide NetBIOS

support. These are port 137 which is NetBIOS Name

Service, port 138 which is Datagram Service, and port
139 for session service.
Here are some TCP/IP utilities and services at the
application layer:
FTP, SMTP, SNMP, and Telnet
Oh by the way, I may not have been very clear on
encapsulation. it's basically the process of adding a
header to the data accepted from a higher protocol.
When the application originates data, or sends a request
to get data , the data or request moves down the total
size of the information until it reaches the wire. The
individual ones and zeros are sent via the wire to the
remote computer where each of the headers is opened or
peeled off, I try to think of it as peeling an onion.. idk =D.
Anyways... The header information is stripped off at each
layer and sent upward to reach, finally, the intended
application.
Created By VAX
Source