Figure 14.7: Data structures in the TCPIP protocol stack.

14.4 TCPIP Layers and Protocols

Most of the information about TCPIP protocols is published in documents known as Requests for Comments RFC. RFCs contain the latest versions of the specifications of all standard TCPIP protocols. The style and contents of these documents are much less rigid than most standard documents of this type; RFCs contain a wide range of information, and they are not limited to the formal specification of data communication protocols. All RFCs are available on the Internet. In the text that follows, an overview of the function of each TCPIP layer is presented.

14.4.1 Network Access Layer

The network access layer is the lowest layer of the TCPIP protocol hierarchy. The protocols in this layer provide data delivery to the other devices on a directly attached network. This layer defines how to use the network to transmit an IP datagram. It must know the details of the underlying network addressing scheme, packet structure, etc. to be able to correctly format the data being sent to the network. If compared to the ISO OSI model, this layer encompasses the functions of its three lower layers. The TCPIP design hides most of the network access layers functions from users. As new hardware technologies appear, new network access protocols must be developed so TCPIP can use the new hardware. Consequently, there are many access protocols — one for each physical network standard. Functions performed in this layer include encapsulation of IP datagrams into the frames to be transmitted by the network, and mapping of IP addresses to the physical addresses used by the network itself. One of TCPIPs strengths is its addressing scheme, which uniquely identifies every host on the global network. This IP address may be converted mapped into whatever address is appropriate for the implemented local area network LAN over which the datagram is physically transmitted. 331

14.4.2 Internet Layer and IP Protocol

The Internet layer is a layer above the network access layer in the protocol hierarchy. The best−known protocols in this layer are: Internet protocol IP and Internet Control Message Protocol ICMP.

14.4.2.1 Internet Protocol IP

The most important protocol in this layer is the Internet protocol, better known as the IP. IP is the core of TCPIP, and it provides the basic packet delivery service on which TCPIP networks are built. All protocols in the layers above and below the Internet layer are dependent in some way on the IP to deliver data. All incoming and outgoing TCPIP data flows deal with IP, regardless of their real destinations. IP functions include: Defining the datagram, which is the basic unit of transmission in the TCPIP network • Defining the Internet addressing scheme • Moving data between the layer below, the network access layer, and the layer above, the host−to−host transport layer • Routing datagrams to remote hosts • Performing fragmentation and reassembly of datagrams • IP is a connectionless protocol. This means that IP does not exchange control information, known as handshaking, to establish an end−to−end connection before transmitting data. Rather, the opposite is true: connection−oriented protocols perform handshaking with the remote system to verify that a connection is established before data transmission starts see more details later about TCP and in Figure 14.11. IP relies on protocols in other layers to establish the connection if they require connection−oriented service. IP is also an unreliable protocol because it contains no error detection and recovery code. Of course, this does not mean that reliable data delivery cannot be based on IP, it only means that IP does not check to ensure the data was correctly received at the remote system. TCPIP protocols transmit data over the network in packets. A packet contains a block of data to be transferred, as well as the full information that identifies the destination of a packet itself. Each packet travels over the network independently of any other packet. Long data structures are divided into packets for transfer over the network and reassembled at the receiving end. The datagram is the packet format defined by IP, and it is presented in Figure 14.8. The first five or six 32−bit words the sixth word is optional form the header. The header length is specified in the field IHL Internet Header Length. The header contains all the information necessary to identify and deliver the datagram. The source and destination addresses are crucial for delivery; they are the IP addresses of the source and destination hosts in the network. Two hosts in the communication mostly do not reside in the same subnet local area network, so datagrams may travel through many network devices until they reach their destinations. 332 Figure 14.8: IP datagram format. The Total Length field determines the length of a data part of the datagram and should be decreased by IHL. Sometimes, when traveling through different networks, datagrams must be further divided into smaller packets because of the network type they are passing through. This procedure is called fragmentation, and corresponding identification information is also included in the datagram header.

14.4.2.2 Internet Control Message Protocol ICMP

The Internet Control Message Protocol ICMP is an integral part of the Internet layer, and it uses the IP datagram delivery facility to send its messages. ICMP performs the following functions for TCPIP: Flow control • Detection of unreachable destinations • Redirection of routes • Checking of remote hosts supports the ping command • ICMP protocol is widely used to check connectivity with designated remote hosts. Because it resides in the Internet layer, it automatically excludes all higher layers from its communication and points to underlying layers for any possible connectivity problem. The special command ping is used for this purpose it completely relies on ICMP to check if the remote host is alive, i.e., does the required connection between two hosts exist. Once a pinging goes in both directions, we can look for communication problems at higher layers.

14.4.3 Transport Layer and TCP and UDP Protocols

The host−to−host transport layer is above the Internet layer and is usually shortened to transport layer. The two most important protocols in this layer are transmission control protocol TCP and user datagram protocol UDP. TCP provides reliable data delivery service with end−to−end error detection and correction. UDP provides low−overhead, connectionless datagram delivery service. Both protocols deliver data between the application layer and the Internet layer. Application programmers can choose whichever service is more appropriate for their specific applications, and both protocols are widely used. Although the whole protocol suite got the name TCPIP, it does not mean at all that the TCP protocol is more important than the UDP protocol. 333 UDP gives application programs direct access to a datagram delivery service similar to IP; this allows applications to exchange messages over the network with a minimum of protocol overhead. UDP is an unreliable, connectionless datagram protocol. The basic UDP data block actually for UDP the correct term should be packet or message is presented in Figure 14.9. The UDP header contains only two 32−bit words. The first word includes the 16−bit source port and destination port numbers, which define applications; the second word includes the datagram length and a checksum. A very short header minimizes the protocol overhead. Figure 14.9: UDP message format. There are a number of good reasons to choose UDP as a data transport service: If the amount of data being transmitted is small, the overhead of creating connections and ensuring reliable delivery may be greater than the work of retransmitting the entire data set. • Many applications fit a query − response model, so reliable data delivery is already ensured by the applications themselves. • Many applications provide their own techniques for reliable data delivery, so imposing another layer of acknowledgment would be redundant. • 14.4.3.2 Transmission Control Protocol TCP TCP is a reliable, connection−oriented, byte−stream protocol, where reliability is achieved by a mechanism called Positive Acknowledgment with Retransmission PAR. Data are resent if a positive acknowledgment for already sent data is not received. A basic header for a data block for TCP the correct term should be segment is presented in Figure 14.10. Each segment contains a checksum that the recipient uses to verify that the segment is undamaged. If the transmission is OK, the recipient sends a positive acknowledgment back to the sender; if the segment is damaged, the recipient discards it. After an appropriate time−out period, the sender retransmits any segment for which a positive acknowledgment is missing. 334 Figure 14.10: TCP segment format. Connection−oriented protocol means that TCP establishes a logical end−to−end connection between the two hosts that communicate in a procedure known as a handshake. The handshake is an exchange of the control information between two end points to establish a dialogue before data is transmitted. TCP indicates the control function of a segment by setting the appropriate bit in the Flags field in the header segment. TCP used a so−called three−way handshake in which three segments are exchanged. The handshake procedure is presented in the Figure 14.11. Figure 14.11: Three−way handshake. Finally, a byte−stream protocol means that each TCP segment presents a multiple−byte data stream. As a transport protocol, TCP is also responsible for a proper delivery of data received from the Internet layer to the correct application. A 16−bit number in the source port and destination port fields in the header segment identify applications. To pass data correctly to and from the application layer is an important part of what the transport layer services do.

14.4.4 Application Layer