Beruflich Dokumente
Kultur Dokumente
Application layer
This is the top layer of TCP/IP protocol suite. This layer includes applications or
processes that use transport layer protocols to deliver the data to destination computers.
At each layer there are certain protocol options to carry out the task designated to that
particular layer. So, application layer also has various protocols that applications use to
communicate with the second layer, the transport layer. Some of the popular application
layer protocols are :
2. Transport Layer
This layer provides backbone to data flow between two hosts. This layer receives data
from the application layer above it. There are many protocols that work at this layer but
the two most commonly used protocols at transport layer are TCP and UDP.
TCP is used where a reliable connection is required while UDP is used in case of
unreliable connections.
TCP divides the data(coming from the application layer) into proper sized chunks and
then passes these chunks onto the network. It acknowledges received packets, waits for
the acknowledgments of the packets it sent and sets timeout to resend the packets if
acknowledgements are not received in time. The term reliable connection is used where
it is not desired to loose any information that is being transferred over the network
through this connection. So, the protocol used for this type of connection must provide
the mechanism to achieve this desired characteristic. For example, while downloading a
file, it is not desired to loose any information(bytes) as it may lead to corruption of
downloaded content.
UDP provides a comparatively simpler but unreliable service by sending packets from
one host to another. UDP does not take any extra measures to ensure that the data sent
is received by the target host or not. The term unreliable connection are used where
loss of some information does not hamper the task being fulfilled through this
connection. For example while streaming a video, loss of few bytes of information due to
some reason is acceptable as this does not harm the user experience much.
3. Network Layer
This layer is also known as Internet layer. The main purpose of this layer is to organize
or handle the movement of data on network. By movement of data, we generally mean
routing of data over the network. The main protocol used at this layer is IP. While
ICMP(used by popular ping command) and IGMP are also used at this layer.
Application Layer
The application layer is concerned with providing network services to applications. There are
many application network processes and protocols that work at this layer, including HyperText
Transfer Protocol (HTTP), Simple Mail Transport Protocol (SMTP) and File Transfer Protocol (FTP).
At this layer sockets and port numbers are used to differentiate the path and sessions which
applications operate. Most application layer protocols, especially on the server side, have
specially allocated port numbers, e.g. HTTP = 80 and SMTP = 25, and FTP = 20 (Control), 21
(Data).
Transport Layer
This layer is concerned with the transmission of the data. The two main protocols that operate at
this layer are Transmission Control Protocol (TCP) and User Datagram Protocol (UDP). TCP is
regarded as being the reliable transmission protocol and it guarantees that the proper data
transfer will take place. UDP is not as complex as TCP and as such is not designed to be reliable
or guarantee data delivery. UDP is generally thought of as being a best effort data delivery, i.e.
once the data is sent, UDP will not carry out any checks to see that it has safely arrived.
present on the top of theTransport layer. Application layer defines TCP/IP application
protocols and how host programs interface with Transport layer services to use the
network.
Application layer includes all the higher-level protocols like DNS (Domain Naming
System), HTTP (Hypertext Transfer Protocol), Telnet, SSH, FTP (File Transfer Protocol), TFTP
(Trivial File Transfer Protocol), SNMP (Simple Network Management Protocol), SMTP
(Simple Mail Transfer Protocol) , DHCP (Dynamic Host Configuration Protocol), X Windows,
the Transport
layer is
betweenApplication
layer.
The
purpose
of Transport layer is to permit devices on the source and destination hosts to carry on a
conversation. Transport layer defines the level of service and status of the connection
used when transporting data.
The
main
protocols
included
at
Transport
layer
are TCP
(Transmission
Control
data packets known as IP datagrams, which contain source and destination address
(logical address or IP address) information that is used to forward the datagrams
between hosts and across networks. The Internet layer is also responsible for routing
of IP datagrams.
Packet switching network depends upon a connectionless internetwork layer. This layer
is known as Internet layer. Its job is to allow hosts to insert packets into any network and
have them to deliver independently to the destination. At the destination side data
packets may appear in a different order than they were sent. It is the job of the higher
layers to rearrange them in order to deliver them to proper network applications
operating at the Application layer.
The main protocols included at Internet layer are IP (Internet Protocol), ICMP (Internet
Control Message Protocol), ARP (Address Resolution Protocol), RARP (Reverse Address
bits are electrically or optically signaled by hardware devices that interface directly with
a network medium, such as coaxial cable, optical fiber, or twisted pair copper wire.
The protocols included in Network Access Layer are Ethernet, Token Ring, FDDI, X.25,
Frame Relay etc.
The most popular LAN architecture among those listed above is Ethernet. Ethernet uses
an Access Method called CSMA/CD (Carrier Sense Multiple Access/Collision Detection) to
access
the
media,
when
Ethernet
operates
in
a shared
media.
An Access
IN CSMA/CD Access Method, every host has equal access to the medium and can place
data on the wire when the wire is free from network traffic. When a host wants to place
data on the wire, it will check the wire to find whether another host is already using the
medium. If there is traffic already in the medium, the host will wait and if there is no
traffic, it will place the data in the medium. But, if two systems place data on the
medium at the same instance, they will collide with each other, destroying the data. If
the data is destroyed during transmission, the data will need to be retransmitted.
After collision, each host will wait for a small interval of time and again the data will be
retransmitted.
Layer
Description
Protocols
Applicati
on
Transport
Internet
Network
interface
Ethernet, Token
Ring, FDDI, X.25,
Frame Relay, RS232, v.35
Short for Address Resolution Protocol, a network layer protocolused to convert an IP address into a physical address
(called aDLC address), such as an Ethernet address. A host wishing to obtain a physical address broadcastsan ARP
request onto the TCP/IP network. The host on the network that has the IP address in the request then replies with its
physical hardware address.
There is also Reverse ARP (RARP)which can be used by a host to discover its IP address. In this case, the host
broadcasts its physical address and a RARP server replies with the host's IP address.
(1) Short for Data Link Control, the second lowest layer in the OSI Reference Model. Every network interface card
(NIC) has a DLC address or DLC identifier (DLCI) that uniquely identifies the nodeon the network. Some
network protocols, such as Ethernet andToken-Ring use the DLC addresses exclusively. Other protocols, such
as TCP/IP, use a logical address at the Network Layer to identify nodes. Ultimately, however, all network addresses
must be translated to DLC addresses. In TCP/IP networks, this translation is performed with the Address Resolution
Protocol (ARP).
For networks that conform to the IEEE 802 standards (e.g., Ethernet ), the DLC address is usually called the Media
Access Control (MAC) address.
address associated with it. A machine that recognizes the IP address as its
own returns a reply so indicating. ARP updates the ARP cache for future
reference and then sends the packet to the MAC address that replied.
Since protocol details differ for each type of local area network, there are
separate ARP Requests for Comments (RFC) for Ethernet, ATM, Fiber
Distributed-Data Interface, HIPPI, and other protocols.
The Ethernet address is a link layer address and is dependent on the interface card
which is used. IP operates at the network layer and is not concerned with the link
addresses of individual nodes which are to be used.The address resolution protocol
(arp) is therefore used to translate between the two types of address. The arp client
and server processes operate on all computers using IP over Ethernet. The processes
are normally implemented as part of the software driver that drives the network
interface card.
There are four types of arp messages that may be sent by the arp protocol. These are
identified by four values in the "operation" field of an arp message. The types of
message are:
1. ARP request
2. ARP reply
3. RARP request
4. RARP reply
The format of an arp message is shown below:
If a host changes the MAC address it is using, this can be detected by other hosts
when the cache entry is deleted and a fresh arp message is sent to establish the new
association. The use of gratuitous arp (e.g. triggered when the new NIC interface is
enabled with an IP address) provides a more rapid update of this information.
Example of use of the Address Resolution Protocol (arp)
The figure below shows the use of arp when a computer tries to contact a remote
computer on the same LAN (known as "sysa") using the "ping" program. It is
assumed that no previous IP datagrams have been received form this computer, and
therefore arp must first be used to identify the MAC address of the remote computer.
The arp request message ("who is X.X.X.X tell Y.Y.Y.Y", where X.X.X.X and
Y.Y.Y.Y are IP addresses) is sent using the Ethernet broadcast address, and an Ethernet
protocol type of value 0x806. Since it is broadcast, it is received by all systems in the
same collision domain (LAN). This is ensures that is the target of the query is
connected to the network, it will receive a copy of the query. Only this system
responds. The other systems discard the packet silently.
The target system forms an arp response ("X.X.X.X is hh:hh:hh:hh:hh:hh", where
hh:hh:hh:hh:hh:hh is the Ethernet source address of the computer with the IP address
of X.X.X.X). This packet is unicast to the address of the computer sending the query
(in this case Y.Y.Y.Y). Since the original request also included the hardware address
(Ethernet source address) of the requesting computer, this is already known, and
doesn't require another arp message to find this out.
Gratuitous ARP
Gratuitous ARP is used when a node (end system) has selected an IP address and then
wishes to defend its chosen address on the local area network (i.e. to check no other
node is using the same IP address). It can also be used to force a common view of the
node's IP address (e.g. after the IP address has changed).
Use of this is common when an interface is first configured, as the node attempts to
clear out any stale caches that might be present on other hosts. The node simply sends
an arp request for itself.
Proxy ARP
Proxy ARP is the name given when a node responds to an arp request on behalf of
another node. This is commonly used to redirect traffic sent to one IP address to
another system.
Proxy ARP can also be used to subvert traffic away from the intended recipient. By
responding instead of the intended recipient, a node can pretend to be a different node
in a network, and therefore force traffic directed to the node to be redirected to itself.
The node can then view the traffic (e.g. before forwarding this to the originally
intended node) or could modify the traffic. Improper use of Proxy ARP is therefore a