LAYERS IN TCP/IP MODEL

The layers near the top are logically closer to the user application, while those near the bottom are logically closer to the physical transmission of the data. Viewing layers as providing or consuming a service is a method of abstraction to isolate upper layer protocols from the nitty-gritty detail of transmitting bits over, for example, Ethernet and collision detection, while the lower layers avoid having to know the details of each and every application and its protocol.

Two Internet hosts connected via two routers and the corresponding layers used at each hop

This abstraction also allows upper layers to provide services that the lower layers cannot, or choose not to, provide. Again, the original OSI Reference Model was extended to include connectionless services (OSIRM CL). For example, IP is not designed to be reliable and is a best effort delivery protocol. This means that all transport layer implementations must choose whether or not to provide reliability and to what degree. UDP provides data integrity (via a checksum) but does not guarantee delivery; TCP provides both data integrity and delivery guarantee (by retransmitting until the receiver acknowledges the reception of the packet). The following is a description of each layer in the TCP/IP networking model starting from the lowest level:

Physical Layer
The Physical Layer is pure hardware in any network infrastructure. This includes the cable, satellite or any other connection medium, and the network interface card, which transmits electrical signal. It is a fundamental layer underlying the logical data structures of the higher level functions in a network. The physical layer defines the means of transmitting raw bits rather than logical data packets over a physical link connecting network nodes. The bit stream may be grouped into code words or symbols and converted to a physical signal that is transmitted over a hardware transmission medium. The physical layer provides an electrical, mechanical, and procedural interface to the transmission medium.

Link Layer
The Link Layer (or Network Access Layer) is the networking scope of the local network connection to which a host is attached. This regime is called the link in Internet literature. This is the lowest component layer of the Internet protocols, as TCP/IP is designed to be hardware independent. As a result TCP/IP is able to be implemented on top of virtually any hardware networking technology. The Link Layer is used to move packets between the Internet Layer interfaces of two different hosts on the same link. The processes of transmitting and receiving packets on a given link can be controlled both in the software device driver for the network card, as well as on firmware or specialized chipsets. These will perform data link functions such as adding a packet header to prepare it for transmission, then actually transmit the frame over a physical medium. The TCP/IP model includes specifications of translating the network addressing methods used in the Internet Protocol to data link addressing, such as Media Access Control (MAC), however all other aspects below that level are implicitly assumed to exist in the Link Layer, but are not explicitly defined. This is also the layer where packets may be selected to be sent over a virtual private network or other networking tunnel. In this scenario, the Link Layer data may be considered application data which traverses another instantiation of the IP stack for transmission or reception over another IP connection. Such a connection, or virtual link, may be established with a transport protocol or even an application scope protocol that serves as a tunnel in the Link Layer of the protocol stack. Thus, the TCP/IP model does not dictate a strict hierarchical encapsulation sequence.

Internet Layer
The Internet Layer solves the problem of sending packets across one or more networks. Internetworking requires sending data from the source network to the destination network. This process is called routing. In the Internet Protocol Suite, the Internet Protocol performs two basic functions: Host addressing and identification: This is accomplished with a hierarchical addressing system (see IP address). Packet routing: This is the basic task of getting packets of data (datagrams) from source to destination by sending them to the next network node (router) closer to the final destination.

IP can carry data for a number of different upper layer protocols. These protocols are each identified by a unique protocol number: for example, Internet Control Message Protocol (ICMP) and Internet Group Management Protocol (IGMP) are protocols 1 and 2, respectively. Some of the protocols carried by IP, such as ICMP (used to transmit diagnostic information about IP transmission) and IGMP (used to manage IP Multicast data) are layered on top of IP but perform internetworking functions. This illustrates the differences in the architecture of the TCP/IP stack of the Internet and the OSI model.

Various protocols used in the INTERNET LAYER are:

1) Internet Protocol (IP):
IP is responsible for several tasks, most importantly determining a route to the description. In addition, IP is responsible for the packing of messages into small network-transportable packets, called datagrams. IP is used with almost all TCP protocols, sitting at the bottom of the TCP protocol stack just above the network-layers. IP has no control over whether messages sent and received are intact. All IP does is handle the sending and receiving, leaving it up to the next higher layer, usually TCP or UDP, to take care of any problems that occur with lost or damaged data.

2) Internet Control Message Protocol (ICMP):

ICMP is a special form of IP used to handle error and status messages between IP layers on different machines. Whenever one IP layer has to send information to another, it uses ICMP. Also, whenever IP software detects an error of some sort, it uses ICMP to send reports to the other machine. Probably the most common use of ICMP is for the ping command, which checks whether a machine is responsive by sending a small ICMP message to the machine and waiting for a reply.

Transport Layer
The Transport Layer's responsibilities include end-to-end message transfer capabilities independent of the underlying network, along with error control, segmentation, flow control, congestion control, and application addressing (port numbers). End to end message transmission or connecting applications at the transport layer can be categorized as either connection-oriented, implemented in Transmission Control Protocol (TCP), or connectionless, implemented in User Datagram Protocol (UDP). The Transport Layer can be thought of as a transport mechanism, e.g., a vehicle with the responsibility to make sure that its contents (passengers/goods) reach their destination safely and soundly, unless another protocol layer is responsible for safe delivery. The Transport Layer provides this service of connecting applications through the use of service ports. Since IP provides only a best effort delivery, the Transport Layer is the first layer of the TCP/IP stack to offer reliability. IP can run over a reliable data link protocol such as the High-Level Data Link Control (HDLC). Protocols above transport, such as RPC, also can provide reliability.

For example, the Transmission Control Protocol (TCP) is a connection-oriented protocol that addresses numerous reliability issues to provide a reliable byte stream: data arrives in-order data has minimal error (i.e. correctness) duplicate data is discarded lost/discarded packets are resent includes traffic congestion control

The newer Stream Control Transmission Protocol (SCTP) is also a reliable, connection-oriented transport mechanism. It is Message-stream-oriented not byte-stream-oriented like TCP and provides multiple streams multiplexed over a single connection. It also provides multi-homing support, in which a connection end can be represented by multiple IP addresses (representing multiple physical interfaces), such that if one fails, the connection is not interrupted. It was developed initially for telephony applications (to transport SS7 over IP), but can also be used for other applications. TCP and UDP are used to carry an assortment of higher-level applications. The appropriate transport protocol is chosen based on the higher-layer protocol application. For example, the File Transfer Protocol expects a reliable connection, but the Network File System (NFS) assumes that the subordinate Remote Procedure Call protocol, not transport, will guarantee reliable transfer. Other applications, such as VoIP, can tolerate some loss of packets, but not the reordering or delay that could be caused by retransmission. The applications at any given network address are distinguished by their TCP or UDP port. By convention certain well known ports are associated with specific applications.

1) Transmission Control Protocol (TCP):

TCP is used primarily to verify that whatever was sent by the sending machine is received intact by the destination. TCP is called a reliable delivery protocol, meaning that it makes sure everything sent was received properly. TCP adds a header to the front of each message that contains checksums, numbering, and other reliability information to ensure that every packet sent is received without modification. If there is a transmission problem, TCP takes care of resending the information. TCP sits between the application and the IP layer on each machine, acting as a packaging layer for application data and a delivery mechanism of sending packets to an application. TCP usually runs with IP, but it can work with other protocols. TCP is a connection-based protocol, meaning that the sending and the destination machines communicate with each other by sending status messages back and forth. If the connection is lost because of routing problems or machine failures, errors are sent to the applications that use TCP. Some service use TCP to maintain a connection between two machines, notably FTP or Telnet, both of which enable you to move files and commands back and forth between two machines as if you were logged into both at the same time.

2) User Datagram Protocol (UDP):

UDP is an alternative to TCP. It is a connection-less protocol, meaning that the sending and receiving machine are not constantly connected to each other. They can send status messages back and forth to indicate reception of packets, but there is no constant connection maintained. UDP is used by services that do not require a connection, such as the TFTP, DNS, NFS, and RPC. Because of the lack of a connection, UDP is often thought of as a less reliable delivery protocol than TCP, although other protocols can pick up the tasks that TCP offers. UDP sits in the layer between the applications and IP. UDP usually uses IP to handle its packets.

Application Layer
The Application Layer refers to the higher-level protocols used by most applications for network communication. Examples of application layer protocols include the File Transfer Protocol (FTP) and the Simple Mail Transfer Protocol (SMTP). Data coded according to application layer protocols are then encapsulated into one or (occasionally) more transport layer protocols (such as the Transmission Control Protocol (TCP) or User Datagram Protocol (UDP)), which in turn use protocols to effect actual data transfer. Since the IP stack defines no layers between the application and transport layers, the application layer must include any protocols that act like the OSI's presentation and session layer protocols. This is usually done through libraries. Application Layer protocols generally treat the transport layer (and lower) protocols as "black boxes" which provide a stable network connection across which to communicate, although the applications are usually aware of key qualities of the transport layer connection such as the end point IP addresses and port numbers. As noted above, layers are not necessarily clearly defined in the Internet protocol suite. Application layer protocols are most often associated with clientserver applications, and the commoner servers have specific ports assigned to them by the IANA: HTTP has port 80; Telnet has port 23; etc. Clients, on the other hand, tend to use ephemeral ports, i.e. port numbers assigned at random from a range set aside for the purpose. Transport and lower level layers are largely unconcerned with the specifics of application layer protocols. Routers and switches do not typically "look inside" the encapsulated traffic to see what kind of application protocol it represents, rather they just provide a conduit for it. However, some firewall and bandwidth throttling applications do try to determine what's inside, as with the Resource Reservation Protocol (RSVP). It's also sometimes necessary for Network Address Translation (NAT) facilities to take account of the needs of particular application layer protocols. (NAT allows hosts on private networks to communicate with the outside world via a single visible IP address using port forwarding, and is an almost ubiquitous feature of modern domestic broadband routers).

Various protocols used in APPLICATION LAYER are:

1) Telnet:
The Telnet service provides a remote login capability. This lets a user on one machine log into another machine and act as if they are directly in front of the second machine. The connection can be anywhere on the local network, or on another network anywhere in the world, as long as the user has permission to log into the remote system. Telnet uses TCP to maintain a connection between two machines.

2) File Transfer Protocol (FTP):

FTP enables a file on one system to be copied to another system. Users don't actually log in as full users to the machine they want to access but instead use the FTP service to provide access. The remote machine must be set up with the permissions necessary to provide the user access to the files. FTP uses TCP to create and maintain a connection between source anddestination machines. Once the connection to a remote machine has been established, FTP enables you to copy one or more files to your machine. The termtransfer implies that the file is moved from one system to another, but the original is not affected, files are copied from one system to another.

3) Simple Mail Transfer Protocol (SMTP):

SMTP is one protocol used for transferring electronic mail. Transparent to the user. SMTP connects to different machines and transfers mail messages, much like FTP transfers files.

4) Domain Name System (DNS):

DNS enables a device with a common name to be converted to a special network address. DNS provides the conversion from a common local name to the unique physical address of the device's network connection.

5) Simple Network Management Protocol (SNMP):

SNMP is a network management protocol. SNMP uses UDP as a transportmechanism. SNMP relies on several terms from TCP/IP standard specifications, working with managers and agents instead of clients and servers. An agent provides information about a device, whereas a manager communicates across the network.

6) Network File Server (NFS):

NFS is used to transparently enable multiple machines to access each other's directories. NFS accomplishes this by using a distributed filesystem scheme. NFS systems are common in large corporate environments.

7) Remote Procedure Calls (RPC):

RPC are programming functions that enable an application to communicate with another machine, the server. They provide the programming functions, return codes, and predefined variables to support distributed computing.

8) Trivial File Transfer Protocol (TFTP):

TFTP is a very simple, unsophisticated file transfer protocol that lacks ant security. It uses UDP as a transport. Although not as sophisticated or as fast as FTP, TFTP can be used on many systems that do not enable FTP access. In some ways, TFTP can be analogous to an e-mail message requesting and receiving a file instead of a text body.

9) BOOT Protocol (BOOTP):

The BOOT Protocol, called BOOTP, is used to start up machines on a network that do not have their own hard drives or storage devices containing operating systems and network information. BOOTP is used for X-terminals and other diskless workstations. 10)

Address Resolution Protocol (ARP):

ARP is one of several protocols that helps determine addresses on a network. ARP works with IP to set routes to a destination. ARP converts an IP address to a network interface hardware address.

11) Reverse address Resolution Protocol (RARP):

RARP as its name suggest, is the reverse process of ARP. RARP uses a networkinterface hardware address and from that produces the IP address, whereas ARP produces the IP address from the hardware address.

12) Network Time Protocol (NTP):

NTP is used to synchronise clocks across a network. This is important because many packets have a prespectified amount of time to reach their routes. If a clock on one machine is inaccurate, the timers in the packet might expire prematurely. Time is also used to build efficient routing tables that let IP determine the fastest route to a destination.

Figure shows the TCP/IP family tree.

Example of TCP/IP:
The role of layering in TCP/IP may be illustrated by an example network scenario (right-hand diagram), in which two Internet host computers communicate across local network boundaries constituted by

their internetworking routers. The application on each host executes read and write operations as if the processes were directly connected to each other by some kind of data pipe, every other detail of the communication is hidden from each process. The underlying mechanisms that transmit data between the host computers are located in the lower protocol layers. The transport layer establishes host-to-host connectivity, meaning it handles the details of data transmission that are independent of the structure of user data and the logistics of exchanging information for any particular specific purpose. The layer simply establishes a basic data channel that an application uses in its task-specific data exchange. For this purpose the layer establishes the concept of the port, a numbered logical construct allocated specifically for each of the communication channels an application needs. For many types of services, these port numbers have been standardized so that client computers may address specific services of a server computer without the involvement of service announcements or directory services. The transport layer operates on top of the internet layer. The internet layer is not only agnostic of application data structures as the transport layer, but it also does not distinguish between operation of the various transport layer protocols. It only provides an unreliable datagram transmission facility between hosts located on potentially different IP networks by forwarding the transport layer datagrams to an appropriate next-hop router for further relaying to its destination. With this functionality, the internet layer makes possible internetworking, the interworking of different IP networks, and it essentially establishes the Internet. The Internet Protocol is the principal component of the internet layer, and it defines two addressing systems to identify network hosts computers, and to locate them on the network. The original address system of the ARPANET and its successor, the Internet, is Internet Protocol version 4 (IPv4). It uses a 32-bit IP address and is therefore capable of identifying approximately four billion hosts. This limitation was eliminated by the standardization of Internet Protocol version 6 (IPv6) in 1998, and beginning production implementations in approximately 2006. The lowest layer in the Internet protocol suite is the link layer. It comprises the tasks of specific networking requirements on the local link, the network segment that a host's network interface is connected to. This involves interacting with the hardware-specific functions of network interfaces and specific transmission technologies.

Successive encapsulation of application data descending through the protocol stack before transmission on the local network link

As the user data, first manipulated and structured in the application layer, is passed through the descending layers of the protocol stack each layer adds encapsulation information as illustrated in the diagram (right). A receiving host reverses the encapsulation at each layer by extracting the higher level data and passing it up the stack to the receiving process.