TCP/IP
They are the most common protocols used on the internet for communication.
The IP part deals with the addressing and forwarding of data packets from source to destination while TCP part manages the reliability of the transmission.
A protocol simply defines a way of communication and its rules. These rules are defined by RFC (Request for Comments).
TCP/IP technically applies to network communications in which the TCP is used to deliver data across IP networks.For example Web browsers use TCP/IP to communicate with web servers , it also used to send email, chat online, and play online games.
- TCP divides a message or file into packets that are transmitted over the internet and then reassembled when they reach their destination.
- IP is responsible for the address of each packet so that it gets to the correct destination.
TCP/IP model
OSI Model is a reference/logical model.TCP/IP model is a concise version of the OSI model and is based on standard protocols. This suite encompasses a number of different protocols for different purpose and need.
Transmission of data is done in layers, each protocol on one layer do something complementary with what the others are doing. This set of layers is called a protocol stack.
For example, there is one stack HTTP - TCP - IP - WiFi. This means that when a computer is accessing a web page, it uses the
- HTTP protocol to get the web page in HTML,
- TCP controls the transmission,
- IP the channeling on the network (e.g the Internet), and
- WiFi the transmission on the local area network.
TCP/IP model is divided into 4 layers:
- Process/Application Layer - It standardizes data exchange for applications. Protocols include HTTP, FTP, POP3, SMTP, and SNMP (Simple Network Time Protocol).
- Host-to-Host/Transport Layer - handles communications between hosts and is responsible for flow control, reliability, and multiplexing. Protocols - TCP and UDP
- Internet/Networking Layer - It connects independent networks to transport the packets containing the data.Protocols - IP and ICMP
- Link Layer - It consists of methods and protocols that operate only on a link (the network component).Protocols - Ethernet and ARP (Address Resolution Protocol)
IP (Internet Protocol)
It defines the source and destination IP address of a packet as it traverses the internet.
Packet structure:
Row 1
- Version: IP version 4 or 6
- IHL: Defines the header length
- Type of Service (TOS): used for QOS (Quality of Service) Purposes like minimize delay, maximize throughput, maximize reliability, and minimize monetary cost.
There are lot of different type of data travelling in a network and some has higher importance than other. - Total Length: This defines the total length of the IP datagram (including the data) or the fragment.
Row 2
- Identification: This field uniquely identifies each packet. Critical for reassembling fragmented packets.
Fragmented ?
IP fragmentation is an Internet Protocol process that breaks packets into smaller pieces, so that the resulting pieces can pass through a link with a smaller maximum transmission unit than the original packet size.
Maximum Transmission Unit (MTU) is the largest frame/packet that can be transmitted over frame/packet based networks.
- IP Flags: This field defines whether the packet is fragmented (M) or not (D).
- It's can be manupulated to evade IDS and firewalls. It can also be used in conjunction with the Window field to identify the operating system of the sender.
- Fragment Offset: This field is used when packets are fragmented. It defines where the packets should be reassembled from the beginning of the IP header.
Row 3
- TTL (Time To Live) - It defines how many hops packet can survive across the internet before it expires. It varies by operating system making it useful to identify the OS of the sender.
- Protocol: This field defines what protocol is being used with IP such as protocol number of ICMP is 1, TCP is 6 and UDP is 17. It indicates which upper-layer protocol receives incoming packets after IP processing is complete.
- Header Checksum: This is an error checking field. It calculates the checksum (a simple algorithm) to determine the integrity of the data in the header.
Rows 4 & 5
- Source / Destination: These rows of the IP header contains the source and destination IP address
Row 6
- Options: This field is variable length and its use is optional
- Padding: This field is used to fill out, if necessary, the remaining bits and bytes of the header