In my last post, we explored the third layer of the OSI framework: the network layer. As we saw, switching and routing technologies are part of this layer, transmitting data from endpoint to endpoint. Routing technologies create logical paths.
We name these logical paths also “virtual circuits”: digital jumps that a data packet makes between all the different routers in a network. These are also the basics of the internet: data packs that jump from router to router on networks spread worldwide.
Subnet traffic control, frame fragmentation, logical- and physical address mapping, and subnet usage accounting are also all parts of this layer.
In this post, we move to the fourth layer of the model. This layer ensures that data packs are delivered error-free, in the correct sequence, and without losses or redundancies (duplications). The Transmission Control Protocol (TCP) secures the integrity of data packs that flow on networks, and TCP is the ingredient of the fourth layer I will discuss in this post.
Understanding TCP/IP
To understand TCP/IP networks, you need to know how the structures below these applications work. For instance, if you open three different applications on your telephone simultaneously, separate sessions are started that create packets of data coming in from two, three, or more computers. There is a mechanism that knows where to send and receive this data; without these mechanisms, you would not be able to open your applications. Transmission Control Protocol (TCP) / Internet Protocol (IP) ensures that sending and receiving data works appropriately.
A session is a primary networking term, and it is the communication between a computer and another computer. If you open an application on your telephone or a Web page on your computer, you connect with another computer: you make a session. All sessions start and eventually end.
The Transmission Control Protocol (TCP) enables this communication in a network. You do this by using the TCP/IP protocol suite. If you start an internet session, you start a web browser: you are the client. The computer that receives your request, for instance, a site you type into the browser window, runs a Web server: the server. Communication is always between a client from one side and a server from the other side.
Client – Server Connection
By entering an internet address in the browser, your device sends a single synchronize segment to the Web server. You call this an SYN. When the Web server receives this segment, it returns a synchronize segment and an acknowledge segment (to confirm receiving the segment you sent) back to you: an SYN, ACK segment. When you (the client) receive the SYN, ACK segment from the Web server, your computer sends back a single acknowledgment to the Web server to confirm that the SYN, ACK segment has been received by the client. This ACK immediately requests that the Web server starts by sending the Web page you want to visit. You call this the TCP three-way handshake.
After the Web server completes the web page sending, it wants to close the session. To start this closing process, it sends a final segment: FIN. Your computer receives this request and acknowledges the receiving of this request with another ACK. After that, your computer immediately sends its last (FIN) segment. The Web server receives ACK and FIN from your computer and sends back an acknowledgment after receiving both segments. This handshake closes the session: both parties acknowledged finishing the session, and it is closed.
This whole process is, in a nutshell, how the Transmission Control Protocol works. All are TCP segments, and most web-based applications use this protocol. The reason for this is that these kinds of sessions are connection-oriented. These sessions focus on checking errors. If a computer doesn’t see an “ACK” for an outstanding segment, the sender initiates sending the segment again.
TCP Header
I discussed the Ethernet frame in my post about the OSI layer 2. The TCP header is part of the IP packet in this Ethernet frame:
The TCP header has a source port and a destination port. Systems use these ports to define what kind of application you need to receive data, and your computer assigns every application to a specific port number. Web servers, for instance, use port 80 (HTTP) or 443 (HTTPS).
The client uses the source port number to remember which client application requested the data. The TCP header inside an IP packet store these values. In addition to a port, there is also another field. The Sequence and Acknowledgement numbers enable the sending and receiving computers to keep track of all the different pieces of data that flow back and forth between computers.
UDP
In addition to TCP, there is another protocol: the User Datagram Protocol (UDP). A UDP is most suitable for sessions between client and server that don’t require the overhead TCP uses in its protocols. A UDP header doesn’t use a sequence number, and an acknowledgment number TCP uses to ensure that all data packets are complete, unique, and without errors. UDP doesn’t need this check because the data doesn’t have to be perfect. You use UDP when you have lots of data that doesn’t have to be perfect or if you have systems that are very close to each other, making you run into trouble too small to keep you worrying about it. In the kingdom of animals, TCP would be a turtle, and UDP would be a hare. It’s super quick compared to TCP. You use UDP for applications that require speed but do not require frames to be perfect. For example, gaming and Voice over IP network applications use UDP. Just like the TCP Header, the UDP Header is part of the IP packet, but the inside differs compared to TCP:
UDP Frame Header
You don’t select TCP or UDP yourself: the applications written by the developers choose if the application uses TCP or UDP.
Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP) are two widespread networking protocols that use UDP. I know these protocols are application related, so officially, they are layer 7, but it’s worth mentioning them briefly.
DNS
The Domain Name System (DNS) allows you to use names associated with IP addresses for devices connected to the Internet and private intranets: Internet Protocol (IP) Networks. DNS is why you can type characters in your browser, like www.steampowered.com, which will get you to the page you want to visit instead of the number of the IP address. DNS uses UDP on port 53 by default.
DHCP
DHCP stands for Dynamic Host Configuration Protocol, and it also uses UDP. DHCP is an excellent example of communication without any physical connection. DHCP does not assume that another device is ready and waiting on the other side of a session. In each step of a DHCP session, the device sends information for the specific step without any confirmation. In the case of DHCP, it makes sense to send a connectionless datagram because the client won’t have an IP address when you start the three-way handshake. If the server doesn’t respond, the client will ask again. For this protocol, this is not a problem. Instead of one port number, DHCP uses two port numbers. Port number 68 is for sending and receiving data from the DHCP server. DHCP servers use Port 67 for sending and receiving data to and from the DHCP clients.
Final Thoughts
Layer 4 gives us a transparent data flow between end systems and/or hosts. It is also responsible for the recovery of errors between end-to-end data transfers and flow control, and layer 4 ensures that data transfer is complete.
There are more important layer 7 application protocols that I didn’t explain extensively. The below table shows all the protocols in short:
Feel free to contact me if you have questions or in case you have any additional advice/tips about this subject. If you want to keep in the loop if I upload a new post, do not forget to subscribe to receive a notification by email.
