TCP/IP, a Closer Look

The OSI Model isn’t the only way that network engineers view networks. We can also use a second kind of model called the TCP/IP Model.

The TCP/IP Model is another model (Also known as Internet Protocol Suite) that helps us understand the set of rules and guidelines that allows computers to communicate over a TCP/IP network. All of the protocols that belong to the TCP/IP Protocol Suite belong to the TCP/IP Model. Both OSI and TCP/IP Models work to accomplish the same goal but in different ways.

The OSI Model was created way before TCP/IP Model; however TCP/IP became the industry standard model after the Department of Defence (DOD) created it to cover the shortcomings of the OSI Model.

TCP/IP consists of four major layers, one layer of which is equivalent to three layers of the OSI Model:

1. Application Layer
2. Transport Layer
3. Internet Layer
4. Network Access Layer

Figure 1-6.             Relationship between OSI and TCP/IP Models

Take a quick look at the OSI and TCP/IP Models and you will notice the following:

1. The Application Layer in TCP/IP consists of the first three layers of OSI from the top (application, presentation and session). The operating system usually handles those three layers so it makes more sense to put them all on one layer, rather than having them extend over three layers.
2. The Transport Layer on the other hand is the equivalent of the OSI Model’s Transport Layer. This is because this layer needs to make decisions regarding accessing a service based on the protocol and the port used. This layer is favored by firewalls and proxies since it allows them to control access to resources based on the rules set by the Network Admingineer.
3. The Network Layer in the OSI Model has been replaced by the Internet Layer, which includes the IP address.
4. The last layer of the TCP/IP Model is the Network Access Layer. Note that this layer gathers two layers of the OSI model together (the data link and the physical layers) because these layers are both hardware-based communication functions. Remember that the Data Link Layer contains the MAC address that is burned on the network card. The MAC address is also known by the network card’s physical address. Because MAC addresses aren’t changeable and burned on all network cards in the world by their manufacturers (unlike the physical network connection media like the network cables), they were gathered into one layer of the TCP/IP Layers called network access.

TCP/IP LAYERS INSIDE OUT

The four TCP/IP Layers work as one unit to accomplish a mission given by a device. Think about those layers as a traditional family. I remember when I was growing up my dad had jobs for everyone in our family. He worked to make ends meet for the family. My mom took care of cleaning the house and cooking, I was responsible for gathering the garbage and throwing it out, my younger brother was responsible for getting groceries

from the market, and the girls helped my mom. We were a team. In order for the family to survive, each of us took a responsibility and made sure it was done. The same thing is applicable here for the TCP/IP. Those layers have to work together to provide a connection cycle and ensure delivery of the information. This will ease the pressure on the TCP/IP Packets by dividing the workload between many layers.

Figure 1-7.             TCP/IP Layers and Corresponding Functions

The Application Layer consists of many protocols that applications use these days. These protocols are not limited by the number above; the above information is just an example of what each layer has inside of it. Note that some protocols belong to the TCP side and others belong to the UDP side, meaning that protocols HTTP, SMTP, and FTP operate over the TCP, while protocols DNS, RIP, and SNMP operate over the UDP. Before you allow access to an application, you must know which protocol the application operates over since you can manipulate and change the port number, but not the protocol. For example, you won’t be able to get e-mail from the outside world if your SMTP was set to receive e-mails over UDP rather than TCP.

You might now ask how TCP knows which applications need to be carried over it and which ones need to be carried over UDP? The answer lies in the application itself. The application chooses the carrier that it needs to use for communication back and forth between that application and the destination requested.

Port Numbers

The transport layer defines which carrier it uses to carry that application request to and which ports will be used to do this. Ports define for traffic the destination service that the traffic is looking for. If an application is looking for an FTP service, it will connect to the destination IP address over the TCP Port 21.

You should know the following facts about ports used in applications:

1. Internet Assigned Numbers Authority (IANA) assigns port numbers. You can find out the port numbers of all well-known applications at http://www.iana.org/assignments/port-numbers.
2. Devices on the network can use 65535 ports.
3. Two applications cannot use the same port to receive traffic if they are on the same computer and at the same IP address.
4. There are three types of port groups:
   1. Well-known ports: numbered from 0 to 1023
   1. Registered ports: numbered from 124 to 49151
   1. Private ports: numbered from 49152 to 65353

If TCP/IP Is the Most Popular, Why Did We Learn About the OSI Model?

Good question. Going back in time, the biggest problem with the OSI Model was the way it addressed the network devices. It was too complicated since you needed to define many factors before assigning a network address. A typical OSI Protocol Address was: 49004008002B1D615121. This is not a very friendly number; compare it with the IP address 10.1.1.1.

Another reason why TCP/IP took over from the OSI Model is because the Department of Defense adopted it. The Department of Defense developed TCP/IP and enhanced it throughout the years, which helped make TCP/IP the industry standard protocol that works on every network in the world. Personally, I don’t know of any network that uses OSI Protocol.

Since the OSI Model is divided into more layers, you have more freedom to refer to network associated services with the appropriate layer. As in “divide- and- conquer”, it’s always easier to use the OSI Model to troubleshoot a network connection and to help break down problems to the associated layer in the OSI Model. For example, when you hear two Engineer talking to each other, one of them might refer to the problem that he once had as a Layer 4 (Transport Layer) problem, which usually refers to a firewall or a proxy problem or Layer 6 (Session Layer) where a machine couldn’t establish a session to another. The detailed layers of the OSI Model made it more popular than TCP/IP to troubleshoot a connection.