TCP/IP Networking Model
TCP/IP Networking Model

This lecture will focus on the TCP/IP networking model, and will dive into the details of each of its 4 layers. The TCP/IP model, or otherwise sometimes referred to as the Internet Protocol Suite, is a set of communication protocols used for the majority of networks, for example both the Internet and private networks.


The TCP/IP model, or otherwise sometimes referred to as the internet protocol suite, is a set of communication protocols used for the majority of networks, for example, both the internet and private networks. The TCP/IP model was developed in the 1970s by the US Department of Defense, and precedes the development of the OSI model, which itself was developed in the 1980s. TCP/IP is named after two important protocols within it, the Transmission Control Protocol and the Internet Protocol. Whereas the OSI model presents an idealized network communications framework, the TCP/IP model is, in reality, the model that's used in real world networks. 

The main difference between the two models is that the OSI model has seven layers, whereas the TCP/IP model has just four layers. The OSI model translates to the TCP/IP model as follows. TCP/IP consists of four layers, not seven. Layer four is the application layer. Layer three is the transport layer. Layer two is the internet layer. Layer one is the network layer. TCP/IP combines several OSI layers into a single layer. This is the case for the application, presentation, and session layers. These are combined into a single application layer in the TCP/IP model. Similarly, the bottom two layers of the OSI model, the physical and data link layers, are combined into a single network layer in the TCP/IP model. 

In the TCP/IP model, each pair of equivalent layers between the sender and receiver sites is designed to operate with a particular protocol transmission unit, PTU. We'll now go through each of these individually. Between the application layers, the protocol transmission unit is a piece of data. Data represents the end user data as presented through the end user's application, for example, mail content within an email. Between the transport layers, the protocol transmission unit is either a segment for TCP or datagram for UTP. The Transmission Control Protocol takes the data from the application layer, and divides it into chunks, adding a TCP header, resulting in the creation of a TCP segment. Between the internet layers, the protocol transmission unit is a packet. Packets have logical addressing for remote delivery such as source and destination IP addresses. 

Packets are typically processed by routers, and are used to forward traffic between LANs or across networks. Between the network layers, the protocol transmission unit is a frame. Frames have physical addressing for remote delivery, such as source and destination MAC addresses. Frames are processed by switches, and are used to forward traffic within a LAN. Finally, on the physical medium, for example, a connecting cable, the protocol transmission unit is a bit. A bit may be one of many forms depending on the physical medium used, such as electrical or light signals, et cetera. Let's now walk through the process of how data encapsulation works within the TCP/IP stack. 

Starting at the top of the TCP/IP stack, the application layer adds a small header that is application-specific. For example, in the context of a web browser, the application layer will be manipulating HTTP headers. Next down the TCP/IP stack is the transport layer. The Transport Control Protocol accepts data from the upper layer, divides it into chunks, and adds a TCP header, creating a TCP segment. The internet layer then takes the segments from the previous upper layer, and adds in logical IP addressing for source and destination. This results in a packet. Finally, we arrive at the bottom of the TCP/IP stack, the network layer. The network layer concludes the encapsulation process, taking in packets from the previous upper layer, and adds in physical MAC addressing for source and destination. This results in a frame. 

The following diagram as presented here highlights how the transmission and routing of data occurs within the TCP/IP stack across the network. Starting on the left hand side, the sender application will forward application data to its network stack. The data will then be processed in a typical TCP/IP fashion in the sense that the data will pass down through each of the four layers in succession. As the message is passed through the internet layer, the messages will be tagged with a logical addressing scheme. In this case, source and destination IP addresses will be encapsulated into the message header before it's repackaged and passed to the network layer. The network layer will in turn encapsulate the message with physical addressing, i.e. MAC addresses. In this case, since the data is to be routed via a router, the destination MAC address will be that of the next router. 

As seen in the middle section of this diagram, the router receives the message, and begins to process it. The data is first processed by the network layer. The physical source and destination addresses contained inside each frame are examined to determine if the data has reached its final destination. If the data has reached the final destination, layer two then formats the data into packets to then be delivered up to the transport layer, layer three. Otherwise, the network layer passes the data up to the internet layer for routine decisions to be made, resulting in the data being forwarded back down to the lower layers, and out onto the next hub. This process repeats itself until the data arrives at its intended final destination, in this case, the right hand side of the diagram. 

Taking a packet capture of ICMP packets in flight on a network, we can open up and examine the encapsulation structure. As you can see, at the top of the structure, we have our ethernet frame. This sits at the outermost layer, and carries the physical addressing components, the source and destination MAC hexadecimal addresses. Next is the internet or IP layer that sits within the ethernet frame and carries the logical addressing components, the source and destination IP addresses. 

Next up is the ICMP header. ICMP is a special type of message that doesn't directly map to the transport layer, but moreso to the network layer. Finally, we arrive at the data section, which is encapsulated within the ICMP header. Since the TCP/IP model is by far the most dominant network model in use for all major networks, such as the internet, it's useful to understand and appreciate where the commonly used protocols fall within this layered model. For example, at the layer four, the application layer, we have the following example protocols: SMTP, FTP, and HTTP. The grouping together of these protocols is due to the fact that they are all connection-oriented protocols. Connection-oriented protocols leverage the layer three Transmission Control Protocol. The HCP, and DNS, this pair of protocols are connectionless protocols. Connectionless protocols leverage the layer three User Datagram Protocol. 

And finally, Ping. Ping is a special protocol that utilizes the layer three Internet Control Method Protocol. At layer three, the transport layer, we have the following protocols: TCP, UDP, ICMP. At layer two, the internet layer, we have the protocols such as ARP, IP. Finally, at the bottom layer, the network layer, we have protocols such as Ethernet. We'll now briefly go through each of the four core protocols used within the TCP/IP suite. First up is the layer two IP protocol. The Internet Protocol is the principal communications protocol in the TCP/IP suite. It's used for relaying packets and/or datagrams across network boundaries. Its routing functionality enables inter-networking, and essentially establishes the internet. The IP protocol contains logical addressing for source and destination endpoints. 

Next up is the layer three TCP protocol. The Transmission Control Protocol is a connection-oriented protocol optimized for reliable and accurate delivery over timely delivery of messages. TCP manages the process of splitting up large data streams into segments, ensuring that the delivery of individual segments is done both reliably and in order. Next up is the layer three UDP protocol. The User Datagram Protocol is a connectionless protocol, optimized for timely delivery of messages, and does so at the expense of ensuring reliable and accurate delivery. UDP is often used for media streaming and/or gaming where low latency delivery of data is important, and some loss of data can be tolerated. 

The last interesting protocol we'll cover off is the layer three ICMP protocol. The Internet Control Message Protocol is a network protocol used for troubleshooting and network management. The ICMP protocol is used to diagnose routing and delivery problems of IP packets. For example, the Ping command is used to generate ICMP echo requests. In this final TCP/IP diagram, we map out the relationship between each of the aforementioned protocols. For example, we can see here that the HTTP application protocol used between web browsers and web servers is a connection-oriented protocol, and as such, utilizes TCP for reliable and accurate delivery, which then in turn utilizes IP for logical addressing and routing across the internet, of which finally uses Ethernet to provide physical addressing.

About the Author
Learning Paths

Jeremy is a Content Lead Architect and DevOps SME here at Cloud Academy where he specializes in developing DevOps technical training documentation.

He has a strong background in software engineering, and has been coding with various languages, frameworks, and systems for the past 25+ years. In recent times, Jeremy has been focused on DevOps, Cloud (AWS, Azure, GCP), Security, Kubernetes, and Machine Learning.

Jeremy holds professional certifications for AWS, Azure, GCP, Terraform, Kubernetes (CKA, CKAD, CKS).

Covered Topics