1-4 TCP/IP Model

As mentioned earlier, the OSI reference model and the TCP/IP model are two open standard networking
models that are very similar. However, the latter has found more acceptance today and the TCP/IP
protocol suite is more commonly used. Just like the OSI reference model, the TCP/IP model takes a
layered approach. In this section we will look at all the layers of the TCP/IP model and various protocols
used in those layers.

The TCP/IP model is a condensed version of the OSI reference model consisting of the following 4 layers:

 Application Layer
 Transport Layer
 Internet Layer
 Network Access Layer

The functions of these four layers are comparable to the functions of the seven layers of the OSI model.
Figure 1-9 shows the comparison between the layers of the two models.

The following sections discuss each of the four layers and protocols in those layers in detail.

Figure 1-9 Comparison between TCP/IP and OSI models

Application Layer

The Application Layer of the TCP/IP Model consists of various protocols that perform all the functions of
the OSI model’s Application, Presentation and Session layers. This includes interaction with the
application, data translation and encoding, dialogue control and communication coordination between
systems.
The following are few of the most common Application Layer protocols used today:

Telnet – Telnet is a terminal emulation protocol used to access the resourses of a remote host. A host,
called the Telnet server, runs a telnet server application (or daemon in Unix terms) that receives a
connection from a remote host called the Telnet client. This connection is presented to the operating
system of the telnet server as though it is a terminal connection connected directly (using keyboard and
mouse). It is a text-based connection and usually provides access to the command line interface of the
host. Remember that the application used by the client is usually named telnet also in most operating
systems. You should not confuse the telnet application with the Telnet protocol.

HTTP – The Hypertext Transfer Protocol is foundation of the World Wide Web. It is used to transfer
Webpages and such resources from the Web Server or HTTP server to the Web Client or the HTTP
client. When you use a web browser such as Internet Explorer or Firefox, you are using a web client. It
uses HTTP to transfer web pages that you request from the remote servers.

FTP – File Transfer Protocol is a protocol used for transferring files between two hosts. Just like telnet
and HTTP, one host runs the FTP server application (or daemon) and is called the FTP server while the
FTP client runs the FTP client application. A client connecting to the FTP server may be required to
authenticate before being given access to the file structure. Once authenticated, the client can view
directory listings, get and send files, and perform some other file related functions. Just like telnet, the
FTP client application available in most operating systems is called ftp. So the protocol and the
application should not be confused.

SMTP – Simple Mail Transfer Protocol is used to send e-mails. When you configure an email client to
send e-mails you are using SMTP. The mail client acts as a SMTP client here. SMTP is also used
between two mails servers to send and receive emails. However the end client does not receive emails
using SMTP. The end clients use the POP3 protocol to do that.

TFTP – Trivial File Transfer Protocol is a stripped down version of FTP. Where FTP allows a user to see
a directory listing and perform some directory related functions, TFTP only allows sending and receiving
of files. It is a small and fast protocol, but it does not support authentication. Because of this inherent
security risk, it is not widely used.

DNS – Every host in a network has a logical address called the IP address (discussed later in the
chapter). These addresses are a bunch of numbers. When you go to a website such as www.cisco.com
you are actually going to a host which has an IP address, but you do not have to remember the IP
Address of every WebSite you visit. This is because Domain Name Service (DNS) helps map a name
such as www.cisco.com to the IP address of the host where the site resides. This obviously makes it
easier to find resources on a network. When you type in the address of a website in your browser, the
system first sends out a DNS query to its DNS server to resolve the name to an IP address. Once the
name is resolved, a HTTP session is established with the IP Address.

DHCP – As you know, every host requires a logical address such as an IP address to communicate in a
network. The host gets this logical address either by manual configuration or by a protocol such as
Dynamic Host Configuration Protocol (DHCP). Using DHCP, a host can be provided with an IP address
automatically. To understand the importance of DHCP, imagine having to manage 5000 hosts in a
network and assigning them IP address manually! Apart from the IP address, a host needs other
information such as the address of the DNS server it needs to contact to resolve names, gateways,
subnet masks, etc. DHCP can be used to provide all these information along with the IP address.

Transport Layer
The protocols discussed above are few of the protocols available in the Application layer. There are many
more protocols available. All of them take the user data and add a header and pass it down to the
Transport layer to be sent across the network to the destination. The TCP/IP transport layer’s function is
same as the OSI layer’s transport layer. It is concerned with end-to-end transportation of data and setups
up a logical connection between the hosts.

Two protocols available in this layer are Transmission Control Protocol (TCP) and User Datagram
Protocol (UDP). TCP is a connection oriented and reliable protocol that uses windowing to control the
flow and provides ordered delivery of the data in segments. On the other hand, UDP simply transfers the
data without the bells and whistles. Though these two protocols are different in many ways, they perform
the same function of transferring data and they use a concept called port numbers to do this. The
following sections cover port numbers before looking into TCP and UDP in detail.

Port Numbers

A host in a network may send traffic to or receive from multiple hosts at the same time. The system would
have no way to know which data belongs to which application. TCP and UDP solve this problem by using
port numbers in their header. Common application layer protocols have been assigned port numbers in
the range of 1 to 1024. These ports are known as well-known ports. Applications implementing these
protocols listen on these port numbers. TCP and UDP on the receiving host know which application to
send the data to based on the port numbers received in the headers.

On the source host each TCP or UDP session is assigned a random port number above the range of
1024. So that returning traffic from the destination can be identified as belonging to the originating
application. Combination of the IP address, Protocol (TCP or UDP) and the Port number forms
a socket at both the receiving and sending hosts. Since each socket is unique, an application can send
and receive data to and from multiple hosts. Figure 1-10 shows two hosts communicating using TCP.
Notice that the hosts on the left and right are sending traffic to the host in the center and both of them are
sending traffic destined to Port 80, but from different source ports. The host in the center is able to handle
both the connections simultaneously because the combination of IP address, Port numbers and Protocols
makes each connection different.

Figure 1-10 Multiple Sessions using Port Numbers

Table 1-1 shows the transport layer protocol and port numbers used by different common application
layer protocols.

Table 1-1 Well-known Port Numbers

Application Protocol Transport Protocol Port Number

HTTP TCP 80
 HTTPS TCP 443

FTP (control) TCP 21

FTP (data) TCP 20

SSH TCP 22

Telnet TCP 23

DNS TCP, UDP 53

SMTP TCP 25

TFTP UDP 69

Exam Alert: It is important to remember the well-know port numbers and which application layer protocol they are
assigned to as you will see this on your CCNA exam in a multiple choice question or an access-list question.