14.1 Protocols

Specification

• show understanding of why a protocol is essential for communication between computers

• show understanding of how protocol implementation can be viewed as a stack, where each layer has its own functionality

• show understanding of the TCP/IP Protocol Suite:

  • Purpose and function of each layer of the TCP/IP protocol suite (application, Transport, Internet, Link)

  • application when a message is sent from one host to another on the Internet

• show understanding of protocols (HTTP, FTP, POP3, IMAP, SMTP, BitTorrent) and their purposes

Notice

This section contains just the key elements for Unit 14.1.  You need to make use of the resources provided in the lesson notes, CAIE's section notes as well as your own research.  In terms of the specification, no specific mention is made of OSI, but CIE do go into detail in their support notes, so make sure you at least understand its purpose, briefly review the different layers and the key principle that it does not make specific reference to any protocol and provides a model on which actually implemented protocol stacks can reference.  Certainly all information on this page should be read and understood, but again, this alone will not satisfy the full specification's requirements.

Finally, there is no agreement on the names (or number of layers) within the TCP/IP suite.  CAIE have gone with the 'traditional' common names, but opted for link rather than network.  You will most likely be penalised if you do not use link, as it is within the specification.

Introduction to Network Stacks

OSI 7 Layer model & Packets

OSI Introduction

The videos and lessons go into more detail than here, but in summary, the OSI model is purely that, a template which sets out how protocols should communicate, spit into functionality.  The majority of this section is taken from this very useful website.

It splits the functions or processes into seven groups that are described as layers. When protocols or other standards are developed by other organisations such as the American National Standards Institute (ANSI), Institute of Electrical and Electronic Engineers (IEEE), and the International Telecommunications Union (ITU), they are placed into a layer of the model to help with communication protocol integration and conceptual understanding. The majority of major network and computer vendors, large commercial entities, and governments support the use of the OSI model. Each of the layers of the OSI model is intended to function with those above and below it respectfully within the model definition.

The OSI model defines standards for:

• • The way in which devices communicate between each other.

  • The means used to inform devices when to send data and when not to transmit data.

  • The methods which ensure that devices have a correct data flow rate

  • The means used to ensure that data is passed to, and received by the intended recipient.

  • The manner in which physical transmission media is arranged and connected.

How Do Real World Protocols Map to the OSI Model?

The following are commonly used or implemented protocols mapped to the appropriate layer of the OSI Model (as best as they can be mapped). The problem with mapping well-known protocols to the OSI is that there is not a specific (or even general) agreement on how the protocols map to the model layers.

    Layer Name         Common Protocols

    7 Application     SSH, FTP, telnet

    6 Presentation HTTP, SNMP, SMTP

    5 Session         RPC, Named Pipes, NETBIOS

    4 Transport         TCP, UDP

    3 Network         IP

    2 Data Link         Ethernet

    1 Physical         Cat-5

You can see, in the TCP/IP section, how that specific protocol suite maps the different protocols (which are fixed).

Understanding Network Protocols and the OSI Model

Specific protocols function at each layer of the OSI model to assist in enabling the particular layer to perform its associated functions. The network protocols enable data to be communicated between computers. When protocols function together to provide layers of the OSI model, they are referred to as a protocol suite or protocol stack.

When network protocols function together to move data between computers, the following process usually occurs:

• 1. The data is broken into smaller chunks of data. These chunks of data are called packets.

  2. To identify the destination computer, addressing information is added to the data packets.

  3. The data is then moved to the network card for transmission over the network.

  4. At the receiving computer, the data packets are accepted from the network card.

  5. Any transmission information which was appended to the packet by the sending computer is removed.

  6. The packet is reassembled into the original message.

From the above process, you can see that network protocols assemble, change, and disassemble packets as data is moved through the protocol stack.

The components that make up a packet are listed below:

• • Source address; this address identifies the computer sending the data.

  • Destination address; this address identifies the receiver of the data.

  • Information which define the manner in which the computer should send the data.

  • Reassembly information.

  • Packet payload; this is the data which should be sent to the destination computer.

  • Error-checking information

A packet is divided into three segments, which in turn include those components which are listed above:

• • Header: The header includes the following:

    • A signal which indicates that data is being sent

    • Source address

    • Destination address

    • Clock information needed for synchronization of the data transmission.

  • Data: This segment of the packet contains the data which is being sent to the receiving computer.

  • Trailer: The trailer segment of a packet normally includes a cyclic redundancy check (CRC) which verifies that the packet is undamaged.

Computers communicate using connection-oriented protocols, and connectionless protocols.

• • Connectionless protocols: A good example of a connectionless protocol is the User Datagram Protocol (UDP). Connectionless protocols provide no verification that data was delivered. These protocols operate well in networks that have a light load. Connectionless protocols tend to fail in large networks that have a heavy load.

  • Connection-orientated protocols: The Transmission Control Protocol (TCP) of the TCP/IP protocol suite is a connection-orientated protocol. Connection-orientated protocols provide verification that data was delivered. These protocols guarantee the reliable delivery of data.

With reference to the OSI model, protocols are categorised as follows:

• • Network protocols: These protocols deal with:

    • Routing

    • Addressing

    • Error detection

    • re-transmission requests

  • Transport protocols: These protocols enable sessions to be established and maintained between computers.

  • Application protocols: These protocols enable:

    • Applications to interact

    • Data to be exchanged

The protocols stacks typically used in networks are listed below:

• • TCP/IP (universally adopted protocol and covered in the CIE specification)

  • AppleTalk (Apple's proprietary format)

  • NetWare (Novel proprietary format)

  • NetBIOS

TCP/IP

TCP/IP: TL;DR:

The following is modified from the following the BYJU's networking page.

Introduction to the TCP/IP Model

The TCP/IP model is a part of the Internet Protocol Suite. This model acts as a communication protocol for computer networks and connects hosts on the Internet. It is a concise version of the OSI Model and comprises four layers in its structure. 

Before, diving deep into the different aspects of the structure, refer to the table below and know about some basic and introductory features of the model:

Basics of TCP/IP Model

Full-Form Transmission Control Protocol/ Internet Protocol

Developed By Department of Defence (DoD), United States during the 1970s

Function of TCP Collecting and Reassembling Data Packets

Function of IP Sending the Data Packets to the correct destination

Layers of the TCP/IP Model

Unlike the OSI model which comprises seven layers, the TCP/IP model is structured with four different layers. These four layers are:

1. Link Layer

2. Internet Layer

3. Transport Layer

4. Application Layer

1. Network Access Layer

• This is the bottom-most layer of the TCP/IP model architecture. 

• It is a combination of the Data Link and Physical Layer of the OSI model

• The physical transmission of data takes place at this layer

• Once the frames are transmitted by a network, encapsulating the IP datagram into these frames is done in this layer

• Also, the mapping of IP address into physical address is done here (often the MAC address)

• Mainly, the function of this layer is to transmit the data between two devices, connected in a network

2. Internet Layer

• It is the second layer of the TCP/IP model

• Sending the data packets to their destination network is the main function of the Internet layer

• The logical transmission of data takes place at this level

• IP is the key protocol to know in this layer: One of the most important protocols as it detects the IP address of a device which is later used for internetwork connections. It is using this protocol that the path with which the data shall be transmitted is decided. There are two common IP versions which are used, To know the difference between IPv4 and IPv6, visit the linked article.

3. Transport Layer

• The error-free delivery of data is the main function of this layer

• There are two main protocols present in this layer:

  • TCP: Another integral part, the Transmission Control Protocol is a reliable communication protocol. It manager the flow of data, i.e. the sequence and segmentation of the data

  • UDP: It is a connection-free protocol which makes it cost-effective but less reliable. 

4. Application Layer

• The topic three layers of the OSI Model: Application, Presentation and Sessions, when combined together, they perform similar functions as the Application Layer of the TCP/IP model

• node-to-node communication based on the user-interface occurs here

• Multiple protocols are present in this layer, a few common ones have been mentioned below in brief:

  • HTTP: Hypertext Transfer Protocol is used to manage the communication between the server and web browsers

  • NTP: Network Time Protocol can set one standard time source in our computer, which enables sync between the server and the user

  • FTP: File Transfer Protocol, as the name suggests allows easy transferring of files

  • Other protocols of Application layer include Network File System (NFS), Secure Shell (SSH), Simple Mail Transfer Protocol (SMTP), Trivial File Transfer Protocol (TFTP), etc. 

TCP/IP: In Detail

The Internet protocol suite (Aka. TCP/IP protocol suite) is based off the OSI model covered above. 

The TCP/IP (Transmission Control Protocol / Internet Protocol) was created in the 1970s by DARPA. The model came from ARPANET and is also referred to as the “Internet Model”. The TCP/IP model defines four abstraction layers instead of seven.

It provides end-to-end connectivity and addresses the formatting, addressing, transmittal, routing, and how to receive data. The four layer TCP/IP model is often compared to the OSI Reference Model. A major difference between the two definitions is that TCP/IP is descriptive while the OSI Reference Model was intended to be prescriptive. The related protocols and model itself for TCP/IP are maintained by the IETF (Internet Engineering Task Force).

TCP/IP Model Functions

The TCP/IP Model has four functions. Starting from the lowest level, these include the Network Interface Layer, , the Internet, and the transport layers with the application layer coming last (communicating directly with programs).

Network Interface Layer – Also called Network Access Layer - consists of the hardware and includes the network interface card, connection cable, satellite, etc (equivalent to the OSI physical layer).  It also merges the OSI's data link layer to provide the local network connection that a host is attached. The lowest layer of IP, it is used to move data packets between the Internet Layer interfaces of two hosts on the same link (networking hardware (e.g. router) will connect separate links together). Controlling the process can be accomplished in either the software driver for the network card or via firmware in the chipset. 

    The Network Interface Layer will have to interact with LAN network technologies including:

• • Ethernet

  • Tokenring

  • Fibre-optic (sometimes called FDDI - Fiber Distributed Data Interface)

As its name suggests, this layer represents the place where the actual TCP/IP protocols running at higher layers interface to the local network. This layer is somewhat “controversial” in that some people don't even consider it a “legitimate” part of TCP/IP. This is usually because none of the core IP protocols run at this layer. Despite this, the network interface layer is part of the architecture. It is equivalent to the data link layer (layer two) in the OSI Reference Model and is also sometimes called the link layer. You may also see the name network access layer.  The official text book actually ignores this part of the protocol.

On many TCP/IP networks, there is no TCP/IP protocol running at all on this layer, because it is simply not needed. For example, if you run TCP/IP over an Ethernet, then the Ethernet protocol handles OSI layers two and one functions. 

NOTE: However, the TCP/IP standards do define protocols for TCP/IP networks that do not have their own OSI layer two implementation. These protocols, the Serial Line Internet Protocol (SLIP) and the Point-to-Point Protocol (PPP), serve to fill the gap between the network layer and the physical layer. They are commonly used to facilitate TCP/IP over direct serial line connections (such as dial-up telephone networking) and other technologies that operate directly at the physical layer.  This is not important for the exam, but goes someway to explaining some of the perceived anomalies between the textbook and Internet resources.

Internet Layer – Handles the problem of sending data packets to or across one or more networks to a destination address in the routing process.

Transport Layer – The Transport Layer is responsible for end-end message transfer capabilities that are independent of the network. The specific tasks in this layer include error, flow, and congestion control, port numbers, and segmentation. Message transmission at this layer can either be connection-based as defined in TCP, or connectionless as implemented in the User Datagram Protocol (UDP). 

The Internet Protocol performs two functions:

1 – Host identification and addressing. This function uses a hierarchical addressing system referred to as the IP address.

2 – Packet routing.This is the task of moving data packets from the source to destination host by sending the information to the next router or network node that is closer to the final destination. Information can be transported that relates to a number of upper layer protocols which are identified by a unique protocol number. 

Application Layer - The interface between applications (e.g. file transfer, e-mail, web browsing) and the network. Data/messages from applications are passed to / received from the Transport Layer. 

Note:  The second version of TCP/IP actually splits the network access layer into two separate layers, as in the OSI reference model.  CIE have not yet reflected this change (nor has most of the Internet), but in conducting your own Internet research, you may come across as TCP/IP 5 layer model.

IP Addresses

In order for systems to locate each other in a distributed environment, nodes are given explicit addresses that uniquely identify the particular network the system is on and uniquely identify the system to that particular network. When these two identifiers are combined, the result is a globally-unique address.

This address, known as “IP address”, as “IP number”, or merely as “IP” is a code made up of numbers separated by three dots that identifies a particular computer on the Internet. These addresses are actually 32-bit binary numbers, consisting of the two subaddresses (identifiers) mentioned above which, respectively, identify the network and the host to the network, with an imaginary boundary separating the two. An IP address is, as such, generally shown as 4 octets of numbers from 0-255 represented in decimal form instead of binary form.

For example, the address 168.212.226.204 represents the 32-bit binary number 10101000.11010100.11100010.11001100.

The binary number is important because that will determine which class of network the IP address belongs to.

What is a Subnet Mask?

The location of the boundary between the network and host portions of an IP address is determined through the use of a subnet mask. This is another 32-bit binary number which acts like a filter when it is applied to the 32-bit IP address. By comparing a subnet mask with an IP address, systems can determine which portion of the IP address relates to the network and which portion relates to the host. Anywhere the subnet mask has a bit set to “1”, the underlying bit in the IP address is part of the network address. Anywhere the subnet mask is set to “0”, the related bit in the IP address is part of the host address.

IF THE CLASS CAN BE DETERMINED BY THE IP ADDRESS, WHY DO WE NEED SUBNETS?

The class of IP address is only a small part.  Each class of addresses can and is broken into many sub networks within the same class.  The subnet (sub network) mask is there to enable networks to be separated and hosts within a logical/physical network.

HOW MANY IP ADDRESSES ARE USED IN A NETWORK?

The size of a network is a function of the number of bits used to identify the host portion of the address. If a subnet mask shows that 8 bits are used for the host portion of the address block, a maximum of 256 host addresses are available for that specific network. If a subnet mask shows that 16 bits are used for the host portion of the address block, a maximum of 65,536 possible host addresses are available for use on that network.

4.3 BILLION IP ADDRESSES AVAILABLE

An Internet Service Provider (ISP) will generally assign either a static IP address (always the same) or a dynamic address (changes every time one logs on).

ISPs and organisations usually apply to the InterNIC for a range of IP addresses so that all clients have similar addresses.

There are about 4.3 billion IP addresses. The class-based, legacy addressing scheme places heavy restrictions on the distribution of these addresses.

TCP/IP networks are inherently router-based, and it takes much less overhead to keep track of a few networks than millions of them

HOW DOES A ROUTER KNOW THE SUBNET MASK OF A DESTINATION IP ADDRESS?

It doesn't. A router doesn't need to know the subnet mask of a destination address to send a packet in its direction. All it needs to know is enough information to determine if the destination is a neighbour, and if not, determine the best next-hop router in the route toward the packet's ultimate destination.

Network masks are used in routing for two purposes: to identify the range of addresses that are directly connected on attached interfaces, and to identify ranges of addresses that are reachable via other neighbouring routers. We use them because they offer a much shorter representation that can be tested much more quickly than would be afforded by a simple list of each of the addresses that can be reached (which would be absurdly long for the default route that can reach the entire Internet).

Sending a message between hosts using TCP/IP

Imagine we we want to send an email over webmail.  The following communication would happen:

• 1. Our browser uses the Hyper Text Transfer Protocol (HTTP) to send a request to the Application Layer over a given port. 

  2. The Application Layer protocol (HTTP) sends the request to the Transmission Control Protocol (TCP) in the Transport Layer. The TCP communicates with the Internet Layer to establish a connection with the webserver across the network(s). 

  3. The Internet Protocol in the Internet Layer establishes the address of the webserver and converts the request into packets. The packets are sent to the Network Layer. 

  4. The Network Layer uses its protocols to send the packets over the internet to the webserver. 

  5. At the webserver the process is reversed. The packets are sent up through the protocols in the layers, and re-assembled into the request. The request is passed through the Application Layer protocols for the webserver to service. 

  6. In the same manner the webserver uses the protocols in the layers to send the webpage data back to our device using the correct port number. 

Note:  If we were using a mail client (e.g. Outlook), the protocol would most likely be SMTP, POP3 or IMAP and the ports would be different, but the process is almost identical.

The main purpose of a routing table is to help routers make effective routing decisions. Whenever a packet is sent through a router to be forwarded to a host on another network, the router consults the routing table to find the IP address of the destination device and the best path to reach it. The packet is then directed to a neighbouring router -- or the next hop listed in the table -- until it reaches its final destination.

Destination

This is the IP address of the packet's final destination.

Subnet mask

Also known as the netmask, this is a 32-bit network address that identifies whether a host belongs to the local or remote network.

Gateway

This is the next hop, or the neighbouring device's IP address to which the packet is forwarded.

Interface

The routing table lists the inbound network interface, also known as the outgoing interface, that the device should use when forwarding the packet to the next hop. E.g. Ethernet

Metric

Used to determine the most appropriate route. It can be used to count the number of hops for a given path

Routes

This includes directly attached subnets, indirect subnets that aren't attached to the device but can be accessed through one or more hops, and default routes to use for certain types of traffic or when information is lacking.

BitTorrent

The significant portion of content can be found within lesson 3's slides.  This is only a summary of the content.

BitTorrent is a protocol that enables fast downloading of large files using minimum Internet bandwidth. It costs nothing to use and includes no spyware or pop-up advertising.

Unlike other download methods, BitTorrent maximises transfer speed by gathering pieces of the file you want and downloading these pieces simultaneously from people who already have them. This process makes popular and very large files, such as videos and television programs, download much faster than is possible with other protocols.

The diagram shows below how a typical file might be downloaded from a website using a browser (specific FTP clients do exist, browsers are just one way).

Downloading pieces of the file at the same time helps solve a common problem with other peer-to-peer download methods: Peers upload at a much slower rate than they download. By downloading multiple pieces at the same time, the overall speed is greatly improved. The more computers involved in the swarm, the faster the file transfer occurs because there are more sources of each piece of the file. For this reason, BitTorrent is especially useful for large, popular files.  Also, because files are random access, the chances of downloading malware are very slim.

Links

IP address basics

IP v6 facts

The OSI model:  What it is, why it matters and why it doesn't!

BitTorrent Wiki

TCP/IP guide

BitTorrent terms

Videos

Lengthy video explaining how the OSI layer model work and then looks at the TCP/IP protocol layer model

Shorter OSI Model - Layers explained

Crossword

The crossword is available as a document (in the files above) and website