TCP/IP -- an introduction

TCP/IP -- Transmission Control Protocol/Internet Protocol -- is the language of the Internet. It is a platform-independent protocol suite, which means that it doesn't matter what kind of computer you have -- if it's got TCP/IP software installed (nearly every computer does), it can talk TCP/IP. TCP/IP is the language most computers speak when they're communicating with one another...i.e, when they're networked. TCP/IP powers the Internet: all the familiar services, such as HTTP (for web use), SMTP (for email transmission), and FTP (for file transfer), run over TCP/IP.

A Brief History of TCP/IP

In the 1970's, ground-breaking research was being performed at the Advanced Research Projects Agency of the United States government. This research formed the foundation of the ARPAnet -- networked computers that connected research stations around the world, so geographically remote offices could still share ideas and resources. The ARPAnet grew up into the Internet after the deployment of the TCP/IP protocol suite, and that formed the backbone of the Internet of today.

Basic TCP/IP Understanding

TCP/IP communication is handled by sending datagrams, commonly known as 'packets'. A packet is a small piece of data with various special fields set in it that allows it to be sent to the right place, and perform the right function. Routing, for instance, is handled by looking at certain of these fields and using them to determine where a packet should go.

TCP/IP, as stated above, is a protocol suite. It's two protocols -- TCP and IP. TCP rides on top of IP, and IP is the part of the suite that's used for routing from one computer to another. Special computers called routers can receive an IP packet that comes from one host, look at its headers -- the special fields in the packet -- and decide where to send it. The packet hops from router to router, each one determining the next hop through various means such as routing tables and special protocols. Each router looks at the packet's header, like a post office reading the address on an envelope.

TCP, the other part of the protocol suite, usually does not come into play until the packet has arrived at the destination computer. The TCP packet (which is carried inside the IP packet, like an envelope inside another one) also has headers, and when the destination computer receives a TCP packet, it uses the headers to determine what that packet is meant to do.

There are other network protocols, such as UDP (which is used for such services as domain name lookups and the Simple Network Management Protocol) and ICMP (which comes into play when you use a tool like ping to see if a remote computer has gone down). However, it's TCP that is used the most, and that's what this paper focuses on.

A Detailed Look at TCP/IP Architecture and Communication

Communication between computers is generally looked at as a model with seven layers. Known as the OSI (Open Systems Interconnect) model, it encompasses, from bottom to top, the physical layer, the data link layer, the network layer, the transport layer, the session layer, the presentation layer, and the application layer. For instance, the physical layer would be the actual cable that connects your computer to your network. The data link layer would be your network interface card itself. IP is an example of a network layer protocol; TCP is a transport layer protocol. And so on up to the application layer, which would be, say, Netscape.

How does TCP communication work? It's more complex than just throwing some data out onto the Internet and hoping the right machine catches it. TCP communication employs what's known as the 'three-way handshake'. A computer makes a request to another -- for instance, a web server. This is the first part of the handshake. The remote server gets that request and replies, saying it received the first part. This reply is the second part of the handshake. Then the original computer replies back, saying it got the reply and knows the remote computer is up and ready for it, and that the actual data will be coming. The third part of the handshake is complete, and the two computers are communicating. All of this happens completely transparently to the user, and it happens every time a new connection is made. Every time a web page is downloaded. Every time mail is sent. It may seem a little redundant, but the real purpose of the three-way handshake is to make TCP connections a very reliable way to transmit data. Nothing is sent until both computers know that the other is ready.

Assume, then, that you want to get a web page from http://www.example.com/. You enter the URL into your web browser, and hit the button. From there, your computer, the Internet's protocols, and example.com's web server take over. First, your computer crafts a packet that looks for the numerical address of www.example.com. That's a UDP packet. It gets the answer from your ISP's server, and then it knows example.com's address. Now it creates a TCP packet that starts the handshake. It sends that to the network layer, where the TCP packet is put inside an IP packet envelope. Now it's sent to the data-link layer -- your modem or your network interface card -- and from there, down the physical layer, the cable. The packet goes to your closest router, which looks at the IP packet's headers and sends it on its way...across the Internet to example.com. On the way, other routers pick it up and pass it. When it arrives at the last router, it goes back down another cable (layer 1), to the web server's network card (layer 2), then up to the network layer. There, the IP envelope comes off, and the TCP packet goes up one more. Now the first part of the handshake is complete. The example.com server crafts a TCP packet that acknowledges it received the first request, and sends it back...back down to the IP layer to get the envelope, back down through layer 2 and layer 1, back through the routers, back to your computer...layer 1, layer 2, layer 3 to take off the envelope, and then up to layer 4. The second part of the handshake is complete. Your computer responds with the whole process, finishing the handshake, and then your computer requests the web page...and example.com gets it, and sends the web page back. This time the packets it sends go through the Internet to your computer, and go all the way up through -all- seven layers...and they display a web page in Netscape.

That's what TCP/IP does...and it does it so fast you barely even notice.



/dev/null (null@attrition.org) (c) copyright 2000, Null