TCP/IP and OSI Models: How the Internet’s Protocol Layers Work

The success of the Internet has made our world so small. If one has to find some information, they simply open their browser, enter something to search for, or enter a website directly into the address bar of a browser, and we gather information so easily.

Have you ever wondered how we find information so quickly and how different computers connect to exchange binary information and then convert it to human-perceivable information? Well, this is because of different protocol stacks, hardware, and applications combined. One of the very important protocols to understand is the TCP/IP protocol. We usually refer to TCP/IP as one combined word but this is a combination of different protocol layers.

TCP/IP commonly referred to as an Internet Protocol Suite, was proposed by Vint Cerf and Bob Kahn in a paper “A Protocol for Packet Network Intercommunication” in 1974. Although TCP/IP was developed before the International Organisation for Standardization (ISO) developed a reference model to standardize network communication called OSI (Open Systems Interconnection) in 1984, it is often referred to understand the layers and their abstractions.

We will start by understanding the OSI model first and then we will come to TCP/IP model.

What is OSI Model?

OSI is a layered architecture that makes communication possible between computers. A layered architecture is a software architecture pattern where layers communicate with their surrounding layers and each layer provides a set of functionalities and has a well defined boundaries.

Open Systems Interconnection is a theoretical model and serves for educational purposes whereas TCP/IP is a practical implementation. OSI has 7 layers of communication while TCP/IP has only 4 layers.

block-beta
columns 3
1 ["Application (Layer 7)"]:3
2 ["Presentation (Layer 6)"]:3
3 ["Session (Layer 5)"]:3
4 ["Transport (Layer 4)"]:3
5 ["Network (Layer 3)"]:3
6 ["Data link (Layer 2)"]:3
7 ["Physical (Layer 1)"]:3

OSI provides a very nice categorization of different channels involved in computer communication and sets the expected level of abstractions of each channel by segregating them into layers.

It is strongly recommended to understand the workings of each layer to understand the networking basics and in essence, understand TCP/IP. Let’s talk about these different layers briefly:

Physical Layer (Layer 1) Protocol

The physical layer is at Layer 1 where most of the network access materials are present such as cables, hubs, bits, etc. The physical layer communicates directly to the Data Link layer.

Physical (Layer 1) doesn’t understand logical concepts and is mostly the dumbest layer. It can only transmit raw bits in the forms of electrical, light, and radio signals based on the material used.

For example, CAT 5/6 copper wire can only deal with electrical signals. The physical layer works on the local network only, connecting local network devices directly, and it doesn’t use MAC or IP addresses.

Data Link Layer (Layer 2) Protocol

Data Link is a Layer 2 protocol another layer that is only capable of working at a local network level. This deals with local MAC (Media Access Control) addresses and uses ARP (Address Resolution Protocol) a bridging protocol that bridges logical addresses to the hardware addresses.

Network Layer (Layer 3)

The network layer is responsible for logical addresses, routing, and forwarding, etc. It is important to note that this is the layer where the IP protocol works i.e. Network layer is responsible for wrapping the data packet in the IP packet and assigning the source, and destination addresses. This layer also does the routing i.e. figuring out the best path to forward a data packet.

At this layer, we see protocols such as IP, ICMP, OSPF, and BGP. Most of the routers are implemented at this layer. The Data Link layer only works at the local level and the Network layer works at the global level.

Transport (Layer 4)

While the Network layer is responsible for routing and forwarding the packets, Transport (Layer 4) is responsible for end-to-end communication. At this level, we have two important protocols that is TCP and UDP. A large data stream is converted into smaller segments (in the case of TCP) or datagrams (in the case of UDP). This layer adds multiplexing support by adding port numbers to direct traffic to the appropriate app listening for that port number.

Reliability, connection control, flow control, and error recovery are implemented at this layer if TCP is used.

Session Layer (Layer 5)

The session layer as its name suggests is used to maintain connection sessions, for example, authentication, permissions, timeouts, and logouts. In the OSI model, sessions were not part of the application layer and they were handled separately at Layer 5.

An example of session management is SSH, where user authentication is done before allowing shell access. Another example is NetBIOS, a Windows file-sharing protocol that provides a session service for file sharing.

Presentation Layer (Layer 6)

This is a kind of translator service that translates different encodings, encryption, or compression of data to the application layer. For example, a client consumes an API request in a different format than a server. Another example of Layer 6 functionality can be character encoding from ASCII to UTF-8 etc.

Application Layer (Layer 7)

The application layer is the topmost layer in OSI. This layer directly interacts with end-user applications like web browsers, email clients, etc. The primary responsibility of this layer is to provide the network service to the software.

An example of this is HTTP, our web browser needs to connect to different servers and HTTP is the protocol at this level that listens to port 80 (default) in order to send a request and receive a response.

Other examples of application layer protocols are SMTP, OAuth, SOAP, MQTT, etc.

What is TCP/IP Model

Even before the internet came into existence, TCP/IP research began early 1970s by the U.S. Defence Advanced Research Projects Agency. This is a practical implementation of network communication even though OSI was later developed for educational purposes.

TCP/IP model has 4 layers:

block-beta
columns 3
1 ["Application"]:3
2 ["Transport"]:3
3 ["Internet"]:3
4 ["Network"]:3

Application Layer

TCP/IP merges together Application, Presentation, and Session layers together to simplify the practical implementation.

Transport Layer

Transport remains as is and it contains two important transmission protocols TCP(reliable) and UDP(unreliable).

Internet Layer

Internet layer is what the Network layer was in OSI. ARP is moved to the Internet layer while in OSI it was considered as Layer 2 protocol. At this layer, we have IP, ICMP, and ARP as key protocols.

Network Layer

Data Link and Physical layers are merged together to combine the hardware level interaction into one layer called Network layer.

Key Protocols in TCP/IP

There are few key protocols in the TCP/IP internet protocol suites. Here is the list of these protocols.

1. TCP
2. IP
3. UDP
4. ARP

TCP

TCP stands for Transmission Control Protocol used to control the transmission of data reliably without losing any piece of data called packets. TCP provides an effective abstraction of a reliable network on top of unreliable channels hiding the complexity of handling the network tasks such as retransmission of lost data, in-order delivery, congestion control and avoidance, etc.

TCP focuses on providing accurate delivery of the data rather than timely delivery of the data. Accuracy and reliability are not a free lunch, of course, it comes with its cost i.e. latency delay. We need to dedicate a separate article to discuss TCP since it’s a vast topic to cover and is important to understand.

IP Protocol

Most people would have heard the IP in terms of an IP address rather than IP as a protocol, called Internet Protocol. IP is what provides machine-to-machine routing, addressing, and fragmentation, it is more of a standard (IPv4, IPv6) that defines the IP addressing schemes and dictates how a packet from one machine to another machine would be routed and it does fragmentation, that is if the packet seems too larger to be delivered as one packet/chunk, it converts it to small fragments.

UDP

UDP is an unreliable protocol and is the fastest protocol for transmission under the Transport layer. It is often called a null protocol because it doesn’t add anything relevant to the packet instead of data. UDP packets are called datagrams. UDP is not a reliable protocol as it doesn’t guarantee accurate delivery of the datagrams, no packet recovery, no flow control, congestion control, etc.

Since it doesn’t involve forcing any sort of guarantee, this makes it the fastest protocol because it doesn’t have all the overheads that TCP does.

ARP (Address Resolution Protocol)

Address Resolution Protocol bridges IP address to the MAC address to deliver packet from a logical space to physical device. In order to understand ARP (Address Resolution Protocol), we need to understand the difference between IP address and a MAC address.

IP Address

An IP (Internet Protocol) address is a logical address and is used to route the packets on the internet. A logical address doesn’t physically exists but is used in the upper level layers (Logical Layers) and is very useful to route packet across different networks.

MAC (Media Access Control) Address

MAC (Media Access Control) addresses are assigned to ever NIC (Network Interface Card) to uniquely identify the physical network device on a LAN (Local Area Network). MAC is a 12 digit hexadecimal number that might look like this 00:5A:2D:1C:4E:1E. This is the actual device address of source and destination computers involved in the request/response.

IP address only exists in the software program (logical) and a MAC address is the address of physical device such as Ethernet card. But how do we know which MAC address belong to which IP address? We know that each machine contains a NIC (e.g. Ethernet card) that connects it to the network either using cables or wirelessly and IP address are assigned to machines but this mapping is still a logical mapping on a per computer level.

IP address to MAC address resolution is done by ARP. At a Data Link (Layer 2) level, ARP encapsulate an IP packet and adds a MAC address to the packet so that it can be transmitted on the local area network.

When an IP packet is reached at the Data Link layer, ARP sends a broadcast message to all the devices in the LAN and in return, it receives a unicast message from the destination machine resolving the IP to the MAC address and finally transmits the packet with a known MAC address on the Physical layer.

For example, ARP broadcast:

ARP (Broadcast): Hey, I have got a message for 192.168.1.6, if we have this IP on the network, please report your MAC to me at 192.168.1.1 and individual machine replies back:

ME (Unicast): Hey, 192.168.1.1, I am 192.168.1.6, and here is my MAC 00:5A:2D:1C:4E:1E.

Source and destination IP addresses don’t change but destination MAC addresses are assigned multiple times depending on the number of hops. At each hop level, a new MAC address is assigned and the packet is forwarded to the local network.