Back
Next
TCP level. (session level)
Two general purpose message protocols (TCP and UDP),
and a number of special purpose TCP level protocols.
TCP - Transmission Control Protocol packet
Generated at session level (by the application or system calls).
Used when data does not fit into a single packet or when connection
needs to be confirmed before transmission.
Source and destination ports - used to distinguish which application
or service is being communicated with on a particular machine.
Sequence number - offset from beginning of whole payload. Used where
data larger than packet size. Used to rebuild the whole block of data
being transferred.
A variety of control/condition flags.
Data being transmitted.
Check sum - Usually CRC. Was packet delivered uncorrupted?
Additional Error checking - has all the data for the session or
activity been delivered?, is it re-assembled in the right order?,
has there been duplication of packets?
State based connection
Source and target systems negotiate a "connection" before actual
transmission of data begins using handshaking.
Initiator(client) sends SYN. Targets node(IP) and service(port)
of server.
Responder(server) sends an ACK-SYN.
Confirms target node has service listening on target port.
Initiator locks connection with an ACK.
Hello, I'm Bob,
Hello Bob, I'm Bill,
Hello Bill
After this, many packets may be sent between initiator and responder.
Depending on situation, initiator or responder will send a final ACK
to close the session.
UDP - User Datagram Protocol packet
A simpler version of a TCP packet - single unit of communication. Used
for communicating session level control information or quick short
request or response, such as time information.
Source and destination ports, size, checksum and data.
Classified as stateless. The packet is simply sent. If sender does not
receive response in timely manor, sender assumes packet lost and may
ask again. Possible either request or response lost.
Hey Bill, this is Bob, catch.
May be used where time sensitive communication occurs. Better to loose one
of number of sequential packets then to delay data stream attempting to
recover a lost packet.
Uses :
DNS (domain name service), name <-> IP
DHCP (Dynamic Host Configuration Protocol), MAC@ <-> IP
SNMP (Simple Network Management Protocol),
RIP (Routing Information Protocol) obsolete(?)
Time services.
Many streaming audio/video situations.
Communications where request and response are fairly simple and short.
ICMP - Internet Control Message Protocol.
ICMP is an alternative packet structure that functions at the IP level
protocol but is delivered inside an IP packet.
It is primarily used for message and error communication between nodes,
so there is no port info.
* Although it is often listed as part of the TCP level protocol.
Consists of a set of predefined flags and some additional data.
Classified as stateless - sender does not look for confirmation.
Not sent by application, but used by the OS or router node, i.e processes
handling TCP/IP activity. OS responsible for delivering error to application.
Fields :
Type 8-bit
Code 8-bit
Type and code used together to specify what is being done.
Could be an error
Could be a request for a service.
Could be ping
Could be a probe to find if a route is available.
Could be an 'advertisement' indicating a route is available.
(used by new device on network to ID the Gateway).
Checksum 16-bit
Rest of header 24-bit.
Additional info depending on Type/Code fields.
Data - ICMP includes a data sector that may contain the entire header
of the IPv4 packet that triggered the error and 1st 8 bytes of its
data section.
Other TCP level protocols.
DCCP - data congestion control protocol. Favors getting the packets of a
message to recipient in a timely manor over delivering them in order.
Also used by IPV6 to find maximum packet size(?)
SCTP - stream control transmission protocol. Cross between TCP and UDP.
Small message units like UDP but with some of the acknowledgment like TCP.
Also supports multi-stream transfers (sending web page text and embedded
images at same time).
RSVP - resource reservation protocol. TCP style control packet similar to
ICMP. Commonly used to "reserve" resources for a request to stream data
such as live video or audio. (at session level?)
What an Ethernet frame might look like
See wikipedia.org for topics : "TCP frame", "UDP", "ICMP"