The TCP/IP protocol consists of several protocols operating at different layers. The TCP/IP network model can be represented by the 4 layer model shown below (which is a simplified version of the OSI 7 layer model).
As a user sends data, it passes through each layer which encapsulates it, each adding a protocol header to the packet. When the packet arrives at the destination, it passes up through the stack, each layer stripping off the encapsulation previously applied.
The headers added have the following format.
You'll notice that the UDP header is much simplier than the TCP header. This is because UDP is a stateless protocol. TCP on the other hand is stateful. During a TCP connection the packet transmission is monitored. Any delivery errors are corrected by packets being resent. This means that TCP needs to keep a track of packet sequence numbers, checksums, etc, hence the more complicated packet header.
The TCP Handshake
When a session starts the so called three way handshake takes place. The client sends a packet with the SYN flag set. The server responds with a packet with the ACKNOWLEDGE/SYN flag set. The client responds with an ACK packet. To terminate a session, the client sends a FIN packet. The server sends an ACK packet followed by a FIN.The client responds with a FIN.
The following TCP flags exist.
- URG - packet contains important data
- ACK - Acknowledgement of the last packet (all packets have this set
except the first)
- PSH - Send immediately even if the buffer isn't full
- RST - Reset the connection (error occurred)
- SYN - Start a connection
- FIN - Close a connection
Fragmentation is when a packet has to be broken up into smaller pieces. Normally this takes place if a packet passes from one type of network to another, e.g. FDDI to ethernet . The reason for this is that each type of network has a Maximum Transport Unit (MTU) set, i.e. a maximum packet size. This is bigger for some types of networks the others. The table below summarises this