As mentioned previously, the TCP/IP suite of protocols maps to a four-layer conceptual model based on the seven layer Open System Interconnection (OSI) protocol model. The TCP/IP four-layer conceptual model maps out as follows:
Network Interface Layer –
This layer effectively puts the frames on the wire from the
sending node and pulls frames off the wire at the receiving
node. As such, it basically correlates to the Physical Layer of the
Internet Layer – The Internet
Layer protocol of the TCP/IP suite encapsulate packets into
Internet datagrams. There are four Internet protocols that
operate at this layer. The Internet Layer basically (but not
entirely) correlates to the Network Layer of the OSI model.
|IP||The Internet Protocol
provides connectionless packet delivery for all other
protocols and does not guarantee packet arrival or
correct packet sequence, nor does it acknowledge packet
delivery. IP has the main responsibility of addressing
and routing packets between nodes, and it does not try to
recover from network errors.
|ARP||The Address Resolution
Protocol maps IP addresses to physical machine
addresses (MAC addresses) that are located on the LAN.
IP broadcasts a special ARP inquiry packet containing
the IP address of the destination system. The system
that owns the IP address replies by sending its physical
address to the requester. The MAC sublayer communicates
directly with the network adapter card and is
responsible for delivering error-free data between
|ICMP||The Internet Control Message
Protocol is a message control and error-reporting
protocol used between network nodes. Higher-level
protocols use the information in these datagrams to
recover from any transmission or other errors.
|IGMP||The Internet Group
Management Protocol provides a way for nodes to report
their multicast group membership to nearby multicast
routers. Multicasting allows nodes to send content to
multiple other nodes within that multicast group by
sending IP multicast traffic to a single MAC address (but
by allowing it to be processed by multiple nodes). IGMP
is part of the Network layer of the OSI model. Windows
XP Professional supports multicast for things such as
Windows 2000 Server NetShow Services.
Layer – The two Transport layer protocols provide
communication sessions between computers, and these sessions
can be connection-oriented or connectionless, as outlined
below. The Transport Layer basically (but not entirely)
correlates to the Transport Layer of the OSI model.
|TCP||The Transmission Control
Protocol is a connection-oriented protocol that provides
reliable communication by assigning a sequence number to
each segment of data that is transmitted so that the
receiving host can send an acknowledgment (ACK) to
verify that the data was received. If an ACK is not
received, the data is retransmitted. TCP guarantees the
delivery of packets, ensures proper sequencing of the
data, and provides a checksum feature that validates
both the packet header and its data for accuracy.
|UDP||User Datagram Protocol
is a connectionless protocol that does not guarantee the
delivery or the correct sequencing of packets.
Applications that use UDP typically transfer small
amounts of data at once and the data sent is usually not
considered critical. TFTP (Trivial File Transfer
Protocol) uses UDP.
Application Layer – The
Application Layer is where applications that are
specifically written to operate over networks gain their
access. There are two TCP/IP services, Winsock and the
NetBIOS over TCP/IP (NetBT) interface, that network
applications most commonly use on Windows XP Professional
networks. The Application Layer basically (but not entirely)
correlates to the Application Layer of the OSI model.
|Winsock||Winsock is the standard
interface used for socket-based applications and TCP/IP
protocols. Winsock allows the network application to
bind to a specific port and IP address on a node,
initiate and accept a connection, send and receive data,
and then close the connection.
|NetBT||NetBIOS over TCP/IP is
the standard interface for NetBIOS services, including
name, datagram, and session services. It also provides a
standard interface between NetBIOS-based applications
and TCP/IP protocols ,and it is the network component that
performs computer name to IP address mapping name
resolution. There are currently four NetBIOS over TCP/IP
name resolution methods: b-node, p-node, m-node and
wrap for this week. Be sure to check back in next week for
the next article in this series which will cover TCP/IP Addressing in Windows XP Professional.
the meantime, best of luck in your
studies and please feel free to contact me with any
questions on my column. And remember,
“A hacker’s worst nightmare is that Server Administrators
will wake up and do their job”