Apr 27, 2008

Network Protocol Levels

You should be aware of the fact, that when talking about networking you will hear the word "protocol" all the time. This is because protocols are sets of standards that define all operations within a network. They define how various operations are to be performed. They may even define how devices outside the network can interact with the network. Protocols define everything from basic networking data structures, to higher level application programs. They define various services and utility programs. Protocols operate at many layers of the network models described below. There are protocols considered to be transport protocols such as TCP and UDP. Other protocols work at the network layer of the OSI network model shown below, and some protocols work at several of the network layers.

RFCs

Protocols are outlined in Request for Comments (RFCs). At the end of this document is a list of protocols and associated RFC numbers.Protocols. Although RFCs define protocols not all RFCs define protocols but may define other requirements for the internet such as RFC 1543 which provides information about the preparation of RFCs. The following RFCs are very central to the TCP/IP protocol.

  • RFC 1122 - Defines host requirements of the TCP/IP suite of protocols covering the link, network (IP), and transport (TCP, UDP) layers.
  • RFC 1123 - The companion RFC to 1122 covering requirements for internet hosts at the application layer
  • RFC 1812 - Defines requirements for internet gateways which are IPv4 routers

Network Models

There are several network models which you may hear about but the one you will hear about most is the ISO network model described below. You should realize, however that there are others such as:

  • The internet layered protocol
  • The TCP/IP 4 layered protocol

The Microsoft networking protocol

If you don't like any of these models, feel free to invent your own along with your own networking scheme of course, and add it to the list above. You can call it "The MyName Protocol". Ever wonder why networking can be so complex and confusing? Welcome to the world of free enterprise!

The OSI Network Model Standard

The International Standards Organization (ISO) has defined a standard called the Open Systems Interconnection (OSI) reference model. This is a seven layer architecture listed below. Each layer is considered to be responsible for a different part of the communications. This concept was developed to accommodate changes in technology. The layers are arranged here from the lower levels starting with the physical (hardware) to the higher levels.

  1. Physical Layer - The actual hardware.
  2. Data Link Layer - Data transfer method (802x ethernet). Puts data in frames and ensures error free transmission. Also controls the timing of the network transmission. Adds frame type, address, and error control information. IEEE divided this layer into the two following sublayers.
    1. Logical Link control (LLC) - Maintains the Link between two computers by establishing Service Access Points (SAPs) which are a series of interface points. IEEE 802.2.
    2. Media Access Control (MAC) - Used to coordinate the sending of data between computers. The 802.3, 4, 5, and 12 standards apply to this layer. If you hear someone talking about the MAC address of a network card, they are referring to the hardware address of the card.
  3. Network Layer - IP network protocol. Routes messages using the best path available.
  4. Transport Layer - TCP, UDP. Ensures properly sequenced and error free transmission.
  5. Session Layer - The user's interface to the network. Determines when the session is begun or opened, how long it is used, and when it is closed. Controls the transmission of data during the session. Supports security and name lookup enabling computers to locate each other.
  6. Presentation Layer - ASCII or EBCDEC data syntax. Makes the type of data transparent to the layers around it. Used to translate date to computer specific format such as byte ordering. It may include compression. It prepares the data, either for the network or the application depending on the direction it is going.
  7. Application Layer - Provides services software applications need. Provides the ability for user applications to interact with the network.

Many protocol stacks overlap the borders of the seven layer model by operating at multiple layers of the model. File Transport Protocol (FTP) and telnet both work at the application, presentation, and the session layers.

The Internet, TCP/IP, DOD Model

This model is sometimes called the DOD model since it was designed for the department of defense It is also called the TCP/IP four layer protocol, or the internet protocol. It has the following layers:

  1. Link - Device driver and interface card which maps to the data link and physical layer of the OSI model.
  2. Network - Corresponds to the network layer of the OSI model and includes the IP, ICMP, and IGMP protocols.
  3. Transport - Corresponds to the transport layer and includes the TCP and UDP protocols.
  4. Application - Corresponds to the OSI Session, Presentation and Application layers and includes FTP, Telnet, ping, Rlogin, rsh, TFTP, SMTP, SNMP, DNS, your program, etc.

Please note the four layer TCP/IP protocol. Each layer has a set of data that it generates.

  1. The Link layer corresponds to the hardware, including the device driver and interface card. The link layer has data packets associated with it depending on the type of network being used such as ARCnet, Token ring or ethernet. In our case, we will be talking about ethernet.
  2. The network layer manages the movement of packets around the network and includes IP, ICMP, and IGMP. It is responsible for making sure that packages reach their destinations, and if they don't, reporting errors.
  3. The transport layer is the mechanism used for two computers to exchange data with regards to software. The two types of protocols that are the transport mechanisms are TCP and UDP. There are also other types of protocols for systems other than TCP/IP but we will talk about TCP and UDP in this document.
  4. The application layer refers to networking protocols that are used to support various services such as FTP, Telnet, BOOTP, etc. Note here to avoid confusion, that the application layer is generally referring to protocols such as FTP, telnet, ping, and other programs designed for specific purposes which are governed by a specific set of protocols defined with RFC's (request for comments). However a program that you may write can define its own data structure to send between your client and server program so long as the program you run on both the client and server machine understand your protocol. For example when your program opens a socket to another machine, it is using TCP protocol, but the data you send depends on how you structure it.

Data Encapsulation, a Critical concept to be understood

When starting with protocols that work at the upper layers of the network models, each set of data is wrapped inside the next lower layer protocol, similar to wrapping letters inside an envelope. The application creates the data, then the transport layer wraps that data inside its format, then the network layer wraps the data, and finally the link (ethernet) layer encapsulates the data and transmits it.

To continue, you should understand the definition of a client and server with regards to networking. If you are a server, you will provide services to a client, in much the same way as a private investigator would provide services to their clients. A client will contact the server, and ask for service, which the server will then provide. The service may be as simple as sending a single block of data back to the client. Since there are many clients, a server must be constantly ready to receive client requests, even though it may already be working with other clients. Usually the client program will operate on one computer, while the server program will operate on another computer, although programs can be written to be both a client and a server.

Lets say you write a client chat program and a server chat program to be used by two people to send messages between their machines. You run the server program on machine B, and the client program on machine A. Tom is on machine A and George is on machine B. George's machine is always ready to be contacted, but cannot initiate a contact. Therefore if George wants to talk to Tom, he cannot, until Tom contacts him. Tom, of course can initiate contact at any time. Now you decide to solve the problem and merge the functionality of the two programs into one, so both parties may contact the other. This program is now a client/server program which operates both as a client and a server. You write your code so when one side initiates contact, he will get a dialog box, and a dialog box will pop up on the other side. At the time contact is initiated, a socket is opened between the two machines and a virtual connection is established. The program will let the user (Tom) type text into the dialog window, and hit send. When the user hits send, roughly the following will happen.

  1. Your program will pass Tom's typed text in a buffer, to the socket. This happens on machine A.
  2. The underlying software (Code in a library called by a function your program used to send the data) supporting the socket puts the data inside a TCP data packet. This means that a TCP header will be added to the data. This header contains a source and destination port number along with some other information and a checksum. Deamon programs (Daemon definition at the bottom of this page) may also work at this level to sort packages based on port number (hence the TCP wrapper program in UNIX and Linux).
  3. The TCP packet will be placed inside an IP data packet with a source and destination IP address along with some other data for network management. This may be done by a combination of your library function, the operating system and supporting programs.
  4. The IP data packet is placed inside an ethernet data packet. This data packet includes the destination and source address of the network interface cards (NIC) on the two computers. The address here is the hardware address of the respective cards and is called the MAC address.
  5. The ethernet packet is transmitted over the network line.
  6. Assuming there is a direct connection between the two computers, the network interface card on machine B, will recognize its MAC address and grab the data.
  7. The IP data packet will be extracted from the ethernet data packet. A combination of deamons and the operating system will perform this operation.
  8. The TCP data packet will be extracted from the IP data packet. A combination of deamons, the operating system, and libraries called by your program will perform this function.
  9. The data will be extracted from the TCP packet. Your program will then display the retrieved data (text) in the text display window for George to read.

Be aware that for the sake of simplicity, we are excluding details such as error management, routing, and identifying the hardware address of the NIC on the computer intended to receive the data. Also we are not mentioning the possible rejection of service based on a packet's port number or sender's IP address.

A deamon program is a program that runs in the background on a computer operating system. It is used to perform various tasks including server functions. It is usually started when the operating system is booted, but a user or administrator may be able to start or stop a daemon at any time.



No comments:

Post a Comment

Popular Posts