Internet protocol suite

The Internet protocol suite came from work done by DARPA in the early 1970s. After building the pioneering ARPANET, DARPA started work on a number of other data transmission technologies. In 1972, Robert E. Kahn was hired at the DARPA Information Processing Technology Office, where he worked on both satellite packet networks and ground-based radio packet networks, and recognized the value of being able to communicate across them. In the spring of 1973, Vinton Cerf, the developer of the existing ARPANET Network Control Program (NCP) protocol, joined Kahn to work on open-architecture interconnection models with the goal of designing the next protocol for the ARPANET.

By the summer of 1973, Kahn and Cerf had soon worked out a fundamental reformulation, where the differences between network protocols were hidden by using a common internetwork protocol, and instead of the network being responsible for reliability, as in the ARPANET, the hosts became responsible. (Cerf credits Hubert Zimmerman and Louis Pouzin [designer of the CYCLADES network] with important influences on this design.)

With the role of the network reduced to the bare minimum, it became possible to join almost any networks together, no matter what their characteristics were, thereby solving Kahn's initial problem. (One popular saying has it that TCP/IP, the eventual product of Cerf and Kahn's work, will run over "two tin cans and a string", and it has in fact been implemented using homing pigeons.) A computer called a gateway (later changed to router to avoid confusion with other types of gateway) is provided with an interface to each network, and forwards packets back and forth between them.

The idea was worked out in more detailed form by Cerf's networking research group at Stanford in the 1973–74 period. (The early networking work at Xerox PARC, which produced the PARC Universal Packet protocol suite, much of which was contemporaneous, was also a significant technical influence; people moved between the two.)

DARPA then contracted with BBN, Stanford, and the University College London to develop operational versions of the protocol on different hardware platforms. Four versions were developed: TCP v1, TCP v2, a split into TCP v3 and IP v3 in the spring of 1978, and then stability with TCP/IP v4 — the standard protocol still in use on the Internet today.

In 1975, a two-network TCP/IP communications test was performed between Stanford and University College London (UCL). In November, 1977, a three-network TCP/IP test was conducted between the U.S., UK, and Norway. Between 1978 and 1983, several other TCP/IP prototypes were developed at multiple research centres. A full switchover to TCP/IP on the ARPANET took place January 1, 1983.^[1]

In March 1982,^[2] the US Department of Defense made TCP/IP the standard for all military computer networking. In 1985, the Internet Architecture Board held a three day workshop on TCP/IP for the computer industry, attended by 250 vendor representatives, helping popularize the protocol and leading to its increasing commercial use.

On November 9, 2005 Kahn and Cerf were presented with the Presidential Medal of Freedom for their contribution to American culture.^[3]

The IP suite uses encapsulation to provide abstraction of protocols and services. Generally a protocol at a higher level uses a protocol at a lower level to help accomplish its aims. The Internet protocol stack can be roughly fitted to layers of the DoD model:

The layers near the top are logically closer to the user while those near the bottom are logically closer to the physical transmission of the data. Each layer has an upper layer protocol and a lower layer protocol (except the top/bottom protocols, of course) that either use said layer's service or provide a service, respectively. Viewing layers as providing or consuming a service is a method of abstraction to isolate upper layer protocols from the nitty gritty detail of transmitting bits over, say, Ethernet and collision detection while the lower layers avoid having to know the details of each and every application and its protocol.

This abstraction also allows upper layers to provide services that the lower layers cannot, or choose not, to provide. For example, IP is designed to not be reliable and is a best effort delivery protocol. This means that all transport layers must choose whether or not to provide reliability and to what degree. UDP provides data integrity (via a checksum) but does not guarantee delivery; TCP provides both data integrity and delivery guarantee (by retransmitting until the receiver receives the packet).

This model is in some ways lacking.

1. For multipoint links with their own addressing systems (e.g. Ethernet) an address mapping protocol is needed. Such protocols can be considered to be below IP but above the existing link system.
2. ICMP & IGMP operate on top of IP but does not transport data like UDP or TCP.
3. The SSL/TLS library operates above the transport layer (utilizes TCP) but below application protocols.
4. The link is treated like a black box here. This is fine for discussing IP (since the whole point of IP is it will run over virtually anything) but is less helpful when considering the network as a whole.

The third and fourth examples are perhaps better explained using the OSI model while the first two are still problematic.

The IP suite (and corresponding stack) were in use before the OSI model was established and since then the IP stack has been compared with the OSI model numerous times in books and classrooms. Also, OSI layer numbers are generally used for describing the capabilities of network equipment.

The two can roughly be related but are not a perfect match. The first striking difference is the layer count. The DoD model for the IP stack uses four or five layers (the link layer might be treated as a single layer or split into a physical layer and a data link layer) and the OSI model uses seven. Strictly comparing names, the two "new" layers are the presentation layer and the session layer. Most comparisons lump these two layers with the OSI application layer and equate to the IP application layer.

Much like the IP stack, the OSI model is also not rich enough at the lower layers to capture the true workings of the IP suite. For example, an "internetworking layer" is needed to fit in between the network and transport layers to address where ICMP and IGMP reside. Additionally, a layer between the network and data link layer is needed for ARP and RARP. It also suffers from being designed for simple network setups having only a single data link layer (for example an ADSL user tunneling into a corporate network could have IP over PPTP over IP over PPPoA over the ADSL link)

One example of where the OSI model is better used is showing where SSL/TLS fits in. Typically, SSL/TLS is used as a session protocol that is an upper layer protocol for TCP or UDP but is a lower layer protocol for numerous protocols (HTTP, SFTP, etc.) or any application that operates over a stunnel or secure virtual private network.

Carrier pigeon could also be grouped in the physical layer, but it is a non-standard use.

There are several mnemonics for remembering the order of the layers in the OSI model.

The following is a description of each layer in the IP suite stack.

The application layer is used by most programs for network communication. Data is passed from the program in an application-specific format, then encapsulated into a transport layer protocol.

Since the IP stack has no layers between the application and transport layers, the application layer must include any protocols that act like the OSI's presentation and session layer protocols. This is usually done through libraries.

Data sent over the network is passed into the application layer where it is encapsulated into the application layer protocol. From there, the data is passed down into the lower layer protocol of the transport layer.

The two most common lower layer protocols are TCP and UDP. Common services have specific ports assigned to them (HTTP has port 80; FTP has port 21; etc.) while clients use ephemeral ports.

Routers and switches do not utilize this layer but bandwidth throttling applications do.

The transport layer's responsibilities include end-to-end message transfer capabilities independent of the underlying network, along with error control, fragmentation and flow control. End to end message transmission or connecting applications at the transport layer can be categorized as either:

• 1. connection-oriented e.g. TCP

• 2. connectionless e.g UDP

The transport layer can be thought of as a literal transport mechanism e.g. a vehicle whose responsibility is to make sure that its contents (passengers/goods) reach its destination safe and sound.

The transport layer provides this service of connecting applications together through the use of ports. Since IP provides only a best effort delivery, the transport layer is the first layer to address reliability.

For example, TCP is a connection-oriented protocol that addresses numerous reliability issues to provide a reliable byte stream:

• data arrives in-order
• data has minimal error-correctness
• duplicate data is discarded
• lost/discarded packets are resent
• includes traffic congestion control

The dynamic routing protocols which technically fit at this layer in the TCP/IP Protocol Suite (since they run over IP) are generally considered to be part of the Network layer; an example is OSPF (IP protocol number 89).

The newer SCTP is also a "reliable", connection-oriented, transport mechanism. It is stream-oriented — not byte-oriented like TCP — and provides multiple streams multiplexed over a single connection. It also provides multi-homing support, in which a connection end can be represented by multiple IP addresses (representing multiple physical interfaces), such that if one fails, the connection is not interrupted. It was developed initially for telephony applications (to transport SS7 over IP), but can also be used for other applications.

UDP is a connectionless datagram protocol. Like IP, it is a best effort or "unreliable" protocol. Reliability is addressed through error detection using a weak checksum algorithm. UDP is typically used for applications such as streaming media (audio and video, etc) where on-time arrival is more important than reliability, or for simple query/response applications like DNS lookups, where the overhead of setting up a reliable connection is disproportionately large.

DCCP is currently under development by IETF. It provides TCP's flow control semantics, while keeping UDP's datagram service model visible to the user.

Both TCP and UDP are used to carry a number of higher-level applications. The applications at any given network address are distinguished by their TCP or UDP port. By convention certain well known ports are associated with specific applications. (See List of TCP and UDP port numbers.)

RTP is a datagram protocol that is designed for real-time data such as streaming audio and video. RTP is a session layer that uses the UDP packet format as a basis yet is said to sit within the transport layer of the Internet protocol stack.

As originally defined, the Network layer solves the problem of getting packets across a single network. Examples of such protocols are X.25, and the ARPANET's Host/IMP Protocol.

With the advent of the concept of internetworking, additional functionality was added to this layer, namely getting data from the source network to the destination network. This generally involves routing the packet across a network of networks, known as an internetwork or (lower-case) internet.^[4]

In the Internet protocol suite, IP performs the basic task of getting packets of data from source to destination. IP can carry data for a number of different upper layer protocols; these protocols are each identified by a unique protocol number: ICMP and IGMP are protocols 1 and 2, respectively.

Some of the protocols carried by IP, such as ICMP (used to transmit diagnostic information about IP transmission) and IGMP (used to manage multicast data) are layered on top of IP but perform internetwork layer functions, illustrating an incompatibility between the Internet and the IP stack and OSI model. All routing protocols, such as BGP, OSPF, and RIP are also really part of the network layer, although they might seem to belong higher in the stack.

The link layer, which is the method used to move packets from the network layer on two different hosts, is not really part of the Internet protocol suite, because IP can run over a variety of different link layers. The processes of transmitting packets on a given link layer and receiving packets from a given link layer can be controlled both in the software device driver for the network card, as well as on firmware or specialist chipsets. These will perform data link functions such as adding a packet header to prepare it for transmission, then actually transmit the frame over a physical medium.

For Internet access over a dial-up modem, IP packets are usually transmitted using PPP. For broadband Internet access such as ADSL or cable modems, PPPoE is often used. On a local wired network, Ethernet is usually used, and on local wireless networks, IEEE 802.11 is usually used. For wide-area networks, either PPP over T-carrier or E-carrier lines, Frame relay, ATM, or packet over SONET/SDH (POS) are often used.

The link layer can also be the layer where packets are intercepted to be sent over a virtual private network. When this is done, the link layer data is considered the application data and proceeds back down the IP stack for actual transmission. On the receiving end, the data goes up the IP stack twice (once for the VPN and the second time for routing).

The link layer can also be considered to include the physical layer, which is made up of the actual physical network components (hubs, repeaters, network cable, fiber optic cable, coaxial cable, network cards, Host Bus Adapter cards and the associated network connectors: RJ-45, BNC, etc), and the low level specifications for the signals (voltage levels, frequencies, etc).

Today, most commercial operating systems include and install the TCP/IP stack by default. For most users, there is no need to look for implementations. TCP/IP is included in all commercial Unix and Linux distributions as well as Mac OS X and Microsoft Windows and Windows Server editions.

Unique implementations include Lightweight TCP/IP, an open source stack designed for embedded systems and KA9Q NOS, a stack and associated protocols for amateur packet radio systems and personal computers connected via serial lines.

• OSI Model
• DoD Model
• List of TCP and UDP port numbers
• Important "over HTTP users/examples": HTML, SOAP.

• Internet History -- Pages on Robert Kahn, Vinton Cerf, and TCP/IP (reviewed by Cerf and Kahn).
• Forouzan, Behrouz A. (2003). TCP/IP Protocol Suite (2nd ed.). McGraw-Hill. ISBN 0-07-246060-1. {{cite book}}: Cite has empty unknown parameter: |1= (help)

• Andrew S. Tanenbaum. Computer Networks. ISBN 0-13-066102-3
• Douglas E. Comer. Internetworking with TCP/IP - Principles, Protocols and Architecture. ISBN 86-7991-142-9
• Joseph G. Davies and Thomas F. Lee. Microsoft Windows Server 2003 TCP/IP Protocols and Services. ISBN 0-7356-1291-9
• Craig Hunt TCP/IP Network Administration. O'Reilly (1998) ISBN 1-56592-322-7
• W. Richard Stevens. The Protocols (TCP/IP Illustrated, Volume 1). Addison-Wesley Professional; 1st edition (December 31, 1993). ISBN 0-201-63346-9
• Ian McLean. Windows(R) 2000 TCP/IP Black Book ISBN 1-57610-687-X

• RFC 1180 A TCP/IP Tutorial - from the Internet Engineering Task Force (January 1991)
• TCP/IP FAQ
• The TCP/IP Guide - A comprehensive look at the protocols and the procedures/processes involved
• A Study of the ARPANET TCP/IP Digest
• TCP/IP Sequence Diagrams
• The Internet in Practice
• TCP/IP Directory & Informational Resource.
• Chapter from Understanding TCP/IP book.