The TCP/IP model, also known as the Department of Defense (DoD) model, was created by
the DoD when they developed the TCP/IP protocol suite. Their goal was to provide reliable
networking and data integrity in the event of a disaster. This model is prevalent in the current networking community. Although the OSI model is rarely used (except for the terminology),
TCP/IP communications are ingrained in today’s networking fabric and are a focal point on the CCNA exam.
Layers of the OSI and TCP/IP Models
Data Link Network Access
This layer combines functionalities of the three top layers of the OSI model and may also be called Process/Application layer. Some of the most popular applications (email, file transport, and so on) interface with this layer to communicate with other applications on the network. If you’ll remember, the description of the Application layer of the OSI model included a list of application protocols and their primary functions. (Refer to Table 1.3.) These applications are also relative to the Application layer of the TCP/IP model. Table 1.9 provides a quick list of the protocols at their respective layers of the TCP/IP model.
Protocols for Each Layer of the TCP/IP Model
Application Telnet HTTP/HTTPS
DNS SMTP POP3 NFS
NNTP SNMP NTP DHCP
Transport TCP UDP
Internet ICMP ARP RARP IP
Network Interface Ethernet
Fast Ethernet Token Ring FDDI
The Transport layer corresponds with the Transport layer of the OSI model and is also known as the Host-to-Host layer. Not only is this layer responsible for reliable data delivery, but it can also make certain that data arrives in the proper order. You will see two transport layer protocols on the CCNA exam. These protocols are TCP and UDP. The following sections cover each protocol and its related applications.
Applications Using TCP
Application Port Numbers
DNS (zone transfers) 53
TCP is a reliable connection-oriented protocol. TCP uses acknowledgments, sequencing, and flow control to ensure reliability (please refer back to the “Transport Layer” section of the OSI model for definitions of these terms). A TCP segment contains fields for the Sequence, Acknowledgment, and Windowing numbers. These fields help make sure that datagrams arrive undamaged. This is considered to be reliable delivery.
TCP uses Positive Acknowledgment and Retransmission (PAR):
The source device begins a timer when a segment is sent and retransmits if the timer runs out before an acknowledgment is received. The source device keeps track of segments that are sent and requires an acknowledgment for each segment. The destination device acknowledges when a segment is received by sending a packet to the source that iterates the next sequence number it is looking for from the source.
TCP segment header format.
Source Port Destination Port
Miscellaneous Flags Window (Flow Control)
UDP is much simpler than TCP because it is aconnectionless protocol. UDP headers contain
only the source and destination ports, a length field, and a checksum. Because of the lack of a sequence, acknowledgment, and windowing field, UDP cannot guarantee delivery.Because there are no delivery guarantees, UDP is considered unreliable. With this protocol,it is up to the application to provide reliability.
UDP segment header.
Source Port Destination Port
On the plus side, UDP is considerably cheaper to implement and has faster transfer rates.
Applications Using UDP
Application Port Number
DNS (name resolution) 53
The Internet layer corresponds with the Network layer of the OSI model.
The following protocols relate to the logical transmission of packets:
. ARP, RARP, and Proxy ARP
IP uses logical or virtual addressing to get a packet from a source to its destination. IP addresses
are used by routers to make forwarding decisions.
Some key characteristics of IP addresses include the following:
. Addresses are allocated by the Internet Assigned Numbers Authority (IANA).
. IPv4 IP addresses are 32 bits, divided into four octets (8 bits each). An example of an
IP address in dotted decimal format would be 172.16.122.204.
. The minimum value (per octet) is 0 and the maximum value is 255.
IPv6, which is the future of IP addresses, is 128 bits.
data fields that make up an IP datagram.
Source IP Address
Destination IP Address
IP Options (optional) Padding
Flags Fragment Offset
Service Type Total Length
Time to Live Header Checksum
Internet Control Messaging Protocol is used by ping and traceroute utilities.
Ping (Packet Internet Groper) enables you to validate that an IP address exists and can accept requests. The following transmissions are used by the Ping utility:
Ping sends an echo request packet to receive the echo response.
Routers send Destination Unreachable messages when they can’t reach the destination network and they are forced to drop the packet. The router that drops the packet sends the ICMP DU message. Traceroute traces the route or path taken from a client to a remote host. Traceroute also reports the IP addresses of the routers at each next hop on the way to the destination. This is especially useful when you suspect that a router on the route to an unreachable network is responsible for dropping the packet.
ARP, RARP, and Proxy ARP
The Address Resolution Protocol (ARP), Reverse Address Resolution Protocol (RARP), and Proxy Address Resolution Protocol (Proxy ARP) are all protocols used at the TCP/IP model’s Internet layer.
ARP maps a known IP address to a MAC address by sending a broadcast ARP. When the destination IP address is on another subnet, the sender broadcasts ARP for the router’s ethernet port or default gateway, so the MAC address sent back is that of the router’s ethernet port.
RARP maps a known MAC address to an IP address. Proxy ARP enables a router to respond to an ARP request that has been sent to a remote host. Some Unix machines (especially Solaris) rely on Proxy ARP versus default gateways.
Network Interface Layer
This layer corresponds with the Data Link and Physical layers of the OSI model. As mentioned
earlier in the chapter, this layer manages hardware addressing and physical data transfer.