Bookmark and Share

Front Back
Layer 7: Application
represents the various network applications such as e-mail reader and Web browser. It is important to distinguish between Layer 7 protocols and Layer 7 software applications. For example, you use Web-browsing software to view Website pages that are transferred to your computer using the Hypertext Transfer Protocol (HTTP). Web pages are coded in Hypertext Markup Language(HTML) text format. The Web browser is a Layer 7 network application. The HTTP protocol is a Layer 7 protocol.
Simple Mail Transfer Protocol is used to transfer, edit, and
display e-mail messages.
Layer 7
Hypertext Transfer Protocol is used to transfer text in HTML
format from one host to another. HTML is the Hypertext Markup
Language that marks up text with hyperlinks to allow jumping from one
text document to another. The Web is based on HTTP and HTML.  Layer 7
✦ FTP:
File Transfer Protocol is used to transfer files between hosts.

Layer 7
✦ NFS:
Network File System is used to share file systems over the network.

Layer 7
Simple Network Management Protocol is used to provide a
distributed network management framework to monitor and manage
host and network devices over the network.Layer 7
✦ DNS:
Domain Name System is a protocol that helps keep track of host
names and logical (IP) addresses in a network. Layer 7
Dynamic Host Configuration Protocol is used to assign dynamic
logical addresses (IP addresses) to hosts in a network. Layer 7
E-mail application:
TCP/IP software applications at Layer 7

E-mail applications typically use
SMTP to send and receive e-mails to and from remote hosts.  In layer 7 and layer 6, using Multipurpose Internet Mail Extensions
(MIME) protocol to convert audio, video, picture, graphical, and even
software application contents in e-mail messages into a format that can be displayed, rendered, or played on the receiving host.
Web browser:
TCP/IP software applications at Layer 7

Web browsers use
HTTP to transfer Web pages to and from your computer. Web browsers
also work at the presentation layer because they need to convert and
render non-HTML format that may be embedded in an HTML Web page
Layer 6: Presentation
The presentation layer is mostly concerned with data format. It converts the
data between different formats so that both the sender and the receiver can
use heterogeneous data
Multipurpose Internet Mail Extensions are used to allow e-mail
applications to convert e-mail message contents other than text into a data format that is supported on the receiving host. MIME is also used to code nontext data into an outgoing mail message.
Unicode: Modern e-mail applications and Web browsers use Unicode at
the presentation layer to convert characters between the character set
of the sender and the character set of the receiver
Layer 5: Session
The session layer maintains a logical communication channel between a
network application running on the sending host and a network application running on the receiving host.  And authentication services. 
A protocol used to open login sessions on a computer host.

TCP/IP protocols are found at Layer 5

Remote-procedure call protocol is used to allow the execution of procedures (programs) on remote hosts.

TCP/IP protocols are found at Layer 5
The Internet small computer system interface protocol allows
you to send SCSI commands over a TCP/IP network. iSCSI is used to
interconnect specialized storage devices and computer hosts using a
TCP/IP network.

TCP/IP protocols are found at Layer 5
Layer 4: Transport
The transport layer slices up the data to be transmitted into small chunks
called data segments that can be easily sent over the network medium.

The transport layer on
the receiving host reorders the data segments.

The transport layer also
provides some error-detection mechanisms.

It also insulates the upper
layers from network implementation details below, by providing a generic
data transfer protocol to upper layers, no matter how the network is
implemented underneath.
User Datagram
Protocol is a connectionless transport protocol
Transmission Control Protocol (TCP) is a connection oriented
transport protocol.
creating a logical connection
between the sending and the receiving hosts, and an exchange of acknowledgments
between the hosts
Flow control
involves the sender and the receiver coordinating to sustain an optimal data transfer flow: As the receiver processes the data segments, it acknowledges reception to the sender. The sender then sends more
three-way handshake,
1. The host that initiates the network communication sends a Yvonne “Synchronize” (SYN) message to the receiving host to notify it that it wants to establish a TCP connection. This message contains, among other things, the sender starting sequence number for the TCP transmission. 2. The starting sequence number is the sequence number of the first Yvonne segment to transfer from sender to receiver. The sending and the receiving host then negotiate connection parameters. 3. The receiving host replies with a TCP “Synchronize” (SYN) message that contains the receiver starting sequence number. This message also sends an acknowledgment (ACK) to the sending host, indicating that the receiving host did receive the first TCP “Synchronize” message. 4. The sending host sends back an acknowledgment (ACK) to the receiving host to let it know that it did receive the receiver starting sequence number and that it is ready to send. At this point, the bidirectional TCP connection is established. Yvonne connections are bidirectional, because both hosts send SYN and Ack messages to each other to synchronize and guarantee a reliable data transfer.
also used to determine the order of the data segments. Data
segments need to be reassembled in the correct order when they arrive
at the destination on the receiving host, because they can get there in any
order, depending on network conditions. TCP on the receiving host uses
the sequence number of each data segment to determine its order during
positive acknowledgment and retransmission

1. Sending host starts a timer when it sends a segment. The sending host
retransmits the segment if it does not receive a reception acknowledgment
after a certain timeout period.
2. Sending host keeps track of the sequence number of each segment it
transmits and expects reception acknowledgments for each one of them.
3. Receiving host sends acknowledgments back to the sending host for
each segment it receives. The acknowledgment contains the sequence
number of the next segment expected by the receiving host.
TCP sliding window
enables hosts to send data segments instead of waiting for acknowledgments before sending the next segment. The TCP sliding window specifies how many segments can be sent before waiting for
TCP connection-oriented data transfer
✦ Performing a three-way handshake to set up the connection, also called
a virtual circuit
✦ Using sequencing to identify each data segment and its order
✦ Using acknowledgments to guarantee data delivery
✦ Using bidirectional flow control to coordinate the sending and receiving
of segments for optimal data transfer
UDP does not add flow control overhead because
✦ UDP is connectionless, so there’s no need to send segments to do a
three-way handshake to establish a connection.
✦ UDP makes no use of sequencing.
✦ UDP does not send acknowledgments.
✦ UDP does not guarantee reception of data segments.

DNS lookups and TFTP transfers
TCP/IP port
allow the sending application to connect to the receiving application

even if you run multiple network applications on the same host, as
long as each network application has its own TCP/IP port, a TCP or UDP data
transmission can be accomplished.
Port Number Ranges
✦ 0–1023: Well-known TCP/IP ports. These ports are reserved for standard
TCP/IP network applications and protocols.
✦ 1024–49151: Registered TCP/IP ports. These ports are reserved for
applications that are registered by various corporations. However, many
companies today are using the private TCP/IP ports range instead.
✦ 49152–65535: Private TCP/IP ports. These ports are available for anyone
to use. Companies that write network applications typically allow the
users to configure the TCP/IP ports manually in this port number range.
This is a flexible and reliable solution for most network applications.
Layer 3: Network
choosing the best route to send packets between hosts called routing

assigns logical addresses (IP addresses) to all
devices in the network to be able to identify each source host, each destination
host, and each network through which packets need to be routed
TCP/IP protocols at Layer 3

Internet Protocol is used to deliver data packets over a packetswitched
network from a source host to a destination host based on
their respective IP addresses. IP comes in two versions: IP version 4
(IPv4) and IP version 6 (IPv6). IPv4 is currently the most widely used
Internet Control Message Protocol is used to send error and
status messages about network operations and available services,
mostly by host and network devices. he most typical use of ICMP is the
ping command, which allows you to verify whether a host or network
device is reachable over the IP network from another host or network device.
Internet Protocol Security is used to secure IP data packet deliveries
If the receiving computer host is not in the same network as the sender,
the packet is handed off to a gateway to be routed outside the network.
A gateway is a router that links a network to another network.

The gateway looks at the logical address (IP address) of the receiving
computer host and determines in which network it is located (on which
✦ If the gateway knows about the network of the receiving computer host
(it knows the street; it’s in the same city), it sends the data packet to
that network.
✦ If the gateway does not know the destination network, it hands the
packet to the higher-up gateway.
routing table
How does the router know where to send the data packet? Routers keep a
routing table in memory. Routing tables keep track of the following:
✦ Each network known
✦ Router interface through which each network can be reached
✦ Metrics associated with each route
Routed protocols
protocols operate at the network layer

route data packets. For example, IP (IPv4) is a routed protocol, and so are IPv6, AppleTalk, IPX, and SNA.
Routing protocols
protocols operate at the network layer

used to send route update packets.

Route update
packets carry information about new networks and new routes. Routers
send each other route update packets whenever a new network is created
or a new route is enabled.
Layer 2: Data Link
transmits data on a physical medium

This layer also
routes data locally to the next hop on the physical network medium

uses physical addresses (MAC addresses)

Media Access Control

MAC addresses uniquely identify a specific network
device, such as a switch or a router, or a network interface card (NIC) in a
computer host device.
data frame
The data link layer receives each packet from the network layer on the sending
host and wraps it up in a data frame along with local routing data. The data
frame is sent down to the physical layer to code an electrical or optical
signal to transmit it over a wire, or over the air
TCP/IP protocols at Layer 2

Address Resolution Protocol is used to resolve (find) the physical (MAC) address of a host or network device, when only its logical (IP) address is known.
TCP/IP protocols at Layer 2

Reverse Address Resolution Protocol is used to resolve (find) the
logical (IP) address of a host or network device, when only its physical
(MAC) address is known
TCP/IP protocols at Layer 2

Carrier sense multiple access collision detect protocol is
used to allow the host and network device to share the bandwidth of a
given interconnection medium
Layer 1: Physical
provides the electrical, optical, or over-the-air connection
between the sending host device and the receiving host device.
x of y cards