DAN - Networking Protocols (Lesson)

Networking Protocols

Introduction

In this lesson, you will learn about the rules used to deliver packets across networks. You will also learn the differences between TCP and UDP transport protocols and examine how TCP uses the three way handshake.

TCP/IP Suite

In a previous lesson, we established that there are rules for delivering packets in a network and these rules govern how data will be transmitted. These rules are called protocols and the largest and most important set of protocols is the TCP/IP suite. The protocols are in a suite because they have been standardized to work efficiently together.

TCP/IP is a set of over 100 protocols that determine the rules for how a TYPE of data will be exchanged between two computers. It is named after TCP and IP which are the main protocols that do most of the heavy lifting in network communications.

TCP/IP was created by the Defense Department as part of the ARPANET project which went on to become the Internet. It is now the basis for transmitting all the different types of data used in networks. Email, file transfers, streaming video – you name it, it is probably using TCP/IP as the primary protocol.

Protocols and Ports

When a packet is sent out, it includes not only the destination IP address but also a port number. Each port number accepts a different kind of data. Most protocols are associated with a specific port number.  The port number indicates to the computer which application should handle the incoming data. Ports are like doors – they are openings to handle a specific type of packet. 

Example: A web browser uses the HTTP protocol which usually uses Port 80. This port is not mandatory but a website that is NOT listening on Port 80 will have to let each user know the custom port that is being used.

Here is an analogy to clarify this concept:

Let’s say I send you to get some markers from the school marker supply store. I will give you these instructions: “Go to Building 3 and knock on the door of Room 243.” The IP address is Building 3 and the port number is Room 243. Room 243 door only handles requests for markers, so you will get exactly what is needed if you follow my instructions.

Firewalls are often set to reject packets on certain ports. For example, if you are not running a website in your network, then you would close port 80 as there is no reason for anyone to be coming into the network through that port. 

Reflection Activity: What are firewalls? We learned about them in a previous lesson.

Physical vs Virtual Ports

Let’s straighten out the difference between physical ports and virtual ports. There are physical ports on devices that we can use to plug in things like Ethernet cables, flash drives, monitors, printers, etc.  But the ports assigned to protocols are virtual ports, which means they exist only in software code.  

Physical Ports: Ports that are used to connect your device to the network are called physical ports.

Virtual Ports: A number is assigned to a specific pathway of communication. Virtual ports allow client computers to connect to a server using the port assigned to that service. Virtual ports help manage network traffic by using assigned port numbers, from 0 through 65535.

Commonly Used Protocols and Ports

Here are the ports for some commonly used protocols. 

Ports for some commonly used protocols.

Since protocols and ports are used to deliver network data, these are key features in any hacking attempt. For example, FTP servers are known to have low security, so many hackers will try to use FTP or port 20 or 21 to break into a network. Alternatively, everyone should know by now that if you are using your credit card on a web page, you should check to see if it is using the https protocol as this is highly secure, right?

Transmission Control Protocol (TCP) vs User Datagram Protocol (UDP)

The user or computer decides what application to use for the data, such as email, file transfer, web, name, resolution, etc. Then the packet must use one of two carrier protocols, either TCP or UDP. These are sort of the mules of networking – they both will make sure there is a connection and they will both carry the data to the destination. However, they have very different ways of performing this job. 

Transmission Control Protocol (TCP) is connection-oriented. It will keep a connection going the whole time so that it can check that every packet in the message is being received. 

TCP is reliable, keeps track of lost packets, and keeps track of packet order. However, it uses more CPU resources!

Here are some programs/services using TCP: email, web browsing, many computer games, etc.

To achieve that reliable packet delivery, TCP uses a special technique called the “Three Way Handshake” to get the connection started. 

TCP Three Way Handshake Diagram To establish a synchronized source-to-destination connection between two PCs.

Here are the steps:

  1. Sender requests a connection by sending a SYN (synchronization) packet.
  2. The receiver sends back two packets: one to acknowledge the request (ACK) and the second to give information about how I like to connect (SYN/ACK).
  3. The sender then sends a final acknowledgment to tell destination that “yes, we definitely have a connection – let’s start sharing data” (ACK). And now the data transfer begins!

User Datagram Protocol (UDP), on the other hand, does not keep a connection (connectionless). In fact, it doesn’t care at all if the message got there as it does not keep track of lost packets.

Computer: Did you get them all? Other Computer: I don't know and I don't care but I sent them faster!

It is a lot like tying the message to a rock and throwing it through the window.  Yes, the message went to the right place, but who knows if anyone got it or if it broke and lost some pieces. While UDP gets there fast (because it’s not constantly checking), it is completely unreliable!

Here are some programs/services using UDP: DHCP, IP telephony, DNS, music streaming, and many games.

The user does not get to choose whether the packet uses TCP or UDP – that is determined by the software application protocol. For example, HTTP is a connection-oriented protocol so it uses TCP. That means that if part of the website you are trying to browse is not getting to your computer, then there will be error messages, so that the missing packets can be resent. On the other hand, UDP is a connectionless protocol that is meant for speedy transfer of files without caring if there are errors.

Reflection and Wrap-up

In this lesson, you have learned about the essential components and functions of networking protocols within the TCP/IP suite, which forms the backbone of Internet and network communications. We explored how TCP/IP, developed for ARPANET, now underpins virtually all types of data exchange over networks, from sending emails to streaming your favorite shows. The concept of protocols and ports was explained, highlighting how each port number is tied to specific kinds of data, facilitating targeted communication to the appropriate applications. We delved into the differences between physical and virtual ports, emphasizing the role of virtual ports in managing network traffic through software. The lesson also contrasted the Transmission Control Protocol (TCP) with the User Datagram Protocol (UDP), illustrating TCP's reliability and connection-oriented nature through the three-way handshake mechanism, against UDP's connectionless and faster, albeit less reliable, data transmission approach. Understanding these protocols and their operational nuances is crucial for effective network communication and cybersecurity.

[CC BY-NC-SA 4.0 Links to an external site.] UNLESS OTHERWISE NOTED | IMAGES: LICENSED AND USED ACCORDING TO TERMS OF SUBSCRIPTION - INTENDED ONLY FOR USE WITHIN LESSON.