While the OSI model provides a conceptual framework, the Transmission Control Protocol/Internet Protocol (TCP/IP) model is the suite of protocols that underpins the internet and most modern networks. It is a more practical and implementation-focused model with fewer layers than the OSI model.
The TCP/IP Model Layers (Commonly Four)
There are typically four layers in the TCP/IP model:
- Link Layer (or Network Interface Layer): This layer corresponds roughly to the Physical and Data Link layers of the OSI model. It handles the physical transmission of data over the network medium and provides addressing and framing within the local network. Technologies like Ethernet and Wi-Fi operate at this layer.
- Internet Layer (or Network Layer): This layer is responsible for routing packets across networks. Its primary protocol is the Internet Protocol (IP), which provides logical addressing (IP addresses) and packet forwarding. Protocols like ICMP and ARP also reside at this layer.
- Transport Layer: Similar to the OSI Transport Layer, this layer provides end-to-end data transfer between applications. The two main protocols at this layer are:
- Transmission Control Protocol (TCP): A connection-oriented, reliable protocol that provides ordered delivery, error detection, and flow control.
- User Datagram Protocol (UDP): A connectionless, unreliable protocol that is faster but does not guarantee delivery or order.
- Application Layer: This layer encompasses the functions of the OSI Session, Presentation, and Application layers. It provides protocols that directly support end-user applications, such as HTTP for web browsing, SMTP for email, DNS for name resolution, and FTP for file transfer.
Key Concepts in TCP/IP:
- IP Addressing: A logical addressing scheme (IPv4 and IPv6) used to identify devices on a network.
- Subnetting: Dividing a network into smaller logical subnetworks to improve organization and efficiency.
- Routing: The process of determining the path that packets should take to reach their destination.
- TCP Reliability: Achieved through mechanisms like sequence numbers, acknowledgments, and retransmissions.
- Port Numbers: Used by TCP and UDP to identify specific applications or services running on a host.
- Sockets: A combination of an IP address and a port number that uniquely identifies a network connection endpoint.
Mapping OSI to TCP/IP
| OSI Model Layer | TCP/IP Model Layer |
|---|---|
| Application Layer | Application Layer |
| Presentation Layer | Application Layer |
| Session Layer | Application Layer |
| Transport Layer | Transport Layer |
| Network Layer | Internet Layer |
| Data Link Layer | Link Layer (Network Interface) |
| Physical Layer | Link Layer (Network Interface) |
Wireshark and TCP/IP:
Wireshark is heavily focused on analyzing protocols within the TCP/IP suite. It dissects packets at each layer of the TCP/IP model, allowing you to examine IP addresses, port numbers, TCP flags, UDP data, and the specific headers and data of various Application Layer protocols. Understanding the TCP/IP model is fundamental for navigating and interpreting the information presented by Wireshark.
