Introduction to Internet Protocol Suite

The internet protocol suite is a set of communication protocols most commonly known as the TCP/IP. It is the most widely used network protocol in the internet today. The TCP and IP is the two most important member of the family thus the name was derived from. Protocol in its simplest form is the rules in communication. It describes how network devices should communicate to each other by following well defined rules.

Like the OSI, the Internet Protocols Suite or TCP/IP suite are defined in layers. The four layers are:

Application Layer –This includes all the high-level application protocols and corresponds to the last three layer of the OSI model (Application, Presentation and Session layer). One example of application protocols are the FTP for high speed data/file transfer.

Transport Layer –corresponds to the transport layer of the OSI model. It provides end to end delivery of data from an application to another. This layer can be connection-oriented as the case of TCP or connectionless as the case of UDP. The TCP or Transmission Control Protocol provides reliable delivery of data, sequencing, flow control, acknowledgement and re-transmission of packets. On the other hand, the UDP or User Datagram Protocol provides unreliable delivery of data; packets are not numbered in sequence and no data recovery. However, UDP is a lightweight protocol and is faster than the TCP because of some overhead being not available.

Internetwork Layer – This layer corresponds to the network layer of the OSI model. It provides virtual transmission of packets on the internetwork including handling of routes. All network devices in the network communicate by assigning an IP address to each device. IP stands for Internet Protocol and is the main protocol use by this layer. Like the Transport Layer UDP, IP is a connectionless protocol which doesn’t provide error recovery and flow control. All these mechanism must be provided by the higher layer protocols.

Link Layer – This layer corresponds to the Data Link and Physical Layer of the OSI model. Its main function relates to hardware addressing mechanism and how the data is being transmitted over the network medium.


TCP/IP Application, Services and Common Ports

FTP – File Transfer Protocol is used for high speed transfer of files over the network. This the most favorite method of transferring files over the internet. FTP server located remotely must be configured to accept incoming traffic from FTP client programs. Authentication is also needed for successful connection. Some server provides Anonymous connection and uses email as password. However, this method is setup by administrators for limited access. FTP listens to TCP port 21.

SSH – Secure Shell provides superiority to Telnet. This network protocol was primarily designed to replace Telnet by connecting to remote devices using a secure channel. While Telnet send all data in plaintext, SSH sends information in encrypted form protecting data from prying eyes. SSH server uses TCP port 22.

Telnet – A telnet is a terminal emulation program use to connect to remote devices and use its resources. This method of remote connection has been used for long time until now. From the remote device, a client can use the program which refers as the Telnet Client to connect to the Telnet server. Cisco router and switches uses telnet to configure remote devices. Telnet uses TCP port 23.

SMTP – Simple Mail Transfer Protocol is the protocol for sending email. You will likely to encounter this protocol when configuring your email client such as Microsoft Outlook or Outlook Express. The SMTP server address is normally provided by your Internet Service Provider (ISP). While SMTP is used to send email, POP3 (Post Office Protocol) is the most common protocol for receiving mail. SMTP uses TCP port 25.


Without the DNS, you need to memorize all the IP addresses of every website that you want to visit. Thanks to DNS, you don’t need to. DNS uses TCP/UDP port 53.

TFTP – Trivial File Transfer Protocol is the express version of FTP. It is use in basic file transfer if authentication and encryption is not an issue. A Cisco router uses TFTP to perform IOS backup and upgrade. TFTP uses UDP port 69.

HTTP – Hypertext Transfer Protocol is the language of the internet. It describes the rules of transferring HTML documents which may contains graphics, text, documents, audio and video. HTTP uses TCP port 80 by default.

SNMP – Simple Network Management Protocol is use in managing the network system. It provides the ability to monitor network device status and functionalities by polling object variables. These objects can be seen in the Management Information Base or MIB which describes the collection of objects in hierarchical order. Agent software in the managed device reports back the status of the polled object. By using SNMP, Network Engineers or Administrators can monitor performance of the network and helps in troubleshooting networks issues. SNMP uses UDP port 161.

HTTPS – is an acronym for Hypertext Transfer Protocol over SSL. Some also referred to this as Secured Http. It was taken from HTTP and combined with encrypted secured socket layer or SSL. The SSL encryption is used to secure information sent in the internet. HTTPS uses TCP port 443.

DHCP – Dynamic Host Configuration Protocol enables the assigning of IP network parameters to its connected clients dynamically. These parameters include but not limited to IP address, Subnet Masks, DNS address, Gateways etc. A dedicated DHCP server is configured with pool of addresses to be assigned to client requesting for IP parameters. This provides flexibility when additional nodes need to be added in the network.

ARP /RARP– Before communication between network hosts takes place, the Physical address of each other must be known. This is the job of the Address Resolution Protocol or ARP. It maps the Hardware Physical Address or MAC address when the IP address is known. An ARP request is broadcast to all hosts and the receiving host with matching IP address will then reply with its MAC address. On the other hand Reverse ARP is the opposite of ARP. It is used to map IP address when the Physical address is only known.