Protocols of the TCP/IP Protocol Suite
From Proprofs
You are here: Home > Schools > Comptia > Network+ Certification > Wiki Home >Study Guide
Contents |
[edit section] TCP/IP stack
The TCP/IP stack has more than just the TCP and IP protocols; in fact, it is home to the most pervasive and prevalent protocols that cover many layers of the OSI model. The Network+ exam will test you on your knowledge of the protocols of the TCP/IP stack (suite), including information on the layers and uses of the individual protocols. Below is a list of the exam-tested protocols, arranged by place in the OSI model.
[edit section] Data Link
Because no “protocols” operate at the Physical layer of the OSI model, we begin at the Data Link layer.
The ARP (Address Resolution) protocol operates at the Network layer and is used to translate logical IP addresses into Data Link (Physical) MAC (Media Access Control) addresses. It is basically the “translator” between Layers 2 and 3.
The RARP (Reverse ARP) is similar to the ARP protocol, but translates MAC addresses into IP addresses.
[edit section] Network
The ubiquitous IP protocol allows for much of the routing capabilities of the Internet; specifically, it allows for the connectionless transfer of packets. Most of the functionality concerning the IP protocol is actually centered on the concept of addressing, or assigning unique logical identifiers to nodes.
ICMP (Internet Control Message Protocol) Is a connectionless protocolthat allows you to use functions such as ping to check if a route is available to a certain network node. More generally, ICMP is used to manage control messages.
IGMP (Internet Group Management Protocol) is used to add, delete, and modify members of “multicast” groups. A multicast is a packet sent to more than one user but not all users – distinguished, of course, from the broadcast, which is a message to all users.
The RIP (Routing Information Protocol) allows for the routing of internal (and also some Internet) traffic and adapting to changes in network structure.
[edit section] Transport
TCP (Transmission Control Protocol) is the connection-oriented protocol that allows for reliable data transfer and receipt of delivery between two network nodes. One of the unique features of TCP is the concept of a port, or an opening into a node in which data is sent and/or received. Higher-level protocols (especially Application layer protocols) depend on TCP ports to allow outside nodes to communicate with specific services.A port number is always between 1 and 65536, inclusive.
UDP(User Datagram Protocol) is the connectionless equivalent of TCP. In a Connectionless protocol, a session is not created before sending the data, therefore, there is no guarantee of data delivery.
UDP is usually seen as an unreliable protocol because of this but does facilitate several higher-level protocols and also utilizes the 1-65536 port system. Make sure you understand that there is a distinction then between TCP and UDP ports – namely, the protocol employed.
[edit section] Application
The Network+ exam will not test you very much on the individual application layer protocols, but you will need to know simple information such as their purpose and port number. Remember that when it is said that a service operates on a certain port, it doesn’t mean that the service cannot operate on a different port; it just means that is the default.
HTTP (Hypertext Transfer Protocol) is the protocol that facilitates transfer of data via the “world wide web.” Typically, data is transferred in the form of pages, or HTML markup. HTTP operates on TCP 80.
HTTPS (Secure HTTP) uses TCP 443 to securely transfer HTTP data via SSL, or Secure Socket Layer. Sites that require increased security, such as an online merchant, use HTTPS to protect user information. (Note: TLS is the newer SSL)
FTP (File Transfer Protocol) operates on TCP ports 20(data) / 21(transmission control). It is used in simple file transfers from one node to another without any security (transferred in cleartext).
SFTP (Secure FTP) is a version of FTP that uses SSH to transfer data securely, thus using whichever port SSH uses. Port 22 for those who can't figure it out.
TFTP (Trivial FTP) is a UDP version of FTP that utilizes UDP port 69. It is called “trivial” because it is relatively unreliable and inefficient and so is more often used for inter-network communication (along routers) than in real node-to-node file transfers.
Telnet (Telecommunications Network) is used to remotely connect to a node. All communications with telnet are in cleartext (even the password for authentication) and should not be used in sensitive situations. It is called terminal emulation software because the remote terminal is available upon connection. Telnet operates on TCP 23.
SSH (Secure Shell) is a secure replacement of Telnet. Telnet transfers information in plain or clear text, but SSH allows terminal emulation in cipher text, which equates to enhanced and increased security. SSH operates on TCP 22.
NNTP (Network News Transfer Protocol) is a protocol used by client and server software to carry USENET (newsgroup) postings back and forth over a TCP/IP network. NNTP operates on TCP port 119.
LDAP (Lightweight Directory Access Protocol) is a “Directory Services” protocol that basically allows a server to act as a central directory for client nodes. A famous implementation of LDAP is Microsoft’s Active Directory (Domain). LDAP operates on TCP and UDP 389.
NTP (Network Time Protocol) allows for synchronizing network time with a server. NTP operates on UDP 123.
POP3 (Post Office Protocol) is the mailbox protocol of the Internet and allows users to download mail from a mail server. The server will hold onto your mail until you access it. Once you try to access it, your client software will download all of your incoming mail and wipe it from the server. POP3 operates on TCP 110.
IMAP4 (The Internet Message Access Protocol) is a slightly better version of the mailbox protocol. IMAP4 allows for server-based repositories of sent mail and other specialized folders. Basically, when using IMAP4 instead of POP3 as your incoming mail protocol, you download very minimal information to your local machine and when you want to access actual incoming mail, you are pulling this directly from the mail server. This allows you to access your mail from virtually anywhere (like yahoo mail). IMAP4 operates on TCP 143.
SMTP (Simple Mail Transfer Protocol) is the “postman” of the Internet. It allows for mail to be sent. You would use this in conjunction with POP3 or IMAP4 to be able to send/receive mail. If you do not define SMTP (usually is, though), you will only be able to receive mail. SMTP operates on TCP 25.
DNS(Domain Name System) Resolves easy to read domain names such as google.com into computer readable IP addresses such as 72.14.204.147 DNS operates on UDP 53
SNMP (Simple Network Management Protocol) A protocol for managing devices on IP networks, such as modems, switches, routers, or printers.Works on UDP 161
Top 5 Contributors to this article
|
|||||||||||||
