Basic Knowledge of TCP/IP – Part 2

IP address types

IP addresses are divided into three types, based on their operational characteristics:

1. unicast IP addresses – an address of a single interface. The IP addresses of this type are used for one-to-one communication. Unicast IP addresses are used to direct packets to a specific host. Here is an example:

unicast ip address example

In the picture above you can see that the host wants to communicate with the server. It uses the IP address of the server ( to do so.

2. multicast IP addresses – used for one-to-many communication. Multicast messages are sent to IP multicast group addresses. Routers forward copies of the packet out to every interface that has hosts subscribed to that group address. Only the hosts that need to receive the message will process the packets. All other hosts on the LAN will disard them. Here is an example:

multicast ip address example

R1 has sent a multicast packet destined for This is an RIPv2 packet, and only routers on the network should read it. R2 will receive the packet and read it. All other hosts on the LAN will discard the packet.

3. broadcast IP addresses – used to send data to all possible destinations in the broadcast domain (the one-to-everybody communication). The broadcast address for a network has all host bits on. For example, for the network192.168.30.0 the broadcast address would be Also, the IP address of all 1’s ( can be used for local broadcast. Here’s an example:

broadcast ip address example

R1 has sent a broadcast packet to the broadcast IP address All hosts in the same broadcast domain will receive and process the packet.

Transmission Control Protocol (TCP) explained

One of the main protocols in the TCP/IP suite is Transmission Control Protocol (TCP). This protocol provides reliable and ordered delivery of data between applications running on hosts on a TCP/IP network. Because of its reliable nature, TCP is used by applications that require high reliability, such as FTP, SSH, SMTP, HTTP, etc.

TCP is connection-oriented, which means that, before data are sent, a connection between two hosts must be established. The process used to establish a TCP connection is known as the three-way handshake. After the connection has been established, the data transfer phase begins. After the data is transmitted, the connection is terminated.

One other notable characteristic of TCP is its reliable delivery. TCP uses sequence numbers to identify the order of the bytes sent from each computer so that the data can be reconstructed in order. If any data is lost during the transmission, the sender can retransmit the data.

Because of all of its characteristics, TCP is considered to be complicated and costly in terms of network usage. The TCP header is up to 24 bytes long and consists of the following fields:

tcp header

  • source port – the port number of the application on the host sending the data
  • destination port – the port number of the application on the host receiving the data
  • sequence number – used to identify each byte of data
  • acknowledgment number – the next sequence number that the receiver is expecting
  • header length – the size of the TCP header
  • reserved – always set to 0
  • flags – used to set up and terminate a session
  • window – the window size the sender is willing to accept
  • checksum – used for error-checking of the header and data
  • urgent – indicates the offset from the current sequence number, where the segment of non-urgent data begins
  • options – various TCP options, such as Maximum Segment Size (MSS) or Window Scaling
TCP is a Transport layer protocol (Layer 4 of the OSI model).

User Datagram Protocol (UDP) explained

One other important protocol in the TCP/IP site is User Datagram Protocol (UDP). This protocol is basically a scaled-down version of TCP. Just like TCP, this protocol provides delivery of data between applications running on hosts on a TCP/IP network, but it does not sequence the data and does not care about the order in which the segments arrive at the destination. Because of this it is considered to be an unreliable protocol. UDP is also considered to be a connectionless protocol, since no virtual circuit is established between two endpoints before the data transfer takes place.

Because it does not provide many features that TCP does, UDP uses much less network resources than TCP. UDP is commonly used with two types of applications:

  • applications that are tolerant of the lost dataVoIP (Voice over IP) uses UDP because if a voice packet is lost, by the time the packet would be retransmitted, too much delay would have occurred, and the voice would be unintelligible.
  • applications that have some application mechanism to recover lost dataNetwork File System (NFS)performs recovery with application layer code, so UDP is used as a transport-layer protocol.

The UDP header is 8 bytes long and consists of the following fields:

udp header


Here is a description of each field:

  • source port – the port number of the application on the host sending the data.
  • destination port – the port number of the application on the host receiving the data.
  • length – the length of the UDP header and data.
  • checksum – checksum of both the UDP header and UDP data fields.
UDP is a Transport layer protocol (Layer 4 of the OSI model).

TCP and UDP ports

A port is a 16-bit number used to identify specific applications and services. TCP and UDP specify the source and destination port numbers in their packet headers and that information, along with the source and destination IP addresses and the transport protocol (TCP or UDP), enables applications running on hosts on a TCP/IP network to communicate.

Applications that provide a service (such as FTP or and HTTP servers) open a port on the local computer and listen for connection requests. A client can request the service by pointing the request to the application’s IP address and port. A client can use any locally unused port number for communication. Consider the following example:

how ports work

In the picture above you can see that a host with an IP address of wants to communicate with the FTP server. Because FTP servers use, by default, the well-known port 21, the host generates the request and sends it to the FTP server’s IP address and port. The host use the locally unused port of 1200 for communication. The FTP server receives the request, generates the response,and sends it to the host’s IP address and port.

Port numbers are from 0 to 65535. The first 1024 ports are reserved for use by certain privileged services:

list of tcp udp ports

The combination of an IP address and a port number is called a socket. In our example the socket would be

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.