Contents
  1. Layer Responsibilities Recap
  2. Encapsulation
  3. TCP vs UDP
  4. Port Numbers
  5. MAC Addresses
  6. TCP/IP in Practice
Contents
  1. Layer Responsibilities Recap
  2. Encapsulation
  3. TCP vs UDP
  4. Port Numbers
  5. MAC Addresses
  6. TCP/IP in Practice
← All posts

TCP/IP: Transport Layer, Encapsulation, and Port Addressing

The transport layer delivers data between processes on different hosts. TCP provides reliability. UDP provides speed. Encapsulation wraps data in headers at each layer as it moves down the stack.

Authored By: Sthitadhee July 16, 2024 · Updated July 16, 2024 2 min read · 489 words · high confidence

Layer Responsibilities Recap

Each OSI layer has a specific delivery goal:

LayerDelivery goalProtocol data unitAddressing
2 (Data Link)Hop-to-hop (NIC to NIC)FrameMAC address
3 (Network)End-to-end (host to host)PacketIP address
4 (Transport)Process-to-processSegment / DatagramPort number

Layer 2 uses MAC addresses (48-bit, hardware-assigned). Layer 3 uses IP addresses (32-bit for IPv4). Layer 4 uses port numbers (16-bit, 0-65535) to distinguish which process on a host should receive the data.

Encapsulation

As data moves down the stack on the sender side, each layer adds its own header (and sometimes trailer). This is encapsulation:

Application data
  → [L4 header | data]          = Segment (TCP) or Datagram (UDP)
  → [L3 header | segment]       = Packet
  → [L2 header | packet | FCS]  = Frame
  → bits on the wire            = Physical

On the receiver side, each layer strips its header and passes the payload up.

The frame includes source and destination MAC addresses. The packet includes source and destination IP addresses. The segment includes source and destination port numbers.

TCP vs UDP

PropertyTCPUDP
ConnectionConnection-oriented (3-way handshake)Connectionless
ReliabilityGuaranteed delivery, retransmissionNo guarantee
OrderingOrderedUnordered
Error checkingChecksum, acknowledgementsChecksum only
SpeedSlowerFaster
Use casesHTTP, SSH, FTP, emailDNS, video streaming, VoIP, gaming

TCP establishes a connection before data transfer (SYN, SYN-ACK, ACK). It tracks sequence numbers, acknowledges received segments, and retransmits lost ones. This adds latency but guarantees delivery.

UDP sends datagrams with no setup. The application is responsible for any reliability it needs. Appropriate when low latency matters more than guaranteed delivery.

Port Numbers

Port numbers are 16-bit integers (0-65535) that identify processes:

  • 0-1023: Well-known ports (require root on Unix). HTTP: 80, HTTPS: 443, SSH: 22, DNS: 53.
  • 1024-49151: Registered ports. Application-specific.
  • 49152-65535: Dynamic/ephemeral ports. Used by clients for outgoing connections.

A connection is uniquely identified by the 5-tuple: (source IP, source port, destination IP, destination port, protocol). Two clients connecting to the same server on port 443 have different source ports, so the server tracks them separately.

MAC Addresses

MAC addresses identify NICs (Network Interface Cards) at layer 2. They are 48 bits, written in hex: 94:45:9C:38:9A:E5.

MAC addresses are used for hop-to-hop delivery. At each router hop, the source and destination MAC addresses in the frame change to reflect the current link. The IP addresses in the packet remain constant end-to-end.

When a packet arrives at a router:

  1. The router strips the incoming frame (L2 header removed).
  2. It looks up the destination IP in its routing table.
  3. It creates a new frame with its own MAC as source and the next-hop’s MAC as destination.
  4. It forwards the new frame.

TCP/IP in Practice

A client connecting to a web server:

Client:  IP 192.168.1.10, ephemeral port 54321
Server:  IP 93.184.216.34, port 443 (HTTPS)

Frame:   src MAC (client NIC) → dst MAC (router)
Packet:  src IP 192.168.1.10 → dst IP 93.184.216.34
Segment: src port 54321 → dst port 443

At each hop across the internet, the frame changes. The packet does not.

← All posts