Chapter 4
Describe TCP and UDP
This chapter ensures that you are ready for questions related to these topics in the Network Fundamentals section of the CCNA 200-301 exam blueprint from Cisco Systems. Remember that this is just a portion of the Network Fundamentals section. The other chapters in Part I, “Network Fundamentals,” also provide information pertinent to the Network Fundamentals section.
This chapter covers the following essential terms and components:
▸ The Open Systems Interconnection (OSI) model
▸ The Transmission Control Protocol/Internet Protocol (TCP/IP) model
▸ Transmission Control Protocol (TCP)
▸ User Datagram Protocol (UDP)
Topic: Compare and contrast the OSI and TCP/IP models
CramSaver
If you can correctly answer these CramSaver questions, save time by skimming the ExamAlerts in this section and then completing the CramQuiz at the end of this section and the Review Questions at the end of the chapter. If you are in doubt at all, read everything in this chapter!
1. Fill in the missing levels of the OSI model, from top to bottom.
Application
_________
_________
_________
_________
_________
_________
2. Name the four layers of the TCP/IP model, from top to bottom.
_________
_________
_________
_________
3. Name the PDUs of the bottom four layers of the OSI model, from top to bottom.
_________
_________
_________
_________
4. What protocol maps Layer 3 addresses to Layer 2 addresses in Ethernet local-area networks (LANs)?
_________
5. What two layers of the OSI model are associated with the network interface layer of the TCP/IP model?
_________
_________
Figure 4.1 shows the classic OSI and TCP/IP models for networking. Notice how the layers between the two models compare.
Figure 4.1 The OSI and TCP/IP Models
ExamAlert
You might be wondering why this chapter presents the OSI and TCP/IP models when the CCNA 200-301 exam blueprint from Cisco Systems does not explicitly include these topics. This text follows the approach of almost all the other books in the industry on the latest CCNA exam and includes this coverage because it is very valuable and is basically assumed knowledge at this point.
To remember the layers of the OSI model in a top-down fashion, use the mnemonic device All People Seem To Need Data Processing. From the bottom up, the popular memory tool is Please Do Not Throw Sausage Pizza Away. (Since pizza is my favorite food, this is the one I use!) Here is a recap of the major functions of the layers of the OSI model, starting from the lowest layer and climbing up:
▸ Physical (Layer 1): Defines the electrical and physical specifications.
▸ Data Link (Layer 2): Detects and, when possible, corrects errors found at the physical layer; defines the Layer 2 protocols to establish and terminate a connection between two physically connected devices.
▸ Network (Layer 3): Provides for logical network addressing. Address Resolution Protocol (ARP) is used to resolve Layer 3 network IP addresses to Layer 2 MAC addresses on Ethernet LANs.
▸ Transport (Layer 4): This layer optionally (potentially) implements/offers reliability of communications through acknowledgments and optionally implements flow control mechanisms on end hosts. Important examples of protocols used at this layer are Transmission Control Protocol (TCP) for reliable delivery and User Datagram Protocol (UDP) for unreliable delivery.
ExamAlert
To establish a TCP connection before the transmission of data, TCP uses a three-way handshake. This process is as follows:
SYN: The client sends a SYN to the server.
SYN-ACK: In response, the server replies with a SYN-ACK.
ACK: Finally, the client sends an ACK back to the server.
At this point, the client and server have both received acknowledgments from each other regarding the connection.
▸ Session (Layer 5): This layer controls the logical connections between two systems; it establishes, manages, and terminates the connections between the local and remote systems. The functions of the session layer are implemented by TCP in the TCP/IP stack.
▸ Presentation (Layer 6): This layer is sometimes called the syntax layer because it ensures that network formats are converted in such a way that the application layer can understand them.
▸ Application (Layer 7): This layer provides services for end-user applications so that communication with another application across the network is possible.
Note
Network engineers mostly deal with the bottom four layers intensely. As a result, you often hear them discussed as simply Layers 1 through 4. For example, you might simply say “Layer 2” instead of “the data link layer.”
The data and header information (protocol data units [PDUs]) that are built at each of the bottom four layers of the OSI model have special names. Figure 4.2 shows the specific PDU names for each layer.
Figure 4.2 The PDUs of the Bottom Four Layers of the OSI Model
ExamAlert
Be prepared to be tested on the PDU names for the bottom four layers of the OSI model. An easy way to remember them is by using the memory tool Some People Fear Birthdays. By the way, we tend to reference the information above Layer 4 as simply data.
Another important skill is identifying the sample technologies we work with every day and at what layer of the OSI model they exist. Table 4.1 provides important sample information in this regard.
Table 4.1 Protocols at Various Layers
Layer |
Protocol Examples |
|---|---|
Application |
FTP, HTTP, SMTP |
Presentation |
JPEG, MPEG |
Session |
NetBIOS, PPTP |
Transport |
TCP, UDP |
Network |
IP, ICMP |
Data link |
PPP, ATM |
Physical |
Ethernet, USB |
Note that protocols rarely implement all of the functions that a layer defines, and they often implement functions of several layers.
CramQuiz
1. What protocol does a host use to discover the L2 address of the next device in the path toward a remote destination?
A. TCP
B. UDP
C. ICMP
D. ARP
2. What layer of the OSI model corresponds to the transport layer of the TCP/IP model?
A. Network
B. Transport
C. Session
D. Presentation
CramQuiz Answers
1. D is correct. Neighbor solicitation is the job of ARP in IPv4 networks and ICMPv6 in IPv6 networks.
2. B is correct. The transport layer of the TCP/IP model corresponds directly with the transport layer of the OSI model.
Topic: Compare and contrast TCP and UDP
CramSaver
1. Name at least four key characteristics of UDP.
_________
_________
_________
_________
2. Name at least four key characteristics of TCP.
_________
_________
_________
_________
Answers
1.
UDP is connectionless.
UDP has very little overhead.
UDP is often used for voice and video traffic.
UDP can multiplex using port numbers to work with multiple applications.
2.
TCP is connection oriented.
TCP has more overhead than UDP.
TCP uses features like sequencing and acknowledgments to ensure reliable and ordered delivery of segments and implements end-to-end flow control to maximize throughput over an unreliable and dynamic network without overwhelming the receivers with data they cannot process.
TCP can multiplex using port numbers to work with multiple applications.
Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) are both protocols that operate at the transport layer (Layer 4). TCP is used for reliable, connection-oriented communications, whereas UDP is used for connectionless transport. It might seem as if you would never want to send information in an unreliable manner using UDP, but keep in mind that TCP adds overhead and some inefficiencies to the process. Therefore, UDP is often used for things like voice and video communications, where minimization of delay of packets is key and worth the sacrifice of reliability mechanisms. In fact, sometimes applications use UDP and then use their own application layer mechanisms for reliability. For example, whenever possible, Chrome uses QUIC.
ExamAlert
Remember that not all traffic relies on TCP or UDP at the transport layer. Forms of traffic that do not use TCP or UDP typically have their own protocol identifiers. Here is a list of examples of protocol identifiers from the IP header:
1—ICMP
6—TCP
17—UDP
88—EIGRP
89—OSPF
Table 4.2 Applications That Rely on TCP and on UDP
TCP |
UDP |
|---|---|
HTTP |
DHCP |
FTP |
RIP |
Telnet |
SNMP |
SSH |
TFTP |
SMTP |
DNS* |
Multicast applications |
* DNS also uses TCP in some instances, such as with a DNS zone transfer, but DNS mainly considered a UDP example.
TCP and UDP can both multiplex using port numbers to work with multiple applications. For example, DHCP uses UDP ports 67 and 68, RIP uses UDP port 520, and HTTP uses TCP port 80. The overhead of TCP is due to its use of reliable delivery. For example, TCP enables the following:
▸ Error recovery
▸ Flow control using windowing
▸ Connection establishment and termination
▸ Ordered data transfer
▸ Data segmentation
ExamAlert
You never know when Cisco might need you to prove that you know a TCP or UDP port number. This might even come up in a sneaky way on the CCNA 200-301 exam, such as a requirement to build a firewall statement. I encourage you to make flash cards to learn the following well-known ports:
Port Number |
TCP or UDP? |
Protocol |
|---|---|---|
20 |
TCP |
FTP data |
21 |
TCP |
FTP control |
22 |
TCP |
SSH |
23 |
TCP |
Telnet |
25 |
TCP |
SMTP |
53 |
UDP and TCP* |
DNS |
67 and 68 |
UDP |
DHCP |
69 |
UDP |
TFTP |
80 |
TCP |
HTTP |
110 |
TCP |
POP3 |
161 |
UDP |
SNMP |
443 |
TCP |
SSL/TLS (HTTPS) |
514 |
UDP |
Syslog |
520 |
UDP |
RIP |
CramQuiz
1. What transport layer protocol does EIGRP rely on in its operation?
A. TCP
B. UDP
C. ICMP
D. None of these answers are correct.
2. What protocol does RIP use, and what port does it use? (Choose two.)
A. TCP
B. UDP
C. 514
D. 520
CramQuiz Answers
1. D is correct. EIGRP does not rely on TCP or UDP in its operation. The protocol encapsulates inside IP and provides its own reliable mechanisms for delivery from router to router. Note that ICMP is not a transport layer protocol but a network layer protocol. Interestingly, ICMP does not rely on TCP or UDP to function but rather has its own protocol number.
2. B and D are correct. RIP relies on the connectionless UDP protocol, and RIP messages are sent to port number 520. Note that RIPng (the IPv6 version of RIP) uses UDP port 521.
Review Questions
1. What port number does SNMP use, and what protocol does it use? (Choose two.)
A. TCP
B. UDP
C. 161
D. 514
2. What layer of the OSI model exists just above the network layer?
A. Session
B. Presentation
C. Application
D. Transport
3. What form of flow control is used with TCP?
A. None
B. Random
C. Windowing
D. Explicit buffering
4. What are the terms for the four PDUs that exist at the bottom of the OSI model? Name them in order, from bottom to top.
A. Segments, frames, packets, bits
B. Bits, frames, packets, segments
C. Packets, frames, bits, segments
D. Segments, packets, frames, bits
5. Which of the following are transport layer protocols? (Choose two.)
A. ICMP
B. TCP
C. UDP
D. FTP
6. What protocol uses windowing to implement flow control?
A. ICMP
B. TCP
C. UDP
D. RIP
7. What port number does SSH use, and what protocol does it use? (Choose two.)
A. TCP
B. UDP
C. 22
D. 23
Answers to Review Questions
1. B and C are correct. SNMP relies on UDP port 161 in its operations.
2. D is correct. The transport layer exists just above the network layer in the OSI model.
3. C is correct. TCP uses a process called windowing to provide flow control.
4. B is correct. From the bottom to the top, the PDUs are bits, frame, packets, and segments.
5. B and C are correct. both TCP and UDP implement transport layer features.
6. B is correct. Transmission Control Protocol uses the sliding window mechanism to control the flow between hosts. It also uses several other mechanisms to maximize throughput and avoid congestion.
7. A and C are correct. SSH uses TCP and port 22 in its operations.
Additional Resources
Bring the OSI Model to Life
https://www.ajsnetworking.com/osi-life
IP, ICMP, UDP and TCP