By now you should know that machines connected to the same network rely on the data link layer in order for them to talk to each other. And if two machines are located on different networks (let’s say on separate continents for example), then the network layer can make sure that they can still reach each other.
This appears to be enough, isn’t it? Using only the first three layers, we can communicate with any machine in the world, right?
Well, if only things were that simple.
Transport Layer Roles
If machines transmit only one type of data, then yes, three layers would have been enough. But this is not the case.
In reality, when we are using the Internet, we have many running applications that are constantly sending and receiving data. We might have a browser requesting and receiving web pages from the Internet, while at the same time we are retrieving email and sending files to a distant computer.
We need a way to differentiate between the traffic belonging to each of these applications. This is the primary function of the Transport Layer.
The transport layer ensures the end-to-end communication between applications: It makes sure that the traffic that was sent from an application gets to the intended application.
In addition, the transport layer allows for multiplexing and de-multiplexing of traffic. This means that it gathers data from different applications and then sends them down to the layer 3 for transmission. On the other end, when the transport layer receives packets from layer 3, it separates them and sends each data to its corresponding application.
The way the transport layer keeps track of which data belong to which application is using special numbers called Ports.
We have seen in previous chapters that both layer 2 and layer 3 have an address to help identify the receiving host: the MAC Address for layer 2, and the IP Address for layer 3. Similarly, the port number is the address that the fourth layer uses.
Each application is assigned a port number. Whenever a sending application intends to send traffic for a receiving application, then the it can simply indicate the corresponding port number in the header of the transport layer.
For example, we use the port 80 for sending and receiving web pages using HTTP. We also use the port 21 for sending and receiving files using FTP.
HTTP and FTP belong to the application layer, which we will discuss in a later chapter.
Port numbers range between 0 and 65535. The first 1024 numbers are the ones that we use for common applications. However, ports that are higher than 1024 can be used by any application.
Ports are generally written after the IP address of the machine that hosts the application. For example :
This representation refers to the web service on the machine having the IP address 192.168.58.123. (Remember, port 80 is associated with the web)
Layer 4 Protocols
In the transport layer, there are two common protocols that you should know : TCP and UDP. Both have their own advantages and their limits. We’ll address each of them separately.
TCP (Transmission Control Protocol) has the advantage of being a reliable protocol. It makes sure that data arrives in the correct form without any error.
Every packet is acknowledged by the receiver. This way, the sending application knows if it needs to re-transmit packets in case there was an error in transmission.
TCP is a connection-oriented protocol. This means that it has to establish a connection between two applications before they can communicate. It also maintains this connection while the communication is ongoing.
The Three Way Handshake
The TCP protocol establishes a connection using a process called the three way handshake. Here is how it goes:
If application A wants to talk to application B, then it sends a SYN (Synchronize) message (1). The receiving host will then send back a SYN/ACK (Synchronize/Acknowledge) message (2). And finally, the host A will answer with an ACK (Acknowledge) message and close the 3-way handshake (3). This process will establish the communication between the two applications.
Now, if application A wants to close the connection with application B, the two applications go through another 3-way handshake, but this time for terminating the connection: A sends a FIN message. B will send back a FIN/ACK message, and finally A will answer with an ACK message. This closes the connection.
Just like all layers we have seen so far, The transport layer also adds a header to the data that it receives from the application. The transport header and its data is called a datagram.
The transport header format will depend on the protocol used in this layer.
When using the TCP protocol, this is how the transport header is formed:
Let’s see what each field does:
- Source Port (16 bits) : This is the port that sends packets. Notice how the size of this field is equal to 16 bits. That’s exactly the number of bits required to represent all numbers from 0 to 65535, which is the maximum value that a port can have.
- Destination Port (16 bits) : This is the port of the receiving application.
- Sequence Number (32 bits) : Each Byte in a communication session is assigned a sequence number. This number increases by 1 with each Byte. This field indicates the sequence number of the first byte of data in the current packet.
- Acknowledgment Number (32 bits) : This field contains the value of the sequence number that the host expects to receive next. If this value does not correspond to the next sequence number, then the sending machine knows that it has to resend the packet that has that sequence number.
- Header Length (4 bits) : This is the length of the TCP header. The options field is the only one that has a varied length. All other fields have a fixed length.
- Reserved (6 bits) : This field is not used.
- Flags (6 bits) : This field contains six flags, each one occupies 1 bit:
- URG : If this bit is set to 1, then the data contained in the packet is considered urgent.
- ACK : This bit indicates if the acknowledgment number field is a valid value. If set to 1, it informs that the current packet acknowledges previous messages.
- PSH : This bit tells the receiving host to push the packets it receives immediately to the application without waiting to fill the buffer. This is different than the URG field in that it doesn’t prioritize the data.
- RST : This is for resetting the TCP connection.
- SYN : This flag synchronizes sequence numbers. It indicates that the value in the sequence number field corresponds to the initial sequence number.
- FIN : When set to 1, this bit informs that the sending host wants to terminate the connection.
- Window (16 bits) : This field indicates how many bytes can be received at a time.
- Checksum (16 bits) : The receiving end uses this field to check if the content of the TCP header has not changed and is error-free.
- Urgent Pointer (16 bits) : When the URG flag is equal to 1, this field indicates the byte at which the urgent data ends.
- Options (Varied length) : This field is optional. We don’t have to worry about it for now.
UDP (User Datagram Protocol) is the complete opposite of TCP.
On one hand, we have TCP providing a reliable communication, ensuring an error-free transmission and allowing acknowledgment of packets. UDP, on the other hand, does not guarantee delivery, neither does it allow for acknowledgment, and although it checks for errors, it does not correct them and simply discard them.
You might think: Why in the world would someone choose this protocol over another? I mean, it does provide the worst possible service, and it is by no means comparable to TCP. So why do we use it?
Well, all these advantages that make TCP great come with a price. It takes a lot of time to process TCP packets, and therefore, it is much slower than UDP.
UDP provides a fast delivery. This makes it the preferable choice for applications requiring real-time transmission, and in which few errors would not impact the overall communication. VoIP (Voice over IP) and video streaming are examples of applications that rely on UDP.
As you can see, UDP is a lot less complicated than TCP. The UDP header contains only four fields:
- Source Port (16 bits) : This is the port of the sending application.
- Destination Port (16 bits) : This is the port of the receiving application.
- Length (16 bits) : This is the length of the entire datagram (UDP header and data).
- Checksum (16 bits) : This is used for error checking.
That’s it for the transport layer. In the next chapter, we will move up to the OSI surface and we’ll talk about the application layer.