TCP/IP Model and Terminology
Check Point Certification
Palo Alto Networks Certification
Before completing this introduction to the TCP/IP model, this section examines a few
remaining details of the model and some related terminology.
Comparing the Original and Modern TCP/IP Models
The original TCP/IP model defined a single layer—the link layer—below the Internet layer.
The functions defined in the original link layer can be broken into two major categories:
functions related directly to the physical transmission of data and those only indirectly
related to the physical transmission of data. For example, in the four steps shown in Figure
1-11, Steps 2 and 3 were specific to sending the data, but Steps 1 and 4—encapsulation and
de-encapsulation—were only indirectly related. This division will become clearer as you
read about additional details of each protocol and standard.
Today, most documents use a more modern version of the TCP/IP model, as shown in
Figure 1-12. Comparing the two, the upper layers are identical, except a name change from
Internet to Network. The lower layers differ in that the single link layer in the original
model is split into two layers to match the division of physical transmission details from
the other functions. Figure 1-12 shows the two versions of the TCP/IP model again, with
emphasis on these distinctions.
Figure 1-12 Link Versus Data Link and Physical Layers
Data Encapsulation Terminology
As you can see from the explanations of how HTTP, TCP, IP, and Ethernet do their jobs,
each layer adds its own header (and for data-link protocols, also a trailer) to the data supplied
by the higher layer. The term encapsulation refers to the process of putting headers
(and sometimes trailers) around some data.
Many of the examples in this chapter show the encapsulation process. For example,
web server Larry encapsulated the contents of the home page inside an HTTP header in
Figure 1-6. The TCP layer encapsulated the HTTP headers and data inside a TCP header
in Figure 1-7. IP encapsulated the TCP headers and the data inside an IP header in Figure
1-10. Finally, the Ethernet link layer encapsulated the IP packets inside both a header and
a trailer in Figure 1-11.
The process by which a TCP/IP host sends data can be viewed as a five-step process. The
first four steps relate to the encapsulation performed by the four TCP/IP layers, and the
last step is the actual physical transmission of the data by the host. In fact, if you use the
five-layer TCP/IP model, one step corresponds to the role of each layer. The steps are summarized
in the following list:
Step 1. Create and encapsulate the application data with any required application
layer headers. For example, the HTTP OK message can be returned in an
HTTP header, followed by part of the contents of a web page.
Step 2. Encapsulate the data supplied by the application layer inside a transport
layer header. For end-user applications, a TCP or UDP header is typically
Step 3. Encapsulate the data supplied by the transport layer inside a network layer
(IP) header. IP defines the IP addresses that uniquely identify each computer.
Step 4. Encapsulate the data supplied by the network layer inside a data link layer
header and trailer. This layer uses both a header and a trailer.
Step 5. Transmit the bits. The physical layer encodes a signal onto the medium to
transmit the frame.
The numbers in Figure 1-13 correspond to the five steps in this list, graphically showing
the same concepts. Note that because the application layer often does not need to add a
header, the figure does not show a specific application layer header.
Figure 1-13 Five Steps of Data Encapsulation: TCP/IP
Names of TCP/IP Messages
Finally, take particular care to remember the terms segment, packet, and frame and the
meaning of each. Each term refers to the headers (and possibly trailers) defined by a particular layer and the data encapsulated following that header. Each term, however,
refers to a different layer: segment for the transport layer, packet for the network layer,
and frame for the link layer. Figure 1-14 shows each layer along with the associated term.
Figure 1-14 Perspectives on Encapsulation and “Data”*
* The letters LH and LT stand for link header and link trailer, respectively, and refer to the data link layer
header and trailer.
Figure 1-14 also shows the encapsulated data as simply “data.” When focusing on the work
done by a particular layer, the encapsulated data typically is unimportant. For example, an IP
packet can indeed have a TCP header after the IP header, an HTTP header after the TCP header,
and data for a web page after the HTTP header. However, when discussing IP, you probably
just care about the IP header, so everything after the IP header is just called data. So, when
drawing IP packets, everything after the IP header is typically shown simply as data.