Networking Protocols

How does the network system work? Why there are so many networking protocols? What does each do? What is OSI model?

OSI Model

Layer 7ApplicationTo allow access to network resources.SMTP, HTTP, FTP, POP3, SNMP
Layer 6PresentationTo translate, encrypt and compress data.MPEG, ASCH, SSL, TLS
Layer 5SessionTo establish, manage, and terminate the sessionNetBIOS, SAP
Layer 4TransportThe transport layer builds on the network layer to provide data transport from a process on a source machine to a process on a destination machine.TCP, UDP
Layer 3NetworkTo provide internetworking To move packets from source to destinationIPV5, IPV6, ICMP, IPSEC, ARP, MPLS.
Layer 2Data LinkTo organize bits into frames To provide hop-to-hop deliveryRAPA, PPP, Frame Relay, ATM, Fiber Cable, etc.
Layer 1PhysicalTo transmit bits over a medium To provide mechanical and electrical specificationsRS232, 100BaseTX, ISDN, 11.

OSI Model
OSI Model


HTTP - Hypertext Transfer Protocol

  • Like FTP, HTTP is a file sharing protocol that runs over TCP/IP, although HTTP primarily works over web browsers and is commonly recognizable for most users. When a user enters a website domain and aims to access it, HTTP provides the access. HTTP connects to the domain’s server and requests the site’s HTML, which is the code that structures and displays the page’s design.
  • HTTP Methods
    • GET
    • POST
    • PUT
      • PUT overwrites the entire entity if it already exists, and creates a new resource if it doesn’t exist.
      • PUT is similar to POST in that it can create resources, but it does so when there is a defined URI.
    • HEAD
    • DELETE
    • PATCH
      • Unlike PUT, PATCH applies a partial update to the resource. This means that you are only required to send the data that you want to update, and it won’t affect or change anything else.

SOAP - Simple Object Access Protocol

  • SOAP is a messaging protocol specification for exchanging structured information in the implementation of web services in computer networks. It uses XML Information Set for its message format, and relies on application layer protocols, most often Hypertext Transfer Protocol (HTTP), although some legacy systems communicate over Simple Mail Transfer Protocol (SMTP), for message negotiation and transmission.

IP - Internet Protocol

  • IP functions similarly to a postal service. When users send and receive data from their device, the data gets spliced into packets, which are like letters with two IP addresses: one for the sender and one for the recipient. After the packet leaves the sender, it goes to a gateway, like a post office, that directs it in the proper direction. Packets continue to travel through gateways until they reach their destinations.

  • IP is commonly paired with TCP to form TCP/IP, the overall internet protocol suite. Together, IP sends packets to their destinations, and TCP arranges the packets in the correct order, as IP sometimes sends packets out of order to ensure the packets travel the fastest ways.

TCP - Transmission Control Protocol

  • TCP is the other half of TCP/IP and arranges packets in order so IP can deliver them. Specifically, TCP numbers individual packets because IP can send packets to their destinations through different routes and get them out of order, so TCP amends this before IP delivers the packets.
  • TCP also detects errors in the sending process – including if any packets are missing based on TCP’s numbered system – and requires IP to retransmit those packets before IP delivers the data to its destination. Through this process, the TCP/IP suite controls communication across the internet.

UDP - User Datagram Protocol

  • UDP is an alternative to TCP and also works with IP to transmit time-sensitive data. UDP enables low-latency data transmissions between internet applications, so this protocol is ideal for voice over IP or other audio and video requirements. Unlike TCP, UDP doesn’t wait for all packets to arrive or organize the packets. Instead, UDP transmits all packets even if some haven’t arrived.
  • UDP solely transmits packets, while TCP transmits, organizes and ensures the packets arrive. While UDP works more quickly than TCP, it’s also less reliable.

DNS - Domain Name System

  • DNS is an application layer protocol.

  • A Domain Name System (DNS) translates a domain name such as to an IP address.

    How DNS works, Source: DNS security presentation
    How DNS works, Source: DNS security presentation

  • DNS is hierarchical, with a few authoritative servers at the top level. Your router or ISP provides information about which DNS server(s) to contact when doing a lookup. Lower level DNS servers cache mappings, which could become stale due to DNS propagation delays. DNS results can also be cached by your browser or OS for a certain period of time, determined by the time to live (TTL).

    • NS record (name server) - Specifies the DNS servers for your domain/subdomain.
    • MX record (mail exchange) - Specifies the mail servers for accepting messages.
    • A record (address) - Points a name to an IP address.
    • CNAME (canonical) - Points a name to another name or CNAME ( to or to an A record.
  • Services such as CloudFlare and Route 53 provide managed DNS services. Some DNS services can route traffic through various methods:

    • Weighted round robin
      • Prevent traffic from going to servers under maintenance
    • Balance between varying cluster sizes
      • A/B testing
    • Latency-based
    • Geolocation-based
  • Disadvantage(s): DNS

    • Accessing a DNS server introduces a slight delay, although mitigated by caching described above.
    • DNS server management could be complex and is generally managed by governments, ISPs, and large companies.
    • DNS services have recently come under DDoS attack, preventing users from accessing websites such as Twitter without knowing Twitter’s IP address(es).
  • Sources:

DHCP - Dynamic Host Configuration Protocol

  • DHCP assigns IP addresses to network endpoints so they can communicate with other network endpoints over IP. Whenever a device joins a network with a DHCP server for the first time, DHCP automatically assigns it a new IP address and continues to do so each time a device moves locations on the network.

DHCP Handshake

DHCP Handshake
DHCP Handshake

FTP - File Transfer Protocol

  • FTP is a client-server protocol, with which a client requests a file and the server supplies it. FTP runs over TCP/IP – a suite of communications protocols – and requires a command channel and a data channel to communicate and exchange files, respectively. Clients request files through the command channel and receive access to download, edit and copy the file, among other actions, through the data channel.