Network Protocols

Network protocols are sets of rules and standards that define how devices communicate across a network. Each protocol has specific functions and operates at different layers of the OSI model.

What are Network Protocols?

A network protocol is a set of formal rules that specify how data is transmitted, received, and processed between network devices. Protocols ensure that communication is reliable, efficient, and secure.

Protocol Classification

By OSI Layer

Application Layer

• HTTP: Hypertext Transfer Protocol
• HTTPS: HTTP Secure
• FTP: File Transfer Protocol
• SMTP: Simple Mail Transfer Protocol
• DNS: Domain Name System
• SSH: Secure Shell
• Telnet: Terminal Network

Transport Layer

• TCP: Transmission Control Protocol
• UDP: User Datagram Protocol
• SCTP: Stream Control Transmission Protocol

Network Layer

• IP: Internet Protocol
• ICMP: Internet Control Message Protocol
• OSPF: Open Shortest Path First
• BGP: Border Gateway Protocol

Link Layer

• Ethernet: Local network protocol
• PPP: Point-to-Point Protocol
• WiFi: IEEE 802.11

By Functionality

Communication Protocols

• TCP/IP: Main Internet suite
• UDP: Fast communication without guarantees
• HTTP: Web communication

Routing Protocols

• OSPF: Internal routing
• BGP: External routing
• RIP: Routing information protocol

Security Protocols

• SSL/TLS: Communication encryption
• IPSec: IP-level security
• SSH: Secure terminal

Main Protocols

TCP (Transmission Control Protocol)

Characteristics:

• Reliability: Guarantees data delivery
• Flow control: Regulates transmission speed
• Error control: Detects and corrects errors
• Connection: Establishes connection before transmitting

Common ports:

• 80: HTTP
• 443: HTTPS
• 21: FTP
• 22: SSH
• 25: SMTP
• 53: DNS

TCP segment format:

| Source Port | Destination Port | Sequence Number | ACK Number | Flags | Window | Checksum | Urgent | Options | Data |
|    16 bits  |      16 bits     |     32 bits    |   32 bits  |8 bits |16 bits |  16 bits |16 bits |Variable |Variable |

UDP (User Datagram Protocol)

Characteristics:

• Connectionless: Does not establish prior connection
• Fast: Lower overhead than TCP
• No guarantees: Does not guarantee delivery
• Simple: Simple structure

Common ports:

• 53: DNS
• 67/68: DHCP
• 69: TFTP
• 123: NTP
• 161: SNMP

UDP datagram format:

| Source Port | Destination Port | Length | Checksum | Data |
|    16 bits  |      16 bits     |16 bits |  16 bits |Variable |

IP (Internet Protocol)

Characteristics:

• Addressing: Assigns IP addresses
• Routing: Determines packet routes
• Fragmentation: Divides large packets
• Connectionless: Does not maintain state

Versions:

• IPv4: 32 bits (4.3 billion addresses)
• IPv6: 128 bits (340 sextillion addresses)

IPv4 packet format:

| Version | IHL | Service Type | Total Length | Identification | Flags | Offset | TTL | Protocol | Checksum | Source IP | Destination IP | Options | Data |
| 4 bits  |4 bits|    8 bits   |    16 bits  |     16 bits    |3 bits |13 bits |8 bits|  8 bits  |  16 bits |  32 bits  |     32 bits    |Variable |Variable |

HTTP (Hypertext Transfer Protocol)

Characteristics:

• Stateless: Does not maintain information between requests
• Text: Text-based protocol
• Methods: GET, POST, PUT, DELETE
• Codes: Numeric responses

HTTP Methods:

• GET: Get resources
• POST: Send data
• PUT: Update resources
• DELETE: Delete resources
• HEAD: Get headers
• OPTIONS: Get options

Status codes:

• 1xx: Informational
• 2xx: Success (200 OK)
• 3xx: Redirection (301, 302)
• 4xx: Client error (404, 403)
• 5xx: Server error (500, 502)

DNS (Domain Name System)

Characteristics:

• Resolution: Converts names to IP
• Distributed: Distributed database
• Hierarchical: Tree structure
• Cache: Stores recent queries

Record types:

• A: IPv4 address
• AAAA: IPv6 address
• CNAME: Alias
• MX: Mail server
• NS: Name server
• PTR: Pointer (reverse DNS)
• TXT: Text

FTP (File Transfer Protocol)

Characteristics:

• Two connections: Control and data
• Modes: Active and passive
• Authentication: Username and password
• Commands: Specific command set

Ports:

• 21: Control (always)
• 20: Data (active mode)
• Variable: Data (passive mode)

FTP Commands:

• USER: Username
• PASS: Password
• LIST: List files
• RETR: Download file
• STOR: Upload file
• QUIT: Close connection

Routing Protocols

OSPF (Open Shortest Path First)

Characteristics:

• Link state: Knows complete topology
• Areas: Divides networks into areas
• Metrics: Cost-based
• Convergence: Fast convergence

Area types:

• Backbone: Area 0
• Stub: Area without external routes
• NSSA: Not So Stubby Area
• Transit: Transit area

BGP (Border Gateway Protocol)

Characteristics:

• Path vector: Path vector protocol
• AS: Autonomous Systems
• Policies: Policy-based
• Stable: Very stable

Session types:

• eBGP: Between different AS
• iBGP: Within the same AS

Security Protocols

SSL/TLS (Secure Sockets Layer / Transport Layer Security)

Characteristics:

• Encryption: Data encrypted in transit
• Authentication: Identity verification
• Integrity: Modification detection
• Certificates: Digital certificates

Versions:

• SSL 1.0: Not published
• SSL 2.0: Vulnerable
• SSL 3.0: Vulnerable (POODLE)
• TLS 1.0: Replaces SSL 3.0
• TLS 1.1: Minor improvements
• TLS 1.2: Widely used
• TLS 1.3: Faster and more secure

SSH (Secure Shell)

Characteristics:

• Encryption: Encrypted connection
• Authentication: Multiple methods
• Tunnels: Port forwarding
• SFTP: Secure file transfer

Versions:

• SSH-1: Original version (vulnerable)
• SSH-2: Current version (secure)

Protocol Analysis Tools

Wireshark

• Capture: Packet capture
• Analysis: Detailed analysis
• Filters: Filter by protocol
• Statistics: Traffic statistics

tcpdump

• Command line: CLI tool
• Filters: BPF filters
• Capture: Basic capture
• Analysis: Basic analysis

netstat

• Connections: Active connections
• Ports: Ports in use
• Statistics: Protocol statistics
• Routes: Routing tables

Best Practices

Protocol Selection

1. Evaluate requirements: Reliability vs speed
2. Consider security: Encryption and authentication
3. Optimize performance: Minimum overhead
4. Plan scalability: Future growth

Configuration

1. Ports: Use standard ports
2. Timeouts: Configure appropriate timeouts
3. Buffers: Adjust network buffers
4. Monitoring: Implement monitoring

Security

1. Encryption: Use encrypted protocols
2. Authentication: Implement strong authentication
3. Firewalls: Filter traffic by protocol
4. Updates: Keep protocols updated

Protocol Troubleshooting

Common Problems

• Timeouts: Timeout configuration
• Blocked ports: Firewalls
• Incompatible versions: Protocol versions
• Incorrect configuration: Misconfigured parameters

Diagnostic Tools

• ping: Connectivity test
• telnet: Port test
• nslookup: DNS resolution
• traceroute: Packet route

Related Concepts

• OSI Model - Layers where protocols operate
• Networking - General network concepts
• IP Addresses - IP addressing
• DNS - Domain name system
• TLS/SSL - Security in communications
• Firewall - Protocol filtering

References

• RFC 793 - TCP
• RFC 768 - UDP
• RFC 791 - IPv4
• RFC 2460 - IPv6
• RFC 2616 - HTTP/1.1
• RFC 1035 - DNS

Glossary

• PDU: Protocol Data Unit
• SDU: Service Data Unit
• MTU: Maximum Transmission Unit
• MSS: Maximum Segment Size
• RTT: Round Trip Time
• RTO: Retransmission Timeout
• CWND: Congestion Window
• RWND: Receive Window