This tutorial explains in detail five layers of the TCP / IP model (application, transport, Internet or network, data link and physical) and their functionalities.

Application layer

This layer defines the protocols and standards that an application needs to connect to the network. For example, an HTTP application layer protocol defines how a web browser can retrieve a web page from a web server.

The HTTP protocol manages communications between web browsers and web servers and opens the correct resource when a URL is entered in the address bar or a link is clicked. Basically, it is a language that the web browser and the web server understand and use to provide the required information.

When we enter a URL in the web address and press the Enter key, the HTTP protocol finds this address and delivers the requested content or displays an error message if the requested content is not available.

The application layer does not define the application itself. It only defines the standards, services and protocols that an application needs to connect to a remote computer. The most common protocols that work in this layer are HTTP, HTTPS, SNMP, NTP, SSH, FTP, TFTP, Telnet, DHCP and DNS.

Transport layer

This layer is also called the host-to-host layer. It provides a logical connection between two hosts. The main functions of this layer are: –

  • Segmentation
  • Reliability
  • Flow control
  • Connection multiplexing

Let’s understand each of these functions in detail.


The process of breaking down a large data file into smaller, identifiable elements is called segmentation, and each element produced during the segmentation process is called segment.

For example, a host wants to send a 100 MB file over a 1 Mbps connection. Since a 100MB file cannot be transferred over a 1Mbps connection, it breaks the file into 100 pieces or more. Since a part has a size less than or equal to the connection, it can easily cross the connection. The destination host, after receiving all the pieces, reassembles them in the original file. In this example, the file break process is segmentation and each part is a segment.

Segmentation allows a host to send and receive any size of data file over any size of connection.


A connection is considered a reliable connection when it provides the following services: –

  • Recognize and return the lost segments.
  • Recognize the order of the segments and organize the segments in the correct order.
  • Detect duplicate segments and delete additional segments.

The TCP protocol provides all of the above services. It numbers and sequences each segment so that the remote host can put all segments back in the original order. After transmitting the segments, it waits for an acknowledgment from the remote host. If it receives no acknowledgment of segments, it retransmits those segments.

Some applications such as DHCP and DNS do not require reliability. If an application does not require reliability, it generally uses the UDP protocol to transmit data. Since UDP does not use reliable connection, it does not insert the information required for a reliable connection into each segment header. Without this information, the header becomes much clearer than the header with this information. A segment with a light header travels faster in the network than a heavier segment.

Flow control

Flow control ensures that the remote host is not overwhelmed by the source sending too many segments at once. There are two types of flow control; ready / not ready signals and windowing.

Ready / Not Ready Signals

In this method, the destination sends ready and not ready signals to the source. Based on these signals, the source controls the flow. The destination sends a signal not ready when its buffer fills up. When the signal is not ready, the source stops sending more segments and waits for a ready signal. Once the destination is ready to receive more segments, it sends a ready signal to the source. As soon as the ready signal is received, the source resumes sending the data.


In this method, the source and destination first define a window size. A window size is the number of segments that the source can send before receiving an acknowledgment from the destination. Once the acknowledgment is received, the source can send the next batch of segments.

Connection multiplexing

Multiplexing allows a host to establish multiple connections to one or more hosts simultaneously. When a source opens a connection, a session occurs. A session can be reliable or unreliable. To distinguish each session, the source uses port numbers. It assigns a unique source port number to all the segments it sends in a session.

Internet or network layer

In the original TCP / IP model, this layer is defined as the Internet layer. In the updated version, it is renamed to the Network layer. The main functions of this layer are addressing and routing. For these functions, it uses the IP protocol.


In order to communicate with other hosts, each host on a network needs a unique address. A single address is the combination of two types of addresses; software address and hardware address. This layer provides the software address. The software address is also called the IP address.


Just as the postal service provides packets in the real world, the routing service provides networked data packets. It takes the data packet from the source, reads its destination address, finds the destination on the network and delivers the packet to the destination host.

Routers are used for routing. Just like the post office filters and redirects the package based on the destination address, the router checks the destination address in the data packet and routes it by the best and shortest route.

Link layer (data link and physical layer)

This layer defines standards and protocols for data transmission and physical connectivity. It also provides hardware addressing used to locate a device in the local network. The switching and connection devices are the two main functions of this layer.

Generally speaking, switching is like routing, but it works with the hardware address instead of the software address. Switches are used for switching. Besides switching, it also defines standards and protocols that are used for physical connectivity.

In the original TCP / IP model, the two functions are defined in a single layer; Link layer. In the updated version, the two functions are defined separately. The functions and standards that are directly related to physical transmission are defined in the physical layer while the functions and standards that are indirectly related to physical transmission are defined in the data link layer. In the updated version, switching is defined in the data link layer while standards and protocols related to physical transmission are defined in the physical layer.

TCP / IP model and its layers

Reference to other networking models

Since most standards and protocols were already defined in other network models while the TCP / IP model was in the development phase, the developers of the TCP / IP model, instead of redefining these standards and protocols, referenced them in the TCP / IP model with their respective model name such as Ethernet standards and IEEE standards.

So, whenever you see a standard mentioned with its model name, such as the Ethernet standard or the IEEE standard in the TCP / IP model, understand it as a referenced standard. A referenced standard or protocol is a standard or protocol originally defined in another network model.

That’s it for this part. In the next part of this article, I will explain how data is encapsulated and de-encapsulated when it crosses layers. If you like this tutorial, don’t forget to share it via your favorite social site.


Write A Comment