PROTOCOLS IN

COMPUTER NETWORK
APPLICATION LAYER PROTOCOLS
• The application layer interacts directly with end users and provides
them with network services, including web browsing, file transfers
and email communication.
• Protocols such as domain name system (DNS), Dynamic Host
Configuration Protocol (DHCP), File Transfer Protocol (FTP), Hypertext
Transfer Protocol (HTTP), Simple Mail Transfer Protocol (SMTP),
Simple Network Management Protocol (SNMP), Secure Shell (SSH)
and Telnet operate at this layer.
DOMAIN NAME SYSTEM
• DNS is an application layer protocol that acts as the internet's phone directory. Each device on the internet
has a unique and corresponding IP address, similar to a phone number. However, it's hard for humans to
remember numerical labels, so DNS uses a resolution process to solve this problem.
• When a user types a domain name, such as google.com, into a web browser, the computer sends a request
to a DNS server to find the corresponding IP address so the user's computer connects to the correct server.
DNS servers also help with the reverse process, resolving numerical IP addresses to their corresponding
domain names.
• DNS is essentially a directory of fully qualified domain names (FQDNs) and their corresponding
IPv4 or IPv6 addresses. It contains various types of records, including the following:
• A record. An A record is used to map an FQDN to an IPv4 address.
• AAAA record. This record maps an FQDN to an IPv6 address.
• Canonical name record. A CNAME record works as an alias and maps one domain name to another.
• Mail exchanger record. An MX record lists mail servers for domain mail exchange.
• Pointer record. A PTR record is a reverse lookup that maps an IP address to an FQDN.
• Other records related to the DNS structure include top-level domains and root servers.
DYNAMIC HOST CONFIGURATION
PROTOCOL
• DHCP automates the process of assigning IP addresses to network endpoints so they can communicate with other
network devices over IP. Whenever a device joins a network with a DHCP server for the first time,
DHCP automatically assigns it a new IP addressand continues to do so each time a device moves locations on the
network. Without DHCP, network administrators must manually assign IP addresses to each new device.
• When a device connects to a network, a DHCP handshake takes place. In this handshake process, the device and DHCP
server communicate using the following steps:
• The device establishes a connection and sends a DHCP broadcast request on the LAN to find a DHCP server that could
assign an IP address to it.
• One or more DHCP servers respond, offering available IP addresses.
• The device selects an address and formally requests it.
• If the server approves, it acknowledges the request and records the device's IP address, MAC address and other relevant
details, such as the hostname and subnet mask.
• The IP address is leased to the device for a short period, after which the lease expires.
• Once 50% of the lease time has elapsed, the device can begin requesting a lease renewal.
• Besides dynamically assigning IP addresses, a DHCP server also passes essential network configuration information, such
as subnet masks, default gateways, DNS server addresses and domain names, to the requesting device. This enables
devices to communicate seamlessly within both local and external networks.
FILE TRANSFER PROTOCOL
• FTP is a client-server protocol that transfers files between a client and
a server and operates over TCP/IP. It uses two communication
channels: the command channel and the data channel. Clients
request files through the command channel and receive access to
download, edit and copy the file, among other actions, through the
data channel.
• While FTP is a file-transferring protocol, it doesn't encrypt data and
sends it in plaintext, making it vulnerable to security risks. Therefore,
most businesses opt for file transfer protocols that are secure, such
as Secure FTP, to safely transfer files over a network.
HYPERTEXT TRANSFER PROTOCOL
• HTTP operates on a client-server model and is the primary method by which web browsers
and servers communicate to share information over the internet. While its main purpose is
to transfer webpages and provide other resources during web browsing, it is also able to
transfer data, facilitating file sharing.
• When a user enters a website domain and tries to access it, HTTP establishes a connection
to the server hosting the domain and provides access to the website. For example, when a
user types a domain name, such as google.com, into their browser, HTTP connects to the
web server hosting that domain. The web server then responds by sending the HTML
content or the code that defines the structure and content of the webpage.
• Another form of HTTP is HTTP Secure. HTTPS can encrypt a user's HTTP requests and
webpages, providing greater network security and preventing common cybersecurity
threats, such as man-in-the-middle attacks.
• HTTPS is more widely used than HTTP because of its improved security features, and most
major browsers now only support HTTPS.
SIMPLE MAIL TRANSFER PROTOCOL
• SMTP -- the most widely used email protocol -- is part of the TCP/IP
suite and controls how email clients send users' email messages.
Email servers use SMTP to send email messages from the client to the
email server to the receiving email server. However, SMTP doesn't
control how email clients receive messages -- just how clients send
messages. Essentially, it's just a mail delivery protocol and not used
for retrieval of messages.
• That said, SMTP requires other protocols to ensure email messages
are sent and received properly. It can work with Post Office Protocol 3
or Internet Message Access Protocol, both of which control
how an email server receives email messages.
SIMPLE NETWORK MANAGEMENT
PROTOCOL
• SNMP is a network management protocol that helps network admins manage and monitor network devices, such as
routers, switches, printers and firewalls. It gathers device information to monitor network performance and health.
Network administrators often use SNMP to detect and troubleshoot network issues.
• SNMP uses a manager-agent model and the following components:
• SNMP manager. This is the central system that communicates with the agents and requests or updates information.
• SNMP agent. This is a software component installed on devices such as routers and switches and sends information to
the manager.
• Management information base. The MIB acts as a database and contains device information.
• Here is how SNMP works:
• Manager request. The SNMP manager sends a request using the SNMP protocol to an SNMP agent on a device. The
request includes information, such as CPU use and interface status.
• Agent response. The SNMP agent retrieves the requested information from the MIB and sends it back to the manager
in an SNMP response.
• Manager action. The manager is now able to display the information, log it or use it to trigger an action. For example,
it can send an alert or change a configuration.
• Since SNMP is a standardized protocol, it's compatible with devices from different vendors.
SECURE SHELL
• The SSH protocol provides a way to securely connect to and send
commands to a device over an insecure network, such as the internet.
It uses cryptography for authentication and establishes an encrypted
digital tunnel between devices, protecting communication from
eavesdropping and tampering.
• SSH is widely used for the remote administration of servers, network
devices and other systems. It automates various tasks on these
remote systems, including software updates, backups and system
monitoring. Additionally, it offers tunneling or port forwarding, which
enables data packets to traverse networks that are otherwise
inaccessible.
TELNET

•Remote Connectivity: Establishes remote sessions between a user and a host.

•Authentication: Requires a username and password for access.
•Security Risk: Transmits data in plaintext, making it vulnerable.
•Deprecated: Rarely used due to security concerns.
•Use Cases:
•Basic network testing (e.g., checking open ports).
•Legacy systems (still in use in rare cases).
TRANSPORT LAYER PROTOCOLS
• The Transport Layer provides end-to-end communication services for
applications. It ensures complete data transfer, error recovery, and
flow control between hosts. This layer segments and reassembles
data for efficient transmission and provides reliability with error
detection and correction mechanisms.
• Protocols at this layer include Transmission Control Protocol (TCP)
and User Datagram Protocol (UDP). TCP is connection-oriented and
ensures reliable data transfer with error checking and flow control,
making it suitable for applications like web browsing and email. UDP is
connectionless, offering faster, though less reliable, transmission,
suitable for applications like video streaming and online gaming.
INTERNET LAYER PROTOCOLS
• The Network Layer is responsible for data routing, forwarding, and
addressing. It determines the best physical path for data to reach its
destination based on network conditions, the priority of service, and
other factors. This layer manages logical addressing through IP
addresses and handles packet forwarding.
• Key protocols at this layer include the Internet Protocol (IP), which is
important for routing and addressing, Internet Control Message
Protocol (ICMP) for diagnostic and error-reporting purposes, and
routing protocols like Routing Information Protocol (RIP) that manage
the routing of data across networks.
ADDRESS RESOLUTION PROTOCOL
• ARP maps IP addresses to physical MAC addresses of devices and vice
versa within a LAN so devices can communicate with one another.
ARP is necessary because IP and MAC addresses are different lengths
and operate on different layers of the OSI model.
• These addresses must be mapped for proper network communication
and data transfer among connected devices. ARP isn't required every
time devices attempt to communicate because the LAN's host system
maps and stores the associations in its ARP cache. As a result, the ARP
resolution process is mainly used when new devices join the network.
INTERNET CONTROL MESSAGE
PROTOCOL
• ICMP is a supporting protocol on the internet layer of the TCP/IP model. It's
mainly used for network diagnostics, troubleshooting, error reporting and some
limited control functions between network devices. It helps identify network
connectivity issues and manage the flow of data packets. However, it doesn't
transfer data, such as the content of a webpage or an email.
• Ping and traceroute commands both use ICMP to test connectivity and trace
packet routes. Common ICMP messages include the following:
• Echo Request and Echo Reply.
• Destination Unreachable.
• Time Exceeded.
• Redirect Message.
BORDER GATEWAY PROTOCOL
•Function: Enables internet routing by exchanging routing information between autonomous systems
(ASes).
•Autonomous System (AS): A group of IP networks managed by a single entity (e.g., ISPs,
•universities, government agencies).
•Data Flow:
•Data crosses multiple ASes to reach its destination.
•BGP routers advertise active networks to neighbors.
•Neighbors exchange routing info within and between ASes.
•Types of BGP:
•Internal BGP (iBGP): Handles routing within an AS.
•External BGP (eBGP): Manages routing between ASes.
•Route Updates: BGP dynamically updates routes as networks change, adding or removing paths.
•Route Selection: BGP chooses the best path based on AS path length, policies, and other attributes.
•Use Cases:
•Internet traffic routing between ASes.
•Large data centers for efficient network reachability.
OPEN SHORTEST PATH FIRST
• OSPF is a dynamic link-state routing protocol for IP networks. It works with IP to send
packets to their destinations. IP aims to send packets on the quickest route possible,
which OSPF is designed to accomplish. OSPF opens the shortest, or fastest, path first for
packets. It also updates routing tables -- a set of rules that control where packets travel
-- and alerts routers of changes to the routing table or network when a change occurs.
• OSPF is similar to and supports Routing Information Protocol (RIP), which directs traffic
based on the number of hops it must take along a route, and it has also replaced RIP in
many networks. OSPF was developed as a streamlined and scalable alternative to RIP.
For example, RIP sends updated routing tables out every 30 seconds, while OSPF sends
updates only when necessary and makes updates to the particular part of the table
where the change occurred. Also, OSPF typically uses more sophisticated metrics, such
as bandwidth, delay and link cost, rather than hop counts to choose the best paths.