Packets and Frames
Studied by 0 people
Learn
Practice Test
Spaced Repetition
Match
Flashcards1/12
There's no tags or description
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced |
|---|
No study sessions yet.
13 Terms
Packets and Frames
Small pieces of data that, when forming together, make a larger piece of information or message
Packet VS Frame
A frame is a unit of data at the Data Link Layer (Layer 2) of the OSI model, while a packet is a unit of data at the Network Layer (Layer 3).
Packet has IP address info
Frame doesn’t have IP addess info
Think of this as putting an envelope within an envelope and sending it away. The first envelope will be the packet that you mail, but once it is opened, the envelope within still exists and contains data (this is a frame).
Typical Packet Headers
A packet typically had has a set of headers that contain additional pieces of information about the data that is being sent.
Time to Live | This field sets an expiry timer for the packet to not clog up your network if it never manages to reach a host or escape! |
Checksum | This field provides integrity checking for protocols such as TCP/IP. If any data is changed, this value will be different from what was expected and therefore corrupt. |
Source Address | The IP address of the device that the packet is being sent from so that data knows where to return to. |
Destination Address | The device's IP address the packet is being sent to so that data knows where to travel next. |
TCP/IP (Transmission Control Protocol)
The TCP/IP protocol consists of four layers and is arguably just a summarised version of the OSI model. These layers are:
Application
Transport
Internet
Network Interface
TCP Headers
Header | Description |
Source Port | This value is the port opened by the sender to send the TCP packet from. This value is chosen randomly (out of the ports from 0-65535 that aren't already in use at the time). |
Destination Port | This value is the port number that an application or service is running on the remote host (the one receiving data); for example, a webserver running on port 80. Unlike the source port, this value is not chosen at random. |
Source IP | This is the IP address of the device that is sending the packet. |
Destination IP | This is the IP address of the device that the packet is destined for. |
Sequence Number | When a connection occurs, the first piece of data transmitted is given a random number. We'll explain this more in-depth further on. |
Acknowledgement Number | After a piece of data has been given a sequence number, the number for the next piece of data will have the sequence number + 1. We'll also explain this more in-depth further on. |
Checksum | This value is what gives TCP integrity. A mathematical calculation is made where the output is remembered. When the receiving device performs the mathematical calculation, the data must be corrupt if the output is different from what was sent. |
Data | This header is where the data, i.e. bytes of a file that is being transmitted, is stored. |
Flag | This header determines how the packet should be handled by either device during the handshake process. Specific flags will determine specific behaviours, which is what we'll come on to explain below. |
Three-way handshake
The term given for the process used to establish a connection between two devices. SYN to SYN/ACK to ACK.
Step | Message | Description |
1 | SYN | A SYN message is the initial packet sent by a client during the handshake. This packet is used to initiate a connection and synchronise the two devices together (we'll explain this further later on). |
2 | SYN/ACK | This packet is sent by the receiving device (server) to acknowledge the synchronisation attempt from the client. |
3 | ACK | The acknowledgement packet can be used by either the client or server to acknowledge that a series of messages/packets have been successfully received. |
4 | DATA | Once a connection has been established, data (such as bytes of a file) is sent via the "DATA" message. |
5 | FIN | This packet is used to cleanly (properly) close the connection after it has been complete. |
# | RST | This packet abruptly ends all communication. This is the last resort and indicates there was some problem during the process. For example, if the service or application is not working correctly, or the system has faults such as low resources. |
Three Way Handshake - Communication Process
SYN - Client: Here's my Initial Sequence Number(ISN) to SYNchronise with (0)
SYN/ACK - Server: Here's my Initial Sequence Number (ISN) to SYNchronise with (5,000), and I ACKnowledge your initial number sequence (0)
ACK - Client: I ACKnowledge your Initial Sequence Number (ISN) of (5,000), here is some data that is my ISN+1 (0 + 1)
TCP Closing a Connection
TCP will close a connection once a device has determined that the other device has successfully received all of the data.
Because TCP reserves system resources on a device, it is best practice to close TCP connections as soon as possible.
When Client wants to end connection it starts a squence as illistrated below:
Client —> FIN —> Server
Client ←- ACK ←- Server
Client ←- FIN ←- Server
Client —> ACK —> Server
UDP
A stateless connection protocol that doesn't require a constant connection between the two devices for data to be sent. For example, the Three-way handshake does not occur, nor is there any synchronisation between the two devices.
UDP Headers
Header | Description |
Time to Live (TTL) | This field sets an expiry timer for the packet, so it doesn't clog up your network if it never manages to reach a host or escape! |
Source Address | The IP address of the device that the packet is being sent from, so that data knows where to return to. |
Destination Address | The device's IP address the packet is being sent to so that data knows where to travel next. |
Source Port | This value is the port that is opened by the sender to send the UDP packet from. This value is randomly chosen (out of the ports from 0-65535 that aren't already in use at the time). |
Destination Port | This value is the port number that an application or service is running on the remote host (the one receiving the data); for example, a webserver running on port 80. Unlike the source port, this value is not chosen at random. |
Data | This header is where data, i.e. bytes of a file that is being transmitted, is stored. |
Port
Essential point in which data can be exchanged.
A numerical identifier, typically between 0 and 65535, that represents a communication endpoint on a network device.
Standardized port numbers
Protocol | Port Number | Description |
File Transfer Protocol (FTP) | 21 | This protocol is used by a file-sharing application built on a client-server model, meaning you can download files from a central location. |
Secure Shell (SSH) | 22 | This protocol is used to securely login to systems via a text-based interface for management. |
HyperText Transfer Protocol (HTTP) | 80 | This protocol powers the World Wide Web (WWW)! Your browser uses this to download text, images and videos of web pages. |
HyperText Transfer Protocol Secure (HTTPS) | 443 | This protocol does the exact same as above; however, securely using encryption. |
Server Message Block (SMB) | 445 | This protocol is similar to the File Transfer Protocol (FTP); however, as well as files, SMB allows you to share devices like printers. |
Remote Desktop Protocol (RDP) | 3389 | This protocol is a secure means of logging in to a system using a visual desktop interface (as opposed to the text-based limitations of the SSH protocol). |