The Transport Layer is a critical layer for proper data transmission, and just as critical is your knowledge of this layer’s activities for passing your CCNA exams.
It is at this layer that data begins to be placed into smaller units for transmission across the physical wire. I know when I started studying networking, it was easy to get confused about the different terminology used to refer to data. Part of that was because I was new to the field, and
part of it was due to the terms being misused in some technical books.
At the top three layers of the OSI model, data is still referred to as “data". It is at the Transport layer where the data begins to be segmented into smaller units.
The reason I use the term “segmented" there? That’s the term used to describe data at Layer 4. The Transport layer places the data into segments.
Another major part of your networking theory comes in at the Transport layer, and knowing your theory cold will help you avoid a classic Intro exam mistake. You hear the term “TCP/IP" so often that it’s easy to think that TCP runs at the Network layer. It doesn’t. TCP and UDP alike are found at the Transport layer.
For success on your Intro, ICND, or CCNA exams, you’ve got to master the differences between TCP and UDP, along with the features of each.
TCP is referred to as “connection-oriented", because an underlying connection between the sender and receiver is created before segments are ever sent. This connection is created by the somewhat confusing term “three-way handshake".
The steps of the three-way handshake are as follows:
1. The sender sends a “SYN", or synchronization request, to the intended receiver. What’s being synchronized? The all-important sequence number that allows several important TCP features to take place.
2. The receiver will return a “SYN/ACK", which both acknowledges the first SYN and requests synchronization as well.
3. The originator then returns an “ACK", acknowledging the SYN/ACK. At this point, the connection is now open, and communication can begin.
UDP, on the other hand, has no such underlying connection. Generally referred to as “connectionless", UDP just starts sending segments with no advance communication with the receiver. While usually dependable, UDP gives no guarantee that the segments will be delivered, and there is no acknowledgement of segments by the receiver. UDP delivery is best described as “best effort", as compared to TCP’s guaranteed delivery.
That sequence number we mentioned allows TCP to recover from dropped segments. The receiver looks at the sequence number on the segments it receives, and then sends an ack back to the sender with the number of the next segment it expects. (Note that the receiver does NOT send back an ack with the number of the last segment it received. That’s a common misconception.)
The receiver indicates the next sequence number it expects to see with the ACK.
If the sender gets an ack with a segment number that it has already sent, the sender realizes that segments have been dropped, and will then retransmit those lost segments.
In this example, segment 30 was dropped. When the sender sees the ACK number from the receiver is the number of a segment that's already been sent, the sender realizes that particular segment was lost in transmission, and will retransmit that segment.
It’s worth repeating that the sequence number sent by the receiver is NOT the number of the last segment it received, but is the number of the next sequence number it expects to see.
By default, TCP requires that a sender receive an ack for each segment, and that no more segments can be sent before that ack is received. Not only can this slow traffic down a bit, but that’s a lot of unnecessary acks that have to be sent by the receiver. TCP allows windowing, a technique where the sender can send multiple segments before having to receive an ack from the receiver. The number of segments allowed to be sent before an ack must be received is
referred to as the “size of the window".
TCP also allows the receiver to indicate to the sender that data is being sent too quickly for the receiver to process. This process is called flow control. The main purpose of flow control is to adjust the transmission rate of the sender to that of the receiver and of the network itself. This allows the data transfer rate to be close to the maximum without overwhelming the network, the receiver, or both.
TCP obviously has some great features! Between windowing, retransmission of lost segments, ack numbers that allow error detection in the first place, and flow control, why would UDP ever be used? After all, UDP offers none of these features.
The difference is apparent when looking at the size of the respective headers. TCP’s header is much larger than that of UDP, and that overhead adds up. Since UDP does not offer the features we’ve been discussing, the header is much smaller.
The TCP header. While offering many more features than UDP, the header is much larger.
The UDP header. Note that port numbers are referenced in both UDP and TCP, not IP addresses.
Successful CCNA candidates will master the differences between TCP and UDP, as well as being very familiar with the contents of these headers.
There’s a lot going on at the Transport layer, and to be successful network engineer and administrators (and CCNAs!), we need to know all of this like the back of our hand.
_________________________________________
Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of over 100 free certification exam tutorials, including Cisco CCNA certification test prep articles. His exclusive Cisco CCNA study guide and Cisco CCNA training is also available!
Visit his blog and sign up for Cisco Certification Central, a daily newsletter packed with CCNA, Network+, Security+, A+, and CCNP certification exam practice questions! A free 7-part course, “How To Pass The CCNA", is also available, and you can attend an in-person or online CCNA boot camp with The Bryant Advantage!
