Making sense of GNU/Linux network protocols

Mark G. Sobell

To exchange information over a network, computers must communicate using a common language, or protocol. When you work with a network you do not need to know all of the rules of each protocol, but you should know the characteristics of the protocols that are available to you. With this knowledge you can make intelligent decisions about which protocol to use in various contexts. This article describes briefly the most common protocols in use today.

A protocol is a set of formal rules describing how to transmit data, especially across a network. Low-level protocols define the electrical and physical standards, bit and byte ordering, and transmission, error detection, and correction of the bit stream. High-level protocols deal with the data formatting, including message syntax, terminal-to-computer dialog, character sets, sequencing of messages, and so forth, according to

The protocol determines the format of the message packets. The predominant network protocols used by GNU/Linux systems are TCP and IP, referred to as TCP/IP (Transmission Control Protocol and Internet Protocol). Network services that need highly reliable connections, such as ssh and scp, tend to use TCP/IP. Another protocol used for some system services is UDP (User Datagram Protocol). Network services that do not require guaranteed delivery, such as RealAudio and RealVideo, operate satisfactorily with the simpler UDP.

PIP: Internet Protocol

Layering was introduced

Requires Free Membership to View

to facilitate protocol design: Layers distinguish functional differences between adjacent protocols. A grouping of layers can be standardized into a protocol model. IP is a protocol and has a corresponding model for what distinguishes protocol layers. The IP model differs from the ISO seven-layer protocol model (also called the OSI model) often illustrated in networking textbooks. IP uses a simplified five-layer model.

The first layer, called the physical layer, describes the physical medium (copper, fiber, wireless) and the data encoding used to transmit signals on that medium (pulses of light, electrical waves, or radio waves, for instance).

The second layer, called the data link layer, covers media access by network devices and describes how to put data into packets, transmit the data, and check it for errors. Ethernet is at this layer, as is 802.11 wireless.

The third layer, called the network layer, frequently uses IP and addresses and routes packets.

The fourth layer, called the transport layer, is where TCP and UDP exist. This layer provides a means for applications to communicate with each other. Common functions of the transport layer include guaranteed delivery, delivery of packets in the order of transmission, flow control, error detection, and error correction. The transport layer is responsible for dividing data streams into packets. This layer also performs port addressing, which allows it to distinguish among different services using the same transport protocol. Port addressing keeps the data from multiple applications using the same protocol (for example TCP) separate.

Anything above the transport layer is the domain of the application and is part of the fifth layer. Unlike the ISO model, the Internet model does not distinguish among application, presentation, and session layers. All the upper-layer characteristics, such as character encoding, encryption, GUI, and so on, are part of the application. Applications choose the transport characteristics they require and choose the corresponding transport layer protocol to send and receive data.

TCP: Transmission Control Protocol

TCP is most frequently run on top of IP in a combination referred to as TCP/IP. TCP provides error recovery and guaranteed delivery in packet transmission order and works with multiple ports so that it can handle more than one application. TCP is a connection-oriented protocol (page 1461), also known as a streams-based protocol. Once established, a TCP connection looks like a stream of data, not individual IP packets. The connection is assumed to remain up and be uniquely addressable. Every piece of information you write to the connection always goes to the same destination and arrives in the order it was sent. Because TCP is connection oriented and establishes what you can think of as a virtual circuit between two machines, TCP is not suitable for one-to-many transmissions (see UDP, following).

TCP has built-in mechanisms for dealing with congestion (or flow) control over busy networks and throttles back (slows the speed of data flow) when it has to retransmit dropped packets. TCP can also deal with acknowledgments, wide area links, high delay links, and other situations.

UDP: User Datagram Protocol

UDP runs at layer 4 of the IP stack, just as TCP does, but is much simpler. Like TCP, UDP works with multiple ports/multiple applications and has checksums for error detection but does not automatically retransmit packets that fail the checksum. UDP is a packet- (or datagram-) oriented protocol: Each packet must carry its own address and port information. Each router along the way examines each packet to determine the destination one hop at a time. You can broadcast or multicast UDP packets to many destinations at the same time by using special addresses.

PPP: Point-to-Point Protocol

PPP provides serial line point-to-point connections that support IP. PPP compresses data to make the most of the limited bandwidth available on serial connections. PPP, which replaces SLIP (Serial Line IP), acts as a point-to-point layer 2/3 transport that many other types of protocols can ride on. PPP is used mostly for IP-based services and connections, such as TCP or UDP.

Xremote and LBX

Two protocols that speed up work over serial lines are Xremote and LBX. Xremote compresses the X Window System protocol so that it is more efficient over slower serial lines. LBX (low-bandwidth X) is based on the Xremote technology and is a part of the X Window System release X11R6.

About the author: Mark G. Sobell is author of "Practical Guide to Red Hat Linux." He can be reached at or via his Web site at

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: