A network protocol is a set of established rules that dictate how to format, transmit, and receive data. Network protocols define how communication will take place between devices across a network.
Cooperating Rules in Layers
A set of cooperating network protocols is called a protocol suite. The TCP protocol functions on top of the Internet Protocol or IP. This is where the IP and IP address come from. Because of the protocol suite also defines addressing.
- A protocol suite combines rules in different Layers
- TCP works with IP (Internet protocol) to form TCP/IP
- UDP is another protocol that works with IP
- IP at Layer-5 of OSI, TCP and UDP at Layer-4 (transport – host to host)
TCP and UDP
There are two very important and very common protocols in use on all networks today. One is TCP/IP and the other is UDP though there are plenty more. These two protocols we need to understand in order to be an expert in the networking field. And also it needs to understand it in order to write firewall rule.
TCP stands for Transmission Control Protocol. UDP stands for User Datagram Protocol. While the standards are tightly defined and complicated, we can simplify them down to one really important distinction. Data transmitted over TCP is very careful about whether all of the data arrives at its destination and UDP as a protocol isn’t so concerned with that. TCP is slower but more likely to overcome things like packet loss than UDP. Because it spends a lot of time checking with the recipient to verify receipt of all of the packets it sends. And If data is lost in transit, TCP transmissions will automatically be retransmitted until a perfect transmission is verified by the recipient.
TCP is very reliable and is used when the data being sent must arrive at its destination perfectly. This is typical for file transfers of documents or images that must be stored and reused. UDP, on the other hand, doesn’t really care if the recipient gets the package in its entirety. UDP cares more about how much data it can shove out the door as quickly as possible. A great use for UDP, for example, is video streaming.
If there’s a glitch in a video stream a couple of packets here and there, maybe miss a frame or two, see a pixelated image than have to sit and wait for every perfect This has to do with how video is perceived and the fact that a stream of video or audio for that matter, is being consumed in real-time and not saved for future use. It is eliminated immediately upon playback. hey, don’t worry about it. Just keep shoving the data out the door. Because different services use either TCP or UDP or both, we have to specify the intended protocol in our firewall rules.
Characteristics of TCP and UDP
- Careful, requiring acknowledgement of correct receipt of data before giving up
- Will resend anything that does not arrive perfectly
- TCP – great for sending mail, webpages, documents, or anything that must result in complete at destination
- Playing fast and loose with your data
- Flinging data out as quickly as possible, never checking if it was received
- UDP – great for streaming media, because if it loses data in transmission, you just move on
Why it is important to a firewall?
TCP and UDP are very important to a firewall because data makes its way to a destination by travelling to an IP address on a specific port over a specific protocol. Get any of those things wrong and the rule will not work. Each rule must be defined with the correct combination of port number and protocol in order to work. If either is wrong, even a little, the rule will fail to behave as expected on your firewall.