Deep Dive into Network Communication: Client-Server Model, TCP vs UDP, and Secure Transmissions Explained
Client Server Protocol
Client-server architecture is a computing model where the server hosts, delivers and manages most of the resources and services to be consumed by the client. Client and Server are relative terms
Consider a web browsing scenario. Your computer acts as a client when it sends a request to a web server (say, Google's server) to fetch a webpage. In this case, your computer is the client and Google's server is the server.
Now, suppose you decide to share a file from your computer with another device in your home network. In this case, your computer becomes the server (as it's serving the file) and the other device becomes the client (as it's requesting the file).
Open Systems Interconnection (OSI)
The Open Systems Interconnection (OSI) model is a conceptual framework used to describe the functions of a networking or telecommunication system. It divides network communication into seven layers, each handling specific tasks and operating independently of the others:
The OSI model consists of seven layers:
- Physical Layer - Deals with physical connectivity
- Data Link Layer - Provides node-to-node data transfer
- Network Layer - Handles routing and packet forwarding
- Transport Layer - Ensures reliable data transmission
- Session Layer - Manages communication sessions
- Presentation Layer - Handles data translation and encryption
- Application Layer - Interfaces with end-user applications.
TCP VS UDP
TCP (Transmission Control Protocol) provides reliable, ordered, and error-checked delivery of data. UDP (User Datagram Protocol) is simpler, faster, but less reliable, offering no error checking or recovery services.
TCP and UDP operate at the Transport Layer (Layer 4) of the OSI model
Need Reliability - TCP Need Speed - UDP
TCP is like sending a certified letter. You'll get a receipt when the letter is delivered, ensuring its safe and complete arrival. If parts of the letter were lost (say, pages from a document), the recipient can ask for those parts to be resent. It's reliable but takes more time and resources due to the checks and balances.
UDP, on the other hand, is like sending a regular letter. There's no receipt or confirmation of delivery. If parts of the letter are lost, they stay lost. The recipient won't even know if anything's missing. It's faster and requires less resources since it doesn't have the overhead of ensuring reliable delivery. Useful for services like streaming where missing a few frames is better than waiting for them and causing lag.
Key Features of the Transmission Control Protocol (TCP)
Client requests connection by sending SYN (synchronize) message to the server. Server acknowledges by sending SYN-ACK (synchronize-acknowledge) message back to the client. Client responds with an ACK (acknowledge) message, and the connection is established
- Connection-oriented: Before data transfer begins, TCP establishes a connection between the sender and receiver via a process called a Three-way handshake. The sender initiates with a SYN packet, the receiver acknowledges with a SYN-ACK, and finally the sender sends an ACK to complete the setup. This pre-established connection ensures a dedicated communication link.
- Reliable Delivery: TCP ensures the reliability of data transmission. If a packet is lost during transmission, the receiver sends an acknowledgment of the last correctly received packet, and the sender retransmits the missing packet. This process continues until all packets are successfully received.
- Ordered Delivery: Each TCP packet includes a sequence number that allows the receiver to reassemble packets in the correct order, even if they arrive out of sequence.
- Flow Control: TCP manages the rate of data transmission to prevent network congestion and receiver overflow. It uses a sliding window mechanism to determine how much data can be 'in flight' before needing an acknowledgment.
- Error Checking: Every TCP segment includes a checksum to ensure data integrity. The receiver performs the checksum calculation upon receiving data and discards segments with mismatched checksums, prompting retransmission.
- Congestion Control: TCP uses algorithms like Slow Start, Congestion Avoidance, Fast Retransmit, and Fast Recovery to control network congestion by adjusting the data transmission rate.
Connection Termination: Once data transfer is complete, TCP terminates the connection using a four-way process. (Note: Both the sender and the receiver can initiate the termination of a TCP connection. This is done through the exchange of FIN and ACK packets in a process known as the TCP four-way handshake. Whoever initiates the termination sends the first FIN packet.)
- The endpoint initiating termination sends a TCP segment with the FIN flag set.
- The receiving endpoint acknowledges the FIN by sending back a segment with the ACK flag set.
- When ready to close the connection, the receiving endpoint sends a TCP segment with its own FIN flag set.
The initiating endpoint acknowledges the received FIN with an ACK, finalizing the termination.
Each FIN/ACK pair is separate, and this process allows for the graceful closing of a connection where both sides acknowledge the disconnection. This is often referred to as the "four-way handshake" of termination.
TCP's robust features make it an ideal choice for applications where data reliability and order are crucial, such as web servers, email, and file transfers. However, its overhead can be a disadvantage for real-time applications like video streaming or gaming, where speed and low latency are more important than perfect data integrity.
| TCP | UDP |
| Connection Oriented | Connectionless |
| Overhead of establishing connection | No Overhead |
| Reliable & Delivery Guaranteed | Delivery not Guaranteed not reliable |
| Extensive Error Checking | Basic Error Checking |
| Sequencing / Ordering | No Sequencing / Ordering (Can be managed in app level) |
| Slower | Faster |
| Retransmission of lost packets | NO Retransmission |
| Safer | Quick |
| Email, Military , File Transfer | Video Streaming, Game Streaming, Music Streaming |
| Broadcasting is supported | Broadcasting is not supported |
Fun-Fact
DNS primarily uses UDP for communication because it is faster and has less overhead. Most DNS queries are simple, single-packet exchanges: a single request and a single reply.
However, DNS can use TCP when necessary. This typically happens in two situations:
- The DNS response data size exceeds the UDP packet size limit (512 bytes for traditional DNS, up to 4096 bytes for DNS using Extension Mechanisms (EDNS)).
- Zone transfers (when entire DNS entries, or zones, are replicated for backup or for distribution to multiple DNS servers) are conducted using TCP because they require reliable and ordered delivery.
Application Layer
The Application Layer is the topmost layer in the OSI model and it provides the interface for software applications to implement network communication. Application layer protocols define the standards for how software applications send and receive data over networks.
e.g HTTP, HTTPS, FTP, DNS, SMTP, POP3,IMAP, SNMP, Telnet
HTTP
| Version | Release Year | Protocol | Key Features |
| HTTP/0.9 | 1991 | TCP | Simple protocol, only supporting GET requests. |
| HTTP/1.0 | 1996 | TCP | Introduced new methods like POST, HEAD. Added HTTP headers. |
| HTTP/1.1 | 1997 (revised in 1999) | TCP | Introduced persistent connections, chunked responses, additional caching mechanisms. Persistent Connections - Multiple requests over single connection (built using the handshake). Keep-alive is a header used. |
| HTTP/2 | 2015 | TCP | Implemented binary protocol, multiplexing, server push, header compression for improved performance. |
| HTTP/3 | 2021 (as of last update) | UDP ( QUIC - Quick UDP Instant Connections) | Switched from TCP to QUIC for improved performance in poor network conditions. |
HTTP methods
Table with examples of the most commonly used HTTP methods:
| Method | Description | Example | Additional |
| GET | Retrieves data from a resource. | Accessing a website (your browser sends a GET request to the server). | No Effect on Server |
| POST | Sends data to create a new resource. | Filling out a web form to register for an account (your data is sent as a POST request). | It can use "Transfer-Encoding: chunked" header when body size is unknown, eliminating the need for a Content-Length header. Not Idempotent |
| PUT | Updates an existing resource with new data. | Editing a blog post or updating your profile information in an app (the new data is sent as a PUT request). | It is Idempotent |
| DELETE | Removes a specified resource. | Deleting an email from your inbox or a file in a web-based app (a DELETE request is sent). | |
| PATCH | Applies partial modifications to a resource. | Changing a setting in an app without updating the entire profile (a PATCH request sends just the changed data). |
Encryption
Symmetric encryption is like a single key box. You want to send a secret message to your friend. So, you put your message in a box and lock it with a key (encryption). You send the box to your friend and also somehow securely send a copy of that same key. Your friend uses the key to unlock the box and read the message (decryption). The key here is like the symmetric key – the same one locks and unlocks the box. It's simple and fast, but you've got the challenge of sending the key securely.
Asymmetric encryption, on the other hand, is like a two-key safe box. Imagine your friend has a special safe box. It has two different keys - one can only lock the box (public key), and the other can only unlock it (private key). Your friend sends you the box with the lock-key. You put your message in the box, lock it, and send it back. Now, the only key that can open the box is the unlock-key, which your friend kept secure. So, the message is safe, and you didn't have to send a key insecurely. Computationally more expensive.
HTTPS
HTTPS (Hypertext Transfer Protocol Secure) is an extension of HTTP used for secure communication over a computer network
HTTPS works by using a combination of symmetric and asymmetric encryption, along with a system of digital certificates for authentication.
- Establishing Connection: When a client (usually a web browser) attempts to establish an HTTPS connection, it starts a process known as an SSL/TLS handshake.
- Server Identity Verification: The server sends its digital certificate, which contains the server's public key and is issued by a trusted third-party known as a Certificate Authority (CA). The client verifies the certificate's validity.
- Key Exchange: The client generates a 'pre-master secret', encrypts it with the server's public key (asymmetric encryption), and sends it back to the server. The server decrypts it with its private key.
- Symmetric Key Derivation: Both client and server use the 'pre-master secret' to independently compute the same 'session key' (symmetric key).
- Secure Communication: All subsequent communication between the client and server is encrypted and decrypted using this session key. This is symmetric encryption: the same key is used for encryption and decryption, which is computationally less expensive and thus suitable for transferring the actual data.
In summary, HTTPS uses asymmetric encryption to securely exchange a symmetric key, and then uses that symmetric key for the actual data communication. It also uses digital certificates to verify the identity of servers, providing a layer of trust.
Quiz
| No. | Questions | Options | Correct Answer |
| 1 | Which transport protocol is suitable for real-time applications like VoIP and video streaming? | TCP, UDP, HTTP, HTTPS | Ans!UDP (✓) |
| 2 | Which transport protocol is generally preferred for file transfer applications, such as FTP? | TCP, UDP, HTTP, HTTPS | Ans!TCP (✓) |
| 3 | Which transport protocol is typically employed for reliable email delivery using SMTP? | TCP, UDP, HTTP, HTTPS | Ans!TCP (✓) |
| 4 | Which transport protocol is commonly used for DNS (Domain Name System) queries? | TCP, UDP, HTTP, HTTPS | Ans!UDP (✓) |
| 5 | Which transport layer protocol is considered unreliable and does not guarantee message delivery? | TCP, UDP, HTTP, HTTPS | Ans!UDP (✓) |
| 6 | Which transport protocol provides flow control and congestion control mechanisms? | TCP, UDP, HTTP, HTTPS | Ans!TCP (✓) |
| 7 | Which transport protocol is preferred for online gaming applications that require low latency? | TCP, UDP, HTTP, HTTPS | Ans!UDP (✓) |
| 8 | What security feature does HTTPS provide that HTTP does not? | Encryption of data, Compression of data, Caching of data, Error Correction of data | Ans!Encryption of data (✓) |
| 9 | Which security protocol is used by HTTPS to provide encryption and secure communication? | TCP, UDP, SSL/TLS, HTTP | Ans!SSL/TLS (✓) |
| 10 | Which encryption method is used for encrypting the session key during the initial handshake in HTTPS? | Symmetric encryption, Asymmetric encryption, Hashing, Digital signatures | Ans!Asymmetric encryption (✓) |
| 11 | Which encryption method is more suitable for encrypting large amounts of data in HTTPS? | Symmetric encryption, Asymmetric encryption, Hashing, Digital signatures | Ans!Symmetric encryption (✓) |
| 12 | Which encryption method requires the use of a public key and a private key pair? | Symmetric encryption, Asymmetric encryption, Hashing, Digital signatures | Ans!Asymmetric encryption (✓) |