Browsers communicate using "protocols"... Or really any network based communications use protocols.
Protocols are a, loosely followed, set of rules that say how routing and addressing packets of data is done to allow two or more entities to share information.
As shown above, there are a lot of different types of protocols that are used at different stages of network communication. But, only a "few" of these make up the "Internet Protocol Stack" or the "Internet Protocol Suite".
The IPS is a conceptual model and suite of communications protocols (or "stack of protocols") used in the Internet to provide end-to-end data communication and specifying how data should be packetized, addressed, transmitted, routed, and received.
The foundational protocols in the suite are the Transmission Control Protocol (TCP) and the Internet Protocol (IP); and thus it is commonly referred to as simply the TCP/IP Suite.
The Internet Protocol (IP) is generally considered the base protocol that all other Internet based protocols sit on top of, is the first to be interacted with when data is received, and introduces the "virtual network abstraction that is the basic principle of the Internet model." (1)
At the very basics level, the Internet Protocol uses a "Internet Datagram" to exchange data though specified encapsulation and lacks any functionality for error handling when datagrams are either duplicated, lost, or arrive to the remote host in another order than they were sent.
The TCP (Transmission Control Protocol) and UDP (User Datagram Protocol) protocols that sit on top of the Internet Protocols in the "Transport Layer" of the TCP/IP Model.
The UDP is an end-to-end communications protocol that contains just enough information to transfer a "user datagram" from one process on the transmitting host to another process on the receiving host.
Much like IP though, UDP is an connectionless, unreliable service that transfers data before any agreement is provided by the receiving party. Because of this UDP is primarily used for low-latency(low-delay) and loss-tolerating connections such as voice over Internet Protocol (VoIP), domain name system (DNS) lookup, and video or audio playback.
The TCP (Transmission Control Protocol) is a reliable, stream oriented service for connection of application layer software with a service. Because TCP was one of the first network implementations that complemented the IP, it is commonly referred to as TCP/IP.
TCP requires a connection between client and server to be established before a segment of the actual application data can be sent (also known as the three-way handshake). It uses this connection to establish a virtual circuit between the two transmitting hosts so that both hosts can simultaneously put data out on the Internet without specifying the destination host once the connection is established.
Above the UDP and TCP Transport Layer, respectively, is the Application layer where more protocols provide applications with a standardized way to exchange data.
The main protocols on the UDP side include DNS, Network Time Protocol (NTP), BOOTP, and DHCP, but there are more.
These protocols are generally used here because of the lack of need for real-time error handling and the need for a large number of clients to be connected at once.
The main protocols usually used on the TCP side include HTTPS, "HTTP, FTP, Post Office Protocol 3 (POP3), Simple Mail Transfer Protocol (SMTP), and Simple Network Management Protocol (SNMP)." (2)
These protocols are usually used here because of the need for compatible with a variety of operating systems, scalability and reliability as the internet grows, and the ability to recover automatically from the failure.
As stated above, each side (UDP vs TCP) has their top protocols that are generally used on them, but how do you access them and what do they do?
The generally agreed upon way to access each protocol is through the logical construct that identifies a specific process, or a type of network service, called a port.
I don't want to dive deep into all of the protocols and ports at this level (because there are 65,535 ports), but a few of the main ports and their associated protocol as well as a few explanations of a few popular ports.
- 20/21: File Transfer Protocol (FTP)
- 22: Secure Shell (SSH) Secure Login
- 23: Telnet remote login service, unencrypted text messages
- 25: Simple Mail Transfer Protocol (SMTP) E-mail routing
- 53: Domain Name System (DNS) service
- 67, 68: Dynamic Host Configuration Protocol (DHCP)
- 80: Hypertext Transfer Protocol (HTTP)
- 110: Post Office Protocol (POP3)
- 119: Network News Transfer Protocol (NNTP)
- 123: Network Time Protocol (NTP)
- 143: Internet Message Access Protocol (IMAP) Management of digital mail
- 161: Simple Network Management Protocol (SNMP)
- 194: Internet Relay Chat (IRC)
- 443: HTTP Secure (HTTPS) HTTP over TLS/SSL
Port 80: HTTP
By far the most common port, HTTP defines the rules for transferring files, images, and other media to and from web browsers with web servers over the TCP/IP connection.
HTTP is a stateless protocol that requires all requests to originate from the client-side browser and are then sent to a specific server to process the request and send back a response.
Port 443: HTTPS
This port is steadily becoming used more than port 80 because of its added security through encryption to protect all data exchanges used on it. As shown below, a normal HTTP request/response will be in plain text for anyone to see, but HTTPS encrypts the correspondence so that they cannot be ready by any unintended viewers.
HTTPS is HTTP over an SSL/TLS connection that makes use of public key encryption (where there are two keys — public and private) to distribute a shared symmetric key, which is then used for transmission. (9)
Port 53: DNS
A DNS (Domain Name System) is kind of like a phonebook that lives at your Internet Service Provider (ISP); or on your local system in a few places.
In short, when you make a request for a website (www.example.com) your system will use UDP to attempt to locate its IP address by recursively making DNS requests to attempt to locate and translate your requested domain name (example.com) into an internet protocol (IP) address (something like 123.345.567.789).
Ports 25: SMTP, 110: POP3, & 143: IMAP
SMTP (Simple Mail Transfer Protocol), POP3 (Post Office Protocol), and IMAP (Internet Message Access Protocol) are used to manage the sending and receiving of digital mail to and from a mail server.
More specifically, IMAP and POP3 are most commonly used for retrieving emails and STMP is used for sending emails across the Internet.
Port 123: NTP
The NTP (Network Time Protocol) is an interesting protocol to me because it is one of the oldest protocols used and is generally only used for clock synchronization between computer systems over packet-switched, variable-latency data networks.
- When your Browser makes a request for a page it will take any data associated with the request and make package it together in a "packet" that it will send to its associated Transport Layer protocols (TCP or UDP).
- If the data is too large each layer will break the data into chunks called "packets" that will each travel to the destination in the same process.
- Once at the Transport Layer protocol, the defined protocol will add on a TCP Header containing its own specific information about the destination, length, padding, special options, and more depending on if it is a UDP or TCP based request. Then the Transport Layer protocol will send the new packet of data to the Internet/Network layer (see the OSI model for more info)
- Now at the Internet Layer the packet the protocol will add on the IP Header and make a Datagram frame that it will be sent to the DataLink layer.
- At the DataLink layer the rest of the original frame is encapsulated into a new frame the associated headers (MAC Header and LLC Header) and footers (FCS footer) are added before it is sent over the communication channel of the Physical Layer.
- Once the intended device receives the data the opposite actions are performed according to its intended use.
The need to understand protocols is important to make sure that you are using the correct protocol for your need and you are not using protocols that have other intended uses. There are a lot of protocols available and there is no need to reinvent the wheel if you can learn how to use it properly. (Read the RFCs for protocol standards.) Not understanding protocols and their use can lead to broken access issues or leaking date that might be accessible through a different protocols than intended.