What are they all and how do they fit together ? - Well here is a simple (I hope
) guide - even so - this is still quite a long post - you may want to read it in sections.
All of this is also a simplified view - the reality is a bit more complicated so no moaning by the techies please. :pp
Ok, to get information over the a network from 'A' to 'B' you need some sort of transmission methods and protocols (and a connection of course).
For the purposes of this guide I will consider a simple ethernet based network with one router connecting two networks, Clients 'A' & 'B' are connected together in Network 1 and Servers 'C' & 'D' the same in Network 2. Networks 1 & 2 are each connected to a Port on Router 'E' ('E1' & 'E2') - and each Client & Server has a single Network Card (NIC).
The first thing is to get the NIC's and Ports on a Network to talk to each other - for this to happen, each one has an address assigned to it (known as a MAC address) - these are unique in the world (supposedly).
'A' can then talk to 'B' or 'E1' by addressing a packet of information to the destination MAC address and sending it on the local network, this packet will reach both 'B' & 'E1' but only the correct one will recognise itself as the recepient and process the packet. Each of the three ports can talk to each other in this manner by sending a packet on the network knowiing that it will reach all the other ports and be processed by the correct one. In the same way, 'C', 'D' and 'E2' can talk to each other on Network 2.
Now, the next question is how does 'A' or 'B' talk to 'C' or 'D'. One way would be for the router to pass everything it sees on network 1 (via 'E1') onto network 2 (via 'E2') and vice versa. This would work - but would soon become a problem as the two networks got bigger or more networks were added.
So the next step up is IP (Internet Protocol). Each port is assigned a unique IP address in the form of x.x.x.x where x = 1 to 255 - each is also given a Subnet Mask which is used to tell the port what other IP addresses are local to it and which are on remote networks - For example 'A' would be 192.168.0.1 with a mask of 255.255.255.0 - this means that any other address starting 192.168.0.x is local - if the mask was 255.255.0.0 then anything in 192.168.x.x would be local.
In our network 'A' = 192.168.0.1, 'B' = 192.168.0.2, 'E1' = 192.168.0.3, 'C' = 192.168.1.1, 'D' = 192.168.1.2 & 'E2' = 192.168.1.3 - All with 255.255.255.0 as their mask.
If 'A' wants to send to 'B' - it knows that 'B' is local from its IP/Mask combination so it just needs to find the correct MAC address to send the data - to do this it sends a packet to all the ports on its local network basically saying "who is 192.168.0.2 ?". 'B' will respond to this saying "I am - here is my MAC address". 'A' then sends the IP packet to 'B'.
If 'A' wants to send to 'C' (192.168.1.1) - something different happens. 'A' knows that 'C' is on another network from its IP/Mask combination, so it needs to send the data to Network 2. To do this it relies on the Router 'E'. 'A' (and all the others) have a "Default Gateway" set - which is actually the IP address of the router port on the local Network 1 (i.e. 'E1' in this case). Any data that is not for another IP address on the local network is sent to the default gateway instead.
When the router receives the packet it looks up the destination IP address in its "routing table" to see if it has any information on where that IP address might be.
This table will tell it that any 192.168.1.x IP's are on network 2 and this is connected to it's port 'E2'. The router obtains the MAC address of 'C' via port 'E2' (as above) and sends the data on its way to 'C'.
This IP system now gives us the ability to connect many networks together via a router and not flood them all with each others packets of data. However this is still not perfect as there is little control over packets and no provision for the fact that data could arrive in a different order to what it was sent - or indeed just get lost.
So IP is used as the method of carrying many other protocols such as TCP, UDP, ICMP and many other less well known ones - some of these can handle things like lost or mis-ordered data packets.
ICMP is used by IP to send control and state messages - for instance if the router does not know where to send an IP packet because it has no information for it [in its routing table] then it can send an ICMP packet back to the source IP to say "No route found".
Ping uses ICMP - if 'A' pings 'B' then what happens is 'A' sends an ICMP "Echo Request" to 'B', when it receives this, 'B' sends an "Echo Reply" back to 'A'. (just like someone playing Ping Pong
Tracert also uses some [more complex] ICMP features to trace the route a packet takes through routers. It uses a feature of each IP packet called the TTL (time to live).
Every IP packet sent has a TTL set and each time it passes through a router, that TTL is decreased by one. If it reaches zero then the packet is dropped and an ICMP "Timeout exceeded" message sent back to the source.
So if you sent a packet with a TTL of 1, it will be dropped at the first router and a message sent back, if you send it with a TTL of 2 then the second router will do the same. So by sending a stream of packets, each with a TTL one higher, and collecting the timeout replies, you can trace your route.
UDP is a simple protocol that uses IP. UDP uses the concept of ports to sub divide an IP address, thus allowing multiple systems to send data to a single IP without them intefering with each other. e.g. one application can listen for data on Port 53 while another listens on Port 139.
Both are on the same IP address but can receive data independantly - using the port number to differentiate (a bit like the houses in a street all having different numbers).
UDP is known as connectionless as it does not try and establish a link with the address it is sending data to - it just sends the packets in the hope that they will arrive at the far end (and the order they arrive can vary).
TCP is another protocol that uses IP and the concept of ports. TCP is in fact the most common protocol used on the "internet" - most application protocols (such as HTTP, FTP, SMTP, POP3 etc) use it, and most also have a common TCP port number associated with them as well.
TCP is a connection protocol - this means it establishes a link between the two points of communication and does regular checking to make sure all data sent has arrived and it in the correct order. Basically when point A wants to set up a connection to point B, the following happens;
'A' sends a tcp syncronise (SYN) request to 'B' - 'B' receives this and either acepts or rejects it. If 'B' wants to reject the request it sends a reset (RST) back to 'A', and 'A' gives up.
If 'B' is going to accept the connection it sends an acknowledgement (ACK) and it's own SYN request back to 'A' (They are combined into one reply packet. 'A' then sends an ACK back to B and the connection is established.
'A' or 'B' can then send data to each other over this "connection".
The most common TCP/UDP port numbers in use are;
20 FTP (data)
21 FTP (Control)
37 TIME SYNC
111 SUN RPC
135 WINDOWS RPC
443 HTTPS (secure https)
445 WINDOWS SMB
563 NNTPS (secure nntp)
636 LDAPS (secure ldap)
989 FTPS (secure ftp Data)
990 FTPS (secure ftp Control)
992 TELNETS (secure telnet)
993 IMAP4S (secure imap4)
995 POP3S (secure pop3)
Thats all folks - if any of you are still awake