Network Data Encapsulation

The primary reason for looking at any network model is to better understand how systems communicate. In real-life, network communication requires that data be encapsulated by the sender, transmitted over the network, and then de-encapsulated by the receiver. This is best illustrated by looking at what happens when one system running TCP/IP sends data to another. The list below outlines 5 simplified steps in a typical TCP/IP data transfer over an Ethernet network. Note that each layer considers whatever has been passed down to it from an upper layer as “data”. It doesn’t concern itself with what was added by the upper layers.

  1. Data is created by an application such an FTP client program. Let’s assume that a file transfer is being initiated with a local FTP server.
  2. The data is passed to the Host-to-host (Transport) layer, where it is encapsulated to include source and destination port numbers. These uniquely identify the applications that the data should be passed between. For example, if this data were being sent to an FTP server, the destination port would be TCP 21. The data is now considered to be a segment.
  3. The data is passed to the Internet (Network) layer, where it is again encapsulated to include information such as the source and destination IP addresses. The data is now considered to be a packet.
  4. The data is passed down to the Network Interface (Data Link) layer, where it is encapsulated for Ethernet to include source and destination MAC addresses, as well as the an error-checking mechanism known as a cyclic redundancy check (CRC). The data is now considered to be a frame.
  5. The data is converted to a series of bits, and transmitted across the network.

Tip: A CRC is also often referred to as a Frame Check Sequence (FCS).

Figure: TCP/IP Data Encapsulation Process 

Note that upon reaching the destination host, the entire process happens in reverse, with each layer de-encapsulating the data by striping away the information that was added at each layer. Eventually, the required data is passed to the FTP server as intended by the FTP client application. Consider the frame captured below using Ethereal, a network protocol analyzer. Notice that each heading area directly corresponds to the encapsulation process just defined (with the exception that the program shows the layers in reverse order).

Ethernet II
Internet Protocol, Src Addr: 192.168.0.1 (192.168.0.1), Dst Addr: 192.168.0.135 (192.168.0.135)
Transmission Control Protocol, Src Port: 4653 (4653), Dst Port: ftp (21), Seq: 2739356837, Ack: 204742999
File Transfer Protocol (FTP)

Author: Dan DiNicolo

Dan DiNicolo is a freelance author, consultant, trainer, and the managing editor of 2000Trainers.com. He is the author of the CCNA Study Guide found on this site, as well as many books including the PC Magazine titles Windows XP Security Solutions and Windows Vista Security Solutions. Click here to contact Dan.