← Back to OSI Overview

🚛 Layer 4: Transport Layer

Reliable End-to-End Communication

The Transport Layer provides reliable data transfer services to the upper layers. It handles error detection, error recovery, flow control, and ensures complete data transfer between host systems.

Layer 4 (Transport) Technologies

The Transport Layer is responsible for reliable end-to-end data delivery between applications. It provides connection management, error recovery, flow control, and data segmentation between processes running on different hosts.

Connection Management - Establishing, maintaining, and terminating connections between applications
Reliable Delivery - Ensuring all data arrives correctly and in order (TCP) or fast delivery (UDP)
Flow Control - Managing data transmission rate to prevent buffer overflow
Port-based Multiplexing - Multiple applications sharing the same network connection

The Critical Role: While Layer 3 routes packets between networks, Layer 4 ensures reliable communication between specific applications using port numbers and connection state management.

📱

Client App

Port 12345
Ready
Connect
Transfer
Acknowledge
TCP
TCP
Transport Status:
Select a protocol and mode to begin
Step 0 of 0
Connection Idle
📡

Server App

Port 80
Listening

Transport Protocol Information

Select a protocol and click "Protocol Details" to learn more.

🎯 Primary Functions

  • Segmentation: Breaking data into smaller, manageable segments
  • Error Detection & Recovery: Ensuring data integrity
  • Flow Control: Managing data transmission rates
  • Connection Management: Establishing and terminating connections
  • Multiplexing: Multiple applications using the network simultaneously

🔧 Key Characteristics

  • Port Numbers: Identify specific applications (0-65535)
  • Sequence Numbers: Track data order and completeness
  • Acknowledgments: Confirm successful data receipt
  • Window Size: Control flow and prevent buffer overflow
  • Checksums: Detect transmission errors

🌐 Major Transport Layer Protocols

🔒 TCP (Transmission Control Protocol)

Connection-oriented, Reliable

TCP [SYN] Seq=0 Win=65535 Len=0 TCP [SYN, ACK] Seq=0 Ack=1 Win=65535 TCP [ACK] Seq=1 Ack=1 Win=65535

What you see in Wireshark: Three-way handshake with SYN, SYN-ACK, ACK flags

Like a phone call - establish connection, talk, hang up properly

📡 UDP (User Datagram Protocol)

Connectionless, Fast

UDP Src Port: 53 (dns) UDP Dst Port: 54321 Length: 45 bytes Checksum: 0x1a2b [correct]

What you see in Wireshark: Simple header with source/dest ports, length, and checksum

Like sending a postcard - quick, simple, no delivery guarantee

🔄 SCTP (Stream Control Transmission)

Multi-streaming, Reliable

SCTP INIT Chunk Verification Tag: 0x00000000 Multiple streams supported

What you see in Wireshark: Chunk-based protocol with multi-homing support

Like TCP but with multiple lanes on the highway

🏢 SPX (Sequenced Packet Exchange)

NetWare's reliable protocol

SPX: Connection Control: 0x40 SPX: Sequence Number: 1234 SPX: Acknowledge Number: 5678

What you see in Wireshark: Similar to TCP but for Novell networks

Legacy protocol mostly replaced by TCP

⚖️ TCP vs UDP Comparison

Feature TCP UDP
Connection Connection-oriented
(3-way handshake)		 Connectionless
(fire and forget)
Reliability Guaranteed delivery
Error recovery		 Best effort
No error recovery
Speed Slower
(overhead for reliability)		 Faster
(minimal overhead)
Header Size 20 bytes minimum 8 bytes fixed
Flow Control Yes (sliding window) No
Use Cases Web browsing, Email
File transfer, Databases		 DNS queries, Video streaming
Online gaming, DHCP

🔍 Real-World Example: Web Page Download (TCP)

Scenario: Your browser downloads a webpage from a server

What happens at the Transport Layer:

  1. Connection Establishment: Browser initiates TCP 3-way handshake with server
  2. Data Segmentation: Large webpage is broken into TCP segments
  3. Reliable Delivery: Each segment is numbered and acknowledged
  4. Error Handling: Missing segments are automatically retransmitted
  5. Flow Control: Prevents server from overwhelming browser
  6. Connection Termination: 4-way handshake to close connection
Wireshark Transport Layer Analysis: TCP: [SYN] Seq=0 Win=65535 Len=0 MSS=1460 TCP: [SYN,ACK] Seq=0 Ack=1 Win=65535 Len=0 TCP: [ACK] Seq=1 Ack=1 Win=65535 Len=0 TCP: HTTP request data [PSH,ACK] Seq=1 Len=500 TCP: HTTP response data [PSH,ACK] Seq=1 Len=1460 TCP: [ACK] Seq=501 Ack=1461 (acknowledging data)

In Wireshark, you can see the complete TCP conversation with all control flags and sequence numbers.

🎮 Understanding Port Numbers

Port numbers allow multiple applications to use the network simultaneously. Think of them as apartment numbers in a building (IP address).

Well-Known Ports (0-1023)

Port 80
HTTP
Port 443
HTTPS
Port 25
SMTP
Port 53
DNS
Port 21
FTP
Port 22
SSH

Ephemeral Ports (32768-65535)

Port 54321
Browser
Port 49152
Email Client
Port 60000
Game Client
Port 55555
Chat App
Example Connection: Client 192.168.1.100:54321 → Server 192.168.1.50:80 (Your computer's random port → Web server's HTTP port)

🐛 Common Transport Layer Issues

  • Port Conflicts: Multiple applications trying to use same port
  • Firewall Blocking: Ports blocked by security policies
  • Connection Timeouts: Network congestion or server overload
  • Packet Loss: Network issues causing retransmissions
  • Buffer Overflow: Receiving data faster than processing

🔧 Troubleshooting Tools

  • Netstat: Show active connections and listening ports
  • Wireshark: analyse packet flow and connection states
  • Telnet: Test if specific ports are accessible
  • TCPView: Real-time view of TCP and UDP activity
  • SS/Netstat: Socket statistics and connection info

🎓 Teaching Analogy: Shipping and Postal Services

Think of the Transport Layer like different shipping services:

🔒 TCP = Certified Mail with Tracking

📡 UDP = Regular Mail

The Transport Layer chooses the right "shipping method" based on what the application needs!

📚 Key Learning Points

← Return to OSI Overview