What is the TCP/IP Model?

The TCP/IP model (also called the Internet model or DoD model) is the practical networking model used by the Internet. It was developed by DARPA in the 1970s. Unlike the OSI model (theoretical), TCP/IP is the actual implementation used in real networks.

The TCP/IP model has 4 layers (some sources say 5):

TCP/IP vs OSI Model

TCP vs UDP

TCP 3-Way Handshake

Before data transfer, TCP establishes a connection using a 3-way handshake:

1. SYN (Synchronize): Client sends a SYN packet to the server with a random sequence number (ISN). "I want to connect, my sequence number is X."
2. SYN-ACK (Synchronize-Acknowledge): Server responds with SYN-ACK. Acknowledges client's SYN (ACK = X+1) and sends its own SYN with sequence number Y. "I acknowledge your X, my sequence number is Y."
3. ACK (Acknowledge): Client sends ACK (ACK = Y+1). "I acknowledge your Y. Connection established."

After the handshake, data transfer begins. The connection is full-duplex — both sides can send and receive simultaneously.

TCP Connection Termination (4-Way Handshake)

TCP uses a 4-way handshake to close a connection:

1. FIN: Client sends FIN to server. "I'm done sending data."
2. ACK: Server acknowledges the FIN. "Got it."
3. FIN: Server sends its own FIN. "I'm also done sending data."
4. ACK: Client acknowledges server's FIN. "Got it. Connection closed."

After the final ACK, the client waits in TIME_WAIT state (2×MSL) before fully closing, to ensure the server received the final ACK.

Port Numbers

---