ACLs enable administrators to control traffic into and out of a network. This control can be as simple as permitting or denying traffic based on network addresses or as complex as controlling network traffic based on the TCP port being requested. It is easier to understand how an ACL filters traffic by examining the dialogue that occurs during a TCP conversation, such as when requesting a webpage.
TCP Communication
When a client requests data from a web server, IP manages the communication between the PC (source) and the server (destination). TCP manages the communication between the web browser (application) and the network server software.
When you send an email, look at a webpage, or download a file, TCP is responsible for breaking data down into segments for IP before they are sent. TCP also manages assembling the data from the segments when they arrive. The TCP process is very much like a conversation in which two nodes on a network agree to pass data between one another.
TCP provides a connection-oriented, reliable, byte stream service. Connection-oriented means that the two applications must establish a TCP connection prior to exchanging data. TCP is a full-duplex protocol, meaning that each TCP connection supports a pair of byte streams, each stream flowing in one direction. TCP includes a flow-control mechanism for each byte stream that allows the receiver to limit how much data the sender can transmit. TCP also implements a congestion-control mechanism.
The animation shown in Figure 1 illustrates how a TCP/IP conversation takes place. TCP segments are marked with flags that denote their purpose: a SYN starts (synchronizes) the session; an ACK is an acknowledgment that an expected segment was received, and a FIN finishes the session. A SYN/ACK acknowledges that the transfer is synchronized. TCP data segments include the higher level protocol needed to direct the application data to the correct application.
The TCP data segment also identifies the port which matches the requested service. For example, HTTP is port 80, SMTP is port 25, and FTP is port 20 and port 21. Figure 2 shows ranges of UDP and TCP ports.
Figures 3 through 5 explore TCP/UDP ports.