Internet communication does not run on one large mechanism alone.
When you view a website, send email, or an app connects to a server, multiple communication rules work in combination.
The foundational idea behind this is TCP/IP.
The name TCP/IP includes TCP and IP, but in practice it does not refer only to TCP and IP. It is used as a term for the group of communication protocols used on the internet, in other words the overall basic mechanisms of communication.
This article organizes TCP/IP not as a detailed specification, but as an entry point for understanding the overall picture of internet communication.
What TCP/IP Is
TCP/IP is a basic protocol suite used for communication on the internet.
A protocol is a set of rules for communication. Rules are needed for things such as how to specify a destination, what units to use when sending data, how to handle data that does not arrive, and what format applications use to exchange data with each other.
In TCP/IP, communication is considered by separating it into roles.
Role
Main responsibility
Explanation
Delivering toward the destination
IP
Uses IP addresses to direct communication toward the destination
Managing how data is delivered
TCP and UDP
Decides how data is sent and how reliability or low overhead is handled
Resolving names
DNS
Looks up the IP address corresponding to a domain name
Exchanging data between applications
HTTP and similar protocols
Exchanges application data such as web pages and APIs
Protecting communication
TLS
Encrypts communication content such as HTTP and helps prevent tampering and impersonation
In this way, internet communication is established by combining IP, TCP, and UDP as foundations with surrounding mechanisms such as DNS, HTTP, and TLS.
IP Directs Communication Toward the Destination
IP stands for Internet Protocol.
The central role of IP is to use IP addresses to direct communication toward the destination. On the internet, IP addresses are used to identify devices and servers.
For example, when a browser communicates with a web server, packets are ultimately sent toward the destination IP address. Routers along the way look at information such as the destination IP address and decide where to send the packet next.
However, IP is a mechanism for "directing toward the destination," and by itself it does not guarantee the reliability of communication as a whole.
IP alone cannot sufficiently handle things such as the following.
Whether the data arrived
Whether the data arrived in the correct order
Whether lost data should be resent
Which app inside one device it should be passed to
TCP, UDP, port numbers, and higher-level protocols are involved in these matters.
TCP Emphasizes Reliability
TCP stands for Transmission Control Protocol.
TCP is a mechanism that makes it easier to handle data accurately. It establishes a connection with the other endpoint, confirms whether sent data arrived, resends data if any was lost, and arranges data that arrived out of order into the correct order.
For this reason, TCP is suitable for communication where missing data or changed order would cause problems.
Use
Why TCP is suitable
HTTP/1.1 and HTTP/2
Web page data needs to be received correctly
Login processing
Processing cannot work if information needed for authentication is missing
File transfer
The file may break if part of it is missing
Email sending
Message content needs to be delivered correctly
However, TCP is not a mechanism that makes everything fast. Because it performs delivery checks, retransmission, and similar control, latency may increase depending on communication conditions.
TCP becomes important in situations where reliability matters more than low latency.
UDP Emphasizes Lightness and Flexibility
UDP stands for User Datagram Protocol.
UDP does not perform connection establishment, delivery checks, order control, or retransmission in the protocol itself as TCP does. Because of that, the mechanism is lightweight and it is easier to design necessary control on the application side.
UDP is used for communication where real-time behavior or flexible control is important.
Use
Why UDP is used
DNS
Short queries and responses are easy to process quickly
Video calls
It may be preferable to deliver current information quickly rather than accurately deliver old audio or video later
Online games
It may be preferable to keep updating the current state with low latency
QUIC and HTTP/3
New reliability and encryption mechanisms are layered on top of UDP
UDP does not mean "bad communication because it is unreliable." UDP itself provides fewer guarantees and leaves necessary control to the application or higher-level mechanisms.
There are also mechanisms such as QUIC that use UDP as a foundation while implementing their own reliability and encryption.
Port Numbers Distinguish Applications
An IP address indicates the network location of the other endpoint. However, multiple applications and services communicate at the same time inside a single device or server.
For that reason, an IP address alone does not tell us which application the communication should be passed to.
This is where port numbers are used.
Information
Role
Example
IP address
Indicates which device or server the communication goes to
A web server's IP address
Port number
Indicates which service inside that device it should be passed to
443 for HTTPS, 53 for DNS
Communication protocol
Indicates TCP or UDP and similar distinctions
TCP port 443, UDP port 53
For example, when web, DNS, email, and other services run on the same server, they can be distinguished by different port numbers.
Even if TCP and UDP use the same number, they are handled as separate communication. In other words, TCP port 443 and UDP port 443 are not the same communication even though they use the same number, "443."
DNS, HTTP, and TLS Also Run on TCP/IP
When you view a website, IP, TCP, and UDP alone do not complete the whole process.
People usually specify websites by domain name, not IP address. For that reason, DNS is used first to look up the IP address corresponding to the domain name.
Once the IP address is known, the browser communicates with the destination. HTTP is used to retrieve web pages. For HTTPS, HTTP communication is protected by TLS.
Mechanism
Role
DNS
Looks up an IP address from a domain name
IP
Carries packets toward the destination IP address
TCP and UDP
Handle how data is delivered
TLS
Encrypts communication content and performs destination verification and tamper detection
HTTP
Exchanges data for web pages and APIs
The important point here is that these mechanisms do not compete with each other; they divide roles.
For example, HTTPS is communication where HTTP is protected by TLS. And in many cases, TCP or UDP and IP are used underneath it.
Flow When Opening a Web Page
From the perspective of TCP/IP, the flow of opening a web page can be organized simply as follows.
Stage
What happens
Related mechanisms
1
Interpret the URL
Browser, HTTP/HTTPS
2
Look up the IP address from the domain name
DNS
3
Direct communication toward the destination IP address
IP, routing
4
Manage how data is delivered
TCP, UDP, QUIC, and similar mechanisms
5
Protect communication if it is HTTPS
TLS
6
Request page or API data
HTTP
7
Display the received data on screen
Browser
In actual communication, caches, CDNs, load balancers, and reuse of existing connections are also involved. For that reason, every step is not always performed from the beginning in exactly the same order every time.
However, as a basic model, it becomes easier to organize the process if you think of DNS, IP, TCP/UDP, TLS, and HTTP as having separate roles.
TCP/IP and Anonymity
TCP/IP is not a mechanism for anonymization. It is the foundation for making communication work on the internet.
For that reason, information needed to establish communication may be visible on the communication route or to the destination.
Information
Where it may be visible
Anonymity caution
Source IP address
Destination server, devices on the communication route, and similar places
Can become a clue to the source network
Destination IP address
Devices on the communication route and similar places
Can become material for inferring which server the communication is headed to
Port number
Routers, firewalls, communication logs, and similar places
Can become material for inferring the type of communication, such as HTTPS, DNS, or
Communication protocol
Routers, firewalls, communication logs, and similar places
How communication is handled changes depending on TCP or UDP
Traffic volume and time
Devices on the communication route, destination servers, and similar places
Can become material for comparing behavior patterns with other logs
Using HTTPS or TLS makes communication content easier to protect. However, IP addresses, traffic volume, communication time, relationships with destinations, and similar information do not all disappear.
When thinking about anonymity, it is necessary to distinguish between "communication content" and "outside information needed to establish the communication."
Summary
TCP/IP is the basic protocol suite for establishing internet communication.
IP uses IP addresses to direct communication toward the destination. TCP establishes a connection and emphasizes reliability through delivery checks, retransmission, and order control. UDP provides fewer guarantees and emphasizes low overhead and flexibility.
Port numbers are used to distinguish which application or service inside a single device or server the communication should be passed to.
DNS, HTTP, TLS, and similar mechanisms also work by dividing roles on top of TCP/IP. When opening a web page, DNS looks up the IP address, IP directs communication toward the destination, TCP or UDP handles how data is delivered, TLS protects communication for HTTPS, and HTTP exchanges page content.
TCP/IP is not anonymization technology. To establish communication, information such as IP addresses, port numbers, communication protocols, traffic volume, and time is handled.
Understanding this foundation makes it easier to organize "which layer and which mechanism" is being discussed when learning about DNS, HTTP/HTTPS, TLS, VPNs, , communication logs, and similar topics.
Related tools
Public IP Check
WhatIsMyIP
An external resource related to this article. Open it only when it fits your situation and threat model.
Why it is listed: It can help with the article topic, but it is outside Anonymity Sense and should be checked before use.