How does an IP address goes down from an Application Layer to IP Layer?

Question

Using the classical TCP/IP layers model, I am thinking about an application (for example a browser) acting as a client wanting to talk with a server (e.g. a web server). Of course it has to use the server's IP address to locate the server host in Internet. So my Application layer process (browser) knows the IP address of the destination (e.g. it received it from a DNS query).

In order to have this request processed, the browser passes it to the Transport layer and more precisely to a TCP process. My problem is that in a TCP segment there is no field for IP addresses, neither of destination, neither of source. Transport layer processes uses port as a way to address source and destination. When the segment is passed to the underlying layer and becomes an IP packet, here the IP addresses (both of destination and source) come back again. It seems magical!

This IP disappearing and reappearing two layers below is exactly what I am trying to understand. Is there some kind of breach of the layer structure that allows this information to seep down across the TCP layer? Or I am not understanding something very important?

Answer 1

You are complicating simple things in your imagination.

Every layer is encapsulated in the layer below so when your browser uses a TCP socket, in fact it uses all the layers below TCP too, the rest of the stack is just usually abstracted to programmers.

If you like adventure, you can still build a program using raw sockets and manipulate the whole stack from layer 2 to layer 7 yourself. For instance packet sniffing/injection programs use that kind of sockets to record/modify adequate fields in desired layers based on options passed to the program.

E.g. with packit you can change layer 2 fields like source/destination MAC addresses to make some experiments in your network (like spoofing the MAC address of an other host to get over MAC filtering while sending data through a protocol using UDP at layer 4).