CS 3640: Introduction to Networks and Their Applications Fall 2018, Lecture 13: The Transport Layer I (Credit: Christo Wilson @ NEU) Instructor: Rishab Nithyanand Teaching Assistant: Md. Kowsar Hossain 1
You should Be ready to submit assignment 2. Due today before midnight. Late policy applies. Asking for help on Piazza Give me enough information to help you! Read the assignment hints and links before asking for help! Assignment 3: Start early! Know and understand: The three Internet design principles and components of the Internet. Circuit- vs. packet- switched networks. Components of end-to-end delay. The link layer: error detection, MAC, local addressing/routing. The network layer: addressing, fragmentation, IPv4 vs. IPv6, ASes Intradomain routing: link state vs. distance vector 2
Recap: Interdomain routing The Internet is divided into Autonomous Systems (ASes). There are about 50K of these. They implement their own rules and technologies within. What are the general types of routing algorithms on the Internet (in terms of scale)? Within a LAN Within an AS (intradomain) Between ASes (interdomain) What are the main goals of an interdomain routing protocol? Scaling to O(10K) domains, each with their own internal protocols/preferences. Allowing implementation of these preferences. Path stability and ability to route around failures. Why is this really important? 3
Recap: Interdomain routing What kind of relationships exist between ASes? Customer-provider: Customer pays provider for ability to send traffic through providers routes. Peer-peer: Peers agree to route traffic through each others routes (but not routes of other peers or providers). What type of protocol is BGP (link state/distance vector/ path vector)? How does it work? BGP is a path vector protocol. Same as distance vector, except it also communicates actual AS-level paths. Why? Knowing paths allows an AS to implement routing policies. What does BGP completely ignore? What are the implications? Security. There is nothing to stop someone from advertising fake routes and dropping traffic. Its one of the ways that censorship is implemented! 4
This week in class 1. Transport layer functionality: UDP and TCP 2. 3. TCP state and connections TCP flow and congestion control 5
The Transport Layer Which devices on the Internet need to implement transport layer protocols? Universal function: Demultiplexing of data streams. Your end-host is running dozens of Internet-connected applications through a small number (usually 1) of interfaces. The transport layer makes sure that each of them gets the data addressed to them. Discuss: How do we implement this in the real world analogy of mail? How can we apply that approach to the transport layer? Applications listen on specific ports (HTTP: 80, HTTPS: 443). The transport layer takes packets from the network layer and makes sure it reaches the right application (by looking at the destination port). 6
The Transport Layer: Demultiplexing traffic Server applications communicate with multiple clients Host 1 Host 2 Host 3 Unique port for each application Application Transport P1 P2 P3 P4 P5 P6 P7 Network Endpoints identified by <src_ip, src_port, dest_ip, dest_port> Applications share the same network 7
The Transport Layer Discuss: What other functionality can we throw into this layer? Do we need to care about the end-to-end principle? Optional function: Reliability. Enabling reliable, in-order packet delivery. Making sure packets sent to applications are error-free. Optional function: Flow control. Making sure that applications are not overwhelming the receivers. Optional function: Congestion control. Making sure that applications are not overwhelming the network. 8
User Datagram Protocol (UDP) No frills transport layer protocol. Functions: Demultiplexing + error checking. No reliability. No congestion control. Port numbers enable demultiplexing. UDP header: 16 bit port numbers (65355 possible ports). Error checking enabled with a checksum. UDP header: 16 bit checksum field. Only detects corrupted packets. Does not detect dropped, duplicated, or out-of-order packets. 9
User Datagram Protocol (UDP) Surprisingly, UDP came after TCP (reliable protocol). Discuss: Why did we decide we needed UDP? Not all applications need reliability. If applications need something not implemented in UDP, they can just implement it in the application layer. Examples: Real-time Media Protocol (RTMP): A voice and video application layer protocol that uses UDP. QUIC: An application layer protocol developed by Google to improve performance by transporting HTTP data over UDP. 10
This week in class 1. Transport layer functionality: UDP and TCP 2. 3. TCP state and connections TCP flow and congestion control 11
Transmission Control Protocol (TCP) Functions: Demultiplexing + error checking + reliability + congestion control. TCP provides reliable & in-order byte streams between end-hosts. TCP is bidirectional! Both hosts can send data to each other. TCP cares. About not overwhelming the network. About not overwhelming the receiver. 12
TCP: Connection setup Before data can be sent via TCP, a handshake needs to occur between the end-hosts. Discuss: Why cant we just start sending data via TCP? The handshake establishes a shared start state on both hosts. This state helps figure out if packets are delivered reliably and in order. Discuss: What is the minimum shared information needed by the hosts? Number of bytes that have been sent and received on this TCP connection. This is done by using the sequence number and acknowledgement number TCP header fields. The handshake establishes a random sequence number for each connection. Packets from a previous TCP connection with the same application on the same host may still be in flight. Randomness avoids collisions. 13
TCP: Connection setup Important TCP flags (1 bit each) SYN synchronization, used for connection setup ACK acknowledge received data FIN finish, used to tear down connection Client Server No data is sent in the connection setup. Just packets with the appropriate flags. Each side: Notifies the other of starting sequence number ACKs the other side s starting sequence number (+1) ACK numbers indicate the next byte it is expecting. Discuss: How can you implement a denial of service attack? 14
How can you implement a denial of service attack? SYN flooding: Send millions of SYN packets. Don t bother to reply. Server allocates resources for each connection it gets a SYN for. Exploits an asymmetry in effort. Server does more work than client. Solution: SYN cookies Create a server sequence number that is a function of the client sequence number. Send SYN/ACK. Do not allocate resources. Forget about the packet. When client sends an ACK, reconstruct allocated server sequence number from client ACK. TCP: Connection setup security issues Client Server
TCP: Bidirectional communication Client Server Seq. Ack. Seq. Ack. 1 23 23 1 23 1461 1461 753 Data and ACK in the same packet 753 2921 Each side of the connection can send and receive data from the other. Remember: The client and server have different starting sequence numbers.
TCP: Connection teardown TCP is polite. One host informs the other that it is done talking. Sets the FIN flag in the last packet. Discuss: Why do we need to tell the other side that we re done? Let the other side deallocate resources dedicated to us. Discuss: Who should initiate the connection teardown? How should the other side respond? Either side can initiate the teardown. The other side can keep sending data until they re done (send their own FIN flag). Unless one host issues a shutdown command. Then they ve deallocated their own resources and cannot listen anymore. Connection is dead only if both are done talking or a shutdown is issued. Half or fully open otherwise. 17
TCP: Connection teardown Client Server The FIN is acknowledged to make sure it is not retransmitted. 18
This week in class 1. Transport layer functionality: UDP and TCP 2. 3. TCP state and connections TCP flow and congestion control 19
TCP: Flow control TCP is polite. It doesn t want to overwhelm the receiver. Discuss: How can two hosts make sure they don t send too much data to each other? They tell each other how much data their buffers can handle. Discuss: When should they communicate their buffer sizes? Connection setup? Data transfer phase? Why? It has to be done in the data transfer phase. Buffer sizes can keep changing! TCP is at the end-host. Buffer size for this connection depends on the number of other parallel connections to other hosts! They use the advertised window field of the TCP header to indicate number of bytes they can currently handle. Advertised window can be 0! The receiver will not bother to ACK until advertised window bytes have been received. The sender will not send any data until the ACK is received. The receiver can update the advertised window in the ACK. This is called the sliding window protocol. 20
TCP: Flow control The sender side HL Src. Port Sequence Number Acknowledgement Number Flags Checksum Packet Sent Dest. Port Adv. Window Urgent Pointer Must be buffered until ACKed Packet Received Src. Port Dest. Port Sequence Number Acknowledgement Number HL Flags Adv. Window Checksum Urgent Pointer App Write ACKed Sent To Be Sent Outside Window Window 21
TCP: Flow control The sliding window protocol: The receiver will not bother to ACK until advertised window bytes have been received. The sender will not send any data until the ACK is received. The receiver can update the advertised window in the ACK. Discuss: Once advertised window bytes are received, how should the receiver send ACKs to the sender? Default: Every packet that it received (one ACK per packet) Option: Cumulative ACK. An ACK with number n+1 means previous n bytes were received (one ACK per uninterrupted transmission). Option: Negative ACK. An ACK indicating which expected bytes did not arrive (one ACK per transmission). Option: Selective ACK. An ACK indicating all the bytes that arrived. (one ACK per transmission). 22
TCP: Flow control The silly window syndrome: Small window sizes = Packets with more header bytes than data! Header Data Header Data Header Data Header Data Adds unneeded load to the network. Example: Telnet and SSH will generate a byte for each keystroke. Discuss: How would you solve this problem? 23
TCP: Flow control Solving the silly window syndrome with Nagle s algorithm If the window size >= MSS (MTU-headers) and available data >= MSS: Send the data (packet is full ) Elif there is unacked data: Our packets are probably overwhelming someone. Buffer all data and only send after an ACK is received. Else: Send the data. Consequence: Nagle s will delay transmissions. This is often why we have lag when using SSH over TCP. Good news: You can disable Nagle s algorithm. 24
Things to remember from this lecture What are the main functions of the transport layer? Which devices need to have the transport layer implemented? Why do we need demultiplexing at the end-hosts? How is demultiplexing achieved by the transport layer? 25
Things to remember from this lecture How do UDP and TCP differ? Why do we need a TCP handshake before data transmission? How does it work? Why to we need a TCP teardown after transmission? How does it work? Why do applications need flow control? How is it implemented in TCP? What is the silly window syndrome? How do we solve it? 26
Assignment 3 Will be released on Thursday! Please start early! Assignment 3 Groups 1 ['kzhang24', 'dstutz', 'xxing2', 'atran4'] 2 ['lburden', 'hrunning', 'ppeterschmidt', 'jglowacki'] 3 ['bzhang22', 'mfmrphy', 'jmagri', 'sklemm'] 4 ['yzheng19', 'hpen', 'apizzimenti', 'tgoodmn'] 5 ['ywang391', 'okueter', 'ymann', 'lye1'] 6 ['msmith3', 'jblue', 'zluo1', 'yonghfan'] 7 ['gongyzhou', 'mcagley', 'ywang455', 'kdzhou'] 8 ['gmich', 'xiaosong', 'tsimonson', 'shangwchen'] 9 ['nsonalkar', 'bchoskins', 'apatrck', 'yitzhou'] 10 ['awestemeier', 'uupadhyay', 'tnlowry', 'jpflint'] 11 ['jpthiede', 'nicgoh', 'rdong6', 'susmerano'] 12 ['godkin', 'cweiske', 'weigui', 'jstoltz'] 13 ['jdhatch', 'xchen117', 'trjns', 'zzhang103'] 27