Guide To TCP/IP, Second Edition Chapter 5 Transport Layer TCP/IP Protocols Objectives Understand the key features and functions of the User Datagram Protocol (UDP) Explain the mechanisms that drive segmentation, reassembly, and retransmission for the Transmission Control Protocol (TCP) Choose between using UDP and TCP 1 2 Source Port Number UDP Length UDP Header IP HEADER Protocol Field = 17 0 15 16 31 DATA Destination Port Number UDP Checksum UDP A Connectionless Transport Layer Protocol Connectionless protocols provide best-effort Connectionless protocols handle the following kinds of tasks: Message Checksum Higher-layer protocol identification 3 UDP Header Fields and Functions Source Port Number (16 bits) Defines the application or process that sends the packet Well-known ports (0-1023), Registered Ports or ephemeral ports ( 1024-49151), dynamic ports (49152 65535) Destination Port Number (16 bit) Defines the destination application or process. Not necessary to be same as source port number. Length Field length of packet from the UDP header to the end of valid data (not including any data link padding, if padding is required) => Can be calculated (IP Total Length IP Header length) => redundant UDP header is 8 bytes Checksum Field (optional put 0000) Calculated on contents of entire datagram (UDP header except the checksum field, datagram payload and UDP pseudo-header. Pseudo-header: Non-existent header used only for calculation of checksum 4 Common UDP Well known port number Overview of UDP Table 5-1 List of limitations of UDP No reliability mechanism No delivery guarantees No connection handling Identifies Application layer protocol conveyed Checksum for entire message carried in UDP header No buffering services No segmentation 5 6 Guide to TCP/IP, Second Edition 1
UDP Packet Capture UDP Port Numbers and Processes 7 8 TCP Header TCP Header Fields and Functions Source/Destination Port Number Field Sequence Number Field: uniquely identifies each TCP segments. Increments by the number of data bytes contained in the packet. Acknowledgment Number Field: Next expected sequence number. Data Offset (Field): TCP header length in 4 byte increment. Flags Field Window Size Field: TCP receiver buffer maximum size. TCP Checksum Field: Performed on contents of TCP header and data (not including data link padding), pseudo header derived from IP (non-existent). TCP pseudo header: IP Source Address, IP destination, Protocol field (06), and TCP length field Urgent Pointer Field: Relevant only if URG pointer is set. Indicates where to look/read first in the packet. TCP Options Field(s): optional. Connection oriented protocol - Create a logical connection directly between two peers - Ensures successful transfer of data : ACK, Sequence Number - Sequence number identify amount of data and out of order data - Time out mechanism to determine lost data - Retry mechanism to recover lost data by retransmission 9 10 TCP Flag Settings Decoded TCP Header 11 12 Guide to TCP/IP, Second Edition 2
Overview of TCP Connection-oriented services : Sequencing, Error recovery, and sliding window mechanism Creates a virtual connection using a handshake process Exchange sequence number to track data TCP sends packet without any knowledge of the message. Upper layer applications interprets the byte stream to read the message End-to-end reliability Maximum TCP segment size: 65, 495 bytes. (Total length size field IP header (20) TCP header (20)) TCP Startup Connection Process : TCP Handshake One host initiates the handshake to another host to Ensure the destination host is available Ensure the destination host is listening on the destination port number Inform the destination host of the initiator s sequence number so that the two sides can track data as it is transferred 13 14 Handshake Packet #1 Handshake Packet #2 2371727+1 18+20+20+1460 = 1518 15 16 Handshake Packet #3 TCP Half-Open Connections 135471 + 1 Half-Open connections SYN>>>>> <<<<<ACK SYN <<<<<ACK SYN <<<<<ACK SYN Denial of Service (DoS) attack Two-way handshake 17 18 Guide to TCP/IP, Second Edition 3
TCP Keep-Alive Process Maintain the connection when there is no data traffic Disabled by default on Windows 2000 and Windows XP TCP Connection States TCP Connection Termination 19 20 TCP Sequence and Acknowledgment Process Each side of the connection selects its own starting sequence number Each side increments its sequence number value by the amount of data included in the outbound packet Simple Sequence Communication 21 22 TCP Error-Detection and Error-Recovery Process Retransmission timer : Starts when data is sent and stops when reply is received. Measures the Round-trip time (RTT). Retransmission timeout (RTO): Value for the timer. RTT and an average deviance from the RTT determines RTO. Retransmits the first unacknowledged TCP data segment at the expiry of the timer. Retransmission continues until a set number of times (e.g. 5 times) After each retransmission the RTO is doubled. 1 st retransmit: RTO seconds 2 nd retransmit: 2 x RTO seconds 3 rd retransmit: 4 x RTO seconds 4 th retransmit: 8 x RTO seconds Retransmit Timer And Process 23 24 Guide to TCP/IP, Second Edition 4
TCP Sliding Window Process of sending numerous data packets in sequence without waiting for an intervening acknowledgement Window size determines the amount of unacknowledged data that can be sent. Based on Congestion window: the amount of traffic the network can handle The receiver s advertised window: available buffer space Silly Window Syndrome (SWS): Zero-window state The host may advertise a window of 1 on application layer reading 1 byte from the receiver buffer and sender may transmit 1 byte Receiver avoid SWS by not advertising a new window size until MSS size Sender avoid sending until buffer space min is MSS. 25 TCP Congestion Control Overloading of Network or Receiver Four TCP congestion control mechanisms Slow Start: Initial value of congestion window 2 x MSS. Increased with every ACK. Congestion Avoidance: after slow start, with error (time out) the window size is halved. Congestion Avoidence Algorithm then increases the window in linear manner Fast Retransmit/Fast Recovery: For out-of-order data receipt the Fast Retransmit immediately send duplicate ACKs with the expected sequence number. Fast Recovery dictates immediate retransmission of lost segments, without waiting for the retransmission timer to expire, when three duplicate ACKs received. 26 Choosing Between TCP and UDP TCP is robust and reliable lots of overhead UDP is not robust and reliable less overhead Use UDP for lightweight services - when avoiding unneeded complexity, or improving overall performance Chapter Summary Transport layer protocols come in two types: connectionless, which are lightweight, unreliable, and provide only best-effort delivery services; and connection-oriented, which provide robust, reliable end-to-end delivery services, including explicit acknowledgment, segmentation and reassembly of arbitrary-sized messages, connection negotiation and management mechanisms, and retransmission of missing or erroneous segments 27 28 Because connectionless protocols are lightweight, they outperform connectionoriented protocols due to lower internal message overhead, and having no need for control and management of message traffic (acknowledgments, retransmissions, congestion control, and so on) The User Datagram Protocol, UDP, is the connectionless protocol associated with the TCP/IP protocol suite It is commonly associated with Application layer protocols and services, such as BOOTP, DHCP, SNMP, NFS, and RIP, that either provide their own reliability mechanisms, or do without such mechanisms 29 30 Guide to TCP/IP, Second Edition 5
In keeping with its simple capabilities, the UDP header is short and simple, consisting primarily of a protocol identifier in the IP header, an optional checksum value, and source and destination port addresses for the Application layer protocols or processes on the sending and receiving ends of a transmission The Transmission Control Protocol,TCP, is the heavyweight, connection-oriented protocol that helps name the TCP/IP protocol suite It remains associated with the majority of TCP/IP Application layer protocols, especially those, such as Telnet, FTP, and SMTP, where reliable data delivery is desirable 31 32 In keeping with its more diverse, more robust capabilities, the TCP header is longer and more complex, including a variety of flags, values, and message types used to deliver acknowledgments, manage traffic flow, request retransmissions, and negotiate connections between hosts 33 Appropriate (and historical) uses for UDP concentrate on Application layer services that manage their own reliability and connections, such as NFS, and on chatty protocols and services, such as DHCP, SNMP, or RIP The chatty protocols and services rely on simple controls and fail-safes, and broadcast of periodic transmissions to handle potential reliability, deliverability, or reachability problems 34 Appropriate (and historical) uses for TCP concentrate on providing reliable delivery of user services, such as terminal emulation (Telnet and remote utilities), file transfer (FTP), e-mail (SMTP), and news (NNTP), where potentially important data must be delivered whole and intact, or not at all (and flagged with an error message) 35 Guide to TCP/IP, Second Edition 6