Post on 19-Jan-2016
transcript
1
UDP AND TCP BASICS
Rocky K. C. Chang 18 October 2010
2
Transport protocols
Problem: How to extend the host-to-host packet delivery service to a process-to-process communication channel?
Best-effort service provided by IP: drops messages re-orders messages duplicates messages limits message size delivers messages with delay
3
Transport protocols
Expectations from transport layer services: guarantees message delivery delivers messages in order delivers at most one copy of each message supports arbitrarily large messages supports synchronization between sender
and receiver allows receiver to apply flow control supports multiple application processes on
each host
4
Transport protocols
Different transport protocols provide somewhat different sets of services: User Datagram Protocol (UDP): Mainly
provide a demultiplexing service. Transmission Control Protocol (TCP): Provide
a reliable byte-stream service Remote Procedure Call (RPC): Provide
services to transaction-based applications. Real Time Protocol (RTP): Provide services
for transporting real-time data over UDP.
5
UDP (RFC 768)
UDP adds a demultiplexing service to IP. UDP optionally provides error detection but
it becomes mandatory for UDP over IPv6. UDP provides the demultiplexing service
through UDP ports. Process IDs can also be used if all systems
run on the same OS. A process is uniquely identified by (Port
number, IP address), which is usually referred to as a socket.
A port is usually implemented by a message queue.
6
UDP (RFC 768)
How does a process learn the port for the other party? For a server process, it will know the
client’s port whenever the client gets connected.
For a client process, one approach to learn server’s port is through the well-known port.
7
Pseudo-header for UDP
When a sender computes the checksum, a pseudo-header is first prepended to the UDP header. Why?
0 31+--------+--------+--------+--------+ ---| source address | ^+--------+--------+--------+--------+ Pseudo-| destination address | header+--------+--------+--------+--------+ || zero |protocol| UDP length | V+--------+--------+--------+--------+ ---| Source port | Dest. port | ^+--------+--------+--------+--------+ UDP header| Length | Checksum | v+--------+--------+--------+--------+ ---|| data octets ...+---------------- ...
8
End-to-end issues
As shall see later, TCP uses the same sliding window protocol as in go-back-n ARQ to provide transport services.
packets
+ve ACK
+ve ACK
packets
9
End-to-end issues
Hop-by-hop issues vs end-to-end issues: Potentially connects many different hosts
need explicit connection establishment and termination
Potentially long delay in network need to be prepared for arrival of very old
packets need to limit packet’s lifetime in the
network, in additional to the TTL mechanism. Potentially different buffering capacity at
end nodes unable to always allocate enough buffers for
the bandwidth-delay product of the “connection.”
10
End-to-end issues
need to accommodate different amounts of buffering, especially at the receiving nodes.
Potentially different network capacity need to be prepared for network congestion
Potentially different round trip times need highly adaptive timeout mechanism to
cater for various round trip time. need to cater for the additional delay resulting
from network congestion.
11
End-to-end reliability and ordered delivery
An hop-by-hop approach Reliable A-->B and reliable B-->C and
reliable C-->D ==> reliable A-->D?
An end-to-end approach
Does it mean that we don’t need the hop-by-hop ARQ?
A B C DARQ ARQ ARQ
A B C D
TCP
12
End-to-end argument
Question: which networking layer should a function (e.g., reliability and ordered delivery in our case) be implemented?
End-to-end argument A function should not be provided in the
lower levels of the system unless it can completely and correctly implemented at that level.
However, the argument does not exclude providing that function at the lower levels for the purpose of performance enhancement.
13
TCP (RFC 793)
TCP uses connection as its fundamental abstraction. A TCP connection is specified by a pair of
sockets, each of which identifies an endpoint.
TCP supports full-duplex connections. TCP provides a connection-oriented,
reliable, ordered delivery, byte stream service to the upper layer. TCP also provides end-to-end congestion
control and flow control services.
14
TCP (RFC 793)
Connection-oriented transport protocol Need to obtain an explicit agreement from
the other side before sending data. Don’t be confused with the connection-
oriented network protocol. Reliable service through a sliding window
mechanism, positive acknowledgment, timing-out and retransmission Accumulative acknowledgment vs selective
acknowledgment
15
TCP (RFC 793)
Ordered delivery: receiver delivers ordered data to the application.
Byte-stream service: Each byte is identified by a number and a
TCP receiver does not understand the relationship among bytes.
Byte-stream vs message-based Permit a number of messages to be sent out as
a larger message. Flow control on the number of messages is
difficult.
16
TCP connection establishment
TCP connection setup is explicit and asymmetric. The one initiates the connection does an
active open. The other end does a passive open. It involves a total of three special TCP
messages (SYN segments): A three-way handshaking (1.5 round-trip time).
Connection establishment timeout TCP client and sender resend a SYN segment
with exponential backoff up to a certain time. TCP SYN flooding attacks
17
TCP connection establishment
Information exchange during connection establishment: Initial Sequence Numbers (ISN), which are
the first SNs used by the two sides. Why don’t just fix them to, say, 0?
The SYN segment also advertises window size (buffer available for receiving data).
Each side may optionally announce the Maximum Segment Size (MSS) it expects to receive. If the destination IP address is local, set MSS to
the local network’s MTU 40 bytes. Otherwise, usually set MSS to 536 bytes.
18
An example Client Server
SYN, SequenceNum = x
SYN + ACK, SequenceNum = y,
ACK, Acknowledgment = y + 1
Acknowledgment = x + 1
socket(), bind(), listen()
LISTEN
SYN_RCVD
accept()
ESTABLISHED
ESTABLISHED
accept()returns
connect()returns
connect()
socket()
write()
read()returns
data
SYN_SENT
19
TCP connection termination
TCP connection termination is explicit and symmetric: Each side has to close the connection
independently. At most four FIN segments are needed. By closing the connection, it means that
no more data will be sent, but can still receive data.
A connection in the TIME_WAIT state cannot move to the CLOSED state until it has waited for 2Maximum Segment Lifetime (MSL).
20
An example
Client Server
FIN, SequenceNum = x
ACK x + 1
FIN, SequenceNum = y
ACK y + 1
close()
FIN_WAIT_1
FIN_WAIT_2
TIME_WAIT
CLOSE_WAIT
close()
LAST_ACK
CLOSED
CLOSED
21
TCP state transition diagram
CLOSED
LISTEN
SYN_RCVD SYN_SENT
ESTABLISHED
CLOSE_WAIT
LAST_ACKCLOSING
TIME_WAIT
FIN_WAIT_2
FIN_WAIT_1
Passive open Close
Send/SYNSYN/SYN + ACK
SYN + ACK/ACK
SYN/SYN + ACK
ACK
Close/FIN
FIN/ACKClose/FIN
FIN/ACKACK + FIN/ACK Timeout after two segment lifetimes
FIN/ACK
ACK
ACK
ACK
Close/FIN
Close
CLOSED
Active open/SYN
22
TCP state transition diagram The transition from LISTEN to SYN_SENT
is legal but is not supported in practice. The transition from SYN_RCVD back to
LISTEN is valid only of the SYN_RCVD state was entered from the LISTEN state, not from the SYN_SENT state.
Other extraneous state transitions will be discussed in the TCP security paper.
23
Reset segments
A TCP reset segment (RST) is generated when a connection request for a nonactive port is received. For the same error, UDP sends an ICMP port
unreachable message. An application may also send a RST
segment to abort a connection. Any queued data is thrown away.
The RST segment is not acknowledged. Why?
24
Simultaneous open and close
SYN J SYN K
SYN J, ACK K+1 SYN K, ACK J+1
SYN _SENT
SYN _RCVD
ESTABLISHED ESTABLISHED
SYN _RCVD
SYN _SENT
FIN J FIN K
ACK K+1 ACK J+1
FIN_WAIT_1
CLOSING
TIME_WAIT
FIN_WAIT_1
CLOSING
TIME_WAIT
25
TCP segments
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Acknowledgment Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Header | |U|A|P|R|S|F| | |length | Reserved |R|C|S|S|Y|I| Advertised Window | | | |G|K|H|T|N|N| | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Checksum | Urgent Pointer | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | data | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
26
TCP segments
Data field is optional. SN, AN, and advertised window are all
involved in the sliding window algorithm. SN refers to the number of the first data
byte or the special segment, e.g., SYN, FIN.
Flags: special segment indication Examine the AN if the ACK flag is on.
The TCP header is not of fixed length due to the options (MSS, timestamp, window scale, etc).
27
TCP segments
The checksum covers the header and the payload, i.e., end-to-end checksum. A pseudo-header is first prepended to the TCP
header before computing the checksum. Both urgent pointer and PUSH can be used to
serve as a signal to the receiver about the “record boundary.” The receiving process needs to be notified when
the URG bit or PUSH bit is set. These mechanisms serve as end-of-record
markers.
28
TCP segments
The PUSH bit can also be used to allow the sending process to send whatever bytes in the buffer (for interactive applications).
TCP options Selective acknowledgement (SACK) option
(RFCs 1072, 2018, and 2883) TCP MD5 signature option (RFC 2385) TCP extensions for high performance:
window scaling and timestamp (RFC 1323) MSS announcement (RFC 793)
29
Summary
UDP and TCP are the two primary transport protocols provided in the Internet today. SCTP and DCCP
Similar to IP at the network layer, UDP provides a connectionless, transport-layer service (demultiplexing and error detection).
TCP provides connection-oriented, reliable, ordered delivery, byte
stream service to the upper layer, and end-to-end congestion control and flow control
services.
30
References
J. Saltzer, D. Reed, and D. Clark, “End-to-end arguments in system design,” web.mit.edu/Saltzer/www/publications/ endtoend/ANe2ecomment.html.
D. Clark, V. Jacobson, J. Romkey, and H. Salwen, “An analysis of TCP processing overhead,” IEEE Commun. Mag., vol. 27, no. 6, June 1989.
A special issue on TCP Performance in Future Networking Environments. IEEE Commun. Mag., vol. 39, no. 4, Apr. 2001.