7/27/2019 CCNA2 M10 Intermediate TCPIP

1/12

7/27/2019 CCNA2 M10 Intermediate TCPIP

2/12

TCP Operation

TCP operation

IP makes no guarantees about delivery.

The transport layer is responsible for the reliable transport of

and regulation ofdata flow from source to destination.

7/27/2019 CCNA2 M10 Intermediate TCPIP

3/12

TCP Segment Format

TCP Synchronization

TCP is a connection-oriented protocol.

Prior to data transmission, the two communicating

hosts go through a synchronization process to establish

a virtual connection.

This insures that both sides are ready for data

transmission and allows the devices to determine the

initial sequence numbers.

This process is known as a three-way handshake.

7/27/2019 CCNA2 M10 Intermediate TCPIP

4/12

3-way Handshake

Denial of service attacks

Denial of service (DoS) attacks are designed todeny services to legitimate hosts attempting toestablish connections.

In a DoS attack, the hacker initiates asynchronization but spoofs the source IPaddress.

Spoofing: replies to a non-existent, unreachableIP address and then is placed in a wait-statewhile waiting to receive the final ACK from theinitiator.

7/27/2019 CCNA2 M10 Intermediate TCPIP

5/12

SYN Flooding

One type of DoS is SYNflooding which exploits thenormal three-wayhandshake and causes

targeted devices to ACK tofake source addresses thatwill not complete thehandshake.

To defend against theseattacks, decrease theconnection timeout periodand increase the connectionqueue size. Software alsocan detect these types ofattacks and initiate

defensive measures.

Windowing & Sequencing Number

Flow control function of TCPregulates how much data issent during a giventransmission period.

Window size is negotiated anddetermines the amount of datain byte that can be transmittedat one time before receiving anacknowledgment from thedestination.

Sequencing numbers also actas reference numbers so thatthe receiver will know if it hasreceived all of the data.

7/27/2019 CCNA2 M10 Intermediate TCPIP

6/12

Sequencing numbers

Positive ACK

With positive acknowledgment and

retransmission (PAR), the source sends a

packet, starts a timer, and waits for an

acknowledgment before sending the next

packet.

If the timer expires before the source receivesan acknowledgment, the source retransmits the

packet and starts the timer over again.

7/27/2019 CCNA2 M10 Intermediate TCPIP

7/12

UDP operation

UDP does not use windowing or acknowledgments so

application layer protocols must provide error detection.

Protocol Graph: TCP/IP

7/27/2019 CCNA2 M10 Intermediate TCPIP

8/12

Overview of

Transport Layer Ports

Multiple conversations between hosts

A port number must be associated with the conversation

between hosts to ensure that the packet reaches the

appropriate service on the server.

The source and destination port numbers combine with

the network address to form a socket.

A pair of sockets, one on each host, forms a unique

connection.

7/27/2019 CCNA2 M10 Intermediate TCPIP

9/12

Port Number

Port numbers have the following assigned

ranges:

Below 255: reserved for public applications From 255-1023:assigned to companies for marketable

applications

Above 1023: unregulated

Port numbers in the range of 0-1023 are

controlled by the Internet Assigned Numbers

Authority (IANA).

Telnet Port Number

7/27/2019 CCNA2 M10 Intermediate TCPIP

10/12

Ports for services

Services running on hosts must have a port number assigned to

them so communication can occur.

Ports for clients

Destination ports, or ports for services, are

normally defined using the well-known ports.

Source ports set by the client are determined

dynamically.

In general, a client determines the source port

by randomly assigning a numberabove 1023.

7/27/2019 CCNA2 M10 Intermediate TCPIP

11/12

MAC addresses, IP addresses, and port numbers

Port numbers are located at the transport layer

and are serviced by the network layer.

The network layer assigns the logical address(IP address) and is then serviced by the data

link layer which assigns the physical address

(MAC address).

Summary

TCP synchronization process

Denial-of-service attacks

Windowing and window size

Sequencing numbers and positive ACK

Multiple conversations between hosts Ports for services and ports for clients

7/27/2019 CCNA2 M10 Intermediate TCPIP

12/12

CCNA2 Module10