lec3

TCP/IP Protocol Suite 1

COMP 416COMP 416Internet Protocols and SoftwareInternet Protocols and Software

Instructor: Zhijun Wang

Lab#1 will be given next week at PQ604A-C at the class time

Supplementary Materials are availableToday’s contents• UDP (Chap. 11)• TCP (Chap.12)


Key thinksKey thinks• What are the major differences between UDP and

TCP?• Where are the application domains for UDP and

TCP?• Why does TCP work well?• What are the disadvantages of UDP and TCP?


Chapter 11Chapter 11

User DatagramUser DatagramProtocolProtocol

• Be able to explain process-to-process communication• Know the format of a UDP user datagram• Understand the operation of UDP• Know when it is appropriate to use UDP

Objectives


Figure 1 Position of UDP in the TCP/IP protocol suite


Figure 2 UDP versus IP

UDP (User Datagram Protocol) is a connectionless, unreliable transportprotocol. UDP is a simple protocol using a minimum overhead.


Figure 3 Port numbers

UDP uses port number to identify processes. A port number has 16 bits, the range is from 0 to 65,535. The client process defines itself with a port number, called ephemeral portnumber which is recommended to be greater than 1023. The server process also defines itself with a port number which is a well-known port number in the range 0-1023.


Figure 4 IP addresses versus port numbers

IP addresses identify devicesPort numbers identify processes


Figure 5 ICANN ranges

ICANN: International Corporation for Assigned Names and Numbers

Well-known ports: the ports ranging from 0 to 1023 are assigned and controlled by ICANN.Registered ports: the ports ranging from 1024 to 49,151 are not assigned and controlled by ICANN. They can only be registered with ICANN to prevent duplication.Dynamic ports: the ports ranging from 49,152 to 65,535 are neither controlled nor registered. They can be used as temporary or private numbers


Table 1 Table 1 Well-known ports used with UDPWell-known ports used with UDP


Socket address

Socket address: a combination of IP address and a port number


Example 1

An SNMP client residing on a host with IP address 132.23.43.31 sends a An SNMP client residing on a host with IP address 132.23.43.31 sends a message to an SNMP (Port: 161) server residing on a host with IP message to an SNMP (Port: 161) server residing on a host with IP addresses 32.23.2.1. What is the pair of sockets used in this addresses 32.23.2.1. What is the pair of sockets used in this communication?communication?

Solution: In the client, the socket address is IP address combined with Solution: In the client, the socket address is IP address combined with an ephemeral ports X, (132.23.43.31, X). In the server, the socket an ephemeral ports X, (132.23.43.31, X). In the server, the socket address is (32.23.2.1, 161).address is (32.23.2.1, 161).


Figure 6 User datagram format

UDP packets are called user datagrams and have a fixed-size header of 8 UDP packets are called user datagrams and have a fixed-size header of 8 bytes.bytes.

Error check for the user datagram


Figure 7 Encapsulation and decapsulation

UDP: connectionless serviceUser datagrams are not numberedNo relationship between different user datagrams even if they are coming from the same user.

UDP: unreliable serviceNo flow and error control


Figure 8 Queues in UDP

There are one outgoing and one incoming queues used for sending and receiving datagrams.The queues usually are identified by the port numbers.


Applications of UDP

•UDP is suitable for a process that requires simple-response communication with little concern for flow and error control

•UDP is suitable for a process with internal flow and error-control mechanism, e.g., Trivial File Transfer Protocol (TFTP).

•UDP is a suitable transport protocol for multicasting.

•UDP is used for management processes such as SNMP.

•UDP is used for route updating protocols such as Routing Information Protocol (RIP).


Congestion Control of UDP

•DCCP: Datagram Congestion Control Protocol

RFC4340: http://www.read.cs.ucla.edu/dccp/rfc4340.txt


Chapter 12Chapter 12

TransmissionTransmissionControl ProtocolControl Protocol

• Understand the services offered by TCP• Understand TCP’s flow and error control and congestion control• Be familiar with the fields in a TCP segment• Understand the phases in a connection-oriented connection

Objectives


TCP FEATURES

• TCP is a connection-oriented protocol (UDP: Connectionless)

• TCP is a reliable transport protocol (UDP : unreliable)• TCP uses full-duplex communication (UDP : half-duplex)

TCP uses port numbers to identify processes. A packet in TCP is called a segment.


Table 1 Table 1 Well-known ports used by TCPWell-known ports used by TCP


Figure 1 Sending and receiving buffers

A circular buffer is used to send and receive data. The sent bytes are removed from the buffer when they are acknowledged.


Numbering system

The bytes of data being transferred in each connection are numbered by TCP.The number starts with a randomly generated number.

The value in the sequence number field of a segment defines the number of the first data byte contained in that segment.

The value of the acknowledgement field in a segment defines the number of the next byte a party expects to receive. The acknowledgement is cumulative.


Suppose a TCP connection is transferring a file of 3000 bytes. The first byte is numbered 10001. What are the sequence numbers for each segment if data is sent in three segments, each carrying 1000 bytes?

Example 1

SolutionThe following shows the sequence number for each segment:

Segment 1 ➡ Sequence Number: 10,001 (range: 10,001 to 11,000)




Figure 2 TCP segment format

The TCP header includes 20-40 bytes


Figure 3 Control field


A TCP CONNECTION

TCP is connection-oriented. A connection-oriented transport TCP is connection-oriented. A connection-oriented transport protocol establishes a virtual path between the source and protocol establishes a virtual path between the source and destination. All of the segments belonging to a message are destination. All of the segments belonging to a message are then sent over this virtual path. then sent over this virtual path.

A connection-oriented transmission requires three phases: A connection-oriented transmission requires three phases: (1) connection establishment(1) connection establishment(2) data transfer(2) data transfer(3) connection termination.(3) connection termination.


Figure 3 Connection establishment using three-way handshaking

rwnd: receiver window size


TCP Connection Establishment

(2) After the server receives the SYN segment, it sends a SYN+ACK segment back The segment has 2 flag bits set: SYN and ACK, and also contains receiver window size which indicates the maximal number of bytes can be sent.A SYN+ACK segment cannot carry data, but does consume one sequence number.

The server must be ready to accept connections, that is passive open.The client issues a request for active open.

(1) The client first sends a SYN segment, in which only SYN flag is set.A SYN segment cannot carry data, but it consumes one sequence number. The sequence number is called the initial sequence number (ISN).

(3) After receiving SYN+ACK, the client sends an ACK segment to the server. The ACK segment, if carrying no data, consume no sequence number.

Now the TCP connection has been established.


SYN Flooding Attack

The connection establishment procedure in TCP has SYN flooding attack problem. A malicious attacker sends a large number of SYN segments to a server using fakedIP addresses. The server, assuming that the clients are issuing an active open,allocates the necessary resources. During the time, a lot of resources are allocated without being used. Then the server sends the faked clients SYN+ACK segmentswhich are lost. During this period, the server may run out of resource, and even crash. Such attacks known as denial of service attack.

Protections: (1) limit the number of connections during a time period (2) filter out segments from unwanted source address (3) delay resource allocation until the entire connection is set up

Some materials on denial of service attack are available on supplementaryin course webpage and WebCT.


Figure 4 Data transfer

After connections is established, bidirectional data transfer can take place. The acknowledgement is piggyback with data.


Figure 5 Connection termination using three-way handshaking


Three-way handshaking termination

(2) After receiving the FIN segment, the server informs its process of the situation and send a FIN+ACK segment to confirm the receipt of the FIN segment from the client and also announce the closing of the connection in the other direction.The FIN+ACK consumes one sequence number if it does not carry data.

After sending all data, the client initiates a TCP close command to terminate connection.

(1) The client first sends a FIN segment, in which the FIN flag is set.The segment can include the last chunk of data sent by the client or it can bejust a control package. The FIN segment consumes one sequence number if it does not carry data.

(3) The client sends the last ACK segment to the server. The ACK segment cannot carry data and consumes no sequence number.

Now the TCP connection has been terminated.


Figure 6 Half-close

In TCP, one end can stop sending data while stillreceiving data, this called Half-close.The client sends FIN segmentTo the server, and the serversends an ACK back. The data is still sending from the serverto the client. The server sendsa FIN segment when all data are sent. The client sends anACK segment back. The connection is closed.This process called four-wayhandshaking termination.


FLOW CONTROL

Flow control regulates the amount of data a source can send before Flow control regulates the amount of data a source can send before receiving an acknowledgment from the destination. receiving an acknowledgment from the destination.

TCP uses sliding window protocol for flow control.TCP uses sliding window protocol for flow control.In this method, a host uses a window for outbound communication In this method, a host uses a window for outbound communication (sending data). The window span the portion of the buffer containing bytes (sending data). The window span the portion of the buffer containing bytes received from the process. The bytes inside the window are the bytes that received from the process. The bytes inside the window are the bytes that can be in transit; they can be sent without worrying about can be in transit; they can be sent without worrying about acknowledgementacknowledgement..

A sliding window is used to make transmission more efficient as well as to A sliding window is used to make transmission more efficient as well as to control the flow of data so that the destination does not become control the flow of data so that the destination does not become overwhelmed with data.overwhelmed with data.TCP sliding windows are byte oriented.TCP sliding windows are byte oriented.


Figure 7 Sliding window

Congestion window size


What is the value of the receiver window (rwnd) for host A if the receiver, host B, has a buffer size of 5,000 bytes and 1,000 bytes of received and unprocessed data?

Example 2

SolutionThe value of rwnd = 5,000 − 1,000 = 4,000. Host B can receive only 4,000 bytes of data before overflowing its buffer. Host B advertises this value in its next segment to A.


Figure 8 shows an unrealistic example of a sliding window. The sender has sent bytes up to 202. We assume that cwnd is 20 (in reality this value is thousands of bytes). The receiver has sent an acknowledgment number of 200 with an rwnd of 9 bytes (in reality this value is thousands of bytes). The size of the sender window is the minimum of rwnd and cwnd or 9 bytes. Bytes 200 to 202 are sent, but not acknowledged. Bytes 203 to 208 can be sent without worrying about acknowledgment. Bytes 209 and above cannot be sent.

Example 3


Figure 8 Example 3

cwnd rwnd


In Figure below, the sender receives a segment with an acknowledgment value of 206 and an rwnd of 12. The host has not sent any new bytes. The value of cwnd is still 20. Show the new window.

Example 4


Example 4-solution

SolutionThe value of rwnd is less than cwnd, so the size of the window is 12. Figure below shows the new window. Note that the window has been opened from the right by 7 and closed from the left by 4; the size of the window has increased.


ERROR CONTROL

TCP provides reliability using error control, which detects corrupted, lost, TCP provides reliability using error control, which detects corrupted, lost, out-of-order, and duplicated segments. out-of-order, and duplicated segments. Error control in TCP is achieved through the use of the checksum, Error control in TCP is achieved through the use of the checksum, acknowledgment, and time-out. acknowledgment, and time-out. Error control includes a mechanism for detecting corrupted segments, lost Error control includes a mechanism for detecting corrupted segments, lost segments, out-of-order segments and duplicated segments.segments, out-of-order segments and duplicated segments.

Checksum is used to detect the corrupted segments.Checksum is used to detect the corrupted segments.


Acknowledgement

Rules for generating ACK:

Rule 1: When one end sends data segment to the other end, it must include an acknowledgement giving the next sequence number it expects to receive.Rule 2: If the receiver has no data to send, it receives an in-order segment and the previous one has acknowledged, it delays sending ACK until another segment arrives or until a period of time has passed. That means there should be no more than 2 in-order unacknowledged segments in any-time.Rule 3: When a segment arrives with a sequence number that is expected, and the previous one is in –order and has not acknowledged, it immediately sends an ACK. Rule 4: When a segment arrives is out-of-order number, the receiver immediately sends an ACK announcing the expected sequence number to be received.Rule 5: When a missing segment arrives, the receiver sends an ACK to announce the next sequence number expected.Rule 6: If a duplicated segment arrives, the receiver immediately sends an ACK to solve missing ACK case.

ACK segments do not consume sequence numbers and are not acknowledged.


Retransmission and out-of-order segments

In TCP, the sender starts a retransmission time-out (RTO) for each segment sent.A retransmission occurs if any of the cases is true:

(1) The retransmission timer expires(2) Three duplicated ACK segments have arrived

Data may arrive out of order and be temporarily stored by the receiving TCP, but TCP guarantees that no out-of-order segment is delivered to the process.


Figure 9 Normal operation for ACK


Figure 10 Lost segment


Figure 11 Fast retransmission


Figure 12 Lost acknowledgment


Figure 13 Lost acknowledgment corrected by resending a segment


CONGESTION CONTROL

Congestion control refers to the mechanisms and techniques to keep the Congestion control refers to the mechanisms and techniques to keep the load below the capacity.load below the capacity.

Why does TCP work well for Internet?Why does TCP work well for Internet?

A protocol must be fair for every user and must be stable for the whole A protocol must be fair for every user and must be stable for the whole system. system. TCP provides fairness (e.g., max-min, proportional fairness).TCP provides fairness (e.g., max-min, proportional fairness).However, TCP is not efficient, cannot provide QoS features.However, TCP is not efficient, cannot provide QoS features.

Performance Measurements: delay and throughputPerformance Measurements: delay and throughputDelay includes the propagation time and processing time.Delay includes the propagation time and processing time.Throughput is defined as the number of bytes passing through the Throughput is defined as the number of bytes passing through the networks in a unit time.networks in a unit time.


Figure 14 Router queues

The routers/switches have queues-buffers that hold packets before andafter processing. If the rate of the packet arrival is higher than the packet processing rate, the input queues may overflow. If the packet depart rate is less than the packet processing rate, the output queue may be overflowed.Some packets in the overflowed queues are dropped, indicating congestionin the Internet.


Figure 15. Packet delay and throughput vs. network load


Figure 16 Slow start, exponential increase

TCP has a slow start phase. In this phase, the size of the congestion window increases exponentially until it reaches a threshold.

Start cwnd=20 MSS: maximum segment size.After 1 RTT cwnd=21

After 2 RTTs cwnd =22 ….

Window size=min (rwnd, cwnd)


Figure 17 Congestion avoidance, additive increase

After the cwnd reaches the threshold, the size of the congestion window increases additively until the congestion is detected

Start cwnd=1After 1 RTT cwnd=2After 2 RTTs cwnd =3 ….


Congestion detection

In today’s Internet, only way the sender can guess that congestion has occurred

is the need to retransmit a segment. There are two cases:(1) The retransmission timer expires(2) Three duplicated ACK segments have arrived

When the congestion is detected by timer expiration, most TCP implementations reacts:

(1) It sets the maximal value of the threshold to the half of the current window size.

(2) It sets the cwnd to be 1(3) It starts a slow start phase again

If the congestion is detected by three ACKs, most TCP implementations reacts:

(1) It sets the maximal value of the threshold to the half of the current window size.

(2) It sets cwnd to the value of the threshold(3) It starts the congestion avoidance phase


Figure 18 TCP congestion policy summary


Figure 19 Congestion example

RTT: round trip time

congestion detected

reduced to half

cwnd=1cwnd=threshold=6


1. UDP and TCP

Both are transport layer protocol, use port numbers to identify processes

UPD is connectionless and unreliable protocol, has no error, flow and congestion control

TCP is connection oriented and reliable protocol, has error, flow and congestion control

2. Socket address = IP address + port number

3. UDP and TCP header information

4. TCP connection establishment, sequence number, acknowledgment, window size

5. TCP termination

6. TCP flow, error and congestion control

Summary


1. The following is a dump of a UDP header in hexadecimal format

06 32 00 0D 00 1C E2 17

(a) What are the source and destination ports?

(b) What is the total length of the user datagram?

(c) What is the length of the data?

2. In a TCP connection, the initial sequence number at a client site is 2171. The client opens the connection, sends only one segment carrying 1000 bytes of data, and closes the connection. What is the value of the sequence number in each of the following segments sent by the client?

(a) The SYN segment.

(b) The data segment

(c) The FIN segment

Excises:


3. In a connection, the value of cwnd is 3000 and the value of rwnd is 5000. The host has sent 2000 bytes, in which 1000 bytes have been acknowledged. What is the window size? How many more bytes can be sent?

4. A client sends 16 bytes to a server. Calculate the efficiency (ratio of useful bytes to the total byes) of this transmission at the transport level if the client uses:

(a) UDP (b) TCP.

5. TCP opens a connection using initial sequence number (ISN) of 14,534. The other party opens the connection with an ISN 21732. Show the three TCP segments during the connection establishment.

Excises-cont.-I


6. A window holds bytes 2001 to 5000. The next byte to be sent is 3001. Draw a figure to show the situation of the window after the following events.

(a) An ACK segment with the acknowledgement number 2500 and window size advertisement 4000 is received.

(b) A segment carrying 1000 bytes is sent.

Excises-cont.-II


1. (a) Source port is 0632=1586, destination port is 000D=13

(b) The total length of the user datagram is 001C=28 bytes

(c) The length of the data is 28-8=20 byte

2. (a) 2171 (b) 2172 (c) 3172

3. The window size=3000. The bytes can be sent: 3000-(2000-1000)=2000. 4. (a) The total packet length = 16+8=24 bytes, efficiency=16/24=66.7%. (b) The total packet length =16+20=36 bytes, efficiency=16/36=44.4%.

Solutions of the Excises:


Solutions of the Excises-cont. I

5.


Solutions of the Excises-cont. II

6.

Date post:	22-Oct-2014
Category:	Documents
Upload:	ggdfd
View:	112 times
Download:	9 times

lec3

Documents