Chapter 14 Transport Layer
68
UDP DHCP - client
69
UDP TFTP trivial file transfer protoocl
Transport layer responsibilites
- Tracking Individual Conversations - Segmenting Data and Reassembling Segments - Add Header Information - Identifying the Applications - Conversation Multiplexing
Well Known Ports
0-1023 These port numbers are reserved for common or popular services and applications such as web browsers, email clients, and remote access clients. Defined well-known ports for common server applications enables clients to easily identify the associated service required.
Registered Ports
1024-49151 These port numbers are assigned by IANA to a requesting entity to use with specific processes or applications. These processes are primarily individual applications that a user has chosen to install, rather than common applications that would receive a well-known port number. For example, Cisco has registered port 1812 for its RADIUS server authentication process.
Private and/or Dynamic Ports
49152-65535 These ports are also known as ephemeral ports. The client's OS usually assign port numbers dynamically when a connection to a service is initiated. The dynamic port is then used to identify the client application during communication.
Tracking Individual Conversations
At the transport layer, each set of data flowing between a source application and a destination application is known as a conversation and is tracked separately. It is the responsibility of the transport layer to maintain and track these multiple conversations.
UDP Request Destination Ports
Client 1 is sending a DNS request using the well-known destination port 53 while Client 2 is requesting RADIUS authentication services using the registered destination port 1812.
UDP Clients Sending UDP Requests
Client 1 is sending a DNS request while Client 2 is requesting RADIUS authentication services of the same server.
TCP features
Establishes a Session - negotiates a permanent connection between soruce and destination devices prior to forawrding. Ensures Reliable Delivery - tcp ensures that each segment that is sent by a srouce arrives at its destination Provides Same-Order Delivery - tcp ensures segments are reassembled in the proper order. Supports Flow Control - tcp can request that the sending app reduce the rate of data flow. it regulates the amount of data the srouce transmits.
Apps that use TCP
HTTP, ftp, smtp, ssh
Segmenting Data and Reassembling Segments
It is the transport layer responsibility to divide the application data into appropriately sized blocks. Depending on the transport layer protocol used, the transport layer blocks are called either segments or datagrams. The figure illustrates the transport layer using different blocks for each conversation.
Applications that use UDP
Live video and multimedia applications - These applications can tolerate some data loss, but require little or no delay. Examples include VoIP and live streaming video. Simple request and reply applications - Applications with simple transactions where a host sends a request and may or may not receive a reply. Examples include DNS and DHCP. Applications that handle reliability themselves - Unidirectional communications where flow control, error detection, acknowledgments, and error recovery is not required, or can be handled by the application. Examples include SNMP and TFTP. dhcp, dns, snmp, tftp, voip, video conferencing
Conversation Multiplexing
Sending some types of data (e.g., a streaming video) across a network, as one complete communication stream, can consume all the available bandwidth. This would prevent other communication conversations from occurring at the same time. It would also make error recovery and retransmission of damaged data difficult.
UDP Header Fields
Source PortA 16-bit field used to identify the source application by port number. Destination PortA 16-bit field used to identify the destination application by port number. LengthA 16-bit field that indicates the length of the UDP datagram header. ChecksumA 16-bit field used for error checking of the datagram header and data.
SYN
Step 1 of 3 of TCP connection establishment The initiating client requests a client-to-server communication session with the server.
Fin
Step 1 of tcp session termination When the client has no more data to send in the stream, it sends a segment with the FIN flag set.
Ack and SYN
Step 2 of 3 of tcp connection establishment The server acknowledges the client-to-server communication session and requests a server-to-client communication session.
ACK
Step 3 of 3 of tcp connection establishment The initiating client acknowledges the server-to-client communication session.
21
TCP FTP - control
20
TCP FTP-Data
Transport layer protocols
TLP specify how to transfer messages between hosts, and are responsible for managing reliability requirements of a conversation. The transport layer includes the TCP and UDP protocols.
netstat -n
The -n option can be used to display IP addresses and port numbers in their numerical form.
Port Number groups
The Internet Assigned Numbers Authority (IANA) is the standards organization responsible for assigning various addressing standards, including the 16-bit port numbers. The 16 bits used to identify the source and destination port numbers provides a range of ports from 0 through 65535.
UDP Request Source Ports
The requests of the clients dynamically generate source port numbers. In this case, Client 1 is using source port 49152 and Client 2 is using source port 51152.
UDP Response Source Ports
The source ports in the server response are the original destination ports in the initial requests.
Identifying the Applications
The transport layer must be able to separate and manage multiple communications with different transport requirement needs. To pass data streams to the proper applications, the transport layer identifies the target application using an identifier called a port number
Add Header Information
The transport layer protocol also adds header information containing binary data organized into several fields to each block of data. It is the values in these fields that enable various transport layer protocols to perform different functions in managing data communication. For instance, the header information is used by the receiving host to reassemble the blocks of data into a complete data stream for the receiving application layer program
TCP Window Size
The window size determines the number of bytes that can be sent before expecting an acknowledgment. The acknowledgment number is the number of the next expected byte.
Session termination
To close a connection, the Finish (FIN) control flag must be set in the segment header. To end each one-way TCP session, a two-way handshake, consisting of a FIN segment and an Acknowledgment (ACK) segment, is used. Therefore, to terminate a single conversation supported by TCP, four exchanges are needed to end both sessions. Either the client or the server can initiate the termination.
UDP Datagram Reassembly
UDP datagrams are sent to a destination, they often take different paths and arrive in the wrong order. UDP does not track sequence numbers the way TCP does. UDP has no way to reorder the datagrams into their transmission order, so udp reorders data in the way it was sent.
User Datagram Protocol (UDP)
UDP is a simpler transport layer protocol than TCP. It does not provide reliability and flow control, which means it requires fewer header fields. Because the sender and the receiver UDP processes do not have to manage reliability and flow control, this means UDP datagrams can be processed faster than TCP segments. UDP provides the basic functions for delivering datagrams between the appropriate applications, with very little overhead and data checking. - connectionless it doesnt track - is called best effort delivery protocol as it sends without getting an acknowledgement.
UDP header
UDP is a stateless protocol, meaning neither the client, nor the server, tracks the state of the communication session. If reliability is required when using UDP as the transport protocol, it must be handled by the application. The UDP header is far simpler than the TCP header because it only has four fields and requires 8 bytes (i.e., 64 bits). The figure shows the fields in a UDP header.
161
UDP snmp
53
UDP,TCP Domain Name Service
TCP Connection Establishment
Uses the three-way handshake
TCP congestion avoidance
When congestion occurs on a network, it results in packets being discarded by the overloaded router. When packets containing TCP segments do not reach their destination, they are left unacknowledged. By determining the rate at which TCP segments are sent but not acknowledged, the source can assume a certain level of network congestion. IF their is congestion, tcp will restransmit lost tcp segmetns if not controlled, tcp will make it worse. If the source determines that the TCP segments are either not being acknowledged or not acknowledged in a timely manner, then it can reduce the number of bytes it sends before receiving an acknowledgment. As illustrated in the figure, PC A senses there is congestion and therefore, reduces the number of bytes it sends before receiving an acknowledgment from PC B.
UDP Response Destination
When the server responds to the client requests, it reverses the destination and source ports of the initial request. In the Server response to the DNS request is now destination port 49152 and the RADIUS authentication response is now destination port 51152.
netstat
command used on windows computer to list the protocols in use and hte local addres and port numbers, the foreign adress and port numbers and the connection state.
TCP three-way handshake functions
control bits in tcp header indicate the progress and status of connection establishes that the destination device is present on the network. It verifies that the destination device has an active service and is accepting requests on the destination port number that the initiating client intends to use. It informs the destination device that the source client intends to establish a communication session on that port number.
Role of transport layer
it is responsible for establishing a temporary communication session between two applications and delivering data between them. This may include services like establishing a temporary session between two hosts and the reliable transmission of info for an application. Doesnt know the destination host type, type of media its traveling on, its path, congestion on the link or size of network.
TCP Maximum Segment Size
n the figure, the source is transmitting 1,460 bytes of data within each TCP segment. This is typically the Maximum Segment Size (MSS) that the destination device can receive. The MSS is part of the options field in the TCP header that specifies the largest amount of data, in bytes, that a device can receive in a single TCP segment. The MSS size does not include the TCP header. The MSS is typically included during the three-way handshake. shows the same diagram as before but the emphasis is on the MSS of maximum segment size of 1460
TCP Reliability guarenteed and ordered deliver
resends dropped packets and numbers packets to indicate their proper order before delivery. TCP can also maintain flow of packets so that devices do not become overlaoded,
TCP - Data Loss and retransmission
sequnce number (SEQ) and acknowledgement number are used together to confirm recipt of bytes of data contained in the transmitted segments. The SEQ number identifies the first byte of data in the segment being transmitted. TCP uses the ACK number sent back to the source to indicate the next byte that the receiver expects to receive. This is called expectational acknowledgement.
Control Bit field TCP
six bits in the control bits field of hte tcp segment header are also known as flags, a flag is a bit that is set to eitehr on or off. Six contorl bit flags URG - Urgent pointer field significant ACK - Acknowledgment flag used in connection establishment and session termination PSH - Push function RST - Reset the connection when an error or timeout occurs SYN - Synchronize sequence numbers used in connection establishment FIN - No more data from sender and used in session termination
Socket Pairs
source and destination are placed within the segment, and the segments are encapsulated within an IP packet. the packet has the ip address of source and destination, combined with source ip address ans source port number or destination port number. The socket is used to identify the server and service being requested by the client. A client socket might look like this, with 1099 representing the source port number: 192.168.1.5:1099
acknowledge 1
step 2 of tcp session termination The server sends an ACK to acknowledge the receipt of the FIN to terminate the session from client to server.
Fin 2
step 3 of tcp session termination The server sends a FIN to the client to terminate the server-to-client session.
ACK 2
step 4 of tcp session termination The client responds with an ACK to acknowledge the FIN from the server.
80
tcp HTTp
22
tcp SSH
443
tcp https
110
tcp post office protocol version 3
67
udp DHCP - server
Port numbers used by TCP/UDP
use port numbers to manage multiple, simulatneous conversations, tcp and udp header fields identify a source and destination application port number. There are 2 port types, source and destination port. The port number number is dynamically assigned by the host to uniquely ID the conversation. each reqeust will make a new dynamically created source port number. This lets multiple convos to take place at the same time
25
TCP Simple Mail Transfer Protocol(SMTP)
TCP Flow Control
TCP also provides mechanisms for flow control. Flow control is the amount of data that the destination can receive and process reliably. Flow control helps maintain the reliability of TCP transmission by adjusting the rate of data flow between source and destination for a given session. To accomplish this, the TCP header includes a 16-bit field called the window size.
143
TCP imap
TCP header
TCP is a stateful protocol which means it keeps track of the state of the communication session. To track the state of a session, TCP records which information it has sent and which information has been acknowledged. The stateful session begins with the session establishment and ends with the session termination. has 10 fields of 20 bytes
Transmission Control Protocol
TCP is considered a reliable, full-featured transport layer protocol, which ensures that all of the data arrives at the destination. TCP includes fields which ensure the delivery of the application data. These fields require additional processing by the sending and receiving hosts. it is a connection orientated protocol, it needs to establish a connection first before sending. TCP gives reliability and flow control using basic operations
23
TCP telnet
UDP features
This topic will cover UDP, what it does, and when it is a good idea to use it instead of TCP. UDP is a best-effort transport protocol. UDP is a lightweight transport protocol that offers the same data segmentation and reassembly as TCP, but without TCP reliability and flow control. UDP is such a simple protocol that it is usually described in terms of what it does not do compared to TCP. UDP features include the following: Data is reconstructed in the order that it is received. Any segments that are lost are not resent. There is no session establishment. The sending is not informed about resource availability.
UDP server processes and requests
UDP-based server applications are assigned well-known or registered port numbers, as shown in the figure. When these applications or processes are running on a server, they accept the data matched with the assigned port number. When UDP receives a datagram destined for one of these ports, it forwards the application data to the appropriate application based on its port number.