Chapter 24: Transport Layer Protocols
Stream Control Transmission Protocol (SCTP)
A new transport protocol designed to combine some features of UDP and TCP in an effort to create a better protocol for multimedia communication.
Urgent Data
A segment with the URG bit set. The urgent data is inserted at the beginning of the segment and the remainder can contain normal data from the buffer. The urgent pointer field in the header defines the end of the urgent data (the last byte). The TCP informs the application process about the beginning and end of urgent data. It is left to the process to decide what to do with the urgent data.
User Datagram Protocol (UDP)
Connectionless, unreliable protocol. Very simple; uses minimum overhead. Sending a small message using UDP is more efficient than using TCP, but less reliable.
Packet
Data are carried as data chunks and control information as control chunks. Several control chunks and data chunks can be encapsulated in a packet. Packets play the same role as segments in TCP.
Connection Termination
Either the client or the server close the connection. Normally initiated by the client. Most implementations today allow 2 options: 1. Three-Way Handshaking 2. Four-Way Handshaking w/ Half Close
Half-Close
Either the server or receiver stops sending data while still receiving data. For instance, the client sends a FIN and the server replies with a ACK. When the server is finished, it sends a FIN and the client sends an ACK.
Three-Way Handshaking
1. Client TCP, after receiving close command from the client process, sends the first segment, a FIN segment in which the FIN flag is set. May include last chunk of data sent by the client. The segment consumes one sequence number if it does not carry data. 2. The server TCP, after receiving the FIN segment, informs its process of the situation and sends a FIN + ACK segment, to confirm receipt of the FIN segment from the client and to announce the closing of the connection in the other direction. May include last chunk of data from the server. The segment consumes one sequence number if it does not carry data. 3. The client TCP sends an ACK segment. The segment cannot carry data and consumes no sequence numbers
Association
A connection in SCTP. Association is used to emphasize multihoming.
NewReno TCP
A later version of TCP. Made an extra optimization to Reno TCP. Checks to see if more than 1 segment is lost in the current window when 3 duplicate ACKs arrive. When TCP receives 3 duplicate ACKs, it retransmits the lost segment until a new ACK arrives. If the new ACK defines the end of the window when the congestion was detected, TCP is certain that only 1 segment was lost. However, if the ACK defines a position b/w the retransmitted segment and the end of the window, then it's possible that the segment defined by the ACK is also lost.
Multihoming
A multihomed host is connected to more than one physical address w/ multiple IP addresses. The sending and receiving host can define multiple IP addresses in each end for an association. If one path fails, another interface can be used for delivery without interruption. Does not allow load sharing b/w different paths.
Reno TCP
A newer version of TCP. Added fast-recovery. Treated the 2 signals of congestion differently. If time-out occurs, TCP moves to slow-start (or starts a new round if already in slow-start). If 3 duplicate ACKs arrive, TCP moves to fast-recovery and remains there as long as more duplicate ACKs arrive. cwnd starts at ssthresh + 3. While in fast-recovery, one of 3 major events may occur: 1. If duplicate ACKs continue, TCP stays in fast-recovery and cwnd grows exponentially. 2. If a time-out occurs, TCP assumes that there is real congestion in the network and moves to slow-start. 3. If a new (non-duplicate) ACK arrives, TCP moves to congestion-avoidance, but reduces cwnd to ssthresh.
Stream Delivery Service
Allows sending process to deliver data as a stream of bytes and allows the receiving process to obtain data as a stream of bytes. The sending process writes to the stream and the receiving process reads from it. B/c the sending and receiving processes may not write or read data at the same rate, TCP needs 2 buffers: 1. Sending Buffer 2. Receiving Buffer Buffers are also necessary for flow- and error-control (discussed later). Since the network layer sends data in packets, not as a stream of bytes, TCP groups bytes together into a packet called a segment and adds a header for control.
Slow Start Algorithm
Based on the idea that the size of the cwnd starts with one max segment size (MSS), but it increases one MSS each time an ACK arrives. The MSS value is negotiated during connection establishment using an option. The algorithm starts slowly but increases exponentially. If an ACK arrives: cwnd = cwnd + 1 Can continue indefinitely, but there must be a upper threshold. The sending TCP keeps track of slow-start threshold (ssthresh). When the size of the window in bytes reaches this threshold, slow start stops and the next phase begins.
Acknowledgement Number
Chunk-oriented and refer to the TSN. However, control chunks do not need a TSN. These control chunks are acknowledged by another control chunk of the appropriate type (some need no acknowledgement).
Data Transfer
Client and server send data and ACKs in both directions using piggybacking. The receiving TCP buffers data and delivers them when the application process is ready or when it is convenient for the receiving TCP. This type of flexibility increases the efficiency of TCP. However, if delayed transmission and delayed delivery of data are important issues, then the application process at the sender can request a push operation. The application process can also specify urgent data that the receiving application must treated specially.
Acknowledgement Number (Numbering System)
Communication is full-duplex; each party numbers the bytes. The sequence # in each direction shows the # of the first byte carried by the segment. Each party also uses an ACK # to confirm the bytes it has received. However, the ACK # defines the # of the next byte a party expects to receive. The ACK # is cumulative.
Transmission Control Protocol (TCP)
Connection-oriented, reliable protocol. Defines connection establishment, data transfer, and connection teardown phases. TCP uses a combination of Go Back N (GBN) and Selective-Repeat (SR) protocols to provide reliability: o Checksum (error detection) o Retransmission of lost of corrupted packets o Cumulative and selective ACKs o Timers
UDP Features
Connectionless Service - Preferred if delay is an important issue and only short messages are sent. If only 1 message is exchanged in each direction, the client or server does not worry that the messages are delivered out of order. Lack of Error Control - Preferred if uneven delay is an important issue (for instance, if a packet is corrupted and needs resent). Lack of Congestion Control - Preferred when congestion is an important issue. Unlike TCP, which may resend a packet several times, UDP does not create additional traffic in an error-prone network leading to congestion.
Chunks
Control information or user data are carried in chunks. Chunks have a common layout. The first 3 fields are common to all chunks: 1. Type - 1 B field can define up to 256 types of chunks. Only a few have been defined. 2. Flag - 1 B field defines special flags that a particular chunk may need. Each bit has a different meaning depending on the chunk type. 3. Length - 2 B field defines the total size of the chunks in bytes, including the type, flag, and length fields. Since size of the information field depends on the chunk type, we need to define the chunk boundaries. If a chunk carries no information, the value of Length is 4 (4 B). The information field depends on the chunk type.
Out-of-Order Segments
Data may arrive out of order and be temporarily stored by the receiving TCP, but TCP guarantees that no out-of-order data are delivered to the process.
Control Field
Defines 6 1 b control flags.
Stream Sequence Number (SSN)
Defines a data chunk's order in a particular stream. When a data chunk arrives at the destination SCTP, it is delivered to the appropriate stream and in the proper order.
General Header
Defines the end points of each association to which its packet belongs, guarantees that the packet belongs to a particular association, and preserves the packet content's integrity, including itself. There are 4 fields in the general header: 1. Source Port Number 2. Destination Port Number 3. Verification Tag (VT) (32 B) - Matches a packet to an association. This prevents a packet from a previous association from being mistaken as a valid packet. 4. Checksum (32 B) CRC-32 checksum.
Multistream Delivery
Delivery is different from data transfer. Delivery of data chunks is controlled by SIs and SSNs. SCTP can support multiple streams, which means that the sender process can define different streams and a message can belong to one of these streams. SCTP supports 2 types of data delivery in each stream: 1. Ordered (default) 2. Unordered In ordered delivery, data chunks in a stream use SSNs to define their order in the stream. When the chunks arrive at the destination, SCTP is responsible for message delivery according to the SSN. In unordered delivery, data chunks in a stream have the U flag set, but their SSN field value is ignored. They don't consume SSNs. When an unordered data chunk arrives at the destination SCTP, it delivers the message carrying the chunk to the application without waiting for other messages.
Sending TCP FSM
Does not include issues such as silly window syndrome or window shutdown. Ignores bidirectional communication.
Fragmentation
Fragmentation in IP and SCTP belong to different levels: the former at the network layer, the latter at the transport layer. SCTP preserves the boundaries of the message from process to process when creating a DATA chunk from a message if the size of the message doesn't exceed the MTU of the path. The size of an IP datagram carrying a message can be determined by adding the size of the message, in bytes, to the 4 overheads: 1. DATA chunk header 2. (Necessary) SACK chunks 3. SCTP General Header 4. IP header If the total size exceeds the MTU, the message needs to be fragmented.
Sender Site Flow Control
To simplify things, buffer is shown in terms of chunks instead of bytes.
Multihoming Data Transfer
Only one of the multiple IP addresses can be defined as the primary address; the rest are alternative addresses. The primary address is defined during association establishment. Data transfer, by default, uses the primary address of the destination. If the primary is not available, one of the alternative addresses is used. The process can override the primary address and request that a message be sent to one of the alternative address. A process can also change the primary address of the current association. SCTP dictates that a SACK be sent to the address from which the corresponding SCTP packet originated.
TCP Services
Process-to-Process Communication - Like UDP, provided using socket numbers. Stream Delivery Service - Unlike UDP, TCP is a stream-oriented protocol. Full-Duplex Communication - TCP offers full-duplex service, where data can flow in both directions at the same time. Each endpoint then has its own sending and receiving buffer. Multiplexing/Demultiplexing - Unlike UDP, a connection needs established for each pair of of processes. Connection-Oriented Service - To send data, there are 3 phases: 1. 2 TCP's establish a logical connection 2. Data are exchanged in both directions 3. Connection is terminated Reliable Service - Uses an acknowledgement mechanism to check arrival of data.
Push Operation
Tells sending and receiving TCP to send data ASAP and not to wait for more data. The sending TCP must also set the push bit (PSH). This means to change the byte-oriented TCP to a chunk-oriented TCP, but TCP can choose whether or not to use this feature.
Window Shutdown
The receiver temporarily shuts down the window by sending a rwnd of 0. This can happen if for some reason the receiver does not want to receive any data from the sender for a while. In this case, the sender does not actually shrink the size of the window, but stops sending data until a new advertisement. When the window is shut down by an order from the receiver, the sender can always send a segment with 1 byte of data. This is called probing and is used to prevent a deadlock (see flashcard on TCP timers).
Congestion Detection
The sending TCP uses 2 events to detect congestion: 1. Retransmission Time-Out (RTO) 2. Receiving 3 Duplicate ACKs In the first event, the sending TCP assumes that the corresponding segment or segments are lost and the loss is due to strong congestion. In the second event, when a receiver sends 3 duplicate ACKs, it means that one segment is missing, but 3 segments have been received. The cause is weak congestion.
Numbering System
There is no segment # in the segment header. Instead, there are 2 fields, sequence # and acknowledgement #, that refer to a byte #.
Measured RTT (RTT_M)
Time required for a segment to reach the destination and be acknowledged. There can be only 1 RTT measurement in progress at a time.
Round-Trip Time (RTT)
To calculate RTO, we first need to calculate RTT. There are 3 types of RTT measurements: 1. Measured RTT 2. Smoothed RTT 3. RTT Deviation
Receiver Site Flow Control
To simplify things, buffer is shown in terms of chunks instead of bytes.
Policy Transition
To understand which congestion policies are used and when TCP moves from one policy to another, we need to refer to 3 versions of TCP: 1. Taho TCP 2. Reno TCP 3. NewReno TCP
Fast Recovery
Triggered when 3 duplicate ACKs arrive (interpreted as weak congestion). Increases additively; increases cwnd's size when a duplicate ACK arrives. That is, if a duplicate ACK arrives: cwnd = cwnd + (1/cwnd) Misc. o Optional in TCP. New versions of TCP try to use it.
UDP Applications
o Process that requires simple request-response communication with little concern for flow and error control. o Process with internal flow- and error-control mechanisms. For example, the Trivial File Transfer Protocol (TFTP) process includes flow and error control. It can easily use UDP. o Suitable for multicasting. Multicasting capability is embedded in the UDP software but not in the TCP software. o Management processes such as SNMP o Some route updating protocols such as Routing Information Proto-col (RIP). o UDP is normally used for interactive real-time applications that cannot tolerate uneven delay between sections of a received message.
SCTP Services
o Process-to-Process Communication - Same as UDP and TCP. o Connection-Oriented Service - SCTP is a connection-oriented protocol. In SCTP, a connection is called an association. o Multiple Streams - SCTP allows multistream service in each assocaition. SCTP terminology. If one stream is blocked, the other streams can still deliver their data. o Multihoming - An SCTP association supports a multihoming service. o Full-Duplex Communication - Offers full-duplex service. Data can flow in both directions at the same time. Each SCTP then has a sending and receiving buffer and packets are sent in both directions. o Reliable Service - SCTP is a reliable transport protocol. It uses an acknowledgement mechanism.
TCP Throughput
throughput = (.75 x W_max)/RTT
TCP Timers
Most TCP implementations use at least 4 timers: 1. Retransmission 2. Persistence 3. Keepalive 4. TIME-WAIT
RTT Deviation
Most implementations do not just use RTT_S; they also calculate RTT deviation (RTT_D), based on the RTT_s and RTT_M. The value of β is implementation-dependent, but is usually set to 1/4.
SYN Flooding Attack
A serious security problem during connection establishment in TCP. Happens when one or more malicious attackers send a larger number of SYN segments to a server pretending that each of them is coming from a different client by spoofing the source IP address. The TCP server sends SYN + ACK segments to the fake client, which are lost. The server allocates resources but the handshake is never completed. If, during this short period of time, the # of SYN segments is large, teh server eventually runs out of resources and may be unable to accept connection requests from valid clients. The SYN flooding attack is an example of a denial of service attack. Some TCP implementations have strategies to alleviate the effect of a SYN attack. Some have imposed a limit of connection requests during a specified period of time. Others try to filter out datagrams coming from unwanted source addresses. One recent strategy is to postpone resource allocation until the server can verify that the connection request is coming from a valid IP address, by using what is called a cookie. SCTP, the new transport protocol uses this strategy.
Q: The following is the content of a UDP header in hexadecimal format: CB 84 00 0D 00 1C 00 1C a. What is the source port number? b. What is the destination port number? c. What is the total length of the user datagram? d. What is the length of data? e. Is the packet directed from a client to a server or vice versa? f. What is the client process?
A: a. The source port #is CB84 (base 16) = 52100 (base 10). b. The destination port #is 000D (base 16) = 13 (base 10). c. Total length is 001C (base 16) = 28 B (base 10). d. B/c header is 8 B: 28 - 8 = 20 B. e. Since the destination port # is 13, the packet is directed to a server. 14. f. The client is Daytime (see table 24.1).
Q: What value is sent for the checksum in each one of the following hypothetical situations? a. The sender decides not to include the checksum. b. The sender decides to include the checksum, but the value of the sum is all 1s. c. The sender decides to include the checksum, but the value of the sum is all 0s.
A: a. The value sent for the checksum field is all 0s to show that the checksum is not calculated. b. When the sender complements the sum, the result is all 0s; the sender complements the result again before sending. The value sent is all 1s. The second complement operation is needed to avoid confusion with the case in part a. c. The situation never happens b/c it implies that the value of every term included in the calculation is all 0s, which is impossible; some fields in the pseudoheader have nonzero values.
Sequence Number (Numbering System)
After bytes have been numbered, TCP assigns a sequence # to each segment that is being sent, defined as: 1. The sequence # of the first segment is the ISN (initial sequence #), which is random. 2. The sequence # of any other segment is the sequence # of the previous segment plus the # of bytes carried by the previous segment. The value of the sequence number field of a segment defines the sequence # assigned to the first data byte contained in that segment. A sequence # is used by: o Segments carrying a combination of data and control information (piggybacking) o Segments used for connection establishment, termination, or abortion. Each segment consumes one sequence # as if it carries 1 B, but there is no actual data.
Additive Increase, Multiplicative Decrease (AIMD)
After passing the initial slow-start state in Reno TCP, cwnd follows a saw tooth pattern. Misc. o Of the 3, Reno is the most common TCP version today.
Data Transfer
After the association is established, bidirectional data transfer can take place. Supports piggybacking. Unlike TCP, SCTP recognizes and maintains boundaries. Each message coming from the process is treated as one unit and inserted into a DATA chunk unless it's fragmented. In this sense, SCTP is like UDP, with one big advantage: data chunks are related to each other. A message received from a process becomes a DATA chunk, or chunks if fragmented, by adding a DATA chunk header to the message. Each DATA chunk formed by a message or a fragment of a message has one TSN. Only DATA chunks use TSNs and only DATA chunks are acknowledged by SACK chunks.
Generating Acknowledgements
During evolution of TCP, several rules have been defined and used. The most common rules are: 1. When end A sends a data segment to end B, it must include (piggyback) a ACK. This rules decreases the # of segments needed and therefore reduces traffic. 2. When the receiver has no data to send and receives one in-order segment, the receiver needs to delay sending an ACK until another segment arrives or until a period of time has passed. This rule reduces ACKs. 3. When a segment arrives with a sequence number expected by the receiver, and the previous in-order segment has not been acknowledged, the receiver immediately sends an ACK. In other words, there should not be more than two in-order unacknowloedged segments at any time. This prevents the unnecessary retransmission of segments that may create congestion in the network. 4. When a segment arrives with an out-of-order sequence number that is higher than expected, the receiver immediately sends an ACK announcing the sequence number of the next expected segment. This leads to the fast retransmission of missing segments (discussed later). 5. When a missing segment arrives, the receiver sends an ACK to announce the next sequence number expected. This informs the receiver that segments reported missing have been found. 6. If a duplicate segment arrives, the receiver discards the segment, but immediately sends an ACK indicating the next sequence number expected, This solves some problems when an ACK segment itself is lost.
Taho TCP
Early TCP. Used only 2 algorithms in their congestion policy: 1. Slow-Start 2. Congestion Avoidance Begins by using slow-start. Taho treats the 2 signs of duplicates (time-out and 3 duplicate ACKs) in the same way. If congestion is detected, TCP restarts with a new slow-start with ssthresh = (cwnd/2) and resetting cwnd = 1. If no congestion is detected while reaching ssthresh, then TCP moves to congestion avoidance. At this point, if congestion is detected, then TCP moves to slow start and uses the aforementioned rules for setting cwnd and ssthresh.
Association Termination
Either the client or the server can close the connection. However, SCTP does not allow a "half-closed" association. Uses 3 packets.
Retransmission Timer
Handles retransmission time-out (RTO) used to retransmit lost segments. 1. When TCP sends the segment in front of the sending queue, it starts the timer. 2. When the timer expires, TCP resends the first segment in the front of the queue, and restarts the timer. 3. When a segment or segments are cumulatively acknowledged, the segment or segments are purged from the queue. 4. If the queue is empty, TCP stops the timer; otherwise, TCP restarts the timer.
SCTP Packet Format
Has a mandatory general header and a set of blocks called chunks. There are 2 types of chunks: 1. Data Chunks 2. Control Chunks A control chunk controls and maintains the association; a data chunk carries user data. In a packet, the control chunks come before data chunks.
Deadlock Caused by Lost ACK
If the sender window is shutdown and the receiver sends an ACK to allow the sender to send again that is subsequently lost, then a deadlock may occur. A persistence timer was designed to prevent deadlock (discussed later in chapter).
Flow Control
In SCTP, we need to handle bytes AND chunks. The values of rwnd and cwnd are expressed in bytes; the values of TSN and acknowledgements are expressed in chunks.
Congestion Avoidance
Increases cwnd additively until congestion is detected. When cwnd's size = ssthresh in the case where cwnd = i, the slow-start phase stops and the additive phase begins. Each time the whole "window" of segments is acknowledged, cwnd's size increases by 1. That is, if an ACK arrives: cwnd = cwnd + (1/cwnd)
UDP Services
Process-to-Process Communication - Provided by using socket #s. Connectionless Services - Datagrams are unnumbered. No connection establishment or connection teardown. User datagrams travel different paths and may arrive out of order. Cannot send a stream of data; each request must be small enough to fit into 1 user datagram. Flow Control - Not provided. Receiver may overflow. Process must provide flow control is needed. Error Control - Not provided (besides checksum). If receiver detects error via checksum, the packet is silently discarded. Process must provide error control if needed. Checksum - Checksum calculation includes 3 sections: 1. Pseudoheader 2. Header 3. Data The pseudoheader is part of the IP header. If the sender does not calculate the checksum, the checksum field is filled with all 0s. If the checksum is calculated but the result is all 0s, then the checksum is changed to all 1s before the packet is sent (sender complements the sum twice). Congestion Control - Not provided. UDP assumes packets are small and sporadic and cannot create congestion (may not be true, i.e., interactive real-time transfer of audio and video). Encapsulation/Decapsulation - Self-explanatory. Queuing - A process is assigned a port (sometimes two, one for incoming and one for outgoing). Each port has a queue. Multiplexing/Demultiplexing - There may be several processes that want to use the services of UDP. Comparison b/w UDP and Simple Protocol - UDP is a connectionless simple protocol with the exception of an optional checksum for error detection.
Port Numbers
Provide end-to-end addresses at transport layer and allow multiplexing/demultiplexing.
Smoothed RTT (RTT_S)
RTT_M is likely to change for each round trip. The fluctuation is so high in today's Internet that a single measurement alone cannot be used to find RTO. Most implementations use a smoothed RTT, called RTT_S, which is a weighted average of RTT_M and the previous RTT_s. The value of α is implementation-dependent, but is normally set to 1/8.
Shrinking of Windows
Receive windows cannot shrink. Send windows can shrink if the receiver defines a value for rwnd that results in shrinking. Some implementations do not allow the send window to shrink. The receiver needs to keep the following relationship b/w the last and new ackNo and the last and new rwnd values to prevent the send window from shrinking: new ackNo + new rwnd ≥ last ackNo + last rwnd Note that the above is only valid if S_f < S_n (see chapter 23); we need to remember that all calculations are in modulo 2^32. (See image illustrating why the inequality is necessary.)
Association Establishment
Requires a four-way handshake. 1. Client sends the first packet, which contains an INIT chunk. The VT is 0 because it hasn't been defined for this direction (client to server). The INIT tag includes an initiation tag to be used for packets from the other direction (server to client). The chunk also defines the initial TSN for this direction and advertises a value for rwnd. This is normally done in a SACK chunk; it is done here because SCTP allows inclusion of a DATA chunk in the third and fourth packets. 2. The server sends an INIT ACK chunk. The VT is the value of the initial tag field in the INIT chunk. This chunk initiates the tag to be used in the other direction, defines the initial TSN, for data flow from server to client, and sets the server's rwnd. The value of rwnd is defined to allow the client to send a DATA chunk with the third packet. The INIT ACK also sends a cookie that defines the state of the server at this moment. 3. The client sends the third packet, which includes a COOKIE ECHO chunk. This chunk echoes, without change, the cookie sent by the server. SCTP allows the inclusion of data chunks in this packet. 4. The server sends a fourth packet, which includes the COOKIE ACK chunk that acknowledges the receipt of the COOKIE ECHO chunk. SCTP allows the inclusion of DATA chunks with this packet.
Retransmission
Segments are stored until they are acknowledged. When a retransmission time-out (RTO) expires or when the sender receives 3 duplicate ACKs for the first segment in the queue, that segment is retransmitted. The value of RTO is dynamic in TCP and updated based on the RTT of segments. Most implementations today retransmit after 3 duplicate ACKs, as it's faster than the first rule.
Send Window
Similar to the one used with the SR protocol, but with some differences: 1. Window size in TCP is the number of bytes. Although actual transmission in TCP occurs segment by segment, the variables that control the window are expressed in bytes. 2. TCP can (in some implementations) store data received from the process and send them later, but we assume that the sending TCP is capable of sending segments of data as soon as it receives them from its process. 3. TCP only uses one timer.
Karn's Algorithm
Suppose that a segment is not acknowledged during the RTO period and is therefore retransmitted. When the sending TCP receives an ACK for this segment, it does not know if the ACK is for the original segment or for the retransmitted one. The value of the new RTT is based on the departure of the segment. However, if the original segment was lost and the acknowledgment is for the retransmitted one, the value of the current RTT must be calculated from the time the segment was retransmitted. Karn's algorithm solves for this ambiguity. Do not consider RTT of a retransmitted segment in the calculation of RTTs. Do not update the value of RTTs until you send a segment and receive an ACK without the need for retransmission.
Connection Reset
TCP at one end may deny a connection request, may abort an existing connection, or may terminate an idle connection. All of these are done with the reset flag (RST).
TCP Connection
TCP creates a logical connection despite IP being a connectionless protocol. There are 3 phases: 1. Three-way Handshaking (connection establishment) 2. Data Transfer 3. Connection Termination
Opening and Closing Windows
TCP forces the sender and receiver to adjust their window sizes. The receiver window closes (moves its left wall right) when more bytes arrive from the sender; it opens (moves its right wall to the right) when more bytes are pulled by the process. We assume that it does not shrink (moves its right wall left). Opening, closing, and shrinking of the send window is controlled by the receiver. The send window closes when a new ACK allows it to do so; it opens when the rwnd advertised by the receiver allows it to do so (new ACK number + new rwnd > last ackNo + last rwnd); and it shrinks in the event this situation did not occur.
Byte Number (Numbering System)
TCP numbers all data bytes (octets). When TCP receives bytes of data from a process, it stores them in the sending buffer and numbers them. Numbering starts with an arbitrarily generated #: 0 to (2^32) - 1
Error Control
TCP provides reliability using error control, including mechanisms for: o Detecting and resending corrupted segments o Resending lost segments o Storing out-of-order segments until missing segments arrive o Detecting and discarding duplicated segments TCP achieves the above using 3 simple tools: 1. Checksum 2. ACK 3. Time-out
Flow Control
TCP separates flow control from error control. There are to instances of flow control: 1. The receiving TCP controls the sending TCP. 2. The sending TCP controls the sending process. (1) is achieved through simple rejection of data by the sending TCP when its window is full. The rest of these flashcards focus on (2).
Windows in TCP
TCP uses 2 windows for each direction: 1. Send Window 2. Receive Window This means there are 4 windows for bidirectional communication. For simplicity, we assume communication is only unidirectional.
Congestion Window
TCP uses a congestion window (cwnd) to control the # of segments to transmit. cwnd's size is controlled by congestion in the router. cwnd and rwnd together define send window size. cwnd is related to congestion in the network; rwnd is related to congestion at the receiving TCP. The actual size of the window is the minimum of these 2: (Actual Window Size) = min(rwnd, cwnd)
Acknowledgement
TCP uses acknowledgements to confirm receipt of data segments and control segments that carry no data (but consume a sequence number). There are 2 types of acknowledgements: 1. Cumulative Acknowledgement (ACK) - Original design of TCP. The receiver advertises the next byte it expects to receive, ignoring all segments received and stored out of order. 2. Selective Acknowledgement (SACK) - Does not replace ACK, but reports additional info to the sender. A SACK reports a block of bytes that is out of order, and also a block of bytes that is duplicated. However, since there is no provision in the TCP header for adding this type of info, SACK is implemented as an option at the end of the TCP header.
Congestion Control
TCP worries about congestion in the middle (i.e., routers) b/c many segments lost may seriously affect error control. More segment loss means resending the same segments again, resulting in worsening congestion.
Congestion Policies
TCP's general policy for handling congestion is based on 3 algorithms: 1. Slow Start 2. Congestion Avoidance 3. Fast Recovery
Three-Way Handshaking
The connection establishment in TCP. A server tells its TCP it's ready to accept a connection (passive open). A client process tells its TCP it's ready to make a connection to a specific server (active open). TCP can now start the three-way handshaking process: 1. Client sends first segment, a SYN segment, in which only the SYN flag is set. The segment is for syncing of sequence numbers; the SYN segment sends an initial sequence number (ISN). A SYN segment cannot carry data, but it consumes one sequence number b/c it needs to be acknowledged. We an say that the SYN segment carries one imaginary byte. 2. The server sends the second segment, a SYN + ACK segment with two flag bits set as: SYN and ACK. The SYN segment has the same purpose as the one the client sent, but the ACK segment acknowledges receipt of the SYN segment from the client. A SYN + ACK segment cannot carry data, but it does consume one sequence number. 3. The client sends the third segment. This is just an ACK segment to acknowledge the receipt of the second segment. Can carry data, but if not, it consumes no sequence number.
Segment Format
The header is 20 B if there are no options and up to 60 B if it contains options. Segment fields include: o Source Port Address - 2 B field defines the port number of the application process in the sending host. o Destination Port Address - 2 B field that defines the port number of the application process in the receiving host. o Sequence Number - 4 B field defines the byte number assigned to the first byte of data contained in this segment. Each party uses a random number generator to create an initial sequence number (ISN), which is usually different in each direction. o Acknowledgment Number - 4 B field defines the byte number that the receiving party expects next (byte number received + 1). ACK and data can be piggybacked. o Header Length - 4 b field indicates the # of 4 B words in the TCP header. Length can be 20-60 B. Therefore, the value of this field is always between 5 (5 × 4 = 20) and 15 (15 × 4 = 60). o Control - Defines 6 different control bits or flags (see Control Field flashcard). o Window Size - 2 B field defines the window size of the sending TCP in bytes (max size 65,535). This value is normally referred to as the receiving window (rwnd) and is determined by the receiver. The sender must obey the dictation of the receiver in this case. o Checksum - 2 B field contains the checksum. The calculation of the checksum for TCP follows the same procedure as the one described for UDP, except checksum in TCP is mandatory. Uses the same pseudoheader as UDP. o Urgent Pointer - Only valid if the urgent flag (URG) is set. Used when the segment contains urgent data. 2 B field defines a value that must be added to the sequence number to obtain the # of the last urgent byte in the data section of the segment. o Options - Up to 40 B of optional information.
Syndrome Created by the Sender
The solution is to prevent the sending TCP from sending the data byte by byte. The sending TCP must be forced to wait and collect data to send in a larger block. If the TCP waits too long, it may delay the process. If it doesn't wait long enough, it may end up sending small segments. Nagle's Algorithm solves the above question: 1. The sending TCP sends the first piece of data it receives from the sending application process even if it is only 1 byte. 2. After sending the first segment, the sending TCP accumulates data in the output buffer and waits to send a new segment until either the receiving TCP sends an ACK or until enough data accumulates to fill a max-size segment. 3. Step 2 repeats for the rest of the transmission. Nagle's algorithm takes into account the speed of the application process that creates the data and the speed of the network that transports the data. If the application process is faster than the network, the segments are larger (max-size segments). If the application process is slower than the network, the segments are smaller (less than the max-size).
TCP FSM
The state marked ESTABLISHED in the FSM is in fact 2 different sets o states that the client and server undergo to transfer data.
Retransmission Time-Out (RTO)
The value of RTO is based on the smoothed RTT and its deviation. Most implementations use the following seen in the image. Taking the running smoothed average value of RTT_S and add 4x the running smoothed average value of RTT_D (normally a small value). TCP doesn't consider RTT of a retransmitted segment in its calculation of RTO (Karn's algorithm). In this case, TCP uses an exponential backoff strategy.
Exponential Backoff
The value of RTO is doubled for each retransmission. So if the segment is retransmitted once, the value is 2x the RTO. If it is retransmitted twice, the value is 4x the RTO, and so on.
Receive Window
There are 2 differences b/w the receive window in SP and TCP: 1. TCP allows the receiving process to pull data at its own rate. Part of the receiver's buffer may be occupied by bytes that have been received and acknowledged, but are waiting to be pulled by the receiving process. Receive window size (rwnd) determines the # of bytes that the receive window can accept from the sender before being overwhelmed (flow control). This means: rwnd ≤ (Buffer Size). In other words, the rwnd, can be determined as: rwnd = (Buffer Size) - (# of Waiting Bytes to be Pulled) 2. TCP uses a cumulative ACK instead of a selective ACK to announce the next expected byte to receive. Misc. o The new version of TCP uses both cumulative and selective acknowledgments (only discussed on the book's website).
Transport Layer Protocols
There are 3 transport layer protocols in the Internet: 1. TCP - Connection-oriented, reliable protocol that can be used in any application. 2. UDP - Connectionless, unreliable protocol used for its simplicity and efficiency in applications where the application layer process provides error control. 3. SCTP - Combines features of UDP and TCP.
Syndrome Created by the Receiver
Two solutions have been proposed: 1. Clark's solution is to send an ACK as soon as the data arrive, but to announce a window size of 0 until either there is enough space to accommodate a segment of max-size or until at least half of the receive buffer is empty. 2. Delay sending the ACK. This means that when a segment arrives, it isn't acknowledged immediately. The receiver waits until there is a decent amount of space in its incoming buffer before sending an ACK. The delayed ACK prevents the sending TCP from sliding its window. After the sending TCP has sent the data in the window, it stops. This kills the syndrome. Delayed ACK also has another advantage: it reduces traffic. The receiver doesn't have to acknowledge each segment. However, there also is a disadvantage in that the delayed ACK may result in the sender unnecessarily retransmitting the unacknowledged segments. The protocol balances the advantages and disadvantages. It now defines that the ACK should not be delayed by more than 500 ms.
User Datagram
UDP packets. Have a 8-byte header and a variable length payload (data). The header has 4 fields: 1. Source Port Number (2 B) 2. Destination Port Number (2 B) 3. Total Length (2 bytes) - Total length must be less than 65,535 b/c user datagram is stored in an IP datagram of total length 65,535 B. Therefore, can be 0 to 65,507 B (minus 8 B for UDP header and minus 20 for IP Header). 4. Checksum - Optional (explained later).
TIME-WAIT (2MSL) Timer
Used during connection termination. The max segment lifetime (MSL) is the amount of time any segment can exist in a network before being discarded. The implementation needs to choose a value for MSL. The 2MSL timer is used when TCP performs an active close and sends the final ACK. The connection must stay open for 2 x MSL amount of time to allow TCP to resend the final ACK in case the ACK is lost. This requires that the RTO timer at the other end times out and new FIN + ACK segments are resent.
Keepalive Timer
Used in some implementations to prevent a long idle connection b/w 2 TCPs. Each time a server hears from a client, it resets this timer. If the server does not hear from the client before the keepalive timer expires, the server sends a probe. If there is no response after 10 probes (each 75 s apart), it assumes the client is down and terminates the connection.
Persistence Timer
Used to correct a deadlock. One is used for each connection. When the sending TCP receives an ACK with a window size of 0, it starts a persistence timer. When the persistence timer expires, the sending TCP sends a special segment called a probe. The probe contains 1 B of new data. It has a sequence number, but its sequence number is never acknowledged; it is even ignored in calculating the sequence number for the rest of the data. The probe causes the receiving TCP to resend the ACK. The value of the persistence timer is set to the value of the retransmission time. However, if a response is not received from the receiver, another probe segment is sent and the value of the persistence timer is doubled and reset. The sender continues sending probes and doubling and resetting the value of the persistence timer until the value reaches a threshold (usually 60 s). After that the sender sends one probe every 60 seconds until the window is reopened.
Stream Identifier (SN)
Used to identify a stream. There may be several streams in an association. Each data chunk must carry the SI in its header so that when it arrives at the destination, it can be properly placed in its stream. SIs are 16-bit numbers that start from 0.
Transmission Sequence Number (TSN)
Used to number data chunks (unit of data in SCTP). Each data chunk must carry the corresponding TSN in its header. Analogous to sequence number in TCP. Chunks may or may not have a one-to-one relationship with the message coming from the process due to fragmentation. TSNs are 32-bit numbers. Randomly initialized b/w 0 and (2^32) - 1. Used for flow and error control.
Silly Window Syndrome
When data is sent in very small segments, which reduces the efficiency of the operation. This happens when either the sending application process creates data slowly or the receiving application process consumes data slowly, or both.
