WXES2106

Network Technology
Semester 1 2004/2005
Chapter 8
Intermediate TCP

CCNA2: Module 10
Contents
 Introduction
 TCP Operation

 Transport Layer Port

Introduction
 The transport layer is responsible for the reliable transport of
and regulation of data flow from source to destination.
 This is accomplished through the use of sliding windows
and sequencing numbers along with a synchronization
process.
 The transport layer provides transport services from the
source host to the destination host.
 It establishes a logical connection between the endpoints of
the network.
 Transport services segment and reassemble several upper-
layer applications onto the same transport layer data stream.
TCP Operation
 Flow Control
 As the transport layer sends data segments, it tries to
ensure that data is not lost.
 A receiving host that is unable to process data as
quickly as it arrives could be a cause of data loss. The
receiving host is then forced to discard it.
 Flow control avoids the problem of a transmitting host
overflowing the buffers in the receiving host.
TCP Operation
TCP Operation
 Session establishment, maintenance, and
termination
 Transport functionality is accomplished on a segment-
by-segment basis.
 For data transfer to begin, both the sending and
receiving applications inform the respective operating
systems that a connection will be initiated.
 The connection is established and the transfer of data
begins after all synchronization has occurred.
 At the end of data transfer, the sending host sends a
signal that indicates the end of the transmission.
TCP Operation
 Three-way handshake
 Prior to data transmission, the two communicating hosts
go through a synchronization process to establish a
virtual connection.
 It ensures that both sides are ready for data transmission
and allows the devices to determine the initial sequence
numbers.
 One host sends a synchronization (SYN) packet to
initiate a connection. This packet has an initial
sequence number of x with a bit in the header that
indicates a connection request. This bit is set in the
acknowledgment number field of the TCP header, which
is also referred to as the code field.
TCP Operation
 The other host receives the packet, records the
sequence number of x, replies with an
acknowledgment (ACK) of x + 1, and includes its
own initial sequence number of y. The
acknowledgment number of x + 1 means the host
has received all octets up to and including x, and
expects x + 1 next.
 The initiating host responds with a simple ACK of
y + 1, which is the sequence number of Host B + 1.
This indicates that it received the previous ACK and
finalizes the connection process.
TCP Operation
TCP Operation
 Windowing
 TCP is responsible for breaking data into segments.

 Once the data is segmented, it must be transmitted to

the destination device.
 Window size determines the amount of data that
can be transmitted at one time before the
destination responds with an ACK.
 After a host transmits the window-sized number of
bytes, the host must receive an acknowledgment that
the data has been received before it can send any
more data.
TCP Operation
TCP Operation
 TCP utilizes a sliding window when determining
transmission size. A sliding window allows for devices
to negotiate a window size to allow for more than
one byte to be sent during a single transmission.
 For example, the sender sends three packets before
expecting an ACK. If the receiver can handle a
window size of only two packets, the window drops
packet three, specifies three as the next packet,
and specifies a new window size of two.
TCP Operation
TCP Operation
 Sequence Number
 TCP applies sequence numbers to the data segments
that are transmitted so that the receiver can
reassemble the bytes in their original order.
 These sequencing numbers also act as reference
numbers so that the receiver will know if it has
received all of the data.
 They also identify the missing data pieces to the
sender so it can retransmit the missing data.
TCP Operation
 Acknowledgement
 Positive acknowledgment with retransmission (PAR) is
one technique that guarantees reliable delivery of data.
 It requires a recipient to communicate with the source and
send back an acknowledgment message when the data is
received.
 The sender also starts a timer when it sends a segment
and will retransmit a segment if the timer expires
before an acknowledgment arrives.
 If a packet does not arrive at the destination, the receiver
acknowledges with a request to resend the packet. The
sender will resends the packet
TCP Operation
TCP Operation
 Denial of service attacks
 Deny services to legitimate hosts that try to establish
connections.
 Used by hackers to halt system responses.
 One type of DoS is known as SYN flooding.
 The hacker initiates a SYN but spoofs the source IP
address. Spoofing is a term used when the receiving
device replies to a non-existent, unreachable IP
address and then is placed in a wait state until it receives
the final ACK from the initiator.
 This wait state requires the attacked device to use system
resources, such as memory, until the connection timer
times out
TCP Operation
 To defend against these attacks, system administrators may decrease the
connection timeout period and increase the connection queue size.
Transport Layer Port
 A port number must be associated with the conversation
between hosts to ensure that the packet reaches the
appropriate service on the server.
 Hosts running TCP/IP associate ports at the transport
layer with certain applications.
 Port numbers are needed for a host to communicate
with a server that uses multiple services.
 Both TCP and UDP use port or socket numbers to pass
information to the upper layers.
Transport Layer Port
Transport Layer Port
 Port numbers have the following assigned ranges:
 The Well Known Ports are those from 0 through 1023
 The Registered Ports are those from 1024 through
49151
 The Dynamic and/or Private Ports are those from
49152 through 65535
 Source port numbers for these requests are
dynamically assigned by the originating host, and are
usually a number larger than 1023.
 Clients and servers use ports to distinguish which process
each segment is associated with.
Transport Layer Port
 Port numbers are represented by 2 bytes in the header
of a TCP or UDP segment.
 This 16-bit value can result in port numbers ranging from
0 to 65535.
 The source and destination port numbers combine with
the network address to form a socket.
 A pair of sockets, one on each host, forms a unique
connection.