You are on page 1of 62

COMP 416 Internet Protocols and Software

Instructor: Zhijun Wang


Lab#1 will be given next week at PQ604A-C at the class time Supplementary Materials are available Todays contents UDP (Chap. 11) TCP (Chap.12)
TCP/IP Protocol Suite 1

Key thinks
What are the major differences between UDP and TCP? Where are the application domains for UDP and TCP? Why does TCP work well? What are the disadvantages of UDP and TCP?

TCP/IP Protocol Suite

Chapter 11

User Datagram Protocol


Objectives
Be able to explain process-to-process communication Know the format of a UDP user datagram Understand the operation of UDP Know when it is appropriate to use UDP
3

TCP/IP Protocol Suite

Figure 1

Position of UDP in the TCP/IP protocol suite

TCP/IP Protocol Suite

Figure 2

UDP versus IP

UDP (User Datagram Protocol) is a connectionless, unreliable transport protocol. UDP is a simple protocol using a minimum overhead.

TCP/IP Protocol Suite

Figure 3

Port numbers

UDP uses port number to identify processes. A port number has 16 bits, the range is from 0 to 65,535. The client process defines itself with a port number, called ephemeral port number which is recommended to be greater than 1023. The server process also defines itself with a port number which is a well-known port number in the range 0-1023.

TCP/IP Protocol Suite

Figure 4

IP addresses versus port numbers

IP addresses identify devices Port numbers identify processes

TCP/IP Protocol Suite

Figure 5

ICANN ranges

ICANN: International Corporation for Assigned Names and Numbers

Well-known ports: the ports ranging from 0 to 1023 are assigned and controlled by ICANN. Registered ports: the ports ranging from 1024 to 49,151 are not assigned and controlled by ICANN. They can only be registered with ICANN to prevent duplication. Dynamic ports: the ports ranging from 49,152 to 65,535 are neither controlled nor registered. They can be used as temporary or private numbers
TCP/IP Protocol Suite 8

Table 1 Well-known ports used with UDP

TCP/IP Protocol Suite

Socket address
Socket address: a combination of IP address and a port number

TCP/IP Protocol Suite

10

Example 1

An SNMP client residing on a host with IP address 132.23.43.31 sends a message to an SNMP (Port: 161) server residing on a host with IP addresses 32.23.2.1. What is the pair of sockets used in this communication? Solution: In the client, the socket address is IP address combined with an ephemeral ports X, (132.23.43.31, X). In the server, the socket address is (32.23.2.1, 161).

TCP/IP Protocol Suite

11

Figure 6

User datagram format

UDP packets are called user datagrams and have a fixed-size header of 8 bytes.

Error check for the user datagram

TCP/IP Protocol Suite

12

Figure 7

Encapsulation and decapsulation

UDP: connectionless service User datagrams are not numbered No relationship between different user datagrams even if they are coming from the same user.
UDP: unreliable service No flow and error control

TCP/IP Protocol Suite

13

Figure 8

Queues in UDP

There are one outgoing and one incoming queues used for sending and receiving datagrams. The queues usually are identified by the port numbers.

TCP/IP Protocol Suite

14

Applications of UDP

UDP is suitable for a process that requires simple-response communication with little concern for flow and error control

UDP is suitable for a process with internal flow and error-control mechanism, e.g., Trivial File Transfer Protocol (TFTP).
UDP is a suitable transport protocol for multicasting.

UDP is used for management processes such as SNMP.


UDP is used for route updating protocols such as Routing Information Protocol (RIP).

TCP/IP Protocol Suite

15

Congestion Control of UDP

DCCP: Datagram Congestion Control Protocol RFC4340: http://www.read.cs.ucla.edu/dccp/rfc4340.txt

TCP/IP Protocol Suite

16

Chapter 12

Transmission Control Protocol


Objectives
Understand the services offered by TCP Understand TCPs flow and error control and congestion control Be familiar with the fields in a TCP segment Understand the phases in a connection-oriented connection

TCP/IP Protocol Suite

17

TCP FEATURES

TCP is a connection-oriented protocol (UDP: Connectionless) TCP is a reliable transport protocol (UDP : unreliable) TCP uses full-duplex communication (UDP : half-duplex)

TCP uses port numbers to identify processes. A packet in TCP is called a segment.

TCP/IP Protocol Suite

18

Table 1 Well-known ports used by TCP

TCP/IP Protocol Suite

19

Figure 1 Sending and receiving buffers A circular buffer is used to send and receive data. The sent bytes are removed from the buffer when they are acknowledged.

TCP/IP Protocol Suite

20

Numbering system
The bytes of data being transferred in each connection are numbered by TCP. The number starts with a randomly generated number.

The value in the sequence number field of a segment defines the number of the first data byte contained in that segment.

The value of the acknowledgement field in a segment defines the number of the next byte a party expects to receive. The acknowledgement is cumulative.

TCP/IP Protocol Suite

21

Example 1
Suppose a TCP connection is transferring a file of 3000 bytes. The first byte is numbered 10001. What are the sequence numbers for each segment if data is sent in three segments, each carrying 1000 bytes?

Solution
The following shows the sequence number for each segment:
Segment 1 Sequence Number: 10,001 (range: 10,001 to 11,000) Segment 2 Sequence Number: 11,001 (range: 11,001 to 12,000)

Segment 3 Sequence Number: 12,001 (range: 12,001 to 13,000)

TCP/IP Protocol Suite

22

Figure 2

TCP segment format

The TCP header includes 20-40 bytes

TCP/IP Protocol Suite

23

Figure 3

Control field

TCP/IP Protocol Suite

24

A TCP CONNECTION
TCP is connection-oriented. A connection-oriented transport protocol establishes a virtual path between the source and destination. All of the segments belonging to a message are then sent over this virtual path. A connection-oriented transmission requires three phases: (1) connection establishment (2) data transfer (3) connection termination.

TCP/IP Protocol Suite

25

Figure 3

Connection establishment using three-way handshaking

rwnd: receiver window size


TCP/IP Protocol Suite 26

TCP Connection Establishment


The server must be ready to accept connections, that is passive open. The client issues a request for active open. (1) The client first sends a SYN segment, in which only SYN flag is set. A SYN segment cannot carry data, but it consumes one sequence number. The sequence number is called the initial sequence number (ISN). (2) After the server receives the SYN segment, it sends a SYN+ACK segment back The segment has 2 flag bits set: SYN and ACK, and also contains receiver window size which indicates the maximal number of bytes can be sent. A SYN+ACK segment cannot carry data, but does consume one sequence number. (3) After receiving SYN+ACK, the client sends an ACK segment to the server. The ACK segment, if carrying no data, consume no sequence number. Now the TCP connection has been established.
TCP/IP Protocol Suite 27

SYN Flooding Attack


The connection establishment procedure in TCP has SYN flooding attack problem. A malicious attacker sends a large number of SYN segments to a server using faked IP addresses. The server, assuming that the clients are issuing an active open, allocates the necessary resources. During the time, a lot of resources are allocated without being used. Then the server sends the faked clients SYN+ACK segments which are lost. During this period, the server may run out of resource, and even crash. Such attacks known as denial of service attack.

Protections: (1) limit the number of connections during a time period (2) filter out segments from unwanted source address (3) delay resource allocation until the entire connection is set up
Some materials on denial of service attack are available on supplementary in course webpage and WebCT.

TCP/IP Protocol Suite

28

Figure 4

Data transfer

After connections is established, bidirectional data transfer can take place. The acknowledgement is piggyback with data.

TCP/IP Protocol Suite

29

Figure 5

Connection termination using three-way handshaking

TCP/IP Protocol Suite

30

Three-way handshaking termination


After sending all data, the client initiates a TCP close command to terminate connection.

(1) The client first sends a FIN segment, in which the FIN flag is set. The segment can include the last chunk of data sent by the client or it can be just a control package.

The FIN segment consumes one sequence number if it does not carry data.
(2) After receiving the FIN segment, the server informs its process of the situation and send a FIN+ACK segment to confirm the receipt of the FIN segment from the client and also announce the closing of the connection in the other direction.

The FIN+ACK consumes one sequence number if it does not carry data.
(3) The client sends the last ACK segment to the server. Now the TCP connection has been terminated.
TCP/IP Protocol Suite

The ACK segment cannot carry data and consumes no sequence number.

31

Figure 6

Half-close

In TCP, one end can stop sending data while still receiving data, this called Half-close. The client sends FIN segment To the server, and the server sends an ACK back. The data is still sending from the server to the client. The server sends a FIN segment when all data are sent. The client sends an ACK segment back. The connection is closed. This process called four-way handshaking termination.

TCP/IP Protocol Suite

32

FLOW CONTROL
Flow control regulates the amount of data a source can send before receiving an acknowledgment from the destination. TCP uses sliding window protocol for flow control. In this method, a host uses a window for outbound communication (sending data). The window span the portion of the buffer containing bytes received from the process. The bytes inside the window are the bytes that can be in transit; they can be sent without worrying about acknowledgement. A sliding window is used to make transmission more efficient as well as to control the flow of data so that the destination does not become overwhelmed with data. TCP sliding windows are byte oriented.
TCP/IP Protocol Suite 33

Figure 7

Sliding window

Congestion window size

TCP/IP Protocol Suite

34

Example 2
What is the value of the receiver window (rwnd) for host A if the receiver, host B, has a buffer size of 5,000 bytes and 1,000 bytes of received and unprocessed data?

Solution The value of rwnd = 5,000 1,000 = 4,000. Host B can receive only 4,000 bytes of data before overflowing its buffer. Host B advertises this value in its next segment to A.

TCP/IP Protocol Suite

35

Example 3
Figure 8 shows an unrealistic example of a sliding window. The sender has sent bytes up to 202. We assume that cwnd is 20 (in reality this value is thousands of bytes). The receiver has sent an acknowledgment number of 200 with an rwnd of 9 bytes (in reality this value is thousands of bytes). The size of the sender window is the minimum of rwnd and cwnd or 9 bytes. Bytes 200 to 202 are sent, but not acknowledged. Bytes 203 to 208 can be sent without worrying about acknowledgment. Bytes 209 and above cannot be sent.

TCP/IP Protocol Suite

36

Figure 8

Example 3

cwnd

rwnd

TCP/IP Protocol Suite

37

Example 4
In Figure below, the sender receives a segment with an acknowledgment value of 206 and an rwnd of 12. The host has not sent any new bytes. The value of cwnd is still 20. Show the new window.

TCP/IP Protocol Suite

38

Example 4-solution

Solution The value of rwnd is less than cwnd, so the size of the window is 12. Figure below shows the new window. Note that the window has been opened from the right by 7 and closed from the left by 4; the size of the window has increased.

TCP/IP Protocol Suite

39

ERROR CONTROL
TCP provides reliability using error control, which detects corrupted, lost, out-of-order, and duplicated segments. Error control in TCP is achieved through the use of the checksum, acknowledgment, and time-out. Error control includes a mechanism for detecting corrupted segments, lost segments, out-of-order segments and duplicated segments.

Checksum is used to detect the corrupted segments.

TCP/IP Protocol Suite

40

Acknowledgement
ACK segments do not consume sequence numbers and are not acknowledged. Rules for generating ACK:

Rule 1: When one end sends data segment to the other end, it must include

an acknowledgement giving the next sequence number it expects to receive. Rule 2: If the receiver has no data to send, it receives an in-order segment and the previous one has acknowledged, it delays sending ACK until another segment arrives or until a period of time has passed. That means there should be no more than 2 in-order unacknowledged segments in any-time. Rule 3: When a segment arrives with a sequence number that is expected, and the previous one is in order and has not acknowledged, it immediately sends an ACK. Rule 4: When a segment arrives is out-of-order number, the receiver immediately sends an ACK announcing the expected sequence number to be received. Rule 5: When a missing segment arrives, the receiver sends an ACK to announce the next sequence number expected. Rule 6: If a duplicated segment arrives, the receiver immediately sends an ACK to solve missing ACK case.
TCP/IP Protocol Suite 41

Retransmission and out-of-order segments


In TCP, the sender starts a retransmission time-out (RTO) for each segment sent. A retransmission occurs if any of the cases is true: (1) The retransmission timer expires (2) Three duplicated ACK segments have arrived Data may arrive out of order and be temporarily stored by the receiving TCP, but TCP guarantees that no out-of-order segment is delivered to the process.

TCP/IP Protocol Suite

42

Figure 9

Normal operation for ACK

TCP/IP Protocol Suite

43

Figure 10

Lost segment

TCP/IP Protocol Suite

44

Figure 11

Fast retransmission

TCP/IP Protocol Suite

45

Figure 12 Lost acknowledgment

TCP/IP Protocol Suite

46

Figure 13

Lost acknowledgment corrected by resending a segment

TCP/IP Protocol Suite

47

CONGESTION CONTROL
Congestion control refers to the mechanisms and techniques to keep the load below the capacity. Why does TCP work well for Internet? A protocol must be fair for every user and must be stable for the whole system. TCP provides fairness (e.g., max-min, proportional fairness). However, TCP is not efficient, cannot provide QoS features. Performance Measurements: delay and throughput Delay includes the propagation time and processing time. Throughput is defined as the number of bytes passing through the networks in a unit time.
TCP/IP Protocol Suite 48

Figure 14 Router queues The routers/switches have queues-buffers that hold packets before and after processing. If the rate of the packet arrival is higher than the packet processing rate, the input queues may overflow. If the packet depart rate is less than the packet processing rate, the output queue may be overflowed. Some packets in the overflowed queues are dropped, indicating congestion in the Internet.

TCP/IP Protocol Suite

49

Figure 15.

Packet delay and throughput vs. network load

TCP/IP Protocol Suite

50

Figure 16

Slow start, exponential increase

Window size= min (rwnd, cwnd)

TCP has a slow start phase. In this phase, the size of the congestion window increases exponentially until it reaches a threshold. Start After 1 RTT After 2 RTTs . cwnd=20 MSS: maximum segment size. cwnd=21 cwnd =22
TCP/IP Protocol Suite 51

Figure 17

Congestion avoidance, additive increase

After the cwnd reaches the threshold, the size of the congestion window increases additively until the congestion is detected Start After 1 RTT After 2 RTTs . cwnd=1 cwnd=2 cwnd =3
TCP/IP Protocol Suite 52

Congestion detection
In todays Internet, only way the sender can guess that congestion has occurred is the need to retransmit a segment. There are two cases: (1) The retransmission timer expires (2) Three duplicated ACK segments have arrived When the congestion is detected by timer expiration, most TCP implementations reacts: (1) It sets the maximal value of the threshold to the half of the current window size. (2) It sets the cwnd to be 1 (3) It starts a slow start phase again If the congestion is detected by three ACKs, most TCP implementations reacts: (1) It sets the maximal value of the threshold to the half of the current window size. (2) It sets cwnd to the value of the threshold (3) It starts the congestion avoidance phase
TCP/IP Protocol Suite 53

Figure 18

TCP congestion policy summary

TCP/IP Protocol Suite

54

Figure 19

Congestion example

congestion detected

reduced to half

cwnd=1 RTT: round trip time


TCP/IP Protocol Suite

cwnd=threshold=6

55

Summary
1. UDP and TCP Both are transport layer protocol, use port numbers to identify processes UPD is connectionless and unreliable protocol, has no error, flow and congestion control TCP is connection oriented and reliable protocol, has error, flow and congestion control 2. Socket address = IP address + port number 3. UDP and TCP header information 4. TCP connection establishment, sequence number, acknowledgment, window size

5. TCP termination
6. TCP flow, error and congestion control
TCP/IP Protocol Suite 56

Excises:
1. The following is a dump of a UDP header in hexadecimal format 06 32 00 0D 00 1C E2 17 (a) What are the source and destination ports? (b) What is the total length of the user datagram? (c) What is the length of the data? 2. In a TCP connection, the initial sequence number at a client site is 2171. The client opens the connection, sends only one segment carrying 1000 bytes of data, and closes the connection. What is the value of the sequence number in each of the following segments sent by the client? (a) The SYN segment.

(b) The data segment


(c) The FIN segment
TCP/IP Protocol Suite 57

Excises-cont.-I
3. In a connection, the value of cwnd is 3000 and the value of rwnd is 5000. The host has sent 2000 bytes, in which 1000 bytes have been acknowledged. What is the window size? How many more bytes can be sent? 4. A client sends 16 bytes to a server. Calculate the efficiency (ratio of useful bytes to the total byes) of this transmission at the transport level if the client uses: (a) UDP (b) TCP. 5. TCP opens a connection using initial sequence number (ISN) of 14,534. The other party opens the connection with an ISN 21732. Show the three TCP segments during the connection establishment.

TCP/IP Protocol Suite

58

Excises-cont.-II
6. A window holds bytes 2001 to 5000. The next byte to be sent is 3001. Draw a figure to show the situation of the window after the following events. (a) An ACK segment with the acknowledgement number 2500 and window size advertisement 4000 is received. (b) A segment carrying 1000 bytes is sent.

TCP/IP Protocol Suite

59

1.

(a) Source port is 0632=1586, destination port is 000D=13 (b) The total length of the user datagram is 001C=28 bytes (c) The length of the data is 28-8=20 byte

Solutions of the Excises:

2. (a) 2171 (b) 2172

(c) 3172

3. The window size=3000. The bytes can be sent: 3000-(2000-1000)=2000. 4. (a) The total packet length = 16+8=24 bytes, efficiency=16/24=66.7%. (b) The total packet length =16+20=36 bytes, efficiency=16/36=44.4%.

TCP/IP Protocol Suite

60

Solutions of the Excises-cont. I


5.

TCP/IP Protocol Suite

61

Solutions of the Excises-cont. II


6.

TCP/IP Protocol Suite

62

You might also like