bitmindframes

OSI Transport Layer:

Transport Layer

Accepts data from Application layer and prepares it for layer 3;
Responsible for end to end transfer of data.
Enables multiple applications to communicate simultaneously.
Ensures data received reliably and in order.
Employs error handling mechanisms.

Separating multiple Communications

Divide data into small parts, enables many different communications to be multiplexed on the same network.
Segmentation allows multiple applications to send and receive.
Without segmentation only 1 would be able to rceive data.
The data flowing between a source and destination application …. Conversation.
To identify each segment the L4 adds a header containing fields and bits.
The values in these fields enable dirrerant Transport layer protocols to perform different functions.

Transport Layer Functions

Contains only 2 common protocols – TCP and UDP (Transmission Control Protocol, User Datagram Protocol).
Both provide the following:
Segmentation and Reassembly:
Networks have limitations on the size of a single PDU.
L4 divides data into blocks of an appropriate size.
L4 reassembles the data at destination.
Conversation multiplexing:
L4 determines which application or service gets the data.
Some applications use both TCP and UDP.
TCP provides some additional functions
Connection – oriented conversations.
Reliable delivery.
Order data reconstruction.
Flow control.

Establishing a Session (Connection):

Connection – orientation is handled by creating a session between applications.
These prepare the applications to communicate with each other before any data is transmitted.

Reliable Delivery:

It is possible for data to become corrupt or lost.
L4 can ensure all pieces reach the destination by having the source retransmit any lost data.

Same order of Delivery:

Networks may provide multiple routes with different transmission times, so data can arrive in wrong order.
By numbering the segments L4 can ensure these segments are reassembled into the proper order.

Flow Control:

Hosts have limited resources (ie. Memory or bandwidth).
When L4 is aware these resources are overtaxed, TCP can request the sending application to reduce data flow.
Done by regulating the amount of data the source transmits as a group.
Flow control can prevent the loss of segments and avoid the need for retransmission.
3 basic Operations of Reliability.
tracking transmitted data.
acknowledging received data.
retransmitting any unacknowledged data.
Repuires L4 processes keep track of segments and returns any un-acknowleded data.
Received host must track segments and acknowledgment (ACK) receipts.
These processes add overhead due to:
Added control information contained in L4 header.
Trade-off between reliability and the burden on the network.
Application developers choose which transport protocol is appropriate based on the requirement of their Applications.
TCP provides reliable guaranteed delivery.
UDP provides only “best effort” delivery (unreliable).

Determining the Need for Reliability

Databases, web email all require data in its original condition.
These applications are designed to us TCP.
Other applications are more tolerant of small losses (video).
Additional overhead of voice or video reduce its usefulness.

Transport Layer Role and Services

Both TCP, UDP support multiplexing multiple applications.
But, they have a significant differences.
TCP 20 bytes.
UDP 8 bytes.
TCP Source part 16 bits long.
TCP Destination part 16 bits long.
UDP Source part 16 bits long.
UDP Destination part 16 bits long.

UDP

A simple connectionless protocol.
RFC768.
Low overhead data delivery (8 byte header).
UDP segments are call datagrams.
Datagrams are sent as “best-effort”.
Applications that use UDP include but are not limited to:
DNS.
Video Streaming.
VoIP.
TCP

A connection-oriented protocol.
RFC793.
Additional functions are:
Same order delivery.
reliable delivery.
flow control.
TCP segment has 20 byte header.
Applications that use TCP are but are not limited to:
Web Browsers.
E-mail.
File transerers.
Identifying the Conversations

TCP and UDP track conversations.
Differentiate applications, both use port numbers to uniquely identify these applications.
Segment headers include both a source and destination port.
Port numbers depend on if the message is a request or reply.
Server process uses static port numbers, clients choose a source port number dynamically for each conversation.
When a client application sends a request to a server application, the destination port is the number assigned to the server daemon.
Client applications must know what number that is.
Source port in a client request is randomly generated.
If it does not conflict with other ports in use on the system the client can choose any port number.
This port number acts like a return address.
The requesting application port number is used as the destination port number in the response coming back from the server.
The combination of the port number and the IP address uniquely identifies ever process.
This combination is called a socket.
Eg. 192.168.1.3:80
A socket pair from the source and destination identifies a conversation between two hosts.
Eg. 192.168.3.6.12632
Port numbers are assigned various addressing standards by the Internet Assigned Numbers Authority (IANA), a standards body responsible for assigning various addressing standards.

Types of Port Numbers

Well known Ports 0 to 1023.
Reserved for services and applications.
Registered Ports 1024 to 49151.
Dynamic or Private Ports 49152 to 65535.
Usually assigned dynamically to client applications.

Netstat

Unexplained TCP connections can pose a security threat.
They can indicate that something is connected to the host.
Also, TCP connections slow down a host’s performance.
To view active TCP connections on a host use netstat.
Use it when performance appears to be compromised.

Segmentation

Dividing data into pieces ensures it is sent within media limits and that data from different applications can be multiplexed on to the media.
TCP and UDP handle segmentation differently.
In TCP each segment contains a sequence number.
Sequence numbers allow the destination to reassemble in order.
UDP is not concerned with the order. No sequence numbers.
UDP is simpler and generates less overhead.

Reliablility

Key distinction between TCP and UDP
Reliabilitycomes from using connection-oriented sessions.
Before sending data source creates a connection to destination.
Connection enables tracking and ensures each host is aware.
TCP conversation requires a session between hosts in both directions.
During session the destination sends ACKs to the source for segments it receives.
ACKs form the basis of reliability.
When source receives an ACK it knows that data has been delivered and can quit tracking data.
If source does not receive an ACK within a certain time, it retransmits that data to the destination.
This reliability costs
Generates traffic with ACKs and retransmissions.
Session establishment requires additional segments.
Hosts have to track segments waiting ACK and resends.

Port numbers

Servers cannot have 2 services assigned the same port number.
Can be many simultaneous ports open on a server one for each active server application (eg. 80 and 25) …
Improve security by restricting open ports.

Application and operation of TCP Mechanisms

Each connection represents two one-way sessions.
Establish a connection hosts perform 3-way handshack.
Control bits in the header indicate progress and status.
3 way Handshake
Ensures the destination device is present.
Verifies the destination is accepting requests on the port.
Informs destination device the source wants to ‘talk”.
The client initiates the session to the server.
client sends a segment with a random ISN.
server responds with ACK value equal to the sequence number +1 and its own sequence number.
client responds with an ACK number = to the sequence number it received + 1. This completes the process.

TCP 3-way

TCP segment header (six – one bit fields used to manage TCP processes
URG – urgent pointer field segment.
ACK – acknowledgement field segment.
PSH – push function.
RST – reset the connection.
SYN – synchronize sequence numbers.
FIN – no more data from sender (nice to use).

1. SYN 000010.
2. SYN, ACK 010010.
3. ACK 010000.

A four-step process is used to terminate a connection.

Client Server
——FIN——>
<–ACK FIN–
<——FIN——
—ACK FIN—>

Session Termination

Good to Read but will not mention very much

Re-Sequencing Segments

Sequence numbers assure segments are reassembled in order.
Initial Sequence Number (ISN) is the starting value for bytes in a session.
Sequence number is incremented by the number of bytes transmitted.
This enables unique indentification and acknowledgment.
Segment sequence numbers indicate how to reassemble / reorder segments ensuring reliability.
Segments that arrive out of order are held for later processing.
Segment sequence number and ACK number together confirm receipt of data.
Sequence number indicates the number of bytes that have been transmitted in this session.
TCP uses the ACK number in segments sent back to the source to indicate the next byte the receiver expects to receive.
Called an expectation ACK.
Source is informed that the destination has received all bytes in this data stream up to ACK number – 1.
Sending host should send a segment that uses a sequence number that is equal to the ACK number.
Two one-way sessions:
Sequence numbers and ACK numbers both ways.
The amount of data a source can send before acknowledgment must be received is called the Window Size (field in TCP header).

Handling Segment Loss

Will occur occasionally.
TCP provides method of managing these losses.
TCP host only ACKs contiguous data.
Eg. 1500 – 3000 and 3400 – 3500 were received, the ACK would be 3001 because segments with the sequence numbers 3001 to 3399 that have not been received.
When source has not received ACK after a predetermined amount of time it will go back to the last ACK number that it received and retransmit data from that point forward.
Optional feature.
Selective ACKnowledgements.
If supported by both hosts, it is possible for the dest to ACK bytes in discontinuous segments and the host would only need to retransmit the missing data.

Flow Control

Assists reliability by adjusting the data flow (rate) between hosts.
Is managed with Window Size.
Initial Window Size is set during the 3-way handshake.
The Window Size determines the number of bytes sent before an ACK is expected. The ACK number is the number of the next expected byte.
When network resources are constrained, TCP can reduce the window size to require that received segments be acknowledged more frequently.
If segments are lost because of congestion, the Receiver will ACK the last received sequential segment and reply with a reduced window size.
If the destination needs to, it may change Window Size value as part of the ACK.

UDP Protocol

Much lower overhead.
No connection, No retransmissions, no sequencing, no flow control.
Does not mean UDP applications are always unreliable, rather these functions must come elsewhere if required.
Total UDP traffic on networks is relatively low.
Key protocols that use UDP:
DNS, SNMP, DHCP, RIP, TFTP….
Transaction bused. In other words, when an application has data to send, it simply sends it. No pre-connection.
Applications tend to send data that can fit in one segment.
UDP PDU is a datagram or segment.
UDP has no sequence number.
Reassembles data as received.
If sequence is important then the application has to handle it.
Uses in multicasting applications were there are many destinations at once.

Tags: cisco, 802.1q, guides, router, vlan, ip