TCP/IPTCP/IP InternalInternal

TCP/IP

Learning outcome

Application layer– HTTP, FTP, TELNET, POP3, SMTP, IMAP, DNS protocols

Transport layer – TCP and UDP– TCP and UDP segment – Opening and closing connections– Flow control – Reliable data transmission

Internet layer– IP , ICMP, ARP and RARP– IP datagram– Routing

TCP/IP

Learning outcome cont’d

Before we have explained how– Each layer adds header information to the block of data

passed to it from the previous layer– And these headers are interpreted and removed by

corresponding layer at the receiving end

In this Chapter– We will look in details at the header information constructed

at the transport and internet layers– We will also show how this information is used

TCP/IP

Reading List for this chapter

Julian Moss, “understanding TCP/IP” (parts 2-4, October 1997-March 1998)

William Buchanan, Mastering the Internet, Ch. 4

Joe Casad, Teach Teach Yourself TCP/IP, chs. 4-6

Liam Proven, “understanding TCP/IP” [details of IP addressing] ( January 2001)

or

or

and

http://www.pcnetworkadvisor.com

TCP/IP

TCP/IP Protocol Suite is a four-layered protocol suite. The location of the important protocols within the TCP/IP layers is showed below

OSI layers

TCP UDP

IP Internet layer ICMP

Network interface

Network-specific protocols (e.g. Ethernet, Token-ring, FDDI, ATM)

Transport layer

SMTP

HTTP

TELNETFTP SNMP DNS

RTP

Application layer

IMAP POP

5

TCP/IP

The suite of Protocols for TCP/IP

ICMP

The application layer

Handles high-level protocols, issues of representation, encoding, and dialog control. 

The TCP/IP combines all application-related issues into one layer, and assures this data is properly packaged for the next layer. – FTP, HTTP, SMNP, DNS ...– Format of data, data structure, encode …– Dialog control, session management …

TCP/IP suite

Application Protocols

Protocols Role Ports

HTTP Hyper Text Transfer Protocol browser and web server communication

1. client browser connects to HTTP server

2. client browser send a request to the HTTP server

3. HTTP server reacts by sending a response

4. HTTP server disconnects

80

FTP File transfer protocol

1. allow people anywhere on the Internet to log in and download whatever files they have placed on the FTP server, or upload other files.

2. Port 20 for data channel and 21 for control channel

20,

21

TCP/IP suite

Application Protocols

Protocols Role Ports

DNS Domain Name System1.provides translation between host name and IP address

2.DNS messages are carried using UDP on port 53

53

TELNET Remote login 23

TCP/IP suite

Application Protocols (cont’d)

Protocols Role Ports

POP3 Post Office Protocol 3

1.1. The point of POP3 is to fetch email from the The point of POP3 is to fetch email from the remote mailbox and store it on the user’s remote mailbox and store it on the user’s local machine to read later.local machine to read later.

2. Downloaded emails are then deleted from the server.

110

IMAP Internet Message Access Control

1. Retrieve emails

2. retaining e-mail on the server and for organizing it in folders on the serve

143

SMTP Sending email 1. Sending emails

2. Establish TCP connection to port 25 of the destination machine / server

3. Start sending email message

25

TCP/IP suite

The transport layer

Transport layer Transport protocols

– UDP– TCP

TCP AND UDP segments

TCP/IP suite

Transport Protocols in the Internet

UDP - User Datagram UDP - User Datagram ProtocolProtocol

datagram oriented unreliable, connectionless No acknowledgment simple unicast and multicast useful only for few applications,

e.g., multimedia applications used a lot for services

– network management (SNMP), routing (RIP), naming (DNS), etc.

TCP - Transmission Control Protocol

stream oriented reliable, connection-oriented complex only unicast used for most Internet applications:

– web (HTTP), email (SMTP), file transfer (FTP), terminal (TELNET), etc.

• The Internet supports 2 transport protocols

TCP/IP suite

User Datagram Protocol

DatagramHeader

Datagram Data Area

FrameHeader

Frame Data Area

UDPHeader

UDP Data

DatagramHeader

Datagram Data Area

UDPHeader

UDP Data

UDPHeader

UDP Data

TCP/IP

Source port (optional - zero if not used) Length - Count of octets including header

and data (minimum is 8) Checksum (optional - zero if not used)

User Datagram Protocol

UDP Message Length

UDP Destination Port

Data . . .

UDP Source Port

UDP Checksum

TCP/IP

User Datagram Protocol

IP checksum does not include data UDP checksum is only way to guarantee that

data is correct UDP checksum includes pseudo-header

UDPHeader

UDP DataPseudoHeader

TCP/IP

UDP Pseudo-Header

UDP Length

Source IP Address

Destination Address

Zero Protocol

UDP Message Length

UDP Destination Port

Data . . .

UDP Source Port

UDP Checksum

TCP/IP

Transport Control Protocol

TCP/IP

TCP Lingo

When a client requests a connection, it sends a “SYN” segment (a special TCP segment) to the server port.

SYN stands for synchronize. The SYN message includes the client’s ISN.

ISN is Initial Sequence Number.

TCP/IP

More...

Every TCP segment includes a Sequence Number that refers to the first byte of data included in the segment.

Every TCP segment includes a Request Number (Acknowledgement Number) that indicates the byte number of the next data that is expected to be received.– All bytes up through this number have already

been received.

TCP/IP

And more...

There are a bunch of control flags:– URG: urgent data included.– ACK: this segment is (among other things) an

acknowledgement.– RST: error - abort the session.– SYN: synchronize Sequence Numbers (setup)– FIN: polite connection termination.

TCP/IP

And more...

MSS: Maximum segment size (A TCP option) Window: Every ACK includes a Window field

that tells the sender how many bytes it can send before the receiver will have to throw it away (due to fixed buffer size).

TCP/IP

Client Server

SYNISN=X

SYNISN=X

1

SYNISN=Y ACK=X+1

SYNISN=Y ACK=X+1

2

ACK=Y+1ACK=Y+1 3

time

TCP 3-way handshake

TCP Connection creation

TCP 3-way handshake

Client: “I want to talk, and I’m starting with byte number X+1”.

Server: “OK, I’m here and I’ll talk. My first byte will be called number Y+1, and I know your first byte will be number X+1”.

Client: “Got it - you start at byte number Y+1”.

1

2

3

TCP Data and ACK

Once the connection is established, data can be sent.

Each data segment includes a sequence number identifying the first byte in the segment.

Each segment (data or empty) includes a request number indicating what data has been received.

TCP Fast Retransmit

Another enhancement to TCP congestion control Idea: When sender sees 3 duplicate ACKs, it

assumes something went wrong The packet is immediately retransmitted instead of

waiting for it to timeout

Figure 6.12 Fast Retransmit

Packet 1

Packet 2

Packet 3

Packet 4

Packet 5

Packet 6

Retransmitpacket 3

ACK 1

ACK 2

ACK 2

ACK 2

ACK 6

ACK 2

Sender Receiver

Fast Retransmit

Based on three

duplicate ACKs

TCP Fast Retransmit

TCP Fast RetransmitExample

ReceiverSender

1K SEQ=2048

1K SEQ=3072

ACK = 2048 WIN = 30K1K SEQ=4096

ACK = 2048 WIN = 31K

ACK = 2048 WIN = 29K1K SEQ=5120

ACK = 2048 WIN = 28KFast Retransmit

occurs (2nd packet is nowretransmitted w/o waiting

for it to timeout)1K SEQ=2048

ACK = 7168 WIN = 26K

MSS = 1K

1K SEQ=6144

ACK = 2048 WIN = 27K

Duplicate ACK #1

Duplicate ACK #2

Duplicate ACK #3

ACK of new data

Buffering

Keep in mind that TCP is (usually) part of the Operating System. It takes care of all these details asynchronously.

The TCP layer doesn’t know when the application will ask for any received data.

TCP buffers incoming data so it’s ready when we ask for it.

TCP Buffers

Both the client and server allocate buffers to hold incoming and outgoing data– The TCP layer takes care of this.

Both the client and server announce with every ACK how much buffer space remains (the Window field in a TCP segment).

Send Buffers

The application gives the TCP layer some data to send.

The data is put in a send buffer, where it stays until the data is ACK’d.

– it has to stay, as it might need to be sent again!

The TCP layer won’t accept data from the application unless (or until) there is buffer space.

ACKs

A receiver doesn’t have to ACK every segment (it can ACK many segments with a single ACK segment).

Each ACK can also contain outgoing data (piggybacking).

If a sender doesn’t get an ACK after some time limit it resends the data.

TCP Segment Order

Most TCP implementations will accept out-of-order segments (if there is room in the buffer).

Once the missing segments arrive, a single ACK can be sent for the whole thing.

Remember: IP delivers TCP segments, and IP is not reliable - IP datagrams can be lost or arrive out of order.

Termination

The TCP layer can send a RST segment that terminates a connection if something is wrong.

Usually the application tells TCP to terminate the connection politely with a FIN segment.

FIN

Either end of the connection can initiate termination.

A FIN is sent, which means the application is done sending data.

The FIN is ACK’d. The other end must now send a FIN. That FIN must be ACK’d.

App1 App2

FINSN=X

FINSN=X

1

ACK=X+1ACK=X+12

ACK=Y+1ACK=Y+1 4

FINSN=Y

FINSN=Y

3...

TCP Termination

1

2

3

4

App1: “I have no more data for you”.

App2: “OK, I understand you are done sending.”

dramatic pause…

App2: “OK - Now I’m also done sending data”.

App1: “Goodbye, It’s been real pleasure talking to you ”

TCP TIME_WAIT

Once a TCP connection has been terminated (the last ACK sent) there is some unfinished business:– What if the ACK is lost? The last FIN will be resent

and it must be ACK’d.– What if there are lost or duplicated segments that

finally reach the destination after a long delay?

TCP hangs out for a while to handle these situations.

Test Questions

Why is a 3-way handshake necessary? Who sends the first FIN - the server or the

client? Once the connection is established, what is the

difference between the operation of the server’s TCP layer and the client’s TCP layer?

TCP Features

Connection-oriented Byte-stream

– app writes bytes– TCP sends segments– app reads bytes

Reliable data transfer

Application process

Writebytes

TCPSend buffer

Segment Segment Segment

Transmit segments

Application process

Readbytes

TCPReceive buffer

…

… …

Flow control: keep sender from overrunning receiver

Congestion control: keep sender from overrunning network

Segment Format

Options (variable)

Data

Checksum

SrcPort DstPort

HdrLen 0 Flags

UrgPtr

AdvertisedWindow

SequenceNum

Acknowledgment

0 4 10 16 31

TCP Segment Fields

Source & Destination Ports– 16 bit port identifiers for each packet (65536

ports) Sequence number

– The packet’s unique sequence ID– Initial number selected at connection time

Acknowledgement number– The sequence number of the next packet

expected by the receiver

TCP Segment Fields (cont’d)

Window size (flow control)– Specifies how many bytes may be sent after the first

acknowledged byte

Checksum– Checksums the TCP header and IP address fields

Urgent Pointer– Points to urgent data in the TCP data field

Sender

Data (SequenceNum)

Acknowledgment +AdvertisedWindow

Receiver

TCP Segment Fields (cont’d)

Header bits– URG = Urgent pointer field in use– ACK = Indicates whether frame contains

acknowledgement– PSH = Data has been “pushed”. It should be

delivered to higher layers right away.– RST = Indicates that the connection should be reset– SYN = Used to establish connections– FIN = Used to release a connection

TCP Congestion Window

TCP introduces a second window, called the “congestion window”

To determine how many bytes it may send, the sender takes the minimum of the receiver window and the congestion window

Example:– If the receiver window says the sender can transmit 8K, but

the congestion window is only 4K, then the sender may only transmit 4K

– If the congestion window is 8K but the receiver window says the sender can transmit 4K, then the sender may only transmit 4K

Sliding Window Revisited

Sending application

LastByteWritten

TCP

LastByteSentLastByteAcked

Receiving application

LastByteRead

TCP

LastByteRcvdNextByteExpected

04/10/23

Internet Layer

Best path determination and packet switching

TCP UDP

Process

IP

802.3

Application Layer

Transport Layer

Internet Layer

Data-Link Layer

ICMP, ARP &

RARP

Process

Internet Layer

IP Datagram

The Internet layer defines – A packet format– Addressing scheme– And IP (Internet protocol)

Ensures that any computer on the Internet has a unique IP The Internet layer adds an IP Header to a packet. A packet with an IP header is called:

– IP datagram Header

– Source IP address– Destination IP address– Payload size (actual data sent without header)– And some other stuff…

Forwarding a Datagram

Because datagrams are a connectionless communication, they are forwarded from node to node.

At each step, the router (node) inspects the destination address of the datagram and forwards it to the appropriate interface.

Simple Datagram Forwarding

Datagram Forwarding with a Routing Table

Network Address

From our subnetting discussion, we’ve already seen how the network address can be determined from the IP address and the netmask.

192.4.10.3 & 255.255.255.0 == 192.4.10.0 With the network address, the router can

determine the correct next hop.

Best-Effort Delivery

Although IP makes the best-effort of datagram delivery, it does not guarantee proper handling of:– Datagram duplication– Delayed or out-of-order delivery– Corruption of data– Datagram loss

Other protocol layers are responsible for error handling.

IP Datagram Header

IP Datagram Header (cont.)

Vers: – version of IP (4 bits)

Only 2 permitted– 0100 for IPv4 and – 0110 for IPv6

H. LEN: – Header Length (4 bits)

length of the header in 32 bit words.

Service Type: – Information about how data transmission is prioritised

IP Datagram Header(cont.)

Total Length (16 bits): Total length of the datagram, measured in octets, including header

and data.

Identification (16 bits): A value assigned to aid in assembly of fragments.

Identification, Flags and fragment offset: These values allow datagrams to be fragmented and reassembled

ant the destination.

Time to Live (8 bits): Maximum time the datagram is allowed to exist in the system. Each

router that handles the datagram decrements the TTL by 1. If the value is reaches 0 the datagram is discarded and an ICMP

message is sent to the source host.

IP Datagram Header (cont.)

Type:– Protocol (8 bits): Indicates which Transport Layer protocol

the datagram is passed to.– UDP or TCP

Header Checksum (16 bits):– Checksum is used to verify– It is recomputed at each router hop.

Source address (32 bits) Destination address (32 bits)

More about IP Routing

Routing - the process of choosing a path over which to send packets

Router - a computer that performs routing

Routing is one of the Internet Protocol’s primary functions

IP Routing (cont’d)

Criteria that could (ideally) be used to make routing decisions:

– Network characteristics– Network topology– Network load– Datagram length– Type of service requested in the datagram’s header

IP routing software:– Normally does not consider most of these factors– Makes decisions based on fixed assumptions about

shortest paths

Hosts vs. Routers

Hosts make routing decisions Hosts don’t typically transfer packets from

one network to another

Routers make routing decisions Routers typically transfer packets from one

network to another

Direct vs. Indirect Delivery

Direct delivery - transmit datagram across a single physical network to the destination

Indirect delivery - transmit datagram across multiple physical networks (with the aid of routers) to the destination

How does a machine know which method of delivery to use?

Direct Delivery

Map the destination IP address to a physical address

Encapsulate the datagram in a physical frame

Send the frame over the physical network to the destination

Indirect Delivery

Encapsulate the datagram in a frame Choose a router on the physical network Send the frame to that router Router forwards the datagram on towards its

final destination

– How does the host choose a router?– How does the router forward the datagram?

The IP Routing Table

Routing table - each machine stores information about destination networks and how to reach them

Using only netid portion of the IP address keeps routing tables:– Small– Relatively stable

Next-Hop Routing

Next-Hop Routing (cont)

Routing table at machine M contains pairs (N,R)– N is the IP address of a destination network– R is the IP address of the “next” router (R and M

must share a physical network)

Routing table size:– Depends on the number of networks in the internet– Only grows when new networks are added

Properties of Next-Hop Routes

All traffic destined for a given network takes the same path

Only the final router can determine whether a host exists or is operational

Routes are not necessarily symmetric

The Internet ControlMessage Protocol

Abnormal normal communication among routers and hosts is sometimes necessary to:– Report errors– Handle abnormal conditions– Update routing information

ICMP

ICMP is for Error Reporting

Errors are reported to a datagram’s original sender

It is the sender’s responsibility to take appropriate action

ICMP Message Format

All ICMP messages begin with the same three fields:

– TYPE (1 octet) - identifies the message– CODE (1 octet) - information about the subtype– CHECKSUM (2 octets) - covers the ICMP message

ICMP error messages always include the header and first 64 data bits of the datagram causing the problem

Mapping IP Addresses to Hardware Addresses (MAC)

IP Addresses are not recognized by hardware.

If we know the IP address of a host, how do we find out the hardware address ?

The process of finding the hardware address of a host given the IP address is called

Address ResolutionAddress Resolution

ARP

The Address Resolution Protocol is used by a sending host when it knows the IP address of the destination but needs the Ethernet (or whatever) address.

ARP is a broadcast protocol - every host on the network receives the request.

Each host checks the request against it’s IP address - the right one responds.

ARP (cont.)

ARP does not need to be done every time an IP datagram is sent - hosts remember the hardware addresses of each other.

Part of the ARP protocol specifies that the receiving host should also remember the IP and hardware addresses of the sending host.

ARP conversation

HEY - Everyone please listen! Will 128.213.1.5 please send me his/her Ethernet address?

not me

Hi Red! I’m 128.213.1.5, and my Ethernet address is 87:A2:15:35:02:C3

Address Resolution Protocol (ARP)

Each device on a network maintains its own ARP table.

A device that requires an IP and MAC address pair broadcasts an ARP request.

If one of the local devices matches the IP address of the request, it sends back an ARP reply that contains its IP-MAC pair.

If the request is for a different IP network, a router performs a proxy ARP.

The router sends an ARP response with the MAC address of the interface on which the request was received, to the requesting host.

Reverse Address Resolution ProtocolRARP

The process of finding out the IP address of a host given a hardware address is called

Reverse Address ResolutionReverse Address Resolution

Reverse address resolution is needed by diskless workstations when booting (which used to be quite common).

RARP conversation

HEY - Everyone please listen! My Ethernet address is 22:BC:66:17:01:75.Does anyone know my IP address ?

Hi Red! Your IP address is 128.213.1.17.

not me

SUMMARY

Transport layer– UDP

Connectionless Unreliable transmission Less overheat

– TCP CONNECTION ORIENTED Reliable Transmission More overheat to deal with ack’s

Internet layer– IP

Connectonless IP routing (next-hop using routing table) Unreliable

– ICMP (information control message protocol)– ARP (IP to MAC)– RARP (MAC TO IP)