PowerPoint Presentation ITECH1102 Networking and Security Topic 6 – The Transport Layer (TCP & UDP) 1 ITECH1102 Networking & Security 2 Last week Last week: The Network Layer is concerned with IP...

PowerPoint Presentation
ITECH1102 Networking and Security
Topic 6 – The Transport Layer (TCP & UDP)
1
ITECH1102 Networking & Security
2
Last week
Last week:
The Network Layer is concerned with IP addressing and Routing.
The Network layer is responsible for Host to Host communications
Each network on the Internet has a unique network ID. (Top part of associated IP address)
All IP addresses consist of Network part (left most bits) and Node part (rightmost bits)
The subnet mask (or CIDR value) tells us which bits are network and which are node.
A computer often gets IP settings from a local DHCP serve
There are two version of IP (IPv4 & IPv6)
DNS translates machine names (eg www.abc.net.au to its associated IP address)
There are two types of IP addresses, Private & Public)
Network Address Translation is used to allow private addresses to get Internet access
Routers are only concerned with sending IP packets one step towards their destination.
2
ITECH1102 Networking & Security
3
Review of what we know to date
Data Link Laye
It delivers network packets to the MAC address of a device on the local network.
Two choices are:
Deliver to intended destination.
(This is a local delivery)
This occurs when the source & destination network addresses are the same.
Send the packet to the local router.
(This is a remote delivery)
This occurs when the source & destination network addresses are different.
It is the role of routers to work together to deliver packets to a remote host computer.
ITECH1102 Networking & Security
4
Review of what we know (continued)
Network Laye
The IP address of any host identifies its location on the Internet.
Individual routers are only concerned with sending a packet one hop towards its destination.
Routers use routing protocols (RIP, OSPF, BGP) to maintain their routing tables.
Routing tables specify the Interface & next hop for each destination network.
The IP address contains the network ID of each IP packet.
The subnet mask is used to compute the network ID.
The next part of the puzzle:
    How does network traffic identify the co
ect destination application on the destination host?
    How do we ensure the network traffic has a
ived without e
ors?
ITECH1102 Networking & Security
5
Networking’s levels of addressing
Different layers of the Internet model address different networking entities as described below.
Data Link Layer:        Addresses local devices via their MAC address.
Network Layer:            Address local and remote hosts by their IP address.
                        Upper bits of the IP address, address the IP network.
                        Lower order bits address the individual host.
Transport Layer:        Ports address individual application sessions.
                        Well known ports are used for server applications.
                        Other ports are used for client sessions.
                        
5
ITECH1102 Networking & Security
6
Protocol Data Units at each laye
When discussing networking, the data units that are generated at the different layers of the TCP/IP model are given specific names as follows:
Transport Layer:        TCP Segment (Segment, Packet)
                        UDP Datagram
Network Layer:            IP Datagram
Data Link Layer:        Frame (Eg. Ethernet frame)
Physical Layer:            Bits (Binary Digit)    
ITECH1102 Networking & Security
7
Why do we need the Transport Layer?
Computers run multiple user applications concu
ently:
Browse
Email
Streaming Video etc.
Part of the Transport Layers role is to ensure that:
Each application has access to the network. (This is called multiplexing)
Each application can be distinguished from other applications that are running on the computer.
It may also be a requirement of an application that data a
ives without e
ors, but this is not always the case.
ITECH1102 Networking & Security
8
Transport Layer topics we will cover are:
Segmentation/Reassembly
Individual identification of applications
(Port numbers)
Transport Layer Services:
    - UDP (unreliable service)
    - TCP (reliable transport service)
TCP connections (establishment and termination)
Flow control
ITECH1102 Networking & Security
9
1. Segmentation and Reassembly
Applications often send large streams of data for delivery.
(Example – web page images, file transfers etc.)
The Transport Layer
eaks up large chunks of data into manageable sized segments so the Network layer (routers) are able to handle them and so multiple applications can each get access to the network (this is called multiplexing).
At the destination, the segmented data must be reassembled by the transport layer back into the format sent by the sending application.
This is called reassembly.
Reassembly may also involve reordering in cases where packets were delivered out of order.
ITECH1102 Networking & Security
10
2. Identification of Applications (Sockets)
User’s computers normally run multiple networked applications concu
ently. For instance a Browser, an email client and skype.
The transport layer allocates each client application a port number to distinguish it from other networked applications running on that computer.
Server daemons running on network servers are also allocated port numbers. 
The combination of IP address and port number therefore allows client applications to specify a particular server daemon. It also allows server daemons to distinguish between different applications and different sessions (Eg different
owser tabs) running on a client computer.
In summary:
Each host is identified by its IP address.
Each client application on that host is identified by a unique port number.
The combination of Host IP and associated port number is called a Socket.
ITECH1102 Networking & Security
11
IP addresses, Ports and Sockets
Each IP address has associated with it 65536 ports ( numbered 0 – 65535).
Sockets can be written as follows: XXXXXXXXXX:47658
Each end of a transport layer (UDP or TCP) conversation is identified by a socket.
To view active sockets on Windows we use Netstat. It may require administrator privilege.
ITECH1102 Networking & Security
12
Server Port numbers
Port numbers 0 – 1023 are reserved for server daemons.
These 1024 port numbers are also called Well-known ports.
Specific server applications are allocated specific port numbers:
    Port Numbe
    Server Application
(Daemon)        Port Number    Server Application
(Daemon)
    20    FTP - Data        109    POP2
    21    FTP - Control        110    POP3
    22    SSH        118    SQL
    53    DNS        546    DHCP Client
    80    HTTP        547    DHCP-Serve
    443    HTTPS        25    SMTP
ITECH1102 Networking & Security
13
User application Port numbers
User applications dynamically select an unused port number above 1023 when they connect to the network.
Hence each application and even different tabs (sessions) of a user application like Firefox will each have different source port numbers.
This allows server applications to uniquely identify different applications and even different sessions (
owser tabs) that are running on the same computer.
Because server daemons use specific port numbers, user applications know how to address requests to sever applications.
(So both source and destination can uniquely identify each other).
ITECH1102 Networking & Security
14
3. Transport layer services with UDP
User Datagram Protocol (UDP) provides basic transport services for network applications.
The UDP header specifies the source and destination port numbers, the length of the UDP header (in bytes) and a checksum.
In UDP communications no checking is done to ensure packets a
ive safely.
UDP is an ideal transport protocol for streaming video and audio because of its speed and efficiency.
UDP is also a stateless protocol.
ITECH1102 Networking & Security
15
Stateless protocols
A stateless protocol is a communications protocol that treats each request as an independent transaction that is unrelated to any previous request.
Such protocols consists of independent pairs of requests and responses.
Because each transmission is a totally independent event. A statement like send the next 10 bytes of data has no meaning in stateless protocols because there is no concept of state (or history).
This also means that UDP requests must be 100% specific as to what they want the destination to do.
For instance a UDP request as part of a file transfer would need to specify within the request the specific location within the destination file where the packet’s data must be placed (Eg. bytes 204 to 276), and all details of the file such as its full name (file123.txt) and absolute path (/home/use
myGames/).
ITECH1102 Networking & Security
16
3. Transport Layer services with TCP (Transmission Control Protocol)
Important fields of the TCP header are:
Sequence Numbe
Acknowledgement numbe
Flags
Window Size
The Source and Destination port numbers provide the same functionality as UDP.
The Sequence Number tracks the progress of data transfers.
It is initialised during the connection phase
(3-way handshake)
Acknowledgement numbers confirm the successful delivery of data.
Flag bits indicate the function being performed by the TCP segment.
The Windows Size field implements flow control between source and destination.
ITECH1102 Networking & Security
17
Benefits of TCP
TCP is a connection oriented protocol. It guarantees reliable and in-order delivery of data from sender to receiver.
Prior to sending data the sender and receiver must setup a connection. During the connection setup the sender and receiver exchange sequence numbers for use throughout the conversation. The sequence numbers are used to track data transfers throughout the session.
Acknowledgements are used throughout the session to confirm the successful delivery of data. The sequence numbers and the associated acknowledgements are the basis of reliable communications.
Because TCP must establish connections and send acknowledgements TCP is a slower protocol than UDP. Hence UDP is often prefe
ed for time critical applications like video and audio.
ITECH1102 Networking & Security
18
TCP Timers – (detecting lost segments)
TCP employs timers to detect lost Transport layer segments. A sender starts a timer each time it sends a TCP segment. If an acknowledgement has not been received within the timeout period the sender assumes that packet is lost and so resends it.
This can lead to duplicate segments on the network, but is useful for detecting lost segments.
ITECH1102 Networking & Security
19
TCP Flags
The Flags field of the TCP header contains numerous flags (Booleans) that indicate the function of the TCP segment.
Flags are either On or Off.
TCP Flags
SYN (Synchronise sequence numbers)
ACK (Acknowledgement segment)
FIN (Close a connection)
RST (Abort a connection due to an e
or)
PSH (Don’t buffer data, instead send it immediately)
URG (Prioritize this packet)
Indicates this network segment (packet) is sending the initial sequence number (ISN) for use throughout the connection.
This TCP segment is acknowledging received data.
ITECH1102 Networking & Security
20
4. TCP connection establishment & Termination
TCP connections can last the duration of a session between a user application and a server daemon or connections can be setup and terminated regularly throughout a session.
TCP connections are setup using a 3-way handshake.
The three way handshake does the following:
Facilitates the two ends of a connection to establish communication settings for the upcoming data transfers.
Establishes an initial sequence number (ISN) between the client and server.
Establishes a different ISN for communications in the opposite direction.
ITECH1102 Networking & Security
21
3 way handshake
Step 1: The client initiates a connection.
It sends an Initial Sequence Number (ISN) to the destination.
Sets the SYN flag to indicate the TCP segment is initiating a connection.
Step 2: The server responds.
The server acknowledges the client request. ( Ack # = client’s ISN + 1)
The server sends its ISN (different to above) to the client.
The SYN and the ACK flags are set