WXES2106Network Technology

Semester 1 2004/2005

Chapter 8

Intermediate TCP

CCNA2: Module 10

Contents

Introduction TCP Operation Transport Layer Port

Introduction The transport layer is responsible for the reliable transport

of and regulation of data flow from source to destination. This is accomplished through the use of sliding windows

and sequencing numbers along with a synchronization process.

The transport layer provides transport services from the source host to the destination host.

It establishes a logical connection between the endpoints of the network.

Transport services segment and reassemble several upper-layer applications onto the same transport layer data stream.

TCP Operation

Flow Control As the transport layer sends data segments, it tries to

ensure that data is not lost. A receiving host that is unable to process data as

quickly as it arrives could be a cause of data loss. The receiving host is then forced to discard it.

Flow control avoids the problem of a transmitting host overflowing the buffers in the receiving host.

TCP Operation

TCP Operation

Session establishment, maintenance, and termination Transport functionality is accomplished on a segment-

by-segment basis. For data transfer to begin, both the sending and

receiving applications inform the respective operating systems that a connection will be initiated.

The connection is established and the transfer of data begins after all synchronization has occurred.

At the end of data transfer, the sending host sends a signal that indicates the end of the transmission.

TCP Operation Three-way handshake

Prior to data transmission, the two communicating hosts go through a synchronization process to establish a virtual connection.

It ensures that both sides are ready for data transmission and allows the devices to determine the initial sequence numbers.

One host sends a synchronization (SYN) packet to initiate a connection. This packet has an initial sequence number of x with a bit in the header that indicates a connection request. This bit is set in the acknowledgment number field of the TCP header, which is also referred to as the code field.

TCP Operation

The other host receives the packet, records the sequence number of x, replies with an acknowledgment (ACK) of x + 1, and includes its own initial sequence number of y. The acknowledgment number of x + 1 means the host has received all octets up to and including x, and expects x + 1 next.

The initiating host responds with a simple ACK of y + 1, which is the sequence number of Host B + 1. This indicates that it received the previous ACK and finalizes the connection process.

TCP Operation

TCP Operation

Windowing TCP is responsible for breaking data into segments. Once the data is segmented, it must be transmitted to

the destination device. Window size determines the amount of data that

can be transmitted at one time before the destination responds with an ACK.

After a host transmits the window-sized number of bytes, the host must receive an acknowledgment that the data has been received before it can send any more data.

TCP Operation

TCP Operation

TCP utilizes a sliding window when determining transmission size. A sliding window allows for devices to negotiate a window size to allow for more than one byte to be sent during a single transmission.

For example, the sender sends three packets before expecting an ACK. If the receiver can handle a window size of only two packets, the window drops packet three, specifies three as the next packet, and specifies a new window size of two.

TCP Operation

TCP Operation

Sequence Number TCP applies sequence numbers to the data segments

that are transmitted so that the receiver can reassemble the bytes in their original order.

These sequencing numbers also act as reference numbers so that the receiver will know if it has received all of the data.

They also identify the missing data pieces to the sender so it can retransmit the missing data.

TCP Operation Acknowledgement

Positive acknowledgment with retransmission (PAR) is one technique that guarantees reliable delivery of data.

It requires a recipient to communicate with the source and send back an acknowledgment message when the data is received.

The sender also starts a timer when it sends a segment and will retransmit a segment if the timer expires before an acknowledgment arrives.

If a packet does not arrive at the destination, the receiver acknowledges with a request to resend the packet. The sender will resends the packet

TCP Operation

TCP Operation Denial of service attacks

Deny services to legitimate hosts that try to establish connections.

Used by hackers to halt system responses. One type of DoS is known as SYN flooding. The hacker initiates a SYN but spoofs the source IP

address. Spoofing is a term used when the receiving device replies to a non-existent, unreachable IP address and then is placed in a wait state until it receives the final ACK from the initiator.

This wait state requires the attacked device to use system resources, such as memory, until the connection timer times out

TCP Operation

To defend against these attacks, system administrators may decrease the connection timeout period and increase the connection queue size.

Transport Layer Port

A port number must be associated with the conversation between hosts to ensure that the packet reaches the appropriate service on the server.

Hosts running TCP/IP associate ports at the transport layer with certain applications.

Port numbers are needed for a host to communicate with a server that uses multiple services.

Both TCP and UDP use port or socket numbers to pass information to the upper layers.

Transport Layer Port

Transport Layer Port Port numbers have the following assigned ranges:

The Well Known Ports are those from 0 through 1023 The Registered Ports are those from 1024 through

49151 The Dynamic and/or Private Ports are those from

49152 through 65535 Source port numbers for these requests are

dynamically assigned by the originating host, and are usually a number larger than 1023.

Clients and servers use ports to distinguish which process each segment is associated with.

Transport Layer Port

Port numbers are represented by 2 bytes in the header of a TCP or UDP segment.

This 16-bit value can result in port numbers ranging from 0 to 65535.

The source and destination port numbers combine with the network address to form a socket.

A pair of sockets, one on each host, forms a unique connection.