Module 4: Transportation Layer 1

Q# Question and Answer

01 Explain IPv4 along with a neat diagram.
An IPv4 datagram consists of a header part and a body or payload part. The header has a 20-byte
fixed part and a variable-length optional part. The header format is shown in Figure. The bits are
transmitted from left to right and top to bottom, with the high-order bit of the Version field going first.

 The Version field keeps track of which version of the protocol the datagram belongs to. It becomes
possible to have a transition between versions over a long period of time. In fact, IPv6, the next
version of IP.
 Since the header length is not constant, a field in the header, IHL, is provided to tell how long the
header is, in 32-bit words. The minimum value is 5, which applies when no options are present.
The maximum value of this 4-bit field is 15.
 The Differentiated services field was called the Type of service field. The Type of service field
provided 3 bits to signal priority and 3 bits to signal whether a host cared more about delay,
throughput, or reliability.
 The Total length includes everything in the datagram—both header and data. The maximum
length is 65,535 bytes.
 The Identification field is needed to allow the destination host to determine which packet a newly
arrived fragment belongs to.
 Next comes an unused bit, which is surprising, as available real estate in the IP header is
extremely scarce.
 Then come two 1-bit fields related to fragmentation. DF stands for Don’t Fragment. It is an order
to the routers not to fragment the packet.
 MF stands for More Fragments. All fragments except the last one have this bit set. It is needed
to know when all fragments of a datagram have arrived.
 The Fragment offset tells where in the current packet this fragment belongs. All fragments except
the last one in a datagram must be a multiple of 8 bytes, the elementary fragment unit. Since 13
bits are provided, there is a maximum of 8192 fragments per datagram, supporting a maximum
packet length up to the limit of the Total length field.
 The TtL (Time to live) field is a counter used to limit packet lifetimes. It was originally supposed
to count time in seconds, allowing a maximum lifetime of 255 sec. It must be decremented on
each hop and is supposed to be decremented multiple times when a packet is queued for a long
time in a router.
 The Protocol field tells it which transport process to give the packet to. TCP is one possibility, but
so are UDP and some others. The numbering of protocols is global across the entire Internet.
 Since the header carries vital information such as addresses, it rates its own checksum for
protection, the Header checksum.

Prepared By: Prof. Vibha M B, Asst Professor DSCE. [15MCA31]

Module 4: Transportation Layer 2

 The Source address and Destination address indicate the IP address of the source and
destination network interfaces.
 The options are of variable length. Each begins with a 1-byte code identifying the option. Some
options are followed by a 1-byte option length field, and then one or more data bytes. The
Options field is padded out to a multiple of 4 bytes. Originally, the five options listed in Fig. 5-47
were defined.

04 Describe IPv6.

 The IPv6 header is shown in Fig. 5-56. The Version field is always 6 for IPv6
 The Differentiated services field (originally called Traffic class) is used to distinguish the class
of service for packets with different real-time delivery requirements.
 The Flow label field provides a way for a source and destination to mark groups of packets
that have the same requirements and should be treated in the same way by the network,
forming a pseudoconnection.
 The Payload length field tells how many bytes follow the 40-byte header of Fig. 5-56. The
name was changed from the IPv4 Total length field because the meaning was changed
slightly: the 40 header bytes are no longer counted as part of the length (as they used to
be).

Prepared By: Prof. Vibha M B, Asst Professor DSCE. [15MCA31]

Module 4: Transportation Layer 3

 The Next header field lets the cat out of the bag. The reason the header could be simplified
is that there can be additional (optional) extension headers. This field tells which of the
(currently) six extension headers, if any, follow this one.
 The Hop limit field is used to keep packets from living forever. It is, in practice, the same as
the Time to live field in IPv4, namely, a field that is decremented on each hop. In theory, in
IPv4 it was a time in seconds, but no router used it that way, so the name was changed to
reflect the way it is actually used.
 Next come the Source address and Destination address fields.
02 Compare IPv4 with IPV6
IPv4 IPv6
IPv4 addresses are 32 bit length. IPv6 addresses are 128 bit length.
IPv4 addresses are binary numbers represented in IPv6 addresses are binary numbers represented
decimals. in hexadecimals.
IPSec support is only optional. Inbuilt IPSec support.
Fragmentation is done by sender and forwarding Fragmentation is done only by sender.
routers.
No packet flow identification. Packet flow identification is available within the
IPv6 header using the Flow Label field.
Checksum field is available in IPv4 header No checksum field in IPv6 header.
Options fields are available in IPv4 header. No option fields, but IPv6 Extension headers are
available.
Address Resolution Protocol (ARP) is available to Address Resolution Protocol (ARP) is replaced
map IPv4 addresses to MAC addresses. with a function of Neighbor Discovery Protocol
(NDP).
Internet Group Management Protocol (IGMP) is IGMP is replaced with Multicast Listener
used to manage multicast group membership. Discovery (MLD) messages.
Broadcast messages are available. Broadcast messages are not available. Instead a
link-local scope "All nodes" multicast IPv6
address (FF02::1) is used for broadcast similar
functionality.
Manual configuration (Static) of IPv4 addresses or Auto-configuration of addresses is available.
DHCP (Dynamic configuration) is required to
configure IPv4 addresses.

03 Write a short notes on NAT (Network Address Translation)

IP addresses are scarce. An ISP might have a /16 address, giving it 65,534 usable host numbers. If
it has more customers than that, it has a problem.

The problem of running out of IP addresses is not a theoretical one that might occur at some point in
the distant future. It is happening right here and right now. The long-term solution is for the whole
Internet to migrate to IPv6, which has 128-bit addresses. This transition is slowly occurring, but it will
be years before the process is complete. To get by in the meantime, a quick fix was needed. The
quick fix that is widely used today came in the form of NAT (Network Address Translation),

The basic idea behind NAT is for the ISP to assign each home or business a single IP address (or at
most, a small number of them) for Internet traffic. Within the customer network, every computer gets
a unique IP address, which is used for routing intramural traffic. However, just before a packet exits
the customer network and goes to the ISP, an address translation from the unique internal IP address
to the shared public IP address takes place.

Prepared By: Prof. Vibha M B, Asst Professor DSCE. [15MCA31]

Module 4: Transportation Layer 4

The operation of NAT is shown in Fig. 5-55. Within the customer premises, every machine has a
unique address of the form 10.x.y.z. However, before a packet leaves the customer premises, it
passes through a NAT box that converts the internal IP source address, 10.0.0.1 in the figure, to the
customer’s true IP address, 198.60.42.12 in this example. The NAT box is often combined in a single
device with a firewall, which provides security by carefully controlling what goes into the customer
network and what comes out of it. It is also possible to integrate the NAT box into a router or ADSL
modem.
04 Explain the concept of three-way hand shake.
• Host 1 chooses a sequence number, x, and sends a CONNECTION REQUEST segment
containing it to host 2. Host 2 replies with an ACK segment acknowledging x and announcing
its own initial sequence number, y. Finally, host 1 acknowledges host 2’s choice of an initial
sequence number in the first data segment that it sends.
• The first segment is a delayed duplicate CONNECTION REQUEST from an old connection.
This segment arrives at host 2 without host 1’s knowledge.
• host 2 gets a delayed CONNECTION REQUEST and replies to it. At this point, it is crucial
to realize that host 2 has proposed using y as the initial sequence number for host 2 to host 1
traffic, knowing full well that no segments containing sequence number y or
acknowledgements to y are still in existence.

Three protocol scenarios for establishing a connection using a three-way handshake. CR denotes
CONNECTION REQUEST.
(a) Normal operation,
(b) Old CONNECTION REQUEST appearing out of nowhere.
(c) Duplicate CONNECTION REQUEST and duplicate ACK.

Releasing a connection is easier than establishing one. Nevertheless, there are more pitfalls than
one might expect here. As we mentioned earlier, there are two styles of terminating a connection:
asymmetric release and symmetric release.

Prepared By: Prof. Vibha M B, Asst Professor DSCE. [15MCA31]

Module 4: Transportation Layer 5

Asymmetric release is the way the telephone system works: when one party hangs up, the connection
is broken. Symmetric release treats the connection as two separate unidirectional connections and
requires each one to be released separately.

Asymmetric release is abrupt and may result in data loss. After the connection is established, host
1 sends a segment that arrives properly at host 2. Then host 1 sends another segment.
Unfortunately, host 2 issues a DISCONNECT before the second segment arrives. The result is that
the connection is released and data are lost.

Clearly, a more sophisticated release protocol is

needed to avoid data loss. One way is to use symmetric release, in which each direction is released
independently of the other one. Here, a host can continue to receive data even after it has sent a
DISCONNECT segment.

Symmetric release does the job when each process has a fixed amount of data to send and clearly
knows when it has sent it. In other situations, determining that all the work has been done and the
connection should be terminated is not so obvious. One can envision a protocol in which host 1
says ‘‘I am done. Are you done too?’’ If host 2 responds: ‘‘I am done too. Goodbye, the connection
can be
safely released.’’

Prepared By: Prof. Vibha M B, Asst Professor DSCE. [15MCA31]

Module 4: Transportation Layer 6

05 Describe the working of Remote Procedure Call

• Named get IP address (host name) that works by sending a UDP packet to a DNS server and
waiting for the reply, timing out and trying again if one is not forthcoming quickly enough.
• Call procedures located on remote hosts. When a process on machine 1 calls a procedure on
machine 2, the calling process on 1 is suspended and execution of the called procedure takes place
on 2.
• Information can be transported from the caller to the callee in the parameters and can come back
in the procedure result. No message passing is visible to the application programmer.
• This technique is known as RPC (Remote Procedure Call). The calling procedure is known as
the client and the called procedure is known as the server.

The idea behind RPC is to make a remote procedure call look as much as possible like a local one. In
the simplest form, to call a remote procedure, the client program must be bound with a small library

Prepared By: Prof. Vibha M B, Asst Professor DSCE. [15MCA31]

Module 4: Transportation Layer 7

procedure, called the client stub, that represents the server procedure in the client's address space.
Similarly, the server is bound with a procedure called the server stub. These procedures hide the fact
that the procedure call from the client to the server is not local.

• Step 1 is the client calling the client stub. This call is a local procedure call, with the parameters
pushed onto the stack in the normal way.
• Step 2 is the client stub packing the parameters into a message and making a system call to
send the message. Packing the parameters is called marshalling.
• Step 3 is the operating system sending the message from the client machine to the server
machine.
• Step 4 is the operating system passing the incoming packet to the server stub.
• Step 5 is the server stub calling the server procedure with the un marshaled parameters.

06 What is two army problem? Explain

Two army problem:

Imagine that a white army is encamped in a valley, as shown in Fig. below. On both of the surrounding
hillsides are blue armies. The white army is larger than either of the blue armies alone, but together
the blue armies are larger than the white army. If either blue army attacks by itself, it will be defeated,
but if the two blue armies attack simultaneously, they will be victorious.
The blue armies want to synchronize their attacks. The only communication medium is to send
messengers on foot down into the valley, where they might be captured by white army and the message
lost (i.e., they have to use an unreliable communication channel).
Suppose that the commander of blue army #1 sends a message reading: ‘‘I propose we attack at dawn
on March 29. How about it?’’ Now suppose that the message arrives, the commander of blue army #2
agrees, and his reply gets safely back to blue army #1. Will the attack happen? Probably not, because
commander #2 does not know if his reply got through. If it did not, blue army #1 will not attack, so it
would be foolish for him to charge into battle.
This problem can be solved by using three-way handshake. The initiator of the original proposal
must acknowledge the response. Assuming no messages are lost, blue army #2 will get the
acknowledgement, but the commander of blue army #1 will now hesitate. After all, he does not know
if his acknowledgement got through, and if it did not, he knows that blue army #2 will not attack.
The connection termination phase uses a four-way handshake, with each side of the connection
terminating independently. When an endpoint wishes to stop its half of the connection, it transmits a
FIN packet, which the other end acknowledges with an ACK. Therefore, a typical tear-down requires
a pair of FIN and ACK segments from each TCP endpoint. After both FIN/ACK exchanges are
concluded, the side that sent the first FIN before receiving one waits for a timeout before finally
closing the connection, during which time the local port is unavailable for new connections; this
prevents confusion due to delayed packets being delivered during subsequent connections.

Prepared By: Prof. Vibha M B, Asst Professor DSCE. [15MCA31]

Module 4: Transportation Layer 8

07 Explain TCP.
• TCP (Transmission Control Protocol) was specifically designed to provide a reliable end-to-
end byte stream over an unreliable internetwork.
• TCP was formally defined in RFC 793.
• The IP layer gives no guarantee that datagrams will be delivered properly, so it is up to TCP
to time out and retransmit them as need be. Datagrams that do arrive may well do so in the
wrong order; it is also up to TCP to reassemble them into messages in the proper sequence. In
short, TCP must furnish the reliability that most users want and that IP does not provide.
• TCP service is obtained by both the sender and receiver creating end points, called sockets.
Each socket has a socket number (address) consisting of the IP address of the host and a 16-
bit number local to that host, called a port.

Transmission Control Protocol (TCP)

Features of TCP
Connection oriented
o Explicit set-up and tear-down of TCP session
Stream-of-bytes service
o Sends and receives a stream of bytes, not messages
Reliable, in-order delivery
o Checksums to detect corrupted data
o Acknowledgments & retransmissions for reliable delivery
o Sequence numbers to detect losses and reorder data
Flow control
o Prevent overflow of the receiver’s buffer space
Congestion control
o Adapt to network congestion for the greater good

Prepared By: Prof. Vibha M B, Asst Professor DSCE. [15MCA31]

Module 4: Transportation Layer 9

TCP Segment Header

 The Source port and Destination port fields identify the local end points of the connection.
 The Sequence number and Acknowledgement number fields perform their usual functions.
 The TCP header length tells how many 32-bit words are contained in the TCP header.
 Next comes a 4-bit field that is not used. The fact that these bits have remained unused for 30
years (as only 2 of the original reserved 6 bits have been reclaimed) is testimony to how well
think out TCP is. Lesser protocols would have needed these bits to fix bugs in the original
design.
 CWR is set to signal Congestion Window Reduced from the TCP sender to the TCP receiver
so that it knows the sender has slowed down and can stop sending the ECN-Echo.
 ECN (Explicit Congestion Notification) is used, as specified in RFC 3168. ECE is set to signal
an ECN-Echo to a TCP sender to tell it to slow down when the TCP receiver gets a congestion
indication from the network.
 URG is set to 1 if the Urgent pointer is in use. The Urgent pointer is used to indicate a byte
offset from the current sequence number at which urgent data are to be found.
 The ACK bit is set to 1 to indicate that the Acknowledgement number is valid. This is the case
for nearly all packets. If ACK is 0, the segment does not contain an acknowledgement, so the
Acknowledgement number field is ignored.
 The PSH bit indicates PUSHed data. The receiver is hereby kindly requested to deliver the
data to the application upon arrival and not buffer it until a full buffer has been received.
 The RST bit is used to abruptly reset a connection that has become confused due to a host
crash or some other reason. It is also used to reject an invalid segment or refuse an attempt to
open a connection.
 The SYN bit is used to establish connections. The connection request has SYN = 1 and ACK
= 0 to indicate that the piggyback acknowledgement field is not in use. The connection reply
does bear an acknowledgement, however, so it has SYN = 1 and ACK = 1.

08 Write short notes on UDP

UDP (User Datagram Protocol)
The User Datagram Protocol (UDP) is one of the core members of the Internet protocol suite.

UDP uses a simple connectionless transmission model with a minimum of protocol mechanism.

UDP packets, called user datagram, have a fixed-size header of 8 bytes.

Prepared By: Prof. Vibha M B, Asst Professor DSCE. [15MCA31]

Module 4: Transportation Layer 10

Source port number: This field identifies the sender's port when meaningful and should be assumed
to be the port to reply to if needed. If not used, then it should be zero. If the source host is the client,
the port number is likely to be a brief port number. If the source host is the server, the port number is
likely to be a well-known port number.
Destination port number: This field identifies the receiver's port and is required. Similar to source
port number, if the client is the destination host then the port number will likely be a brief port number
and if the destination host is the server then the port number will likely be a well-known port number.
Length: A field that specifies the length in bytes of the UDP header and UDP data. The minimum
length is 8 bytes since that's the length of the header. The field size sets a theoretical limit of 65,535
bytes (8 byte header + 65,527 bytes of data) for a UDP datagram.
Checksum: The checksum field is used for error-checking of the header and data. If no checksum is
generated by the transmitter, the field uses the value all-zeros. This field is not optional for IPv6.
There are two types of Internet Protocol (IP) traffic. They are TCP or Transmission Control Protocol
and UDP or User Datagram Protocol. TCP is connection oriented – once a connection is established,
data can be sent bidirectional. UDP is a simpler, connectionless Internet protocol. Multiple messages
are sent as packets in chunks using UDP.

09 Write the differences between udp and tcp.

TCP
Acronym for Transmission Control Protocol
Connection TCP is a connection-oriented protocol.
As a message makes its way across the
internet from one computer to another.
Function This is connection based.
TCP is suited for applications that require
high reliability, and transmission time is
Usage relatively less critical.
Use by other protocols HTTP, HTTPs, FTP, SMTP, Telnet
TCP rearranges data packets in the order
specified.
Ordering of data packets
The speed for TCP is slower than UDP.
Speed of transfer
There is absolute guarantee that the data
Reliability transferred remains intact and arrives in
the same order in which it was sent.
Header Size TCP header size is 20 bytes
UDP
User Datagram Protocol or Universal Datagram
Protocol
UDP is a connectionless protocol.
UDP is also a protocol used in message
transport or transfer. This is not connection
based which means that one program can send
a load of packets to another and that would be
the end of the relationship.
UDP is suitable for applications that need fast,
efficient transmission, such as games. UDP's
stateless nature is also useful for servers that
answer small queries from huge numbers of
clients.
DNS, DHCP, TFTP, SNMP, RIP, VOIP.
UDP has no inherent order as all packets are
independent of each other. If ordering is
required, it has to be managed by the
application layer.
UDP is faster because there is no error
checking for packets.
There is no guarantee that the messages or
packets sent would reach at all.
UDP Header size is 8 bytes.

Prepared By: Prof. Vibha M B, Asst Professor DSCE. [15MCA31]

Module 4: Transportation Layer 11

Common Header Fields Source port, Destination port, Check Sum Source port, Destination port, Check Sum
Data is read as a byte stream, no Packets are sent individually and are checked
distinguishing indications are transmitted for integrity only if they arrive. Packets have
to signal message (segment) boundaries. definite boundaries which are honored upon
Streaming of data
receipt, meaning a read operation at the receiver
socket will yield an entire message as it was
originally sent.
TCP is heavy-weight. TCP requires three UDP is lightweight. There is no ordering of
packets to set up a socket connection, messages, no tracking connections, etc. It is a
Weight
before any user data can be sent. TCP small transport layer designed on top of IP.
handles reliability and congestion control.
TCP does Flow Control. TCP requires UDP does not have an option for flow control
three packets to set up a socket
Data Flow Control connection, before any user data can be
sent. TCP handles reliability and
congestion control.
TCP does error checking UDP does error checking, but no recovery
Error Checking
options.
1. Sequence Number, 2. AcK number, 3. 1. Length, 2. Source port, 3. Destination port, 4.
Data offset, 4. Reserved, 5. Control bit, 6. Check Sum
Fields Window, 7. Urgent Pointer 8. Options, 9.
Padding, 10. Check Sum, 11. Source port,
12. Destination port
Acknowledgement segments No Acknowledgment
Acknowledgement

Handshake SYN, SYN-ACK, ACK No handshake (connectionless protocol)

Checksum checksum to detect errors

09 Discuss RTP (Realtime Protocol)
Real Time Transport protocols:
Provides end-to-end delivery services for data with real-time characteristics, such as
interactive audio and video.
Those services include payload type identification, sequence numbering, timestamping and
delivery monitoring.
Applications typically run RTP on top of UDP

RTP Features
Multicasting
Payload type identification
Time shaping
Sequencing
Delivery monitoring
RTP Issues
No QoS guarantees
No guarantee of packet delivery

Prepared By: Prof. Vibha M B, Asst Professor DSCE. [15MCA31]

Module 4: Transportation Layer 12

The first word contains the Version field.

The P bit indicates that the packet has been padded to a multiple of 4 bytes.

The X bit indicates that an extension header is present

The CC field tells how many contributing sources are present, from 0 to 15.

The M bit is an application-specific marker bit. It can be used to mark the start of a video
frame, the start of a word in an audio channel, or something else that the application
understands.

The Payload type field tells which encoding algorithm has been used.

The Sequence number is just a counter that is incremented on each RTP packet sent. It is used
to detect lost packets.

The Timestamp is produced by the stream’s source to note when the first sample in the packet
was made.

The Synchronization source identifier tells which stream the packet belongs to. It is the method
used to multiplex and demultiplex multiple data streams onto a single stream of UDP packets.

Contributing source identifiers, if any, are used when mixers are present in the studio.

Prepared By: Prof. Vibha M B, Asst Professor DSCE. [15MCA31]