By

Dr. Jagadamba G
Dept. of ISE, Siddaganga Institute of Technology,
Tumakuru

1
 Objectives

 Introduction to role of transport layer

 Introductions : Service and Port Number
 UDP
 TCP
 SCTP (Out of Syllabus)

2
 Introduction to Transport
Layer
 It provides services to the application layer and receives services
from the network layer.
 It provides a logical communication between the application
process on 2 different nodes.
 The transport layer acts as a link between a client program and a
server program, a process-to-process connection.
 The transport layer is the heart of the TCP/IP protocol suite; it is
the end-to-end logical vehicle for transferring data from one
point to another in the Internet.

3
 Service Provided By Transport
Layer
• Process to process communication(port to port )
• Segmentation and reassembly
• Multiplexing and demultiplexing
• Connection control protocols- UDP and TCP
• Flow control and Error control
• Congestion control

4
Process to Process communication

5
 Process to Process communication
Assume a process – daytime.
A process daytime gives the request by specifying port number as 52,000 from host 1
to process n host 2 with port number 13.

6
Multiplexing and demultiplexing

7
 TCP/IP protocol suite

UDP (User Datagram Protocol): UDP is an unreliable

connectionless transport-layer protocol.
TCP (Transmission Control Protocol) : TCP is a reliable
connection-oriented protocol.
SCTP (Stream Control Transmission Protocol) : SCTP is a new
transport-layer protocol that combines the features of UDP and TCP
8
 General information about port number

• A port is a number used to uniquely identify a

transaction(process) over a network by specifying both the host,
and the service.

• When a computer system seeks to connect to another

computer, the port serves as a communication endpoint.

• It is also possible for different services running on the same

computer to expose various ports and communicate with one
another using these ports.

9
 Port Numbers at transport layer

• A computer can run several processes/programs at the same

time.
• To define the processes, a port number is used as an identifier.
• Port numbers are of 16 bits
• In TCP/IP protocol suit, the port numbers are integers varying
from 0 to 65,535.
• Port is used to create a process-to-process communication.
• Port numbers provide end-to-end addresses at the transport layer
and allow multiplexing and demultiplexing.

10
 Port Numbers at transport layer

• Port numbers are categorized into: Well Know, Registered and

dynamic
• HTTP used port number 80 and HTTPS uses port 443.
• URL can use like: http://www.example.com:8080/path specifies the
web browser to connect to port number 8080 of the HTTP server
• Port numbers are sometimes seen in web or other uniform resource
locators (URLs)

11
Some well-known ports used with UDP and TCP

12
 Activity: How to see the port number?

 Go to start and type resmom (resource monitor) in windows

 Go to network

 Go to listening port
You can see the port numbers for various instances
13
 Port Addresses at transport layer
• A client program defines itself with a port number
• The server process also define itself with the port number
• Usually the system has three address
1. MAC address: Physical address
2. IP Address: Network address defined at network layer
3. Port address: Process address defined at transport layer
In real communication any device can be identified through MAC and IP
address.
But in the device many processes will be running. To decide to which process
that data has to reach is decided by the port address.

When we are defining client server program we define socket

address.
Socket address: IP and port address

14
USER DATAGRAM PROTOCOL

15
 USER DATAGRAM PROTOCOL

• The User Datagram Protocol (UDP) is a connectionless,

unreliable transport protocol.
• UDP is a very simple protocol using a minimum of overhead.
• UDP takes much less interaction between the sender and
receiver.

16
 User Datagram
• UDP packets, called user datagrams have 8 Byte fixed size
header made of 4 fields, each of 2 bytes

 First two fields define the source and destination port numbers (16 bits
each).
 Third field is total length (16 bits) of user datagram.
 Fourth field is checksum = UDP header + UDP data coming from
application layer+ Pseudo header of IP

• Even though the total length is 16 bits, the total length needs to be
lesser than 65535 bytes. Because UDP datagram is stored in a IP
datagram
17
 Tutorial
The following is the content of a UDP header in hexadecimal
format : CB84000D001C001C.

a. What is the source port number?

The source port number is the first four hexadecimal digits (CB84)16, . If we convert this
CB84 to decimal, we get 52100, which means that the source port number is 52100.

b. What is the destination port number?

The destination port number is the second four hexadecimal digits (000D)16, If we convert
this 000D to decimal, we get 13, which means that the destination port number is 13.

c. What is the total length of the user datagram?

The third four hexadecimal digits (001C)16 define the length of the whole UDP packet. If
we convert this 001C to decimal, we get 28, so the length is 28 bytes.

18
d. What is the length of the data?
The length of the data is the length of
the whole packet minus the length of
the header, so the length of the data is
28 − 8 = 20 bytes.

e. Is the packet directed from a client to

a server or vice versa?
Since the destination port number is 13
(well-known port), the packet is from
the client to the server.
f. What is the client process?
The client process is the Daytime
19
Calculate the questions asked in the before example for the
following UDP header in hexadecimal format :
AB94000D001C001C

i)The source port number is the first four hexadecimal digits (AB94)16, . If we convert
this CB84 to decimal, we get 43924, which means that the source port number is 43924.
ii) The destination port number is the second four hexadecimal digits (000D)16, If we
convert this 000D to decimal, we get 13, which means that the destination port number is
13.
iii) The third four hexadecimal digits (001C)16 define the length of the whole UDP
packet. If we convert this 001C to decimal, we get 28, so the length is 28 bytes.
iv) The length of the data is the length of the whole packet minus the length of the
header, so the length of the data is 28 − 8 = 20 bytes.
v) Since the destination port number is 13 (well-known port), the packet is from the client
to the server.
vi) The client process is the Daytime

20
 UDP Services

 Process-to-Process Communication.
 Connectionless Services
 Flow Control
 Error Control
 Checksum
 Congestion Control
 Encapsulation and Decapsulation.
 Queuing
 Multiplexing and Demultiplexing

21
 UDP Services
Process-to-Process Communication: Using socket addresses, a
combination of IP addresses and port numbers.
Connectionless Services :
 Each user datagram sent by UDP is an independent datagram
even if they are coming from same source or destined to same
destination.
 No connection establishment or termination
 User datagrams are not numbered.
 Each user datagram can travel on a different path
 UDP cannot send stream data only can send short messages

22
 UDP Services

• Flow Control : No flow control, and hence no window

mechanism.

• Error Control : No error control mechanism in UDP except for

the checksum. Sender does not know if a message has been
lost or duplicated

23
 UDP Services

UDP checksum calculation need three fields.

 Pseudo header
 UDP header
 Data coming from the application layer.
 UDP Applications

• UDP is preferable for some applications.

• Considered when we design an application program.
 UDP Features

Connectionless Service:
• UDP packet is independent.
• An advantage or disadvantage depending on the application
requirements.
• Ex. A client application needs to send a short request to a server and to
receive a short response.
• In the connection oriented service, at least 9 packets are exchanged
between the client and the server; in connectionless service only 2
packets are exchanged.
 Lack of Error Control

• UDP does not provide error control.

• It provides an unreliable service.
• Some applications, by nature, do not even notice these uneven
delays, but for some they are very problematic.
• Lack of Congestion Control : UDP does not provide
congestion control.
 Typical Applications

• Benefit more from the services of UDP than from those of TCP.
• UDP is suitable for a process that requires simple request-response
communication with little concern for flow and error control.
• UDP is suitable for a process with internal flow-control and error-control
mechanisms.
 For example, the Trivial File Transfer Protocol (TFTP) process includes flow and error control.
It can easily use UDP.

• UDP is a suitable transport protocol for multicasting.

• UDP is used for management processes such as SNMP
• UDP is used for some route updating protocols such as Routing Information
Protocol (RIP) (see Chapter 20).
• UDP is normally used for interactive real-time applications.
 UDP Echo Client-Server implementation
UDP Echo Client
• In the UDP Echo client a socket is created.
• Then we bind the socket.
• After the binding is succesful , we send messages input from the user and
display the data received from the server using sendto() and recvfrom()
functions.

UDP Echo Server

• In the UDP Echo server , we create a socket and bind to a advertized port
number.
• Then an infinite loop is started to process the client requests for
connections.
• The process receives data from the client using recvfrom () function and
echoes the same data using the sendto() function.
• Please note that this server is capable of handles multiple clients
automatically as UDP is a datagram based protocol hence no exclusive
connection is required to a client in this case.

29
TRANSMISSION CONTROL
PROTOCOL
 TRANSMISSION CONTROL PROTOCOL

 Transmission Control Protocol (TCP) is a connection-

oriented, reliable protocol.
 TCP explicitly defines connection establishment, data
transfer, and connection teardown phases to provide a
connection-oriented service.
 TCP uses checksum (for error detection), retransmission of
lost or corrupted packets, cumulative and selective
acknowledgments, and timers.
 TCP is the most common transport-layer protocol in the
Internet.
 TCP Segment

 Sequence number: 32-bit field defines the number assigned to the first
byte.
 Acknowledgment number: 32-bit field defines the byte number that the
receiver of the segment is expecting to receive from the other party.
 Header length: 4 bit field indicates the number of 4 byte words in the
TCP header
 TCP Segment
 Source port address
 Destination port address
 Control: Field defines 6 different control bits or flags.

 Window size: Length of this field is 16 bits (Max is 65,535)

 Checksum: This 16-bit field contains the checksum.
 Urgent Pointer: Valid only if the urgent flag is set.
 Options: There can be up to 40 bytes of optional information
 TCP Services

1. Process-to-Process Communication (Same as UDP)

2. Stream Delivery Service
3. Full-Duplex Communication (data can flow in both
directions)
4. Multiplexing and De-multiplexing
5. Connection-Oriented Service
6. Reliable Service
 Stream Delivery Service
 Stream Delivery Service TCP allows the sending process to deliver
data as a stream of bytes and allows the receiving process to obtain
data as a stream of bytes.
 TCP is a stream-oriented protocol.
 TCP creates an environment in which the two processes seem to be
connected by an imaginary “tube” that carries their bytes across the
Internet.
 TCP needs buffers for storage. (the sending buffer and the receiving
buffer)
Sending and receiving buffers
Sending and receiving buffers

 Since sending and the receiving processes may not necessarily

write or read data at the same rate, hence TCP needs buffers for
storage.
 There are two buffers (circular), the sending buffer and the
receiving buffer, one for each direction.
 At the sender, the buffer has three types of chambers.
 The white section contains empty chambers that can be filled by
the sending process (producer).
 The colour area holds bytes that have been sent but not yet
acknowledged.
 The TCP sender keeps these bytes in the buffer until it receives
an acknowledgment.
 The shaded area contains bytes to be sent by the sending TCP.
Segments
 TCP to send data in packets, not as a stream of byte.

 At the transport layer, TCP groups a number of bytes together into a

packet called a segment.

 TCP adds a header to each segment (for control purposes) and

delivers the segment to the network layer for transmission.
 TCP Services conti…

 Full-Duplex Communication
 TCP offers full-duplex service, Each TCP endpoint then has its
own sending and receiving buffer, and segments move in both
directions.
 Multiplexing and Demultiplexing
 TCP performs multiplexing at the sender and demultiplexing at the
receiver.

 Connection-Oriented Service
 TCP is a connection-oriented protocol that uses Three phase
transfer
 Connection is logical
 Reliable Transfer
 TCP is a reliable transport protocol. It uses an acknowledgment
mechanism to check the safe and sound arrival of data.
 TCP Features

Numbering System :
 TCP software keeps track of the segments.
 Sequence number and the acknowledgment number.
 Two fields refer to a byte number and not a segment number.
 Byte Number:
 Numbering does not necessarily start from 0.
32
 An arbitrary number between 0 and 2 − 1 for first byte.
 Example: if the number happens to be 1057 and the total data to
be sent is 6000 bytes, the bytes are numbered from 1057 to 7056
 TCP Features

Sequence Number
 TCP assigns a sequence number to each segment that is
being sent.
 The sequence number of the first segment is the ISN (initial
sequence number), which is a random number.
 The sequence number of any other segment is the sequence
number of the previous segment plus the number of bytes
 Tutorial 10- Example

 Suppose a TCP connection is transferring a file of 5000

bytes. The first byte is numbered 10001. What are the
sequence numbers for each segment if data are sent in five
segments, each carrying 1000 bytes?
 Solution:
 TCP Features
Acknowledgment Number
 The value of the acknowledgment field in a segment
defines the number of the next byte a party expects to
receive.
 The acknowledgment number is cumulative.
 The term cumulative here means that if a party uses 5643
as an acknowledgment number, it has received all bytes
from the beginning up to 5642.
 Note that this does not mean that the party has received
5642 bytes as ISN need not be zero.

https://www.youtube.com/watch?v=8XJPZttC4RM
 A TCP Connection

 TCP is connection-oriented.
 Logical path between the source and destination.
 How TCP, which uses the services of IP, a connectionless
protocol, can be connection-oriented.
 In TCP, connection-oriented transmission requires three
phases:
 Connection establishment
 Data transfer
 Connection termination.
 A TCP Connection

Connection Establishment

 TCP transmits data in full-duplex mode.

 Each party must initialize communication and get approval
from the other party before any data are transferred.
 Three-Way Handshaking:
 Process starts with the server - Passive open.
 Ready to accept connections from clients
 Client program issues a request for an active open.
A TCP Connection
Three-Way Handshaking
 A TCP Connection
Three-Way Handshaking
 The process starts with the server. The server program tells its TCP that it is

ready to accept a connection. This request is called a passive open. The server

cannot make the connection itself.

 The client program issues a request for an active open.

 Next TCP can now start the three-way handshaking process

 The client sends the first segment, a SYN segment, in which only the SYN flag

is set. (synchronization of sequence numbers)

 The client chooses a random number called the initial sequence number

(ISN).

 A SYN segment cannot carry data, but it consumes one sequence

number.
 A TCP Connection
Three-Way Handshaking
 The server sends the second segment, a SYN + ACK segment with
two flag bits set as: SYN and ACK. This segment has a dual purpose.
 First, it is a SYN segment for communication in the other direction.
 The server also acknowledges the receipt of the SYN segment from
the client by setting the ACK flag and displaying the next sequence
number it expects to receive.
 it also needs to define the receive window size, rwnd
 A SYN + ACK segment cannot carry data, but it does consume one
sequence number
 A TCP Connection

Three-Way Handshaking

 The client sends the third segment.

 This is just an ACK segment. It acknowledges the
receipt of the second segment with the ACK flag and
acknowledgment number field.
 An ACK segment, if carrying no data, consumes no
sequence number.
 A TCP Connection
SYN Flooding Attack

 TCP is susceptible to a serious security problem called

SYN flooding attack.
 Fake clients sending SYN segments to a server.
 Server allocates resources
 Sends SYN+ACK segments to fake clients
 If there are large such fake requests then server may be
unable to accept connection requests from valid clients
 SYN flooding attack belongs to a group of security attacks
known as a denial of service attack.
 A TCP Connection
Data Transfer
 After connection is established, bidirectional data transfer can
take place.
 A TCP Connection
Data Transfer

 The client and server can send data and acknowledgments

in both directions.
 The acknowledgment is piggybacked with the data.
 Example.
 The client sends 2,000 bytes of data in two segments.
 The server then sends 2,000 bytes in one segment.
 The first three segments carry both data and acknowledgment.
 The last segment carries only an acknowledgment.
 Data segments sent by the client have the PSH (push) flag set
 A TCP Connection
Pushing Data
 TCP uses a buffer to store the stream of data coming
from sender application.
 The sending TCP can select the segment size.
 Consider the case where Delayed transmission and
delayed delivery of data may not be acceptable by the
application program.
 The sending TCP must not wait for the window to be
filled.
 The sending TCP must also set the push bit (PSH).
 The receiving TCP know that the segment includes data
that must be delivered to the receiving application
program as soon as possible and not to wait for more
data to come.
 A TCP Connection
Urgent Data

 TCP is a stream-oriented protocol. Each byte of data has a

position in the stream.
 An application program needs to send urgent bytes. Some
bytes that need to be treated in a special way by the
application at the other end.
 The solution is to send a segment with the URG bit set.
 Example:
 If the segment sequence number is 15000 and the value of the
urgent pointer is 200.
 The first byte of urgent data is the byte 15000 and the last byte is
the byte 15200.
 The rest of the bytes in the segment (if present) are nonurgent.
 A TCP Connection
Connection Termination

 Either of the two parties involved in exchanging data

(client or server) can close the connection.
 It is usually initiated by the client.
 Most implementations today allow two options for
connection termination:
 Three-way handshaking
 Four-way handshaking with a half-close option.
 A TCP Connection
Three-Way Handshaking(Termination)
 A TCP Connection
Three-Way Handshaking(Termination)
 In this situation, the client TCP, after receiving a close
command from the client process, sends the first
segment, a FIN segment in which the FIN flag is set.
 The server TCP, after receiving the FIN segment, informs
its process of the situation and sends the second
segment, a FIN + ACK segment.
 The client TCP sends the last segment, an ACK segment,
to confirm the receipt of the FIN segment from the TCP
server.
 A TCP Connection

Half-close
 A TCP Connection
Half-Close
 In TCP, one end can stop sending data while still receiving
data. This is called a half-close.
 Either the server or the client can issue a half-close request.
 Good Example for Half Close is Sorting data.
 The data transfer from the client to the server stops.
 The client half-closes the connection by sending a FIN
segment.
 The server accepts the half-close by sending the ACK
segment.
 After half-closing the connection, data can travel from the
server to the client and acknowledgments can travel from the
client to the server. The client cannot send any more data to
the server.
 State Transition Diagram

 All the different events happening during connection

establishment, connection termination, and data transfer
can be represented by a FSM.
 TCP is specified as the finite state machine (FSM)
 The figure shows the two FSMs used by the TCP client
and server combined in one diagram.
State Transition Diagram
 State Transition Diagram

 The rounded-corner rectangles represent the states.

 The transition from one state to another is shown using
directed lines. Solid lines for client & dotted lines for
server
 The first string is the input, what TCP receives.
 The second is the output, what TCP sends.
 The colored lines show special situations.
 The state ESTABLISHED is two sets of states, a set for
the client and another for the server, that are used for flow
and error control.
States for TCP
 State Transition Diagram

A Half-Close Scenario(Client States)

 Client process issues an
active open command to
its TCP to request a
connection to a specific
socket address.
 TCP sends a SYN
segment and moves to
the SYN-SENT state.
 State Transition Diagram
A Half-Close Scenario(Client States)
 After receiving the SYN + ACK segment, TCP sends an ACK
segment and goes to the ESTABLISHED state.
 When the client process has no more data to send, it issues a
command called an active close.
 The TCP sends a FIN segment and goes to the FIN-WAIT-1 state.
 When it receives the ACK segment, it goes to the FIN-WAIT-2
state.
 When the client receives a FIN segment, it sends an ACK
segment and goes to the TIME-WAIT state.
 The client remains in this state for 2 MSL seconds
 Once timer expires, the client goes to the CLOSED state.
 State Transition Diagram
A Half-Close Scenario(Server States)

 Server process issues a

passive open command.
 Server TCP goes to the
LISTEN state and remains
there passively until it
receives a SYN segment.
 The TCP then sends a SYN +
ACK segment and goes to the
SYN-RCVD state,
 State Transition Diagram

A Half-Close Scenario(Server States)

 After receiving the ACK segment, TCP goes to the
ESTABLISHED state, where data transfer can take place
 TCP remains in this state until it receives a FIN segment
 upon receiving the FIN segment, sends all queued data to
the server with a virtual EOF marker
 It sends an ACK segment and goes to the CLOSE-WAIT
state
 It postpones sending the FIN segment to the client until it
receives a passive close command from its process.
 server sends a FIN segment to the client and goes to the
LAST-ACK state, waiting for the final ACK.
 When the ACK segment is received from the client, the
server goes to the CLOSE state
 Tutorial
The following is a dump of a TCP header in hexadecimal format
053200217 000000001 00000000 500207FF 00000000
1) What is the source port number?
2) What is the destination port number?
3) What is sequence number?
4) What is the acknowledgement number?
5) What is the length of the header?
6) What is the type of the segment?
7) What is the window size?

Solution
1) Source port number:- (2 byte) -> 0532
2) Destination port number:- (2 byte) -> 0217
3) Sequence number:- 000000001 -> 1
4) Acknowledgement number:- 00000000 -> 0
5) Length of the header (4 bits) -> 5
6) Type of the segment -> 0X02
7) Window size -> 07FF

68