Transport Layer Protocols in Networking

Introduction

The Transport Layer is the fourth layer in the OSI model and plays a crucial role in ensuring reliable and
efficient communication between applications on different devices in a network. It manages end-to-end
connections and is responsible for data delivery, error checking, and flow control between devices.

Popular Transport Layer protocols include:

 TCP (Transmission Control Protocol)

 UDP (User Datagram Protocol)

Each serves different needs depending on the application (e.g., web browsing, streaming, online gaming).

Services Provided by the Transport Layer

1. Segmentation and Reassembly

o Breaks large messages into smaller segments for transmission and reassembles them at the
destination.
2. Connection Establishment and Termination
o In TCP, a connection must be established before data transfer (three-way handshake) and
properly terminated afterward.
3. Reliable Data Transfer
o TCP ensures all data is received correctly and in order through acknowledgments,
retransmissions, and sequencing.
4. Flow Control
o Manages the rate of data transmission between sender and receiver to prevent overwhelming
slower devices.
5. Error Detection and Correction
o Errors during transmission are detected (using checksums) and corrected if necessary (mainly
TCP).
6. Multiplexing and Demultiplexing
o Allows multiple applications to use the network simultaneously by using port numbers to
direct data to the correct process.
7. Congestion Control
o Helps prevent network congestion by adjusting the rate of data flow.

Note:

 TCP provides reliable, connection-oriented services.

 UDP offers faster, connectionless services with minimal overhead but no guarantee of delivery.

Port Numbers

Port numbers help identify specific processes or services running on a device.

They act like "addresses" within the machine to deliver data to the correct program.

 Port Number Range:

o 0–1023: Well-known ports (reserved for core services like HTTP, FTP, etc.)
o 1024–49151: Registered ports (for user applications)
o 49152–65535: Dynamic/private ports (temporary ports)
Common examples:

Protocol Service Port Number

HTTP Web traffic 80
HTTPS Secure web traffic 443
FTP File Transfer 21
SMTP Email sending 25
DNS Domain Name System 53
SSH Secure Shell 22

Each device can run multiple applications that communicate over the network using different port numbers.

UDP (User Datagram Protocol)

Introduction

UDP (User Datagram Protocol) is one of the core protocols of the Transport Layer in networking.
It is a connectionless, lightweight, and fast protocol used for sending data without establishing a connection
between sender and receiver.

 No guarantee of data delivery, order, or duplication protection.

 Minimal overhead, meaning faster performance compared to TCP.
 Often called a "best-effort" protocol.

UDP is defined in RFC 768.

Services Provided by UDP

1. Connectionless Communication
o No handshaking process (like TCP’s three-way handshake). Just sends data directly.
2. Minimal Error Checking
o Uses a simple checksum to detect errors but does not correct them.
3. No Flow Control
o UDP does not control the rate of data flow. It simply sends data as fast as the application
provides it.
4. No Congestion Control
o UDP does not reduce transmission speed if the network is congested.
5. Multiplexing and Demultiplexing
o Uses port numbers to allow multiple applications to run over the network simultaneously.
6. Low Latency Communication
o Ideal for time-sensitive applications because it introduces minimal delay.

Applications of UDP

Since UDP is fast but unreliable, it's used where speed matters more than reliability. Common use cases:
 Application Type Examples

Streaming Media Audio and video streaming (e.g., Netflix, YouTube)

Online Gaming Multiplayer games (e.g., PUBG, Fortnite)

Voice over IP (VoIP) Skype, Zoom, WhatsApp calls

DNS (Domain Name System) Resolving domain names (DNS queries use UDP port 53)

TFTP (Trivial File Transfer Protocol) Lightweight file transfers (UDP port 69)

SNMP (Simple Network Management Protocol) Network device monitoring (UDP port 161)

Broadcast and Multicast Sending messages to multiple devices in a network

Key Characteristics of UDP:

 No acknowledgment of receipt.
 No sequence numbers.
 Suitable for applications where some data loss is acceptable.
 Uses less bandwidth and is faster than TCP.

TCP (Transmission Control Protocol)

Introduction

TCP (Transmission Control Protocol) is a connection-oriented, reliable protocol at the Transport Layer in
networking.
It ensures that data is delivered accurately, completely, and in the correct order between applications over a
network.

TCP is used when applications require guaranteed delivery of data, like in web browsing, email, and file
transfers.

TCP is defined in RFC 793.

Features of TCP

1. Connection-Oriented
o Data transfer happens only after a connection is established (three-way handshake).
2. Reliable Data Transfer
o Ensures data reaches its destination without errors, in the correct order.
3. Full Duplex Communication
o Data can flow in both directions simultaneously.
4. Flow Control
o Prevents the sender from overwhelming the receiver.
5. Error Control
o Detects and corrects transmission errors.
 6. Congestion Control
o Adjusts transmission rate when the network is congested.
7. Segmentation and Reassembly
o Breaks large messages into segments and reassembles them at the destination.
8. Byte-Oriented
o TCP treats data as a stream of bytes (not messages or packets).

TCP Segment Structure

A TCP segment is the unit of data transmission in TCP. Each segment includes:

Field Description
Source Port Port number of the sending application
Destination Port Port number of the receiving application
Sequence Number Byte number of the first byte in the segment
Acknowledgment Number The next expected byte from the receiver
Header Length Size of TCP header
Flags Control flags (SYN, ACK, FIN, etc.)
Window Size Size of the receive window (flow control)
Checksum Error-checking data
Urgent Pointer Indicates urgent data if the URG flag is set
Options and Padding Extra features, like window scaling
Data Actual payload

A TCP Connection

TCP connection establishment involves a three-way handshake:

1. SYN: The client sends a SYN (synchronize) packet to initiate a connection.

2. SYN-ACK: The server replies with a SYN-ACK (synchronize-acknowledge) packet.
3. ACK: The client sends an ACK (acknowledge) packet, completing the connection.

👉 After the handshake, both sides can send and receive data.

Connection termination happens using a four-step process (FIN and ACK exchange).

Windows in TCP

TCP uses windows to control how much data can be sent before needing an acknowledgment:

1. Send Window
o Amount of data the sender can transmit without waiting for an acknowledgment.
2. Receive Window
o Amount of data the receiver can accept and store.
3. Sliding Window Protocol
o After receiving an acknowledgment, the window "slides" to allow more data to be sent.

Windows help with flow control and optimize network utilization.

Flow Control in TCP

Flow control ensures that the sender does not overwhelm the receiver with too much data.

 Managed using the receiver’s advertised window size (mentioned in the TCP header).
 Sliding Window Mechanism is used.
 If the receiver's buffer is full, the window size advertised is zero, stopping the sender.

Error Control in TCP

TCP handles errors by:

1. Checksum
o Each TCP segment includes a checksum to detect errors in the header and data.
2. Acknowledgments (ACK)
o Receiver sends an ACK after receiving data correctly.
3. Retransmissions
o If an acknowledgment is not received within a timeout, TCP retransmits the data.
4. Duplicate Acknowledgments and Fast Retransmit
o Helps recover from packet loss quickly without waiting for a timeout.

Congestion Control in TCP

TCP prevents congestion (network overload) using several algorithms:

1. Slow Start
o Starts sending a small amount of data, then exponentially increases the rate until packet loss
occurs.
2. Congestion Avoidance
o After detecting network congestion, it grows the data sending rate more slowly (linear
growth).
3. Fast Retransmit
o Quickly retransmits lost segments upon receiving three duplicate ACKs.
4. Fast Recovery
o Skips slow start after detecting and recovering from packet loss.

TCP constantly adjusts sending speed based on network feedback to avoid worsening congestion.

✅ Summary Table

Feature TCP
Reliability Yes (guaranteed delivery)
Connection Yes (connection-oriented)
Flow Control Yes (using sliding window)
Error Control Yes (checksum, ACK, retransmission)
Congestion Control Yes (slow start, congestion avoidance, etc.)
Speed Slower compared to UDP due to overhead
 APPLICATION LAYER

🌐 World Wide Web (WWW)

The World Wide Web (WWW) is a system of interlinked hypertext documents accessed via the internet.
Users can view web pages that may contain text, images, videos, and other multimedia, and navigate between
them using hyperlinks.

HTTP (Hypertext Transfer Protocol)

 HTTP is the protocol used to transfer web pages from a web server to a client browser.
 It is a stateless, application-layer protocol based on request-response model.
 Port number: 80 (HTTP), 443 (HTTPS for secure HTTP).

Basic flow:

1. Browser sends an HTTP request to the web server.

2. Server sends an HTTP response (usually a web page or file).

HTTP Methods:

 GET: Request data from the server.

 POST: Submit data to be processed (e.g., login form).
 PUT, DELETE, HEAD, OPTIONS: Other operations on resources.

📧 Electronic Mail (E-Mail)

Electronic Mail (E-mail) is a system that allows users to exchange messages and files electronically.

Architecture of E-Mail System

Component Function

Software used to read, compose, and send emails (e.g., Outlook, Gmail
User Agents (UA)
app)

Mail Servers Store and forward emails; examples: SMTP server, POP3/IMAP server

SMTP (Simple Mail Transfer Protocol) Used for sending emails (outgoing).

POP3 (Post Office Protocol 3) Used for retrieving emails (download and delete).

IMAP (Internet Message Access Used for retrieving and managing emails on the server (without
Protocol) deleting).

Email Flow:
 1. Sender uses a User Agent to send email via SMTP.
2. Mail Server forwards the email to the recipient’s Mail Server.
3. Receiver uses POP3 or IMAP to retrieve the email.

Web-Based Mail (Webmail)

 Webmail allows users to access emails via a web browser without needing special email clients.
 Examples: Gmail, Yahoo Mail, Outlook Web Access.

How it works:

 User logs into a website → the server interacts with the email system behind the scenes → displays
messages in the browser.

Advantages:

 Accessible anywhere with internet.

 No need to install software.

Disadvantages:

 Requires an active internet connection.

 Sometimes fewer features than desktop clients.

E-Mail Security

Since email travels over networks, it can be vulnerable to interception. Email security techniques include:

Method Purpose

Authentication Verify sender identity (e.g., SPF, DKIM, DMARC).

Encryption Protect message content (e.g., SSL/TLS, PGP).

Digital Signatures Ensure message integrity and authenticity.

Spam Filters Block unwanted or harmful emails.

Antivirus Scanning Scan attachments for malware.

TELNET (Telecommunication Network)

 TELNET is a remote login protocol that allows users to connect to a remote computer and control it
as if they were physically present.
 Works over TCP port 23.
 TELNET provides command-line interface access.
 Insecure, because it transmits data (including passwords) in plain text.
  Replaced today by more secure protocols like SSH (Secure Shell).

Local Login vs Remote Login

Feature Local Login Remote Login

Logging directly into your own

Definition Logging into another computer over a network.
computer.

User Interaction Access to full resources locally. Access is limited to what the remote system allows.

Protocols Used No network protocol needed. TELNET, SSH, RDP (Remote Desktop Protocol).

Security Safer (physically local). Needs secure protocols (e.g., SSH) to avoid data theft.

Connecting from your home computer to a work

Example Logging into your laptop.
server.

✅ Quick Summary

Topic Key Points

HTTP Transfer web pages; request-response; port 80/443.

Email Architecture SMTP, POP3, IMAP; user agent and mail servers.

Web-based Mail Access emails via browser (e.g., Gmail).

Email Security Encryption, authentication, digital signatures.

TELNET Remote login tool, insecure, replaced by SSH.

Local vs Remote Login Local = own machine; Remote = network connection needed.

🌐 Domain Name System (DNS)

The Domain Name System (DNS) is a hierarchical, distributed naming system for computers, services, or
any resource connected to the Internet.
It translates human-friendly domain names (like www.example.com) into IP addresses (like
192.0.2.1) that computers use to identify each other.

Without DNS, we would have to remember complex IP addresses for every website!

Name Space
  Name Space refers to the structure and organization of all possible domain names in the DNS
system.
 It is hierarchical, tree-like, and is divided into zones.
 The top level is the root (.), followed by:
o Top-Level Domains (TLDs): .com, .org, .edu, .net
o Second-Level Domains: example in example.com
o Subdomains: www in www.example.com

Example Tree:

scss
CopyEdit
. (root)
├── com
│ ├── example
│ ├── www
├── org
├── net

DNS in the Internet

 The Internet uses DNS to locate web servers, email servers, and other services.
 When you type www.example.com, your computer queries the DNS to find the IP address.

Resolution

Resolution is the process of translating a domain name into its corresponding IP address.

Two types of resolution:

 Iterative Resolution: DNS server responds with a referral to another server closer to the answer.
 Recursive Resolution: DNS server takes the full responsibility to fetch the final answer on behalf of
the client.

Steps:

1. Check local cache.

2. Ask recursive resolver (ISP DNS server).
3. Resolver queries root server → TLD server → Authoritative server.
4. IP address returned to client.

Caching

 To improve speed and reduce DNS traffic, DNS responses are cached locally by clients and
intermediate DNS servers.
 Cached entries are kept for a certain period, defined by TTL (Time To Live).
 Example: If you visit google.com, the next time it will be fetched from cache (until TTL expires).

Resource Records (RRs)

A Resource Record is the basic data element in DNS.

Common types of RRs:

Type Purpose
A Maps a domain to an IPv4 address
AAAA Maps a domain to an IPv6 address
CNAME Alias for another domain
MX Mail exchange server for domain
NS Delegates a DNS zone to use given authoritative name servers
PTR Used for reverse DNS lookup
TXT Stores arbitrary human-readable data, such as SPF info

DNS Messages

DNS uses two types of messages:

Message Type Purpose

Query Sent by client asking for information (e.g., IP for a domain)
Response Sent by server with the requested data (e.g., IP address)

Message Structure:

 Header
 Question Section
 Answer Section
 Authority Section
 Additional Section

DNS mainly uses UDP port 53 for queries but switches to TCP for large messages (like zone transfers).

Registrars

 Domain Name Registrars are companies authorized to register domain names (like example.com).
 They interact with ICANN (Internet Corporation for Assigned Names and Numbers).
 Example registrars: GoDaddy, Namecheap, Google Domains.

When you buy a domain name, you are purchasing it through a registrar who updates the DNS records.

Security of DNS Name Servers

DNS is vulnerable to attacks like spoofing, cache poisoning, etc. Security methods include:

Method Purpose
DNSSEC (DNS Security Extensions) Adds digital signatures to DNS data to verify authenticity.
Rate Limiting Limits how many queries a server answers to prevent DDoS attacks.
Access Controls Restrict who can query or update DNS servers.
Redundancy and Backup Having multiple DNS servers to handle failures.
Monitoring and Logging Detect suspicious activities early.
📈 SNMP (Simple Network Management Protocol)

 SNMP is used for managing devices on IP networks (routers, switches, servers, printers, etc.).
 SNMP enables monitoring and management of network devices remotely.

Key Concepts:

Concept Description
Manager The system that controls and monitors the activities of network devices.
Agent Software running on the device being monitored.
MIB (Management Information Database of information organized hierarchically (for example, system
Base) uptime, CPU usage).
OID (Object Identifier) Unique identifier assigned to each object in MIB.

SNMP Operations:

 GET: Retrieve information from a device.

 SET: Change configuration of a device.
 TRAP: Device sends an alert to the manager automatically.

Ports Used:

 SNMP uses UDP port 161 (for normal operations) and UDP port 162 (for traps/alerts).

Versions of SNMP:

 SNMPv1: Basic, no security.

 SNMPv2: Improved performance but still weak security.
 SNMPv3: Adds authentication and encryption for security.

✅ Summary Table

Topic Key Points

DNS Name Space Hierarchical tree of domains
DNS Resolution Translate domain name to IP address
DNS Caching Store previous query results
DNS Resource Records A, AAAA, MX, NS, etc.
DNS Messages Queries and responses
Registrars Manage domain name registrations
DNS Security DNSSEC, monitoring, redundancy
SNMP Monitor and manage network devices