23-1 PROCESS-TO-PROCESS DELIVERY

The transport layer is responsible for process-to-

process delivery—the delivery of a packet, part of a
message, from one process to another. Two processes
communicate in a client/server relationship, as we will
see later.
Topics discussed in this section:
Client/Server Paradigm
Multiplexing and Demultiplexing
Connectionless Versus Connection-Oriented Service
Reliable Versus Unreliable
Three Protocols
23.1
 Note

The transport layer is responsible for

process-to-process delivery.

23.2
 Figure 23.1 Types of data deliveries

23.3
 Figure 23.2 Port numbers

23.4
 Figure 23.3 IP addresses versus port numbers

23.5
 Figure 23.4 IANA ranges

23.6
 Figure 23.5 Socket address

23.7
 Figure 23.6 Multiplexing and demultiplexing

23.8
 Figure 23.7 Error control

23.9
 Figure 23.8 Position of UDP, TCP, and SCTP in TCP/IP suite

23.10
 23-2 USER DATAGRAM PROTOCOL (UDP)

The User Datagram Protocol (UDP) is called a

connectionless, unreliable transport protocol. It does
not add anything to the services of IP except to provide
process-to-process communication instead of host-to-
host communication.
Topics discussed in this section:
Well-Known Ports for UDP
User Datagram
Checksum
UDP Operation
Use of UDP
23.11
 Table 23.1 Well-known ports used with UDP

23.12
 Example 23.1

In UNIX, the well-known ports are stored in a file called

/etc/services. Each line in this file gives the name of the
server and the well-known port number. We can use the
grep utility to extract the line corresponding to the desired
application. The following shows the port for FTP. Note
that FTP can use port 21 with either UDP or TCP.

23.13
 Example 23.1 (continued)

SNMP uses two port numbers (161 and 162), each for a
different purpose, as we will see in Chapter 28.

23.14
 Figure 23.9 User datagram format

23.15
 Note

UDP length
= IP length – IP header’s length

23.16
 Figure 23.10 Pseudoheader for checksum calculation

23.17
 Example 23.2

Figure 23.11 shows the checksum calculation for a very

small user datagram with only 7 bytes of data. Because
the number of bytes of data is odd, padding is added for
checksum calculation. The pseudoheader as well as the
padding will be dropped when the user datagram is
delivered to IP.

23.18
 Figure 23.11 Checksum calculation of a simple UDP user datagram

23.19
 Example 23.2.1

Show the entries for the header of a UDP user datagram

that carries a message from a TFTP client to a TFTP
server. Fill the checksum with 0s. Choose an appropriate
ephemeral port number and the correct well-known port
number. The length of data is 40 bytes. Show the UDP
packet format.

22.20
 Example 23.2.3

A UDP header in hexadecimal format

06 32 00 0D 00 1C E2 17

What is the source port number?

What is the destination port number?
What is the total length of the user datagram?
What is the length of the data?
Is packet directed from a client to server or vice versa?
What is the client process?

22.21
 Example 23.2.3
A UDP header in hexadecimal format
06 32 00 0D 00 1C E2 17
•What is the source port number?
•1586
•What is the destination port number?
•13
•What is the total length of the user datagram?
•28 Bytes
•What is the length of the data? 20 Bytes
•(28-20)
•Is packet directed from a client to server or vice versa?
Client to Server
•What is the client process?
•Daytime
22.22
 Figure 23.12 Queues in UDP

23.23
 UDP features
Ex. 1: Connectionless service
Suitable for very small messages i.e. 1 message in one user datagram
A client-server application such as DNS uses the services of UDP
because a client needs to send a short request to a server
and to receive a quick response from it.
The request and response can each fit in one user datagram.
Since only one message is exchanged in each direction,
the connectionless feature is not an issue; the client or server does not
worry that messages are delivered out of order.
 Ex. 2: Connectionless service (not suitable for long messages)
A client-server application such as SMTP, cannot use the services of
UDP because a user can send a long e-mail message, which may
include multimedia (images, audio, or video).
If the application uses UDP and the message does not fit in one
single user datagram, the message must be split by the application
into different user datagram’s.
Here the connectionless service may create problems. The user
datagram’s may arrive and be delivered to the receiver application
out of order.
The receiver application may not be able to reorder the pieces. This
means the connectionless service has a disadvantage for an
application program that sends long messages.

23.25
Ex. 3: Lack of error control
Assume we are downloading a very large text file from the Internet.
And we don’t want the part of the file to be missing or corrupted
when we open the file (reliable service)
The delay occurred between the delivery of the parts is not a concern
for us;
We can wait until the whole file is composed before looking at it.
In this case, UDP is not a suitable transport layer protocol.

23.26
Ex. 4: Lack of error control (suitable for real time video streaming)
Assume we are watching a real-time stream video on our computer. Such
a program is considered a long file; it is divided into many small parts and
broadcast in real time.
The parts of the message are sent one after another. If the transport layer
is supposed to resend a corrupted or lost frame, the synchronizing of the
whole transmission may be lost. The viewer suddenly sees a blank screen
and needs to wait until the second transmission arrives. This is not
tolerable.
However, if each small part of the screen is sent using one single user
datagram, the receiving UDP can easily ignore the corrupted or lost packet
and deliver the rest to the application program.
That part of the screen is blank for a very short period of the time, which
most viewers do not even notice. However, video cannot be viewed out of
order, so streaming audio, video, and voice applications that run over UDP
must reorder or drop frames that are out of sequence.

23.27
 23-3 TCP

TCP is a connection-oriented protocol; it creates a

virtual connection between two TCPs to send data. In
addition, TCP uses flow and error control mechanisms
at the transport level.

Topics discussed in this section:

TCP Services
TCP Features
Segment
A TCP Connection
Flow Control
Error Control
23.28
 Table 23.2 Well-known ports used by TCP

23.29
 Figure 23.13 Stream delivery

23.30
 Figure 23.14 Sending and receiving buffers

23.31
 Figure 23.15 TCP segments

23.32
 Figure 23.16 TCP segment format

23.33
 Note

The bytes of data being transferred in

each connection are numbered by TCP.
The numbering starts with a randomly
generated number.
(0 to (2^32)-1)
Will be used for flow and error control

23.34
 Example 23.3

The following shows the sequence number for each

segment:

23.35
 Note

The value in the sequence number field

of a segment defines the
number of the first data byte
contained in that segment.

23.36
 Note

The value of the acknowledgment field

in a segment defines
the number of the next byte a party
expects to receive.
The acknowledgment number is
cumulative.

23.37
 Figure 23.17 Control field

23.38
 Table 23.3 Description of flags in the control field

23.39
 Example 23.2.4

The following is a dump of a TCP header in hexadecimal

format

05320017 00000001 00000000 500207FF 00000000

What is the source port number?

What is the destination port number?
What is sequence number?
What is the acknowledgment number?
What is the length of the header?
What is the type of the segment?
What is the window size?

22.40
TCP header itself is of 10 feilds as below and size may vary between 20 to 60bytes
1.Source port - 2 bytes, 2.destination port - 2 bytes, 3.SEQ NUM-4 bytes 4.ACK
NUM- 4 bytes, 5.HLEN-1 word, 6.RESERVED-6bits
7.CONTROL-6bits,8.WINDOW SIZE-2 bytes,9.CHECKSUM-2 bytes
10.URGENT POINTERS-2bytes
TCP header
05 32 00 17 00 00 00 01 00 00 00 00 50 02 07 FF 00 00 00 00
source port is 2 bytes take 05 32 = 1330
next 2 bytes as destination address 00 17 == 23 (default TCP port)
next 4 bytes as sequence number 00 00 00 01 ==1
next 4 bytes as ack 00 00 00 00 == 0
next 4 bits as HLEN 5 ==5 -- this indicates number of sets of 4 bytes which
makes the header lenght = 20bytes..
next 6 bits are reserved i.e.0 =0000and 2 bits from hex 0
next 6 bits are control bits = remaining 2 bits from hex 0 and 4 bits of 2
next 2 bytes indicate the window length 07 FF == 2047 bytes
Checksum 2 bytes 00 00 = 0
Urgent pointer 2bytes 00 00 =0
 Figure 23.18 Connection establishment using three-way handshaking

23.42
 Note

A SYN segment cannot carry data, but it

consumes one sequence number.

23.43
 Note

A SYN + ACK segment cannot

carry data, but does consume one
sequence number.

23.44
 Note

An ACK segment, if carrying no data,

consumes no sequence number.

23.45
 •Simultaneous Open
•SYN Flooding Attack
•Denial of Service Attack
•Solutions:
•Limit on Connection Request
•Filter request from unwanted sources
•Postpone resource allocation until the
entire connection is setup

23.46
 Figure 23.19 Data transfer

23.47
 Figure 23.20 Connection termination using three-way handshaking

23.48
 Note

The FIN segment consumes one

sequence number if it does
not carry data.

23.49
 Note

The FIN + ACK segment consumes

one sequence number if it
does not carry data.

23.50
 Note

A sliding window is used to make

transmission more efficient as well as
to control the flow of data so that the
destination does not become
overwhelmed with data.
TCP sliding windows are byte-oriented.

23.51
 Figure 23.21 Half-close

23.52
 TCP Datalink
Sliding Window Type Byte Oriented Frame Oriented
Sliding Window Size Variable Size Fix Size

23.53
 Figure 23.22 Sliding window

Opening: Allow more bytes in the buffer eligible for sending

Closing: They Bytes which are acknowledged
Shrinking: Make eligible data uneligible (Not recommended)

23.54
 Example 23.4

What is the value of the receiver window (rwnd) for host

A if the receiver, host B, has a buffer size of 5000 bytes
and 1000 bytes of received and unprocessed data?

Solution
The value of rwnd = 5000 − 1000 = 4000. Host B can
receive only 4000 bytes of data before overflowing its
buffer. Host B advertises this value in its next segment to
A.

23.55
 Example 23.5

What is the size of the window for host A if the value of

rwnd is 3000 bytes and the value of cwnd is 3500 bytes?

Solution
The size of the window is the smaller of rwnd and cwnd,
which is 3000 bytes.

23.56
 Example 23.6

Figure 23.23 shows an unrealistic example of a sliding

window. The sender has sent bytes up to 202. We assume
that cwnd is 20 (in reality this value is thousands of
bytes). The receiver has sent an acknowledgment number
of 200 with an rwnd of 9 bytes (in reality this value is
thousands of bytes). The size of the sender window is the
minimum of rwnd and cwnd, or 9 bytes. Bytes 200 to 202
are sent, but not acknowledged. Bytes 203 to 208 can be
sent without worrying about acknowledgment. Bytes 209
and above cannot be sent.

23.57
 Figure 23.23 Example 23.6

23.58
 Example 24

A TCP connection is using a window size of 10,000 bytes,

and the previous acknowledgement number was 22,001. It
receives a segment with acknowledgment number 24,001
and window size advertisement of 12,000. Draw a
diagram to show the situation of the window before and
after.

22.59
 A TCP connection is using a window size of
10,000 bytes, and the previous acknowledgement
number was 22,001.

It receives a segment with acknowledgment

number 24,001 and window size advertisement of
12,000.

23.60
 Note

In modern implementations, a
retransmission occurs if the
retransmission timer expires or three
duplicate ACK segments have arrived.

23.62
 Figure 23.24 Normal operation

23.65
 Figure 23.25 Lost segment

23.66
 Figure 23.26 Fast retransmission

23.67
Connection Release (2)

The two-army problem

Connection Release (3)

Four protocol scenarios for releasing a

connection.
(a) Normal case of three-way handshake
Connection Release (4)

Four protocol scenarios for releasing a

connection.
(b) Final ACK lost.
Connection Release (5)

Four protocol scenarios for releasing a

connection.
(c) Response lost
Connection Release (6)

Four protocol scenarios for releasing a

connection.
(d) Response lost and subsequent DRs lost.
 23-4 SCTP

Stream Control Transmission Protocol (SCTP) is a

new reliable, message-oriented transport layer
protocol. SCTP, however, is mostly designed for
Internet applications that have recently been
introduced. These new applications need a more
sophisticated service than TCP can provide.
Topics discussed in this section:
SCTP Services and Features
Packet Format
An SCTP Association
Flow Control and Error Control
23.73
 Note

SCTP is a message-oriented, reliable

protocol that combines the best features
of UDP and TCP.

23.74
 Table 23.4 Some SCTP applications

23.75
 Figure 23.27 Multiple-stream concept

23.76
 Note

An association in SCTP can involve

multiple streams.

23.77
 Figure 23.28 Multihoming concept

23.78
 Note

SCTP association allows multiple IP

addresses for each end.

23.79
 Note

In SCTP, a data chunk is numbered

using a Transmission Sequence
Numbers (TSN).

23.80
 Note

To distinguish between different

streams, SCTP uses an Stream Identifier
(SI).

23.81
 Note

To distinguish between different data

chunks belonging to the same stream,
SCTP uses Stream Sequence Numbers
(SSNs).

23.82
 Note

TCP has segments; SCTP has packets.

23.83
 Figure 23.29 Comparison between a TCP segment and an SCTP packet

23.84
 Note

In SCTP, control information and data

information are carried in separate
chunks.

23.85
 Figure 23.30 Packet, data chunks, and streams

23.86
 Note

Data chunks are identified by three

items: TSN, SI, and SSN.
TSN is a cumulative number identifying
the association; SI defines the stream;
SSN defines the chunk in a stream.

23.87
 Note

In SCTP, acknowledgment numbers are

used to acknowledge only data chunks;
control chunks are acknowledged by
other control chunks if necessary.

23.88
 Figure 23.31 SCTP packet format

23.89
 Note

In an SCTP packet, control chunks come

before data chunks.

23.90
 Figure 23.32 General header

23.91
 Table 23.5 Chunks

23.92
 Note

A connection in SCTP is called an

association.

23.93
 Note

No other chunk is allowed in a packet

carrying an INIT or INIT ACK chunk.
A COOKIE ECHO or a COOKIE ACK
chunk can carry data chunks.

23.94
 Figure 23.33 Four-way handshaking

23.95
 Note

In SCTP, only DATA chunks

consume TSNs;
DATA chunks are the only chunks
that are acknowledged.

23.96
 Figure 23.34 Simple data transfer

23.97
 Note

The acknowledgment in SCTP defines

the cumulative TSN, the TSN of the last
data chunk received in order.

23.98
 Figure 23.35 Association termination

23.99
– Connection establishment delay:
Amount of time elapsing between a transport connection being
requested and its confirmation being recd.
– Connection establishment failure probability:
Probability of a connection not being established within the
maximum establishment delay time.
– Throughput:
Parameter measures the number of bytes of user data transferred
per second
– Transit delay
Measures the time between a message being sent by the transport
user on the source machine and its being received by the
transport user on the destination machine.
– Residual error ratio
Measures the number of lost of garbled messages as a fraction of
total sent
– Protection:
Transport user can specify protection against wiretappers.
– Priority:
Indicate some connections are more important than others - in case of
congestion make sure that the higher-priority connections get
serviced before the low priority ones.
– Resilience:
Probability of the transport layer itself spontaneously terminating a
connection due to internal problems or congestion.
Error Control and Flow Control (1)

(a) Chained fixed-size buffers. (b) Chained

variable-sized buffers. (c) One large circular
buffer per connection.
Error Control and Flow Control (2)

Dynamic buffer allocation. The arrows show the

direction of transmission. An ellipsis (...)
Multiplexing

(a) Multiplexing. (b) Inverse multiplexing.

TCP Congestion Control (3)

Slow start followed by additive increase in TCP

Tahoe.
TCP Congestion Control (4)

Fast recovery and the sawtooth pattern of TCP

Reno.