1 / 66

IT 347: Chapter 3 Transport Layer

IT 347: Chapter 3 Transport Layer. Instructor: Christopher Cole Some slides taken from Kurose & Ross book. Network layer: logical communication between hosts Transport layer: logical communication between processes end-to-end only Routers, etc. don’t read segments

may
Download Presentation

IT 347: Chapter 3 Transport Layer

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IT 347: Chapter 3Transport Layer Instructor: Christopher Cole Some slides taken from Kurose & Ross book

  2. Network layer: logical communication between hosts • Transport layer: logical communication between processes • end-to-end only • Routers, etc. don’t read segments • Weird analogy of 2 families with Bill and Ann • IP provides a best-effort delivery service • No guarantees! • unreliable • Most fundamentally: extend host-to-host delivery to process-to-process delivery

  3. reliable, in-order delivery (TCP) congestion control flow control connection setup unreliable, unordered delivery: UDP no-frills extension of “best-effort” IP services not available: delay guarantees bandwidth guarantees application transport network data link physical application transport network data link physical network data link physical network data link physical network data link physical network data link physical network data link physical network data link physical logical end-end transport Internet transport-layer protocols Transport Layer

  4. Multiplexing • Everybody is on sockets • Multiplexing: passing segments to network layer • Demultiplexing: taking network layer and distributing to sockets • How is it done? • What are the 2 things that applications need to talk to each other? Source port/IP and destination port/IP • Server side usually specifically names a port • Client side lets the transport layer automatically assign a port

  5. More multiplexing • UDP: two-tuple • Identified by destination IP address and port number • If two UDP segments have difference source IP addresses and/or port numbers, but the same destination IP and port number, they will be directed to the same destination process via the same socket

  6. TCP: four-tuple • Identified by source IP/port and destination IP/port • Two segments with difference source info, but the same destination info, will be directed to different sockets • TCP keeps the port open as a “welcoming socket” • Server process creates new socket when connection is created • One server can have many sockets open at a time • Web server • Spawns a new thread for each connection (How does it know which collection belongs to who? Source port & IP) • Threads are like lightweight subprocesses • Many threads for one process

  7. UDP • A transport layer protocol must: provide multiplexing/demultiplexing • That’s all UDP does besides some light error checking • You’re practically talking directly to IP • UDP process • Take the message from the application • Add source and destination port number fields • Add length & checksum fields • Send the segment to layer 3 • Connectionless (no handshaking) • Why is DNS using UDP?

  8. Advantages of UDP • Finer application control • Just spit the bits onto the wire. No congestion control, flow control, etc. • Connectionless • No extra RTT delay • Doesn’t create buffers, so a UDP server can take more clients than a TCP server • Small packet overhead • TCP overhead = 20 bytes • UDP overhead = 8 bytes

  9. The UDP Controversy • UDP doesn’t play nice • No congestion control • Say UDP packets flood the lines… • Causes routers to get more congested • TCP sees this, and slows down packet sending • UDP doesn’t • Only UDP packets end up getting sent

  10. “no frills,” “bare bones” Internet transport protocol “best effort” service, UDP segments may be: lost delivered out of order to app connectionless: no handshaking between UDP sender, receiver each UDP segment handled independently of others Why is there a UDP? no connection establishment (which can add delay) simple: no connection state at sender, receiver small segment header no congestion control: UDP can blast away as fast as desired UDP: User Datagram Protocol [RFC 768] Transport Layer

  11. often used for streaming multimedia apps loss tolerant rate sensitive other UDP uses DNS SNMP reliable transfer over UDP: add reliability at application layer application-specific error recovery! UDP: more 32 bits source port # dest port # Length, in bytes of UDP segment, including header checksum length Application data (message) UDP segment format Transport Layer

  12. Sender: treat segment contents as sequence of 16-bit integers checksum: addition (1’s complement sum) of segment contents sender puts checksum value into UDP checksum field Receiver: compute checksum of received segment check if computed checksum equals checksum field value: NO - error detected YES - no error detected. Throw the bit away OR Pass it on with a warning UDP checksum Goal: detect “errors” (e.g., flipped bits) in transmitted segment Transport Layer

  13. Internet Checksum Example • Note • When adding numbers, a carryout from the most significant bit needs to be added to the result • Example: add two 16-bit integers 1 1 1 1 0 0 1 1 0 0 1 1 0 0 1 1 0 1 1 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 1 1 0 1 1 1 0 1 1 1 0 1 1 1 0 1 1 1 1 0 1 1 1 0 1 1 1 0 1 1 1 1 0 0 1 0 1 0 0 0 1 0 0 0 1 0 0 0 0 1 1 wraparound sum checksum Transport Layer

  14. Reliable Data Transfer • See book for state machines and full explanations • Case 1: underlying channel completely reliable • Just have a sender and receiver.

  15. Case 2: bit errors (but no packet loss) • How do you know? • Receiver has to acknowledge (ACK) or negative (NAK) • A NAK makes the sender resend the packet • NAK based on UDP checksum (talk about timers later) • Reliable transfer based on retransmission = ARQ (Automatic Repeat reQuest) protocol • 3 capabilities: Error detection, receiver feedback, retransmission • Stop and wait protocol

  16. What if the ACK or NAK packet is corrupted? • Just resend the old packet. • Duplicate packets: But how does the receiver know it is the same packet and not the next one? • Add a sequence number! • Do we really need a NAK? • Just ACK the last packet that was received.

  17. Case 3: bit errors and packet loss • What if a packet gets lost? • Set a timer on each packet sent. When the timer runs out, send the packet again. • Can we handle duplicate packets? • How long? • At least as long as a RTT

  18. rdt3.0 works, but performance stinks ex: 1 Gbps link, 15 ms prop. delay, 8000 bit packet: Performance of rdt3.0 • U sender: utilization – fraction of time sender busy sending • 1KB pkt every 30 msec -> 33kB/sec (264 kbps) thruput over 1 Gbps link • network protocol limits use of physical resources! Transport Layer

  19. Pipelining will fix it! • Make sure your sequence numbers are large enough • Buffering packets • Sender buffers packets that have been transmitted but not yet acknowledged • Receiver buffers correctly received packets • Two basic approaches: Go-Back-N and selective repeat

  20. Pipelining: sender allows multiple, “in-flight”, yet-to-be-acknowledged pkts range of sequence numbers must be increased buffering at sender and/or receiver Two generic forms of pipelined protocols: go-Back-N, selective repeat Pipelined protocols Transport Layer

  21. Go-Back-N (sliding window) Sender: • k-bit seq # in pkt header • “window” of up to N, consecutive unACKed pkts allowed • ACK(n): ACKs all pkts up to, including seq # n - “cumulative ACK” • may receive duplicate ACKs (see receiver) • timer for each in-flight pkt • timeout(n): retransmit pkt n and all higher seq # pkts in window Transport Layer

  22. ACK-only: always send ACK for correctly-received pkt with highest in-orderseq # • may generate duplicate ACKs • need only remember expectedseqnum • out-of-order pkt: • discard (don’t buffer) -> no receiver buffering! • Re-ACK pkt with highest in-order seq # • Problems with GBN? • It can spit out a lot of needless packets onto the wire. • A single error will really do some damage. A wire with lots of errors? Lots of needless duplicate packets

  23. receiver individually acknowledges all correctly received pkts buffers pkts, as needed, for eventual in-order delivery to upper layer sender only resends pkts for which ACK not received sender timer for each unACKedpkt sender window N consecutive seq #’s again limits seq #s of sent, unACKedpkts The sender and receiver window will not always coincide! If your sequence numbers aren’t big enough, you won’t know which is which Selective Repeat Transport Layer

  24. Selective repeat: sender, receiver windows Transport Layer

  25. data from above : if next available seq # in window, send pkt timeout(n): resend pkt n, restart timer ACK(n) in [sendbase,sendbase+N]: mark pkt n as received if n smallest unACKed pkt, advance window base to next unACKed seq # receiver sender Selective repeat pkt n in [rcvbase, rcvbase+N-1] • send ACK(n) • out-of-order: buffer • in-order: deliver (also deliver buffered, in-order pkts), advance window to next not-yet-received pkt pkt n in [rcvbase-N,rcvbase-1] • ACK(n) otherwise: • ignore Transport Layer

  26. Go-back-N: overview sender: up to N unACKedpkts in pipeline receiver: only sends cumulative ACKs doesn’t ACK pkt if there’s a gap sender: has timer for oldest unACKedpkt if timer expires: retransmit all unACKed packets Selective Repeat: overview sender: up to N unACKed packets in pipeline receiver: ACKs individual pkts sender: maintains timer for each unACKed pkt if timer expires: retransmit only unACKed packet Pipelining Protocols - Summary Transport Layer

  27. Reliable Data Transfer Mechanisms • See table p. 242 • Checksum • Timer • Sequence number • Acknowledgement • Negative acknowledgement • Window, pipelining

  28. TCP • Read 3.5 to the end • Point to point • Single sender, single receiver • Multicasting (4.7) will not work with TCP • 3 way handshake • SYN • SYN-ACK • ACK • TCP sets aside a send buffer – where the application message data gets put • TCP takes chunks of data from this buffer and sends segments

  29. Vocabulary • RTT = Round Trip Time • MSS = Maximum segment size • Maximum amount of data that TCP can grab and place into a segment • This is application layer data – does not include TCP headers, etc. • MTU = Maximum transmission unit • The largest link-layer frame that can be sent by the local sending host • This will have a lot of bearing on the MSS • Common values: 1,460, 536, and 512 bytes

  30. full duplex data: bi-directional data flow in same connection MSS: maximum segment size connection-oriented: handshaking (exchange of control msgs) init’s sender, receiver state before data exchange flow controlled: sender will not overwhelm receiver point-to-point: one sender, one receiver reliable, in-order byte steam: no “message boundaries” pipelined: TCP congestion and flow control set window size send & receive buffers TCP: OverviewRFCs: 793, 1122, 1323, 2018, 2581 Transport Layer

  31. 32 bits source port # dest port # sequence number acknowledgement number head len not used Receive window U A P R S F checksum Urg data pointer Options (variable length) application data (variable length) TCP segment structure URG: urgent data (generally not used) counting by bytes of data (not segments!) ACK: ACK # valid PSH: push data now (generally not used) # bytes rcvr willing to accept RST, SYN, FIN: connection estab (setup, teardown commands) Internet checksum (as in UDP) Transport Layer

  32. Seq. #’s: byte stream “number” of first byte in segment’s data ACKs: seq # of next byte expected from other side cumulative ACK Q: how receiver handles out-of-order segments A: TCP spec doesn’t say, - up to implementer time TCP seq. #’s and ACKs Host B Host A User types ‘C’ Seq=42, ACK=79, data = ‘C’ host ACKs receipt of ‘C’, echoes back ‘C’ Seq=79, ACK=43, data = ‘C’ host ACKs receipt of echoed ‘C’ Seq=43, ACK=80 simple telnet scenario Transport Layer

  33. Q: how to set TCP timeout value? longer than RTT but RTT varies too short: premature timeout unnecessary retransmissions too long: slow reaction to segment loss Q: how to estimate RTT? SampleRTT: measured time from segment transmission until ACK receipt ignore retransmissions SampleRTT will vary, want estimated RTT “smoother” average several recent measurements, not just current SampleRTT TCP Round Trip Time and Timeout Transport Layer

  34. TCP Round Trip Time and Timeout EstimatedRTT = (1- )*EstimatedRTT + *SampleRTT • Exponential weighted moving average • influence of past sample decreases exponentially fast • typical value:  = 0.125 Transport Layer

  35. Example RTT estimation: Transport Layer

  36. Setting the timeout EstimtedRTT plus “safety margin” large variation in EstimatedRTT -> larger safety margin first estimate of how much SampleRTT deviates from EstimatedRTT: TCP Round Trip Time and Timeout DevRTT = (1-)*DevRTT + *|SampleRTT-EstimatedRTT| (typically,  = 0.25) Then set timeout interval: TimeoutInterval = EstimatedRTT + 4*DevRTT Transport Layer

  37. TCP creates rdt service on top of IP’s unreliable service pipelined segments cumulative ACKs TCP uses single retransmission timer retransmissions are triggered by: timeout events duplicate ACKs initially consider simplified TCP sender: ignore duplicate ACKs ignore flow control, congestion control TCP reliable data transfer Transport Layer

  38. data rcvd from app: create segment with seq # seq # is byte-stream number of first data byte in segment start timer if not already running (think of timer as for oldest unACKed segment) expiration interval: TimeOutInterval timeout: retransmit segment that caused timeout restart timer ACK rcvd: if acknowledges previously unACKed segments update what is known to be ACKed start timer if there are outstanding segments TCP sender events: Transport Layer

  39. NextSeqNum = InitialSeqNum SendBase = InitialSeqNum loop (forever) { switch(event) event: data received from application above create TCP segment with sequence number NextSeqNum if (timer currently not running) start timer pass segment to IP NextSeqNum = NextSeqNum + length(data) event: timer timeout retransmit not-yet-acknowledged segment with smallest sequence number start timer event: ACK received, with ACK field value of y if (y > SendBase) { SendBase = y if (there are currently not-yet-acknowledged segments) start timer } } /* end of loop forever */ TCP sender(simplified) • Comment: • SendBase-1: last • cumulatively ACKed byte • Example: • SendBase-1 = 71;y= 73, so the rcvrwants 73+ ;y > SendBase, sothat new data is ACKed Transport Layer

  40. TCP ACK generation[RFC 1122, RFC 2581] TCP Receiver action Delayed ACK. Wait up to 500ms for next segment. If no next segment, send ACK Immediately send single cumulative ACK, ACKing both in-order segments Immediately send duplicate ACK, indicating seq. # of next expected byte Immediate send ACK, provided that segment starts at lower end of gap Event at Receiver Arrival of in-order segment with expected seq #. All data up to expected seq # already ACKed Arrival of in-order segment with expected seq #. One other segment has ACK pending Arrival of out-of-order segment higher-than-expect seq. # . Gap detected Arrival of segment that partially or completely fills gap Transport Layer

  41. time-out period often relatively long: long delay before resending lost packet detect lost segments via duplicate ACKs. sender often sends many segments back-to-back if segment is lost, there will likely be many duplicate ACKs for that segment If sender receives 3 ACKs for same data, it assumes that segment after ACKed data was lost: fast retransmit:resend segment before timer expires Fast Retransmit Transport Layer

  42. Fast retransmit algorithm: event: ACK received, with ACK field value of y if (y > SendBase) { SendBase = y if (there are currently not-yet-acknowledged segments) start timer } else { increment count of dup ACKs received for y if (count of dup ACKs received for y = 3) { resend segment with sequence number y } a duplicate ACK for already ACKed segment fast retransmit Transport Layer

  43. Go-Back-N or Selective Repeat? • The book says it’s sorta both. To me it mostly looks like GBN • Out of order segments not individually ACKed • However • Many TCP implementations will buffer out of order segments • TCP will also usually only retransmit a single segment rather than all of them

  44. Flow Control (NOT congestion control) • TCP creates a receive buffer • Data is put into the receive buffer once it has been received correctly and in order • The application reads from the receive buffer • Sometimes not right away. • Flow control tries not to overflow this receive buffer • Each sender maintains a variable called the receive window • What if the receive window goes to 0? • In this case, the sending host is required to send segments with 1 data byte • What happens in UDP when the UDP receive buffer overflows?

  45. receive side of TCP connection has a receive buffer: speed-matching service: matching send rate to receiving application’s drain rate flow control sender won’t overflow receiver’s buffer by transmitting too much, too fast (currently) unused buffer space application process IP datagrams TCP data (in buffer) TCP Flow Control • app process may be slow at reading from buffer Transport Layer

  46. Recall:TCP sender, receiver establish “connection” before exchanging data segments initialize TCP variables: seq. #s buffers, flow control info (e.g. RcvWindow) client: connection initiator Socket clientSocket = new Socket("hostname","port number"); server: contacted by client Socket connectionSocket = welcomeSocket.accept(); Three way handshake: Step 1:client host sends TCP SYN segment to server specifies initial seq # no data Step 2:server host receives SYN, replies with SYNACK segment server allocates buffers specifies server initial seq. # Step 3: client receives SYNACK, replies with ACK segment, which may contain data TCP Connection Management Transport Layer

  47. Closing a connection: client closes socket:clientSocket.close(); Step 1:client end system sends TCP FIN control segment to server Step 2:server receives FIN, replies with ACK. Closes connection, sends FIN. client server close FIN ACK close FIN ACK timed wait closed TCP Connection Management (cont.) Transport Layer

  48. Step 3:client receives FIN, replies with ACK. Enters “timed wait” - will respond with ACK to received FINs Step 4:server, receives ACK. Connection closed. Note:with small modification, can handle simultaneous FINs. TCP Connection Management (cont.) client server closing FIN ACK closing FIN ACK timed wait closed closed Transport Layer

  49. TCP Connection Management (cont) TCP server lifecycle TCP client lifecycle Transport Layer

  50. SYN Flood Attack • Bad guy sends a bunch of TCP SYN segments • Server opens up buffers to create this segment • Resources all become allocated to half open TCP connections • This is called a SYN flood attack • SYN Cookies • The server allocates on the resources upon receipt of a ACK (third part of handshake) segment rather than a SYN segment • It knows because the sequence field the server sent out was a special number (complex hash function of source and destination IP and port plus the server’s secret number) • P. 269s

More Related