Transport Layer Protocols: TCP and UDP

Questions and Answers

In the context of the transport layer, what primary function does Multiplexing and Demultiplexing serve?

• To compress data, reducing the size for faster transmission.
• To ensure data packets arrive in a specific order.
• To encrypt data for secure transmission.
• To enable multiple applications or processes to share a single network connection. (correct)

Which of the following best describes the key difference between TCP and UDP protocols?

• TCP is used for small data transfers, while UDP handles large file transmissions.
• TCP operates only on local networks, whereas UDP is designed for wide area networks.
• TCP is connection-oriented, prioritizing reliability and guaranteed delivery, while UDP is connectionless, emphasizing speed and lower overhead. (correct)
• TCP is a connectionless protocol, offering faster transmission speeds, while UDP is connection-oriented, focusing on reliability.

For applications that require minimal delay and can tolerate some data loss, which transport layer protocol is more suitable?

• SMTP (Simple Mail Transfer Protocol)
• FTP (File Transfer Protocol)
• UDP (User Datagram Protocol) (correct)
• TCP (Transmission Control Protocol)

What is the primary role of the checksum in the UDP protocol?

To detect errors in the UDP segment. (B)

A UDP header consists of which fixed size?

8 bytes (C)

What is the range of possible port numbers defined for UDP?

0 to 65535 (D)

What does the 'Source Port' field in a UDP header primarily identify?

The port number of the sending application. (B)

Which of the following is a primary disadvantage of using UDP over TCP?

UDP does not guarantee delivery or correct sequencing of packets. (C)

What is a 'virtual circuit' in the context of TCP?

A logical, connection-oriented path established between sender and receiver for reliable data transfer. (D)

How does TCP ensure reliable transmission of data?

By sending data as a continuous stream of bytes and assigning a unique sequence number to each byte for acknowledgment and reassembly. (C)

What is the primary function of the 'Acknowledgment Number' field in a TCP header?

To specify the next sequence number the sender expects to receive from the receiver. (A)

What is the purpose of 'Control Flags' in the TCP header?

To regulate flow control, methods of transfer, and connection management. (A)

How does the TCP protocol handle error control differently from UDP?

TCP mandates error control in the form of checksum validation and retransmission of corrupted or lost packets, whereas UDP offers only optional checksums. (A)

Which of the following is a limitation of TCP compared to UDP?

TCP cannot be used for broadcast or multicast transmissions. (C)

What is the main function of the Domain Name System (DNS)?

To translate human-friendly domain names into IP addresses. (D)

What role does a 'recursive resolver' play in the DNS resolution process?

It initiates queries to different DNS servers to find the IP address for a domain name. (C)

What is the significance of 'authoritative name servers' in the DNS hierarchy?

They contain the most up-to-date DNS records for a specific domain. (D)

Why is DNS caching important?

It speeds up DNS resolution by storing previously resolved domain names. (C)

What is DNSSEC designed to prevent?

DNS spoofing and man-in-the-middle attacks (C)

What is the purpose of MX records in DNS?

To specify the mail servers responsible for accepting email messages on behalf of a domain. (D)

In email communication, what is the role of the 'Message Transfer Agent' (MTA)?

To transfer email messages from one system to another. (A)

When an email is sent, what information is contained in the 'Envelope'?

Routing information, destination address, priority, and security level. (B)

Which email component contains the 'To', 'From', 'Cc', and 'Subject' fields?

The Header (D)

What is the purpose of Simple Mail Transfer Protocol (SMTP)?

To transfer email messages from a client to a mail server and between mail servers. (A)

Which protocols are primarily used to retrieve email messages from a mail server?

POP3 and IMAP (C)

How does IMAP differ from POP3 in handling email messages?

IMAP synchronizes email across multiple devices, while POP3 typically downloads and deletes messages from the server. (D)

What is the primary function of File Transfer Protocol (FTP)?

To transfer files between computers over a network. (B)

What is the purpose of using FTPS (FTP Secure)?

To add security to FTP by encrypting the data and control connections. (D)

What is the function of port 21 in FTP?

Establishing the control connection for sending commands and receiving responses. (A)

Flashcards

Functions of Transport Layer

Process-to-process delivery, end-to-end connections, multiplexing, data integrity, congestion control, flow control.

UDP (User Datagram Protocol)

Connectionless; speed and size are prioritized over reliability and security.

UDP's Packet Additions

Checksum error control, transport-level addresses, and length information.

UDP Segment Header

A basic, fixed 8 bytes containing header information. Port numbers range from 0-65535.

UDP Source Port

Identifies the port number of the sending device.

UDP Destination Port

Specifies the packet's destination port.

UDP Length Field

The total size of the UDP packet, including header and data.

UDP Checksum

Two bytes long and used for error detection.

Advantages of UDP

Multicast and broadcast transmission, preferred for small transactions, connectionless, faster delivery.

TCP (Transmission Control Protocol)

Provides transport layer services to applications. It is connection-oriented.

TCP Connection

A secure channel created pre-transmission. Ensures reliability.

TCP Data Transmission

Data is transmitted in continuous byte streams with sequenced numbers.

TCP Segment Header Data

Header stores source/destination ports, sequence/acknowledgment numbers.

TCP Source Port Address

The program's port for sending data segments.

TCP Destination Port Address

The port of the application on the receiving host.

TCP Sequence Number

The byte number of the first byte in the segment.

TCP Acknowledgment Number

Byte recipient anticipates receiving, confirming prior bytes.

TCP Header Length (HLEN)

A 4-bit field storing the number of 4-byte words in the TCP header.

TCP Control Flags

Flags manage flow, aborting connections, or termination.

TCP Checksum

Error control field; required for TCP.

Advantages of TCP

Multiple routing protocols, independent operation, error/flow control, reliable delivery.

Disadvantages of TCP

Cannot be used for broadcast/multicast, no clear protocol boundaries.

Role of DNS

Translates domain names to IP addresses.

DNS Organization

Hierarchical structure of root, TLD, second-level domains and subdomains.

DNS Resolution Servers

Root, recursive, TLD, and authoritative name servers.

DNS Resolution

Converting human-readable URLs to machine-readable IP addresses.

Electronic Mail (Email)

Email is sending messages in formatted manners across world.

Email Parts

Envelope, header, and body.

Email Envelope

Specifies destination address, priority, security.

Email Header Fields

Email addresses and names of the recipient, sender and who wrote the message

Study Notes

• TCP and UDP protocols operate in the transport layer, dealing with connection-oriented and connectionless networks respectively.

Functions of Transport Layer

• Process-to-process delivery ensures data reaches the correct application.
• Establishing end-to-end connections between devices for reliable communication.
• Multiplexing and demultiplexing manages multiple connections simultaneously.
• Data integrity and error correction ensure accuracy of transmitted data.
• Congestion control regulates traffic flow to prevent network overload.
• Flow control manages the rate of data transmission to prevent overwhelming the receiver.
• TCP and UDP protocols largely represent the transport layer.

UDP (User Datagram Protocol)

• UDP provides a nonsequential, connectionless transmission of data.
• UDP favors speed and size of transmitted data over security and reliability.
• A User Datagram is a packet created by UDP.
• UDP adds checksum error control, transport level addresses, and length information to data received from higher layers.
• UDP services include connectionless communication, checksum, and process-to-process communication.
• A UDP header has a basic, fixed size of 8 bytes.
• UDP port numbers range from 0 to 65535, with port 0 reserved, each UDP port number fields are 16 bits long.
• The Source Port identifies the port number of the source and is a 2-byte field.
• The Destination Port specifies the packet's destination port and is a 2-byte element.
• Length indicates the total length of the UDP packet, including data and header, and has 16 bits.
• Checksum is 2 bytes long and used for error connection.
• UDP provides multicast and broadcast data transmission.
• UDP is preferred for small transactions, like DNS lookups.
• As a connectionless protocol, UDP needs no connection-oriented network.
• UDP provides fast message delivery.
• There is no guarantee of packet delivery when using UDP.
• UDP suffers from higher packet loss rate.
• UDP lacks a congestion control mechanism.
• UDP does not ensure sequential data transmission.

TCP (Transmission Control Protocol)

• TCP provides transport layer services to applications, operating as a connection-oriented protocol.
• A secure connection is established between sender and receiver, creating a virtual circuit.
• Data is transmitted as continuous byte streams, each byte having a unique sequence number.
• TCP uses unique numbers to ensure that the positive acknowledgement is received, If the acknowledgement is not received in time the data will be retransmitted.
• A TCP segment's header may be 20–60 bytes.
• The header consists of 20 bytes by default with up to 40 bytes used by options that can be added to the header depending on what it must achieve.
• The Source Port Address stores the port address of the sending program in a 16-bit field.
• The Destination Port Address stores the port address of the receiving application in a 16-bit field.
• The Sequence Number stores the byte number of the first byte sent in that segment in a 32-bit field, to reassemble messages, if received out of order.
• The Acknowledgement Number stores the byte number the recipient expects to receive next in a 32-bit field, to confirm successful receipt of earlier bytes.
• The Header Length (HLEN) is a 4-bit field indicating the number of 4-byte words in the TCP header.
• Control flags are six 1-bit controls that regulate flow, transfer method, connection abortion/termination, and establishment.
• Urgent: indicates the urgent pointer field is significant.
• ACK: indicates the acknowledgement number is valid.
• PSH: represents a push request.
• RST: represents a restart of the link.
• SYN: represents sequence number synchronization.
• FIN: represents cutting off communication.
• Window size indicates the sender TCP's window size in bytes.
• Checksum is used for error control and is required in TCP.
• Urgent pointer points to data that must be reached urgently.
• TCP supports various routing protocols.
• TCP operates independently of the operating system.
• TCP provides error and flow control.
• TCP is connection-oriented and ensures data delivery.
• TCP cannot be used for broadcast or multicast transmission.
• TCP has no clear separation between its interface, services, and protocols.
• Replacing the TCP/IP protocol is difficult.

List of various application layer protocols

• Application Layer protocols listed are Name System, Host Config, Email, File Transfer, Web
• DNS, BOOTP, SMTP, FTP, HTTP fall under these.
• DHCP, POP, TFTP, IMAP also are Application Layer protocols.
• The transport layer uses UDP and TCP to enable these application layer protocols.

Role of DNS (Domain Name System)

• DNS translates human-friendly domain names into IP addresses for computer communication.
• Domain Name Resolution: DNS converts domain names into numerical IP addresses.
• Hierarchical Structure & Organization: DNS uses a hierarchical structure of root servers, TLDs, second-level domains, and subdomains.
• Load Balancing & Redundancy: DNS distributes traffic across multiple servers for reliability and to prevent overload.
• Caching for Faster Performance: DNS stores previous lookups to speed up repeated requests and reduce latency.
• Security Features (DNSSEC): DNS prevents spoofing and man-in-the-middle attacks through cryptographic signatures.
• Email Routing (MX Records): DNS directs emails to the correct mail servers using Mail Exchange (MX) records.
• Support for IPv4 and IPv6: DNS translates domain names to both IPv4 and IPv6 addresses.
• User types a domain name (e.g., www.example.com) into a browser.
• The request goes to a recursive resolver (from ISP or public DNS server).
• The resolver queries a root DNS server to find the correct TLD (e.g., .com).
• The TLD server directs the request to the authoritative name server for the domain.
• The authoritative server returns the IP address.
• The resolver caches the response and sends the IP to the user's browser.
• The browser connects to the website using the retrieved IP address.
• DNS Lookup (or Resolution) translates readable domain names to IP Addresses.
• Authoritative DNS Servers hold official DNS records for a domain.
• Recursive DNS Resolvers resolve DNS queries for clients.
• Authoritative DNS Servers provide answers to specific DNS queries.
• Recursive DNS Resolvers actively look up information for clients.
• Authoritative DNS Servers respond with authoritative DNS data.
• Recursive DNS Resolvers query other DNS servers for DNS data.
• Authoritative DNS Servers typically don't directly interact with end-users.
• Recursive DNS Resolvers serve end-users or client applications.

Electronic Mail (E-mail)

• E-mail allows users to send formatted messages (mail) containing text, images, audio, and video data to other users globally.
• The sender composes and sends the email and the recipient receives it.
• An e-mail is structured into three parts: envelope, header, and body.
• Envelope: Encapsulates the message and contains information needed for sending, like destination address, priority and security level; used by MTAs for routing.
• Header: Includes a series of lines with fields like To (primary recipient DNS address), Cc (secondary recipient addresses), Bcc (blind carbon copy addresses), From (name), Sender (email address), Received (sender identity, data, and time), and Return-Path (specifies how to get back to the sender).
• Body: Contains the actual content/message to be sent, with possible signatures or automatically generated text.
• Email systems consist of the User Agent (UA), Message Transfer Agent (MTA), Mail Box, and Spool file.
• The User Agent (UA) is programs used to send and receive email
• The Message Transfer Agent (MTA) is responsible for transferring mail from one system to another.
• The Mailbox: It is a file on local hard drive to collect mails
• The Spool file contains mails that are to be sent.
• There are three email protocols: SMTP, IMAP, and POP.
• SMTP handles the delivery of messages from the email client to the email service provider's sending mail server.
• POP and IMAP handle the retrieval of messages, from the mail server to the subscriber's client.
• POP3 provides access to an inbox on a mail server.
• A POP3 client connects to the mail server, retrieves all messages from the mailbox, stores them on the local computer, and deletes them from the remote server.
• The IMAP is more advanced, allowing the user to manage their email messages on the email server and offers options that standard POP3 doesn't.
• Internet Message Access Protocol (IMAP) allows you to access and manage your email messages on the email server
• POP is a simple protocol that only allows downloading messages from your Inbox to your local computer.
• In POP3 the mail can only be accessed from a single device at a time.
• To read the mail it has to be downloaded on the local system.
• The user can not organize mail in the mailbox of the mail server.
• Messages can be accessed across multiple devices when using IMAP.
• The mail content can be read partially before downloading.
• On the mail server, the user can directly arrange the email, when using IMAP.
• With POP, the user can not create, delete, or rename emails on the mail server.
• POP is unidirectional, changes on a device don't affect the server, and it does not allow email syncing.
• POP is fast.
• With POP the user can not search mail content before downloading to the local system.
• Two modes: delete and keep: deleting mail after retrieval or retaining it in the mailbox.
• POP works with local email software.
• All messages are downloaded at once when using POP
• IMAP can create, delete, or rename emails on the mail server.
• IMAP is bi-directional, changes on the server or device affect the other, and it allows email syncing.
• IMAP is slower than POP
• IMAP allows searching mail content before downloading, allowing a user to search the content of mail for a specific string before downloading.
• IMAP keeps multiple redundant copies of the message for redundancy
• Changes sync with the server when using IMAP
• The Message header can be viewed before downloading

FTP (File Transfer Protocol)

• FTP transfers files between computers on a TCP/IP network (internet).
• Granted users can receive and transfer files on an FTP server (FTP host/site).
• There are different types of FTP: Anonymous FTP, Password Protected FTP and SFTP.
• Anonymous FTP is enabled on sites whose files are for public access, it does not require a username or a password.
• Password Protected FTP is similar to anonymous FTP, but it does require a password and a username.
• The SSH File Transfer Protocol (SFTP) is a secure file transfer protocol that supports the security and authentication performance of SSH.
• The TFTP or Trivial File Transfer Protocol is applicable for different network management tasks.
• FTPs client connects to an FTP server to upload or download files.
• Communication Ports of FTP are: Port 21 and Port 20.
• Port 21 is for Control connection (for sending commands).
• Port 20 for Data transfer (for file transfer in active mode).
• In Active Mode the server connects back to the client for data transfer.
• In Passive Mode the client establishes all connections
• Common FTP Commands are List, Change directory, Upload file, Download file, Delete file, Close.
• FTP can be used in a command-line, GUI or automated style.
• In the file transfer establishment, port 21 is used a control connection and the server responds with a welcome message.
• It is required that the Client sends login credentials (username and password).
• A control connection is used for sending commands and receiving responses, it persists throughout the session.
• A data connection is used for transferring data (files and directory listings), it is only opened when data is transferred.
• In active mode, the client tells the server which port it's listening on, the server initiates the data connection from Port 20 to the client.
• In passive mode, the server opens a random port (higher than 1023), the client connects to the specified port for data transfer.
• The uploads and downloads are performed by FTP and listed as such ''Upload'' or ''Download''.
• Closing a connection occurs after file transfer, and is done by sending QUIT or BYE.
• Advantages of FTP are that multiple files & directories are possible, faster than HTTP, quick file transfer speed, and is supported in nearly all hosts.
• Disadvantages of FTP are that files and login details are sent within the clear text, is easy to destroy work, and can be susceptible to attack

Applications of File Transfer Protocol

• Applications of the file transfer protocol involving daily business operations across business-to-business & peer-to-peer data transfer
• This can involve organizations allowing workers to split files across various locations.

Remote Login

• Remote Login allows a user to login into remote site i.e computer to use the services that are available on the remote computer.
• Remote login is implemented using Telnet.
• Local operating system accepts the typed in character.
• Then the local computer will send them to TELNET client
• From the TELNET client transforms these characters to a universal character set called Network Virtual Terminal (NVT) characters and it will pass.
• Then the TCP/IP passes the messages through the internet to the TELNET server.
• TELNET server changes that characters to characters which can be understandable by remote computer.

Internet Services: World Wide Web (WWW)

• WWW is a system of interlinked web pages and resources accessible through the internet to browse and retrieve information.
• Web browsers retrieve, interpret, and display web pages, communicating with web servers using the HTTP/HTTPS protocol.
• Basic functions of a web browser are: Fetch web pages from servers using URLs, Render HTML, CSS, and JavaScript to display content and Support plugins, bookmarks, and extensions for better user experience.
• Popular web browsers include Google Chrome, Mozilla Firefox, Microsoft Edge, Safari, and Opera.
• HTML is the standard language for creating web pages, structuring content with elements and tags.
• Key HTML Elements include: Headings, Paragraphs, Hyperlinks, Images, Tables and Forms
• The web works by a user entering a URL in a browser, browser requests the web page from the web server.
• The server responds with an HTML file and the browser processes and displays the page using HTML, CSS, and JavaScript.
• The WWW (or Web) is a collection of websites/web pages stored on servers and connected to local computers through the internet, containing text, images, audio, and video.
• The WWW connects the building blocks of Web pages which are formatted in HTML by links called "hypertext" or hyperlinks and accessed by HTTP
• The three components of WWW are: Uniform Resource Locator (URL), Hyper Text Transfer Protocol (HTTP) and Hyper Text Markup Language (HTML).
• The URL is a system for resources on the web.
• The HTTP Specifies communication between browser and server
• The HTML defines the structure, organization, and content of a web page.

Uniform Resource Locator (URL)

• A client accesses documents in an internet using an address and HTTP uses the concept of the Uniform Resource Locator (URL).
• It defines four parts: method, host computer, port, and path.
• Method: protocol used to retrieve the document from a server
• Host: computer where the information is stored
• Port: optional URL component for the server's port number
• Path: pathname to the file where the information is stored

HTTP

• HTTP stands for Hypertext Transfer Protocol.
• HTTP provides a standard between a web browser and a web server to establish communication and establish rules for data transfer.
• Client Request Initiation involves: User enters a URL in a browser, browser translates the URL into an HTTP request and uses encryption (TLS/SSL) if the request is https://.
• DNS Resolution: The browser contacts a DNS server to convert the domain name to an IP address.
• Establishing Connection involves The browser establishes a TCP connection with the server using port 80 (HTTP) or 443 (HTTPS), and sends an HTTP request to the server.
• Server Processing & Response involves: The web server processes the request, it locates the resources, sends a response that contains the requested webpage content.
• The Rendering and Displaying of a Webpage involves: The browser interprets the response, renders the webpage and If additional resources (images, stylesheets) are required, the browser makes more HTTP requests.
• HTTP’s Connection Closure involves: after the response, the connection may close (HTTP/1.0) or stay open for reuse (HTTP/1.1 Keep-Alive).
• Common HTTP Request Methods include;
  • GET; retrieve data from server
  • POST; add data to an existining file
  • PUT; update(replace) an existing file or resource in server.
  • DELETE; delete data from server
  • PATCH; update a resource partially (modify)
  • HEAD; retrieve the resource's headers
• There are also additional methods, CONNECT which is used to open a two-way socket connection to the remote server, OPTIONS which describes the communication options for specified resource and TRACE designed for diagnostic purposes during development.
• Cookies in HTTP contain small pieces of data that a server transmits to a user's web browser.
• Cookies in Web Communication helps maintain user sessions by storing small pieces of data in the user's browser
• Session Management: Helps websites remember logged-in users.
• Personalization: Stores user preferences, like theme settings.
• Tracking and Analytics: Tracks user behavior for analytics and targeted advertising.
• Security: Helps in authentication and preventing CSRF (Cross-Site Request Forgery) attacks.
• There are three types of cookies: session, persistent and third party.
• Session Cookies are deleted when the browser closes.
• Persistent Cookies are stored for a longer period.
• First-Party Cookies are set by the website being visited.
• Third-Party Cookies are set by external domains (e.g., advertisers).
• HTTPS combines HTTP with SSL (Secure Socket Layer) is a more secure protocol than HTTP.

Voice and Video over IP (VoIP and VVoIP)

• VoIP and VVoIP are technologies that allow voice and video communication to be transmitted over the internet or other IP-based networks.
• VoIP lets you make voice calls over a broadband Internet connection.
• VoIP works via: Analog to Digital Conversion, Compression and Packetization, Transmission Over IP, and Decompression and Playback.
• Commonly used VoIP Protocols are SIP establishes and manages VoIP sessions, H.323 (an older protocol), RTP transmits audio and video over IP, and MGCP controls media gateways in VoIP.
• Popular VoIP Applications are Zoom, Microsoft Teams, Skype and WhatsApp.
• Video over IP uses the internet to transport video, audio, and other content with a computer network.
• In video over IP, media inputs are broken down into streams and sent as individual data packets over an IP network.
• VVoIP works via: Capture, Compression and Encoding, Transmission, and Decompression and Playback
• Common and helpful VVoIP Protocols are SIP, H.264 is a widely used video compression codec, and WebRTC Allows browsers and mobile apps to communicate via video and audio in real-time.