Transport Layer Protocols

Questions and Answers

Which layer is responsible for logical communications between applications running on different hosts?

• Internet Layer
• Transport Layer (correct)
• Application Layer
• Network Access Layer

The transport layer is aware of the type of media over which the data must travel.

False (B)

What is a 'conversation' at the transport layer?

• A set of data flowing between a source and destination application (correct)
• An agreed-upon packet size for data transmission
• A physical connection between two hosts
• A method for encrypting data at the transport layer

The transport layer divides application data into appropriately sized blocks called either ______ or datagrams.

segments

Which of the following tasks is NOT a responsibility of the transport layer?

Determining the path data takes through the network (C)

IP specifies how the delivery or transportation of packets takes place.

False (B)

Match the following protocols with their characteristics:

TCP = Reliable, connection-oriented UDP = Unreliable, connectionless

Which transport layer protocol is preferred for applications that prioritize low latency over data reliability?

UDP (D)

What is the term for the type of protocol the TCP protocol is known as with regards to managing connections?

connection oriented

Which of the following applications is MOST likely to use UDP?

Live video streaming (C)

TCP provides reliability and flow control by numbering and tracking data ______ transmitted from a specific application.

segments

UDP requires an established connection between the sender and receiver.

False (B)

What is a key function that TCP provides in addition to data segmentation and reassembly?

Ensured reliable delivery (C)

What term is used to describe the TCP process of negotiating and establishing a permanent connection between source and destination devices before forwarding traffic?

Session establishment

Why does TCP provide same-order delivery?

To ensure data arrives in the intended sequence despite varying transmission rates (A)

The TCP is a ______ protocol which means it keeps track of the state of the communication.

stateful

Netstat can be utilized to determine which active TCP connections are open on a networked host.

True (A)

IANA divides the range of port numbers into three groups. Which range is reserved for common or popular services and applications?

Well-known Ports (C)

What is the term for the combination of the source IP address and source port number, or the destination IP address and destination port number?

socket

Which statement best describes 'expectational acknowledgment' in TCP?

TCP uses an ACK number sent back to the source to indicate the next byte that the receiver expects to receive. (D)

Flashcards

Transport Layer

A network layer that establishes logical communications between applications running on different hosts, including temporary sessions and reliable information transmission.

TCP

A connection-oriented protocol that ensures reliable, full-featured transport. It divides data into segments, tracks them, acknowledges receipt, and retransmits unacknowledged data.

UDP

A connectionless, stateless protocol that provides basic functions for delivering datagrams with minimal overhead and no reliability guarantees.

Ensure Reliable Delivery

Ensures that each segment sent by the source arrives at the destination.

Segmenting Data

A process to divides application data into appropriately sized blocks for transmission.

IP Protocol

IP is concerned with structure, addressing, and routing; it doesn't specify how packet delivery/transportation occurs.

Transmission Control Protocol (TCP)

The protocol includes establishing a connection, ensuring reliable delivery, providing same-order delivery, and supporting flow control.

User Datagram Protocol (UDP)

The protocol does not provide reliability or flow control and do not require an established connection.

Unique Source Port Number

When a host requests a web page, the port dynamically generates a number to track the conversation, allowing multiple simultaneous connections.

Socket Pairs

The source and destination ports are placed within the segment. The segments are then encapsulated within an IP packet.

Well-Known Ports

These port numbers are reserved for common or popular services and applications.

Flow Control

This is the amount of data that the destination can receive and process reliably, which helps maintain the realiability of TCP transmission.

Netstat

They can be used to verify which active TCP connections are open and running on a networked host.

Destination port

The server responds to client requests, it reverses the destination and source ports of the initial request.

Three-way Handshake process

The host client establishes the connection with the server using this process.

Control Bits Flags

A bit that is set to either on or off.

Study Notes

Transport Layer

• Responsible for logical communications between applications on different hosts

• May include establishing temporary sessions and reliable information transmission

• Acts as the link between the application layer and lower layers for network transmission

• Moves data between applications on devices in the network

• Does not know destination host type, media, path, congestion, or network size

• Includes two protocols: Transmission Control Protocol (TCP) and User Datagram Protocol (UDP)

Tracking Individual Conversations

• Each set of data flowing between a source and destination application is a conversation

• Maintaining and tracking these conversations is the transport layer's job

• Limitation on the amount of data in a single packet exists on most networks

• Data must be divided into manageable blocks

Segmenting Data and Reassembling Segments

• Divides application data into appropriately sized blocks

• Blocks are referred to as either segments or datagrams, depending on the transport layer protocol

• Divides data into smaller, more manageable blocks (segments or datagrams)

• IP addresses the structure, addressing and routing of packets only

• Transport layer protocols handle how to transfer messages between hosts

• Manages reliability requirements of a conversation

• Includes TCP and UDP protocols

Transmission Control Protocol (TCP)

• Reliable, full-featured transport layer protocol which ensures data arrival at the destination

• Includes fields for ensuring application data delivery, requiring added processing

• Provides reliability and flow control using these operations:

  • Numbering and tracking of segments transmitted to a specific host
  • Acknowledging received data
  • Retransmitting unacknowledged data after a time
  • Sequencing data that might arrive out of order
  • Sending data at an efficient rate the receiver can handle

• First establishes a connection between sender and receiver to maintain conversation state

• Is therefore known as a connection-oriented protocol

User Datagram Protocol (UDP)

• Simpler protocol that does not provide reliability and flow control

• Has fewer header fields

• Processes datagrams faster than TCP segments because reliability and flow control do not need managing

• Provides basic functions for datagram delivery between applications

• Involves very little overhead and data checking

• Is a connectionless protocol that does not require an established connection

• Is also known as a stateless protocol because it does not track information sent or received

• Provides best-effort delivery without acknowledging data receipt

• There are no transport layer processes that inform the sender of a successful delivery

• Functions similarly to placing a regular, nonregistered letter in the mail

• The sender is not informed of the receiver's availability to receive said letter

Selecting the Right Protocol

• Applications that prioritize low latency over data reliability use UDP due to low network overhead

• VoIP uses UDP as acknowledgments and retransmissions would cause unacceptable voice delays

• DNS uses UDP for quick transactions, and lost requests can be resent, as needed

• Applications needing complete and accurate data delivery utilize TCP

• Databases, web browsers, and email clients depend on TCP to maintain data integrity and correct sequencing

• Online banking transactions are transmitted reliably using TCP to prevent errors

• Developers select a transport protocol based on Application needs

• Stored audio and video streaming uses TCP for buffering, bandwidth, and congestion management

• Real-time video and voice uses UDP, along with TCP when necessary, especially when firewalls block UDP traffic

• On-demand video services use TCP

  • Stream pauses during bandwidth drops, displaying a "buffering" message until TCP restores connection
  • Playback resumes when sufficient bandwidth becomes available

TCP Overview

• In addition to basic functions of data segmentation and reassembly, TCP also provides these services:

  • Establishes a session through negotiation for a permanent connection between devices

  • Negotiates the amount of traffic that can be forwarded at a given time

  • Manages the communication data closely

  • Ensures reliable delivery because TCP ensures segments arrive at the destination

  • Provides same-order delivery by numbering and sequencing the segments for reassembly

  • Supports flow control, where TCP requests that the sending application reduce the data flow rate if resources are overtaxed

  • This prevents retransmission of data when the receiving host's resources are overwhelmed

TCP Header

• Keeps track of communication session state, which makes it a stateful protocol

• Tracks what information has been sent and acknowledged

• Begins with session establishment and concludes with session termination

• Adds an overhead of 20 bytes (160 bits) when encapsulating application layer data

TCP Header Fields

Applications that use TCP

• Handles tasks like dividing data streams into segments, providing reliability, controlling data flow, and reordering segments
• This frees the application from having to manage these tasks

UDP Overview

• UDP features include the following:

  • Data reconstruction in the order it is received
  • Segments that are lost are not resent
  • No session establishment exists
  • The sender is not informed of resource availability

• Uses a UDP Header

• No state is tracked with UDP, making it stateless protocols

• If reliability is required when using UDP, the application must handle it

• Data must flow quickly when delivering live video and voice over a network

• UDP is suited to live video and voice applications because they can tolerate some data loss

• Blocks of communication in UDP are called datagrams or segments

• The transport layer protocol sends these datagrams with best effort

• Due to its simpler header and fewer fields, UDP's header involves only 8 bytes (64 bits)

Applications that use UDP

• Appropriate applications for UDP:

  • Live video and Multimedia: can tolerate data loss, examples are VoIP or streaming

  • Simple Request and Reply: applications involve simple transactions where replies are optional, examples are DNS and DHCP

  • Handled Reliability Themselves: unidirectional communications where flow control, error detection, and recovery are not needed, examples include SNMP and TFTP

• Although DNS and SNMP use UDP by default, they can also use TCP

• DNS might use TCP if the DNS request or DNS response is larger than 512 bytes

• Network administrator might configure SNMP to use TCL

Multiple Separate Communications

• Both TCP and UDP use port numbers

• Both the TCP and UDP header identifies a source and destination application ports

• Source port number identifies the originating application

• Destination port number identifies the target application on the remote host

• When a host requests a web page, it generates a unique source port number to track the conversation

• Destination Port Number specifies the request service, such as port 80 for web traffic

• Servers can handle multiple services at once, such as web services on port 80 and FTP on port 21

• This ensures that different types of requests are correctly processed

Socket Pairs

• The source and destination ports are placed within the segment

• These segments are encapsulated within an IP packet

• The IP packet contains the IP address of the source and destination.

• The source IP address and source port number form a socket

• The destination IP address and destination port number also form a socket as well

• FTP requests generated by a PC includes the Layer 2 MAC addresses and Layer 3 IP addresses

• The request also identifies the source port number 1305 dynamically generated by the host and identifying the FTP service on port 21

• The host also has requested a web page from the server using the same Layer 2 and Layer 3 addresses

• The host uses source port number 1099, and port 80 identifying the web service.

• Client sockets may look like 192.168.1.5:1099

• Web server sockets may look like 192.168.1.7:80

• Both combine to form a socket pair of 192.168.1.5:1099, 192.168.1.7:80

• Enables multiple processes running on a client to distinguish themselves from each other

• In addition, multiple connections to the same server process are distinguished from each other

• The source port acts as a return address for the requesting application.

• The transport layer keeps track of the application, ensuring that a response can be forwarded to the correct application

Port Number Groups

• The Internet Assigned Numbers Authority (IANA) assigns addressing standards like the 16-bit port numbers running from ports 0 to 65535
• The IANA divide this range in three port groups: Well-known, Registered, and Private Ports
  • Well-known Ports: Ports 0 to 1,023 are reserved for popular applications like web browsers or email
  • Registered Ports: Ports 1,024 to 49,151 are assigned to those requesting by IANA to be used for applications
  • Private/Dynamic Ports: Ports 49,152 to 65,535, also known as ephemeral, dynamically assigned by the client's OS during connection

Verifying Network Connections

• Unexplained TCP connections are major security threats, indicating something or someone is connected to the local host

• Knowing which TCP connections are running is important

• Netstat can be used as a network utility to verify connections by listing the protocols in use, the local/foreign addresses and port numbers, and connection state

• The -n option can display IP addresses in numerical form instead of attempting to resolve domain names

TCP Communication Process

• Each application process on a server is configured with a port number, either automatically assigned or manually configured by an administrator

• Services in the same transport layer cannot be assigned to the same port number

• Example: A web server and a file transfer application running on a host cannot both use TCP port 80

• Active server applications are considered open, so the transport layer processes segments addressed to that port

• Data from incoming requests is sent to the correct server application

• Multiple ports can be open simultaneously, each with an active server application

Clients Sending TCP requests

TCP Connection Establishment

• When two persons meet and shake hands, connections over network behave in a similar way
• In TCP connections, the client establishes a connection with the server through a three-way handshake process

Session Termination

• Servers or clients must set the Finish (FIN) control flag in the segment header if it wishes to close a connection

• Every TCP session uses a two-way hadshake involving sending a FIN and an Acknowledgment

• End a single conversation uses four exchanges

• The client or the server initiatiates the termination

TCP Three-way Handshake Analysis

• Hosts keep track of data and data segments in sessions

• Using the TCP header the host exchanges information about what data is received

• TCP is a duplex protocol where each connection represents two one-way communications

• 3 functions of the three-way handshake:

  • Establishing destination devices is present on the network
  • Verifying that the device has an active service and accepts requests
  • Informing device source is establishing a session in that port

• The connection sessions are closed, therefore the TCP uses the connection and session mechanisms enable TCP reliability function.

TCP Control Bits Field

• The six bits in the Control Bits field are known as flags, can be set to either on or off:
  • URG = Urgent pointer field significant
  • ACK = Acknowledgment flag in connections
  • PSH Push Function
  • RST = Reset
  • SYN = Synchronize
  • FIN = No more data

TCP Reliability and Flow Control

• TCP counts packets, resending lost segments, unlike UDP

• Packets also regulate flow to prevent the device overload

• TCP resends lost and out of order packets use sequence numbers

• Hosts generate Initial Sequence Numbers, ISN, to ensure proer reassembly during setup

• These sequence number increase in bytes to ensure proper reassembly of received data

TCP Segments at point of Destination

• Receiving TCP places reassembled data with the proper sequencing
• Segments that are out of order are then held for proper bytes

TCP - Data Loss and Retransmission

• Transmits segments that are lost when data loss occurs

• The Sequence Number and Acknowledgment Numbers used to confirm segments are transmited

• Host operating systems today typically use SACK (selective acknowledgment

• If the senders supports SACK it can send a particular segment rather than every segment

TCP Flow Control - Window Size and Acknowledgments

• TCP has a mechanisms that regulates flow

• Regulates how much data the destination can receive

• Help to maintain reliability, this ensures the TCP header includes a 16-bit field called the window size

• Session can only determine how many bytes from window size a TCP session using the acknowledgement

• The acknowledgement number indicates the next expected byte

• After, the destination makes the initial window size in three-way handshake

UDP Communication

• UDP is a low-overhead protocol that provides the benefits of fast communications, such as for VoIP
• Connection is not established

UDP Datagram Reassembly

• UDP provides transport with low overhead and has the benefits of small diagram headers with low traffic

• With UDP datagrams send to destination often take different routes and arrive in the wrong order

• There is no way to reorder datagrams by transmission order

• UDP reassembles data and forwards to application

• Applications must determine sequence that date should be processed

UDP Server Processes and Requests

• Assigned well known or registered port numbers similar to TCP based applications
• UDP receives a datagram and then transfers it to the right application based the port number

UDP Client Processes

• Similar to TCP communications, the client application must also require data from server

• With UDP client Process, it selected dynamic port numbers and uses a source port conversation

• After, the client has chosen the source and destination parts in all datagrams

• This means that the incoming data from the server is reveresed

UDP Response Destinations

UDP Response Source Ports