dnt 1013 data communications ------------------------------------------ chapter 5: transport layer
DESCRIPTION
DNT 1013 DATA COMMUNICATIONS ------------------------------------------ CHAPTER 5: TRANSPORT LAYER. Prepared By: Mdm Noor Suhana Bt Sulaiman FKMT-NT, TATiUC. PROCESS TO PROCESS DELIVERY: TCP, UDP, SCTP. Our goals: understand principles behind transport layer services: - PowerPoint PPT PresentationTRANSCRIPT
DNT 1013DATA COMMUNICATIONS
------------------------------------------CHAPTER 5:
TRANSPORT LAYER
Prepared By:Mdm Noor Suhana Bt SulaimanFKMT-NT, TATiUC
PROCESS TO PROCESS DELIVERY:
TCP, UDP, SCTP
Transport LayerOur goals: understand principles
behind transport layer services:multiplexing/
demultiplexingreliable data transferflow controlcongestion control
learn about transport layer protocols in the Internet:UDP: connectionless
transportTCP: connection-oriented
transportTCP congestion control
Transport services and protocols
provide logical communication between app processes running on different hosts
transport protocols run in end systems send side: breaks app
messages into segments, passes to network layer
received side: reassembles segments into messages, passes to app layer
more than one transport protocol available to appsInternet: TCP and UDP
application
transportnetworkdata linkphysical
application
transportnetworkdata linkphysical
networkdata linkphysical
networkdata linkphysical
networkdata linkphysical
networkdata linkphysicalnetwork
data linkphysical
logical end-end transport
Transport vs. Network Layernetwork layer: logical communication
between hostsPDU: DatagramDatagram’s may be lost, duplicated,
reordered in the Internet – “best effort” service
transport layer: logical communication between processes relies on, enhances, network layer servicesPDU: Segmentextends “host-to-host” communication to
“process-to-process” communication
Multiplexing/Demultiplexing
Use same communication channel between hosts for several logical communication processes
How does Mux/DeMux work?Sockets: doors between process & hostUDP socket: (dest. IP, dest. Port)TCP socket: (src. IP, src. port, dest. IP, dest. Port)
TransportLayer
NetworkLayer
TransportLayer
NetworkLayer
HTTP
FTP
Telnet
Connectionless demuxUDP socket identified by two-tuple:
(dest IP address, dest port number)
When host receives UDP segment:checks destination port number in segmentdirects UDP segment to socket with that port number
IP datagrams with different source IP addresses and/or source port numbers directed to same socket
Connection-oriented demuxTCP socket identified by
4-tuple: source IP addresssource port numberdest IP addressdest port number
recv host uses all four values to direct segment to appropriate socket
Server host may support many simultaneous TCP sockets:each socket identified by
its own 4-tupleWeb servers have
different sockets for each connecting clientnon-persistent HTTP will
have different socket for each request
UDP: User Datagram ProtocolWhy use UDP?
No connection establishment cost (critical for some applications, e.g., DNS)
No connection stateSmall segment headers (only 8 bytes)Finer application control over data
transmission
UDP Segment Structureoften used for streaming
multimedia apps loss tolerantrate sensitive
other UDP usesDNSSNMP
reliable transfer over UDP: add reliability at application layerapplication-specific
error recovery!
source port # dest port #
32 bits
Applicationdata
(message)
UDP segment format
length checksumLength, in
bytes of UDPsegment,including
header
UDP checksum
Sender: treat segment contents as
sequence of 16-bit integers
checksum: addition (1’s complement sum) of segment contents
sender puts checksum value into UDP checksum field
Receiver:compute checksum of
received segmentcheck if computed
checksum equals checksum field value:NO - error detectedYES - no error detected.
Goal: detect “errors” (e.g., flipped bits) in transmitted segment
Internet Checksum ExampleNote: When adding numbers, a carryout
from the most significant bit needs to be added to the result
Example: add two 16-bit integers
Weak error protection? Why is it useful?
1 1 1 1 0 0 1 1 0 0 1 1 0 0 1 1 01 1 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1
1 1 0 1 1 1 0 1 1 1 0 1 1 1 0 1 1
1 1 0 1 1 1 0 1 1 1 0 1 1 1 1 0 01 0 1 0 0 0 1 0 0 0 1 0 0 0 0 1 1
wraparound
sumchecksum
What is SCTP ?SCTP ( Stream Control Transmission Protocol ) - PSTN signaling messages over IP Networks
Similar to TCP and UDP - transport layer
- reliable / unreliable transmission - congestion control - ordered / unordered transmission
SCTP Feature SummaryStart with TCP:
reliable (retransmissions) congestion controlled
connection oriented
Add:4-way handshake
to reduce vulnerability to DOS attacksframing
preserve message boundaries multistreaming
instead of one ordered stream, up to 64K independent ordered streams
multihoming instead of one IP address per endpointa set of IP addresses per endpoint
SYN floodA SYN flood is a form of denial-of-service attack in
which an attacker sends a succession of SYN requests to a target's system.
When a client attempts to start a TCP connection to a server, the client and server exchange a series of messages which normally runs like this:
The client requests a connection by sending a SYN (synchronize) message to the server.
The server acknowledges this request by sending SYN-ACK back to the client.
The client responds with an ACK, and the connection is established.
SYN
victim Flooded!!
SYN Flooding Attack
TCB
TCB
TCB
TCB
TCB
• There is no ACK in response to the SYN-ACK, hence connection remains half-open• Other genuine clients cannot open connections to the victim• The victim is unable to provide service
attackers
128.3.4.5
192.10.2.8
221.3.5.10 SYN
SYN
190.13.4.1
228.3.14.5
130.2.4.15
Unavailable, reserved resources
Message BoundariesUDP honors message boundaries
Each app message becomes a datagram
TCP does not honor message boundariesApp messages become part of a byte stream
SCTP maintains message boundariesEach app message is maintained as one or more
data chunks
Chunks in SCTP
Source Port Destination Port
Verification Tag
Checksum
Chunk 1
Chunk N
Common Header
Building blocks of an SCTP PDUTwo kinds – control chunks and data chunksdata chunks are smallest atomic data units
Chunks
SCTP
PDU
SCTP Chunk FormatType Flags Length
Chunk Data
•Type – e.g. Data, Init, SACK
•Flags – bit meanings depend on type
•Length – includes type, flags, length, and data/parameters
Some Chunk Types0x00 DATA User data
0x01 INIT ~ SYN
0x02 INIT-ACK
0x03 SACK Selective ACK
0x04 HEARTBEAT Keep-alive message
0x05 HEARTBEAT-ACK
0x07 SHUTDOWN ~FIN
0x08 SHUTDOWN-ACK
Chunk Bundling in SCTP
Multiple chunks in one SCTP PDUControl chunks bundled before data chunksChunk boundary cannot cross SCTP PDU boundaryOptional at sender, but receiver has to support
Source Port Destination Port
Verification Tag
Checksum
Chunk 1
Chunk N
Common Header
Bundling
SCTP
PDU
CONGESTION CONTROL & QUALITY of SERVICE
What is congestion?Impact of congestion
Packet queues at links start to grow…
Packets start dropping
Sources start re-transmitting
After a while only re-transmissions occupy the network
Network resources start getting utilized in useless work (packets in queues that get timed out and re-transmitted)
“Goodput” goes to nearly zero
Max capacity
Congestion controls try to avoid getting into this situation
Congestion ControlWhat is congestion control?How is it done in example networks ?
Bus LANSwitched LANsInternet Telephone network
Congestion controlIs done in some form at all layers
Flow control b/w source and destn.Network layer congestion control is still
needed. (Why?)Can be done at various time-scales
Congestion control and QoSPre-QoS: Everything “best-effort”
E.g. TCP/IP networks, congestion control is left to TCP, i.e. TCP is a “well-behaved” source, that adapts to congestion
Post QoS-Integrated Services: Congestion control should be different for different sources Different for file-transfer/e-mail Different for real-time-sensitive apps, e.g. voice,
video Different based on what type of coding is used for
these apps
Quality of ServiceQuality parameters that define the
performance needs of a “flow” (i.e. a stream of packets belonging to a particular connection)Reliability – Probability of delivering
packets correctlyDelayJitter – Variation in Packet delayBandwidth
QoS Requirements
Jitter Control
(a) High jitter. (b) Low jitter.
BufferingSmoothing the output stream by buffering
packets.
General Principles of Congestion ControlMonitor the system .
detect when and where congestion occurs.
Pass information to where action can be taken.
Adjust system operation to correct the problem.
Congestion control time-scalesLong Term: Network Resource Provisioning
(sizing the network correctly)Connection duration
Connection (call) admission control: In connection oriented networks, decide whether to admit connection or not
Round Trip propagation time: Explicit forward congestion signaling
Packet Insertion Level: Traffic shaping, policing, selective discarding
Congestion Prevention PoliciesPolicies that affect congestion.
5-26
Routing around congestion
(a) A congested subnet. (b) A redrawn subnet, eliminates congestion and a virtual circuit from A to B.
Mechanisms for Congestion Control
Implicit Congestion SignalingTransmission delay may increase with congestionPacket may be discardedSource can detect these as implicit indications of
congestionUseful on connectionless (datagram) networks
e.g. IP based (TCP includes congestion and flow control)
Congestion SignalingNetwork alerts end systems of increasing
congestionEnd systems take steps to reduce offered loadBackwards
Congestion avoidance in opposite direction to packet required
Forwards Congestion avoidance in same direction as packet
required
Backward NotificationMark packets headed in the opposite
direction of the congestionTell source that packets transmitted on this
logical connection may encounter congestionSource can slow down
Forward notificationMarks packets going in the direction of
congestionTells the destination that these packets
experienced congestionDestination may alert source about
congestionAt network layerAt transport layer
Categories of Explicit SignalingBinary
A bit set in a packet indicates congestion
Credit based Indicates how many packets source may send Common for end to end flow control
Rate based Supply explicit data rate limit e.g. ATM
“Load Shedding”Drop packets when buffers are fullRouter can try to drop intelligently
Dropping older packets is better for multimedia streaming apps
Dropping newer packets is better for data apps (e.g. file transfer).
Receiver may discard out-of-order packets
Random Early DetectDrop packets before buffers are full, so
prevent congestion before it occursSources will react to packet drops and slow
down (e.g. TCP)
Sources may not be doing flow control (voice, video)Feedback is slow, (propagation time much greater
compared to transmission time)Diverse capacity requirements – may get penalized
unfairlyTraffic patterns very different Vastly different QoS requirementsVery high speed network wide fluctuations in reactive
controls
Issues to be addressed in broadband multi-service networks
Controlling SourcesConnection admission control
Based on some traffic descriptors, determine whether this connection can be admitted
Traffic Shaping Make sure the traffic has certain performance
attribute (shape) e.g. not burstyTraffic Policing
Make sure traffic sent by user is according to contract done during connection admission
And one truly last word…
ThAnKs