19MAM44
DATA COMMUNICATIONS AND
NETWORKING
(UNIT – V)
Prepared by
Dr. Stanly Felix C
Assistant Professor
Department of Computing (MSc Software Systems)
Coimbatore Institute of Technology, India
�Overview of Unit V
HIGHER LAYERS
Transport Layer: Services
User Datagram Protocol: User Datagram – UDP services
Transmission Control Protocol: TCP services – Features – Segment – TCP connection
Management.
Application Layer: DNS – Worldwide Web.
2
� HIGHER LAYERS
Introduction to Transport layer
• The transport layer is located between the application layer and the network layer. It
provides a process-to-process communication between two application layers, one at
the local host and the other at the remote host.
• Communication is provided using a logical connection, which means that the two
application layers, which can be located in different parts of the globe, assume that
there is an imaginary direct connection through which they can send and receive
messages.
Transport-Layer Services
• The first duty of a transport-layer protocol is to provide process-to-process
communication.
• A process is an application-layer entity (running program) that uses the services of the
transport layer.
1. Addressing: Port Numbers
• There are few ways to achieve process-to-process communication, the most common
is through the client-server paradigm.
• A process on the local host, called a client, needs services from a process usually on
the remote host, called a server.
3
� HIGHER LAYERS
• For communication, we must define the local host, local process, remote host, and
remote process.
• The local host and the remote host are defined using IP addresses.
• To define the processes, we need second identifiers, called port numbers. In the
TCP/IP protocol suite, the port numbers are integers between 0 and 65,535 (16 bits).
• The client program defines itself with a port number, called the ephemeral port
number. The word ephemeral means “short-lived” and is used because the life of a
client is normally short.
• The server process must also define itself with a port number. This port number,
however, cannot be chosen randomly. If the computer at the server site runs a server
process and assigns a random number as the port number.
• The process at the client site that wants to access that server and use its services will
not know the port number. Of course, one solution would be to send a special packet
and request the port number of a specific server, but this creates more overhead.
• TCP/IP has decided to use universal port numbers for servers; these are called well-
known port numbers.
4
� HIGHER LAYERS
• For example, while the daytime client process, a well-known client program, can use
an ephemeral (temporary) port number, 52,000, to identify itself, the daytime server
process must use the well-known (permanent) port number 13.
5
�HIGHER LAYERS
6
� HIGHER LAYERS
2. ICANN (Internet Corporation for Assigned Names and Numbers) Ranges
• ICANN has divided the port numbers into three ranges: well-known, registered, and
dynamic (or private).
7
� HIGHER LAYERS
3. Socket Addresses
• A transport-layer protocol in the TCP suite needs both the IP address and the port
number, at each end, to make a connection. The combination of an IP address and a
port number is called a socket address.
• To use the services of the transport layer in the Internet, we need a pair of socket
addresses: the client socket address and the server socket address.
• These four pieces of information are part of the network-layer packet header and the
transport-layer packet header. The first header contains the IP addresses; the second
header contains the port numbers.
8
� HIGHER LAYERS
4. Encapsulation and Decapsulation
Encapsulation at sender site:
• When a process has a message to send, it passes the message to the transport layer
along with a pair of socket addresses and some other pieces of information, which
depend on the transport-layer protocol.
• The transport layer receives the data and adds the transport-layer header. The
packets at the transport layer in the Internet are called user datagrams, segments, or
packets.
Decapsulation at receiver site:
• When the message arrives at the destination transport layer, the header is dropped
and the transport layer delivers the message to the process running at the application
layer.
9
� HIGHER LAYERS
5. Multiplexing and Demultiplexing
• Whenever an entity accepts items from more than one source, this is referred to as
multiplexing (many to one); whenever an entity delivers items to more than one
source, this is referred to as demultiplexing (one to many).
• The transport layer at the source performs multiplexing; the transport layer at the
destination performs demultiplexing.
10
� HIGHER LAYERS
6. Flow Control
• Whenever an entity produces items and another entity consumes them, there should be
a balance between production and consumption rates.
• If the items are produced faster than they can be consumed, the consumer can be
overwhelmed and may need to discard some items.
• If the items are produced more slowly than they can be consumed, the consumer must
wait, and the system becomes less efficient.
- Pushing or Pulling
• Delivery of items from a producer to a consumer can occur in one of two ways
pushing or pulling.
• If the sender delivers items whenever they are produced without a prior request
from the consumer the delivery is referred to as pushing.
• If the producer delivers the items after the consumer has requested them, the
delivery is referred to as pulling.
11
�HIGHER LAYERS
12
�HIGHER LAYERS
13
�HIGHER LAYERS
14
� HIGHER LAYERS
USER DATAGRAM PROTOCOL
• It is a connectionless, unreliable transport protocol used to provide process to process
communication.
• Advantage of udp - very simple protocol using a minimum of overhead.
• If a process wants to send a small message and does not care much about reliability, it
can use UDP. Sending a small message using UDP takes much less interaction between
the sender and receiver than using TCP.
User Datagram
• UDP packets, called user datagrams, have a fixed-size header of 8 bytes made of four
fields, each of 2 bytes (16 bits).
15
�HIGHER LAYERS
16
� HIGHER LAYERS
UDP Services
• Process-to-Process Communication - UDP provides process-to-process communication
using socket addresses, a combination of IP addresses and port numbers.
• Connectionless Services – each user datagram sent by UDP is an independent datagram.
There is no relationship between the different user datagrams even if they are coming
from the same source process and going to the same destination program.
• Unlike TCP, there is no connection establishment and no connection termination.
This means that each user datagram can travel on a different path.
• Flow Control - UDP is a very simple protocol. There is no flow control, and hence no
window mechanism.
• The receiver may overflow with incoming messages. The lack of flow control means
that the process using UDP should provide for this service, if needed.
• Error Control - There is no error control mechanism in UDP except for the checksum.
This means that the sender does not know if a message has been lost or duplicated.
When the receiver detects an error through the checksum, the user datagram is
silently discarded.
• UDP checksum calculation - includes three sections: a pseudo header, the UDP header
and the data coming from the application layer.
17
�HIGHER LAYERS
• The pseudo header is the part of the header of the IP packet in which the user datagram
is to be encapsulated with some fields filled with 0s.
18
�HIGHER LAYERS
TRANSMISSION CONTROL PROTOCOL
• It is a connection-oriented, reliable protocol.
• It explicitly defines connection establishment, data transfer, and connection teardown
phases to provide a connection-oriented service.
• It uses a combination of GBN and SR protocols to provide reliability.
• TCP uses checksum (for error detection), retransmission of lost or corrupted packets,
cumulative and selective acknowledgments, and timers to provide reliability.
TCP Services
1. Process-to-Process Communication
• TCP provides process-to-process communication using port numbers.
2. Stream Delivery Service
• TCP is a stream-oriented protocol. How?
• allows the sending process to deliver data as a stream of bytes and allows the receiving
process to obtain data as a stream of bytes.
19
�HIGHER LAYERS
20
�HIGHER LAYERS
Sending and Receiving Buffers
• The sending and the receiving processes may not necessarily write or read data at the
same rate, TCP needs buffers for storage.
• These buffers are also necessary for flow- and error-control mechanisms used by TCP.
• One way to implement a buffer is to use a circular array of 1-byte locations
• When a byte is read by the receiving process, the chamber is recycled and added to the
pool of empty chambers.
21
�HIGHER LAYERS
TCP Segments
• buffering handles the disparity between the speed of the producing and consuming
processes.
• At the transport layer, TCP groups a number of bytes together into a packet called a
segment.
• TCP adds a header to each segment (for control purposes) and delivers the segment to
the network layer for transmission.
• The segments are encapsulated in an IP datagram and transmitted. This entire operation
is transparent to the receiving process.
22
�HIGHER LAYERS
23
�HIGHER LAYERS
TCP Features
Numbering System
• TCP software keeps track of the segments being transmitted or received, there is no
field for a segment number value in the segment header.
• Instead, there are two fields, called the sequence number and the acknowledgment
number. These two fields refer to a byte number and not a segment number.
• Byte number - When TCP receives bytes of data from a process, TCP stores them in the
sending buffer and numbers them.
• TCP chooses an arbitrary number between 0 and 2^32 − 1 for the number of the first
byte.
• For example, if the number happens to be 1057 and the total data to be sent is 6000
bytes, the bytes are numbered from 1057 to 7056. That byte numbering is used for flow
and error control.
• Sequence Number - After the bytes have been numbered, TCP assigns a sequence
number to each segment that is being sent.
• The sequence number of the first segment is the ISN (initial sequence number), which
is a random number.
• The sequence number of any other segment is the sequence number of the previous
segment plus the number of bytes (real or imaginary) carried by the previous segment.
24
�HIGHER LAYERS
25
�HIGHER LAYERS
• Acknowledgment Number - TCP is full duplex; when a connection is established, both
parties can send and receive data at the same time.
• Each party also uses an acknowledgment number to confirm the bytes it has received.
• Acknowledgment number defines the number of the next byte that the party expects to
receive.
• The acknowledgment number is cumulative, which means that the party takes the
number of the last byte that it has received, safe and sound, adds 1 to it, and announces
this sum as the acknowledgment number.
26
�HIGHER LAYERS
Segment
27
�HIGHER LAYERS
28
�HIGHER LAYERS
29
�HIGHER LAYERS
30
�HIGHER LAYERS
• Checksum. This 16-bit field contains the checksum. The calculation of the checksum for
TCP follows the same procedure as the one described for UDP.
• However, the use of the checksum in the UDP datagram is optional, whereas the use of
the checksum for TCP is mandatory.
32
�HIGHER LAYERS
33
�HIGHER LAYERS
TCP Connection
• It establishes a logical path between the source and destination. All of the segments
belonging to a message are then sent over this logical path.
• TCP uses the services of IP to deliver individual segments to the receiver, but it controls
the connection itself.
• TCP, connection-oriented transmission requires three phases: connection
establishment, data transfer, and connection termination.
• Connection Establishment - TCP transmits data in full-duplex mode. When two TCP
in two machines are connected, they are able to send segments to each other
simultaneously.
• Three-Way Handshaking – For example, an application program, called the client, wants
to make a connection with another application program, called the server, using TCP as
the transport-layer protocol.
• The process starts with the server. The server program tells its TCP that it is ready to
accept a connection. This request is called a passive open.
• The client program issues a request for an active open. A client that wishes to
connect to an open server tells its TCP to connect to a particular server.
34
�HIGHER LAYERS
35
�HIGHER LAYERS
The three steps in this phase are as follows:
36
�HIGHER LAYERS
37
�HIGHER LAYERS
38
�HIGHER LAYERS
SYN Flooding Attack
• The connection establishment procedure in TCP is susceptible to a serious security
problem called SYN flooding attack.
• This happens when one or more malicious attackers send a large number of SYN
segments to a server pretending that each of them is coming from a different client by
faking the source IP addresses in the datagrams.
• The server, assuming that the clients are issuing an active open, allocates the necessary
resources, such as creating transfer control block (TCB) tables and setting timers.
• Due to this, the server eventually runs out of resources and may be unable to accept
connection requests from valid clients.
• This SYN flooding attack belongs to a group of security attacks known as a denial of
service attack, in which an attacker monopolizes a system with so many service
requests that the system overloads and denies service to valid requests.
39
�HIGHER LAYERS
Solution:
1. impose a limit of connection requests during a specified period of time.
2. filter out datagrams coming from unwanted source addresses.
3. postpone resource allocation until the server can verify that the connection request is
coming from a valid IP address, by using what is called a cookie.
2. Data Transfer
• After connection is established, bidirectional data transfer can take place. The client and
server can send data and acknowledgments in both directions.
• Pushing Data - the sending TCP uses a buffer to store the stream of data coming from
the sending application program. The sending TCP can select the segment size.
• The receiving TCP also buffers the data when they arrive and delivers them to the
application program when the application program is ready or when it is convenient for
the receiving TCP.
40
�HIGHER LAYERS
3. Connection Termination
41
�HIGHER LAYERS
43
�HIGHER LAYERS
DOMAIN NAME SYSTEM (DNS)
• Since the Internet is so huge today, a central directory system cannot hold all the
mapping. In addition, if the central computer fails, the whole communication network
will collapse. A better solution is to distribute the information among many computers
in the world. In this method, the host that needs mapping can contact the closest
computer holding the needed information. This method is used by the Domain Name
System (DNS).
44
�HIGHER LAYERS
• The following six steps map the host name to an IP address:
Name Space
• A name space that maps each address to a unique name can be organized in two ways:
flat or hierarchical.
• In a flat name space, a name is assigned to an address. A name in this space is a
sequence of characters without structure. The names may or may not have a common
section; if they do, it has no meaning.
• The main disadvantage of a flat name space is that it cannot be used in a large system
such as the Internet because it must be centrally controlled to avoid ambiguity and
duplication. 45
�HIGHER LAYERS
• In a hierarchical name space, each name is made of several parts. The first part can
define the nature of the organization, the second part can define the name of an
organization, the third part can define departments in the organization.
Domain Name Space
• To have a hierarchical name space, a domain name space was designed. In this design
the names are defined in an inverted-tree structure with the root at the top.
• The tree can have only 128 levels: level 0 (root) to level 127
46
�HIGHER LAYERS
47
�HIGHER LAYERS
48
�HIGHER LAYERS
49
�HIGHER LAYERS
• DNS in the Internet
Generic Domains
The generic domains define registered hosts according to their generic behavior. Each
node in the tree defines a domain, which is an index to the domain name space database.
50
�HIGHER LAYERS
51
�HIGHER LAYERS
Resolution
52
�HIGHER LAYERS
53
�HIGHER LAYERS
54
�HIGHER LAYERS
Caching
55
�HIGHER LAYERS
Resource Records
56
�HIGHER LAYERS
DNS Messages
57
�HIGHER LAYERS
Registrars
58
�HIGHER LAYERS
Security of DNS
59
�HIGHER LAYERS
World Wide Web
60
�HIGHER LAYERS
61
�HIGHER LAYERS
62
�HIGHER LAYERS
63
�HIGHER LAYERS
64
