September 1981 the TCP defined. That was DOD Standards.
TCP is a connection-oriented protocol. TCP connection provides a full-duplex service as communication mode. So that it can send data from sender to receiver and at time receiver to sender. There are four basic communication modes:
Simplex (SX): This is one way direction. For an example: Radio.
Half-Duplex (HDX): Both way direction but not at a time. Example: walkie-talkie.
Full-duplex (FDX): Both way directions at a time. Example: Telephone.
TCP connection is always Point to point. That means data send between one sender and one receiver. Many receivers and one sender are not possible with TCP.
Full/Full duplex (F/FDX): Transmission is possible in both direction at the same time but not between the same two stations. One station is transmitting to a second station and receiving from a third station at the same time.
Our 3rd problem was to make error free data. That’s why we use TCP protocol. TCP takes best part of Stop & Wait, GBN & Selective Repeat protocol.
From Stop& wait protocol we have learned that TCP get Massages along with Source Port number and Destination port number. TCP sender makes it a segment (Header & Data). The header part is-
Source Port address
16 bits
|
Destination Port
address
16 bits
|
|||||||
Then
we know TCP sender calculates data and put the value in checksum field of the
segment header. In UDP checksum is optional but in TCP, it is mandatory. At the
time of calculate the checksum it also follow the rules of UDP.
Source Port address
16 bits
|
Destination Port address
16 bits
|
|||||||
Checksum
16 bits
|
||||||||
Source Port address
16 bits
|
Destination Port address
16 bits
|
|||||||
Sequence Number
16 bits
|
||||||||
Checksum
16 bits
|
||||||||
From Stop & wait protocol we have learned to give an Acknowledgement
number. We put it also in header
Source Port address
16 bits
|
Destination Port address
16 bits
|
||||||||
Sequence Number
16 bits
|
|||||||||
Acknowledgement Number
16-bits
|
|||||||||
Checksum
16 bits
|
|||||||||
Acknowledgement Type:
From Stop & wait protocol we saw the ACK from receiver.
There are two types of ACK.
1. Accumulative Acknowledgement (ACK)
2. Selective Acknowledgement (SACK)
In the past, TCP used only one type of acknowledgement: Accumulative Acknowledgement. Today, some TCP implementations also use Selective Acknowledgements.
From Stop & wait protocol we saw the ACK from receiver.
There are two types of ACK.
1. Accumulative Acknowledgement (ACK)
2. Selective Acknowledgement (SACK)
In the past, TCP used only one type of acknowledgement: Accumulative Acknowledgement. Today, some TCP implementations also use Selective Acknowledgements.
Accumulative Acknowledgement: TCP
originally designed for this ACK. The receiver reports the last consecutive
byte. It does not report the bytes that have arrived out of order. It is also
silent about duplicate segments. This is sometimes referred to as positive
accumulative acknowledgement or ACK. This may have a negative effect on TCP’s
performance. If some packets that have not been acknowledged. The receiver may
receive duplicate packets. The 32-bit ACK field in the TCP header is used its
value is valid only when the ACK flag bit is set to 1.
Source Port address
16 bits
|
Destination Port address
16 bits
|
|||||||
Sequence Number
16 bits
|
||||||||
Acknowledgement Number
16-bits
|
||||||||
ACK
|
Window Size
16 bits
|
|||||||
Checksum
16 bits
|
||||||||
Selective
Acknowledgement (SACK): Many implementations are
adding SACK. Selective acknowledgement allows the sender to have a better idea
of which segments are actually lost and which have arrived out of order. This
includes a list for duplicate packets. The sender can then send only those
segments that are really lost. The list of duplicate segments can help the
sender find the segments, which have been retransmitted by a short time-out.
Though there is no extra field for
SACK, so it implemented that in option
at the end of the TCP header.
TCP follow some rules to prevent any
problem regarding acknowledgement.
Event
|
TCP Receiver action
|
|
in-order segment arrival,
no gaps,
everything else already ACKed
|
Delayed ACK. Wait up to 500ms for next segment. If no next segment,
send ACK
|
When one segment will reach the
receiver waits for 500ms for the next segment. Within this time if no segment
reach. Receiver will send the last segment’s ACK
|
in-order segment arrival,
no gaps,
one delayed ACK pending
|
immediately send single
cumulative ACK
|
There should not be more than
two-in-order unacknowledged segments at any time.
|
out-of-order segment arrival
higher-than-expect seq.
gap detected
|
send duplicate ACK, indication seq of next expected byte
|
This leads to the fast retransmission
of any missing segments.
|
arrival of segment that
partially or completely fills gap
|
immediate ACK if segment starts
at lower end of gap
|
From GBN, we have learned sliding window protocol. TCP also follow this
protocol and keep the value in header.
Source Port address
16 bits
|
Destination Port address
16 bits
|
|||||||
Sequence Number
16 bits
|
||||||||
Acknowledgement Number
16-bits
|
||||||||
ACK
|
Window Size
16 bits
|
|||||||
Checksum
16 bits
|
||||||||
Deadlock created from lost acknowledgement:
When data is full in buffer, receiver sends an acknowledgement with rwind (Receiver window) set to 0 and requests that the sender shut down its window temporarily. After a while, the receiver wants to remove the restriction by sending an ACK segment with a nonzero value for rwnd. The problem is that if the ACK lost but the sender will wait for this ACK. The receiver thinks that the sender has received this and is waiting for data. This situation is called a deadlock. Each end is waiting for a response from another. Retransmission data is not set to prevent this deadlock; a Persistence Timer was designed.
Stop & wait protocol was added Timer. Packet can make delay. If timeout time is small then sender sends again and receiver may get duplicate data. To avoid this TCP timeout is not fixed. It can change after each round trip time.
There are different types of Timer used in TCP.
If sender sends a segment: 1-5 and receiver sends ACK for 6. Senders sends 6-10 and 11-15. But the data (6-10) lost. After a certain time receiver will sends ACK for 6-10 and by this time 11-15 receive at receiver end. Receiver will send ACK for 6-10 again. This is third time ACK for 6-10. So this is waste of time. We don’t want this situation. That’s why if sender gets three ACK for same segments it use Fast Retransmit Algorithm.
In this way our 3rd problem is solved. Now we can send error free data. There are few other facilities TCP provides. We will learn few of these now.
Pushing
Data:
At sender site, application program can request to send data immediately unless
wait for window to be filled. At receiver site, it tells the TCP not to wait for
other data and send it to upper layer. TCP
can handle this data by using PSH field of the segment to push data without
waiting. TCP set the push bit (PSH) in the segment.
Source Port address
16 bits
|
Destination Port address
16 bits
|
|||||||
Sequence Number
16 bits
|
||||||||
Acknowledgement Number
16-bits
|
||||||||
PSH
|
Window Size
16 bits
|
|||||||
Checksum
16 bits
|
||||||||
Urgent Data:
For example, the sending application program is sending data to be
processed by the receiving application program is sending data to be processed
by the receiving application program. When the result of processing comes back,
the sending application program finds that everything is wrong. It wants to
abort the process, but it has already sent a huge amount of data. Now if it use
an abort command (control + C), it will be stored in the end of the receiving
TCP buffer. Receiver TCP will send it to application layer after all the data
has been processed.
That’s why sending application layer tells the sending TCP that the piece of data is urgent. The sending TCP creates a segment and inserts the urgent data at the beginning of the segment and set the URG field of the header. The rest of data will be normal. The Urgent pointer field of the header also set and defines the end of the urgent data and start of the normal data.
At receiver site, TCP receives the segment with the URG bit set, it extracts the urgent data from the segment, using the value of the urgent pointer, and delivers it, out of order, to the receiving application program.
That’s why sending application layer tells the sending TCP that the piece of data is urgent. The sending TCP creates a segment and inserts the urgent data at the beginning of the segment and set the URG field of the header. The rest of data will be normal. The Urgent pointer field of the header also set and defines the end of the urgent data and start of the normal data.
At receiver site, TCP receives the segment with the URG bit set, it extracts the urgent data from the segment, using the value of the urgent pointer, and delivers it, out of order, to the receiving application program.
Source Port address
16 bits
|
Destination Port address
16 bits
|
|||||||
Sequence Number
16 bits
|
||||||||
Acknowledgement Number
16-bits
|
||||||||
URG
|
PSH
|
Window Size
16 bits
|
||||||
Checksum
16 bits
|
Urgent pointer
16 bits
|
|||||||
Connection Management:
TCP sender, receiver establish “connection”
before exchanging data segments. If a process running in one host (Client) wants to connect with another
process in another host (Server). The client application process first informs
the client TCP that it wants to establish a connection to a process in the
server. The TCP in the client then proceeds to establish a TCP connection with
the TCP in the server in the following manner.
Step 1: Client TCP first sends a special TCP segment to the server TCP. This segment contains no
application-layer data. But one of the
flag bits in segment header is SYN bit set
1. For this reason this special segment is known as SYN segment. In addition the client randomly chooses an initial sequence number (client_ISN)
and puts in sequence number field of SYN segment. It chooses the random number
in order to avoid certain security attacks. This segment is encapsulated within
an IP datagram and sends to server. This segment contains no Acknowledgement
number, window size.
Step 2: When SYN segment arrives at server TCP. Server extracts the segment from datagram, allocates the TCP buffers and variables to the connection, and sends a connection granted segment to the client TCP. This granted segment also contains no application layer data, it contains three important informations. (1) SYN bit is set to 1. (2) The acknowledgement field of the TCP segment header increase 1. (3) Server chooses its own initial sequence number in TCP segment header.
Source Port address
16 bits
|
Destination Port address
16 bits
|
|||||||
Sequence Number
16 bits
|
||||||||
Acknowledgement Number
16-bits
|
||||||||
URG
|
PSH
|
SYN
|
Window Size
16 bits
|
|||||
Checksum
16 bits
|
Urgent pointer
16 bits
|
|||||||
Step 2: When SYN segment arrives at server TCP. Server extracts the segment from datagram, allocates the TCP buffers and variables to the connection, and sends a connection granted segment to the client TCP. This granted segment also contains no application layer data, it contains three important informations. (1) SYN bit is set to 1. (2) The acknowledgement field of the TCP segment header increase 1. (3) Server chooses its own initial sequence number in TCP segment header.
This
segment is also referred as a SYNACK
segment.
Source Port address
16 bits
|
Destination Port address
16 bits
|
|||||||
Sequence Number
16 bits
|
||||||||
Acknowledgement Number
16-bits
|
||||||||
URG
|
ACK
|
PSH
|
SYN
|
Window Size
16 bits
|
||||
Checksum
16 bits
|
Urgent pointer
16 bits
|
|||||||
Step3: When client TCP get this SYNACK segment
allocates buffers and variables to the connection, and send another segment
which we can say the ACK of SYNACK. This segment contains – increase server
variable 1 and put in segment header. And SYN bit is set to 0.
Source Port address
16 bits
|
Destination Port address
16 bits
|
|||||||
Sequence Number
16 bits
|
||||||||
Acknowledgement Number
16-bits
|
||||||||
URG
|
ACK
|
PSH
|
SYN
|
Window Size
16 bits
|
||||
Checksum
16 bits
|
Urgent pointer
16 bits
|
|||||||
If this
connection is set then they can start sending data. To establish a connection
three packets are sent between two hosts. This connection establishment
procedure is known as Three-way
Handshake.
Question: Why is three-way
handshake needed? What is the problem if we send only two packets and consider
the connection established? What will be the problem from application's point
of view? Will the packets be delivered to the wrong application?
Problem regarding 2-way
handshake
The only real problem with a
2-way handshake is that duplicate packets from a previous connection (which has
been closed) between the two nodes might still be floating on the network.
After a SYN has been sent to the server, it might receive a duplicate packet of
a previous connection and server can think it as a packet from the current
connection, which would be undesirable.
Again spoofing is another
issue of concern if a two-way handshake is used. Suppose there is a node-C that
sends connection request to B saying that it is A. Now B sends an ACK to A,
which it rejects & asks B to close connection. Between these two events C
can send a lot of packets which will be delivered to the application.
The first two figures show how a three-way handshake deals with problems of duplicate/delayed connection requests and duplicate/delayed connection ACKs in the network. The third figure highlights the problem of spoofing associated with a two-way handshake.
SYN flooding Attack:
Sometimes server can face serious SYN flooding attack. When Fake clients sends a large number of SYN segments to a server pretending that each of them is coming from a different client by faking the source IP addresses in the datagrams. Server thinks that client sends an active open, so allocates the necessary resources, such as TCB table (we will learn it later), and setting timers. Server then sends SYN+ACK segments to the fake clients, which are lost. During this time a lot of resources are occupied without being used. If during the short time, the number of SYN segments is large, the server eventually runs out of resources and may crash.
The SYN flooding attack belongs to a group of security attacks known as a denial of service attack, where attacker monopolizes a system with so many service requests that the system collapses and denies service to every requests.
Some implementations of TCP have strategies to prevent the effect of a SYN attack.
* Some have imposed a limit of connection request during a specified period of time.
* Filter out datagrams coming from unwanted source addresses.
* Recent strategy is to postpone resource allocation until the entire connection is set up using cookie.
SCTP is the new transport-layer protocol that uses this strategy.
Stop Connection:
To close the connection
Step 1: Client TCP sends a special TCP segment. This
segment contains FIN bit set to 1.
Step 2: Server receives FIN,
replies with ACK. Closes connection, sends FIN.
Step 3: Client receives a segment of ACK for FIN and
another segment contains FIN bit set to 1 from server.
Step 4: Clients TCP sends ACK. Server receive and connection closed.
The TCP at one end may deny a connection request, may abort a connection, or may terminate an idle connection.
Source Port address
16 bits
|
Destination Port address
16 bits
|
|||||||
Sequence Number
16 bits
|
||||||||
Acknowledgement Number
16-bits
|
||||||||
URG
|
ACK
|
PSH
|
SYN
|
FIN
|
Window Size
16 bits
|
|||
Checksum
16 bits
|
Urgent pointer
16 bits
|
|||||||
In this
case, TCP send a segment set the RST
(reset) field.
Source Port address
16 bits
|
Destination Port address
16 bits
|
|||||||
Sequence Number
16 bits
|
||||||||
Acknowledgement Number
16-bits
|
||||||||
URG
|
ACK
|
RST
|
PSH
|
SYN
|
FIN
|
Window Size
16 bits
|
||
Checksum
16 bits
|
Urgent pointer
16 bits
|
|||||||
Denying a connection:
Server
TCP can denies the connection because the destination port number in the SYN
segment defines a server that is not in the LISTEN State at the moment. After
receiving the SYN segment, server sends an RST+ACK segments and goes to the
LISTEN state to wait for another connection. The client, after receiving the
RST+ACK, goes to CLOSED State.
Aborting a connection:
A
process can abort a connection. If a process does not wants data in the queue
to be sent. TCP can sends a RST segment to abort the connection. The client
throws away all data in the queue and server TCP also throws away all queued data
and informs the server process via an error message. Bot TCP goes to CLOSED
State.
Segment Header Format:
This is
only the header formats of a segment another part is data.
Source Port address
16 bits
|
Destination Port address
16 bits
|
|||||||
Sequence Number
32 bits
|
||||||||
Acknowledgement Number
32 bits
|
||||||||
Header Length 4 bits
|
Reserved 6 bits
|
URG
|
ACK
|
PSH
|
RST
|
SYN
|
FIN
|
Window Size
16 bits
|
Checksum
16 bits
|
Urgent Pointer
16 bits
|
|||||||
Options and Padding
|
||||||||
Option & Padding use to add extra information if needed
Sometimes Problem Occur due to networking Jam. The number of packets sent to the network is greater than the capacity of the network, the number of packets a network can handle.
Congestion
happens in any system that involves waiting. For example it can happen in
freeway because of abnormal flow, such as during rush hour, creates blockage.
Routers
and switches have queues. For example, a router has an input queue and an
output queue for each interface. When a packet arrives at incoming interface,
it undergoes before departing-
1. The packet is placed at the
end of the input queue while waiting to be checked.
2. The processing module of the router
removes the packet from the input queue once it reaches the front of the queue
and uses its routing table and the destination address to find the route.
3. The packet is put in the
appropriate output queue and waits its turn to be sent.
So it needs to control. TCP can control the congestion. We will learn a little about Congestion Control in TCP
to continue reading click on Next
Click image to go:
to share this page with your friends, select below
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.