Internet Transport Protocols
1. Explain the duties of transport layer.
Ans: The transport layer ensures process-to-process delivery of message. As multiple processes may be running at the same time on the communicating hosts, it is the duty of the transport layer to communicate message from a specific process on sending host to the desired process on the receiving host. It also ensures that the receiving process receives the whole segment in the exact order as it was sent by the sending process. Some other responsibilities of transport layer are as follows:
Segmentation and Reassembly: A message is divided into segments by the transport layer with each segment being given a sequence number. These sequence numbers enable the destination transport layer to reassemble the segments in exact order as they were sent by the sender and thus, help in identifying the segments that have been lost during the transmission.
Addressing: As many processes may be running on the communicating hosts at the same time, it is necessary to identify the desired process out of many processes. For this, the transport layer header must include a service point address (port address) in each segment.
Connection Control: The transport layer provides both connection-oriented and connectionless services. In connection-oriented service, a connection must be established first between two communicating processes before transmitting any segments. After transmitting the whole data, the connection is released. On the other hand, in connectionless service, no such connection is established and each segment takes different route to reach destination process.
Flow Control: The transport layer is responsible for controlling the flow of data such that no sending process should send segments at a rate faster than the receiving process can process. The transport layer provides end-to-end flow control rather than across a single channel as provided by the data link layer.
Error Control: The transport layer functions in such a way that the receiving process not only can detect the errors but also can determine the location of errors in the segment. The transport layer provides process-to-process error control rather than across a single link as provided by the data link layer.
2. In OSI model, both data link layer and transport layer are involved in error control. Why same activity twice? Justify.
Ans: Both data link layer and transport layer provide error control, but where the transport layer provides end-to-end error control and the data link control provides error control across a single link. The data link layer makes the physical link reliable by adding the mechanism for detecting the errors and retransmitting frames in case of lost and damaged frames. On the other hand, the transport layer ensures that the entire message is delivered to the receiving process without any error and in the same order as sent by the sending process. Retransmission is used in the transport layer to perform error correction.
3. Why do we need port addresses?
Ans: Usually, a machine provides a variety of services such as electronic mail, TELNET and FTP. To differentiate among these services, each service is assigned with a unique port number. To avail some specific service on a machine, first it is required to connect to machine and then connect to the port assigned for that service. The port numbers less than 1,024 are considered well-known and are reserved for standard services. For example, the port number used for TELNET is 23.
4. What is socket address? Explain socket addressing.
Ans: In transport layer, two processes communicate with each other via sockets. A socket acts as an end-point of the communication path between the processes. To ensure the process-to-process delivery, the transport layer needs the IP address and the port number at each communicating end. The IP address is used to identify the machine on the network and the port number is used to identify the specific process on that machine. The IP address and port address together define the socket address.
To enable the communication, each of the communicating processes (client and server) creates its own socket and these sockets are to be connected. The client socket address uniquely identifies the client process while the server socket address uniquely identifies the server process.
The server listens to a socket bound to a specific port for a client to make connection request. Whenever a client process requests for a connection, it is assigned a port number (greater than 1,024) by the host computer (say, M). Using this port number and the IP address of host M, the client socket is created. For example, if the client on host M having IP address (184.108.40.206) wants to connect to TELNET server (listening to port number 23) having IP address (220.127.116.11), it may be assigned a port number 1,345. Thus, the client socket and server socket used for the communication will be (18.104.22.168:1345) and (22.214.171.124:23), respectively as shown in Figure 12.1.
Each connection between client and server employs a unique pair of sockets. That is, if another client on host M wants to connect to TELNET server, it must be assigned a port number different from 1,345 (but greater than 1,024).
5. Write a short note on Berkeley sockets.
Ans: The transport layer offers certain operations called transport service primitives that enable the application programmes to use the transport services. Each transport service has its own access primitives. The set of transport service primitives used in Berkeley UNIX for transmission control protocol (TCP) are referred to as socket primitives. These socket primitives are commonly used for Internet programming and also provide more flexibility. Various socket primitives used in Berkeley UNIX for TCP are described as follows:
SOCKET: This primitive is used to create a new communication end point. It also allocates table space to the end point within the transport entity. This primitive is executed both by the client and by the server.
BIND: This primitive is used to assign network addresses to newly created sockets. After the addresses have been attached with sockets, the remote systems can connect to them. This primitive is executed only at the server side and always after the SOCKET primitive. At the client side, there is no need to execute BIND primitive after the SOCKET primitive. This is because the server has nothing to do with the address used by the client.
LISTEN: This primitive is used to indicate the willingness of a server to accept the incoming connection requests. If a number of clients attempt to make a connection with the server, it allocates space to queue up all the incoming requests. This primitive is executed only at the server side and always after the BIND primitive.
ACCEPT: This primitive is used to make some incoming connection wait as long as a connection request does not arrive. This primitive is executed only at the server side and always after the LISTEN primitive.
CONNECT: This primitive is executed by the client to attempt to establish a connection with the server. As the client executes the CONNECT primitive, it gets blocked. It remains blocked until it receives a transport packet data unit (TPDU) from the server, which indicates the completion of CONNECT primitive. Then, the client gets unblocked and a full-duplex connection is established between the client and the server.
SEND: This primitive is used to send data over the full-duplex connection. Both client and server can execute this primitive.
RECEIVE: This primitive is used to receive data from the full-duplex connection. Both client and server can execute this primitive.
CLOSE: This primitive is used to release the connection between the client and the server. The connection is terminated only after both the communicating parties have executed the CLOSE primitive.
6. Explain various schemes used by the transport layer to find the transport service access point (TSAP) at a server.
Ans: Whenever an application process (client) wishes to establish a connection with some application process running on the remote system (server), it needs to specify which one to connect to. For this, the transport layer specifies transport addresses to which the process can listen for connection requests. In transport layer, these end points are termed as TSAP. Both client and server processes get attached to a TSAP for establishing a connection with remote TSAP. However, now the problem arises, how the client knows which TSAP a specific process on the server is listening to? To identify this, some scheme is needed.
One such scheme is the initial connection protocol scheme. In this scheme, not all the server processes are required to listen to well-known TSAPs; rather, each machine that wants to serve to remote users has a proxy server called process server. The process server can listen to a number of ports simultaneously. When a CONNECT request from a user specifying the TSAP address of a specific server process arrives, it gets connected to the process server in case no server process is waiting for it. After the desired server process gets available, the process server creates the requested server which then inherits the existing connection with the user. This way, the user gets connected to the desired server process. The newly created server then performs the requested job while the process server gets back to listening to ports. Though this scheme seems fine, it cannot be used for servers that cannot be created when required. To overcome this limitation, another scheme is used.
In the alternative scheme, there exists a process known as a name server or a directory server which listens to a well-known TSAP. The name server contains an internal database in which all the service names along with their TSAP addresses are stored. This scheme requires every newly created service to register itself with the name server. When a client needs to find the TSAP address corresponding to a service, it establishes a connection with the name server. After the connection has been established, the client sends a message including the requested service name to the name server. The name server searches through its database and sends the requested TSAP address back to the client. After receiving the TSAP address by the client, the connection between client and name server is released and a new connection is established between the client and the service requested by it.
7. What is meant by upward and downward multiplexings?
Ans: Multiplexing is a technique that allows the simultaneous transmission of multiple signals across a single data link. In transport layer, we may need multiplexing in the following two ways, which are as follows:
Upward Multiplexing: When there is only one network address available on a host, then all the transport connections on that host use the same network connection. Whenever a TPDU is received, some means is required to indicate which process is to give the TPDU. This situation is known as upward multiplexing.
Downward Multiplexing: The subnet uses virtual circuits with each virtual circuit having a fixed data rate. Now, if a user needs higher bandwidth than that of a single virtual circuit to transport the data, then the traffic from a single transport connection can be multiplexed to multiple network connections (virtual circuits) thereby increasing the bandwidth. This is what is called downward multiplexing.
8. Explain in detail user datagram protocol (UDP). Also list its uses.
Ans: UDP is a connectionless and unreliable transport protocol that offers process-to-process delivery with limited error checking. By connectionless, we mean that the segments are sent to the destination host without any prior establishment of the connection between communicating hosts. By unreliable, we mean that UDP does not perform error and flow control and thus, does not guarantee about the proper delivery of segments at the destination. As segments in UDP are not numbered, there is no means to identify the frames that have lost during the transmission.
Though UDP is considered powerless due to unreliable transport, it is a simple protocol that incurs a minimal overhead. It is generally used by a process that has only a small message to send and is not much concerned about the reliability. The applications such as speech and video for which instant delivery is more important than accurate delivery, prefer to adopt UDP for transport.
The UDP packets, known as user datagrams, have a fixed-sized header of eight bytes, which is followed by the data. The header of UDP packet contains four fields of 16 bits each as shown in Figure 12.2.
The description of various fields of a UDP packet header is as follows:
|13||Daytime||Returns the date and the time|
|53||Name server||Domain name service|
|111||RPC||Remote procedure call|
|123||NTP||Network time protocol|
Source Port Number: It is a 16-bit long field that defines the process running on the source host. If the UDP packet is being sent from the client, that is, if the source host is client, then the source port number will be chosen randomly by the UDP software running on the client. However, if the UDP packet is sent by the server, the source port number will be a well-known port used with UDP. Some of the well-known ports used with UDP are listed in Table 12.1.
Destination Port Number: It is a 16-bit long field that defines the process running on the destination host. If the destination host is the client, the destination port number will be an ephemeral port number. However, if the destination host is the server, the destination port number will be a well-known port used with UDP.
Total Length: It is a 16-bit long field that specifies the total length of the UDP packet including header as well as data. The size of this field can range from 0 to 65,535 (that is, 216-1) bytes but the size of UDP packet must be much less, as it is to be encapsulated in an IP datagram having a total length of 65,535 bytes.
Checksum: It is a 16-bit long field that is used for error detection over both the header and the data.
Uses of UDP
It is suitable for multicasting.
It is used for management processes such as SNMP.
It is used for the route updating protocols such as routing information protocol (RIP).
9. What is transmission control protocol (TCP)? What are the services provided by it?
Ans: TCP is a connection-oriented and reliable transport layer protocol. By connection-oriented, we mean that a virtual connection must be established between the sending and the receiving processes before any data can be transferred. Whenever a process on source host wishes to communicate with a specific process on destination host, first a virtual connection is established between the TCPs of the sending and receiving processes. Then, the data can be transferred in both directions. After the completion of data transfer, the connection is released. TCP accepts a stream of bytes from the upper layer and divides it into a sequence of segments which are then sent to the destination. By reliable, we mean that TCP provides error and flow control and thus, ensures the delivery of segments to the destination. Each segment sent from the source needs to be acknowledged by the receiver on its receipt.
TCP provides a variety of services to the processes at the application layer. Some of these services are described as follows:
|9||Discard||Discards any datagram that is received|
|13||Daytime||Returns the date and the time|
|19||Charg en||Returns a string of characters|
|23||SMTP||Simple mail transfer protocol|
Process-to-Process Communication: Like UDP, TCP is also a process-to-process protocol that connects a process on a source host to a specific process on the destination host using the port numbers. Some of the well-known ports used with TCP are listed in Table 12.2.
Stream Delivery Service: TCP is a byte-oriented protocol that allows the sending process to send the stream of bytes and the receiving process to receive the stream of bytes. Since the speed of sending and receiving processes may differ, buffers need to be maintained at both ends to store the bytes. The buffer at the sender's end is divided into three sections: empty slots to hold the bytes produced by the sending process, slots containing bytes that have been sent but not yet acknowledged and the slots containing bytes that are to be sent. On the other hand, the buffer at the receiver's end is divided into two sections: empty slots to hold the bytes received from the sending process and the slots containing bytes that are to be read by the receiving process.
Segments: The communication between sending and receiving TCPs takes places through the IP layer, which supports data in packets rather than a stream of bytes. Therefore, before sending the bytes (stored in the sending buffer), the sending TCP groups multiple bytes together into a packet called segment; different segments may or may not contain equal number of bytes. TCP header is attached with each segment and then the segment is delivered to IP layer. The IP layer encapsulates the segment into IP datagram and sends the IP datagrams. The IP layer at the receiving machine processes the header of IP datagrams and passes the segments to the receiving TCP. The receiving TCP stores the bytes of segments in the receiving buffer.
Full-Duplex Communication: TCP provides full-duplex connection, that is, both the sender and the receiver processes can simultaneously transmit and receive the data.
Reliable Service: TCP provides a reliable service, that is, every received byte of data is acknowledged to the sending process. This helps in detecting the lost data. To ensure reliability, TCP uses byte number, sequence number and acknowledgement number.
- Byte Number: Each of the bytes that are transmitted in a connection is numbered by TCP. The numbering does not start necessarily with zero. As TCP receives the first byte from the sending process, it chooses a random number between 0 and 232 -1 and assigns that number to the first byte. The subsequent bytes are numbered accordingly. For example, if the first byte is numbered as 330 and total 1,000 bytes are to be transmitted, then byte numbers will be from 330 to 1,330.
- Sequence Number: After numbering the individual bytes, the groups of bytes, that is, segments are numbered. Each segment is assigned a sequence number by TCP, which is same as the number of first byte carried by that segment.
- Acknowledgement Number: The communicating parties send acknowledgement to each other to confirm the receipt of bytes. TCP numbers acknowledgement and the acknowledgement number indicate the number of byte expected to be received next. Moreover, the acknowledgement number is cumulative. For example, if one of the communicating devices sends an acknowledgement number 540 to the other, then it means that the bytes from the beginning up to 539 have been received and the byte number 540 is expected to be received next.
Flow Control: TCP implements a byte-oriented flow control mechanism to prevent the receiving TCP from being overloaded with data from the sending TCP.
Error Control: To ensure reliability, byte-oriented error control mechanism is implemented by TCP.
10. Give the segment format of TCP.
Ans: TCP allows exchange of data in the form of segments, where each segment consists of header and data. The size of segment header varies from 20 to 60 bytes, depending on whether or not the header contains Options field. If the header does not contain Options field, then it is of 20 bytes else it can be up to 60 bytes. Figure 12.3 shows the format of a TCP segment header.
The TCP segment header comprises various fields, which are described as follows:
Source Port Address: It is a 16-bit long field that defines the port number of the application programme running on the source host.
Destination Port Address: It is a 16-bit long field that defines the port number of the application programme running on the destination host.
Sequence Number: It is a 32-bit long field that indicates to the receiving process the number of first byte contained in the received segment. While the connection is established, both the communicating processes make use of random number generator to generate the initial sequence number (ISN), which is different in each direction.
Acknowledgement Number: It is a 32-bit long field that defines the byte number the receiving process is expecting to receive from the sending process. If the sending process sends the byte number x to the receiver, then the receiving process adds one to that byte number to create an acknowledgement number that is, x+1. The acknowledgement number x+1 means that the receiving process has successfully received all bytes up to x and now, it is expecting to receive byte number x+1 .
HLEN: It is a 4-bit long field that defines the length of segment header in terms of 32-bit words. This field can take value between 5 (for 20-byte header) and 15 (for 60-byte header).
Reserved: It is a 6-bit long field which has been kept reserved for the future use.
Control: It is a 6-bit long field consisting of six flags each of one bit. These flag bits help in flow control, establishment of connection, termination of connection and the mode of transferring data in TCP. The description of flag bits are as follows:
- URG: This bit is set to 1 if the Urgent pointer field is in use else it is set to 0.
- ACK: This bit is set to 1 to indicate the valid acknowledgement number. If ACK bit is set to 0, then it indicates that the segment does not carry the acknowledgement and thus, the Acknowledgement number field is ignored.
- PSH: This bit indicates the pushed data. The receiver is asked to deliver the data to the application immediately as it arrives and not buffer the data until a full buffer has been received.
- RST: This bit is used to reset the data connection in case the connection has been distorted. It also rejects an invalid segment and denies making another connection.
- SYN: This bit is used to synchronize the sequence numbers during the connection establishment. If the piggyback Acknowledgement number field is not in use, then SYN bit is set to 1 and ACK bit is set to 0. If the connection uses an acknowledgement, then SYN bit is set to 1 and ACK bit is also set to 1.
- FIN: This bit is used to terminate the connection. If this bit is set to 1, then it means the sending process has transmitted all data and has no more data to transmit.
Window Size: It is a 16-bit long field that describes the size of the window (in bytes) the receiving process should maintain. The maximum size of window is 65,535 bytes. This value is regulated by the receiver and is usually known as the receiving window.
Checksum: It is a16-bit long field that is used to detect the errors. The checksum in TCP is necessary, unlike UDP. The same psuedoheader as that of UDP is added to the segment and for the TCP psuedoheader, the value of Protocol field is set to 6.
Urgent Pointer: It is a 16-bit long field which is used only when segment contains the urgent data.
Options: This field is up to 40 bytes that is used to contain additional or optional information in the TCP header.
11. Describe three phases of connection-oriented transmission in TCP.
Ans: The connection-oriented transmission in TCP needs three phases, which are described as follows:
Connection Establishment: This is the first phase of connection-oriented transmission in TCP. In this phase, the TCPs in the machines that wish to communicate need to be first connected. Each of the communicating parties must initialize communication and take permission from the other party before transferring any data. In TCP, connection is established using three-way handshaking (discussed in Q12).
Data Transfer: After the TCPs of the communicating machines are connected, the data transfer phase begins. In this phase, both the parties can send segments to each other at the same time as the connection established between TCPs is full-duplex. After receiving a segment, the receiving party is also required to send an acknowledgement number to the sending party to confirm the receipt of segment. An acknowledgement from either side (client to server or server to client) can also be piggybacked on the segment (containing data) that is travelling in the same direction. That is, a single segment may contain both data and acknowledgement.
Connection Termination: This is the last phase of connection-oriented transmission that commences after the data have been transferred. Though either of the communicating parties can close the connection, generally the client initiates the connection close command. In TCP, connection is terminated using three-way handshaking mechanism (discussed in Q14).
12. Explain how connection is established in TCP using three-way handshaking mechanism.
Ans: TCP is a connection-oriented protocol that allows full-duplex transmission. In TCP, the connection is established using three-way handshaking mechanism.
The server starts the mechanism. The server process informs its TCP that it is ready to accept an incoming connection by executing the LISTEN and ACCEPT primitives. This is called a request for a passive open. The client process then sends the request for an active open to its TCP by executing the CONNECT primitive. This primitive specifies the IP address and port number that the TCP on client could identify the specific server process to which the client process wants to connect. Now, TCP starts the three-way handshaking process, which involves the following steps (Figure 12.4).
- The client sends a TCP segment with SYN bit set to 1 and ACK bit set to 0. This SYN segment is used for synchronization of sequence numbers between client and server. The SYN segment does not actually contain any data; however, it consumes one byte space and is assigned a sequence number (say, m), so that it can be acknowledged unambiguously.
- If the server accepts the connection, it sends a TCP segment with both SYN and ACK bits set to 1. This SYN+ACK segment serves the purpose of acknowledgement to the SYN segment sent by the client and does not carry any data. It also consumes a sequence number (say, n) and the acknowledgement number of this segment is set to sequence number of SYN segment plus one (that is, m+1).
- The client sends a TCP segment with ACK bit set to 1 and a valid Acknowledgement number. This ACK segment does not carry any data; it just confirms the receipt of SYN+ACK segment from the server. The sequence number of ACK segment is same as that of the first segment (SYN segment) sent by the client while the acknowledgement number is set to sequence number of (SYN+ACK) segment plus one (that is, n+1).
13. Write a short note on SYN flooding attack.
Ans: The SYN flooding attack is a type of security attack that can occur during the connection establishment process in TCP. In this attack, an attacker sends a large number of SYN segments to the server with each segment carrying a fake source IP address. As the server believes that an active open request is being issued from different clients, it allocates the required resources to each client. It then sends SYN + ACK segment to each fake client, which are lost. This results in a lot of server resources allocated but not used. Now, during this time, if more requests arrive to server, then it is quite possible that the server may not have enough resources to grant their requests and thus, server may crash.
To handle SYN flooding attacks, some strategies have been imposed by TCP. First, the number of requests during a specified period of time can be limited. Second, filtering strategy can be implemented in which datagrams are filtered out if they arrive from unwanted source addresses. Third, some other transport layer protocols such as SCTP have adopted a new strategy called cookie in which the allocation of resources to clients is delayed until the entire connection has been set up.
14. Discuss three-way handshaking mechanism for connection termination in TCP.
Ans: The connection termination in TCP is easier than the connection establishment. After the communicating processes have finished with exchanging data, any one of them can terminate the connection. In TCP, the connection is terminated with the help of three-way handshaking mechanism which involves the following steps (Figure 12.5).
- The client TCP initiates the termination process by sending a TCP segment with FIN bit set to 1 to the server. This FIN segment may also include the last chunk of data byte that needs to be sent to the server process. If the FIN segment does not contain any data, then it consumes only one sequence number (say, m). The FIN segment may also contain a valid acknowledgement number (say, n) to confirm the receipt of the latest bytes from the server.
- On receiving the FIN segment, the server TCP sends the FIN+ACK segment to the client. This segment indicates the receipt of FIN segment by the server as well as closing of connection from the server side. This segment may also include last chunk of data byte to be sent by the server. However, if it does not contain data, it is assigned only one sequence number which is same as the acknowledgement number of FIN segment (that is, n). The acknowledgement number of this segment is equal to the sequence number of FIN segment plus one (that is, m+1).
- The client TCP sends the last segment, an ACK segment, to acknowledge the FIN+ACK segment from the server TCP. This segment does not carry any data and thus, takes no new sequence number. The sequence number of this segment is same as that of first FIN segment sent by the client (that is, m). It includes an acknowledgement number equal to sequence number received in FIN+ACK segment plus one (that is, n+1).
15. Compare UDP with TCP.
Ans: Both UDP and TCP are transport layer protocols that provide process-to-process delivery of packets. Some differences between UDP and TCP are listed in Table 12.3.
16. What is meant by remote procedure call (RPC)? Explain its mechanism.
Ans: RPC, as the name implies, is a communication mechanism that allows a process to call a procedure on a remote system connected via network. It was introduced by Birrell and Nelson in 1984. This method is implemented to allow programmes to call procedures located on remote host. The calling process (client) can call the procedure on the remote host (server) in the same way as it would call the local procedure. The syntax of RPC call is very similar to conventional procedure call as given below:
Call <Procedure_id>(<List of parameters>);
The RPC system facilitates the communication between client and server by providing a stub on both client and server. For each remote procedure, the RPC system provides a separate stub on the client side. When the client process wants to invoke a remote procedure, the RPC call is implemented in the following steps.
- The RPC system invokes the stub for the remote procedure on the client, passing to it the parameters that are to be passed further to the remote procedure. The client process is suspended from execution until completion of the call.
- The client stub performs parameter marshalling, which involves packaging the parameters into a machine-independent form, so that they can be transmitted over the network. It now prepares a message containing the identifier of the procedure to be executed and the marshalled parameters.
- The client stub sends the message to the server. After the message has been sent, the client stub blocks until it gets reply to its message.
- The corresponding stub on the server side receives the message and converts the parameters into a machine-specific form suitable for the server.
- The server stub invokes the desired procedure, passing parameters to it. The server stub is suspended from execution until completion of the call.
- The procedure executes and the results are returned to the server stub.
- The server stub converts the results into a machine-independent form and prepares a message.
- The server stub sends the message containing the results to the client stub.
- The client stub converts the results into machine-specific form suitable for client.
- The client stub forwards the results to the client process. With this, the execution of RPC is completed, and now, the client process can continue its execution.
Figure 12.6 depicts all the steps involved in execution of RPC.
Multiple Choice Questions
- The main function of transport layer is:
(a) Node-to-node delivery
(b) Process-to-process delivery
(d) Source-to-destination delivery.
- IP is responsible for__________communication while TCP is responsible for__________communication.
(a) Process-to-process, Host-to-host
(b) Node-to-node, Process-to-process
(c) Node-to-node, Host-to-host
(d) Host-to-host, Process-to-process
- Which of the following is true for UDP?
(a) It is connection oriented.
(b) It provides flow control.
(c) It offers reliable service.
(d) It performs error control.
- TCP exchanges data in the form of:
- In TCP, control field consists of:
(a) Six flags
(b) Three flags
(c) Five flags
(d) Seven flags
- In TCP, the connection establishment uses:
(a) FIN and SYN bits
(b) SYN and ACK bits
(c) PSH and URG bits
(d) None of these
- During connection establishment in TCP, the mode of data transmission is:
(d) None of these