1

CS 3640: Introduction to

Networks and Their Applications

Fall 2018, Lecture 13: The Transport Layer I(Credit: Christo Wilson @ NEU)

Instructor: Rishab NithyanandTeaching Assistant: Md. Kowsar Hossain

2

You should…

• Be ready to submit assignment 2. Due today before midnight.

• Late policy applies.

• Asking for help on Piazza • Give me enough information to help you!

• Read the assignment hints and links before asking for help!

• Assignment 3: Start early!

• Know and understand:

• The three Internet design principles and components of the Internet.

• Circuit- vs. packet- switched networks.

• Components of end-to-end delay.

• The link layer: error detection, MAC, local addressing/routing.

• The network layer: addressing, fragmentation, IPv4 vs. IPv6, ASes

• Intradomain routing: link state vs. distance vector

3

Recap: Interdomain routing

• The Internet is divided into Autonomous Systems (ASes).• There are about 50K of these. They implement their own rules and

technologies within.

• What are the general types of routing algorithms on the

Internet (in terms of scale)? • Within a LAN

• Within an AS (intradomain)

• Between ASes (interdomain)

• What are the main goals of an interdomain routing protocol?• Scaling to O(10K) domains, each with their own internal

protocols/preferences. Allowing implementation of these preferences.

• Path stability and ability to route around failures. • Why is this really important?

4

Recap: Interdomain routing

• What kind of relationships exist between ASes?• Customer-provider: Customer pays provider for ability to send traffic through

providers routes.

• Peer-peer: Peers agree to route traffic through each others routes (but not

routes of other peers or providers).

• What type of protocol is BGP (link state/distance vector/ path

vector)? How does it work?• BGP is a path vector protocol. Same as distance vector, except it also

communicates actual AS-level paths. Why?• Knowing paths allows an AS to implement routing policies.

• What does BGP completely ignore? What are the implications?• Security. There is nothing to stop someone from advertising fake routes and

dropping traffic. Its one of the ways that censorship is implemented!

5

This week in class

1.Transport layer functionality: UDP and TCP

2. 3.TCP state and connections

TCP flow and congestion control

6

The Transport Layer

• Which devices on the Internet need to implement transport

layer protocols?

• Universal function: Demultiplexing of data streams. • Your end-host is running dozens of Internet-connected applications through a

small number (usually 1) of interfaces. The transport layer makes sure that

each of them gets the data addressed to them.

• Discuss: How do we implement this in the real world analogy of mail?

How can we apply that approach to the transport layer?• Applications listen on specific ports (HTTP: 80, HTTPS: 443). The transport layer

takes packets from the network layer and makes sure it reaches the right

application (by looking at the destination port).

7

The Transport Layer: Demultiplexing traffic

Endpoints identified by <src_ip, src_port, dest_ip, dest_port>

Network

Transport

Application

P1 P2 P3 P4 P6 P7P5

Host 1 Host 2 Host 3

Unique port for each

application

Applications share the same

network

Server applications communicate with

multiple clients

8

The Transport Layer

• Discuss: What other functionality can we throw into this layer?

Do we need to care about the end-to-end principle?

• Optional function: Reliability. • Enabling reliable, in-order packet delivery.

• Making sure packets sent to applications are error-free.

• Optional function: Flow control.• Making sure that applications are not overwhelming the receivers.

• Optional function: Congestion control.• Making sure that applications are not overwhelming the network.

9

User Datagram Protocol (UDP)

• No frills transport layer protocol. Functions: Demultiplexing +

error checking.• No reliability. No congestion control.

• Port numbers enable demultiplexing.• UDP header: 16 bit port numbers (65355 possible ports).

• Error checking enabled with a checksum.• UDP header: 16 bit checksum field.

• Only detects corrupted packets.

• Does not detect dropped, duplicated, or out-of-order packets.

10

User Datagram Protocol (UDP)

• Surprisingly, UDP came after TCP (reliable protocol).

• Discuss: Why did we decide we needed UDP?• Not all applications need reliability.

• If applications need something not implemented in UDP, they can just

implement it in the application layer.

• Examples: • Real-time Media Protocol (RTMP): A voice and video application layer protocol

that uses UDP.

• QUIC: An application layer protocol developed by Google to improve

performance by transporting HTTP data over UDP.

11

This week in class

1.Transport layer functionality: UDP and TCP

2. 3.TCP state and connections

TCP flow and congestion control

12

Transmission Control Protocol (TCP)

• Functions: Demultiplexing + error checking + reliability +

congestion control.• TCP provides reliable & in-order byte streams between end-hosts.

• TCP is bidirectional! Both hosts can send data to each other.

• TCP cares.• About not overwhelming the network.

• About not overwhelming the receiver.

13

TCP: Connection setup

• Before data can be sent via TCP, a “handshake” needs to occur

between the end-hosts. • Discuss: Why cant we just start sending data via TCP?

• The handshake establishes a shared “start state” on both hosts.

• This state helps figure out if packets are delivered reliably and in order.

• Discuss: What is the minimum shared information needed by the hosts?• Number of bytes that have been sent and received on this TCP connection.

• This is done by using the “sequence number” and “acknowledgement number”

TCP header fields.

• The handshake establishes a random sequence number for each connection.

• Packets from a previous TCP connection with the same application on the same

host may still be in flight. Randomness avoids collisions.

14

TCP: Connection setup

• No data is sent in the connection setup. Just packets with the appropriate flags. Each side:

• Notifies the other of starting sequence number

• ACKs the other side’s starting sequence number (+1)

• ACK numbers indicate the next byte it is expecting.

• Discuss: How can you implement a denial of service attack?

Client Server

Important TCP flags (1 bit each)

SYN – synchronization, used for connection setup

ACK – acknowledge received data

FIN – finish, used to tear down connection

TCP: Connection setup security issues

• How can you implement a denial of service attack?

• SYN flooding: Send millions of “SYN” packets. Don’t bother to reply.

• Server allocates resources for each connection it gets a “SYN” for.

• Exploits an asymmetry in effort. Server does more work than client.

• Solution: “SYN cookies”

• Create a server sequence number that is a function of the client sequence number.

• Send SYN/ACK. Do not allocate resources. Forget about the packet.

• When client sends an ACK, reconstruct allocated server sequence number from client ACK.

Client Server

TCP: Bidirectional communication

• Each side of the connection can send and receive data from the other.

• Remember: The client and server have different starting sequence numbers.

Client ServerSeq. Ack. Seq. Ack.

1 23

23 1461

1461 753

753 2921Data and ACK in the same packet

23 1

17

TCP: Connection teardown

• TCP is polite. One host informs the other that it is done talking.• Sets the “FIN” flag in the last packet.

• Discuss: Why do we need to tell the other side that we’re done?• Let the other side deallocate resources dedicated to us.

• Discuss: Who should initiate the connection teardown? How should the

other side respond?• Either side can initiate the teardown.

• The other side can keep sending data until they’re done (send their own “FIN” flag).

• Unless one host issues a “shutdown” command. Then they’ve deallocated their

own resources and cannot listen anymore.

• Connection is dead only if both are done talking or a shutdown is issued. Half or

fully open otherwise.

18

TCP: Connection teardown

Client Server

• The FIN is acknowledged

to make sure it is not

retransmitted.

19

This week in class

1.Transport layer functionality: UDP and TCP

2. 3.TCP state and connections

TCP flow and congestion control

20

TCP: Flow control

• TCP is polite. It doesn’t want to overwhelm the receiver.• Discuss: How can two hosts make sure they don’t send too much data to

each other?• They tell each other how much data their buffers can handle.

• Discuss: When should they communicate their buffer sizes? Connection

setup? Data transfer phase? Why?• It has to be done in the data transfer phase. Buffer sizes can keep changing! TCP is

at the end-host. Buffer size for this connection depends on the number of other

parallel connections to other hosts!

• They use the “advertised window” field of the TCP header to indicate number of

bytes they can currently handle.• Advertised window can be 0!

• The receiver will not bother to ACK until “advertised window” bytes have been

received. The sender will not send any data until the ACK is received. The receiver

can update the “advertised window” in the ACK. This is called the “sliding

window protocol”.

21

TCP: Flow control

The sender side

Sequence Number

Src. Port

Acknowledgement Number

Adv. Window

Urgent Pointer

Flags

Checksum

HL

Packet Sent

Dest. PortSrc. Port

Acknowledgement Number

Adv. Window

Urgent Pointer

Flags

Checksum

HL

Packet Received

Dest. Port

Sequence Number

ACKed Sent To Be Sent Outside Window

Window

App WriteMust be buffered

until ACKed

22

TCP: Flow control

• The sliding window protocol:• The receiver will not bother to ACK until “advertised window” bytes have been

received.

• The sender will not send any data until the ACK is received. The receiver can

update the “advertised window” in the ACK.

• Discuss: Once “advertised window” bytes are received, how

should the receiver send ACKs to the sender?• Default: Every packet that it received (one ACK per packet)

• Option: Cumulative ACK. An ACK with number “n+1” means previous “n”

bytes were received (one ACK per uninterrupted transmission).

• Option: Negative ACK. An ACK indicating which expected bytes did not arrive

(one ACK per transmission).

• Option: Selective ACK. An ACK indicating all the bytes that arrived. (one ACK

per transmission).

23

TCP: Flow control

• The silly window syndrome: Small window sizes = Packets with

more header bytes than data!

• Adds unneeded load to the network.

• Example: Telnet and SSH will generate a byte for each

keystroke.

• Discuss: How would you solve this problem?

Header Data Header Data Header Data Header Data

24

TCP: Flow control

• Solving the silly window syndrome with Nagle’s algorithm• If the window size >= MSS (MTU-headers) and available data >= MSS:

• Send the data (packet is “full”)

• Elif there is unACKed data:• Our packets are probably overwhelming someone. Buffer all data and only send

after an ACK is received.

• Else:• Send the data.

• Consequence: Nagle’s will delay transmissions. This is often

why we have lag when using SSH over TCP.

• Good news: You can disable Nagle’s algorithm.

25

Things to remember from this lecture

• What are the main functions of the transport layer?

• Which devices need to have the transport layer implemented?

• Why do we need demultiplexing at the end-hosts?

• How is demultiplexing achieved by the transport layer?

26

Things to remember from this lecture

• How do UDP and TCP differ?

• Why do we need a TCP handshake before data transmission?

How does it work?

• Why to we need a TCP teardown after transmission? How does it

work?

• Why do applications need flow control? How is it implemented

in TCP?

• What is the silly window syndrome? How do we solve it?

27

Assignment 3

• Will be released on Thursday! Please start early!

Assignment 3 Groups

1 ['kzhang24', 'dstutz', 'xxing2', 'atran4']

2 ['lburden', 'hrunning', 'ppeterschmidt', 'jglowacki']

3 ['bzhang22', 'mfmrphy', 'jmagri', 'sklemm']

4 ['yzheng19', 'hpen', 'apizzimenti', 'tgoodmn']

5 ['ywang391', 'okueter', 'ymann', 'lye1']

6 ['msmith3', 'jblue', 'zluo1', 'yonghfan']

7 ['gongyzhou', 'mcagley', 'ywang455', 'kdzhou']

8 ['gmich', 'xiaosong', 'tsimonson', 'shangwchen']

9 ['nsonalkar', 'bchoskins', 'apatrck', 'yitzhou']

10 ['awestemeier', 'uupadhyay', 'tnlowry', 'jpflint']

11 ['jpthiede', 'nicgoh', 'rdong6', 'susmerano']

12 ['godkin', 'cweiske', 'weigui', 'jstoltz']

13 ['jdhatch', 'xchen117', 'trjns', 'zzhang103']