Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
1
CS 3640: Introduction to
Networks and Their Applications
Fall 2018, Lecture 13: The Transport Layer I(Credit: Christo Wilson @ NEU)
Instructor: Rishab NithyanandTeaching Assistant: Md. Kowsar Hossain
2
You should…
• Be ready to submit assignment 2. Due today before midnight.
• Late policy applies.
• Asking for help on Piazza • Give me enough information to help you!
• Read the assignment hints and links before asking for help!
• Assignment 3: Start early!
• Know and understand:
• The three Internet design principles and components of the Internet.
• Circuit- vs. packet- switched networks.
• Components of end-to-end delay.
• The link layer: error detection, MAC, local addressing/routing.
• The network layer: addressing, fragmentation, IPv4 vs. IPv6, ASes
• Intradomain routing: link state vs. distance vector
3
Recap: Interdomain routing
• The Internet is divided into Autonomous Systems (ASes).• There are about 50K of these. They implement their own rules and
technologies within.
• What are the general types of routing algorithms on the
Internet (in terms of scale)? • Within a LAN
• Within an AS (intradomain)
• Between ASes (interdomain)
• What are the main goals of an interdomain routing protocol?• Scaling to O(10K) domains, each with their own internal
protocols/preferences. Allowing implementation of these preferences.
• Path stability and ability to route around failures. • Why is this really important?
4
Recap: Interdomain routing
• What kind of relationships exist between ASes?• Customer-provider: Customer pays provider for ability to send traffic through
providers routes.
• Peer-peer: Peers agree to route traffic through each others routes (but not
routes of other peers or providers).
• What type of protocol is BGP (link state/distance vector/ path
vector)? How does it work?• BGP is a path vector protocol. Same as distance vector, except it also
communicates actual AS-level paths. Why?• Knowing paths allows an AS to implement routing policies.
• What does BGP completely ignore? What are the implications?• Security. There is nothing to stop someone from advertising fake routes and
dropping traffic. Its one of the ways that censorship is implemented!
5
This week in class
1.Transport layer functionality: UDP and TCP
2. 3.TCP state and connections
TCP flow and congestion control
6
The Transport Layer
• Which devices on the Internet need to implement transport
layer protocols?
• Universal function: Demultiplexing of data streams. • Your end-host is running dozens of Internet-connected applications through a
small number (usually 1) of interfaces. The transport layer makes sure that
each of them gets the data addressed to them.
• Discuss: How do we implement this in the real world analogy of mail?
How can we apply that approach to the transport layer?• Applications listen on specific ports (HTTP: 80, HTTPS: 443). The transport layer
takes packets from the network layer and makes sure it reaches the right
application (by looking at the destination port).
7
The Transport Layer: Demultiplexing traffic
Endpoints identified by <src_ip, src_port, dest_ip, dest_port>
Network
Transport
Application
P1 P2 P3 P4 P6 P7P5
Host 1 Host 2 Host 3
Unique port for each
application
Applications share the same
network
Server applications communicate with
multiple clients
8
The Transport Layer
• Discuss: What other functionality can we throw into this layer?
Do we need to care about the end-to-end principle?
• Optional function: Reliability. • Enabling reliable, in-order packet delivery.
• Making sure packets sent to applications are error-free.
• Optional function: Flow control.• Making sure that applications are not overwhelming the receivers.
• Optional function: Congestion control.• Making sure that applications are not overwhelming the network.
9
User Datagram Protocol (UDP)
• No frills transport layer protocol. Functions: Demultiplexing +
error checking.• No reliability. No congestion control.
• Port numbers enable demultiplexing.• UDP header: 16 bit port numbers (65355 possible ports).
• Error checking enabled with a checksum.• UDP header: 16 bit checksum field.
• Only detects corrupted packets.
• Does not detect dropped, duplicated, or out-of-order packets.
10
User Datagram Protocol (UDP)
• Surprisingly, UDP came after TCP (reliable protocol).
• Discuss: Why did we decide we needed UDP?• Not all applications need reliability.
• If applications need something not implemented in UDP, they can just
implement it in the application layer.
• Examples: • Real-time Media Protocol (RTMP): A voice and video application layer protocol
that uses UDP.
• QUIC: An application layer protocol developed by Google to improve
performance by transporting HTTP data over UDP.
11
This week in class
1.Transport layer functionality: UDP and TCP
2. 3.TCP state and connections
TCP flow and congestion control
12
Transmission Control Protocol (TCP)
• Functions: Demultiplexing + error checking + reliability +
congestion control.• TCP provides reliable & in-order byte streams between end-hosts.
• TCP is bidirectional! Both hosts can send data to each other.
• TCP cares.• About not overwhelming the network.
• About not overwhelming the receiver.
13
TCP: Connection setup
• Before data can be sent via TCP, a “handshake” needs to occur
between the end-hosts. • Discuss: Why cant we just start sending data via TCP?
• The handshake establishes a shared “start state” on both hosts.
• This state helps figure out if packets are delivered reliably and in order.
• Discuss: What is the minimum shared information needed by the hosts?• Number of bytes that have been sent and received on this TCP connection.
• This is done by using the “sequence number” and “acknowledgement number”
TCP header fields.
• The handshake establishes a random sequence number for each connection.
• Packets from a previous TCP connection with the same application on the same
host may still be in flight. Randomness avoids collisions.
14
TCP: Connection setup
• No data is sent in the connection setup. Just packets with the appropriate flags. Each side:
• Notifies the other of starting sequence number
• ACKs the other side’s starting sequence number (+1)
• ACK numbers indicate the next byte it is expecting.
• Discuss: How can you implement a denial of service attack?
Client Server
Important TCP flags (1 bit each)
SYN – synchronization, used for connection setup
ACK – acknowledge received data
FIN – finish, used to tear down connection
TCP: Connection setup security issues
• How can you implement a denial of service attack?
• SYN flooding: Send millions of “SYN” packets. Don’t bother to reply.
• Server allocates resources for each connection it gets a “SYN” for.
• Exploits an asymmetry in effort. Server does more work than client.
• Solution: “SYN cookies”
• Create a server sequence number that is a function of the client sequence number.
• Send SYN/ACK. Do not allocate resources. Forget about the packet.
• When client sends an ACK, reconstruct allocated server sequence number from client ACK.
Client Server
TCP: Bidirectional communication
• Each side of the connection can send and receive data from the other.
• Remember: The client and server have different starting sequence numbers.
Client ServerSeq. Ack. Seq. Ack.
1 23
23 1461
1461 753
753 2921Data and ACK in the same packet
23 1
17
TCP: Connection teardown
• TCP is polite. One host informs the other that it is done talking.• Sets the “FIN” flag in the last packet.
• Discuss: Why do we need to tell the other side that we’re done?• Let the other side deallocate resources dedicated to us.
• Discuss: Who should initiate the connection teardown? How should the
other side respond?• Either side can initiate the teardown.
• The other side can keep sending data until they’re done (send their own “FIN” flag).
• Unless one host issues a “shutdown” command. Then they’ve deallocated their
own resources and cannot listen anymore.
• Connection is dead only if both are done talking or a shutdown is issued. Half or
fully open otherwise.
18
TCP: Connection teardown
Client Server
• The FIN is acknowledged
to make sure it is not
retransmitted.
19
This week in class
1.Transport layer functionality: UDP and TCP
2. 3.TCP state and connections
TCP flow and congestion control
20
TCP: Flow control
• TCP is polite. It doesn’t want to overwhelm the receiver.• Discuss: How can two hosts make sure they don’t send too much data to
each other?• They tell each other how much data their buffers can handle.
• Discuss: When should they communicate their buffer sizes? Connection
setup? Data transfer phase? Why?• It has to be done in the data transfer phase. Buffer sizes can keep changing! TCP is
at the end-host. Buffer size for this connection depends on the number of other
parallel connections to other hosts!
• They use the “advertised window” field of the TCP header to indicate number of
bytes they can currently handle.• Advertised window can be 0!
• The receiver will not bother to ACK until “advertised window” bytes have been
received. The sender will not send any data until the ACK is received. The receiver
can update the “advertised window” in the ACK. This is called the “sliding
window protocol”.
21
TCP: Flow control
The sender side
Sequence Number
Src. Port
Acknowledgement Number
Adv. Window
Urgent Pointer
Flags
Checksum
HL
Packet Sent
Dest. PortSrc. Port
Acknowledgement Number
Adv. Window
Urgent Pointer
Flags
Checksum
HL
Packet Received
Dest. Port
Sequence Number
ACKed Sent To Be Sent Outside Window
Window
App WriteMust be buffered
until ACKed
22
TCP: Flow control
• The sliding window protocol:• The receiver will not bother to ACK until “advertised window” bytes have been
received.
• The sender will not send any data until the ACK is received. The receiver can
update the “advertised window” in the ACK.
• Discuss: Once “advertised window” bytes are received, how
should the receiver send ACKs to the sender?• Default: Every packet that it received (one ACK per packet)
• Option: Cumulative ACK. An ACK with number “n+1” means previous “n”
bytes were received (one ACK per uninterrupted transmission).
• Option: Negative ACK. An ACK indicating which expected bytes did not arrive
(one ACK per transmission).
• Option: Selective ACK. An ACK indicating all the bytes that arrived. (one ACK
per transmission).
23
TCP: Flow control
• The silly window syndrome: Small window sizes = Packets with
more header bytes than data!
• Adds unneeded load to the network.
• Example: Telnet and SSH will generate a byte for each
keystroke.
• Discuss: How would you solve this problem?
Header Data Header Data Header Data Header Data
24
TCP: Flow control
• Solving the silly window syndrome with Nagle’s algorithm• If the window size >= MSS (MTU-headers) and available data >= MSS:
• Send the data (packet is “full”)
• Elif there is unACKed data:• Our packets are probably overwhelming someone. Buffer all data and only send
after an ACK is received.
• Else:• Send the data.
• Consequence: Nagle’s will delay transmissions. This is often
why we have lag when using SSH over TCP.
• Good news: You can disable Nagle’s algorithm.
25
Things to remember from this lecture
• What are the main functions of the transport layer?
• Which devices need to have the transport layer implemented?
• Why do we need demultiplexing at the end-hosts?
• How is demultiplexing achieved by the transport layer?
26
Things to remember from this lecture
• How do UDP and TCP differ?
• Why do we need a TCP handshake before data transmission?
How does it work?
• Why to we need a TCP teardown after transmission? How does it
work?
• Why do applications need flow control? How is it implemented
in TCP?
• What is the silly window syndrome? How do we solve it?
27
Assignment 3
• Will be released on Thursday! Please start early!
Assignment 3 Groups
1 ['kzhang24', 'dstutz', 'xxing2', 'atran4']
2 ['lburden', 'hrunning', 'ppeterschmidt', 'jglowacki']
3 ['bzhang22', 'mfmrphy', 'jmagri', 'sklemm']
4 ['yzheng19', 'hpen', 'apizzimenti', 'tgoodmn']
5 ['ywang391', 'okueter', 'ymann', 'lye1']
6 ['msmith3', 'jblue', 'zluo1', 'yonghfan']
7 ['gongyzhou', 'mcagley', 'ywang455', 'kdzhou']
8 ['gmich', 'xiaosong', 'tsimonson', 'shangwchen']
9 ['nsonalkar', 'bchoskins', 'apatrck', 'yitzhou']
10 ['awestemeier', 'uupadhyay', 'tnlowry', 'jpflint']
11 ['jpthiede', 'nicgoh', 'rdong6', 'susmerano']
12 ['godkin', 'cweiske', 'weigui', 'jstoltz']
13 ['jdhatch', 'xchen117', 'trjns', 'zzhang103']