IP or internet protocol is connectionless - Every packet it’s treated individually and separately by routers or routers in the network.
Here’s a quick analogy explaining the
difference between UDP (User Datagram Protocol) and TCP (Transmission Control
Protocol).
User Datagram Protocol (UDP)
- UDP like IP is connectionless, it does not guarantee the delivery of packets.
- It requires high layer protocols for instance at the application layer to ensure the successful delivery of packets as an analogy UDP services are similar to using regular mail offered by the Post Office.
- As you would write your letter and enclose it in an envelope by the same token, you would take your data and encapsulate it in UDP you would then post your letter and hopefully the postal service will deliver the letter to the recipient there’s is however no guarantee that the letter will be collected, transported, delivered, and opened by the recipient as this is regular mail. You as the sender do not get an acknowledgement or proof of delivery of that letter.
- The postal service once again, does not guarantee delivery and is not responsible for letting you know that the delivery was successful or unsuccessful. but has the inherent disadvantage of unreliability.
- In a UDP environment, UDP at layer 4 does not guarantee delivery, higher layer protocols at the application layer will need to ensure reliability and delivery acknowledgement if required.
Transmission Control Protocol (TCP)
- TCP on the other hand, does provide delivery acknowledgement and reliability but with the disadvantage of the additional overhead as an analogy.
- A TCP session could be seen as the telephone call TCP is connection orientated in the same way that a telephone call. The person on the left makes a call to the person on the right. The person on the right is notified of the incoming connection or incoming call by the phone ringing.
- When the person on the right-hand side answers the call, they will acknowledge that by saying like
- "Hello, it's David speaking" the person on the left-hand side or the caller is does notify that the telephone call has been answered.
- The caller can then say, "hello David, it's Peter speaking".
- So, the called party or the person on the right-hand side, knows you've made the call. So their sort of a three-way handshake that takes place here with the person on the right-hand side initiates the call the person on the right hand side acknowledges the call. and the person on the left-hand side then indicates who's speaking
- Once the three-way handshake has taking place, and please note once again that this is just an analogy and in a telephone environment there are many more steps that take place but once as an analogy that has taken place, there’s communication between the 2 parties.
- Before continuing I'd like to explain what a socket
What is
Socket?
- A socket is the combination of the IP Address of the host in other words the location of a computer for example and the port number used.
- Combination of:
- IP Address of a host
- Port number used
- Transport protocol used
- Port numbers are used to identify applications for instance port 80, identified http and the transport protocol used in the same way as a telephone connection is the combination of the phone number and a particular extension
When using a reliable service like TCP, as discussed, a connection must first be established between the sender and receiver before any data can be transmitted. TCP will open a connection and negotiate various connection parameters before actually transmitting any data. Sharing data flow, TCP will maintain reliable delivery of the data and will close the connection once complete.
TCP Characteristics
- Session Multiplexing
- Segmentation
- MTU depends on physical medium
- For example: MTU of FastEthernet is 1500 bytes.
- However, TCP can theoretically support 65,495 bytes in a single packet.
- When that is sent to the lower layers of the OSI model, that will need to be broken up into fragments for transmission across the physical medium, which, for example, only supports 1500 bytes.
- Data is therefore broken up into smaller chunks and the receiver using TCP will need to put those fragments back together again.
- The maximum segment size (MSS) is the largest amount of data in bytes that TCP is willing to send in a single segment.
- For best performance, the MSS should be set small enough to avoid IP fragmentation, which can lead to excessive transmissions if there's packet loss.
- TCP support MSS and path MTU discovery
- With the sender and the receiver can automatically determine what the maximum transmission unit is on a path between them, and TCP will only put enough data into a single packet that fits that MTU, thus avoiding fragmentation of packets and thus avoiding the overhead associated with fragmentation and the putting together of the IP fragments.
- Path MTU discovery is optional in IPv4 but has now become mandatory in IPv6 because of the efficiencies that it brings to the TCP transmission and the fact that IPv6 does not support fragmentation on routers along the path between two hosts.
- UDP does not support this and requires higher layer protocols to sort out the fragments.
- TCP uses end to end flow control to avoid having the sender send data too quickly for the receiver to receive it and process it reliably.
- If the sender transmits data faster than the receiver can handle, the receiver will drop the data which will require retransmission.
- Retransmission will waste time and network resources, which is why most flow control mechanisms try to maximize the transfer rate while minimizing the requirements to retransmit.
- TCP uses something called a sliding window to control the flow of data.
- Windowing will allow a receiving computer to advertise how much data it's able to receive before transmitting an acknowledgement to the sending computer.
- In each TCP segment, the receiver will specify in the receiver window field the amount of additional received data in bytes that it is willing to buffer for the connection.
- The sending host can only send up to that amount of data before it must wait for an acknowledgement and window size update from the receiving host.
- UDP does not implement flow control. And in a VoIP environment is an example which uses UDP.
- UDP relies on higher layer protocols to implement flow control.
- Once again, TCP is connection orientated and UDP is connection less.
- TCP will establish the session connection and maintain the connection during the entire transmission. Once a transmission is complete, the session is terminated.
- UDP does not set up sessions and will just send the data in the hope that the receiver will receive it.
- TCP implements reliability, where every segment transmitted is acknowledged. And if the segment went missing, it is retransmitted.
- UDP does not implement reliability and once again relies on high layer protocols to implement any reliability. if required in certain cases, such as voice over IP or video transmitted over an IP infrastructure. Reliability is not required. There is no point re transmitting lost voice packets.
- TCP generally implements a full duplex mode of
operation. The transmitter can receive data at the same time its transmitting.
UDP Characteristics
- UDP is a transport layer protocol. It resides at layer four in the OSI model.
- It provides applications with access to the network layer or layer three without the overhead of reliability mechanisms.
- Its connection less where one way datagram is sent to a destination without advanced notification to the destination device. There is no communication before transmission of data.
- UDP is capable of providing very limited error checking the UDP datagram does include an optional checksum value which the receiving device can use to test the integrity of the data.
- The UDP header also includes a destination port number and if that datagram is directed to an inactive port on the receiving device, a return message can be transmitted to indicate that that port is unreachable.
- UDP provides best effort delivery. There is no guarantee that data is delivered.
- Packets may be misdirected, duplicated, or lost on their way to the destination. There is no guarantee of receipt. Higher layer protocols will need to implement reliability if required.
- There are also no data recovery features in UDP.
- Once again, higher layer protocols will need to recover from lost or corrupted packets.
- TFTP, as an example, has a built-in mechanism to handle data loss and TFTP.
- Using UDP has its own built-in sequencing and retransmission mechanisms as it cannot rely on UDP to implement reliability.
Overview Comparison between TCP and UDP
|
|
Reliable |
Best Effort/Unreliable |
|
Connection Type |
Connection-Oriented |
Connectionless |
|
Protocol |
TCP |
UDP |
|
Sequencing |
Yes |
No |
|
Application |
HTP, Email, FTP |
Voice and Video Streaming |
UDP Header
16 Bit Source Port | 16 Bit Destination Port |
16 Bit UDP Length | 16 Bit UDP Checksum |
Data | |
- The UDP header is very simple.
- It has a 16-bit source port number, a 16-bit port destination number.
- It has a 16-bit UDP length field that specifies the length in bytes of the entire data gram.
- In other words, the header and the data, the minimum length for UDP datagram is 8 bytes because that's the length of the header.
- Theoretically, the maximum size is 65,535 bytes, but IPv4 will impose a maximum limit of 65,507 bytes.
- Optionally, a UDP checksum can be used for error checking. This is optional in IPv4 but is not optional in IPv6.
TCP Header
|
16 Bit Source Port |
16 Bit Destination Port |
|||||||||
|
32 Bit Sequence Number |
||||||||||
|
32 Acknowledgement Number |
||||||||||
|
Header Length |
Reserved |
CWR |
ECE |
URG |
ACK |
PSH |
Reset |
SYN |
FIN |
Window Size |
|
16 Bit TCP Checksum |
16 Bit Urgent Pointer |
|||||||||
|
Options |
||||||||||
|
Data |
||||||||||
- Firstly, you have a 16-bit source port number which identifies the sending port. We have a 16-bit destination port, which identifies the receiving port.
- There’s a 32-bit sequence number,
- If the SYN bit is set then this is the initial sequence number. The sequence number of the actual first data byte is then this sequence number plus 1.
- If the SYN bit is not set then the sequence number, is the accumulated sequence number of the first data byte of this packet for the current session.
- It then has a 32-bit acknowledgement number.
- If the ACK flag is set or bit is set, then the value of the acknowledgement number is the next sequence number that the receiver is expecting to receive.
- This field acknowledges receipt of all prior bytes. The first ACK or acknowledgement sent by each end, acknowledges the other ends initial sequence number but no data.
- The header length or data offset specifies the size of the TCP header in 32-bit words.
- The minimum size of the header is 5 words, and the maximum is 15 words.
- The minimum size of the header is 20 bytes, and the maximum size of the header is 60 bytes in IPv4 which allows for up to 40 bytes of options in the header.
- The reserve field is set to 0 and is reserve for future use.
- There are lot of flags or control bits available in the TCP header
- The Congestion Window Reduced Flag (CWR) is part of a congestion notification mechanism used in conjunction with the ECE bit or flag (Echo congestion notification field or flag), once again used in congestion notification.
- This can be used in quality of service where the network and the host communicate to indicate congestion therefore letting the transmitter know that it needs to slowdown.
- The URG (Urgent) flag can indicate that this segment is urgent and should be process as soon as possible.
- The ACK flag as mentioned is used for acknowledgement of data.
- PSH (Push) is the flag set by TCP sender to cause the TCP receiver to immediately pass that segment's data to the receiver’s application socket along with all other in order data that the receiver is yet to give to that application.
- Reset; resets the connection in other words, the connection is turned down.
- SYN is used to synchronize sequence numbers. Only the first packet sent from each end will have this flag set.
- FIN means that there is no more data from the sender.
- The window size which is 16 bits in length specifies the size of the received window which is the number of bytes that the receiver is currently willing to receive.
- TCP also includes a 16 bits TCP checksum which is used for error checking of the header and the data.
- The 16-bit urgent pointer is used with the URG flag which when set on means that the 16-bit urgent pointer is used. This indicates an offset from the sequence number indicating the last urgent data byte.
- And lastly, we have the data, which is the data from higher layer protocols encapsulated within the TCP header.
Examples are:
- File transfer protocols include FTP or File Transfer Protocol, TFTP or Trivial File Transfer Protocol, NFS or Network File System.
- In email we tend to use POP3 or Post Office Protocol to receive mail. Simple Mail Transfer Protocol or SMTP to send mail or IMAP or Internet Message Access Protocol which is another protocol used for email retrieval.
- For remote log in to devices, we could use telnet which sends traffic in clear text and is therefore in secure or secure SHELL or SSH which allows for a secure connection to remote devices.
- For network management we can use Simple Network Management Protocol or SNMP and for name management we can use Domain Name System which allows for the use of names rather than IP addresses and translates those meaningful domain names, into IP addresses so for instance cisco.com will be converted to an IP address when a user browses the internet.
Port Number
Port numbers bind layer four to layer seven, allowing applications to communicate.
|
APPLICATION |
PORT
NUMBER |
TRANSPORT
LAYER |
|
HTTP |
80 |
TCP |
|
FTP |
21 |
TCP |
|
FTP
Data |
20 |
TCP |
|
Telnet |
23 |
TCP |
|
DNS |
53 |
TCP/UDP |
|
TFTP |
69 |
UDP |
|
SNMP |
161 |
UDP |
- DNS is an interesting case because it uses both TCP and UDP and uses Port 53.
- DNS primarily uses UDP, on Port 53 to serve requests.
- In other words, when a host needs a resolution for, say, Cisco com that will use UDP port 53 TCP is used when the response data exceeds 512 bytes or for tasks such as zone transfers.
- Zone transfers are used for replication of databases containing DNS data across a set of DNS servers.
The Registered Ports are assigned by IANA and on most systems can be used by ordinary user processes or programs executed by ordinary users. The Registered Ports are in the range 1024-49151.
The Dynamic(Private) Ports range from 49152-65535. These ports cannot be registered through IANA or by any other means. IANA SHALL refuse all such registration requests.
Ephemeral Port Numbers
- Ephemeral means temporary or short-lived, as is the characteristic of this type of port.
- An ephemeral port is a temporary communication hub used for Internet Protocol (IP) communications.
- It is created from a set range of port numbers by the IP software and used as an end client's port assignment in direct communication with a well-known port used by a server.
- Temporary and only last for the duration of the session
- IANA suggest 49152 to 65535
- BSD uses ports 1024 to 4999
- Linux used ports 32768 to 61000
- Windows 2003 server use 1025 to 5000
- Windows vista/7 use actual IANA range
- Free BSD uses IANA range since release 4.6
Berkeley Software Distribution (BSD) is a group of related open-source Unix-like operating systems (OS) with origins in early versions of Research Unix at Bell Labs. FreeBSD is the most popular member. BSD is configured for internet hosting, web hosting, and hosting many servers on one system.
FreeBSD is an operating system used to power modern servers, desktops, and embedded platforms.
TCP Three Way Handshake
When using TCP, devices must first establish a connection
with a peer system before data transmission can take place so, connection
orientated session will be established between host A and host B.
One machine will initiate the connection which must then the
accepted by the other machine. Protocols software modules in the operating
systems of the host devices communicate with each other by sending messages
across the network to verify that the transfer is authorized and that both
sides are ready for the transmission of data. For this to take place a
three-way handshake occurs between the host devices using TCP.
Step 1:
- So, host A initiating the session will set the SYN flag or SYN bit in the TCP header of the initial segment send to host B.
- Host A will also choose an initial sequence number which in this example let's say 100.
- So, the control flag SYN is set on and the sequence number is set to an initial value of 100.
- This is then used to start the handshake process.
- This synchronization segment also specifies the number of the port to which the sender wants to connect for instance port 80 or HTTP.
Step 2:
- The host on the right-hand side will be waiting for a connection request from the remote client, in this case host A.
- When the SYN is received, and accepted host B will send back a TCP segment with both the SYN and ACK flags set. So, the control flags SYN and ACK are set on and use to negotiate the connection and acknowledge receipt of the initial’s synchronization segment of the sender.
- Host B also set an initial sequence number to indicate the next sequence number of the next byte of data it expects to receive from host A.
- Host B also sets the acknowledgement flag to, in this case 101.
- An ACK flag indicates, the next portion of data, the host expects to receive.
So, host A initially sent a sequence number of a 100 and host B, in this case were assuming a window size of 1 sends back an acknowledgement of a 101.
Step 3:
- The third step in the three-way handshake is where the initiating host in this case host A has received the SYN from host B and sends back a TCP segment with the control field set to ACK, in other words acknowledgement.
- Host A is therefore acknowledging the next segment it expects to receive from host B in this case 301, initially host B sent a sequence number of 300.
- So, host A is expecting the next segment 301. Host A sets its sequence number to 101. The initial segment sent was 100 and the next one in this case is 101.
- Because the SYN bit or SYN flag is unset, this confirms that three-way handshake has completed successfully.
TCP Flow Control Mechanism (Window Size Scaling)
- In its basic form, TCP may have a window size of 1 which means that for every segment transmitted by the sender the receiver sends an acknowledgement for that individual segment.
- This however slows down the throughput dramatically because the sender cannot transmit anymore data until it to receives acknowledgement of that single segment transmitted.
- The throughput would be very low depending on the round-trip timer between sending data and receiving the acknowledgement.
- TCP however thus allow for greater window sizes to allow for more segments to be transmitted before receiving an acknowledgement.
- For example, in these case for window size 1, let’s assume that host A send the segment with the sequence number of 1, host B would acknowledge for segment 2.
- Host A will then send segment 2 and host B, once successfully receiving that segment will acknowledge (ACK) for segment 3.
- Host A will then send segment 3 to host B.
- This process will then continue for the duration of the session. This is obviously very reliable; however, the throughput is very low.
- Host A would need to buffer outgoing segments until it receives an acknowledgement for the segment transmitted.
- Let assume, Host A want to send 3 segments to Host B, and the round-trip time between Host A and B to send and receive acknowledgement is 2 sec. So, to send 3 segment Host A will take 6 secs.
- These can be improved in many ways as per windows size as:
Fixed Window Size
- So, if window size is same throughout the session as above, the throughput will be slow.
- This can be improved if we increase the window size.
- Let assume here we have fixed window size of 3. These will allow Host A to send 3 segments before receiving any acknowledgement. So, considering above example, for 3 segment Host A will take only 2 sec to send to Host B.
- So, here how throughput is increased dramatically, just by increasing the window size.
- In TCP, rather than using Fixed window size, Host tends to use Sliding window size.
Sliding Window
- In Sliding window, Host with the start with the small window size and then exponentially increase the window size to gauge the amount of data that the receiver can receive and what the network can handle.
- You’ve probably notice this, when downloading a file from the internet initially the download speed is slow but then increases to a certain point over time. This is because the window size initially is small but then increases exponentially until a packet is dropped or the receiving host cannot handle the amount of data it's receiving.
- When a packet gets drop, they reduced their window size dramatically, in brief, the window size is either the window granted to the sender by the receiver, or a calculated window called the congestion window (CWND). The congestion window (CWND) is initially set to very low value at connection establishment and then increases at an exponential rate.
- For every lost segment, the congestion window is half. After lost segment has been successfully re-transmitted, the congestion window grows again until it reaches a value half of the original congestion window. It then slows down its growth, using an algorithm called congestion avoidance.
- It does exponentially grow up to half the original congestion window size and then increases slowly at the linear rate.
- In quality of service Weighted Random Early Detection (WRED) can be used improve efficiency of TCP transmissions across the link.
- As packets are randomly dropped from various flows or various sessions going across an individual interface, rather than packets from multiple senders being drop at the same time.
- This avoid an issue called global synchronization, where packets from multiple TCP sessions are drop at the same time and therefore multiple hosts reduce their window size and slowdown at the same time and then gradually increase their window size and therefore their throughput at the same time.
- So, you have a many hosts slowing down and speeding up at the same time with WRED some hosts will be slowing down and other hosts will be increasing their throughput because or random drops.
- So, A transmits 3 segments to B, however only segments 1 and 2 arrive at host B segment 3 goes missing.
- Host B may reduce its window size in this example to 2 and acknowledge segment 3.
- Remember the acknowledgement is for the next packet that that hosts expects to receive and because host B did not receive segment 3 it’s acknowledging successful receipt of segment 1 and 2.
- Host A will re-transmit segment 3 and, in this example, send segment 4 but also request a window size of 3. Both those segments are successfully received by host B so, host B will acknowledge for segment 5, but in this example, still wants a window size of 2.
- Host A will only send 2 segments because the negotiated window size is 2 but A may still request that the window size be increase to 3.
- With the sliding window, there is dynamic negotiation of a window size, and that window size may change dramatically during a session depending on what the receiver can process and what the network can handle.
UDP or User Datagram Protocol and TCP or Transmission Control Protocol.
Also, I have explained port numbers and which port numbers would be used in which scenarios.
Also, explained the TCP three-way handshake, and explained windowing and sequence numbers.
No comments:
Post a Comment