Transport Layer TCP and UDP Overview of TCPIP
- Slides: 14
Transport Layer: TCP and UDP • Overview of TCP/IP protocols • Comparing TCP and UDP • TCP connection: establishment, data transfer, and termination • Allocation of port numbers • Size matters: MTU, datagram, MSS, buffer • Standard Internet services and applications • Debugging techniques and tools 1
Overview of TCP/IP Protocols tcpdump IGMP mrouted ICMP ARP/RARP BPF/DLPI ping traceroute TCP IPv 4 UDP applications ICMPv 6 IPv 6 datalink 2
Comparing TCP and UDP 3
TCP Connection: Establishment Three-way handshake client socket connect (blocks) (active open) SYN_SENT server SYN j SYN k, ack j+1 ESTABLISHED connect returns ack k+1 socket, bind, listen LISTEN(passive open) accept (blocks) SYN_RCVD ESTABLISHED accept returns read (blocks) TCP options (in SYN): MSS (maximum segment size) option, window scale option (advertized window up to 65535 x 2^14, 1 GB), timestamp option (the latter two: long fat pipe options) 4
TCP Connection: Data Transfer client write read(blocks) server request reply ack of request read returns (server processes request) write read(blocks) ack of reply 5
TCP Connection: Termination Four-way handshake client close (active close) FIN_WAIT_1 server FIN m ack m+1 FIN_WAIT_2 TIME_WAIT 1~4 mins FIN n ack n+1 CLOSE_WAIT (passive close) read returns 0 close LAST_ACK CLOSED TIME_WAIT to allow old duplicate segment to expire for reliable termination (the end performing active close might have to retx the final ACK) 6
TCP State Transition Diagram CLOSED appl: passive open send: <nothing> LISTEN recv: SYN, send: SYN, ACK recv: RST SYN_RSVD ESTABLISHED recv: ACK send: <nothing> FIN_WAIT_2 SYN_SENT recv: FIN (simultaneous close) send: ACK CLOSING recv: FIN, ACK send: ACK recv: FIN send: ACK passive close CLOSE_WAIT appl: close send: FIN LAST_ACK recv: ACK send: <nothing> TIME_WAIT appl: close or timeout recv: SYN, ACK send: ACK (data transfer state) recv: FIN send: ACK appl: close send: FIN_WAIT_1 recv: SYN send: SYN, ACK (simultaneous open) recv: ACK send: <nothing> active close appl: active open send: SYN 2 MSL timeout 7
Allocation of Port Numbers IANA well-known ports IANA (Internet Assigned Numbers Authority) BSD 1 Solaris 1023 1024 BSD reserved ports 1 IANA registered ports 49151 49152 BSD ephemeral ports 1023 1024 rrsevport 513 -1023 IANA dynamic or private ports 65535 BSD nonprivileged servers 50000 50001 65535 Solaris ephemeral ports 32768 65535 8
Multiple Sockets with the Same Port (in Concurrent Server) listening socket server (*. 21, *. *) connected socket server (child 1) (206. 62. 226. 35. 21, 198. 69. 10. 2. 1500) client 1 (198. 69. 10. 2. 1500, 206. 62. 226. 35. 21) client 2 (198. 69. 10. 2. 1501, 206. 62. 226. 35. 21) connected socket server (child 2) (206. 62. 226. 35. 21, 198. 69. 10. 2. 1501) All TCP segments destined for port 21, with socket pairs different from (206. 62. 226. 35. 21, 198. 69. 10. 2. 1500) and (206. 62. 226. 35. 21, 198. 69. 10. 2. 1501), are delivered to the original server with the listening socket. 9
Size Matters: MTU, datagram, TCP MSS, buffer • Link MTU (maximum transmission unit): Ethernet MTU: 1500 bytes, PPP MTU: configurable • Path MTU: the smallest link MTU in the path, can be discovered by IP DF (don’t fragment) bit • Maximum IP datagram: 65535 (IPv 4), 65575 (IPv 6) (IPv 6 has 32 -bit jumbo payload option), minimum IP reassembly buffer size • TCP MSS (maximum segment size): actual value of reassembly buffer size, often the link MTU minus IP and TCP headers, to avoid fragmentation 10
TCP Output and UDP Output application buffer write TCP application sendto user process kernel socket send buffer (SO_SNDBUF) UDP MSS-sized TCP segment IP no buffering but SO_SNDBUF exists UDP datagram IP MTU-sized packet output queue datalink application buffer MTU-sized packet output queue datalink 11
Standard Internet Services and Applications • Standard services provided by inetd daemon: echo/port 7/RFC 862, discard/port 9/RFC 863, daytime/port 13/RFC 867, chargen/port 19/RFC 864, time/port 37/RFC 868 • tested by “telnet machine service”, service mapped by /etc/services • Common application types: diagnostic, routing protocol, datagram, virtual circuit, etc. 12
Protocol Usage of Various Common Applications Application Ping Traceroute OSPF RIP BGP BOOTP DHCP NTP TFTP SNMP SMTP Telnet FTP HTTP NNTP DNS NFS RPC IP ICMP x x UDP TCP x x x x x 13
Debugging Techniques and Tools • System call tracing: truss (in SVR 4), ktrace & kdump (in BSD) (Note that socket is a system call in BSD, while putmsg and getmsg are the actual system calls in SVR 4) • sock developed by W. R. Stevens: used to generate special case conditions, as stdin/stdout client, stdin/stdout server, source client, sink server • tcpdump: dump packets matching some criteria • netstat: status of interfaces, multicast groups, perprotocol statistics, routing table, etc. • lsof (list open files): which process has a socket open on a specified IP address or port 14