Network and Network Security Summary CHoogteijling
3 Transport Layer
3.1 Introduction and Transport-Layer Services
A transport-layer protocol provides for logical communication between application processes
running on different hosts. A network-layer protocol provides logical communication between
hosts. Logical communication is that the applications communicate as if the hosts running
the applications were directly connected. A segment is a transport-layer packet.
3.1.1 Relationship Between Transport and Network Layers
3.1.2 Overview of the Transport Layer in the Internet
The application developer chooses the User Datagram Protocol (UDP) or the Transmission
Control Protocol (TCP) when creating sockets. UDP provides an unreliable, connectionless
service to the invoking application. TCP provides a reliable, connection-oriented service to
the invoking application.
The IP service model is a best-effort delivery service and an unreliable service, it makes no
guarantees for delivery.
UDP and TCP provide transport-layer multiplexing and demultiplexing and integrity check-
ing by including error-detection fields. Transport-layer multiplexing and demultiplexing is
extending host-to-host delivery to process-to-process delivery. These are the only two ser-
vices UDP provides.
TCP provides reliable data transfer and congestion control. Reliable data transfer is provide
by using flow control, sequence numbers, acknowledgments, and timers. It ensures that data
is delivered from sending process to receiving process, correctly and in order. Congestion
control is a service for the Internet as a whole. It prevents any one overburdening the links
and routers between communicating hosts with an excessive amount of traffic.
3.2 Multiplexing and Demultiplexing
A process can have multiple sockets it receives data through from the network.
Demultiplexing is the process of delivering the data in a transport-layer segment to the
correct socket. Multiplexing is the process of gathering data chunks at the source host from
different sockets, encapsulating each data chunk with header information to create segments,
and passing the segments to the network layer.
The source port number field and destination port number field are special fields in the
transport layer to identify sockets. A well-know port number is a port number ranging from
0 to 1023 and are reserved for use by well-known application protocols.
Connectionless Multiplexing and Demultiplexing
An UDP socket is identified by the destination IP address and destination port number.
The of multiplexing and demultiplexing:
1. The sender creates a transport-layer segment that includes the application data, the
source port number, the destination port number, length and checksum.
2. The transport layer passes the segment to the network layer.
, page 23 of 83
,Network and Network Security Summary CHoogteijling
3. The network layer encapsulates the segment in an IP datagram and makes a best-effort
attempt to deliver the segment to the receiver.
4. The segment arrives at the receiver, that directs each segment to the appropriate
socket by examining the destination port number.
The source IP address and port number are used to send a message back to the first sender
application.
Connection-Oriented Multiplexing and Demultiplexing
A TCP socket is identified by a four-tuple: source IP address, source port number, destina-
tion IP address, destination port number.
The steps of a TCP connection:
1. The TCP server application has a ’welcoming socket’ that waits for
connection-establishment requests from TCP clients on port number 12000.
2. The TCP client creates a socket and sends a connection establishment segment.
3. A connection-establishment request is a TCP segment with destination port number
12000 and a special connection-establishment bit set in the TCP header and a source
port number chosen by the client.
4. When a connection-request arrives, the server process creates a new socket.
5. The transport layer at the server notes the source port number, source IP address,
destination port number, and destination IP address. The new socket is identified by
this tuple.
3.3 Connectionless Transport: UDP
Reasons to use UDP:
• Finer application-level control over what data is sent, and when.
• No connection establishment.
• No connection state.
• Small packet header overhead.
Multimedia applications use UDP, but TCP is getting more popular because some firewalls
block UDP messages. A developer can build reliability in the application layer when using
UDP.
3.3.1 UDP Segment Structure
The fields of a UDP segment (four fields, each 2 bytes):
• The source port number.
• The destination port number.
• The length field specifies the number of bytes in the UDP segment.
, page 24 of 83
, Network and Network Security Summary CHoogteijling
• The checksum is used to check whether errors have been introduced in the segment.
See figure 3.7 UDP segment structure, in the book Computer Networking A Top Down
Approach by Kurose and Ross 7th edition.
3.3.2 UDP Checksum
The UDP checksum is used to determine whether bits within the UDP segment have been
altered as it moved from source to destination. It performs the 1s complement of the sum
of all the 16-bit words in the segment, with any overflow being wrapped around.
UDP must provide error detection at the transport layer because it is not guaranteed that
every link does any error checking. The end-end principle in system design is that since
certain functionality must be implemented on an end-end basis. UDP does not do anything
to recover from an error.
3.5 Connection-Oriented Transport: TCP
3.5.1 The TCP Connection
TCP is a connection-oriented protocol. The two processes first send preliminary segments
to each other to establish the parameters of the coming datatransfer.
The TCP protocol has a logical connection, with a common state in the two communicating
end systems. The intermediate network only sees datagrams. A TCP connection is not an
end-to-end TDM or FDM circuit as in a circuit-switched network.
A TCP connection provides a full-duplex service, the processes can send data to each other
simultaneously. It is also a point-to-point connection, there is a single sender and a single
receiver of a data packet.
The connection-establishment procedure is a three-way handshake because three segments
are send between client and server. Only the third segment may carry payload.
When a data segment is send, it goes to the connection’s send buffer, ther TCP will pass
parts of the data to the network layer. When the data is passed on is not specified. The
maximum transmission unit (MTU) is the length of the largest link-layer frame that can
be sent by the local sending host. This determines the maximum segment size (MSS) to fit
each chunk of a segment in a link-layer frame.
A TCP segment is formed by pairing a chunk of client data to a TCP header. The seg-
ments are passed down to the network layer, where they are separately encapsulated within
network-layer IP datagrams. The datagrams are send into the network. When TCP receives
a segment, the data is placed in the receive buffer, where the application reads the stream
of data from.
3.5.2 TCP Segment Structure
• Source and destination port numbers: for multiplexing and demultiplexing data from
and to upper-layer applications.
• Checksum field.
• Sequence and acknowledgment number fields: implement reliable data transfer.
• Receive window: for flow control.
, page 25 of 83
