Computer Networks

Topic: Transport layer

protocols: UDP,TCP
 UDP
 The User Datagram Protocol (UDP) is called a connectionless, unreliable transport
protocol.
 UDP is a very simple protocol using a minimum of overhead. If a process wants to
send a small message and does not care much about reliability, it can use UDP.
Sending a small message by using UDP takes much less interaction between the
sender and receiver than using TCP or SCTP.
Real Life examples of UDP
•Text Communication
•Transfer of files or FTP
•Hyper Text Transfer Protocol (HTTP)
•Simple Mail Transfer Protocol(SMTP)
Well-known ports used with UDP
 User datagram format
UDP packets, called user datagrams, have a fixed-size header of 8 bytes.
 UDP
UDP packets, called user datagrams, have a fixed-size header of 8 bytes.
•Source port number. This is the port number used by the process running on the
source host. It is 16 bits long, which means that the port number can range from 0 to
65,535. If the source host is the client (a client sending a request), the port number, in
most cases, is an ephemeral port number requested by the process and chosen by the
UDP software running on the source host. If the source host is the server (a server
sending a response), the port number, in most cases, is a well-known port number.
 UDP
 Destination port number. This is the port number used by the process running on the destination host.
It is also 16 bits long. If the destination host is the server (a client sending a request), the port number,
in most cases, is a well-known port number. If the destination host is the client (a server sending a
response), the port number, in most cases, is an ephemeral port number. In this case, the server copies
the ephemeral port number it has received in the request packet.
 Length. This is a 16-bit field that defines the total length of the user datagram, header plus data. The
16 bits can define a total length of 0 to 65,535 bytes. However, the total length needs to be much less

because a UDP user datagram is stored in an IP datagram with a total length of 65,535 bytes.

UDP length = IP length – IP header’s length

 Checksum. This field is used to detect errors over the entire user datagram.
Pseudoheader for checksum calculation
 Check Sum
 Here the checksum includes three sections: a pseudo header, the UDP header, and the data
coming from the application layer.
 If the checksum does not include the pseudo header, a user datagram may arrive safe and sound.
However, if the IP header is corrupted, it may be delivered to the wrong host. The protocol field is
added to ensure that the packet belongs to UDP, and not to other transport-layer protocols. We will see
later that if a process can use either UDP or TCP, the destination port number can be the same. The
value of the protocol field for UDP is 17. If this value is changed during transmission, the checksum
calculation at the receiver will detect it and UDP drops the packet. It is not delivered to the wrong

protocol.
Checksum calculation of a simple UDP user
datagram
UDP Operation
• Connectionless Services(Unreliable)
• No Flow and No Error Control(only Check sum)
• Encapsulation and Decapsulation
• Queuing
UDP Operation
• Connectionless Services
UDP provides a connectionless service. This means that each user datagram
sent by UDP is an independent datagram. There is no relationship between
the different user datagrams even if they are coming from the same source
process and going to the same destination program. The user datagrams are
not numbered. Also, there is no connection establishment and no
connection termination, as is the case for TCP. This means that each user
datagram can travel on a different path.
• Flow and Error Control
UDP is a very simple, unreliable transport protocol. There is no flow control and
hence no window mechanism. The receiver may overflow with incoming
messages. There is no error control mechanism in UDP except for the
checksum. This means that the sender does not know if a message has been
lost or duplicated. When the receiver detects an error through the checksum, the
user datagram is silently discarded. The lack of flow control and error control
means that the process using UDP should provide these mechanisms.
UDP Operation(Contd.)
• Encapsulation and Decapsulation
To send a message from one process to another, the UDP protocol encapsulates and
decapsulates messages in an IP datagram.
• Queuing
At the client site, when a process starts, it requests a port number from the operating system. Some implementations
create both an incoming and an outgoing queue associated with each process. Other implementations create only an
incoming queue associated with each process.
Note that even if a process wants to communicate with multiple processes, it obtains only one port number and
eventually one outgoing and one incoming queue. The queues opened by the client are, in most cases, identified by
ephemeral port numbers. The queues function as long as the process is running. When the process terminates, the
queues are destroyed.
The client process can send messages to the outgoing queue by using the source port number specified in the request.
UDP removes the messages one by one and, after adding the UDP header, delivers them to IP. An outgoing queue can
overflow. If this happens, the operating system can ask the client process to wait before sending any more messages.
When a message arrives for a client, UDP checks to see if an incoming queue has been created for the port number
specified in the destination port number field of the user datagram. If there is such a queue, UDP sends the received user
datagram to the end of the queue. If there is no such queue, UDP discards the user datagram and asks the ICMP protocol
to send a port unreachable message to the server. All the incoming messages for one particular client program, whether
coming from the same or a different server, are sent to the same queue. An incoming queue can overflow. If this
happens, UDP drops the user datagram and asks for a port unreachable message to be sent to the server.
Queues in UDP
At the server site, the mechanism of creating queues is different. In its simplest form, a
server asks for incoming and outgoing queues, using its well-known port, when it starts
running. The queues remain open if the server is running.
When a message arrives for a server, UDP checks to see if an incoming queue has been
created for the port number specified in the destination port number field of the user
datagram. If there is such a queue, UDP sends the received user datagram to the end
of the queue. If there is no such queue, UDP discards the user datagram and asks the
ICMP protocol to send a port unreachable message to the client. All the incoming
messages for one particular server, whether coming from the same or a different client,
are sent to the same queue. An incoming queue can overflow. If this happens, UDP
drops the user
datagram and asks for a port unreachable message to be sent to the client.
When a server wants to respond to a client, it sends messages to the outgoing queue,
using the source port number specified in the request. UDP removes the messages one
by one and, after adding the UDP header, delivers them to IP. An outgoing queue can
overflow. If this happens, the operating system asks the server to wait before sending
any more messages.
Use of UDP
The following lists some uses of the UDP protocol:

o UDP is suitable for a process that requires simple request-response communication with little concern for
flow and error control. It is not usually used for a process such as FTP that needs to send bulk data
o UDP is suitable for a process with internal flow and error control mechanisms. For example, the Trivial File
Transfer Protocol (TFTP) process includes flow and error control. It can easily use UDP.
o UDP is a suitable transport protocol for multicasting. Multicasting capability is embedded in the UDP
software but not in the TCP software.
o UDP is used for management processes such as SNMP
o UDP is used for some route updating protocols such as Routing Information Protocol (RIP)
 TCP
• TCP, like UDP, is a process-to-process (program-to-program) protocol.
• TCP, therefore, like UDP, uses port numbers.

• Unlike UDP, TCP is a connection oriented protocol; it creates a virtual

connection between two TCPs to send data.
• TCP uses flow and error control mechanisms at the transport level. (Reliable)
Real Life examples of TCP
•Online Games
•Video Conferencing
•Voice Over IP(VoIP)
•Domain Name System(DNS)
Well-known ports used by TCP
 TCP Services
• Stream Delivery Service
• Full-Duplex Communication
• Connection-Oriented Service
• Reliable Service
Sending and receiving buffers
Because the sending and the
receiving processes may not write
or read data at the same speed,
TCP needs buffers for storage.
The buffers are hundreds or
thousands of bytes, depending on
the implementation.
 TCP Features
• Numbering System
• Flow Control
• Error Control
• Congestion Control
TCP Segment Format
The segment consists of a
20- to 60-byte header
TCP Segment Format
TCP Segment Format
Control field: This field defines 6 different control bits
or flag. One or more of these bits can be set at a time.
 Connection Management

 TCP is connection-oriented.
 A connection-oriented transport protocol establishes a
virtual path between the source and destination.(NO
physical connection is established.)
 All the segments belonging to a message are then sent
over
this virtual path.
 Connection Management

 Connection-oriented transmission requires three phases:

 Connection establishment
 Data transfer
 Connection termination
 1. Connection Establishment
 TCP transmits data in full-
duplex mode The connection
establishment in TCP is
called three way
handshaking.
 The process starts with the server. The
server program tells its TCP that it is ready
to accept a connection. This is called a
request for a passive open. Although the
server TCP is ready to accept any
connection from any machine in the world,
it cannot make the connection itself. The
client program issues a request for an
active open. A client that wishes to
 Connection Establishment
 A SYN segment cannot carry data, but it consumes one
sequence number. This segment is for synchronization of sequence
numbers
 A SYN + ACK segment cannot carry data but does consume one
sequence number.
 An ACK segment, if carrying no data, consumes no sequence
number.
 Simultaneous Open
 A rare situation, called a simultaneous open, may occur
when
both processes issue an active open.
 In this case, both TCPs transmit a SYN + ACK segment to
each other, and one single connection is established
between them.
 SYN Flooding Attack
 The connection establishment procedure in TCP is susceptible to a
serious
security problem called the SYN flooding attack.
 This happens when a malicious attacker sends a large number of
SYN segments to a server, pretending that each of them is
corning from a different client by faking the source IP addresses
in the datagrams.
 The TCP server then sends the SYN +ACK segments to the fake
clients, which are lost.
 “SYN flooding attack belongs to a type of security attack
known as a
denial-of-service attack,”

Solution:
 Imposed a limit on connection requests during a specified period
2. Data Transfer
 After connection is
established, bidirectional data
transfer can take place. The
client and server can both
send data and
acknowledgments.
 Pushing Data: The application program
at the sending site can request a push
operation.
This means that the sending TCP must not
wait for the window to be filled.
 Data
Transfer
 A segment with the URG bit set.

 The sending application program tells the sending TCP

that the piece of data is urgent.

 The sending TCP creates a segment and inserts the

urgent data at the beginning of the segment.
 3. Connection Termination

 Any of the two parties involved in exchanging data

(client or server) can close the connection, although it is
usually initiated by the client.
 Two options for connection termination:
 Three-way handshaking
 Four-way handshaking with a half-close option
 Three way handshaking (connection
termination)
1. In a normal situation, the
client TCP, after receiving a
close command from the client
process, sends the first
segment, a FIN segment in
which the FIN flag is set.
2. The server TCP, after
receiving the FIN segment,
informs its process of the
situation and sends the second
segment, a FIN + ACK
segment, to confirm the
receipt.
 Three way handshaking (connection
termination)
3. The client TCP sends the last
segment, an ACK segment, to
confirm the receipt of the FIN
segment from the TCP server.
This segment contains the
acknowledgment number, which
is 1 plus the sequence
number received in the FIN
segment.
 Half close (connection termination)

In TCP, one end can stop

sending data while still
receiving data.

This is called a half-close.

A good example is sorting.

After half-closing of the connection,

data can travel from the server to
the client and acknowledgments can
travel from the client to the server.
The client cannot send any more
 TCP Features
• Numbering System
• Flow Control
• Error Control
• Congestion Control
Outline
• Introduction
• Flow Control in TCP
• Sliding Window
– Introduction
– Terminology
– Flow Control Through Sliding
Window
• Problems with TCP
transmission
– Delay ACK
– Silly Window Syndrome
– Solutions to Silly Window
Syndrome
• TCP Error Control
– Checksum
– Ack
– Retransmission
• References
Introduction
• Flow Control balances the Sender’s rate
(lightly loaded) of sending data with the
Receiver’s rate (heavily loaded) of
properly receiving data.

• Otherwise:
– Receiver will lost the data  Sender has to
retransmit the data  unnecessarily
Consume resources  Cost increases 
Performance decreases  User
Frustration…
 Flow Control in TCP
Sender can not overrun receiver with lots of information.

Allows receiver to restrict transmission until it has sufficient buffer space to

accommodate more data.

Flow control in TCP is similar to Data Link layer’s: Go Back N and Selective Repeat in
following manners:

Similarities with TCP Flow Control

Data Link Layer Protocol

Go Back N It does not use NAK

Selective Repeat
. Holds out of order segments until missing one

arrives
Cont
d…
• But, there are differences as well in flow control
mechanism
of TCP and Data Link layer
TCP Flow Control Data Link Flow Control
Byte oriented Uses Frames
TCP sliding window is of Fixed Size window
variable
size

• TCP uses Sliding Window to handle

flow control.
Sliding Window in TCP
• Introduction
– All packets inside the window can be
transmitted.

1 2 3 4 5 6 7 8 9 10

Figure 1: Sliding Windo

Window w
– When an acknowledgment for packet 1 is
received the window slides to the right and
allows the transmission of packet 9
Cont
d..
• Conceptua partitionsthe window into
lly three
– Sent and acknowledged [left side, out side the
classes:
window]
– Being Transmitted [inside the window]
– Waiting to be transmitted [right side, out side
the window]

Figure 2: Sliding Window

Representation
Contd…
• Only unacknowledged packets are retransmitted
– TCP keeps separate timer for each packet.

• Performance:
– Depends on the window size and the speed
of the underlying network.
– Increase window size so that sender is
transmitting packets as fast as the network can carry them.
– Eliminates network idle time.
Contd…
Terminology used in Sliding
Window:
–Imaginary window with two walls: Left and
right
–The window can perform three activities
namely:
– Opening, Closing, and Shrinking

Figure 3: Sliding Window terminology

NOTE: These activities are controlled by the

Receiver and depend on the congestion in the
Network
Contd…
• Opening a window
– Moving the right wall to the right
– Allows more new bytes in the buffer that are
eligible for sending
• Closing a window
– Moving left wall to right
– Some bytes have been acknowledged
• Shrinking a window
– Moving right wall to left.
– Removing eligibility of some packets.
– [Warning: Strongly discouraged and not
allowed in some
Contd…
• Sliding window takes the help of two other
windows namely:
– Receiver window (rwnd)
– Congestion window (cwnd)

• Receiver window (rwnd)

– Value advertised by the opposite end
in a segment containing ACK.
– It is number of Bytes which can be accepted
by the other end before its buffer overflows.
 Contd…
• Congestion window (cwnd)
– Value determined by Network (MTU) to
the
congestion. avoid

• The size of sliding window at one end is

determined by the lesser of two values:
i.e. Window_Size = Min (rwnd, cwnd)

• TCP window can be open/ close by the

receiver. But should not shrunk.
Flow Control through Sliding
Window
• Each window can vary in size over time
– Each ACK contains a window advertisement
– Specifies how many additional Bytes of data the receiver is
willing to accept
– Sender increases or decreases sending
window sized based on the receiver’s advise

• Provides end-to-end flow control

 Example of Flow Control
In this example, It is
assumed that there
is only unidirectional
communication
between client and
server

Figure 4:
Flow Control
[1]
Problems with TCP
Transmission
• Sender will send the data based upon
Receiver’s Advertized Window Size (Free
space in Buffer)

• If, this Window is Zero, sender will not

send data. And, what if Receiver’s
advertisements are getting
lost??-------------Deadlock

• Sender may send a One byte segment to

make the receiver re-announce its next
byte expected and window size
Contd…
• Sending data in very small segments.
– E.g. Telnet connection to an interactive editor
that reacts to every key-stroke
– Worst Case: When a single character is
arrived at TCP, TCP creates a 21 Bytes
segment and further, IP creates 41 Bytes
Datagram…..
– Receiver, on the other hand, acknowledge by
40 Bytes ACK. --------------------Wastage of
scarce Band width
– Solution:
• Delay Acknowledgement and window
advertisement
Delayed
Acknowledgement
•The receiver waits until there is decent
amount of space in its incoming buffer
before acknowledging the arrived
segments
•The delayed acknowledgement can be
piggyback on the returning data
•Reduces traffic
•Disadvantage: it may force the sender to
retransmit the unacknowledged
segments
•To balance: should not be delayed by
more than
Error Control in TCP
• TCP is reliable so it will
deliver entire stream to the
destination without error/ loss/ duplicity.

• TCP error control provide mechanism

for detecting corrupted/ lost/ out of order
and duplicate segment.

• Error detection and correction in

TCP is achieved through:
– Checksum
– Acknowledgement (ACK)
– Time out
Checksum
• Checksum is usedto find out whether the
segments are
corrupted or not.

• TCP uses 16 bit checksum: Mandatory in every

segment.
Calculating Verifying
• E.g. 8 Checksum
bit checksum Checksum
10101001 10101001
00111001 00111001
----------- 00011101
Sum 11100010 -----------
Checksum 00011101 Sum 11111111
Complement 0000000
Acknowledgement (ACK)
• TCP uses ACK to confirm receipt of data
segments.

• Control segments that carry no data but

consume a sequence number are also
Acknowledged.

• An ACK do not consume sequence

number and it is never Acknowledged.
Retransmission
• When a segment is corrupted, lost, or
delayed, it is retransmitted.

• TCP maintains a Retransmission

Timer for each connection
– The timer is started during a
transmission. A timeout causes a
retransmission.

Q: How to set this time out value for the

Retransmission Timer?
Retransmission (Contd…)
Segment 1

RTT #1
nt 1
ACK for Segme

• Round Trip Time

measurement
Segment 2

Segment 3

– The RTT is based on time

RTT #2
gment 2 + 3

difference between segment ACK for Se

transmission and ACK. Segment

5
Segmen
t 4

– But TCP does not ACK each

RTT #3
segment Each connection has
gment 4
ACK for Se

only one timer. gment 5

ACK for Se

Figure 6: RTT [1]

Retransmission
(Contd…)
• The setting of the retransmission timer is
crucial for efficiency
– Timeout value too small
• Results in unnecessary retransmissions
– Timeout value too large
• long waiting time before a
retransmission can be issued

• A problem is that the delays in the

network are not fixed.
• Therefore, the retransmission
timers must be Dynamic.
 Retransmission (Contd…)
• Retransmission Time Out (RTO)
• If the timer of any segment is expired, that segment is simply
re sent to the destination

• Fast Retransmission:
– If Retransmission time is large, one segment is lost and receiver received so
many out of order segments
– Store out of order segments in buffer
– Worse Case: Limited Buffer Size 
– Remedy: Three duplicate ACKs rule
Fast Retransmission (3 ACK
Rule)
• If three or more duplicate ACKs are
received in a row, the TCP sender
believes that a segment has been lost.

• Then TCP performs a retransmission of

what seems to be the missing segment,
without waiting for a timeout to happen.
Example of Fast Retransmission

Figure 7: 3 ACK
[1]
Reference
•Behrouz Forouzan, “Data Communication and
Networking”, McGraw Hill

66
Thank
You