Presentation is loading. Please wait.

Presentation is loading. Please wait.

Transport and Naming: UDP, TCP, DNS CS 4251: Computer Networking II Nick Feamster Spring 2008.

Published byJada Wheeler Modified over 10 years ago

There are copies: 1
Naming: The Domain Name System Nick Feamster CS 4251 Fall 2008.
Naming: The Domain Name System Nick Feamster CS 4251 Fall 2008.

Similar presentations

Presentation on theme: "Transport and Naming: UDP, TCP, DNS CS 4251: Computer Networking II Nick Feamster Spring 2008."— Presentation transcript:

1 Transport and Naming: UDP, TCP, DNS CS 4251: Computer Networking II Nick Feamster Spring 2008

2 Transport Protocols Lowest level end- to-end protocol. –Header generated by sender is interpreted only by the destination –Routers view transport header as part of the payload 7 7 6 6 5 5 7 7 6 6 5 5 Transport IP Datalink Physical Transport IP Datalink Physical IP router 2 2 2 2 1 1 1 1

3 Functionality Split Network provides best-effort delivery End-systems implement many functions –Reliability –In-order delivery –Demultiplexing –Message boundaries –Connection abstraction –Congestion control –…

4 Transport Protocols UDP provides just integrity and demux TCP adds… –Connection-oriented –Reliable –Ordered –Point-to-point –Byte-stream –Full duplex –Flow and congestion controlled

5 UDP: User Datagram Protocol No frills, bare bones Internet transport protocol Best effort service, UDP segments may be: –Lost –Delivered out of order Connectionless: –No handshaking between UDP sender, receiver –Each UDP segment handled independently of others Why is there a UDP? No connection establishment (which can add delay) Simple: no connection state at sender, receiver Small header No congestion control: UDP can blast away as fast as desired

6 UDP Often used for streaming multimedia apps –Loss tolerant –Rate sensitive Other UDP uses (why?): –DNS, SNMP Reliable transfer over UDP –Must be at application layer –Application-specific error recovery Source port # Dest port # 32 bits Application data (message) UDP segment format Length Checksum Length, in bytes of UDP segment, including header

7 UDP Checksum Sender: Treat segment contents as sequence of 16-bit integers Checksum: addition (1s complement sum) of segment contents Sender puts checksum value into UDP checksum field Receiver: Compute checksum of received segment Check if computed checksum equals checksum field value: –NO - error detected –YES - no error detected But maybe errors nonethless? Goal: detect errors (e.g., flipped bits) in transmitted segment – optional use!

8 High-Level TCP Characteristics Protocol implemented entirely at the ends –Fate sharing Protocol has evolved over time and will continue to do so –Nearly impossible to change the header –Use options to add information to the header –Change processing at endpoints –Backward compatibility is what makes it TCP

9 TCP Header Source portDestination port Sequence number Acknowledgement Advertised windowHdrLen Flags 0 ChecksumUrgent pointer Options (variable) Data Flags: SYN FIN RESET PUSH URG ACK

10 Evolution of TCP 19751980 1985 1990 1982 TCP & IP RFC 793 & 791 1974 TCP described by Vint Cerf and Bob Kahn In IEEE Trans Comm 1983 BSD Unix 4.2 supports TCP/IP 1984 Nagels algorithm to reduce overhead of small packets; predicts congestion collapse 1987 Karns algorithm to better estimate round-trip time 1986 Congestion collapse observed 1988 Van Jacobsons algorithms congestion avoidance and congestion control (most implemented in 4.3BSD Tahoe) 1990 4.3BSD Reno fast retransmit delayed ACKs 1975 Three-way handshake Raymond Tomlinson In SIGCOMM 75

11 TCP Through the 1990s 1993 1994 1996 1994 ECN (Floyd) Explicit Congestion Notification 1993 TCP Vegas (Brakmo et al) delay-based congestion avoidance 1994 T/TCP (Braden) Transaction TCP 1996 SACK TCP (Floyd et al) Selective Acknowledgement 1996 Hoe NewReno startup and loss recovery 1996 FACK TCP (Mathis et al) extension to SACK

12 TCP: 3-Way Handshake Why do we have a 3-way handshake? What are potential problems with this approach? SYN C SYN S, ACK C ACK S Listening Store data Wait Connected

13 TCP handshake Each arriving SYN stores state at the server –TCP Control Block (TCB) –~ 280 bytes FlowID, timer info, Sequence number, flow control status, out-of-band data, MSS, other options agreed to –Half-open TCB entries exist until timeout –Fixed bound on half-open connections Resources exhausted requests rejected

14 TCP SYN flooding Problem: No client authentication of packets before resources allocated Attacker sends many connection requests –Spoofed source addresses –RSTs quickly generated if source address exists –No reply for non-existent sources Attacker exhausts TCP buffer to w/ half-open connections

15 SYN Flooding C S SYN C1 Listening Store data SYN C2 SYN C3 SYN C4 SYN C5

16 SYN Cookies client –sends SYN packet and ACK number to server –waits for SYN-ACK from server w/ matching ACK number server –responds w/ SYN-ACK packet w/ initial SYN-cookie sequence number –Sequence number is cryptographically generated value based on client address, port, and time. client –sends ACK to server w/ matching sequence number server –If ACK is to an unopened socket, server validates returned sequence number as SYN-cookie –If value is reasonable, a buffer is allocated and socket is opened SYN ack-number SYN-ACK seq-number as SYN-cookie, ack-number NO BUFFER ALLOCATED ACK seq_number ack-number+data SYN-ACK seq-number, ack-number TCP BUFFER ALLOCATED

17 Time Packet ACK Timeout ARQ –Receiver sends acknowledgement (ACK) when it receives packet –Sender waits for ACK and times out if it does not arrive within some time period Simplest ARQ protocol Send a packet, stop and wait until ACK arrives SenderReceiver Stop and Wait

18 Recovering from Error Packet ACK Timeout Packet ACK Timeout Packet Timeout Packet ACK Timeout Time Packet ACK Timeout Packet ACK Timeout ACK lostPacket lost Early timeout DUPLICATE PACKETS!!!

19 Duplicates Performance –Can only send one packet per round trip –But the capacity of the pipe is, in practice, much greater Problems with Stop and Wait

20 How to Recognize Resends? Use sequence numbers –both packets and acks Sequence # in packet is finite How big should it be? –For stop and wait? One bit – wont send seq #1 until received ACK for seq #0 Pkt 0 ACK 0 Pkt 0 ACK 1 Pkt 1 ACK 0

21 How to Keep the Pipe Full? Send multiple packets without waiting for first to be acked –Number of pkts in flight = window Reliable, unordered delivery –Several parallel stop & waits –Send new packet after each ack –Sender keeps list of unacked packets; resends after timeout –Receiver same as stop & wait How large a window is needed? –Suppose 10Mbps link, 4ms delay, 500byte pkts 1? 10? 20?11020 –Round trip delay * bandwidth = capacity of pipe

22 Sliding Window Reliable, ordered delivery Receiver has to hold onto a packet until all prior packets have arrived –Why might this be difficult for just parallel stop & wait? –Sender must prevent buffer overflow at receiver Circular buffer at sender and receiver –Packets in transit buffer size –Advance when sender and receiver agree packets at beginning have been received

23 Receiver Sender Sender/Receiver State …… Sent & AckedSent Not Acked OK to SendNot Usable …… Max acceptable Receiver window Max ACK receivedNext seqnum Received & AckedAcceptable Packet Not Usable Sender window Next expected

24 Sequence Numbers How large do sequence numbers need to be? –Must be able to detect wrap-around –Depends on sender/receiver window size E.g. –Max seq = 7, send win=recv win=7 –If pkts 0..6 are sent succesfully and all acks lost Receiver expects 7,0..5, sender retransmits old 0..6!!! Max sequence must be send window + recv window

25 Window Sliding – Common Case On reception of new ACK (i.e. ACK for something that was not acked earlier) –Increase sequence of max ACK received –Send next packet On reception of new in-order data packet (next expected) –Hand packet to application –Send cumulative ACK – acknowledges reception of all packets up to sequence number –Increase sequence of max acceptable packet

26 Loss Recovery On reception of out-of-order packet –Send nothing (wait for source to timeout) –Cumulative ACK (helps source identify loss) Timeout (Go-Back-N recovery) –Set timer upon transmission of packet –Retransmit all unacknowledged packets Performance during loss recovery –No longer have an entire window in transit –Can have much more clever loss recovery

27 DNS: Mapping Names to Addresses ClientLocal DNS resolver root,.edu troll-gw.gatech.edu www.cc.gatech.edu NS troll-gw.gatech.edu www.cc.gatech.edu NS burdell.cc.gatech.edu A 130.207.7.36 burdell.cc.gatech.edu Recursive query Iterative queries Note the diversity of Georgia Techs authoritative nameservers

28 Some Record Types A NS MX CNAME TXT PTR AAAA SRV

29 Caching Resolvers cache DNS responses –Quick response for repeated translations –Other queries may reuse some parts of lookup NS records for domains typically cached for longer –Negative responses also cached Typos, localhost, etc. Cached data periodically times out –Lifetime (TTL) of data controlled by owner of data –TTL passed with every record What if DNS entries get corrupted?

30 Root Zone Generic Top Level Domains (gTLD) –.com,.net,.org, Country Code Top Level Domain (ccTLD) –.us,.ca,.fi,.uk, etc… Root server ({a-m}.root-servers.net) also used to cover gTLD domains –Increased load on root servers –August 2000:.com,.net,.org moved off root servers onto gTLDs

31 Some gTLDs.info general info.biz businesses.name individuals.aero air-transport industry.coop business cooperatives.pro accountants, lawyers, physicians.museum museums

32 Do you trust the TLD operators? Wildcard DNS record for all.com and.net domain names not yet registered by others.com.net –September 15 – October 4, 2003 –February 2004: Verisign sues ICANN Redirection for these domain names to Verisign web portal What services might this break?

33 Protecting the Root Nameservers Redundancy: 13 root nameservers IP Anycast for root DNS servers {c,f,i,j,k}.root-servers.net –RFC 3258 –Most physical nameservers lie outside of the US Sophisticated? Why did nobody notice? gatech.edu. 13759 NS trollgw.gatech.edu. Defense Mechanisms

34 Defense: Replication and Caching source: wikipedia

35 DNS Hack #1: Reverse Lookup Method –Hierarchy based on IP addresses –130.207.7.36 Query for PTR record of 36.7.207.130.in- addr.arpa. Managing –Authority manages IP addresses assigned to it

36 DNS Hack #2: Load Balance Server sends out multiple A records Order of these records changes per-client

37 DNS Hack #3: Blackhole Lists First: Mail Abuse Prevention System (MAPS) –Paul Vixie, 1997 Today: Spamhaus, spamcop, dnsrbl.org, etc. % dig 91.53.195.211.bl.spamcop.net ;; ANSWER SECTION: 91.53.195.211.bl.spamcop.net. 2100 IN A 127.0.0.2 ;; ANSWER SECTION: 91.53.195.211.bl.spamcop.net. 1799 IN TXT "Blocked - see http://www.spamcop.net/bl.shtml?211.195.53.91" Different addresses refer to different reasons for blocking

Download ppt "Transport and Naming: UDP, TCP, DNS CS 4251: Computer Networking II Nick Feamster Spring 2008."

Similar presentations

Naming: The Domain Name System Nick Feamster CS 4251 Fall 2008.

Naming: The Domain Name System Nick Feamster CS 4251 Fall 2008.
Transport Layer3-1 Transport Overview and UDP. Transport Layer3-2 Goals r Understand transport services m Multiplexing and Demultiplexing m Reliable data.

Transport Layer3-1 Transport Overview and UDP. Transport Layer3-2 Goals r Understand transport services m Multiplexing and Demultiplexing m Reliable data.
Transmission Control Protocol (TCP)

Transmission Control Protocol (TCP)
CSE551: Computer Network Review r Network Layers r TCP/UDP r IP.

CSE551: Computer Network Review r Network Layers r TCP/UDP r IP.
BZUPAGES.COM 1 User Datagram Protocol - UDP RFC 768, Protocol 17 Provides unreliable, connectionless on top of IP Minimal overhead, high performance –No.

BZUPAGES.COM 1 User Datagram Protocol - UDP RFC 768, Protocol 17 Provides unreliable, connectionless on top of IP Minimal overhead, high performance –No.
Computer Networks 2 Lecture 2 TCP – I - Transport Protocols: TCP Segments, Flow control and Connection Setup.

Computer Networks 2 Lecture 2 TCP – I - Transport Protocols: TCP Segments, Flow control and Connection Setup.
EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao (Part of the slides are based on Drs. Kurose & Ross ’ s slides for their Computer.

EEC-484/584 Computer Networks Lecture 15 Wenbing Zhao (Part of the slides are based on Drs. Kurose & Ross ’ s slides for their Computer.
1 Lecture 14 MPLS Intro to Transport, Reliability, and TCP 15-441 Networking, Spring 2007 As usual, adapted from Srini Seshan and David Anderson, 15-441,

1 Lecture 14 MPLS Intro to Transport, Reliability, and TCP Networking, Spring 2007 As usual, adapted from Srini Seshan and David Anderson, ,
Computer Communication 2004-51 Digital Communication in the Modern World Transport Layer Multiplexing, UDP

Computer Communication Digital Communication in the Modern World Transport Layer Multiplexing, UDP
Chapter 3: Transport Layer

Chapter 3: Transport Layer
Transport Layer3-1 Transport Layer Our goals: r understand principles behind transport layer services: m multiplexing/demultipl exing m reliable data transfer.

Transport Layer3-1 Transport Layer Our goals: r understand principles behind transport layer services: m multiplexing/demultipl exing m reliable data transfer.
15-441 Computer Networking Lecture 16 – Transport Protocols.

Computer Networking Lecture 16 – Transport Protocols.
Lecture 8 Chapter 3 Transport Layer

Lecture 8 Chapter 3 Transport Layer
Lecture 7 – Transport Protocols

Lecture 7 – Transport Protocols
EEC-484/584 Computer Networks Lecture 13 Wenbing Zhao (Part of the slides are based on Drs. Kurose & Ross ’ s slides for their Computer.

EEC-484/584 Computer Networks Lecture 13 Wenbing Zhao (Part of the slides are based on Drs. Kurose & Ross ’ s slides for their Computer.
2: Application Layer 1 1DT066 Distributed Information System Chapter 3 Transport Layer.

2: Application Layer 1 1DT066 Distributed Information System Chapter 3 Transport Layer.
Some slides are in courtesy of J. Kurose and K. Ross Review of Previous Lecture Electronic Mail: SMTP, POP3, IMAP DNS Socket programming with TCP.

Some slides are in courtesy of J. Kurose and K. Ross Review of Previous Lecture Electronic Mail: SMTP, POP3, IMAP DNS Socket programming with TCP.
3-1 Transport services and protocols r provide logical communication between app processes running on different hosts r transport protocols run in end.

3-1 Transport services and protocols r provide logical communication between app processes running on different hosts r transport protocols run in end.
8-1 Transport Layer Our goals: r understand principles behind transport layer services: m multiplexing/demultipl exing m reliable data transfer m flow.

8-1 Transport Layer Our goals: r understand principles behind transport layer services: m multiplexing/demultipl exing m reliable data transfer m flow.
Transport Layer 3-1 06- Transport Layer. Transport Layer 3-2 Chapter 3 Transport Layer Computer Networking: A Top Down Approach Featuring the Internet,

Transport Layer Transport Layer. Transport Layer 3-2 Chapter 3 Transport Layer Computer Networking: A Top Down Approach Featuring the Internet,

Similar presentations

Ads by Google