CCNA 2 v3.1 Module 10 Intermediate TCP/IP

Objectives

TCP Operation The transport layer is responsible for the reliable transport of and regulation of data flow from source to destination.

Synchronization or Three-Way Handshake TCP is connection oriented Communicating hosts go through a synchronization process to establish a virtual connection. This synchronization process insures that both sides are ready for data transmission and allows the devices to determine the initial sequence numbers.

Denial-of-Service Attacks Hacker initiates a SYN but spoofs the source IP address. Target replies to the unreachable IP address and waits for final ACK. Hackers floods target with false SYN requests tying up its connection resources, preventing it from responding to legitimate connection requests.

TCP Sequence and Acknowledgment Numbers

Positive ACK Acknowledgement is a common step in the synchronization process which includes sliding windows and data sequencing.

Sequence and ACK numbers Each TCP segment is numbered before transmission so that the receiver will be able to properly reassemble the bytes _____________________. They also identify missing data pieces so the sender can ____________ them. Only the _________________ need to be re-transmitted. in their original order retransmit missing segments Positive Acknowledgement and Retransmission TCP utilizes PAR to control data flow and confirm data delivery. Source sends packet, starts timer, and waits for _____. If timer expires before source receives ACK,source __________________ and ______________. ACK retransmits packet re-starts timer

Acknowledgements

Flow Control Flow control is used to control the data flow between the connection. If for any reason one of the two hosts are unable to keep up with the data transfer, it is able to send special signals to the other end, asking it to either stop or slow down so it can keep up. Windowing is the number of data segments the transmitting machine is allowed to send without receiving an acknowledgment for them

TCP Sliding Window

Windowing and Window Size _______________ determines the amount of data that you can transmit before receiving an acknowledgment. Window size I didn’t get all of that, slow down. Fast enough for you? Sliding window refers to the fact that the window size is negotiated ___________ during the TCP session. dynamically Expectational acknowledgment means that the acknowledgment number refers to the octet that is ______________. next expected If the source receives no acknowledgment, it knows to retransmit at a ________ rate. slower

TCP Segment Format Number of the calling port Number of the called port Used to ensure correct sequencing of the arriving data Next expected Segment Number of 32-bit words in the header Number of octets sender is willing to accept Control setup and termination of session set to zero Indicates the end of the urgent data Upper layer protocol data

Protocol Graph: TCP/IP

UDP Applications that do not need guaranteed delivery use the faster UDP. UDP has no windowing or acknowledgments, or error detection. TCP and UDP: TCP enables connection-oriented, ________ transmission. TCP is used by ________________________ UDP provides, ______________ non-guaranteed transmission. UDP is used by __________________________. reliable FTP, HTTP, SMTP, and DNS. connectionless DNS, TFTP, SNMP, and DHCP

Specifies the application/protocol to which UDP needs to pass the data UDP Segment Format  0 – 15   16 - 31   31 - 47   48 – 63  64  Source Port Destination Port Length Checksum Data… Optional - used only if reply is expected Specifies the application/protocol to which UDP needs to pass the data Number of octets in the UDP segment Ensure that the data has not been damaged during transmission

Port Numbers and Socket

Port Numbers

Telnet Port Numbers

Ports for Clients Whenever a client connects to a service on a server, a source and destination port must be specified. TCP and UDP segments contain fields for source and destination ports.

Ports for Clients The port number combines with the network address to form a socket. Destination ports (services) are normally defined using the well-known ports. Source ports set by the client are determined dynamically. Usually source ports are randomly assigned a number above 1023. Destination Port Source Port 1. Client requests a web page from server 2. Server responds to client 1032 80 80 1032 Port numbers are 16-bit values ranging from 0 to 65535. This range is divided into three different categories: Below 1023 are well-known ports. 1024 to 49151 are registered ports (used by ordinary user processes). Between 49152 and 65535 are defined as dynamic or private ports.

Port Numbering and Well-Known Port Numbers Port numbers are divided into three different categories: Well-known ports Registered ports Dynamic or private ports

Overview of Transport Layer Ports Both _____ and _____ use port or socket numbers. TCP UDP __________ work as source and destination addresses for TCP segments. Port Nos. Ports ensure packets reach the ______________________ on the server. appropriate service The _________________ field determines which service the source is requesting. destination port TCP/IP associate ______ at the transport layer with certain applications. ports Software developers have agreed on ____________ ports, for example: a packet bound for an FTP server would use port ___. well-known 21 Conversations that do not involve applications with well-known ports are assigned ports __________ selected from a specific range. randomly Port numbers have the following assigned ranges: Below 255 are reserved for ___________________. From ___ - ____ assigned to companies for marketable applications. Above 1023 are ____________. public applications 255 1023 unregulated Source port numbers are dynamically assigned by the originating host, and are usually a number larger than _____. 1023 Port numbers in the range of _____ - _____ are controlled by ICANN. 1023

Reserved TCP and UDP Ports for Services Key Word Description Reserved 1-4 Unassigned 5 RJE Remote Job Entry 7 ECHO Echo 9 DISCARD Discard 11 USER Active Users 13 DAYTIME Daytime 15 NETSTAT Who is UP on NETSTAT 17 QUOTE Quote of the Day 19 CHARGEN Character generator 20 FTP-DATA FTP – Data channel 21 23 25 37 TIME Time of day 39 RLP Resource Location 42 NAMESERVER Host Name Server 43 NICNAME Who is… 53 Port Key Word Description 67 BOOTPS BOOTP Server 68 BOOTPC BOOTP Client 69 75 Any private Dial-out 77 Any private RJE service 79 FINGER Finger 80 95 SUPDUP SUPDUP Protocol 101 HOSTNAME NIC Host name server 102 ISO-TSAP 110 113 AUTH Authentication Service 117 UUCP-PATH UUCP Path Service 123 NTP Network Time Protocol 133-159 Unassigned 160-223 Reserved 161 224-241 242-255 HTTP Hyper-Text Transfer TELNET Terminal connection SMTP Simple Mail Transfer

Reserved TCP and UDP Port Numbers

Summary