Transport Layer1 TCP Connection Management Recall: TCP sender, receiver establish “connection” before exchanging data segments r initialize TCP variables: m seq. #s  buffers, flow control info (e.g. RcvWindow ) r client: connection initiator Socket clientSocket = new Socket("hostname","port number"); r server: contacted by client Socket connectionSocket = welcomeSocket.accept(); Three way handshake: Step 1: client host sends TCP SYN segment to server m specifies initial seq # m no data Step 2: server host receives SYN, replies with SYNACK segment m server allocates buffers m specifies server initial seq. # Step 3: client receives SYNACK, replies with ACK segment, which may contain data

Transport Layer2 TCP Connection Management (cont.) Closing a connection: client closes socket: clientSocket.close(); Step 1: client end system sends TCP FIN control segment to server Step 2: server receives FIN, replies with ACK. Closes connection, sends FIN. client FIN server ACK FIN close closed timed wait

Transport Layer3 TCP Connection Management (cont.) Step 3: client receives FIN, replies with ACK. m Enters “timed wait” - will respond with ACK to received FINs Step 4: server, receives ACK. Connection closed. Note: with small modification, can handle simultaneous FINs. client FIN server ACK FIN closing closed timed wait closed

Transport Layer4 TCP Packets Source PortDestination Port Sequence Number Acknowledgment Number Data OffsetFlagsWindow ChecksumUrgent Pointer Options Data URG: Urgent ptr validRST: Reset flag ACK: ACK validSYN: Synchronize seq #s PSH: Push functionFIN: Finish of connection Flags: TCP adds “sessions” or “connections” to the bare IP protocol:

Transport Layer5 The 3-way handshake r To establish connection, client must prove that it received the SYN|ACK packet! r SYN|ACK packet routed to system with source address from first SYN packet m Since based on routing, only secure back to the subnet of the source Client Server (SYN, C-Seq, 0) (SYN|ACK, S-Seq, C-Seq+1) (ACK, C-Seq+1, S-Seq+1) Labels below give (Flags, Seq#, Ack#):

Transport Layer6 SYN Issues – Predictability r Sequence numbers should be unpredictable m Most systems today select random values that meet some necessary conditions r Otherwise: ClientServer With fake Src: (SYN, C-Seq, 0) To fake Src: (SYN|ACK, S-Seq, C-Seq+1) (ACK, C-Seq+1, Predict-S-Seq+1) Data pretending to come from fake Src Particularly dangerous when “fake Src” is a trusted IP address

Transport Layer7 SYN Issues – SYN Flooding r DoS isn’t due to traffic volume but to resource exhaustion (memory) in the server O.S. r Early network stacks had a severely limited number of half- open structures available r Can spoof SRC address with non-existent host ClientServer Server Data Structures (SYN, C-Seq1, 0) (SYN|ACK, S-Seq1, C-Seq1+1) Half-open conn S-Seq1 (SYN, C-Seq2, 0) (SYN|ACK, S-Seq2, C-Seq2+1) Half-open conn S-Seq2 (SYN, C-Seq3, 0) (SYN|ACK, S-Seq3, C-Seq3+1) Half-open conn S-Seq3...

Transport Layer8 TCP Limitations  provides strict ordering of information  result: Head of Line Blocking (HOL) problem  what is needed in many cases, is only partial ordering of data  byte oriented nature….inconvenience for telephony signaling  no built-in support for multi-homed IP hosts  vulnerability to SYN flooding attacks