Download presentation
Presentation is loading. Please wait.
Published byVirgil Briggs Modified over 7 years ago
1
CIS 81 Fundamentals of Networking Chapter 7: Transport Layer Part 1 of 2
CCNA Introduction to Networking 5.0 Rick Graziani Cabrillo College Fall 2013
2
Chapter 7: Objectives Part 1
Describe the purpose of the transport layer in managing the transportation of data in end-to-end communication. Describe characteristics of the TCP and UDP protocols, including port numbers and their uses. Part 2 Explain how TCP session establishment and termination processes facilitate reliable communication. Explain how TCP protocol data units are transmitted and acknowledged to guarantee delivery. Explain the UDP client processes to establish communication with a server. Determine whether high-reliability TCP transmissions, or non-guaranteed UDP transmissions, are best suited for common applications.
3
The Transport Layer
4
IPv / HLEN / Flag / S. IP / D. IP / …
Encapsulation DATA SEGMENT S.P / D.P. / S.N. / Ack # / … DATA PACKET IPv / HLEN / Flag / S. IP / D. IP / … DATA (SEGMENT) FRAME Frame Header DATA (PACKET) Trailer
5
Reminder of encapsulation/decapsulation
Data Link Header IP Header TCP Header HTTP Header Data Link Trailer Data Data Link Header Data Link Header Data Link Trailer Data Link Trailer IP Packet IP Packet Data Link Header Data Link Header Data Link Trailer Data Link Trailer IP Packet IP Packet Data Link Header Data Link Header Data Link Trailer Data Link Trailer IP Packet IP Packet Data Link Header IP Header TCP Header HTTP Header Data Link Trailer Data
6
Focus on Transport Layer
TCP TCP
7
Role of the Transport Layer
TCP UDP and Role of the Transport Layer The Transport Layer is responsible for establishing a temporary communication session between two applications and delivering data between them. It regulates the flow of information from source to destination, reliably and accurately.
8
Transport Layer Responsibility
TCP Segment TCP Segment TCP Segment TCP Segment Tracking the individual communication between applications on the source and destination hosts Segmenting data for manageability and reassembling segmented data into streams of application data at the destination Identifying the proper application for each communication stream
9
What two protocols are at the Transport Layer?
TCP UDP IP is a best-effort delivery service. What does that mean? No guarantees Best-effort service “Unreliable service” TCP/UDP is responsible for extending IP’s delivery service between two end systems.
10
Tracking Individual Conversations
Any host on a network can have multiple applications that are communicating simultaneously. It is the responsibility of the Transport layer to maintain the multiple communication streams between these applications.
11
HTTP HTTP SMTP FTP Cabrillo Web Server TCP TCP TCP ISP’s and FTP Server TCP TCP TCP TCP TCP A single client may have multiple transport connections with multiple servers. Notice that TCP is a connection-oriented service (two-way arrow) between the hosts, whereas UDP is a connectionless service (one-way arrow) . (later)
12
Identifying the Application
13
UDP Header TCP Header HTTP is Port 80 The transport layer assigns each application an identifier called a port number. The transport layer uses ports to identify the application or service.
14
Accomplished by referencing the port number in the header.
segment segment To pass data streams to the proper applications, the Transport layer must identify the target application. Accomplished by referencing the port number in the header. Each software process that needs to access the network is assigned a port number unique in that host. This port number is used in the transport layer header to indicate to which application that piece of data is associated. More later!
15
Segmenting and Reassembling Segments
Some transport layer protocols can also reassemble the data pieces into streams to be passed to the application layer.
16
Transport Layer Protocols
Acronym Alert Transport Layer Protocols TCP/IP uses two transport layer protocols: Transmission Control Protocol (TCP) User Datagram Protocol (UDP) and Role of the Transport Layer
17
TCP versus UDP TCP UDP Two protocols for different types of traffic.
18
TCP Header UDP Header TCP is a more complex protocol.
19
TCP Segment and UDP Datagram
20
Jon Postel made many significant contributions to the development of the Internet, particularly in the area of standards. He is principally known for being the editor of the Request for Comment (RFC) document series, and for serving as the Internet Assigned Numbers Authority (IANA) until his death. TCP (1943 – 1998) TCP is considered a reliable transport protocol. Introduced in RFC 793. It includes processes to ensure reliable delivery between. Analogous to sending packages using FedEx. With TCP, the three basic operations of reliability are: Tracking transmitted data segments Acknowledging received data Retransmitting any unacknowledged data
21
TCP The user uses FTP to upload a file to an FTP server.
22
UDP Providing the reliability functions of TCP also adds additional overhead. UDP provides just the basic functions for delivering data segments between the appropriate applications, with very little overhead and data checking. It is known as a best-effort delivery protocol. Analogous to sending a regular, non-registered, letter in the mail.
23
UDP The user uses TFTP to upload a file to a TFTP server.
24
TCP
25
TCP Services TCP provides reliable delivery on top of unreliable IP
In addition to supporting the basic functions of data segmentation and reassembly, TCP also provides: Reliable delivery Error checking Flow control Congestion control Ordered delivery Connection establishment
26
Transmission Control Protocol (TCP)
HTTP FTP SMTP Connection-oriented protocol, described in RFC 793. TCP incurs additional overhead to gain functions. Each TCP segment adds a 20 byte header to the Application layer data. Applications that use TCP include: Web Browsers File Transfers The TCP PDU is called a segment.
27
Application Data (100,000 bytes)
Segmenting Data Application Data (100,000 bytes) 1-1000 … TCP 1-1000 TCP Segment TCP encapsulates data into multiple segments. Segments are required to make network communication efficient. The segments header contain: Source port number to help keep track of individual conversations. Destination port number to enable a receiving host to forward the data to the appropriate application. Sequence numbers help segmenting and reassembling segments. Window size to help with flow control. Error checking mechanisms.
28
Reassembling Segments
At the receiving host, each segment is examined and reconstructed into a complete data stream using the sequence numbers. Missing segments can be requested from the source. It is then directed to the appropriate application identified in the segment header.
29
Same Order Delivery Segments can arrive out-of-order but are reorganized using sequence numbers. Having taken different routes to the destination, the segments arrive out of order. NOTE: Establishing a Session, Reliable Delivery, and Flow Control will be discussed later.
30
TCP Header
31
Sample TCP Segment Capture
Source Port (16) Destination Port (16) Sequence Number (32) Acknowledgement Number (32) Header Length (4) Reserved (6) Control Bits (6) Window (16) Checksum (16) Urgent (16) Options Application Layer Data Sample TCP Segment Capture
32
Acknowledgement Number (32) Application Layer Data
Source Port (16) Destination Port (16) Sequence Number (32) Acknowledgement Number (32) Header Length (4) Reserved (6) Control Bits (6) Window (16) Checksum (16) Urgent (16) Options Application Layer Data Source Port (16 bits) Number of the calling port. Dynamically assigned to the sending host. Number ranges from 1024 to 65,535. The source port makes it possible to have multiple sessions of FTP running simultaneously.
33
Acknowledgement Number (32) Application Layer Data
Source Port (16) Destination Port (16) Sequence Number (32) Acknowledgement Number (32) Header Length (4) Reserved (6) Control Bits (6) Window (16) Checksum (16) Urgent (16) Options Application Layer Data Destination Port (16 bits) Number of the called port. Sending host usually selects a number between 1 and 1023. End systems use the same port numbers to select the proper application. E.g., when telnetting, Telnet on the source (port 23) is talking to Telnet on the destination (port 23).
34
Acknowledgement Number (32) Application Layer Data
Source Port (16) Destination Port (16) Sequence Number (32) Acknowledgement Number (32) Header Length (4) Reserved (6) Control Bits (6) Window (16) Checksum (16) Urgent (16) Options Application Layer Data Sequence Number (32 bits) Used to establish reliability. Number ensures correct sequencing of arriving data. Identifies the position in the sender’s byte stream of data.
35
Acknowledgement Number (32) Application Layer Data
Source Port (16) Destination Port (16) Sequence Number (32) Acknowledgement Number (32) Header Length (4) Reserved (6) Control Bits (6) Window (16) Checksum (16) Urgent (16) Options Application Layer Data Acknowledgement Number (32 bits) Used to establish reliability. Next expected TCP octet.
36
Acknowledgement Number (32) Application Layer Data
Source Port (16) Destination Port (16) Sequence Number (32) Acknowledgement Number (32) Header Length (4) Reserved (6) Control Bits (6) Window (16) Checksum (16) Urgent (16) Options Application Layer Data Header Length (4 bits) Known as ʺdata offsetʺ. Indicates the length of the TCP segment header.
37
Acknowledgement Number (32) Application Layer Data
Source Port (16) Destination Port (16) Sequence Number (32) Acknowledgement Number (32) Header Length (4) Reserved (6) Control Bits (6) Window (16) Checksum (16) Urgent (16) Options Application Layer Data Control Bits (Flags) (6 bits) Includes bit codes, or flags, that indicate the purpose and function of the TCP segment.
38
Acknowledgement Number (32) Application Layer Data
Source Port (16) Destination Port (16) Sequence Number (32) Acknowledgement Number (32) Header Length (4) Reserved (6) Control Bits (6) Window (16) Checksum (16) Urgent (16) Options Application Layer Data Window (16 bits) Number of octets that the receiver is willing to accept. This number can be adjusted while data is being transmitted.
39
Acknowledgement Number (32) Application Layer Data
Source Port (16) Destination Port (16) Sequence Number (32) Acknowledgement Number (32) Header Length (4) Reserved (6) Control Bits (6) Window (16) Checksum (16) Urgent (16) Options Application Layer Data Checksum (16 bits) Calculated checksum of the header and data fields.
40
Port Numbers
41
UDP Header TCP Header HTTP is Port 80
Both TCP and UDP use ports (or sockets) numbers to pass information to the upper layers.
42
The application this TCP segment came from.
The application this TCP segment is going to. The application this TCP segment came from. The application this TCP segment is going to.
43
Application Header + data
Port numbers are used to by the sender to tell the receiver which network application it should use for the “Data”. Port Number Application Header + data Port numbers are used by the receiver so it knows which application it should send the “Data” to. Port Number
44
http://www.iana.org/assignments/port-numbers TBA
The Internet Assigned Numbers Authority (IANA) assigns port numbers.
45
Well Known Ports (Numbers 0 to 1023)
Well Known or Registered Port Number Well Known Ports (Numbers 0 to 1023) Reserved for common services and applications Client: TCP destination port Server: TCP source port Well Known or Registered Port Number
46
Registered Ports (Numbers 1024 to 49151)
Well Known or Registered Port Number Registered Ports (Numbers 1024 to 49151) Assigned to user processes or applications. Non-common applications. Client: TCP destination port Server: TCP source port May also be used as dynamic or private port (next). Well Known or Registered Port Number
47
Dynamic or Private Ports (Numbers 49152 to 65535)
Private/Dynamic Port Number Well Known or Registered Port Number Well Known or Registered Port Number Private/Dynamic Port Number Dynamic or Private Ports (Numbers to 65535) Also known as Ephemeral Ports Usually assigned dynamically to client applications when initiating a connection. Client: TCP source port Server: TCP destination port May also include the range of Registered Ports (Numbers 1024 to 49151) Note: Some peer-to-peer file sharing programs use these ports as Register Ports. (previous slide)
48
Client Server Telnet
49
Client TCP Header 1028 23 Client Server Client sends TCP segment with:
Data for Telnet Client Server Client sends TCP segment with: Destination Port: 23 (Well known port number) Source Port: 1028 (Dynamic Port assigned by client)
50
Server TCP Header 23 1028 Client Server
Data for Telnet Client Server Server responds with TCP segment with: Destination Port: 1028 (Dynamic Port assigned by client) Source Port: 23 (Well known port number)
51
Notice the difference in how source and destination port numbers are used with clients and servers:
Client (initiating Telnet service): Destination Port = 23 (telnet) Source Port = 1028 (dynamically assigned) Server (responding to Telnet service): Destination Port = 1028 (source port of client) Source Port = 23 (telnet)
52
49888 49890 Same client to same server - Two different HTTP sessions Client: Same destination port Client: Different source ports to uniquely identify this web session.
53
49888 49890 Destination Port Source Port TCP or UDP Source IP
C:\Users\rigrazia>netstat -n Active Connections Proto Local Address Foreign Address State TCP : : TIME_WAIT TCP : : TIME_WAIT C:\Users\rigrazia> Destination Port Connection State Source Port TCP or UDP Source IP Destination IP
54
Destination Port Source Port 49888 80 49890 80 80 Source Port 49888 What makes each connection unique? How does the server know which source port is who? Connection defined by the pair of numbers: Source IP address, Source port (From Client to Server) Destination IP address, Destination port (From Server to Client) Different connections can use the same destination port on server host as long as the source ports or source IPs are different.
55
Sockets Destination Port Source Port 49888 80 Combining the transport layer port number and the network layer IP address uniquely identifies a particular application process running on an individual host device. This combination is called a socket. A socket pair, consisting of the source and destination IP addresses and port numbers, is also unique and identifies the specific conversation between the two hosts.
56
Socket Port Number Example
Destination Port Source Port 49888 80 A client socket might look like this, representing the source IP address and source port number: :49888 The socket on a web server might be, representing the destination IP address and destination port number: :80 Together, these two sockets combine to form a socket pair: :49888, :80
57
netstat –n www.google.com www.cisco.com TCP or UDP Source IP
Destination IP Connection State Source Port Destination Port netstat –n Note: When downloading a web document and its objects it is common that there will be several TCP sessions created.
58
Client Requesting a Webpage
59
Server Replying to the Client
60
Socket Port Number Example
So who makes sure that applications are assigned a specific port number?
61
Port Numbers The Internet Assigned Numbers Authority (IANA) assigns port numbers. The IANA is a standards body that is responsible is responsible for the global coordination of the DNS Root, IP addressing, and other Internet protocol resources Port numbers range from 0 to (16 bits). There are three categories of port numbers: Well Known Ports (0 – 1023) Registered Ports (1024 – 49151) Private and/or Dynamic Ports (49152 – 65535)
62
Well Known Ports (Numbers 0 to 1023)
Well Known or Registered Port Number Well Known Ports (Numbers 0 to 1023) Reserved for common services and applications Client: TCP destination port Server: TCP source port Well Known or Registered Port Number
63
Registered Ports (Numbers 1024 to 49151)
Well Known or Registered Port Number Registered Ports (Numbers 1024 to 49151) Assigned to user processes or applications. Non-common applications. Client: TCP destination port Server: TCP source port May also be used as dynamic or private port (next). Well Known or Registered Port Number
64
Dynamic or Private Ports (Numbers 49152 to 65535)
Private/Dynamic Port Number Well Known or Registered Port Number Well Known or Registered Port Number Private/Dynamic Port Number Dynamic or Private Ports (Numbers to 65535) Also known as Ephemeral Ports Usually assigned dynamically to client applications when initiating a connection. Client: TCP source port Server: TCP destination port May also include the range of Registered Ports (Numbers 1024 to 49151) Note: Some peer-to-peer file sharing programs use these ports as Register Ports. (previous slide)
65
Transport Layer Port Numbers
Hypertext Transfer Protocol (HTTP) - TCP Port 80 HTTP Secure (HTTPs) - TCP Port 443 Simple Mail Transfer Protocol (SMTP) - TCP Port 25 Post Office Protocol (POP) - TCP Port 110 Telnet TCP Port 23 File Transfer Protocol (FTP) - TCP Ports 20 & 21 Trivial FTP (TFTP) - UDP 69 Domain Name System (DNS) - TCP/UDP Port 53 Dynamic Host Configuration Protocol - UDP Port 67 & 68
66
TCP/IP Application Layer Protocols
Transport Internet Network Access FTP HTTP SMTP Telnet TFTP SNMP DHCP DNS 20 & 21 80 25 23 69 161 67 & 68 53 TCP UDP IP LAN / WAN
67
Which Connections Are Open on a Host?
Apples-MacBook-Pro:~ rigrazia$ netstat Active Internet connections Proto Recv-Q Send-Q Local Address Foreign Address (state) tcp a d.http ESTABLISHED tcp g1.v.fwmrm.net.http ESTABLISHED tcp :9:6800:1e6: nuq05s01-in-x11..https ESTABLISHED tcp :9:6800:1e6: edge-star6-shv-0.https ESTABLISHED tcp :9:6800:1e6: :559:0:54::6.https ESTABLISHED tcp a d.http CLOSE_WAIT tcp a macro ESTABLISHED tcp :9:6800:1e6: nuq05s02-in-x01..https ESTABLISHED tcp valiente.cabrill.ssh ESTABLISHED tcp valiente.cabrill.ssh ESTABLISHED tcp gw094.lphbs.com.http ESTABLISHED tcp http ESTABLISHED tcp localhost localhost ESTABLISHED tcp localhost localhost ESTABLISHED tcp localhost localhost ESTABLISHED tcp localhost localhost ESTABLISHED tcp channelproxy-shv.https ESTABLISHED tcp boris.cabrillo.e.imaps ESTABLISHED tcp boris.cabrillo.e.imaps ESTABLISHED tcp boris.cabrillo.e.imaps ESTABLISHED Sometimes it is necessary to know which active TCP connections are open and running on a networked host. Netstat is a network utility that can be used to verify those connections. It lists the protocol in use, the local address and port number, the foreign address and port number, and the state of the connection.
68
Netstat Unexplained TCP connections can pose a major security threat.
Apples-MacBook-Pro:~ rigrazia$ netstat Active Internet connections Proto Recv-Q Send-Q Local Address Foreign Address (state) tcp a d.http ESTABLISHED tcp g1.v.fwmrm.net.http ESTABLISHED tcp :9:6800:1e6: nuq05s01-in-x11..https ESTABLISHED tcp :9:6800:1e6: edge-star6-shv-0.https ESTABLISHED tcp :9:6800:1e6: :559:0:54::6.https ESTABLISHED tcp a d.http CLOSE_WAIT tcp a macro ESTABLISHED tcp :9:6800:1e6: nuq05s02-in-x01..https ESTABLISHED Unexplained TCP connections can pose a major security threat. This is because they can indicate that something or someone is connected to the local host. Additionally, unnecessary TCP connections can consume valuable system resources thus slowing down the host's performance. Netstat can be used to examine the open connections on a host when performance appears to be compromised. Netstat Security Podcast TCPView
69
C:\Users\Admin> netstat /?
Displays protocol statistics and current TCP/IP network connections. NETSTAT [-a] [-b] [-e] [-f] [-n] [-o] [-p proto] [-r] [-s] [-t] [interval] -a Displays all connections and listening ports. -b Displays the executable involved in creating each connection or listening port. In some cases well-known executables host multiple independent components, and in these cases the sequence of components involved in creating the connection or listening port is displayed. In this case the executable name is in [] at the bottom, on top is the component it called, and so forth until TCP/IP was reached. Note that this option can be time-consuming and will fail unless you have sufficient permissions. -e Displays Ethernet statistics. This may be combined with the -s option. -f Displays Fully Qualified Domain Names (FQDN) for foreign addresses. -n Displays addresses and port numbers in numerical form. -o Displays the owning process ID associated with each connection. -p proto Shows connections for the protocol specified by proto; proto may be any of: TCP, UDP, TCPv6, or UDPv6. If used with the -s option to display per-protocol statistics, proto may be any of: IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, or UDPv6. -r Displays the routing table. -s Displays per-protocol statistics. By default, statistics are shown for IP, IPv6, ICMP, ICMPv6, TCP, TCPv6, UDP, and UDPv6; the -p option may be used to specify a subset of the default. -t Displays the current connection offload state. interval Redisplays selected statistics, pausing interval seconds between each display. Press CTRL+C to stop redisplaying statistics. If omitted, netstat will print the current configuration information once. C:\Users\Admin>
70
C:\Users\Admin>netstat
Active Connections Proto Local Address Foreign Address State TCP : Admin-PC: ESTABLISHED TCP : Admin-PC: ESTABLISHED TCP : Admin-PC: ESTABLISHED TCP : Admin-PC: ESTABLISHED TCP : Admin-PC: ESTABLISHED TCP : Admin-PC: ESTABLISHED TCP : Admin-PC: ESTABLISHED TCP : Admin-PC: ESTABLISHED TCP : Home-Net: TIME_WAIT TCP : ESTABLISHED TCP : : ESTABLISHED TCP : :https CLOSE_WAIT TCP : ec :http TIME_WAIT TCP : ec :http TIME_WAIT TCP : ec :http ESTABLISHED TCP : ec :http TIME_WAIT TCP [::1]: Admin-PC: ESTABLISHED TCP [::1]: Admin-PC: ESTABLISHED C:\Users\Admin>
71
CIS 81 Fundamentals of Networking Chapter 7: Transport Layer Part 1 of 2
CCNA Introduction to Networking 5.0 Rick Graziani Cabrillo College Fall 2013
Similar presentations
© 2025 SlidePlayer.com Inc.
All rights reserved.