CS422 Computer Networks

fullgorgedcutΔίκτυα και Επικοινωνίες

24 Οκτ 2013 (πριν από 3 χρόνια και 8 μήνες)

97 εμφανίσεις

CS422

Computer Networks

Gustavo Rodriguez
-
Rivera

Purdue University

(Part 2)

Protocols

A protocol is an agreement about
communication

Protocols specify the format of messages,
rules of exchange, and handling problems

Protocol Family

Also called a “Protocol Suite”

It is a set of protocols that work together.

Each protocol solves part of the
communication problem.

A protocol family is designed by layers,
where each layer solves a different problem.

Layering Principle

Protocol software is designed by layers.

One module for each layer.

A set of modules is also called a stack.

Layering Principle:


“Software implementing layer N at the
destination receives exactly the message sent by
software implementing layer N at the source”.

Layer 1

Layer 2

Layer 3

Layer 1

Layer 2

Layer 3

Layering Principle

The Layering principle is reflected in the
packet headers:



Example:

Layer1
Header

Data…

Layer2
Header

Layer3
Header

Ethernet
Header

Data…

IP
Header

TCP
Header

ISO
-
7 Layer Reference Model

This layer model is intended for protocol
designers to solve the different communication
problems.

Application

Presentation

Session

Transport

Network

Data Link

Physical

-

Individual Application Programs

-

Data Representation/ Encoding

-

Login and Passwords

-

Reliability

-

Packet Forwarding

-

Hardware Frame Definitions

-

Underlying Hardware

ISO
-
7 Layer Reference Model

This reference model was created when
networking was limited to connecting
terminals to a computer.

It is outdated

It does not accurately reflect the Internet
protocols.

Internet Architecture

The Internet is a collection of


Networks


Routers interconnecting networks


Hosts connected to networks.


H

Network

H

H

R

Network

H

H

R

Network

H

Network

H

H

H

H

H

Internet Architecture

The networks may be implemented using
different kinds of hardware: Ethernet,
Token Ring, Serial Line, Apple Talk, etc.

The goal of the Internet is to hide all this
heterogeneity to the user and user programs.

Internet Architecture

The internet is a virtual network with its
own addressing and name scheme.


H

Network

H

H

R

Network

H

H

R

Network

H

Network

H

H

H

H

H

Internet

Internet Layering

It reflects the layering used by the TCP/IP
protocols

Closer to reality than ISO
-
& LAyering

Application

Transport

Internet

Network Interface

Physical

-

Individual Application Programs (HTTP)

-

Program to Program (TCP and UDP)

-

Packet Forwarding (IP)

-

Local Area Network (Ethernet, RS232, etc)

-

Basic Network Hardware

Internet Layering

Physical:


Basic Network Hardware


Example: Ethernet Cable and Hardware.

Network Interface:


Media Access (MAC). Format and Addressing


NIC
-

Network Interface Card


Example: Ethernet CSMA/CD, ARP (Address
Resolution Protocol).



Internet Layering

Internet:


Facilitates sending packets across the Internet
composed of multiple networks.


Routing, IP Addressing, Fragmentation/Reassembly


Example: IP (Internet Protocol)

Transport:


Transport data from one application to the other.


Uses ports to identify what program receives data.


Example: UDP (Unreliable Datagram Protocol) and
TCP (Transport Control Protocol)


Internet Layering

Application


High level applications that use the network
data.


Example:


FTP


File Transfer Protocol


SMTP


Single Mail Transfer Protocol (E
-
Mail)


Telnet


Remote Terminal


HTTP


Hyper Text Transfer Protocol


Etc.

IP
-

Internet Protocol

Layer 3

Defines


Internet Addressing


Packet Format


Routing


Fragmentation and Reassembly

IP Addressing

It is an abstraction to hide the network
internals.

It is independent from hardware addressing.

IP addresses are used for all
communications.

IP addresses use 32 bits.

There is a unique value for each host

IP Addressing

Important:


An IP Address does not specify a specific
computer. Instead, each IP address identifies a
connection between a computer and a network.

An IP address identifies a network interface.

A computer with multiple network
connections (like a router) must be assigned
one IP address for each connection.

IP Addressing

It has two parts:


The prefix identifies a network


The suffix identifies the host in that network.

Network Number

Host Number

H

N1

H

H

H

N1

H1

N1

H2

N1

H3

N1

H4

R

N2

H

H

N2

H1

N2

H2

N2

H3

N1

H5

IP Addressing

A global authority assigns a unique prefix
for the network.

A local administrator assigns a unique
prefix to the hosts.

The number of bits assigned to the prefix
and suffix is variable depending on the size
of the number of hosts in each network.


IP Addressing

Class A



24 bits for host allows 2
24
=16M in each network


7 bits for network allows 2
7
=128 class A networks

Class B



16 bits for host allows 2
16
=64K in each network


14 bits for network allows 2
14
=16K class B networks


0

Network

Host

0

1 7

8 31

10

Network

Host

0

2 15

16 31

IP Addressing

Class C



8 bits for host allows 2
8
=256 in each network


21 bits for network allows 2
21
=2M class C
networks

Class D


Class E




110

Network

Host

3 23

24 31

1110

0

4 31

Multicast Address

1110

0

4 31

Reserved for Future Use

IP Addressing

IP Addresses are usually represented in “”Dotted
Decimal Notation”.

Examples:


129.53.6.1


129 in decimal is 10000001 in binary


It is a class B Address.


192.5.48.3


192 in decimal is 11000000 in binary


It is a class C address.


10.2.0.32


10 in decimal is 00001010 in binary


It is a class A address.



IP Addressing

The maximum number of hosts is determined by the class
of the address.


A
-
> large


B
-
>medium


C
-
>small

Initially we thought that we would run out of IP addresses.
But thanks to technologies like NAT (Network Address
Translation) it is possible to use a single IP addresses for
multiple computers inside internal networks.

There is no big pressure to switch to IPV6 that allows
longer IP addresses.

CIDR
-

Classless Internet Domain Routing

It is an alternative to class addressing

It allows to putting together two networks that
have a common prefix or to split a large network
into two networks.

It has the notation N.N.N.N,B where N.N.N.N is
the address of the network and B is the number of
bits that are used for the network part.

Example: 128.10.128.0,17 gives a network
address where 17 bits are used for the network
number.

Subnets

The network numbers are assigned by the Internet
authority.

The host number is assigned by a local authority.

However, the local authority may break the host
number suffix in subnets.

This make sense if the network allows many hosts
e.g. Class B networks allow 64K hosts.


Subnets

The subnet part in the address is represented by bit mask in
decimal dot notation.

E.g.


The CS Department has the network 128.10.0.0


This is a class B address that allows 64K hosts.


The admin decided to break the network in 256 subnets with 256
hosts maximum each.


The subnet mask is: 255.255.255.0 that shows the network +subnet
bits.


In this way we get 128.10.Subnet.Host


128.10.3.6:


Net: 128.10.0.0


Subnet: 128.10.3.0


Host: 128.10.3.6

Special Addresses

Prefix

Suffix

Address Type

Purpose

All 0’s

All 0’s

This address

Bootstrap , DHCP,
where real address
is not available:
0.0.0.0

Network

All 0’s

Network

Network Number
Eg. 128.10.2.0

Network

All 1’s

Directed
broadcast. All
hosts inthis net

128.10.255.255

Broadcast to net
128.10.0.0

All 1’s

All 1’s

Limited broadcast

Broadcast in local
lan
255.255.255.255

127

Any

loopback

127.0.0.1

IP Packets

Motivation:


Because the Internet can connect heterogeneous
networks, a router cannot transmit a copy of a
hardware frame across another network.


To accommodate heterogeneity, an Internet
must define a hardware independent packet
format.

IP Packets

There exist a way to implement IP on almost
every possible network hardware.




When forwarding, the router removes the
hardware header of the incoming network and
adds the hardware header of the outgoing network.

The IP packet remains the same.


Router

Ethernet

RS232

Ethernet
Header

IP Header

Data

RS232
Header

IP Header

Data

IP Packet Format



VERSION

0 4 8 16 24 31

HDR LEN

Service Type

Total Length

ID

Flags

Fragment Offset

Source IP

Destination IP

IP Options (Optional)

Data

Time To Live

Type

Header Checksum

20
Bytes

IP Packet Format

Version


Current IP Version. It should be 4.

Header Length


Length of the IP Header in multiples of 4 bytes.

Service Type



Priority of the Packet. Generally not used.


Total Length


Total Length of the IP packet in bytes.


IP Packet Format

ID


Unique identifier of this IP packet. All
fragments belonging to the same packet will
have the same ID.

Flags


NF


No fragment bit. If set, the packet will be
dropped by the router if it needs fragmentation.


MF


More Fragments bit. It will be set for all
fragments except the last one.


IP Packet Format

Fragment Offset


Position of this IP fragment in the original packet.


If packet is not fragmented it is 0

Time to Live (TTL)


Maximum number of times the IP packet can be
forwarded by a router.


It is decreased every time a router forwards the packet.


If the TTl reaches 0 the packet is dropped.


It prevents a packet to be alive forever in the presence
of a routing loop.

IP Packet Format

Type


Type of the protocol in the data section.


It can be TCP, UDP, ICMP

Header Checksum


Checksum of the header

Source IP


IP address of the host that sent the packet

Destination IP


IP address of the final destination of the packet.

IP Packet Format

IP Options


Used for debugging


Record Route


Add to the packet the IP address of the router every
time it is forwarded.


Strict Source Route


Specify the path that the packet should follow.


Unfortunately, most routers are configured not
honor the options to avoid overhead.

IP Address Based Routing

The IP address is divided in:


Network Number:



It is used by routers in the Internet backbone to route
IP packets.

Subnet Number:


It is used by the routers in the Local Networks to route
IP packets.

Host Number


It is used by the hosts in the same LAN do deliver
directly the packets.


Network Number

Subnet Number

Host Number

IP Router

It is a piece of hardware with more than one
network interface that performs IP
forwarding.

It can be:


Specialized hardware (Cisco, Netgear, D
-
link
etc) or


Computer with Routing Software (routed, gated
they are routing programs in the UNIX
distribution)



IP Router

The IP router


receives an IP packet,


examines the destination


based on its own routing table either


Sends the packet to another router or


Delivers it directly to the destination if the
destination is in a LAN connected to one of the
router’s network interfaces.

Routing Table

Every Router contains a routing table with one or
more of following entries:

Destination Net, Net Mask, Next Hop


Destination


Destination network


Net Mask


It is a word that contains 1’s for the bits that correspond to the
network number of subnet number.


Next Hop


It is the next router to use for this destination or “directly” if
the packet can be delivered directly.

Routing Table

There is also a special entry called “default” that is used
when the destination does not match any of the other
entries in the table.

Example of a routing table:



R1: Routing Table

Target Net Net/Subnet Mask Next Hop

216.109.112.0 255.255.255.0 Directly

40.0.0.0 255.0.0 Directly

128.10.3.0 255.255.255.0 Directly

128.10.5.0 255.255.255.0 128.10.3.2(R2)

128.10.4.0 255.255.255.0 128.10.3.2(R2)

Default: 255.255.255.255 40.0.0.1 (R3)

IP Routing

A

40.0.0.0

B

C

R1

128.10.3.0

G

H

R2

M

K

I

J

L

D

Example:

216.109.112.0

F

E

128.10.5.0

128.10.4.0

128.10.3.5

128.10.3.9

40.0.0.5

40.0.0.7

216.109.112.45

216.109.112.48

128.10.5.9

216.109.112.1

40.0.0.11

128.10.3.1

128.10.4.7

128.10.4.10

128.10.3.2

128.10.4.2

128.10.5.2

R1: Routing Table

Target Net Net/Subnet Mask Next Hop

216.109.112.0 255.255.255.0 Directly

40.0.0.0 255.0.0 Directly

128.10.3.0 255.255.255.0 Directly

128.10.5.0 255.255.255.0 128.10.3.2(R2)

128.10.4.0 255.255.255.0 128.10.3.2(R2)

Default: 255.255.255.255 40.0.0.1(R3)

R3

Rest of
Internet

40.0.0.1

Routing Table

Entries are sorted from more specific to
more general.

The first entry that matches is the one used.

A routing entry “i” matches if the following
is true:


(target_ip & net_mask[i]) == target_net[i]


Where target_ip is the target ip address of the
packet. So we use next_hop[i]

Routing Table

Example1: Router R1 receives a packet with destination 128.10.4.3









It tries to match

(128.10.4.3 & 255.255.255.0) = 128.10.4.0

that
is different than
216.109.112.0

and so on.

Until it finds the entry (
128.10.4.3 & 255.255.255.0)= 128.10.4.0

that matches the target net
128.10.4.0

so the next hop is
128.10.3.2(R2)

R1: Routing Table

Target Net Net/Subnet Mask Next Hop

216.109.112.0 255.255.255.0 Directly

40.0.0.0 255.0.0 Directly

128.10.3.0 255.255.255.0 Directly

128.10.5.0 255.255.255.0 128.10.3.2(R2)

128.10.4.0 255.255.255.0 128.10.3.2(R2)

Default: 255.255.255.255 40.0.0.1(R3)

Routing Table

Example2: Router R1 receives a packet with destination 128.10.3.9









It tries to match

(128.10.3.9 & 255.255.255.0) = 128.10.3.0

that
is different than
216.109.112.0

and so on.

Until it finds the entry (
128.10.3.9 & 255.255.255.0)= 128.10.3.0

that matches the target net
128.10.3.0

so the next hop is
to deliver
the packet directly
since R1 is connected to that LAN.

R1: Routing Table

Target Net Net/Subnet Mask Next Hop

216.109.112.0 255.255.255.0 Directly

40.0.0.0 255.0.0 Directly

128.10.3.0 255.255.255.0 Directly

128.10.5.0 255.255.255.0 128.10.3.2(R2)

128.10.4.0 255.255.255.0 128.10.3.2(R2)

Default: 255.255.255.255 40.0.0.1(R3)

Routing Table

Example3: Router R1 receives a packet with destination 43.0.0.5









It tries to match

(43.0.0.5 & 255.255.255.0) = 43.0.0.0

that is
different than
216.109.112.0

and so on.

Since no entry matches, it uses the default entry to deliver the packet.
The next hop is
40.0.0.1(R3)

R1: Routing Table

Target Net Net/Subnet Mask Next Hop

216.109.112.0 255.255.255.0 Directly

40.0.0.0 255.0.0 Directly

128.10.3.0 255.255.255.0 Directly

128.10.5.0 255.255.255.0 128.10.3.2(R2)

128.10.4.0 255.255.255.0 128.10.3.2(R2)

Default: 255.255.255.255 40.0.0.1(R3)

Routing Table

The match is done as follows:




IPAddr next_hop(IPAddr target_ip) {


for (int i = 0; i < nentries
-
1; i++) {


if ( (target
-
ip & net_mask[i]) == target_net[i]) {


return next_hop[i];


}


}


// No match. Return default


return next_hop[nentries
-
1];

}



Routing in Hosts

Hosts also have routing tables, however,
they are simpler than the ones used by
routers.

When sending a packet a host has to make a
decision


If the destination is in a directly connected
network, then send the packet directly.


Otherwise, send the packet to the default router.

Routing in Hosts

Example of a host routing table:



Host J(128.10.4.7): Routing Table

Target Net Net/Subnet Mask Next Hop

128.10.4.0 255.255.255.0 Directly

Default: 255.255.255.255 128.10.4.2(R2)

R2

M

K

I

J

L

128.10.5.0

128.10.4.0

128.10.4.7

128.10.4.10

128.10.5.2

Internet

128.10.4.2

Routing in Hosts

A host routing table may be more
complicated if it has multiple interfaces.

The command UNIX: “ifconfig

a” or
Windows: “ipconfig” is used to show the
multiple interfaces:




ector 2 % ifconfig
-
a

lo0: flags=1000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4> mtu 8232 index 1


inet 127.0.0.1 netmask ff000000

ce0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2


inet 128.10.2.10 netmask ffffff00 broadcast 128.10.2.255


ARP Address Resolution Protocol

When it is time for the router or host to deliver a
packet directly, it is necessary to convert the IP
address to a hardware address.

For example in an Ethernet LAN , the target IP
address in the IP packet has to be translated to the
Ethernet address of the destination machine.

ARP does this translation.

ARP Address Resolution Protocol

ARP Input and Output:


Input: IP address C of computer in locally
connected network N


Output: Ethernet address for C.

ARP keeps bindings (IPAddr, EtherAddr) in
a table called ARP table or ARP cache.

ARP builds the table as needed.

ARP Address Resolution Protocol

To print the ARP table in UNIX type:



ector 3 % /usr/sbin/arp
-
a


Net to Media Table: IPv4

Device IP Address Mask Flags Phys Addr

------

--------------------

---------------

-----

---------------

ce0 stella 255.255.255.255 00:50:da:d8:ab:a0

ce0 illuminati 255.255.255.255 00:0b:db:48:80:6f

ce0 nyneve 255.255.255.255 08:00:20:d1:80:40

ce0 pinky 255.255.255.255 00:08:74:f3:ea:b8

ce0 cisco5 255.255.255.255 00:05:31:3a:ea:80

ce0 spare1
-
2 255.255.255.255 00:03:ba:d8:96:dd

ce0 cache 255.255.255.255 00:80:c8:b9:86:c5

. . .

ARP Address Resolution Protocol

Or to print the ARP table in Windows type:


$ arp
-
a


Interface: 192.168.1.100
---

0x2


Internet Address Physical Address Type


192.168.1.1 00
-
0f
-
66
-
cb
-
bd
-
11 dynamic


Interface: 172.21.53.36
---

0x10004


Internet Address Physical Address Type


10.82.152.178 00
-
0f
-
66
-
cb
-
bd
-
11 dynamic


10.100.81.8 00
-
0f
-
66
-
cb
-
bd
-
11 dynamic


ARP
Address Resolution Protocol

The ARP table only contains entries in the
local net.

The IP network prefix in all entries are
identical.

A

B

C

D

128.10.3.45

128.10.3.48

128.10.3.12

128.10.3.23

128.10.3.0

ARP Lookup Algorithm

Host A wants to deliver an IP packet to D

D can be a router or a host that is in the same
network.



Host A lookups up first an entry for host D in the
ARP table using D’s IP address.

If there is an entry for D in the ARP table then it
will return the ethernet address of D.


A

B

C

D

ARP Lookup Algorithm

If there is no entry for D’s IP address in
the ARP table, then host A will broadcast
an ARP request for the Ethernet address of
host D




A

B

C

D

ARP REQ: 128.10.3.23,?

128.10.3.45

e8:e3:45:78:56:dd

128.10.3.48

e2:56:a0:ff:56:8

128.10.3.12

e3:6:78:d0:56:9:8

128.10.3.23

45:67:89:40:56:67

ARP Lookup Algorithm

Host D will receive the request (along with all the
other hosts and routers on the network) and it will
respond with it’s Ethernet address. The response is
sent as unicast to host A.


A

B

C

D

ARP REPLY: 128.10.3.23, 45:67:89:40:56:67

128.10.3.45

e8:e3:45:78:56:dd

128.10.3.48

e2:56:a0:ff:56:8

128.10.3.12

e3:6:78:d0:56:9:8

128.10.3.23

45:67:89:40:56:67

ARP Lookup Algorithm

Host D will add an entry in the ARP table for host
A. It does this under the assumption that A plans
to communicate again in the future.

This will save extra ARP requests in the future.

Host A will add D’s addresses
(128.10.3.23,
45:67:89:40:56:67)

to its ARP table under the
assumption that it will communicate with D again
soon.

This prevents additional ARP requests.

ARP Lookup Algorithm

The entries for the ARP table usually have a
lifetime of about 20 minutes.

The ARP table resides in the kernel memory as
part of the protocol stack.

In some implementations a machine at boot time
will send gratuitous ARP replies to the network
stating it’s Ethernet address.

The ARP table only contains entries of computers
connected to the same network.

ARP Packet Format

Each ARP Request/Reply packet will contain the IP and
Ethernet addresses of the source and also of the destination
if known.

Hardware Address Type
(Ether=1)

Protocol Address Type
(IP=0x800)

0 8 16 24 31

Hardware
Address Size (6)

Protocol
Address Size (4)

Operation (Request/Reply)

Sender’s Ethernet address

Sender’s Ethernet address (cont)

Sender’s IP address

Target’s Ethernet address

Sender’s IP address (cont)

Target’s Ethernet address (cont)

Target’s IP address

ARP Packet Format

ARP was designed to be used for any
protocol besides IP or any hardware besides
Ethernet.

However, it is used mostly for Ethernet and
IP.


IP Fragmentation and Reassembly

Fragmentation of a packet happens when
the packet has to travel through a network
that has an MTU (Maximum Transfer Unit)
smaller than the IP packet.

IP Fragmentation and Reassembly

Assume host A sends an IP packet to host B
that is in a different network.

Host A is in N1 with MTU=1500 and host
B is in N2 with MTU=1000.

R

A

B

N1, MTU=1500

N2, MTU=1000

1500

1000

500

IP Fragmentation and Reassembly

Fragmentation should not happen at the source.
The source machine will send only packets that fit
in the MTU of the directly connected LAN

Each fragment has its own header.

The fragments are sent separately

The final destination (and not the intermediate
routers) reassembles fragments Why?


Fragments may follow different routes.

IP Fragmentation and Reassembly

It is possible to have multiple fragmenting
points.

R

R

R

R

R

MTU
=1500

MTU
=1500

MTU
=1000

MTU
=1500

MTU
=576

MTU
=1500

1500

1000

500

576

424

500

Src=a, dest=b,
id=500, offset=0,
MF=0

Src=a, dest=b,
id=500, offset=0,
MF=1

Src=a, dest=b,
id=500, offset=1000,
MF=0

Src=a, dest=b,
id=500, offset=0,
MF=1

Src=a, dest=b,
id=500, offset=576,
MF=1

Src=a, dest=b,
id=500, offset=1000,
MF=0

IP Fragmentation and Reassembly

The offset is always given with respect to the original
fragment.

Receiver collects all incoming fragments.


R

R

R

R

R

MTU
=1500

MTU
=1500

MTU
=1000

MTU
=1500

MTU
=576

MTU
=1500

1500

1000

500

576

424

500

Src=A, dest=B,
id=500, offset=0,
MF=1

Src=A, dest=B,
id=500, offset=1000,
MF=0

Src=A, dest=B,
id=500, offset=0,
MF=1

Src=A, dest=B,
id=500, offset=576,
MF=1

Src=A, dest=B,
id=500, offset=1000,
MF=0

B

A

576

424

500

Src=A, dest=B,
id=500, offset=0,
MF=1

Src=A, dest=B,
id=500, offset=576,
MF=1

Src=A, dest=B,
id=500, offset=1000,
MF=0

IP Fragmentation and Reassembly

The receiver reassembles the packet when
all the fragments arrive.

The router does not know the identity of the
fragment that did the fragmentation

IP Fragmentation and Reassembly

The receiver cannot request a missing piece.


Consequence: The loss of one fragment means
that the entire packet is lost.

If the packet is not reassembled in the
maximum time to live (TTL=255secs), the
packet is discarded.


IP Fragmentation and Reassembly

The IP implementation in the receiver starts a timer when the first
fragment arrives.

If the timer expires before the reassembly is complete, the packet is
discarded.

R

R

R

R

R

MTU
=1500

MTU
=1500

MTU
=1000

MTU
=1500

MTU
=576

MTU
=1500

1500

1000

500

576

424

500

Src=A, dest=B,
id=500, offset=0,
MF=1

Src=A, dest=B,
id=500, offset=1000,
MF=0

Src=A, dest=B,
id=500, offset=0,
MF=1

Src=A, dest=B,
id=500, offset=576,
MF=1

Src=A, dest=B,
id=500, offset=1000,
MF=0

B

A

576

500

Src=A, dest=B,
id=500, offset=0,
MF=1

Src=A, dest=B,
id=500, offset=576,
MF=0

Reassembly
Expired

IP Fragmentation and Reassembly

The IP Header fields used to reassemble a packet
are:


Source IP


ID number


Offset


More fragments bit


IP Fragmentation and Reassembly

Fragments with the same source IP and ID number belong
to the same IP packet.

All the fragments are complete if the packet with MF=0
has arrived and all the fragments in between have arrived.

R

R

R

R

R

MTU
=1500

MTU
=1500

MTU
=1000

MTU
=1500

MTU
=576

MTU
=1500

1500

1000

500

576

424

500

Src=A, dest=B, id=500,
offset=0, MF=1

Src=A, dest=B, id=500,
offset=1000, MF=0

Src=A, dest=B, id=500,
offset=0, MF=1

Src=A, dest=B, id=500,
offset=576, MF=1

Src=A, dest=B, id=500,
offset=1000, MF=0

B

A

576

424

500

Src=A, dest=B, id=500,
offset=576, MF=1

Src=A, dest=B, id=500,
offset=1000, MF=0

Src=A, dest=B, id=500,
offset=0, MF=1

IP Fragmentation and Reassembly

Since 255secs is too long to hold resources,
and to allow reusing ID’s faster, new
implementations of IP use a shorter
reassembly timer (E.g. 30secs).

Routing

The routing table gives the next router necessary
to reach the destination network.

The source of the table information can be:


Manual:


By hand


Small networks


OK if routes never change


Automatic


Software creates/updates the routing table using information
from neighboring routers.


It is needed for lager nets


It changes routes if failure.

IP packet

from A to M

A

40.0.0.0

B

C

R1

128.10.3.0

G

H

R2

M

K

I

J

L

D

216.109.112.0

F

E

128.10.5.0

128.10.4.0

128.10.3.5

128.10.3.9

40.0.0.5

40.0.0.7

216.109.112.45

216.109.112.48

128.10.5.9

216.109.112.1

40.0.0.11

128.10.3.1

128.10.4.7

128.10.4.10

128.10.3.2

128.10.4.2

128.10.5.2

A: Routing Table

Target Net Net/Subnet Mask Next Hop

40.0.0.0 255.0.0 Directly

128.10.3.0 255.255.255.0 40.0.0.11(R1)

128.10.5.0 255.255.255.0 40.0.0.11(R1)

128.10.4.0 255.255.255.0 40.0.0.11(R1)

216.109.112.0 255.255.255.0 40.0.0.11(R1)

Default: 255.255.255.255 40.0.0.1(R3)

R3

40.0.0.1

Internet



IP

IP

IP: E
src
=E
a
, E
dst
=E
R1
, IP
src
=A, IP
dst
=M

IP packet

from A to M

A

40.0.0.0

B

C

R1

128.10.3.0

G

H

R2

M

K

I

J

L

D

216.109.112.0

F

E

128.10.5.0

128.10.4.0

128.10.3.5

128.10.3.9

40.0.0.5

40.0.0.7

216.109.112.45

216.109.112.48

128.10.5.9

216.109.112.1

40.0.0.11

128.10.3.1

128.10.4.7

128.10.4.10

128.10.3.2

128.10.4.2

128.10.5.2

R1: Routing Table

Target Net Net/Subnet Mask Next Hop

40.0.0.0 255.0.0 Directly

128.10.3.0 255.255.255.0 Directly

128.10.5.0 255.255.255.0 128.10.3.2(R2)

128.10.4.0 255.255.255.0 128.10.3.2(R2)

216.109.112.0 255.255.255.0 Directly

Default: 255.255.255.255 40.0.0.1(R3)

R3

40.0.0.1

Internet



IP

IP: E
src
=E
R1
, E
dst
=E
R2
, IP
src
=A, IP
dst
=M

IP packet

from A to M

A

40.0.0.0

B

C

R1

128.10.3.0

G

H

R2

M

K

I

J

L

D

216.109.112.0

F

E

128.10.5.0

128.10.4.0

128.10.3.5

128.10.3.9

40.0.0.5

40.0.0.7

216.109.112.45

216.109.112.48

128.10.5.9

216.109.112.1

40.0.0.11

128.10.3.1

128.10.4.7

128.10.4.10

128.10.3.2

128.10.4.2

128.10.5.2

R2: Routing Table

Target Net Net/Subnet Mask Next Hop

40.0.0.0 255.0.0 128.10.3.1(R1)

128.10.3.0 255.255.255.0 Directly

128.10.5.0 255.255.255.0 Directly

128.10.4.0 255.255.255.0 Directly

216.109.112.0 255.255.255.0 128.10.3.1(R1)

Default: 255.255.255.255 128.10.3.1(R1)

R3

40.0.0.1

Internet



IP

IP: E
src
=E
R2
, E
dst
=E
M
, IP
src
=A, IP
dst
=M

Addresses in IP packet

The IP source and destination address of the
packet is the same during the transit of the packet.

The hardware source and destination address will
be different every time the packet is forwarded.

The source host or some of the routers also may
require ARP requests if the hardware destination
address is not in the ARP cache.

Host Routing Tables

Hosts also need to build the routing tables.

Hosts will get routing information from
neighboring routers.

Hosts will participate passively in the
routing information exchange since they
only need to get routing info but they do not
need to send to send any routing
information.


Routing Protocols Families


There are two routing protocol families to automatically
update routing table:

Link State


Routers have the whole picture of the network.


Routers compute Dijkstra’s shortest path algorithm to compute the
optimal routes.


Routers get the topology information from other routers.

Distance Vector:


The routing table is built using updates that come only from
neighboring routers.


Routers have a partial view of the network.


Simple but non
-
optimal


Link State Routing

We can represent router/networks as graphs.
Do not include hosts


R1

R2

R3

R1

R2

R3

R4

R4

Link State Routing

In Link State Routing the routers
communicate with each other to build the
network graph.

Edges between routers have an assigned
weight that represent distance. It also may
represent how slow it is the network.

Each router knows the entire graph of the
network.

Link State Routing

Routers compute the minimum distance between a
source and all destinations.




The next hop in the routing table entry is the next
router in the path to the destination.

Example of Link State routing protocols: OSPF


Open Shortest Path First.


R1

R2

R4

R3

R5

R7

R6

8

2

4

9

6

4

3

6

1

9

Link State Routing

Link State Routing assumes that each router
knows the entire graph of routers.

That might not be possible in practice when
the network is formed by thousands of
routers.

OSPF groups networks and routers in zones
to simplify the network.

Distance Vector Routing

It is an simpler alternative to Link State.

Routers get the routing information only from
neighboring routers.

Each router periodically broadcasts an update with
the distance from the router to the different
networks.

A router will substitute a routing entry if a new
router can reach that network with a shorter
distance.

Distance Vector Routing

Example:


(Distance in hops)


R4

N4

R1

R2

R3

N1

N2

N3

Time 1:

Initial Routing Table
for R1

Net

Next Hop

Dist

N1 directly 1

N2 directly 1

Time 2:

Initial Routing Table
for R2

Net

Next Hop

Dist

N2 directly 1

N3 directly 1

Distance Vector Routing

Example (cont):


(Distance in hops)


R4

N4

R1

R2

R3

N1

N2

N3

Time 3:

Initial Routing
Table for R4

Net

Next Hop

Dist

N1 directly 1

N4 directly 1

Time 4:

Initial Routing
Table for R3

Net

Next Hop

Dist

N1 directly 1

N3 directly 1

Distance Vector Routing

Example (cont):


(Distance in hops)


R4

N4

R1

R2

R3

N1

N2

N3

Time 5:

R2 broadcasts routing
table through N2

Net

Next Hop

Dist


N2 directly 1

N3 directly 1

Time 6:

R1 adds N3 to its routing
table

Net

Next Hop

Dist


N1 directly 1

N2 directly 1

N3 R2 2

Distance Vector Routing

Example (cont):


(Distance in hops)


R4

N4

R1

R2

R3

N1

N2

N3

Time 7:

R1 broadcasts routing
table through N1

Net

Next Hop

Dist


N1 R1 1

N2 R1 1

N3 R1 2

Time 8:

R4 adds N2,N3 to its
routing table

Net

Next Hop

Dist


N1 directly 1

N4 directly 1

N2 R1 2

N3 R1 3

Distance Vector Routing

Example (cont):


(Distance in hops)


R4

N4

R1

R2

R3

N1

N2

N3

Time 9:

R3 broadcasts routing
table through N1

Net

Next Hop

Dist


N1 R3 1

N3 R3 1

Time 10:

R4 Substitutes route to
N3 with chreaper route

Net

Next Hop

Dist


N1 directly 1

N4 directly 1

N2 R1 2

N3 R3 2

Distance Vector Routing

Example of a routing protocol that uses
distance vector is RIP: Routing Internet
Protocol

RIP was the original routing protocol used
in the Internet

It is being substituted by OSPF that uses
Link State.



RIP
-

Routing Internet Protocol

RIP sends routing updates every 30secs in
each interface.

RIP uses hops (networks) as the distance
unit.

RIP uses 15 as the “Infinite Distance”

RIP
-

Routing Internet Protocol

When a route entry has an distance of 15 it is
removed. This eliminates invalid routes after a
router has gone away.

Also, to speed up convergence, the routing entries
that were learned from an interface will be
broadcasted with an infinite distance through that
interface

This is called Split horizon and Poison Reverse


RIP vs. OSPF

Advantages of RIP


Simple to implement


Routers do not need to know the entire graph

Disadvantages of RIP


Routing updates take time to converge.


RIP does not accommodate other types of
distances: throughput, delay etc.

ICMP Internet Control Message Protocol

ICMP is used for error reporting and information.

ICMP sends error messages to the source.





Note: Each layer in the stack is implemented in the
kernel as a module or loadable library that
communicate with each other using queues.

TCP UDP ICMP


IP ARP

Ethernet (Hardware)

ICMP Message Types

There are several types of ICMP messages for
different errors or information.

ICMP Source Quench


Type 4


This message is sent by the routers when it drops
packets due to buffer overrun (congestion).


It is sent to the source of the packet.


It requests the source to slow down transmission rate.

ICMP Message Types

ICMP Time Exceeded


Type 11


Sent by router when packet’s TTL reaches 0


Also sent by hosts when the reassembly of a
fragmented packet times out, such as when a
fragment is lost.

ICMP Message Types

ICMP Destination Unreachable


Type 3


Sent by a router when it determines that the
destination network is unreachable, such as
when it is non
-
existing.


It is also sent by a router when a destination
host that is unreachable.


It is also used when a protocol port does not
exist .

ICMP Message Types

ICMP Echo Request/Reply


Type 0


Not an error.


It is used in the Ping program


The sender sends an ICMP Echo Request and
the receiver answers with ICMP Echo Reply


It is used to determine if a machine is
connected to the Internet.

ICMP Message Types

ICMP Redirect


Type 5


It goes to a host in the local network.


It is a request for the host to use a different
router or to deliver the packet directly.


A sends an IP packet to B through the router





The router forwards the packet as it should but also sends
an ICMP redirect packet to A to tell it to deliver the packet
directly next time.

ICMP Message Types

A

B

R

A

B

R

IP

IP

ICMP Redirect

ICMP Constraints

ICMP messages always go back to the original
host.

There no ICMP error messages about other ICMP
messages. Without this we can have a cascade of
errors. Example:


A router R1 receives a datagram with an invalid
destination and source.


R1 sends an ICMP destination unreachable to the
invalid source.


Another router R2 sends an ICMP destination
unreachable message to R1 and so on causing a flood of
messages.

Other uses of ICMP: Traceroute

Traceroute is a utility used to display the
routers in the path to reach a certain
destination.

traceroute (UNIX) or

tracert (Windows)



Traceroute

Example:

H:
\
>tracert www.yahoo.com


Tracing route to www.yahoo.akadns.net [216.109.117.110]

over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms cisco5.cs.purdue.edu [128.10.9.250]

2 <1 ms <1 ms <1 ms lamb
-
20
-
c6509
-
01
-
4033.tcom.purdue.edu [172.19.124.1]

3 <1 ms <1 ms <1 ms erht
-
5b
-
c6509
-
01
-
4092.tcom.purdue.edu [192.31.0.5]

4 <1 ms <1 ms <1 ms tel
-
210
-
c6509
-
01
-
4091.tcom.purdue.edu [192.31.0.1]

5 <1 ms <1 ms <1 ms tel
-
210
-
m10
-
01
-
campus.tcom.purdue.edu [192.5.40.54]

6 90 ms 83 ms 88 ms switch
-
data.tcom.purdue.edu [192.5.40.34]

7 88 ms 89 ms 97 ms so
-
2
-
3
-
0
-
0.gar2.Chicago1.Level3.net [67.72.124.9]

8 88 ms 92 ms 94 ms ae
-
1
-
55.bbr1.Chicago1.Level3.net [4.68.101.129]

9 109 ms 111 ms 112 ms as
-
3
-
0.bbr1.Washington1.Level3.net [64.159.3.254]

10 113 ms 113 ms 117 ms ae
-
11
-
53.car1.Washington1.Level3.net [4.68.121.82]

11 114 ms 119 ms 116 ms 4.79.228.2

12 115 ms 46 ms 61 ms 4.79.228.2

13 49 ms 48 ms 60 ms vlan220
-
msr2.dcn.yahoo.com [216.115.96.165]

14 31 ms 32 ms 31 ms ge2
-
2.bas2
-
m.dcn.yahoo.com [216.109.120.153]

15 32 ms 32 ms 31 ms p25.www.dcn.yahoo.com [216.109.117.110]

Trace complete.

Traceroute

It works by sending H1 first a ping (ICMP)
echo request with TTL of 1to the final
destination H2

The first router R1 decrements the TTl to 0,
discards the packet and sends back an ICMP
“Time Exceeded”.

The traceroute program receives the ICMP
message and displays the address of R1

Traceroute

Traceroutes sends a ping to H2 with
TTL=2.

The second router discards the packet and
sends an ICMP time exceeded to H1. H1
prints the address of R2.

The procedure continues until the ICMP
request reaches H2 and an echo reply
message is received by H1.

Traceroute

Example:


R1

R2

R4

R3

R5

H2

H1

Ping TTL=1

ICMP: Time Exceeded

Ping TTL=2

ICMP Time Exceeded

TTL=6

ICMP Echo Reply

Ping TTL=3, 4, 5…

Traceroute

Problems


Routes may change while traceroute is running
giving inaccurate results


Traceroute packets may follow different routes
giving also inaccurate results.


You can run two consecutive traceroute
commands and compare output.

Path MTU discovery

It is difficult to determine the optimal size of a packet that
will eliminate fragmentation.

Example:

R

R

R

MTU
=1500

MTU
=500

MTU
=400

MTU
=1500

1500

500

500

B

A

500

400

100

400

100

400

100

400

100

400

100

400

100

Path MTU Discovery

Solution: We need to determine the Path MTU.

Send a ping with a small size (100 bytes) with the
No Fragment bit set .

If the packet goes through increase the size (200
bytes ) with the No Fragment bit set .

If the packet goes through increase the size again
and so on.

When an ICMP “Destination Unreachable” is
generated (size=500), then the size of the last
successful packet is the Path MTU.

Path MTU Discovery

Example: Determining Path MTU

R

R

R

MTU
=1500

MTU
=500

MTU
=400

MTU
=1500

B

A

Ping Size=100, NF=1

ICMP: Echo Reply

Ping Size=200, NF=1

ICMP: Echo Reply

Ping Size=300, NF=1

ICMP: Echo Reply

Ping Size=400, NF=1

ICMP: Echo Reply

Ping Size=500, NF=1

ICMP: Destination Unreachable

Drop packet. Cannot fragment.

Path MTU=400

Path MTU Discovery

Using packet size of 400 bytes:





No fragmentation/reassembly is necessary

R

R

R

MTU
=1500

MTU
=500

MTU
=400

MTU
=1500

400

B

A

400

300

400

400

400

300

400

400

400

300

400

400

400

300

400

Transport Protocols

IP (Internet Protocol)


Provides computer
-
to
-
computer communication


The source and destination addresses are
computers


It is called machine
-
to
-
machine protocol

Transport Protocols

Transport Protocols


The provide application
-
to
-
application communication


They need extended addressing mechanisms to identify
applications (ports)


They are called end
-
to
-
end protocols


They optionally provide


Reliability


Flow Control


Congestion Control


Not all transport protocols provide these facilities


Transport Protocols

Two transport protocols available in the
TCP/IP family


UDP


User Datagram Protocol


TCP


Transmission Control Protocol

UDP
-

User Datagram Protocol

Unreliable Transfer. Applications will need
to implement their own reliability if
necessary.

Minimal overhead in both computation and
communication.

It is best for LAN applications

Connectionless


No initial connection
necessary. No state in both ends

UDP
-

User Datagram Protocol

Message Oriented

Each message is encapsulated in an IP
datagram.

Size of message is restricted by the size of
the MTU of the directly connected network.

The UDP header has ports that identify


Source application (Source Port)


Destination application (Destination Port)


UDP Packet Format





0 16 31

Length

Data

Source Port

Destination Port

Checksum

8 bytes


Ports Smaller than 1024 are reserved and can only by
used by applications sunning as root.


IP Header size=20 bytes , UDP Header Size=8 bytes


No intial connection necessary to send UDP datagrams

When to Use UDP

UDP is used for


Real
-
time data

-

like voice or video where
having the data received on time within a
maximum delay is more important than
reliability. E.g. VoIP (Voice over IP)


Broadcast data



in applications where data has
to arrive to all computers in a network. E.g.
when the location of a server in a network is
not known and a broadcast query is needed.

When to Use UDP

If your application needs reliability use TCP
instead of UDP.

Otherwise, if UDP is used in an application that
needs reliability the application will need to
implement reliability by itself, making the
implementation more error
-
prone.

Example: NFSv2 (Network File System ) uses
UDP by default and the reliability is implemented
in the NFS server/client program, making the
implementation cumbersome. NFSv3 uses TCP by
default.

Midterm Exam Review

History of the Internet

What is a Network

Transmission Signals


Electricity


Light


RF


Sound

Transmission Media


Copper wire


Optical Fiber


Air


Midterm Exam Review

Types of Encoding


Analog


Continuous Signal


Digital


Discrete Signal (Numbers)

RS232


-

One bit after another


+15 = 0


-
15 = 1


Start bit/End bit


Speeds 9.6Kbps, 14.4 Kbps, 28.8 Kbps

Midterm Exam Review

Carrier Wave


Used for long distances


Forms of Modulation:


Amplitud (AM)


Frequency (FM)


Phase (PM)

Modems


Modulator/Demodulator


Modulates data in a carrier wave for long distances.

Midterm Exam Review

Network Parameters


Propagation Delay (secs)


Bandwidth (Hz)


Throughput (bps)

Nyquist Theorem


Relates bandwidth to Throughput


It does not consider noise

Shannon’s Theorem


Relates bandwidth to Throughput


It considers noise.

Midterm Exam Review

Multiplexing


Sending multiple signals in the same channel


TDM


Time Division Multiplexing


FDM


Frequency Division Multiplexing

Packet Switching


Shared networks use packet switching


Computers divide data into packets


Allows fair access.

Midterm Exam Review

RS232 Frame Format


SOT/EOT characters


Stuffing

Handling Errors


Parity Bit


Checksum


CRC

Midterm Exam Review

Local Area Networks


LAN/MAN/WAN


Locality Principle in LAN’s

Network Topology


Star


Ring


Bus

Midterm Exam Review

Ethernet


Ethernet Types


CSMA/CD what it means and how it works


Exponential Back off


Unicast/Broadcast/Multicast


Promiscuous Mode


Packet Format


Midterm Exam Review

802.11


802.11 Architecture


SSID


Hidden Terminal Problem


CSMA/CA (Collision Avoidance)


802.11 Multiple Access


802.11 Forwarding


WEP and Privacy


Midterm Exam Review

Ring Topology


Token Ring


FDDI
-

Fiber Distributed Data Interconnect

Start Topology
-

ATM


Characteristics


Advantages and Disadvantages


Midterm Exam Review

Extending Networks


Repeater


Bridge

Ethernet In a Box


Ethernet Hubs


Ethernet Switches


Advantages and Disadvantages

Midterm Exam Review

WAN


Wide Area Networks


Digital Circuits: T1, T3


ISDN


DSL/ADSL


Cable Modems

Causes of Delay


Propagation Delay


Switching Delay


Queuing Delay

Midterm Exam Review

Protocols and Protocol Families

Layering Principle

ISO/7 Layering Model

Internet Layering

IP Addressing


Class A, B, C


Subnets


Special Addresses


Midterm Exam Review

IP Packet Format


All fields: IP src, IP dest, TTL, IP Type, ID,
Flags, Offset

IP Routing


Routing Tables


How Routing works


Routing in Hosts

Midterm Exam Review

ARP


Address Resolution Protocol


ARP Lookup Algorithm


ARP Table (cache)

IP Fragmentation and Reassembly


Fragmentation is done by Routers


Reassembly is done by hosts


IP fields used for Reassembly


Reassembly Timer

Review Midterm Exam

IP Routing


Routing Tables in router and Hosts


Routing Protocol Families


Link State


Distance Vector


RIP and OSPF

Review Midterm Exam

ICMP


Used for Error and Diagnosis


ICMP Types


Source Quench


Time Exceeded


Destination Unreachable


Echo Request


Redirect


ICMP Constraints


Traceroute


Path MTU Discovery

Review Midterm Exam

Transport Protocols


Characteristics


TCP, UDP

UDP User Datagram Protocol


Characteristics


UDP Packet format


When to use UDP

Midterm Exam Review

Study Material


Class Slides


Old Exams


Projects


Book

Study old exams. 40% of the questions will
come from old exams.

TCP


Transmission Control Protocol

It is the major transport protocol used in the
Internet

It is:


Reliable


It uses acknowledgement and retransmission
to accomplish reliability


Connection
-
Oriented
-

An initial connection is required.
Both end points keep state about the connection.


Full
-
Duplex


Communication can happen in both ways
simultaneously.


Stream Interface


Transfer of bytes look like
writing/reading to a file.


TCP Reliability

How does TCP achieves reliability?

It uses Acknowledgments and Retransmissions

Acknowledgement
-



The receiver sends an acknowledgement when the data
arrives.

Retransmission


The sender starts a timer whenever the message is
transmitted


If the timer expires before the acknowledgement
arrives, the sender retransmits the message.

TCP Reliability



Host 1

Host 2

1.Send packet

3.Receive pkt 1

4.Send ack 1

7.Send pkt 2

9.Receive pkt 2

10.Send ack 2

5.Receive ack1

11.Receive ack2

Normal Exchange

13.Send pkt 3

2.Timer Starts

6.Timer Cancel

8.Timer Starts

12.Timer Cancel

TCP Reliability



Host 1

Host 2

1.Send pkt 1

7.Receive pkt 1

8.Send ack 1

13.Receive pkt 2

5.Send pkt1

9.Receive ack1

Packet Lost

11.Send pkt 2

2.Timer Starts

4.Timer Expires

6.Timer Starts

10. Timer Cancel

3.Packet
Lost

12.Timer Starts

TCP Reliability



Host 1

Host 2

1.Send pkt 1

3.Receive pkt 1

4.Send ack 1

15.Receive pkt 2

7.Send pkt1

11.Receive ack1

Ack Lost

13.Send pkt 2

2.Timer Starts

6.Timer Expires

8.Timer Starts

12. Timer Cancel

5.Ack Lost

14.Timer Starts

9.Receive pkt 1

10.Send ack1

TCP Adaptive Retransmission

How long should the retransmision timer
wait before expiring?


Too short: Excessive unneeded retransmission


Too long: Slow to recover after an error. Slow
throughput.

TCP Adaptive Retransmission

The time that it takes for an
acknowledgment to arrive depends on the
round trip time.

Host 1

Host 2

1.Send packet

2.Receive pkt 1

3.Send ack 1

4.Receive ack2

Roundtrip
Time

TCP Adaptive Retransmission

We have seen that the Round Trip Time depends
on:


Propagation Delay


Switching Delay


Queuing Delay

Also, the round trip time may change overtime.

The retransmission time cannot be a constant since
it depends on the network and it can change over
time.

TCP Adaptive Retransmission

TCP keeps an estimate of the round trip
time (RTT).

It uses this estimate to set the retransmission
timer.

Only successful transmissions are used in
the estimate.

TCP Adaptive Retransmission

The computation uses a “moving average”

For every sample round trip time R from a
successful packet:


RTT
new
=.125*R + .875*RTT
old

Where:

RTT
new


New estimate for Round Trip Time

RTT
old


Old estimate for Round Trip Time

R


Current Round Trip Time Sample

TCP Adaptive Retransmission

A moving average is used instead of the
traditional Avg=Sum
N
(X)/N because we are
interested in the current average instead of
the total average.

The computation uses integer arithmetic to
allow faster implementations


Shift right=division by 2,


Shift left=multiplication by 2.

TCP Adaptive Retransmission

Also the variance is computed to take into
account the variability of the RTT

RTTVAR
new
=.25*abs(R
-
RTT
new
) + .75*RTTVAR
old

Where:

RTTVAR
new


New estimate for RTT Variance

RTTVAR
old


New estimate for RTT Variance

RTT
new


New estimate for Round Trip Time

R



Current Round Trip Time Sample

TCP Adaptive Retransmission

The retransmission timer is computed as:



RetransmissionTimer=RTT
new
+ 4*RTTVAR
new


This takes into account the variability of the RTT

Without the additional
4*RTTVAR
new

we could have
many additional unnecessary retransmissions.

TCP Adaptive Retransmission



Host 1

Host 2

1.Send packet

2.Receive pkt 1

3.Send ack 1

4.Receive ack2

RTT
new

Retransmission
Timer

4*RTTVAR
new

TCP Adaptive Retransmission

Adaptive Retransmission is key to TCP success.

It allows TCP to work well in both slow networks
(E.g. RS232) and fast networks (E.g. Gigabit
Ethernet)

For the sake of clarity I have submitted some
details in the computation of the RTT. For more
details see:
http://www.faqs.org/rfcs/rfc2988.html


TCP Flow Control

The purpose of
Flow Control

is to slow down the
sender program if the receiver program is not fast
enough consuming data.

During an acknowledgment message, the receiver
advertises to the sender the receiver’s available
buffer space called
window size
.

The sender can send up to the entire
window size

bytes before an acknowledge arrives.

TCP Flow Control

The purposes of the
window size

is:


To allow sending multiple packets before
receiving an acknowledgement. This increases
the throughput.


To stop the sender program if the receiver is too
slow consuming the received data and the
receiver buffer is full.

TCP Flow Control

For this purpose, each
acknowledgment

that the
receiver sends contains:


Sequence number
: The number of consecutive bytes
(no holes) received successfully so far.


Window Size
: The receiver’s available buffer space.

The interpretation is:


I have received up to
<sequence
-
bytes>

successfully and I can take
<window
-
size>

more.

The sender cannot send more than
<window
-
size>

additional bytes

TCP Flow Control (Normal Exchange)



Host 1(Sender)

Host 2 (Receiver)

2. Send bytes 1
-
1000

1.Ack. Window=2500

3. Send bytes 1001
-
2000

4. Send bytes 2001
-
2500

5.Ack. Seq=1000 Win=1500

6.Ack. Seq=2000 Win=500

7.Ack. Seq=2500 Win=0

8. Win=0. Sender Program
stops sending until
window is open again

9.Receiver program
consumes 500 bytes. Send
Ack. Seq=2500 Win=500

10. Send bytes 2501
-
3000

11.Ack. Seq=3000 Win=0

TCP Flow Control (Packet Lost)



Host 1

Host 2

2. Send bytes 1
-
1000

1.Ack. Window=2500

3. Send bytes 1001
-
2000

4. Send bytes 2001
-
2500

5.Ack. Seq=1000 Win=1500

6.Ack. Seq=1000 Win=1500

7. Retransmission
Timer Expires.

8. Send bytes 1001
-
2000

10.Ack. Seq=2500 Win=0

9. Send bytes 2001
-
2500

TCP Flow Control.

Cumulative Acknowledgments:


The acknowledgements are sent for the bytes in
sequence received correctly without holes.


This means that one acknowledgment may be
for the packets (segments) received so far.

TCP Flow Control





2. Send bytes 1
-
1000

1.Ack. Window=2500

3. Send bytes 1001
-
2000

4. Send bytes 2001
-
2500

7.Ack. Seq=2500 Win=0

Cumulative Acknowledgments example:

5.Ack. Seq=1000 Win=1500

6.Ack. Seq=2000 Win=500

TCP Flow Control

Cumulative Acknowledgments

have the problem
that sometimes there are unnecessary
retransmissions.

This may be a problem in networks that have long
delays or high throughput since multiple packets
will be in transit before an acknowledge is
received.

An alternative is
Selective Acknowledgments

where only subranges of the sequence are
acknowledged. Some variations of TCP for long
delay or high speed networks use them.

TCP Flow Control





Host 1

Host 2

2. Send bytes 1
-
1000

1.Ack. Window=2500

3. Send bytes 1001
-
2000

4. Send bytes 2001
-
2500

5.Ack. Seq=1000 Win=1500

6.Ack. Seq=1000 Win=1500

7. Retransmission
Timer Expires.

10.Ack. Seq=2500 Win=0

9. Send bytes 2001
-
2500

8. Send bytes 1001
-
2000

Unneeded Retransmission

TCP Flow Control

Window is advanced after acknowledgment


0000 0500 1000 1500 2000 2500 3000 3500

0000 0500 1000 1500 2000 2500 3000 3500

Sender

Receiver

A

B

C

D

E

F

G

H

1. Send 0
-
1000

0000 0500 1000 1500 2000 2500 3000 3500

A

B

C

D

E

F

G

H

2. Send 1001
-
2000

0000 0500 1000 1500 2000 2500 3000 3500

Window=500

A

B

C

D

0000 0500 1000 1500 2000 2500 3000 3500

A

B

C

D

E

F

G

H

3. ACK Seq=2000, Win=500

Window=2500

Window=2500

Window=2500

Window=500

TCP Flow Control

In the sender the window delimits the data
that has not been acknowledged yet.

In the receiver the window is available
space for data not yet received.

The size of the sequence number is 4 bytes.

This number can wrap around. What will
happen if a packet from a previous round is
received?

TCP Flow Control

To prevent packets with sequence numbers
from a previous round to be accepted:


Only data with sequence numbers in the
window are accepted by the receiver.


Only acknowledgments with sequence numbers
in the window are accepted by the sender.


The sequence number starts with a random
value.

TCP Flow Control

Fast Retransmission


To speedup the retransmission, two duplicated
acknowledgments are considered a sign of a
lost packet.


If that is the case, the sender starts
retransmission immediately without waiting for
the retransmission timer to expire

TCP Flow Control





Host 1

Host 2

2. Send bytes 1
-
1000

1.Ack. Window=2500

3. Send bytes 1001
-
2000

4. Send bytes 2001
-
2500

5.Ack. Seq=1000 Win=1500

6.Ack. Seq=1000 Win=1500

9. Send bytes 2001
-
2500

8. Send bytes 1001
-
2000

Fast Retransmission
after two similar
acknowledgments

Fast Retransmission

TCP Congestion Control

When the network is congested packets are
dropped.

If packets are dropped, more packets are
retransmitted, making the congestion worse.

TCP Alleviates this problem by using a
mechanism called “
Slow Start
” and

Congestion Avoidance
”.


TCP Congestion Control

For TCP a lost packet is a symptom of
congestion.

Lost Packet = Congestion

TCP does not have “Aggressive
Retransmission” like other protocols.

Instead TCP is a “
Nice
” protocol by
providing
Slow Start

and then
Congestion
Avoidance

in the presence of congestion.

TCP Congestion Control

Slow Start

:


If a packet is lost, the sender will use a “
Congestion Window

instead of the normal Window.


The
congestion window

will initially be the size of a segment
(packet).


The sender will send one segment (packet) of data and wait for an
acknowledgment.


If the first segment succeeds, the
congestion window

is increased
to the size of 2 segments.


If the 2 segments succeed the
congestion window

is increased to 4
segments (exponential growth) and so on until
one half normal
window size

is reached and
Slow Start

ends.


TCP Congestion Control

Congestion Avoidance


After Slow Start, the congestion windows is
increased by one segment for each successful
acknowledge (linear growth) until it reaches the
normal window size.

Congestion Window Size

½ Window

Window

Slow Start

Congestion Avoidance

TCP Reliable Connection and Shutdown

Why connection startup/shutdown are
difficult?


Packets are lost, duplicated or out of order.


Either site can crash or reboot.


Duplicate shutdown messages may affect later
connections.

TCP Reliable Connection and Shutdown

TCP uses “Three Way Hand Shake” to start
a connection





Host 1

Host 2

2. Receive SYN

3. Send SYN+ACK, seq=x2,
win=w2

4. Receive SYN+ACK

1. Send SYN, seq=x1,
win=w1

5. Send ACK

5. Receive ACK

Opening a TCP Connection

TCP Reliable Connection and Shutdown

TCP uses “Three Way Hand Shake” to
shutdown a connection.





2. Receive FIN

3. Send ACK

4. Receive ACK

1. Send FIN

8. Send ACK

6. Send FIN

Shutdown a TCP Connection

5. Application closes socket

9. Receive ACK

7. Receive FIN

TCP Reliable Connection and Shutdown

Why shutting down a connection requires four
packets instead of three?


The application in the other side needs to be notified
that the connection is being closed.


The application may take sometime to close the socket
too before sending the second FIN.


Meanwhile, the first FIN packet needs to be
acknowledged so the second FIN cannot be sent
together (piggy
-
backed) with the ACK of the first FIN.

TCP Packet Format



0 4 8 16 24 31

Source Port

Destination Port

Sequence Number

Checksum

TCP Options (Optional)

Data

Acknowledgment Number

20
Bytes

HLEN(4)

Code
Bits(6)

Not Used

Window

Urgent Pointer

TCP Packet Format

IP Header=20 bytes, TCP Header=20 bytes

Source port/Destination Port


Source and destination application.


A TCP connection is defined uniquely in the entire
Internet by four values:

<src
-
ip
-
addr, src
-
port, dest
-
ip
-
addr, dest
-
port>


Once a connection is closed, ports cannot be reused for
255 seconds to prevent delayed packets to be used in
future connections that may use the same ports.


You can override this requirement using
SO_REUSEADDR in the server. The client still will
have to follow this requirement.

TCP Packet Format


A TCP connection is defined uniquely in the entire
Internet by four values:

<src
-
ip
-
addr, src
-
port, dest
-
ip
-
addr, dest
-
port>


Example: A runs an HTTP server in port 80


B connects to A’s HTTP server using source port 5000


The connection is <IB, 5000, IA, 80>


C connects also to A’s HTTP server using src port 8000


The connection is <IC, 8000, IA, 80>


Another browser in B using port 6000 connects to A


The connection is <IB, 6000, IA, 80>


Another browser in C using port 5000 connects to A


The connection is <IC, 5000, IA, 80>


TCP Packet Format

Sequence Number


Offset of the data that is sent

Acknowledge Number


Highest sequence number of consecutive bytes
that have been received correctly so far.

HLEN


Header Length in multiples of 4.

TCP Packet Format

Bits


SYN


Start a connection


FIN


End a connection


ACK


Acknowledge field is valid

Window


Buffer Size available in the receiver. Used for
control flow.

TCP Packet Format

Checksum


Used to verify the contents of the packet. Set by the
sender and verified by the receiver. If the packet is
corrupt, it is considered a lost packet.

Urgent Pointer


It is used for out
-
of
-
band data for data that needs to be
delivered urgently skipping any other data.


It is used in Telnet/ssh for ctrl
-
c to be able to kill
aprogram before all output is received.

TCP Summary of Features

1. Adaptive Retransmission


The retransmission timer is set to RTT+4*RTTVAR
where RTT is estimated. This allows TCP work in slow
and fast networks.

2. Cumulative Acknowledgments


An acknowledgment is for all the bytes received so far
without holes.

3. Fast Retransmission


It is a heuristic where a duplicated acknowledgment for
the same sequence is signal of a packet lost. The data is
retransmitted before the timer expires.

TCP Summary of Features

4. Flow Control


It slows down the sender if the receiver is running out
of buffer space. The window (receiver’s buffer size) is
sent in every acknowledgment.

5. Congestion Control


For TCP a lost packet is signal of congestion.


Instead of aggressively retransmit, it will slow down the
retransmission. It will use first
“Slow Start”
and then a

“Congestion Avoidance”

where the window of
retransmitted data is reduced in size.


TCP Summary of Features

6. Reliable Connection and Shutdown


TCP uses a Three way Handshake to close
connections.


Three packets are enough to make sure that lost
packets or host crashes will not interfere future
connections.

NAT: Network Address Translation


Network Address Translation (NAT)

is used
when you want to connect multiple
computers to the Internet using a single IP
address.

The NAT software can run on a computer
or specialized device (NAT box) that has
two network interfaces: one connected to
the private network and the other one to the
Internet.

NAT: Network Address Translation

As a side effect, NAT provides protection.

Packets will be allowed into the private network
only if they belong to a connection that started by
a machine in the private network.

A NAT box is also called a
Firewall.

NAT also mitigates the problem of running out of
Assigned Network Numbers.

Potentially you could have another Internet behind
a NAT box.

NAT: Network Address Translation



Internet

Private Net

N

192.168.1.0

192.168.1.100

192.168.1.101

192.168.1.102

192.168.1.1

128.10.3.24

From the point of view of the Internet, all computers in the
private network have the address 128.10.3.24

The NAT box is also a DHCP server that assigns IP addresses and
it is the default router.

A

B

C

NAT Box

NAT: Network Address Translation

A TCP connection is defined uniquely in the
entire Internet by four values:

<src
-
ip
-
addr, src
-
port, dest
-
ip
-
addr, dest
-
port>


The NAT box will work as follows:

1. The machines in the private network use the NAT box
as the default router.

2. When a TCP packet with header

<IPsrc, PORTsrc, IPdest, PORTdest>


goes from the private network to the Internet, the NAT box will
change the header to

<IPnat, PORTrand, IPdest, PORTdest>

Where
IPnat
is the shared IP address and
PORTrand

is a random
unused port in the NAT box.

NAT: Network Address Translation

3. The NAT box will also add the NAT mapping to the
NAT table


(PORTrand, IPsrc, PORTsrc)

4. When a packet


< IPdest, PORTdest , IPnat, PORTrand>


comes from the Internet to the NAT box, the NAT box
will lookup
PORTrand

in the NAT table and it will
change the header to


< IPdest, PORTdest , IPsrc, PORTsrc>

And it will

forward the packet to

IPsrc.

5. A similar translation is done for UDP packets.

NAT Example



Internet

Private Net

N

192.168.1.100

192.168.1.1

128.10.3.24

A

X

B

C

NAT Box

1.
Computer A wants to establish a TCP connection with an
HTTP server X in the Internet.

2.
The NAT box is the default router for A so A sends the
TCP packet to the NAT box.

<A, 4563, X, 80>

NAT Example



Internet

Private Net

N

192.168.1.100

192.168.1.1

128.10.3.24

A

X

B

C

NAT Box

3.The NAT box chooses an unused random port (7867) and
substitutes the source port in the packet as well as the source
address with its own IP address. The new packet is sent to X.

4. The old port (4563), old source address (A), and new port are
added to the NAT table for use when packets of the same
connection come back.

<N, 7867, X, 80>

NAT Table

Src

Port

Newport

A 4563 7867

NAT Example



Internet

Private Net

N

192.168.1.100

192.168.1.1

128.10.3.24

A

X

B

C

NAT Box