Chapter 5 Transport Layer (Notes)

The content of the video notes comes from the video of teacher Han Ligang

5.1 Functions of the transport layer

Protocols used in each layer:

1. Application layer http https ftp DNS SMTP PoP3 RDP
2. Transport layer: TCP (reliable transmission) UDP
3. Network layer: IP (ROP RIP OSPF BGP) ICMP IGMP ARP

5.1.1 Application scenarios of two protocols at the transport layer

TCP: segment number flow control to establish a session netstat -n can view the session
UDP: one data packet can complete data communication without establishing a session can be used for multicast

5.1.2 The relationship between the transport layer and the application layer

http=TCP+80
https=TCP+443
ftp=TCP+21
SMTP=TCP+25
POP3=TCP+110
RDP=TCP+3389
Shared folder=TCP+445
SQL=TCP+1433
DNS=UDP+53 or TCP+ 53

5.1.3 The relationship between application layer protocols and services

After the service is running, listen to the client request
Web
ftp
smtp
pop3 on a certain port of TCP or UDP.
Use netstat -an to check the listening port of your computer
to check the port number enabled by the remote desktop

The port represents the service
win+R combination key, enter mstsc to open the remote desktop connection window

5.1.4 The role of windows firewall

Windows firewall does not intercept yourself, you can ping others by adding you ping others can ping, others ping you cannot ping, if the ip address is entered correctly, and the network cable is plugged in, it means that you have enabled the firewall.
Windows firewall cannot prevent gray pigeon Trojans

5.2 Transport layer protocol UDP and TCP

5.2.1 Overview of TCP protocol

Computers A and B need to perform a three-way handshake before formal communication

Using the above confirmation and retransmission mechanism, we can achieve reliable communication on unreliable transmission networks. This reliable transmission protocol (confirmation and retransmission mechanism) is often called automatic retransmission request ARQ
ARQ indicates that the retransmission request is automatic In progress. The receiver does not need to request the sender to retransmit an error packet.
That TA is the time used to receive the data packet.
Channel utilization U:

Improve TD to increase channel utilization.
Use sliding window technology to achieve pipeline transmission

There is also a cumulative confirmation

**Serial number: **The marked data is the
confirmation number of the number (also can be said to be the confirmation number):
**Data offset: **It is used to record the number of digits and there is data, and the data offset is in binary Indicates that the maximum four digits of 1111 represent 15, and the maximum TCP header has 4*15=60 bytes

**URG:** marked as 1 can tell the computer that this data is urgent data and needs to be transmitted first
**ACK:**If it is 0, the confirmation number is invalid, and if it is 1, the confirmation number is valid.
**SYN: **Used when establishing a session, syn becomes a 0
syn attack after establishment : it is by always allowing the computer to connect to the session, forging a non-existent address, and letting the computer to send a session request, resulting in a spike in cpu utilization and paralysis of the computer
Land attack: By allowing the computer to establish a session with itself, the target address and source address are both themselves.
RST: 1 represents a serious error in the TCP session, the connection must be released, and the connection must be re-established if you want to communicate. When I opened the browser, I suddenly clicked the red cross)
**FIN:** After the data is transmitted, the FIN becomes 1 when the connection needs to be released.
The following URG and PSH summary is from the blog, thanks for the
summary.
1. URG (urgent Pointer URGent)
When URG=1, it indicates that the urgent pointer field is valid. It tells the system that there is urgent data in this segment, and it should be transmitted as soon as possible (equivalent to high-priority data), rather than in the original queuing order. For example, a program that has been sent for a long time needs to be sent in a remote place. Run on the host. But some problems were discovered later, and the program needs to be cancelled. Therefore, the user issues an interrupt command (Ctrl+C) from the keyboard. If urgent pointer data is not used, then these two characters will be stored at the end of the receiving TCP buffer. These two characters are delivered to the recipient's application only after all the data has been processed. Doing so wastes a lot of time.
2. PSH (Push Push)
When two application processes communicate interactively, sometimes the application process at one end hopes to receive a response from the other immediately after typing a command. In this case, TCP can use push operations. At this time, the sender TCP sets push to 1, and immediately creates a segment and sends it out. The receiving TCP receives the message segment with PSH=1, and delivers the receiving application as soon as possible (that is, "push" forward), instead of waiting until the entire buffer area is filled up before delivering it upwards.
119 start

5.2.1.1 How does TCP achieve reliable transmission

5.2.1.1.1 Sliding window for reliable connection

1. After the sliding window
B in bytes receives the data, it will send the confirmation number to A, and then the sending window of A can move forward based on the information returned by B.

5.2.1.1.2 How to solve the problem of data packet loss when uploading online**

In this case, the computer will send a selective confirmation sack, which will make A only send the missing data packet, such as the 789 data in the above figure.

5.2.1.1.3 Selection of timeout for retransmission

5.2.2 TCP protocol to achieve flow control

5.2.3 How does TCP protocol realize network congestion

Congestion window:
The congestion control method proposed in 1988.

Note:
"Congestion avoidance" does not mean that congestion can be completely avoided. It is impossible to completely avoid network congestion by using the above measures.
"Congestion avoidance" refers to the stage of congestion avoidance. The congestion window is controlled to increase according to a linear law, so that the network is less prone to congestion. The
new congestion control method in 1990 quickly retransmits

when the fourth packet is received. When the third packet is lost, it will immediately send three consecutive Confirm to let A re-transmit 3 without waiting to receive a certain amount and then accumulate confirmation

5.2.4 TCP transmission connection management (emphasis)

There are three stages of transmission connection, namely: connection establishment, data transmission, connection release

5.2.4.1 TCP connection establishment (using a three-way handshake to establish a TCP connection)

Why is there a third confirmation?
If there is no third time, if computer A sends a connection request to computer B, the client will wait for a response for more than a certain period of time and then send the request connection again, and B will soon receive the second connection. Then the two parties start to send data to each other and then terminate the disconnection. After disconnection, the first connection request sent by A is received by B. B will enter the ESTABLISHED (established connection) state, but A has been closed, and the server will wait forever. Cause a waste of resources. After the third time, the server will enter the ESTABLISHED state after the third handshake.

5.2.4.2 TCP connection release