Chapter 5 Transport Layer

Others 2021-02-28 11:34:45 views: null

Chapter 5 Transport Layer

1. Mind map

image-20201229201027507

2. Overview of the transport layer

2.1, the function of the transport layer

Layers of the transport layer

The transport layer is the level that only the host (end system) has, and the intermediate network device level is up to the network layer. The transport layer uses the services provided by the lower layer (network layer) and provides services for the upper layer (application layer)

image-20201229212201856

Functions of the transport layer

  1. The transport layer provides logical communication between processes and processes (it looks like two processes are connected together), while the network layer provides logical communication between hosts (it looks like two hosts are connected together) .
  2. Multiplexing (different application processes of the sender can use the same transmission protocol for data transmission) and demultiplexing (the transmission layer of the receiver can correctly deliver the data to the specified process after stripping the header of the message)
  3. The transport layer performs error detection on the received message (IP header checksum)
  4. Two protocols at the transport layer: TCP and UDP

2.2. Two protocols in the transport layer

Lickers

There are two good brothers in the transport layer

Big brother TCP and second brother UDP

Big brother is reliable, second brother is not reliable

TCP protocol

Connection-oriented Transmission Control Protocol TCP

A connection must be established before data transmission, and the connection must be released after data transmission. No broadcast or multicast services are provided. Because TCP needs to provide reliable connection-oriented transmission services, it inevitably adds a lot of overhead: confirmation, flow control, timers, and connection management.

Features: Reliable, connection-oriented, large time delay, suitable for large files.

UDP protocol

Connectionless User Datagram Protocol UDP

There is no need to establish a connection before transmitting data, and no confirmation is required after receiving a UDP message.

Features: unreliable, no connection, small delay, suitable for small files.

Transmission unit of the transport layer

The transmission unit of the transport layer is the message segment

2.3. Addressing and port of the transport layer

Multiplexing and demultiplexing

Reuse: All application processes in the application layer can be transmitted to the network layer through the transport layer.

Decentralization: The transport layer delivers the specified application process after receiving the data from the network layer.

How to distinguish different processes on the same host?

Logical port/software port can be used, the port is the SAP of the transport layer, which identifies the application process in the host

The port number has only local meaning (it can uniquely identify a process in this machine), and there is no connection between the same port of different computers in the Internet.

The port number has a length of 16 bits and can represent 65536 different port numbers.

Classification of port numbers

Divide the port number according to the range

image-20201229213358195

Common port numbers

image-20201229213628244

Socket

In the network, the socket combination of the sender and the receiver is used to identify the endpoint. The socket uniquely identifies a host in the network and a process on it.

Socket = (host IP address, port number)

3. UDP protocol

3.1 Overview of User Datagram Protocol UDP

Features of UDP protocol

UDP only adds a few functions to the IP datagram service, that is, multiplexing and demultiplexing and error detection.

The main features of UDP:

  1. UDP is connectionless, reducing overhead and delay before sending data.
  2. UDP uses best-effort delivery, that is, reliable delivery is not guaranteed.
  3. UDP is message-oriented and suitable for network applications that transmit a small amount of data at one time (UDP neither merges messages nor splits messages; messages are too short, communication efficiency is too low, and messages are too long and easy to lose).
  4. UDP has no congestion control and is suitable for many real-time applications.
  5. UDP header overhead is small, 8B, TCP20B.

The IP phones and video phones we use generally use the UDP protocol, which allows some packets to be lost, but never allows the video to have a large delay

UDP message

As long as the application layer sends UDP packets, UDP will still send it, that is, a complete packet will be sent at a time. But if the message is too large, it will be fragmented at the IP layer. Because UDP provides unreliable delivery, if a fragment is lost, the entire message will be unrecoverable.

image-20201229213935140

3.2, UDP header format

Description of UDP packets

If you don’t need to receive a reply from the receiver, then the 16-bit source port number can be filled with 0 (don’t tell the receiver my IP address)

In the case of allocation, if the corresponding destination port number is not found, the message is discarded, and an ICMP "port unreachable" error report message is sent to the sender.

image-20201229214606295

3.3, UDP verification

UDP pseudo header

The pseudo header (pseudo IP header) only appears when the checksum is calculated, and it is neither sent downward nor submitted upward.

17: The protocol field of the IP datagram header of the encapsulated UDP packet is 17.

UDP length: UDP header 8B + data part length (not including pseudo header).

image-20201229215044621

UDP verification example

On the sending end :

  1. Fill in the pseudo header
  2. Fill the checksum field with all 0s
  3. Fill the data part with all 0s (UDP datagram should be regarded as many 4B words concatenated)
  4. Pseudo header + header + data part adopts binary complement summation
  5. Fill the sum and negation code into the checksum field
  6. Remove the pseudo header and send

On the receiving end :

  1. Fill in the pseudo header
  2. The pseudo header + header + data part adopts binary complement summation (the checksum field in the header is the checksum calculated by the sender)
  3. If the result is all 1, there is no error. Otherwise, the datagram is discarded or sent to the application layer to attach an error warning (error control is implemented by the upper layer).

image-20201229215304552

4. Features of TCP protocol and TCP segment

4.1, the characteristics of the TCP protocol

Features of TCP protocol

  1. TCP is a connection-oriented (virtual connection) transport layer protocol.
  2. Each TCP connection can only have two endpoints, and each TCP connection can only be point-to-point.
  3. TCP provides reliable delivery services, no errors, no loss, no duplication, and arrival in order.
  4. TCP provides full-duplex communication:
    1. Sending buffer: data to be sent & data that has been sent but not yet received confirmation
    2. Receive the data that arrives in order in the buffer but has not been read by the receiving application & the data that arrives out of order
  5. TCP is byte-oriented (stream: the sequence of bytes flowing into or out of the process): TCP treats the data handed over by the application as just a series of unstructured byte streams.

4.2, TCP segment header format

TCP segment header format

  1. Sequence number: Each byte in the byte stream transmitted in a TCP connection is numbered in sequence. This field represents the sequence number of the first byte of the data sent in this segment.
  2. Acknowledgement number: expect to receive the sequence number of the first data byte of the next message segment from the other party. If the confirmation number is N, it proves that all the data up to the serial number N-1 has been received correctly.
  3. Data offset (header length): How far is the data start of the TCP message segment from the start of the TCP message segment, in units of 4B bits, that is, a value is 4B.
  4. 6 control bits
    1. Urgent bit URG: When URG=1, it indicates that there is urgent data in this segment, which is high-priority data and should be transmitted as soon as possible, without queuing in the buffer, and used in conjunction with the urgent pointer field.
    2. Urgent bit URG: When URG=1, it indicates that there is urgent data in this segment, which is high-priority data and should be transmitted as soon as possible, without queuing in the buffer, and used in conjunction with the urgent pointer field.
    3. Push bit PSH: When PSH=1, the receiver delivers the receiving application process as soon as possible, and does not wait until the cache is full before delivering it upwards.
    4. Reset RST: When RST=1, it indicates that there is a serious error in the TCP connection, the connection must be released, and then the transmission link can be re-established.
    5. Synchronization bit SYN: When SYN=1, it indicates a connection request/connection acceptance message.
    6. Termination bit FIN: When FIN=1, it indicates that the data of the sender of this segment has been sent, and the connection is required to be released.
  5. Window: refers to the receiving window of the party sending this segment, that is, the amount of data that the other party is allowed to send now.
  6. Checksum: check header + data, add 12B pseudo header when checking, the fourth field is 6 (UDP is 17 and TCP is 6).
  7. Urgent pointer: it is meaningful only when URG=1, indicating the number of bytes of urgent data in this segment. Options: Maximum segment length MSS, window expansion, time stamp, selection confirmation...
  8. Padding: Fill the length of the TCP header to an integer multiple of 4B

image-20201229220441203

5. TCP connection management

5.1, TCP three-way handshake

TCP three-way handshake to establish a connection

The establishment of TCP connection adopts the client-server method. The application process that actively initiates the connection establishment is called the client, and the application process that passively waits for the connection establishment is called the server. TCP uses a three-way handshake to establish a connection

image-20201229221043076

Three stages of TCP connection transmission

image-20201229221131978

5.2, TCP connection establishment

TCP connection establishment process

Suppose a process running on a host (client) wants to establish a connection with a process on another host (server). The client application process first informs the client TCP that he wants to establish a connection with a process on the server The TCP in the client will use the following steps to establish a TCP connection with the TCP in the server:

ROUND 1:

The client sends a connection request segment without application layer data. SYN=1 (means establishing a connection), seq=x (random, meaning that the starting byte sequence number sent by the client to the server is x)

ROUND 2:

The server allocates buffers and variables for the TCP connection, and returns an acknowledgment segment to the client, allowing the connection and no application layer data. SYN=1 (indicating the establishment of a connection), ACK=1 (indicating that the ack field is valid), seq=y (random, indicating that the starting byte sequence number sent by the server to the client is y), ack=x+1 (indicating the server The end wants to receive the byte stream starting with the sequence number x+1 in the next message)

ROUND 3:

The client allocates buffers and variables for the TCP connection, and returns a confirmation confirmation to the server, which can carry data. SYN=0, ACK=1 (indicating that the ack field is valid) s, seq=x+1 (indicating that the starting byte sequence number sent by the client to the server is x+1), ack=y+1 (indicating the client side In the next message, I want to receive a byte stream starting with y+1 sequence number)

image-20201229221150323

SYN will be set to 1 in two cases

  1. Connection request message
  2. In the confirmation message of the connection request

5.3, SYN flooding attack

The concept of SYN flood attack

The SYN flooding attack occurs on the fourth layer of OSI. This method uses the characteristics of the TCP protocol, which is the three-way handshake. The attacker sends TCP SYN, SYN is the first packet in the TCP three-way handshake, and when the server returns an ACK, the attacker does not reconfirm it, then the TCP connection is in a suspended state, which is the so-called In a semi-connected state, the server will repeatedly send an ACK to the attacker if it cannot receive the reconfirmation. This will waste the resources of the server even more. The attacker sends a very large number of these TCP connections to the server. Since each of them cannot complete the three-way handshake, on the server, these TCP connections will consume CPU and memory due to the suspended state. In the end, the server may crash and fail. Provide services for normal users.

Solution: set SYNC cookie

5.4 TCP waved four times

image-20201229221852591

5.5, TCP connection release

TCP connection release process

Either of the two processes participating in a TCP connection can terminate the connection. After the connection is over, the "resources" (cache and variables) in the host will be released.

ROUND 1:

The client sends a connection release segment, stops sending data, and actively closes the TCP connection. FIN=1 (indicating that the client requests to release the connection), seq=u (indicating that the starting byte sequence number sent by the client to the server is u)

ROUND 2:

The server sends back an acknowledgment segment, and the connection from the client to the server in this direction is released-in a semi-closed state. ACK=1 (indicating that the ack field is valid), seq=v (indicating that the starting byte sequence number sent by the server to the client is v), ack=u+1 (indicating the last byte received by the server last time) The serial number is u)

ROUND 3:

The server sends out the connection release segment after sending the data, and actively closes the TCP connection. FIN=1 (indicating that the server requests to release the connection), ACK=1 (indicating that the ack field is valid), seq=w (indicating that the starting byte sequence number sent by the server to the client is w), ack=u+1 (the client The connection is released in one direction, and no more data will be sent to the server, so ack is still equal to u+1)

ROUND 4:

The client sends back an acknowledgment segment, and then waits for the 2MSL (the longest segment lifetime) set by the timer, and then the connection is completely closed. ACK=1 (indicating that the ack field is valid), seq=u+1 (indicating that the starting byte sequence number sent by the client to the server is v), ack=w+1 (indicating the last received by the client The byte sequence number is w)

image-20201229221859468

FIN will be set to 1 in two cases

  1. Client's connection release request
  2. Server-side connection release request

Why does the client need to wait for 2MSL time?

If the confirmation segment sent by the client in ROUND 4 is lost on the road and does not reach the server, the server will retransmit the connection release segment in ROUND 3 if it does not receive the confirmation within a certain period of time. If the client directly closes the connection after sending the confirmation segment in ROUND4, the server will keep retransmitting the connection release segment in ROUND3, which will greatly waste server-side resources

If the confirmation message segment sent by the client in ROUND 4 is lost on the road and does not reach the server, the client will also receive the connection release message segment retransmitted from the server within 2MSL, and then the client will retransmit Confirm the message segment until the server receives successfully

5.6, TCP reliable transmission

5.7, the realization mechanism of TCP reliable transmission

Reliable meaning

Transport layer: use TCP to achieve reliable transmission

The network layer provides best-effort delivery, unreliable transmission

Reliable meaning: to ensure that the byte stream read from the buffer by the receiver process is exactly the same as the byte stream sent by the sender.

TCP means to realize reliable transmission mechanism

  1. Check: Same as UDP check, add pseudo header
  2. Serial number
  3. confirm
  4. Retransmission

5.8, sequence number, confirmation, retransmission

Serial number

Code each byte with a serial number, and the message segment is composed of bytes (unquantified). One byte occupies one serial number. The sequence number field refers to the sequence number of the first byte of a message segment.

image-20201229223900166

confirm

The receiver will return an acknowledgment message after receiving the data, and the acknowledgment field in the header of the message segment is the starting number of the byte sequence expected to be received

image-20201229223656446

Retransmission

Acknowledgement and retransmission are not separated. The TCP sender will retransmit the sent message segment if it does not receive the confirmation within the specified time (retransmission time). Retransmit after timeout

image-20201229223718010

TCP uses an adaptive algorithm to dynamically change the retransmission time RTTs (weighted average round-trip time). TCP transmission round-trip time refers to the transmission time that the sender takes from sending a TCP packet to receiving its immediate response

  1. The retransmission time is too short: the segment that causes the longer transmission time has not arrived yet, it must be retransmitted, which increases the burden on the network
  2. Excessive retransmission time: resulting in more idle time on the network and lower communication usage

Redundant ACK (redundant acknowledgment)

Whenever an out-of-sequence message segment larger than the expected sequence number arrives, a redundant ACK is sent to indicate the sequence number of the next expected byte. For example, the sender has sent segments 1, 2, 3, 4, and 5:

The receiver receives a return acknowledgment to 1 (the acknowledgment number for the first byte 2)
the recipient received 3, 1 still returns to the confirmation (acknowledgment number for the first byte 2)
the recipient received To 4, the confirmation still returned to 1 (the first byte of confirmation number 2) the
receiver received 5, and the confirmation still returned to 1 (the first byte of confirmation number 2)

The sender receives 3 redundant ACKs for segment 1, and considers segment 2 to be lost, and will retransmit segment 2 (fast retransmission mechanism)

6. TCP flow control

6.1, TCP flow control concept

Flow control concept

Flow control: Let the sender slow down (the sender's sending rate is too fast, causing the receiver to be too late to receive, causing serious packet loss), and let the receiver have time to receive.

TCP uses a sliding window mechanism to achieve flow control: in the communication process, the receiver dynamically adjusts the sender's sending window size according to the size of its receiving buffer, that is, the receiving window rwnd (the receiver sets the window field of the confirmation message segment to change rwnd informs the sender), the sender's sending window takes the minimum value of the receiving window rwnd and the congestion window cwnd.

6.2. Example of TCP flow control

Give a chestnut

A sends data to B. When the connection is established, B tells A: "My rwnd=400 (bytes)", assuming that each segment is 100B, and the initial value of the segment sequence number is 1. The following is the flow control process:

image-20201229225315224

It can be seen that at the end host B sets rwnd to 0 and does not allow host A to send any more data. Then when can host A send any more data? After the transport layer of host B delivers the data in the buffer to the upper application, some buffer space will be freed. At this time, a message can be sent to host A and rwnd is set to the value of the receiving window. Here comes the question: What should I do if this message is lost? ? ?

TCP sets a duration timer for each connection. As long as one party to the TCP connection receives the zero window notification from the other party, the duration timer is started. If the time set by the continuous timer expires, a zero-window detection message segment is sent. The receiver gives the current window value when it receives the probe segment. If the window is still 0, the sender resets the duration timer. This ensures that the message containing rwnd can be retransmitted even if it is lost

7. TCP congestion control

7.1, TCP congestion control concept

Congestion control concept

Conditions for congestion: the sum of the requirements for resources (link bandwidth, switching node cache, switching node processor and other resources)> available resources

There are many resources in the network that are in short supply at the same time → network performance deteriorates → network throughput will decrease as the input load increases

The purpose of congestion control: to prevent too much data from being injected into the network and reduce network congestion. This is a global control strategy.

Congestion control and flow control

Congestion control: When the sender’s data cannot reach the receiver for a long time, it proves that the network is congested. Coordination between hosts can prevent excessive data from being injected into the network.

Flow control: In order to prevent the sender from sending too fast, the receiver's buffer is not enough to receive and cause data loss

7.2 Four algorithms for congestion control

Four algorithms, pairwise pairing

  1. Slow start + congestion avoidance
  2. Fast retransmission + fast recovery

Assumptions of case explanation

  1. Data is sent in one direction, and only confirmation is sent in the other direction
  2. The receiver always has enough buffer space, sending window=Min{receiving window rwnd, congestion window cwnd}, so the size of the sending window depends on the degree of congestion

The difference between receiving window and sending window

  1. Receiving window: The receiver will notify the sender according to the value set by the receiving buffer, reflecting the receiver's capacity.
  2. Congestion window: The window value set by the sender according to the degree of network congestion estimated by the sender, reflecting the current capacity of the network.

7.3. Slow start and congestion avoidance

Slow start and congestion avoidance process

The sender maintains a state variable called the congestion window cwnd (congestion window). The size of the congestion window depends on the degree of network congestion and changes dynamically. The sender makes its own sending window equal to the congestion window. In addition, considering the receiver's receiving capability, the sending window may be smaller than the congestion window.

Whether it is in the slow start phase or in the congestion avoidance phase, as long as the sender judges that the network is congested (the basis is that the confirmation is not received, although the lack of confirmation may be due to packet loss due to other reasons, but because it cannot be determined, it is regarded as congestion. To deal with it), set the slow start threshold (ssthresh) to half the size of the sending window when congestion occurs. Then set the congestion window to 1, and execute the slow start algorithm. As shown below:

image-20201229230755983

Remind again that the unit of the congestion window size is changed to the number of datagrams for the convenience of discussion, which should actually be bytes.

7.4, fast retransmission and fast recovery

Fast retransmission and fast recovery process

Fast retransmission requires the receiver to send a repeated confirmation immediately after receiving an out-of-sequence segment (in order to let the sender know that there is a segment that has not arrived at the other party) without waiting for the confirmation when sending data. The fast retransmission algorithm stipulates that as long as the sender receives three repeated acknowledgments in a row, it should immediately retransmit the message segment that the other party has not received, without having to wait for the set retransmission timer to expire.

Fast retransmission is used in conjunction with the fast recovery algorithm, which has the following two main points:

① When the sender receives three repeated confirmations in a row, it executes the "multiplication reduction" algorithm to halve the ssthresh threshold. But then the slow start algorithm is not executed.

②Considering that if the network is congested, it will not receive several repeated confirmations, so the sender now believes that the network may not be congested. Therefore, the slow start algorithm is not executed at this time, but the cwnd is set to the size of ssthresh, and then the congestion avoidance algorithm is executed.

image-20201229231047273

8. Summary of this chapter

image-20201230211505538

Guess you like

Origin blog.csdn.net/oneby1314/article/details/111998719
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com