Chapter 5 传输层
5.1 Services provided by the transport layer
5.1.1 Features of 传输层
From the perspective of communication and information processing, the transport layer provides communication services to the application layer above it. It belongs to the communication-oriented part. The highest level is also the lowest level among user functions.
The transport layer is located above the network layer. It provides logical communication between processes running on different hosts, while the network layer provides logical communication between hosts. Apparently, even network layer protocols are unreliable (network layer protocols cause packets to be lost, scrambled, or duplicated). The transport layer can also provide reliable services to applications.
When two hosts at the edge of the network use the functions of the core part of the network for end-to-end communication, only the protocol stack of the host has the transport layer and application layer, and the router only uses the functions of the lower three layers when forwarding packets ( There is no transport layer in the communication subnet, the transport layer only exists in hosts outside the communication subnet). The functions of the transport layer are as follows:
1) The transport layer provides logical communication (i.e. end-to-end communication) between application processes. The difference from the network layer is that the network layer provides logical communication between hosts.
From a network layer perspective, the two parties communicating are two hosts, and the header of the IP datagram gives the IP addresses of the two hosts. But "communication between two hosts" is actually communication between application processes in two hosts. Communication between application processes is also called end-to-end logical communication >. "Logical communication" here means: the communication between the transport layers seems to transmit data in the horizontal direction, but in fact there is no horizontal physical connection between the two transport layers.
2) Multiplexing and demultiplexing. Multiplexing means that different application processes on the sender can use the same transport layer protocol to transmit data; Separation means that the transport layer of the receiver can correctly deliver the data to the destination application process after stripping off the header of the message.
3) The transport layer also performs error detection on the received message (header and data part). The network layer only checks the header of the IP datagram, not the data part for errors.
4) Provide two different transmission protocols, namely connection-orientedTCP and connectionlessUDP. The network layer cannot implement two protocols at the same time (that is, the network layer either only provides connection-oriented services, such as virtual circuits; or only provides connectionless services, such as datagrams, and it is impossible to have both methods at the network layer at the same time) .
The transport layer shields the core details of the low-level network (such as network topology, routing protocols, etc.) from high-level users. It makes the application process see that there seems to be an end-to-end logical communication channel between the two transport layer entities. This logic The performance of the communication channel to the upper layer varies greatly depending on the transport layer protocols. When the transport layer uses connection-oriented TCP, although the underlying network is unreliable (only providing best-effort services), this logical communication channel is equivalent to a full-duplex reliable channel. But when the transport layer uses connectionless UDP, this logical communication channel is still an unreliable channel.
5.1.2 Transport layer addressing and ports
1. The role of the port
The port allows various application processes in the application layer to deliver their data downward to the transport layer through the port, and lets the transport layer know that the data in its message segments should be delivered upward through the port to the corresponding application layer process. A port is a Transport Layer Service Access Point (TSAP). Its role in the transport layer is similar to the role of an IP address in the network layer or a MAC address in the data link. The role of the road layer is that the IP address and MAC address identify the host, while the port identifies the application process in the host.
The SAP of the data link layer is the MAC address, the SAP of the network layer is the IP address, and the SAP of the transport layer is the port.
The abstract protocol port between protocol stack layers is a software port, which is a completely different concept from the hardware port on a router or switch. A hardware port is an interface for different hardware devices to interact, while a software port is an address for inter-layer interaction between various protocol processes and transmission entities in the application layer. The transport layer uses software ports.
2. Port number
The application process is identified by the port number. The port number is 16 bits in length and can represent 65536 (216) different port numbers. The port number only has local meaning, that is, the port number only identifies each process in the application layer of this computer. There is no connection between the same port number on different computers on the Internet. of. Ports can be divided into two categories according to the port number range:
1) The port number used by the server. It is divided into two categories. The most important one is well-known port number, with a value of 0 ~ 1023. IANA (Internet Address Assigned Authority) Port numbers are assigned to some of TCP/IP's most important applications and are known to all users. The other type is called registration port number, with values ranging from 1024 to 49151. It is used by applications that do not have well-known port numbers. Use of such port numbers must be registered with IANA to prevent duplication.
Some commonly used and well-known port numbers are as follows:
| app |
FTP |
TELNET |
SMTP |
DNS |
TFTP |
HTTP |
SNMP |
| Well-known port number |
21 |
23 |
25 |
53 |
69 |
80 |
161 |
2) The port number used by the client, the value is 49152 ~ 65535. Since this type of port number is dynamically selected only when the client process is running, it is also called an ephemeral port number (also called a ephemeral port number). 3>Temporary port). After the communication is completed, the client port number just used no longer exists, so this port number can be used by other client processes in the future.
3. Socket
In the network, IP addresses are used to identify and distinguish different hosts, and port numbers are used to identify and distinguish different application processes in a host. The port number is spliced to the IP address to formSocketSocket. Sender and receiver sockets are used to identify endpoints in the network. A socket is actually a communication endpoint, that is, SocketSocket=(< a i=6>IPAddress: Port number), which uniquely identifies a host in the network and an application (process) on it.
In network communication, the message segment sent by host A to host B contains the destination port number and the source port number. The source port number is part of the "return address", that is, when B needs to send a message segment back to A, B The destination port number in the message segment to A is the source port number in the message segment from A to B (the complete return address is A's IP address and source port number).
5.1.3 Connectionless services and connection-oriented services
Connection-oriented service means that before the two communicating parties can communicate, a connection must be established first. During the communication process, the entire connection situation is monitored and managed in real time. After the communication is completed, the connection should be released.
Connectionless service means that communication between two entities does not require the establishment of a connection first. When communication is required, information is sent directly to the "network" and the information is transmitted to the destination as best as possible on the network.
The TCP/IP protocol suite uses two transmission protocols above the IP layer: one is the connection-orientedTransmission Control Protocol (TCP ), when using TCP, the transport layer provides a full-duplex reliable logical channel upward; the other is connectionless< a i=5>User Datagram Protocol (UDP). When UDP is used, the transport layer provides an upward Unreliable logical channels.
TCP provides connection-oriented services. A connection must be established before data is transmitted, and the connection must be released after the data transmission is completed. TCP does not provide broadcast or multicast services. Because TCP provides connection-oriented reliable transmission services, it inevitably adds a lot of overhead, such as confirmation, flow control, timers, and connection management. This not only makes the header of the protocol data unit much larger, but also takes up a lot of processor resources. Therefore, TCP is mainly suitable for occasions where reliability is more important, such asFile Transfer Protocol (FTP) , Hypertext Transfer Protocol (HTTP), Remote login (TELNET) etc.
UDP is a connectionless, unreliable transport layer protocol. It provides only two additional services on top of IP: multiplexingand error checking< of data /span>. )RTP real-time Transport Protocol ( and SNMP, DNS, )TFTPSmall File Transfer Protocol (. IP knows how to deliver packets to a host, but it does not know how to deliver them to specific applications on the host. UDP does not need to establish a connection before transmitting data. After the transport layer of the remote host receives the UDP message, it does not need to give any confirmation. Because UDP is relatively simple, its execution speed is relatively fast and its real-time performance is good. Applications using UDP mainly include
5.2 UDP协议
5.2.1 UDPNumber of settings
1. Overview of UDP
UDP only adds two basic services to IP's datagram services: multiplexing and demultiplexing, and error detection. If an application developer chooses UDP instead of TCP, the application deals almost directly with IP. Why would application developers rather build applications on top of UDP than choose TCP? Since TCP provides reliable services and UDP does not, is TCP always preferred? The answer is no, because there are many applications that are more suitable for UDP, mainly because UDP has the following advantages:
1) UDP does not require establishing a connection. Therefore UDP does not introduce a delay in establishing a connection.
2) No connection status. TCP requires maintaining connection state in the end system. This connection state includes parameters for receive and send buffers, congestion control parameters, and sequence and acknowledgment numbers. UDP, on the other hand, does not maintain connection state and does not track these parameters. Therefore, some dedicated application servers can generally support more active clients when using UDP.
3) The packet header overhead is small. TCP has 20B of header overhead, while UDP has only 8B of overhead.
4) The application layer can better control the data to be sent and the sending time. UDP has no congestion control, so congestion in the network will not affect the sending efficiency of the host. Some real-time applications require sending at a stable speed and can tolerate some data loss, but do not allow large delays. UDP just meets the needs of these applications.
5) UDP supports one-to-one, one-to-many, many-to-one and many-to-many interactive communications.
UDP is often used for network applications that transmit less data at one time, such as DNS, SNMP, etc., because for these applications, if TCP is used, it will bring a lot of overhead in connection creation, maintenance, and teardown. UDP is also commonly used in multimedia applications (such as IP telephony, real-time video conferencing, streaming media, etc.). Obviously, reliable data transmission is not the most important for these applications, but TCP's congestion control will cause large delays in data. This is intolerable to them.
UDP does not guarantee reliable delivery, but this does not mean that the application's data requirements are unreliable. All work to maintain reliability can be completed by the user at the application layer. Application developers can flexibly design their own reliability mechanisms based on application needs.
UDP is message-oriented. The sender UDP adds headers to the messages handed over to the application layer, and then delivers them down to the IP layer to send one message at a time. It neither merges nor splits the messages, but retains the boundaries of these messages; the receiver UDP The UDP datagram is handed over to the IP layer, and after removing the header, it is delivered intact to the upper-layer application process, delivering a complete message at a time. Therefore, the message is indivisible and is the smallest unit of UDP datagram processing. Therefore, the application must choose a message of appropriate size. If the message is too long, UDP will hand it over to the IP layer, which may cause fragmentation; if the message is too short, UDP will hand it over to the IP layer, which may cause fragmentation. The relative length of the IP datagram header is too large, both of which will reduce the efficiency of the IP layer.
2. UDP header format
UDP datagram contains two parts: UDP header and user data. The UDP header is 8B and consists of 4 fields, each field is 2B in length. The meaning of each field is as follows:
1) Source port. Source port number. Use it when you need a reply from the other party. Use all 0s when you don't need it.
2) Destination port. Destination port number. This must be used when the endpoint delivers the message.
3) Length. The length of the UDP datagram, the minimum value is 8 (only the header).
4) Checksum. Detect whether there are any errors in the UDP datagram during transmission. If there is a mistake, discard it. This field is optional. When the source host does not want to calculate the checksum, it can directly set this field to all 0s.
When the transport layer receives the UDP datagram from the IP layer, it hands the UDP datagram to the application process through the corresponding port based on the destination port in the header. If the receiving UDP finds that the destination port number in the received message is incorrect (that is, there is no application process corresponding to the port number), then the message is discarded and ICMP sends a "port unreachable" error message to sender.
5.2.2 UDPschool dinner
When calculating the checksum, a 12B pseudo header must be added before the UDP datagram. The pseudo header is not the real header of UDP. Only when calculating the checksum, it is temporarily added in front of the UDP datagram to obtain a temporary UDP datagram. The checksum is calculated based on this temporary UDP datagram. The pseudo-header is neither passed down nor handed up, but is used only to calculate the checksum.
The calculation method of UDP checksum is similar to the calculation method of IP datagram header checksum. But the difference is that the checksum of the IP datagram only checks the header of the IP datagram, but the checksum of UDP checks the header and the data part.
The sender first puts all zeros into the checksum field and adds a pseudo header, and then treats the UDP datagram as a number of 16-bit strings concatenated. If the data part of the UDP datagram is not an even number of bytes, an all-zero byte must be filled in at the end of the data part (but this byte is not sent). Then the sum of these 16-bit words is calculated in one's complement, the one's complement of this sum is written into the checksum field, and sent. After the receiver adds the pseudo header to the received UDP datagram (if it is not an even number of bytes, then all zero bytes need to be added), the sum of these 16-bit words is calculated according to the binary complement code. When there are no errors, the result should be all 1s. Otherwise, it indicates that an error has occurred and the receiver should discard the UDP datagram.
This simple error checking method does not have strong error correction capabilities, but its advantages are simplicity and fast processing speed.
5.3 TCP协议
5.3.1 TCPCharacteristics of the protocol
TCP is a reliable data transmission protocol implemented on top of the unreliable IP layer. It mainly solves the problems of reliable, orderly, no loss and no duplication of transmission. TCP is a very complex protocol in the TCP/IP system. Its main features are as follows:
1) TCP is a connection-oriented transport layer protocol, and a TCP connection is a logical connection.
2) Each TCP connection can only have two endpoints, and each TCP connection can only be point-to-point (one-to-one).
3) TCP provides reliable delivery services to ensure that the transmitted data is error-free, non-lost, non-duplicated and orderly.
4) TCP provides full-duplex communication, allowing application processes on both sides of the communication to send data at any time. For this reason, both ends of the TCP connection are equipped with send buffers and receive buffers to temporarily store data for two-way communication.
The send buffer is used to temporarily store the following data:
① The sending application sends the data to be sent by TCP to the sender;
② TCP has sent data but has not yet received confirmation.
The receive buffer is used to temporarily store the following data:
① Data that arrives in sequence but has not yet been read by the receiving application;
② Data arriving out of sequence.
5) TCP is oriented to byte streams. Although the interaction between the application program and TCP is one data block (of varying sizes) at a time, TCP only treats the data handed over by the application program as a series of unstructured byte streams.
TCP and UDP use completely different methods when sending messages. The length of the UDP message is determined by the sending application process, while the length of the TCP message is determined by the window value given by the receiver and the current network congestion level. If the data block sent by the application process to the TCP cache is too long, TCP will divide it into shorter pieces before sending it; if it is too short, TCP can also wait until enough bytes have been accumulated before forming a message segment and sending it out. Regarding the length of TCP messages, we will discuss it in detail later.
5.3.2 TCP报文dan
The data units transmitted by TCP are called segments. TCP segments can be used to carry data, and can also be used to establish double-click release connections and responses. A TCP message segment is divided into two parts: header and data. The entire TCP message segment is encapsulated in the IP datagram as the data part of the IP datagram. The first 20B of its header is fixed. The minimum length of the TCP header is 20B, followed by 4N bytes, which are options that can be added as needed, and the length is an integer multiple of 4B.
All functions of TCP are reflected in the various fields in its header. The meanings of each field are as follows:
1) Source port and destination port. Each accounts for 2B. The port is the service interface between the transport layer and the application layer. The multiplexing and demultiplexing functions of the transport layer are implemented through the port.
2) Serial number. Occupying 4B, the range is 0 ~ 232-1, with a total of 232 serial numbers. TCP is byte stream oriented (that is, when TCP is transmitted, it is transmitted byte by byte), so each byte in the byte stream transmitted by the TCP connection is numbered in sequence. The value of the sequence number field refers to the sequence number of the first byte of data sent in this segment.
3) Confirmation number. Occupying 4B, it is the sequence number of the first data byte expected to be received from the other party's next message segment. If the confirmation number is N, it means that all data up to sequence number N-1 have been received correctly.
4) Data offset (i.e. header length). Occupying 4 bits, this is not the data offset of IP datagram fragmentation, but represents the header length (there is also an option field of uncertain length in the header). It indicates the distance between the start of the data in the TCP segment and the TCP message. How far away is the start of the segment. The unit of "data offset" is 32 bits (based on 4B as the calculation unit). Since the maximum value that can be represented by a 4-digit binary number is 15, the maximum length of the TCP header is 60B.
5) Reserved. It occupies 6 bits and is reserved for future use, but should be set to 0 for now.
6) Emergency bit URG. When URG=1, it indicates that the emergency pointer field is valid. It tells the system that there is urgent data in this segment and should be transmitted as soon as possible (equivalent to high-priority data). However, URG needs to be used in conjunction with the emergency pointer field in the header, that is, the data from the first byte to the byte pointed to by the emergency pointer is urgent data.
7) Acknowledgment bit ACK. The confirmation number field is only valid when ACK=1. When ACK=0, the confirmation number is invalid. TCP stipulates that after the connection is established, all transmitted message segments must have ACK set to 1.
8) Push bit PSH (Push). When the receiving TCP receives the message segment with PSH=1, it delivers it to the receiving application process as soon as possible instead of waiting until the entire buffer is filled before delivering it upward.
9) Reset bit RST (Reset). When RST=1, it indicates that a serious error occurred in the TCP connection (such as host crash or other reasons), the connection must be released, and then the transport connection must be re-established.
10) Synchronization bit SYN. When SYN=1, it indicates that this is a connection request or connection acceptance message. When SYN=1 and ACK=0, it indicates that this is a connection request message. If the other party agrees to establish a connection, it should use SYN=1 and ACK=1 in the response message.
11) Termination bit FIN (Finish). Used to release a connection. When FIN=1, it indicates that the sender's data of this segment has been sent and the transport connection is required to be released.
12) Window. Occupies 2B, range is 0~216-1. It refers to the amount of data currently allowed to be sent by the other party. The data buffer space of the receiver is limited, so the window value is used as the basis for the receiver to let the sender set its sending window.
13) Checksum. Accounting for 2B. The scope of checksum field verification includes header and data parts. When calculating the checksum, just like UDP, a 12B pseudo-header must be added in front of the TCP segment (just change 17 in the protocol field of the UDP pseudo-header to 6, change the UDP length field to the TCP length, and other The same as UDP).
14) Emergency pointer. Accounting for 2B. The urgent pointer is only meaningful when URG=1. It indicates how many bytes of urgent data there are in this segment (urgent data is at the front of the segment data).
15) Options. Length variable. TCP originally specified only one option, namely Maximum Segment Size (MSS). MSS is the maximum length of the data field in the TCP segment (note that it is only the data field).
16) Filling. This is to make the entire header length an integer multiple of 4B.
5.3.3 TCPConnection management
TCP is a connection-oriented protocol, so each TCP connection has three stages: connection establishment, data transfer and connection release. The management of TCP connections is to ensure that the establishment and release of transport connections can proceed normally.
In the process of establishing a TCP connection, the following three problems must be solved:
1) Each party must be able to know the existence of the other party.
2) Allow both parties to negotiate some parameters (such as the maximum window value, whether to use window expansion options, timestamp options, quality of service, etc.).
3) Able to allocate transportation entity resources (such as cache size, items in the connection table, etc.).
TCP regards connection as the most basic abstraction. Each TCP connection has two endpoints. The endpoint of a TCP connection is not the host, the IP address of the host, the application process, or the protocol port of the transport layer. The port of a TCP connection is a socket (Socket) or socket. Each TCP connection is uniquely determined by the two communication endpoints (ie, two sockets).
TCP connection is established usingclient/server mode . The application process that actively initiates connection establishment is called the client, and the application process that passively waits for the connection establishment is called the server.
1. Establishment of TCP connection
The establishment of a connection goes through the following three steps, usually called a three-way handshake.
Before the connection is established, the server process is in the LISTEN state, waiting for the client's connection request.
Step 1: The client's TCP first sends a connection request segment to the server's TCP. The synchronization bit SYN in the header of this special message segment is set to 1, and an initial sequence number seq=x is selected. TCP stipulates that the SYN segment cannot carry data, but consumes a sequence number. At this time, the TCP client process enters the SYN-SENT (synchronization sent) state.
Step 2: After the server's TCP receives the connection request segment, if it agrees to establish the connection, it sends a confirmation back to the client and allocates cache and variables for the TCP connection. In the confirmation message segment, set both the SYN bit and the ACK bit to 1, the confirmation number is ack=x+1, and also choose an initial sequence number seq=y for yourself. Note that the confirmation segment cannot carry data, but it also consumes a sequence number. At this time, the TCP server process enters the SYN-RCVD (synchronously received) state.
Step 3: After the client receives the confirmation message segment, it also needs to confirm it to the server and allocate cache and variables for the TCP connection. The ACK bit of the confirmation message segment is 1, the confirmation number ack=y+1, and the sequence number seq=x+1. This segment can carry data. If it does not carry data, the sequence number will not be consumed. At this time, the TCP client process enters the ESTABLISHED (connection established) state.
After successfully completing the above three steps, the TCP connection is established, and then the application layer data can be transmitted. TCP provides full-duplex communication, so the application processes on both sides of the communication can send data at any time.
In addition, it is worth noting that the server-side resources are allocated when completingthe second handshake, while the client-side resources are allocated when Assigned when the third handshake is completed, which makes the server vulnerable to SYN flood attacks.
2. Release of TCP connection
There is no feast that lasts forever, and the same is true for TCP. Either of the two processes participating in a TCP connection can terminate the connection. The process of TCP connection release is usually called a four-way handshake.
Step 1: When the client intends to close the connection, it sends a connection release message segment to its TCP, stops sending data, and actively closes the TCP connection. The termination bit FIN of this message segment is set to 1, and the sequence number seq=u, which is equal to the previous The sequence number of the last byte of data that has been transmitted is increased by 1. Even if the FIN message segment does not carry data, a sequence number is consumed. At this time, the TCP client process enters the FINWAIT-1 (termination wait 1) state. TCP is full-duplex, that is, you can imagine that there are two data paths on a TCP connection. The end that sends FIN can no longer send data, that is, one of the data paths is closed, but the other party can still send data.
Step 2: The server sends a confirmation after receiving the connection release message segment. The confirmation number ack=u+1 and the sequence number seq=v are equal to the sequence number of the last byte of the previously transmitted data plus 1. The server then enters the CLOSE-WAIT state. At this time, the connection from the client to the server is released, and the TCP connection is in a semi-closed state. But if the server sends data, the client still needs to receive it, that is, the connection from the server to the client is not closed.
Step 3: If the server no longer has data to send to the client, it notifies TCP to release the connection. At this time, it sends a connection release segment with FIN=1. Assume that the sequence number of this message segment is w (the server may have sent some more data in the semi-closed state), and the last confirmation number ack=u+1 that has been sent must be repeated. At this time the server enters the LAST-ACK (last acknowledgment) state.
Step 4: After receiving the connection release message segment, the client must send a confirmation. Set the confirmation bit ACK in the confirmation message segment to 1, the confirmation number ack=w+1, and the sequence number seq=u+1. At this time, the TCP connection has not been released, and the client must enter the CLOSED (connection closed) state after the time 2MSL (maximum segment life) set by the waiting timer has passed.
A summary of the above TCP connection establishment and release is as follows:
1) The connection is established. Divided into 3 steps:
1 SYN=1,seq=x.
② SYN=1,ACK=1,seq=y,ack=x+1。
③ ACK=1,seq=x+1,ack=y+1。
2) Release the connection. Divided into 4 steps:
① FIN=1,seq=u。
② ACK=1,seq=v,ack=u+1。
③ FIN=1,ACK=1,seq=w,ack=u+1。
④ ACK=1,seq=u+1,ack=w+1。
5.3.4 TCP可靠传输
The task of TCP is to establish a reliable data transmission service based on the unreliable best-effort service of the IP layer. The reliable data transmission service provided by TCP ensures that the byte stream read by the receiving process from the buffer is exactly the same as the byte stream sent by the sender. TCP uses mechanisms such as checksums, sequence numbers, acknowledgments, and retransmissions to achieve this goal. Among them, the verification mechanism of TCP is the same as that of UDP, so I won’t go into details here.
1. Serial number
The sequence number field in the TCP header is used to ensure that data can be submitted to the application layer in order. TCP treats data as an unstructured but certain byte stream. The sequence number is based on the transmitted byte stream, not on the message segment. above. Each byte in the data stream transmitted by the TCP connection is assigned a sequence number. The value of the sequence number field refers to the sequence number of the first byte of the data sent in this segment.
2. Confirm
The confirmation number in the TCP header is the sequence number of the first byte of data expected to be received from the other party's next segment. If the receiver B has received the first segment, and the data of the next segment that B expects to receive starts from the 3rd byte, then the confirmation number in the message sent by B to A Field should be 3. The sender's buffer will continue to store those message segments that have been sent but have not been acknowledged so that they can be retransmitted when needed.
TCP uses cumulative acknowledgment by default, that is, TCP only acknowledges the bytes in the data stream up to the first lost byte. For example, receiver B receives a message segment sent by A that contains bytes 0 ~ 2 and bytes 6 ~ 7. For some reason, B did not receive the message segment with bytes 3~5. At this time, B is still waiting for byte 3 (and the bytes after it), so the next message segment from B to A will confirm the number. field is set to 3.
3. Retransmission
There are two events that will cause TCP to retransmit the segment: Timeout and Redundancy IACK.
① Timeout
Every time TCP sends a segment, a timer is set for this segment. When the retransmission time set by the timer expires but no acknowledgment is received, the segment must be retransmitted.
Since the lower layer of TCP is an Internet environment, the route selected by IP datagrams changes greatly, so the variance of the round-trip delay of the transport layer is also very large. In order to calculate the retransmission time of the timeout timer, TCP uses an adaptive algorithm that records the time when a message segment is sent and the time when the corresponding acknowledgment is received. The difference between these two times is called the length of the message segment (Round-Trip Time, RTT). TCP retains a weighted average round-trip time RTTs of RTT, which changes with the value of newly measured RTT samples. Obviously, the timeout retransmission time (Retransmission Time-Out, RTO) set by the timeout timer should be slightly larger than RTTs, but it cannot be too large. Otherwise, when a message segment is lost, TCP cannot retransmit it quickly, resulting in data transmission delays. Extended. Round-Trip Time
② Redundant ACK
One problem with timeout-triggered retransmission is that the timeout period is often too long. Fortunately, the sender can usually better detect packet loss before a timeout event occurs by paying attention to so-called redundant ACKs. Redundant ACK is to reconfirm the ACK of a certain message segment, and the sender has previously received the acknowledgment of this message segment. For example, sender A sends TCP segments with sequence numbers 1, 2, 3, 4, and 5. Segment No. 2 is lost in the link and cannot reach receiver B. Therefore, message segments No. 3, 4, and 5 become out-of-sequence message segments for B. TCP stipulates that whenever an out-of-order segment with a larger than expected sequence number arrives, a redundant ACK is sent to indicate the sequence number of the next expected byte. In this example, messages No. 3, 4, and 5 arrive at B, but they are not the next messages that B expects to receive, so B sends three remaining ACKs for message segment No. 1, indicating that it expects to receive them. Message segment No. 2. TCP stipulates that when the sender receives three redundant ACKs for the same message segment, it can consider that the message segment following the acknowledged message segment has been lost. As for the previous example, when A receives 3 residual ACKs for message segment No. 1, it can consider that message segment No. 2 has been lost. At this time, the sender A can immediately perform a re-processing of message segment No. 2. transmission, this technology is often called fast retransmission.
5.3.5 TCPFlow rate control
TCP provides a flow control service to eliminate the possibility of the sender (sending rate too fast) overflowing the receiver's buffer, so it can be said that flow control is a speed matching service (matching the sender's sending rate to the receiver's reading rate) .
TCP provides a flow control mechanismbased on the sliding window protocol. The basic principle of the sliding window has been discussed in Chapter 3 of the Data Link The layer has been introduced before. What I want to introduce here is how TCP uses the window mechanism to implement flow control.
During the communication process, the receiver dynamically adjusts the sender's sending window size according to the size of its own receiving buffer. This is called thereceiving windowrwnd, that is, adjust the "window" field value in the TCP segment header to limit the rate of packets injected into the network in the sending direction. At the same time, the sender determines the window value based on its estimate of the current network congestion level, which is called the congestion windowcwnd, its size is closely related to the bandwidth and delay of the network.
For example, in communication, valid data is only sent from A to B, and B only sends a confirmation message to A. At this time, B can notify A of rwnd by setting the window field in the header of the confirmation message segment. rwnd is the maximum ability of the receiver to allow continuous reception, and the unit is bytes. Sender A always limits the size of its sending window based on the latest received rwnd value, thereby controlling the amount of unconfirmed data within the rwnd size and ensuring that A does not overflow B's receiving buffer. Of course, the actual size of A's sending window is the minimum of rwnd and cwnd.
Suppose A sends data to B. When the connection is established, B tells A: "My receiving window rwnd=400". The receiving host B has performed flow control three times, and ACK=1 is set for these three message segments. The confirmation number field is meaningful only when ACK=1. The first time the window is reduced to rwnd=300, the second time it is reduced to rwnd=100, and finally it is reduced to rwnd=0, that is, the sender is not allowed to send data anymore. This causes the sender to pause sending until B resends a new window value.
The difference between the flow control of the transport layer and the data link layer is: the transport layer defines the flow control between end-to-end users, The data link layer defines flow control betweentwo intermediate adjacent nodes. In addition, the window size of the sliding window protocol of the data link layer cannot be changed dynamically, but that of the transport layer can be changeddynamically..
5.3.6 TCPBlock control
Congestion control refers to preventing excessive data from being injected into the network and ensuring that routers or links in the network are not overloaded. When congestion occurs, the endpoint does not understand the details of the congestion. For the endpoints of the communication connection, congestion is often manifested as an increase in communication delay.
The difference between congestion control and flow control: Congestion control allows the network to withstand the existing network load. It is a global process that involves all hosts, all routers, and is related to reducing network transmission performance. All factors. On the contrary, flow control often refers to the control of point-to-point traffic. It is an end-to-end problem (the receiving end controls the sending end). What it has to do is suppressionThe rate at which the sender sends data so that the receiver has time to receive it. Of course, congestion control and flow control are also similar, that is, they both achieve control effects by controlling the rate at which the sender sends data.
For example, the transmission rate of a certain link is 10 Gb/s, and a mainframe transmits files to a PC at a rate of 1 Gb/s. Obviously the bandwidth of the network is large enough, so there is no congestion problem, but such a high The sending rate will cause the PC to be too late to receive, so flow control must be performed. But if there are 1 million PCs transmitting files at a rate of 1 Mb/s on this link, the question now becomes whether the load on the network exceeds what the existing network can bear.
The Internet Recommended Standard defines 4 algorithms for congestion control: Slow start, Congestion avoidance , fast retransmission and fast recovery.
When the sender determines the rate at which message segments are sent, it must not only base on the receiving capability of the receiver, but also consider the overall situation so as not to cause network congestion. Therefore, the TCP protocol requires the sender to maintain the following two windows:
1) Receive window rwnd, the latest window value promised by the receiver based on the current receive buffer size, reflects the capacity of the receiver. The receiver notifies the sender according to the window field placed in the header of the TCP message.
2) Congestion window cwnd, the window value set by the sender based on its own estimated network congestion level, reflects the current capacity of the network. As long as there is no congestion in the network, the congestion window will be increased to allow more packets to be sent out. Whenever the network is congested, the congestion window is reduced to reduce the number of packets injected into the network.
The upper limit of the sending window should be the smaller of the receiving window rwnd and the congestion window cwnd, that is,The upper limit of the sending window=min[rwnd, cwnd].
The size of the receiving window can be notified to the sender according to the window field in the TCP message header. How does the sender maintain the congestion window? This is the slow start and congestion avoidance algorithms explained below.
1. Slow start and congestion avoidance
① Slow start algorithm
When TCP has just connected and starts sending TCP segments, the congestion window cwnd=1, which is a maximum segment length MSS. After receiving an acknowledgment of a new segment, the cwnd is increased by 1, that is, the MSS is increased by one. Increasing the sender's cwnd in this way can make the packet injection rate into the network more reasonable.
For example, A sends data to B. The sender first sets the congestion window cwnd=1. A sends the first segment. After A receives B’s confirmation of the first segment, it increases cwnd from 1 to 2. ; So A then sends two message segments. After receiving B's confirmation of these two message segments, A increases cwnd from 2 to 4, and can send 4 message segments at once next time. (Gradually increase the cwnd upper limit)
The "slow" in slow start does not mean that the growth rate of the congestion window cwnd is slow, but that cwnd=1 is set when TCP starts sending segments, so that the sender only sends one segment at the beginning (the purpose is to test Check the congestion of the network), and then gradually increase cwnd. This is a very powerful measure to prevent network congestion. After using the slow start algorithm, after each transmission round (that is, the round-trip delay RTT), cwnd will double, that is, the value of cwnd will increase exponentially with the transmission round. In this way, slow start increases cwnd to a specified slow start threshold ssthresh (threshold), and then switches to the congestion avoidance algorithm.
② Congestion avoidance algorithm
The idea of the congestion avoidance algorithm is to slowly increase the congestion window cwnd. The specific method is: after each round-trip delay RTT, the sender's congestion window cwnd is increased by 1 instead of doubled, so that the congestion window cwnd slowly increases linearly ( That is, additive growth), which is much slower than the congestion window growth rate of the slow start algorithm.
Different algorithms are executed according to the size of cwnd, which can be summarized as follows:
·When cwnd<ssthresh, the slow start algorithm is used.
·When cwnd>ssthresh, stop using the slow start algorithm and switch to the congestion avoidance algorithm.
·When cwnd=ssthresh, both the slow start algorithm and the congestion avoidance algorithm can be used (common practice).
③ Handling network congestion
Regardless of the slow start phase or the congestion avoidance phase, as long as the sender determines that the network is congested (the acknowledgment is not received on time), the slow start threshold ssthresh must be set to half of the sender's cwnd value when congestion occurs (but not less than 2). Then reset the congestion window cwnd to 1 and execute the slow start algorithm. The purpose of this is to quickly reduce the number of packets sent by the host to the network, so that the router experiencing congestion has enough time to process the backlog of packets in the queue.
The implementation process of slow start and congestion avoidance algorithms:
·Initially, the congestion window is set to 1, that is, cwnd=1, and the slow start threshold is set to 16, that is, ssthresh=16.
·In the slow start stage, the initial value of cwnd is 1. Every time the sender receives an acknowledgment ACK, the cwnd value increases by 1. That is, after each transmission round (RTT), cwnd increases exponentially. When the congestion window cwnd grows to the slow start threshold ssthresh (that is, when cwnd=16), the congestion avoidance algorithm is used, and cwnd grows linearly.
·Assume that the network times out when cwnd=24, update the ssthresh value to 12 (that is, half of the cwnd value when it times out), reset cwnd to 1, and execute the slow start algorithm. When cwnd=12, congestion avoidance is performed instead. algorithm.
The "multiplicative decrease" and "additive increase" methods are used in slow start and congestion avoidance algorithms. "Multiplicative reduction" refers to whether in the slow start phase or the congestion avoidance phase, as long as a timeout occurs (that is, network congestion is likely to occur), the slow start threshold value ssthresh is set to half of the current congestion window (and executed slow start algorithm). When the network is frequently congested, the ssthresh value drops quickly to greatly reduce the number of packets injected into the network. "Additional increase" means that after executing the congestion avoidance algorithm, after receiving acknowledgments for all message segments (that is, after an RTT), the congestion window cwnd is increased by an MSS size, so that the congestion window slowly increases to Prevent premature network congestion.
Congestion avoidance does not completely avoid congestion. It is impossible to completely avoid network congestion using the above measures. Congestion avoidance refers to controlling the congestion window to grow linearly during the congestion avoidance phase, making the network less prone to congestion.
2. Fast retransmission and fast recovery
The fast retransmission and fast recovery algorithms are improvements to the slow start and congestion avoidance algorithms.
① Fast retransmission
In the TCP reliable transmission mechanism introduced in the previous section, fast retransmission technology uses redundancyACKTo detect the occurrence of packet loss. Similarly, redundant ACK is also used to detect network congestion (packet loss certainly means that the network may be congested). Fast retransmission does not cancel the retransmission timer, but can retransmit lost segments earlier under certain circumstances.
When the sender receives three repeated ACK messages in a row, it directly retransmits the message segment that the other party has not yet received without waiting for the retransmission timer set for that segment to expire.
② Quick recovery
The principle of the fast recovery algorithm is as follows: when the sender receives three consecutive redundant ACKs (i.e. repeated acknowledgments), it executes the "multiplicative reduction" algorithm and sets the slow start threshold ssthresh to the sender's cwnd at this time. half of. This is to prevent network congestion. But the sender now believes that the network is probably not (severely) congested, otherwise there would not be several segments reaching the receiver in succession, and no duplicate acknowledgments would be received in succession. Therefore, the difference from slow start is that it sets the cwnd value to the changed value of the slow start threshold ssthresh, and then starts to execute the congestion avoidance algorithm ("additive increase"), so that the congestion window slowly increases linearly. Since the slow start process of the congestion window cwnd starting from 1 is skipped, it is called fast recovery.
In flow control, the amount of data sent by the sender is determined byreceiver, while in congestion control, the amount of data sent by the sender is determined by >The sender decides by detecting the network conditions. In fact, several algorithms such as slow start, congestion avoidance, fast retransmission and fast recovery are applied simultaneously in the congestion control mechanism. Summary of the use of the four algorithms:WhenTCP connection is established and the network times out, slow start and congestion avoidance are used. Algorithm; when the sender receives redundant ACK, it uses fast retransmission and fast recovery algorithm.
The receiver's buffer space is always limited. Therefore, the actual size of the sender's send window is determined by flow control and congestion controlDecided together. When both the receiving window (rwnd) and the congestion window (cwnd) appear in the question, the actual sending window size of the sender is determined by the smaller of rwnd and cwnd.