1

UDP and TCP Basics

Rocky K. C. Chang10 October 2006

2

Transport protocols

Problem: How to extend the host-to-host packet delivery service to a process-to-process communication channel?

Best-effort service provided by IP: drops messages re-orders messages duplicates messages limits message size delivers messages with delay

3

Transport protocols Expectations from transport layer services:

guarantees message delivery delivers messages in order delivers at most one copy of each message supports arbitrarily large messages supports synchronization between sender and

receiver allows receiver to apply flow control supports multiple application processes on

each host

4

Transport protocols Different transport protocols provide

somewhat different sets of services: User Datagram Protocol (UDP): Mainly provide

a demultiplexing service. Transmission Control Protocol (TCP): Provide a

reliable byte-stream service Remote Procedure Call (RPC): Provide services

to transaction-based applications. Real Time Protocol (RTP): Provide services for

transporting real-time data over UDP.

5

UDP (RFC 768) UDP adds a demultiplexing service to IP.

UDP optionally provides error detection but it becomes mandatory for UDP over IPv6.

UDP provides the demultiplexing service through UDP ports. Process IDs can also be used if all systems run

on the same OS. A process is uniquely identified by (Port

number, IP address), which is usually referred to as a socket.

A port is usually implemented by a message queue.

6

UDP (RFC 768) How does a process learn the port for the

other party? For a server process, it will know the client’s

port whenever the client gets connected. For a client process, one approach to learn

server’s port is through the well-known port.

7

Pseudo-header for UDP

When a sender computes the checksum, a pseudo-header is first prepended to the UDP header. Why?

0 31+--------+--------+--------+--------+ ---| source address | ^+--------+--------+--------+--------+ Pseudo-| destination address | header+--------+--------+--------+--------+ || zero |protocol| UDP length | V+--------+--------+--------+--------+ ---| Source port | Dest. port | ^+--------+--------+--------+--------+ UDP header| Length | Checksum | v+--------+--------+--------+--------+ ---|| data octets ...+---------------- ...

8

End-to-end issues As shall see later, TCP uses the same

sliding window protocol as in go-back-n ARQ to provide transport services.

packets

+ve ACK

+ve ACK

packets

9

End-to-end issues Hop-by-hop issues vs end-to-end issues:

Potentially connects many different hosts need explicit connection establishment and

termination Potentially long delay in network

need to be prepared for arrival of very old packets

need to limit packet’s lifetime in the network, in additional to the TTL mechanism.

Potentially different buffering capacity at end nodes

unable to always allocate enough buffers for the bandwidth-delay product of the “connection.”

10

End-to-end issues need to accommodate different amounts of buffering,

especially at the receiving nodes. Potentially different network capacity

need to be prepared for network congestion Potentially different round trip times

need highly adaptive timeout mechanism to cater for various round trip time.

need to cater for the additional delay resulting from network congestion.

11

End-to-end reliability and ordered delivery

An hop-by-hop approach Reliable A-->B and reliable B-->C and

reliable C-->D ==> reliable A-->D?

An end-to-end approach

Does it mean that we don’t need the hop-by-hop ARQ?

A B C DARQ ARQ ARQ

A B C D

TCP

12

End-to-end argument Question: which networking layer should a

function (e.g., reliability and ordered delivery in our case) be implemented?

End-to-end argument A function should not be provided in the lower

levels of the system unless it can completely and correctly implemented at that level.

However, the argument does not exclude providing that function at the lower levels for the purpose of performance enhancement.

13

TCP (RFC 793)

TCP uses connection as its fundamental abstraction. A TCP connection is specified by a pair of

sockets, each of which identifies an endpoint.

TCP supports full-duplex connections. TCP provides a connection-oriented,

reliable, ordered delivery, byte stream service to the upper layer. TCP also provides end-to-end congestion

control and flow control services.

14

TCP (RFC 793) Connection-oriented transport protocol

Need to obtain an explicit agreement from the other side before sending data.

Don’t be confused with the connection-oriented network protocol.

Reliable service through a sliding window mechanism, positive acknowledgment, timing-out and retransmission Accumulative acknowledgment vs selective

acknowledgment

15

TCP (RFC 793) Ordered delivery: receiver delivers ordered

data to the application. Byte-stream service:

Each byte is identified by a number and a TCP receiver does not understand the relationship among bytes.

Byte-stream vs message-based Permit a number of messages to be sent out as a

larger message. Flow control on the number of messages is difficult.

16

TCP connection establishment

TCP connection setup is explicit and asymmetric. The one initiates the connection does an active

open. The other end does a passive open. It involves a total of three special TCP messages

(SYN segments): A three-way handshaking (1.5 round-trip time).

Connection establishment timeout TCP client and sender resend a SYN segment

with exponential backoff up to a certain time. TCP SYN flooding attacks

17

TCP connection establishment Information exchange during connection

establishment: Initial Sequence Numbers (ISN), which are the

first SNs used by the two sides. Why don’t just fix them to, say, 0?

The SYN segment also advertises window size (buffer available for receiving data).

Each side may optionally announce the Maximum Segment Size (MSS) it expects to receive.

If the destination IP address is local, set MSS to the local network’s MTU 40 bytes.

Otherwise, usually set MSS to 536 bytes.

18

An example Client Server

SYN, SequenceNum = x

SYN + ACK, SequenceNum = y,

ACK, Acknowledgment = y + 1

Acknowledgment = x + 1

socket(), bind(), listen()

LISTEN

SYN_RCVD

accept()

ESTABLISHED

ESTABLISHED

accept()returns

connect()returns

connect()

socket()

write()

read()returns

data

SYN_SENT

19

TCP connection termination

TCP connection termination is explicit and symmetric: Each side has to close the connection

independently. At most four FIN segments are needed. By closing the connection, it means that no

more data will be sent, but can still receive data.

A connection in the TIME_WAIT state cannot move to the CLOSED state until it has waited for 2Maximum Segment Lifetime (MSL).

Reasons for having TIME_WAIT state:

1. To implement TCP’s full-duplex connection termination reliably, and

2. To allow old duplicate segments to expire in the network.

Reasons for having TIME_WAIT state:

1. To implement TCP’s full-duplex connection termination reliably, and

2. To allow old duplicate segments to expire in the network.

20

An example Client Server

FIN, SequenceNum = x

ACK x + 1

FIN, SequenceNum = y

ACK y + 1

close()

FIN_WAIT_1

FIN_WAIT_2

TIME_WAIT

CLOSE_WAIT

close()

LAST_ACK

CLOSED

CLOSED

21

TCP state transition diagram

CLOSED

LISTEN

SYN_RCVD SYN_SENT

ESTABLISHED

CLOSE_WAIT

LAST_ACKCLOSING

TIME_WAIT

FIN_WAIT_2

FIN_WAIT_1

Passive open Close

Send/SYNSYN/SYN + ACK

SYN + ACK/ACK

SYN/SYN + ACK

ACK

Close/FIN

FIN/ACKClose/FIN

FIN/ACKACK + FIN/ACK Timeout after two segment lifetimes

FIN/ACK

ACK

ACK

ACK

Close/FIN

Close

CLOSED

Active open/SYN

22

TCP state transition diagram The transition from LISTEN to SYN_SENT is

legal but is not supported in practice. The transition from SYN_RCVD back to

LISTEN is valid only of the SYN_RCVD state was entered from the LISTEN state, not from the SYN_SENT state.

Other extraneous state transitions will be discussed in the TCP security paper.

23

Reset segments A TCP reset segment (RST) is generated

when a connection request for a nonactive port is received. For the same error, UDP sends an ICMP port

unreachable message. An application may also send a RST

segment to abort a connection. Any queued data is thrown away.

The RST segment is not acknowledged. Why?

24

Simultaneous open and close

SYN J SYN K

SYN J, ACK K+1 SYN K, ACK J+1

SYN _SENT

SYN _RCVD

ESTABLISHED ESTABLISHED

SYN _RCVD

SYN _SENT

FIN J FIN K

ACK K+1 ACK J+1

FIN_WAIT_1

CLOSING

TIME_WAIT

FIN_WAIT_1

CLOSING

TIME_WAIT

25

TCP segments 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Acknowledgment Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Header | |U|A|P|R|S|F| | |length | Reserved |R|C|S|S|Y|I| Advertised Window | | | |G|K|H|T|N|N| | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Checksum | Urgent Pointer | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | data | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

26

TCP segments

Data field is optional. SN, AN, and advertised window are all

involved in the sliding window algorithm. SN refers to the number of the first data byte

or the special segment, e.g., SYN, FIN. Flags: special segment indication

Examine the AN if the ACK flag is on. The TCP header is not of fixed length due

to the options (MSS, timestamp, window scale, etc).

27

TCP segments The checksum covers the header and the

payload, i.e., end-to-end checksum. A pseudo-header is first prepended to the TCP

header before computing the checksum. Both urgent pointer and PUSH can be used

to serve as a signal to the receiver about the “record boundary.” The receiving process needs to be notified

when the URG bit or PUSH bit is set. These mechanisms serve as end-of-record

markers.

28

TCP segments The PUSH bit can also be used to allow the

sending process to send whatever bytes in the buffer (for interactive applications).

TCP options Selective acknowledgement (SACK) option

(RFCs 1072, 2018, and 2883) TCP MD5 signature option (RFC 2385) TCP extensions for high performance: window

scaling and timestamp (RFC 1323) MSS announcement (RFC 793)

29

Summary UDP and TCP are the two primary transport

protocols provided in the Internet today. SCTP and DCCP

Similar to IP at the network layer, UDP provides a connectionless, transport-layer service (demultiplexing and error detection).

TCP provides connection-oriented, reliable, ordered delivery, byte

stream service to the upper layer, and end-to-end congestion control and flow control

services.

30

References

J. Saltzer, D. Reed, and D. Clark, “End-to-end arguments in system design,” web.mit.edu/Saltzer/www/publications/ endtoend/ANe2ecomment.html.

D. Clark, V. Jacobson, J. Romkey, and H. Salwen, “An analysis of TCP processing overhead,” IEEE Commun. Mag., vol. 27, no. 6, June 1989.

A special issue on TCP Performance in Future Networking Environments. IEEE Commun. Mag., vol. 39, no. 4, Apr. 2001.