Comp [34]43 Week 7: Oct 8, 2008 Midterm next week =========================================== Chapter 5: transport UDP - P&D 5.1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Length | Checksum | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ unreliable, unconnected (stateless). General uses: NFS, boot, RPC checksum & algorithm checksum can also be updated; eg in IP header 0000 checksum never occurs naturally, can be used as "checksum not used" pseudo-header: include some IP header fields in UDP checksum ports & final destinations lost packets due to queue overflow (skipped) at router at host socket programming interface (P&D 1.3) // done in java udpclient/udpserver simpletalk client, server: TCP and UDP versions socket, bind, sockaddr_in, gethostbyname, Note how socket programming interface corresponds to the actual options: * create a socket * ask for a specific port number * send or receive ========================================================================= TCP - P&D 5.2 more semantic issues: connected v connectionless connection is between two sockets: a socketpair one socket on host A can be part of multiple distinct socketpairs reliable v unreliable stream v packets what TCP does; header fields TCP Header Format 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Source Port | Destination Port | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Sequence Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Acknowledgment Number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data | |U|A|P|R|S|F| | | Offset| Reserved |R|C|S|S|Y|I| Window | | | |G|K|H|T|N|N| | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Checksum | Urgent Pointer | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Options | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | data | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ TCP Header Format connection establishment Logical issue of what is a "connection" connection state on top of stateless lower layer basic strategy of 3-way handshake Sequence number value is the number of the 1st byte of the packet, or what the number would be if there were a first byte. Ack is the number of the next byte we are expecting SYNs count as 1 byte (so do FINs) A B send SYN, seq=0 send syn+ack, seq=0, ack=1 ;; expecing 1 send ACK, seq=1,ack=1 send "abc", seq=1, ack=1 send ACK, seq=1, ack=4 send "defg", seq=4, ack=1 send seq=1, ack=8 send "foobar", seq=8, ack=1 send seq=1, ack=14, "hello" send seq=14,ack=6, "goodbye" send seq=21, ack=6, FIN send seq=6, ack=21 ;; crossing send seq=6, ack=22 send seq=6, ack=22, FIN send seq=22, ack=7 ISN issue outline versus one 2-way handshake Adding 1000 to ISN_A: this affects SEQ on A's side, ACK on B's side TCP sliding windows mostly the same as "normal" sliding windows, done earlier basic outline examples, window-size flow control fast sender, slow receiver fast receiver, slow sender slow router Keeping the pipe full: bandwidth*delay! p. 301 eoc: just got to TIMEWAIT and final ACK Introduction to TCP state diagram, as far as connection establishment Initial Sequence Numbers (ISNs) SYN, ACK, FIN, RST packets TIMEWAIT and final ACK again old late duplicates problem: TIMEWAIT again! what a connection is: machine state at each endpoint TCP should handle: lost packets damaged packets reordered packets duplicated packets widely varying delay OLD LATE DUPLICATES problem TCP example ISN negotiation, choice MSL TIMEWAIT TIMEWAIT and final ACK ISN rationale 1: old late duplicates ISN rationale 2: distinguishing new SYN from dup SYN From Dalal & Sunshine's original paper on the TCP 3-way handshake: 2-way handshake: can't confirm both ISNs 4-way handshake: 1 --SYN-> 2 <-ACK-- 3 <-SYN-- 4 --ACK-> FAILS if first SYN is very very old The ack at line 2 is ignored. LHS thinks the SYN on line 3 is a new request, and so it acks it. It would then send its own SYN (on what would be line 5), but it would be ignored. At this point A and B have different notions of ISN_A. 3-way handshake =========================================================================== TCP state diagram ================================================================================ TCP state diagram Functional Specification +---------+ ---------\ active OPEN | CLOSED | \ ----------- +---------+<---------\ \ create TCB | ^ \ \ snd SYN passive OPEN | | CLOSE \ \ ------------ | | ---------- \ \ create TCB | | delete TCB \ \ V | \ \ +---------+ CLOSE | \ | LISTEN | ---------- | | +---------+ delete TCB | | rcv SYN | | SEND | | ----------- | | ------- | V +---------+ snd SYN,ACK / \ snd SYN +---------+ | |<----------------- ------------------>| | | SYN | rcv SYN | SYN | | RCVD |<-----------------------------------------------| SENT | | | snd ACK | | | |------------------ -------------------| | +---------+ rcv ACK of SYN \ / rcv SYN,ACK +---------+ | -------------- | | ----------- | x | | snd ACK | V V | CLOSE +---------+ | ------- | ESTAB | | snd FIN +---------+ | CLOSE | | rcv FIN V ------- | | ------- +---------+ snd FIN / \ snd ACK +---------+ | FIN |<----------------- ------------------>| CLOSE | | WAIT-1 |------------------ | WAIT | +---------+ rcv FIN \ +---------+ | rcv ACK of FIN ------- | CLOSE | | -------------- snd ACK | ------- | V x V snd FIN V +---------+ +---------+ +---------+ |FINWAIT-2| | CLOSING | | LAST-ACK| +---------+ +---------+ +---------+ | rcv ACK of FIN | rcv ACK of FIN | | rcv FIN -------------- | Timeout=2MSL -------------- | | ------- x V ------------ x V \ snd ACK +---------+delete TCB +---------+ ------------------------>|TIME WAIT|------------------>| CLOSED | +---------+ +---------+ TCP Connection State Diagram Figure 6. half open simultaneous open =============================================================== Anomalous TCP scenarios Duplicate SYN (cf Duplicate RRQ in the TFTP protocol) recognized because of same ISN Loss of final ACK (cf TFTP) any resent FIN will receive a RST in response Old segments arriving for new connection solved by TIMEWAIT Sequence number wraparound (WRAPTIME < MSL) Note WRAPTIME = time to send 4 GB WRAPTIME = 100 sec => 40 mbytes/sec => >300 Mbits/sec Client reboots (application restart isn`t an issue) Could an old connection be accepted as new? ===============================================================================