COMP30023 – Computer Systems
Transport Layer – Services & UDP
Dr Lachlan Andrew
© University of Melbourne 2021
Summary
• (Presentation and Session Layers)
• Transport Layer
• Services Provided • UDP
(c) University of Melbourne 2021
Presentation Layer
• OSI layer 6 to provide: – Encryption
– Compression
– Data conversion (e.g., mapping CR/LF to LF, .doc to .docx)
– Mapping between character sets (ASCII/EBCDIC, now UTF-8/BIG5/…)
• These services haven’t vanished: done by applications
• Why does IETF consider them “Application Layer”?
– The protocol to negotiate encryption etc. is quite simple and separate from the algorithms
– There aren’t simple “common services” needed by all applications
– The application is not in the kernel, and so much more flexible
– “Layering violations”
• Closest thing to presentation layer: Real time protocol (RTP)
(c) University of Melbourne 2021
Session Layer
• OSI Layer 5 to provide
– Authentication
– Authorization
– Session restoration
• continue a failed download
• log back in to same point in an online purchase
• Examples:
– Remote procedure call (RPC)
– Point-to-point tunneling protocol (PPTP)
– Password (/Extensible) Authentication Protocol (PAP/EAP)
• Often used between protocols called* layer 2 and layer 3
– *Layers are funny. Ethernet is always called “layer 2”, but has many properties of layer 3, and even some of layer 4.
(c) University of Melbourne 2021
Transport layer
Role: provide services needed by applications, using services available by the network layer.
• Application needs:
• Data is a stream of bytes
• Data from one application is not mixed with that for another
• Data arrives reliably (or we know when a packet has been lost)
• Data arrives in order
• Data doesn’t arrive faster than we can handle
(c) 2021 University of Melbourne
Transport Layer
• The Transport layer services provide interfaces between the Application layer and the Network/Internet layer.
• The Transport layer entities (the hardware or software which actually does the work e.g. OS kernel, processes, NIC) can exist in multiple locations.
• Services provide a “logical” communication channel between processes running on different hosts:
– Connection-oriented
• = Connection establishment, data transfer, connection release (TCP) • Like phone call
– Connectionless:datatransfer(UDP)
• Like text messages
(c) University of Melbourne 2021
Transport entity illustrated (Tanenbaum)
Connection-oriented transport services (can) provide a reliable service on top of an unreliable network.
(c)2021 UniversityofMelbourne
Transport layer encapsulation
• Abstract representation of messages sent to and from transport entities
• Encapsulation of segments (transport layer units) in packets (network/internet layer units) in frames (data/link layer units)
Frame trailer
(c) University of Melbourne 2021
Transport layer services
• Terminology (not universal):
– Segments – sent at the transport layer
– Packets–sentattheinternet/networklayer
– Frames–sentatthelink/datalinklayer
• In the case of a reliable connection orientated service
– Providesanotional“perfect”connectionbetweentwonodes
• Doesn’t provide privacy, isochrony (preserving delay between packets)
– Hidesacknowledgements,congestioncontrol,lostpackets – Thisserviceisprovidedtothehigherlayers
• In the case of a unreliable connectionless orientated service – Providesmultiplexingbetweendifferentprocesses
(c)2021 UniversityofMelbourne
Transport Layer Addressing
• Specification of the remote process to “connect to” is required at both the application and transport layers.
• Addressing in the Transport layer is typically done using port numbers (e.g. port 80).
– cf.Unix/etc/services,www.iana.org(wellknownports)aprocess server intercepts inbound connections and spawns requested server and attaches inbound connection
• cf. Unix /etc/(x)inetd
• Full address is a 5-tuple
– (sourceIPaddress,sourceport,destinationIPaddress,destination port, protocol)
(c)2021 UniversityofMelbourne
Port allocations
• Port numbers can range from 0-65535 (16 bits)
• Allocated by Internet Assigned Numbers Authority (IANA) – (http://www.iana.org/assignments/port-numbers)
• Ports are classified into 3 segments:
– Well Known Ports (0-1023) • 21FTP
• 22SSH
• 23 Telnet • 25 SMTP • 80 HTTP
• 110 POP3 • 119 NNTP
– Registered Ports (1024-49151)
• Also called “user ports” but still registered with IANA or similar body
– Dynamic Ports (49152-65535)
(c)2021 UniversityofMelbourne
Multiplexing /Demultiplexing
• Shortened to MUXING and DEMUXING
– Multiplexing–combiningmultipledistinctstreamsintoasingle
shared stream
– Demultiplexing–splittingdistinctstreamsoutfromasingleshared stream
(c) University of Melbourne 2021
MUX/DEMUX
HTTP:80 SMTP:25
SSH:22 POP3:110
IP
80:HTTP 25:SMTP
22:SSH 110:POP3
(c) University of Melbourne 2021
UDP – User Datagram Protocol
• The User Datagram Protocol provides a protocol whereby applications can transmit encapsulated IP datagrams without establishing a connection.
– UDPtransmitsinsegmentsconsistingofaheaderfollowedbythe payload
• UDP headers contain source and destination ports, payload is handed to the process which is attached to the particular port at the destination (using BIND primitive or similar)
(c) University of Melbourne 2021
UDP – User Datagram Protocol
• The main advantage of using UDP over raw IP is the ability to specify ports for source and destination pairs.
• Note: both source and destination ports are required – destination allows initial routing for incoming segments, source allows reply routing for outgoing segments.
• Strengths and weaknesses of UDP:
– Strengths:multiplexing/de-multiplexing;
no delay waiting to recover lost packets
– Weaknesses:Noflowcontrol,errorcontrol
or retransmission of bad segments
– Conclusion:whereapplicationsrequireapreciselevelofcontrol over packet flow/error/timing, UDP is a good choice
(c) University of Melbourne 2021
UDP header
• (top) UDP header
• (bottom) The IPv4 pseudoheader included in the UDP checksum.
(c) University of Melbourne 2021
UDP – User Datagram Protocol
• Simple and efficient
• Suitable for some client – server settings
– Clients sends a short request to the server, expects a short response
– If that does not occur (request or response is lost) client timeouts
and resends
– Simpletocode,andfewermessages,oneineachdirection
– DNSisagoodexample
• Also suitable for real-time services (e.g., VoIP)
– If a packet is lost, we don’t want to wait for it to be resent
– Lossconcealment:fillinthetimewithour“bestguess”sound
(c) University of Melbourne 2021
Remote Procedure Calls
• RPC – Remote Procedure Calls
– Allowcallingproceduresonaremoteserverasiftheyarelocalto
the client
– Hidesthenetworkingaspectsfromtheprogrammer
• RPC isn’t a single protocol/API. Dozens of variants exist.
• How it works abstractly:
– ClientprocessonMachineAcallsprocedureonMachineB
– ProcessonmachineAissuspended,whilstexecutionofthe
procedure takes place on Machine B
– MachineBrespondswithresulttoMachineA,whichthencontinues processing
(c)2021 UniversityofMelbourne
Remote Procedure Calls
• To hide the networking, the client and server must be bound to respective stubs
– Client stub – operates in the client address space – Serverstub–operatesintheserveraddressspace
• From the perspective of the client and server processes all the calls are local
• Parameters can be passed and returned
– Marshalling – convert the in-memory data structure to a form that
can be stored or transmitted
– Unmarshalling – covert the stored or transmitted data into an in-memory data structure
(c) University of Melbourne 2021
Remote Procedure Calls
(c) University of Melbourne 2021
Remote Procedure Calls
• Conceptually simple, but many challenges exist
– Cannotpasspointerseasily–clientandserverareindifferent
address spaces
• Possible to marshal and unmarshal underlying value and create a pointer in each address space
– Does not work for complex data structures
– WeaklytypedlanguageslikeCcanpresentproblems
• e.g. unknown array sizes
– Unabletodeduceparametertypes
– Globalvariablesarenotshared
(c) University of Melbourne 2021
Remote Procedure Calls
• UDP can be a good choice for RPC – Requiressomeadditionalscaffolding
• Resending after timeout if no reply is received
– areplyconstitutesanacknowledgementoftherequest
• Handling large parameter sizes that need to be split across multiple UDP segments
– Cautionmustbeusedifoperationisnotidempotent
• e.g., incrementing a bank balance
• TCP can be used for non-idempotent operations
(c) University of Melbourne 2021
RTP – Streaming and VOIP
• Real-Time Transport Protocol (RTP)
• Which layer is RTP at?
– Runsinuserspace,usesUDPfromthetransportlayer->Applicationlayer – Genericprotocolthatprovidesservicestoapplications->Transportlayer – (Neither–Presentationlayer!)
• RTP multiplexes several streams into a single stream of UDP
segments
Video Audio
Video Audio
UDP Segments
(c) University of Melbourne 2021
UDP Example Use
Packet nesting
The position of real-time protocol in the protocol stack
Ethernet trailer
(c) University of Melbourne 2021
RTP Header
• Payload type – encoding used (MP3, etc.) – can vary each time
• Sequence Number – counter incremented on each packet
• Timestamp – Source controlled relative to start of the stream
(c) University of Melbourne 2021
Real-time Transport Control Protocol (RTCP)
• Control protocol for RTP
– Handles feedback, synchronization, and UI
• Feedback to source
– Delay, jitter, bandwidth, congestion
– Used by encoder to adaptively encode to suit network conditions
– In multicast settings, feedback is limited to small percentage of media
bandwidth
• Synchronization
– Where different streams use different clocks/have different drift • UI
– naming sources to show who is on a conference call
• (Another network model:
“Control plane” is a stack parallel to the “data plane” stack.)
(c) University of Melbourne 2021
RTP Playback
• Jitter – variation in delay of packets – Buffer at receiver to counter it
• Packet 8 too late, can wait or skip, depending on application
• Size of buffer is also application specific (VOIP = small buffer)
(c) University of Melbourne 2021
And finally…
• Memcached Reflected DDoS Attacks
– Distributed memory object caching – speeds up dynamic websites by caching database queries
– Should never been configured externally facing
• Small UDP request made to memcached server with fake source IP
• Memcached responds with up to 50,000 times the data
– 203 byte request results in 100MB response
[https://blogs.akamai.com/2018/03/me mcached-fueled-13-tbps-attacks.html]
(c) University of Melbourne 2021
Acknowledgement
• The slides were adapted by Lachlan Andrew from slides prepared by Junhao Gan and Chris Culnane based on material developed previously by: Michael Kirley, Zoltan Somogyi, Rao Kotagiri, James Bailey and Chris Leckie.
• Some of the images included in the notes were supplied as part of the teaching resources accompanying the text books listed in lecture 1.
(c) University of Melbourne 2021