CS计算机代考程序代写 COMP30023 – Computer Systems

COMP30023 – Computer Systems
Transmission Control Protocol
Dr Lachlan Andrew
© University of Melbourne 2021

Acknowledgement
• The slides are based on slides prepared by Chris Culnane based on material developed previously by: Michael Kirley, Zoltan Somogyi, Rao Kotagiri, James Bailey and Chris Leckie.
• Some of the images included in the notes were supplied as part of the teaching resources accompanying the text books listed in lecture 1.
© 2021 University of Melbourne 2

Recap – Transport Layer
• Provides services to the Application (or Session) layer using services from the Network layer.
• The Transport layer entities (the hardware or software which actually does the work e.g. OS kernel, processes, NIC) can exist in multiple locations.
• Services provide “logical” communication channels between processes running on different hosts:
– Connection-oriented
• = Connection establishment, data transfer, connection release (TCP) • Like phone call
– Connectionless:datatransfer(UDP)
• Like text messages
© 2021 University of Melbourne 3

Summary
• Introduction to Transmission Control Protocol (TCP)
– Connecting – Sending
– Closing
© 2021 University of Melbourne 6

Transport service primitives
Primitive Packet Sent
Meaning
• Primitives: core functions which allow interface with
LISTEN (none) Block until something tries to connect
transport services (in particular TCP)
CONNECT CONNECTION REQ Actively attempt to establish a connection
SEND
DATA
Send information
RECEIVE
(none)
Block until DATA packet arrives
DISCONNECT
DISCONNECTION REQ
This sides wants to release the connection
© 2021 University of Melbourne 7

Connection establishment issues
• Remember that TCP is a connection orientated protocol running over a connectionless network layer (IP)
• When networks can lose, store and duplicate packets, connection establishment can be complicated
– congestednetworksmaydelayacknowledgements
– incurringrepeatedmultipletransmissions
– any of which may not arrive at all or out of sequence – delayed duplicates
time
© 2021 University of Melbourne 8

TCP – Overview
• The Transmission Control Protocol provides a protocol by which applications can transmit IP datagrams within a connection-oriented framework, thus increasing reliability.
– TCP transport entity manages TCP streams and interfaces to the IP layer
– TCPentityacceptsuserdatastreams,andsegmentstheminto pieces <64Kb (often 1460 bytes in order to fit the IP and TCP headers into a single Ethernet frame), and sends each piece as a separate IP datagram • Recipient TCP entities reconstruct the original byte streams from the encapsulation © 2021 University of Melbourne 9 TCP – Service Model • Example: – (a)Four512-bytesegmentssentasseparateIPdatagrams – (b)The2048bytesofdatadeliveredtotheapplicationinasingle READ call © 2021 University of Melbourne 10 TCP – Service Model • The sender and receiver both create sockets – Akerneldatastructure,namedbythe5-tupleofIPaddressandport number of sender and receiver, and the protocol – ForTCPservicetobeactivated,connectionsmustbeexplicitly established between a socket at a sending host (src-host, src-port) and a socket at a receiving host (dest-host, dest-port) • Example: – 2sockets on port 80 © 2021 University of Melbourne 11 Features of TCP connections • TCP connections are: – Fullduplex-datainbothdirectionssimultaneously – Endtoend-exactpairsofsendersandreceivers – Bytestreams,notmessagestreams-messageboundariesarenot preserved – Buffercapable-TCPentitycanchoosetobufferpriortosendingor not depending on the context • PUSH flag - indicates a transmission is not to be delayed, and should interrupt the receiving application • URGENT flag - indicates that transmission should be sent immediately (priority above data in progress), and that the receiver should send it to the application out-of-band © 2021 University of Melbourne 12 TCP Properties • Data is exchanged between TCP entities in segments – eachhasa20–60byteheader,pluszeroormoredatabytes • TCP entities decide how large segments should be, given two constraints: – IPpayload<65,515byte – MaximumTransferUnit(MTU)-generally1500bytes • Sliding window protocol – Initialuse:reliabledatadeliverywithoutoverloadingthereceiver – Nowalsotiedcloselywithcongestioncontrol – Describednextweek © 2021 University of Melbourne 13 TCP – Header For sliding window © 2021 University of Melbourne 14 TCP – Important Headers Name Description Source port Sending port Destination port Receiving port Sequence Number If SYN=1: initial sequence number if SYN=0: is accumulated sequence number of the first data byte of this segment Acknowledgement number If ACK=1: next sequence number that the sender of the ACK is expecting Data offset Size of the TCP Header (20-60 bytes) Flags Single bit flags (SYN, ACK, RST, FIN, etc.) Window size Size of receive window – how much data the sender of this segment is willing to receive © 2021 University of Melbourne 15 Three-way handshake • Goals of reliable connection establishment: – Ensureone(andonlyone)connectionisestablished,evenifsome set-up packets get lost – Establishinitialsequencenumbersforslidingwindow • Three-way handshake: – Aproposedsolution,whichavoidsproblemsthatcanoccurwhen both sides allocate same sequence numbers by accident (e.g. after host/router crash) (cf. Tomlinson, 1975). – Senderandreceiversexchangeinformationaboutwhichsequencing strategy each will use, and agree on it before transmitting segments © 2021 University of Melbourne 16 Three-way handshake • Normal operation, • Simultaneous connection attempts. – Two simultaneous connection attempts results in only one connection (uniquely identified by end points). • At end, Host 1 and Host 2 have agreed on respective sequence numbers © 2021 University of Melbourne 18 Synchronisation • SYN is used for synchronization during connection establishment – SendingSYNorFINcausessequencenumbertobeincrementedby 1 • Sequence Number – first byte of this segments payload – Offsetbyarandomnumber–initialvalueisarbitrary,offsetwillbe reflected in both Sequence and Acknowledgement numbers • Acknowledgement Number – next byte the sender expects to receive – Bytesreceivedwithoutgaps–amissingsegmentwillstopthis incrementing, even if later segments have been received © 2021 University of Melbourne 19 Wireshark Example • Request for single image file: http://static.bbci.co.uk/weather/0.5.284/images/icons/indiv idual_56_icons/en_on_light_bg/1.gif, HTTP (connection:close) © 2021 University of Melbourne 20 Wireshark Example 104.83.244.56 © 2021 University of Melbourne 21 TCP Synchronization Recap • SYN bit is used to establish a connection – Connection request has SYN=1, ACK=0 – Connection reply has SYN=1, ACK=1 • SYN is used in both CONNECTION_REQUEST and CONNECTION_ACCEPTED, ACK bit distinguishes between the two • After connection setup: – Sequence Number –first byte of this segment payload (1 + data sent • Offset by a random number – initial value is arbitrary, offset will be reflected in both Sequence and Acknowledgement numbers – Acknowledgement Number – next byte the sender expects to receive (data successfully received + 1) • Bytes received without gaps – a missing segment will stop this incrementing, even if later segments have been received prior to this segment) © 2021 University of Melbourne 22 TCP Retransmission • Each segment sent has an associated retransmission timer (RTO) – Initialisedwithadefaultvalueandupdatedbasedonnetwork performance – IfthetimerexpiresbeforeanACKisreceivedthesegmentisresent • Receiver receives segment with a sequence number higher than expected (i.e. segment has been lost) – ReceiversendsACKwithsequencenumberitisexpecting(i.e.the next byte it expects – also implies data it has received) – Thisisaduplicateofthepreviouslysentacknowledgement (DupACK) – Afterreceiving3DupACKsthesenderresendsthelostsegment,this is known as fast retransmission © 2021 University of Melbourne 23 TCP Closing • The FIN flag is used to signify a request to close a connection • Each FIN is directional, once acknowledged no further data can be sent from the sender to the receiver – Data can continue to flow in the other direction – E.g. client could send FIN after making request, but before receiving the response – Sender of FIN will still retransmit unacknowledged segments • Typically requires 4 segments to close, 1 FIN and 1 ACK for each direction – Can be optimised: Host A send FIN request, Host B responds with ACK of Host A FIN request, and sends FIN request of its own, Host A send ACK of Host B’s FIN request and connection is closed © 2021 University of Melbourne 24 TCP Closing • The RST flag is used to signify a hard close of a connection – Basicallystatesthesenderisclosingtheconnectionandwillnot listen for any further messages – Sent in reply to a packet sent to a 5-tuple with no open connection • e.g., to invalid data being sent or a crashed process that left a remote socket open, that the OS is now cleaning up • Can be used to close a connection, but FIN is greatly preferred because it is an orderly shutdown of the connection, as opposed to a reset © 2021 University of Melbourne 25 And finally... • Google’s QUIC has shown that there is demand for a new transport protocol – Why is it only now being deployed? – Why does it run on top of UDP? • Although the transport layer is supposed to be “end to end”, there are many “middleboxes” that inspect and modify transport layer protocols – Firewalls, NAT (later lecture), intrusion detection systems, load balancers • These all accept TCP and UDP, but typically drop all other transport layer protocols. • Stream Control Transport Protocol is a carefully designed protocol that achieves many of the goals of QUIC, but it hasn’t been widely deployed because of these middleboxes. © 2021 University of Melbourne 26 (This time is final for sure...) • SYN Flooding – Popularattackinthe90’stodenialofserviceaserver – Rememberbacktothearbitrary(random)initialSequencenumber – ThisrequirestheservertorememberaninitialSequencenumber for each received SYN request – AnattackerwouldmakeinitialSYNrequeststhennotsendthe appropriate ACK, causing the server to gradually fill up its queue with sequence numbers for now defunct connections – OnesolutionwasSYNCookies • Rather than store the sequence number it is derived from connection information and a timer that creates a stateless SYN queue using cryptographic hashing • Incurs performance cost in validating SYN Cookies, but preferable to being unresponsive – typically only enabled when under attack © 2021 University of Melbourne 27