Kap. 2. Transport - Schicht

Similar documents

Transport Layer. Chapter 3.4. Think about

Chapter 11. User Datagram Protocol (UDP)

Computer Networks. Chapter 5 Transport Protocols

Ethernet. Ethernet. Network Devices

Transport Layer Protocols

ICOM : Computer Networks Chapter 6: The Transport Layer. By Dr Yi Qian Department of Electronic and Computer Engineering Fall 2006 UPRM

Chapter 5. Transport layer protocols

Overview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP

[Prof. Rupesh G Vaishnav] Page 1

TCP/IP Fundamentals. OSI Seven Layer Model & Seminar Outline

IP Network Layer. Datagram ID FLAG Fragment Offset. IP Datagrams. IP Addresses. IP Addresses. CSCE 515: Computer Network Programming TCP/IP

8.2 The Internet Protocol

IP address format: Dotted decimal notation:

Computer Networks UDP and TCP

Overview of TCP/IP. TCP/IP and Internet

First Workshop on Open Source and Internet Technology for Scientific Environment: with case studies from Environmental Monitoring

Internet Architecture and Philosophy

Network-Oriented Software Development. Course: CSc4360/CSc6360 Instructor: Dr. Beyah Sessions: M-W, 3:00 4:40pm Lecture 2

NETWORK LAYER/INTERNET PROTOCOLS

How do I get to

Mobile IP Network Layer Lesson 02 TCP/IP Suite and IP Protocol

Understanding TCP/IP. Introduction. What is an Architectural Model? APPENDIX

Objectives of Lecture. Network Architecture. Protocols. Contents

What is a DoS attack?

PART OF THE PICTURE: The TCP/IP Communications Architecture

How To Design A Layered Network In A Computer Network

IP - The Internet Protocol

Transport and Network Layer

TCP/IP and the Internet

Basic Networking Concepts. 1. Introduction 2. Protocols 3. Protocol Layers 4. Network Interconnection/Internet

Network Programming TDC 561

TCP Performance Management for Dummies

LESSON Networking Fundamentals. Understand TCP/IP

Lecture Computer Networks

Computer Networks/DV2 Lab

Question: 3 When using Application Intelligence, Server Time may be defined as.

Understanding Layer 2, 3, and 4 Protocols

CS155 - Firewalls. Simon Cooper <sc@sgi.com> CS155 Firewalls 22 May 2003

The Transport Layer. Antonio Carzaniga. October 24, Faculty of Informatics University of Lugano Antonio Carzaniga

IP Subnetting and Addressing

Solution of Exercise Sheet 5

q Connection establishment (if connection-oriented) q Data transfer q Connection release (if conn-oriented) q Addressing the transport user

B-2 Analyzing TCP/IP Networks with Wireshark. Ray Tompkins Founder of Gearbit

Networks: IP and TCP. Internet Protocol

Internet Protocols. Background CHAPTER

Chapter 3. TCP/IP Networks. 3.1 Internet Protocol version 4 (IPv4)

Interconnection of Heterogeneous Networks. Internetworking. Service model. Addressing Address mapping Automatic host configuration

Indian Institute of Technology Kharagpur. TCP/IP Part I. Prof Indranil Sengupta Computer Science and Engineering Indian Institute of Technology

Chapter 3: Review of Important Networking Concepts. Magda El Zarki Dept. of CS UC Irvine

Protocols. Packets. What's in an IP packet

Computer Networks/DV2 Lab

Access Control: Firewalls (1)

Network Layer: Network Layer and IP Protocol

Innominate mguard Version 6

DO NOT REPLICATE. Analyze IP. Given a Windows Server 2003 computer, you will use Network Monitor to view and analyze all the fields of IP.

Internetworking. Problem: There is more than one network (heterogeneity & scale)

Improved Digital Media Delivery with Telestream HyperLaunch

Networking Test 4 Study Guide

Firewall Implementation

RARP: Reverse Address Resolution Protocol

Guide to Network Defense and Countermeasures Third Edition. Chapter 2 TCP/IP

We will give some overview of firewalls. Figure 1 explains the position of a firewall. Figure 1: A Firewall

NetFlow/IPFIX Various Thoughts

Network layer" 1DT066! Distributed Information Systems!! Chapter 4" Network Layer!! goals: "

Network Layer IPv4. Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS. School of Computing, UNF

IP addressing and forwarding Network layer

2. IP Networks, IP Hosts and IP Ports

(Refer Slide Time: 02:17)

CS 5480/6480: Computer Networks Spring 2012 Homework 3 Due by 1:25 PM MT, Monday March 5 th 2012

Module 7 Internet And Internet Protocol Suite

Network Security TCP/IP Refresher

Introduction to TCP/IP

TCP/IP Networking for Wireless Systems. Integrated Communication Systems Group Ilmenau University of Technology

La couche transport dans l'internet (la suite TCP/IP)

The Internet. Internet Technologies and Applications

TCP/IP Networking Terms you ll need to understand: Techniques you ll need to master:

Guide to TCP/IP, Third Edition. Chapter 3: Data Link and Network Layer TCP/IP Protocols

Course Overview: Learn the essential skills needed to set up, configure, support, and troubleshoot your TCP/IP-based network.

High Performance VPN Solutions Over Satellite Networks

COMP 3331/9331: Computer Networks and Applications. Lab Exercise 3: TCP and UDP (Solutions)

Final for ECE374 05/06/13 Solution!!

Architecture and Performance of the Internet

User Datagram Protocol - Wikipedia, the free encyclopedia

Visualizations and Correlations in Troubleshooting

Internet Firewall CSIS Packet Filtering. Internet Firewall. Examples. Spring 2011 CSIS net15 1. Routers can implement packet filtering

CPS221 Lecture: Layered Network Architecture

Introduction to Cisco IOS Flexible NetFlow

Introduction to IP networking

2.1 Introduction. 2.2 Voice over IP (VoIP)

ITEC310 Computer Networks II

Address Resolution Protocol (ARP), Reverse ARP, Internet Protocol (IP)

CS 457 Lecture 19 Global Internet - BGP. Fall 2011

Protocols and Architecture. Protocol Architecture.

Lecture 15. IP address space managed by Internet Assigned Numbers Authority (IANA)

Transcription:

Kap. 2 Transport - Schicht

2-2

Transport-Schicht Transport-Schicht: bietet eine logische Kommunikation zw. Anwendungen TCP: - Verbindungsorientiert mittels 3-Way-Handshake - zuverlässiger Datentransport mittels Bestätigung - Multiplexen & Demultiplexen von Anwendungen mittels Port-Verwaltung UDP: - Verbindungslos - unzuverlässige Datenübertragung - Multiplexen + Demultiplexen von Anwendungen mittels Port-Verwaltung 2-3

Transport protocols for the TCP/IP protocol suite: Transmission Control Protocol (TCP) Provides a connection oriented service Converts the best-effort service provided by IP into a reliable service Example application: file transfers The transmitted information should be free of errors Messages are delivered in the sequence that they are submitted Example application: FTP, HTTP User Datagram Protocol (UDP) Provides a connectionless (best-effort) service Example application: SNMP Single request-response message exchange Identification of the higher layer protocol or application in the PDU header IP uses the protocol field to identify the protocol to which the contents of the datagram relate (e.g., TCP, UDP, ICMP) The transport protocol (TCP or UDP) use the port numbers in the PDU header to identify the application protocol to which the PDU contents relate Port numbers in a client-server communication Client host The port number of the source application protocol has only local significance A new port number is allocated for each new transfer request Client port numbers are called ephemeral ports since they are short-lived Allocated in the range 1,024 through 5,000 Server Port numbers are fixed: well-known port numbers Allocated in the range 1 through 1,023 Example: file transfer (application) protocol port number is 21 Since a server application receives requests from multiple clients, both the source port number and the source IP address are sent to the application protocol Both the application and transport layers are end-to-end 2-4

TCP provides two communicating peer application protocols (e.g., one in the client and one in the server) with a two-way, reliable stream service Data is submitted by each local application to the TCP protocol entity as a stream of bytes The stream of bytes flowing in each direction is transferred from one TCP entity to the other in a reliable way, i.e., no transmission errors, no lost or duplicate bytes 2-5

Verwendung von Ports in Client/Server Anwendungen Benutzer A und C : -> können die gleichen Portnr. verwenden um mit dem Server zu kommunizieren 2-6

TCP-Meldungs-Format Felder: Port Nr. Ziel/Quelle : 64.000 Ports möglich 1 1024 reservierte Ports Sequ. Nr. + ACK Nr: Bestätigung: z.b.: z. B.: 20, 21, 25, 80 etc.,... well-known Ports 1) Verbindungs-Auf/Abbau: SEQnr. = ACKnr. + 1 2) Datenübertragung SEQnr. = ACKnr. + LÄNGE in Bytes Header-Länge: Länge des TCP-Headers; Normalerweise = 20 Bytes 2-7

FLAGS: - URG = Markiert eine Meldung als dringend - PSH = Daten sollen sofort (auf Empfängerseite) weiter geleitet werden - RST, SYN, FIN = Verbindungs-Auf/Abbau - ACK = Bestätigung Fenstergröße: - dient der Flusskontrolle - # Bytes, die der Empfänger bereit ist, demnächst aufzunehmen 2-8

2-9

2-10

TCP-Protokollablauf Szenarien (1) Verbindungsaufbau: 3 x Way - Handashake 2-11

TCP-Protokollablauf-Szenarien (2) Datenübertragungs - Ablauf: SEQnr.= ACKnr. + # Bytes (Länge) 2-12

TCP-Protokollablauf-Szenarien (3) Fehlerkorrektur: Neuübertargung als Folge eines Fehlers (verlorene Bestätigung) 2-13

TCP-Protokollablauf-Szenarien (4) Fehlerbehandlung: Datenblock wird nicht erneut übertragen weil seine ACK vor dem Timeout ankommt 2-14

TCP-Protokollablauf-Szenarien (4) GO-BACK TO N Prinzip: Durch eine kumulative Bestätigung wird die Neuübertragung vermieden 2-15

TCP operation A logical connection is first established between the two TCP entities and the sequence numbers are initialized During the data transfer, each TCP entity divides the submitted stream of bytes into segments A segment may contain a single byte (e.g., a character from a terminal) or many bytes (e.g., file transfer) A maximum segment size (MSS) is agreed when the connection is set up in order to Minimize transmission errors Avoid fragmentation Default MSS is 536 bytes Flow control is used to ensure that no data is lost when a fast server is sending data to a slower host Congestion control is used to adjust the rate of entry of segments into the network to the rate at which segments are leaving Connection record: The TCP in the client may support multiple concurrent connections involving different user APs The TCP in the server may support multiple connections for different clients Data structure created for each new connection to associate received segments with the correct connection Contents: Connection identifier (pair of socket addresses), agreed MSS, the initial sequence number for each direction, the precedence value, and size of window 2-16

UDP-Protokoll: Nachrichten-Format und Funktionsweise Port Nr. Quelle / Ziel : ähnlich wie beim TCP Länge : Paketlänge Prüfsumme : 1er Kompl. der Summer aller 16 Bit Wörter im Segment Dienste von UDP: bekannt auch als Datagramm-Protokoll kein Verbindungsaufbau : keine Verzögerungen kein Verbindungszustand keine Bestätigung, d. h. keine Nummerierung der Meldungen geringer Overhead durch Packet-Header: 8 Bytes Unregulierte Sende-Rate: d.h. keine Überlast-Kontrolle Anwendungen basierend auf UDP: - DNS, SNMP, RIP, NF, Internet-Phone, Audio/Video-Streaming Principles of operation Each message submitted by the user AP is transferred directly in a single IP datagram There is no connection set up, no error or flow control The service provided to a user AP is an extension of the service provided by IP The service primitives and the protocol are simpler than those of TCP The source UDP Adds a short header to the message received from the user AP to form a UDP datagram Forwards the UDP datagram to the IP layer for transfer over the internet using, if necessary, fragmentation The destination IP and UDP 2-17

IP determines from the protocol field in the header that the destination protocol is UDP and passes IP datagram content to the UDP UDP determines the destination user AP from a field in UDP datagram header and transfers contents of datagram to that AP Maximum size of a UDP datagram: - Maximum theoretical size is 65,507 (65,535 for IP datagram 20 bytes in IP header 8 bytes in UDP header) - However, most implementations support only 8,192 bytes - If fragmentation is to be avoided, the size of each application PDU should be limited to the MTU for that path minus the IP and UDP headers 2-18

Sniffer Network Analyzer data from 11-Oct-102 at 09:30:48, unsaved capture data, Page 1 - - - - - - - - - - - - - - - - Frame 5 - - - - - - - - - - - - - - - - - SUMMARY: Delta T Destination Source Summary 5 0.0031 gigaserv.uni-.. [194.95.109.136) DLC Ethertype=0800, size=62 bytes IP D=[131.234.25.10] S=[194.95.109.136] LEN=28 ID=87 TCP D=21 S=1036 SYN SEQ=2392861514 LEN=0 WIN=16384 DLC: ----- DLC Header ----- DLC: DLC: Frame 5 arrived at 09:30:52.5536; frame size is 62 (003E hex) bytes. DLC: Destination = Station 00A08E30D27F DLC: Source = Station 00065B75C343, RFHPCI136 DLC: Ethertype = 0800 (IP) DLC: IP: ----- IP Header ----- IP: IP: Version = 4, header length = 20 bytes IP: Type of service = 00 IP: 000.... = routine IP:...0... = normal delay IP:... 0... = normal throughput IP:....0.. = normal reliability IP: Total length = 48 bytes IP: Identification = 87 IP: Flags = 4X IP:.1..... = don't fragment IP:..0.... = last fragment IP: Fragment offset = 0 bytes IP: Time to live = 128 seconds/hops IP: Protocol = 6 (TCP) IP: Header checksum = 2D95 (correct) IP: Source address = [194.95.109.136] IP: Destination address = [131.234.25.10], gigaserv.uni-paderborn.de IP: No options IP: TCP: ----- TCP header ----- TCP: TCP: Source port = 1036 TCP: Destination port = 21 (FTP) TCP: Initial sequence number = 2392861514 TCP: Data offset = 28 bytes TCP: Flags = 02 TCP:..0.... = (No urgent pointer) TCP:...0... = (No acknowledgment) TCP:... 0... = (No push) TCP:....0.. = (No reset) TCP:.....1. = SYN 2-19

TCP:......0 = (No FIN) TCP: Window = 16384 TCP: Checksum = B837 (correct) TCP: TCP: Options follow TCP: Maximum segment size = 1460 TCP: No-op TCP: No-op TCP: Unknown option 4 TCP: 1 byte(s) of header padding TCP: Sniffer Network Analyzer data from 11-Oct-102 at 09:30:48, unsaved capture data, Page 2 - - - - - - - - - - - - - - - - Frame 6 - - - - - - - - - - - - - - - - - Delta T Destination Source Summary 6 0.0243 [194.95.109.136 gigaserv.uni-.. DLC Ethertype=0800, size=62 bytes IP D=[194.95.109.136] S=[131.234.25.10] LEN=28 ID=37079 TCP D=1036 S=21 SYN ACK=2392861515 SEQ=3168076761 LEN=0 WIN=8760 DLC: ----- DLC Header ----- DLC: DLC: Frame 6 arrived at 09:30:52.5779; frame size is 62 (003E hex) bytes. DLC: Destination = Station 00065B75C343, RFHPCI136 DLC: Source = Station 00A08E30D27F DLC: Ethertype = 0800 (IP) DLC: IP: ----- IP Header ----- IP: IP: Version = 4, header length = 20 bytes IP: Type of service = 00 IP: 000.... = routine IP:...0... = normal delay IP:... 0... = normal throughput IP:....0.. = normal reliability IP: Total length = 48 bytes IP: Identification = 37079 IP: Flags = 4X IP:.1..... = don't fragment IP:..0.... = last fragment IP: Fragment offset = 0 bytes IP: Time to live = 246 seconds/hops IP: Protocol = 6 (TCP) IP: Header checksum = 2714 (correct) IP: Source address = [131.234.25.10], gigaserv.uni-paderborn.de IP: Destination address = [194.95.109.136] 2-20

IP: No options IP: TCP: ----- TCP header ----- TCP: TCP: Source port = 21 (FTP) TCP: Destination port = 1036 TCP: Initial sequence number = 3168076761 TCP: Acknowledgment number = 2392861515 TCP: Data offset = 28 bytes TCP: Flags = 12 TCP:..0.... = (No urgent pointer) TCP:...1... = Acknowledgment TCP:... 0... = (No push) TCP:....0.. = (No reset) TCP:.....1. = SYN TCP:......0 = (No FIN) TCP: Window = 8760 TCP: Checksum = 1540 (correct) TCP: TCP: Options follow TCP: No-op TCP: No-op TCP: Unknown option 4 TCP: 5 byte(s) of header padding TCP: Sniffer Network Analyzer data from 11-Oct-102 at 09:30:48, unsaved capture data, Page 3 - - - - - - - - - - - - - - - - Frame 7 - - - - - - - - - - - - - - - - - Delta T Destination Source Summary 7 0.0001 gigaserv.uni-.. [194.95.109.136 DLC Ethertype=0800, size=60 bytes IP D=[131.234.25.10] S=[194.95.109.136] LEN=20 ID=88 TCP D=21 S=1036 ACK=3168076762 WIN=17520 DLC: ----- DLC Header ----- DLC: DLC: Frame 7 arrived at 09:30:52.5780; frame size is 60 (003C hex) bytes. DLC: Destination = Station 00A08E30D27F DLC: Source = Station 00065B75C343, RFHPCI136 DLC: Ethertype = 0800 (IP) DLC: IP: ----- IP Header ----- IP: IP: Version = 4, header length = 20 bytes IP: Type of service = 00 IP: 000.... = routine IP:...0... = normal delay IP:... 0... = normal throughput 2-21

IP:....0.. = normal reliability IP: Total length = 40 bytes IP: Identification = 88 IP: Flags = 4X IP:.1..... = don't fragment IP:..0.... = last fragment IP: Fragment offset = 0 bytes IP: Time to live = 128 seconds/hops IP: Protocol = 6 (TCP) IP: Header checksum = 2D9C (correct) IP: Source address = [194.95.109.136] IP: Destination address = [131.234.25.10], gigaserv.uni-paderborn.de IP: No options IP: TCP: ----- TCP header ----- TCP: TCP: Source port = 1036 TCP: Destination port = 21 (FTP) TCP: Sequence number = 2392861515 TCP: Acknowledgment number = 3168076762 TCP: Data offset = 20 bytes TCP: Flags = 10 TCP:..0.... = (No urgent pointer) TCP:...1... = Acknowledgment TCP:... 0... = (No push) TCP:....0.. = (No reset) TCP:.....0. = (No SYN) TCP:......0 = (No FIN) TCP: Window = 17520 TCP: Checksum = 1FCC (correct) TCP: No TCP options TCP: 2-22

Sniffer Network Analyzer data from 11-Oct-102 at 09:30:48, unsaved capture data, Page 1 - - - - - - - - - - - - - - - - Frame 48 - - - - - - - - - - - - - - - - - Delta T Destination Source Summary 48 0.0012 gigaserv.uni-.. [194.95.109.1.. DLC Ethertype=0800, size=60 bytes IP D=[131.234.25.10] S=[194.95.109.136] LEN=20 ID=109 TCP D=21 S=1036 FIN ACK=3168079573 SEQ=2392861579 LEN=0 WIN=16822 DLC: ----- DLC Header ----- DLC: DLC: Frame 48 arrived at 09:31:02.9334; frame size is 60 (003C hex) bytes. DLC: Destination = Station 00A08E30D27F DLC: Source = Station 00065B75C343, RFHPCI136 DLC: Ethertype = 0800 (IP) DLC: IP: ----- IP Header ----- IP: IP: Version = 4, header length = 20 bytes IP: Type of service = 00 IP: 000.... = routine IP:...0... = normal delay IP:... 0... = normal throughput IP:....0.. = normal reliability IP: Total length = 40 bytes IP: Identification = 109 IP: Flags = 4X IP:.1..... = don't fragment IP:..0.... = last fragment IP: Fragment offset = 0 bytes IP: Time to live = 128 seconds/hops IP: Protocol = 6 (TCP) IP: Header checksum = 2D87 (correct) IP: Source address = [194.95.109.136] IP: Destination address = [131.234.25.10], gigaserv.uni-paderborn.de IP: No options IP: TCP: ----- TCP header ----- TCP: TCP: Source port = 1036 TCP: Destination port = 21 (FTP) TCP: Sequence number = 2392861579 TCP: Acknowledgment number = 3168079573 TCP: Data offset = 20 bytes 2-23

TCP: Flags = 11 TCP:..0.... = (No urgent pointer) TCP:...1... = Acknowledgment TCP:... 0... = (No push) TCP:....0.. = (No reset) TCP:.....0. = (No SYN) TCP:......1 = FIN TCP: Window = 16822 TCP: Checksum = 174A (correct) TCP: No TCP options TCP: Sniffer Network Analyzer data from 11-Oct-102 at 09:30:48, unsaved capture data, Page 2 - - - - - - - - - - - - - - - - Frame 49 - - - - - - - - - - - - - - - - - Delta T Destination Source Summary 49 0.0066 [194.95.109.1.. gigaserv.uni-.. DLC Ethertype=0800, size=60 bytes IP D=[194.95.109.136] S=[131.234.25.10] LEN=20 ID=37099 TCP D=1036 S=21 FIN ACK=2392861579 SEQ=3168079573 LEN=0 WIN=8760 DLC: ----- DLC Header ----- DLC: DLC: Frame 49 arrived at 09:31:02.9401; frame size is 60 (003C hex) bytes. DLC: Destination = Station 00065B75C343, RFHPCI136 DLC: Source = Station 00A08E30D27F DLC: Ethertype = 0800 (IP) DLC: IP: ----- IP Header ----- IP: IP: Version = 4, header length = 20 bytes IP: Type of service = 10 IP: 000.... = routine IP:...1... = low delay IP:... 0... = normal throughput IP:....0.. = normal reliability IP: Total length = 40 bytes IP: Identification = 37099 IP: Flags = 4X IP:.1..... = don't fragment IP:..0.... = last fragment IP: Fragment offset = 0 bytes IP: Time to live = 246 seconds/hops IP: Protocol = 6 (TCP) IP: Header checksum = 26F8 (correct) IP: Source address = [131.234.25.10], gigaserv.uni-paderborn.de IP: Destination address = [194.95.109.136] IP: No options IP: 2-24

TCP: ----- TCP header ----- TCP: TCP: Source port = 21 (FTP) TCP: Destination port = 1036 TCP: Sequence number = 3168079573 TCP: Acknowledgment number = 2392861579 TCP: Data offset = 20 bytes TCP: Flags = 11 TCP:..0.... = (No urgent pointer) TCP:...1... = Acknowledgment TCP:... 0... = (No push) TCP:....0.. = (No reset) TCP:.....0. = (No SYN) TCP:......1 = FIN TCP: Window = 8760 TCP: Checksum = 36C8 (correct) TCP: No TCP options TCP: 2-25