User Datagram Protocol (UDP)

5.1 INTRODUCTION

 UDP is a connectionless, unreliable transport protocol.

 UDP uses port numbers to create a process-to-process communication. UDP does not provide flow control
mechanism and acknowledgment for received packets. UDP does provide error control mechanism, if
UDP detects an error in the received packet, it silently drops it.

5.2 USER DATAGRAM

 UDP packets are called as user datagrams, and each datagram have a 8 bytes of fixed-size header.

❑ Source port number. This 16 bit field has the port number of the process running on the source host.
❑ Destination port number. This 16 bit field has the port number of the process running on the destination
host.
❑ Length. This is a 16-bit field defines total length of the user datagram, header plus data, from 0 to 65,535
bytes. A user datagram is encapsulated in an IP datagram. There is a field in the IP datagram that defines the
total length. There is another field in the IP datagram that defines the length of the header. So if we subtract
the value of the second field from the first, we can find the length of the UDP datagram that is encapsulated in
an IP datagram.
UDP length = IP length - IP header’s length
❑ Checksum. This field is used to detect errors over the entire user datagram (header plus data).

5.3 UDP SERVICES

Process-to-Process Communication

 UDP provides process-to-process communication by using a combination of IP addresses and port

numbers.
Connectionless Services

 UDP provides a connectionless service; there is no connection establishment and no connection

termination. Each datagram can travel individually on a different path.

Flow Control

 UDP does not provide flow control.

Error Control

 There is no error control mechanism in UDP except for the checksum. So the sender does not know if
a message has been lost or duplicated. When the receiver detects an error through the checksum, the
user datagram is discarded.

Congestion Control

 Since UDP is a connectionless protocol, it does not provide congestion control.

Encapsulation and Decapsulation

 To send a message from one process to another, the UDP protocol encapsulates and decapsulates messages.
Encapsulation

 When a process has a message to send, it passes the message to UDP along with a pair of socket
addresses and the length of data.
 UDP receives the data and adds the UDP header. UDP then passes the user datagram to IP with the
socket addresses.
 IP adds its own header. The IP datagram is then passed to the data link layer.
 The data link layer receives the IP datagram, adds its own header (and possibly a trailer), and passes it
to the physical layer.
 The physical layer encodes the bits into electrical or optical signals and sends it to the remote machine.

Decapsulation

 When the message arrives at the destination host, the physical layer decodes the signals into bits and
passes it to the data link layer.
 The data link layer uses the header (and the trailer) to check the data. If there is no error, the header
and trailer are dropped and the datagram is passed to IP.
 The IP checks the data. If there is no error, the header is dropped and the user datagram is passed to
UDP with the sender and receiver IP addresses.
 UDP uses the checksum to check the entire user datagram. If there is no error, the header is dropped
and the application data along with the sender socket address is passed to the process.
 The sender socket address is passed to the process in case it needs to respond to the message received.

Queuing

 If a process wants to communicate with multiple processes, it obtains only one port number and one
outgoing and one incoming Queue.
 The queues function as long as the process is running. When the process terminates, the queues are
destroyed. The client process can send messages to the outgoing queue. UDP adds the header and delivers
them to IP.
  If the overflow can occur, the operating system can ask the client process to wait before sending any
more messages.
 When a message arrives for a client, UDP checks to see if an incoming queue has been created for the
port number.
 If there is such a queue, UDP sends the received user datagram to the queue. If there is no such queue,
UDP discards the user datagram and asks the ICMP protocol to send a port unreachable UDP message
to the server.
 At the server site, when a message arrives for a server, UDP checks to see if an incoming queue has
been created for the port number specified in the destination port number field of the user datagram. If
there is such a queue, UDP sends the received user datagram to the end of the queue.
 If there is no such queue, UDP discards the user datagram and asks the ICMP protocol to send a port
unreachable message to the client.
 When a server wants to respond to a client, it sends messages to the outgoing queue using the source
port number specified in the request. UDP adds the header and delivers them to IP.
 If an outgoing queues can overflow. The operating system asks the server to wait before sending any
more messages.

Multiplexing and Demultiplexing

Multiplexing
 At the sender site, there are several processes that need to send user datagrams. However, there is only
one UDP. This is a many-to-one relationship and requires multiplexing.
 UDP accepts messages from different processes, differentiated by their assigned port numbers. After
adding the header, UDP passes the user datagram to IP.

Demultiplexing
 At the receiver site, there is only one UDP. There are many processes that can receive user datagrams.
This is a one-to-many relationship and requires demultiplexing.
 UDP receives user datagrams from IP. After error checking and dropping of the header, UDP delivers
each message to the appropriate process based on the port numbers.
5.6 UDP PACKAGE

 UDP package involves five components: a control-block table, input queues, a control-block module, an
input module, and an output module.

Control-Block Table

 UDP has a control-block table to keep track of the open ports. Each entry in this table has a minimum of four
fields: the state, which can be FREE or IN-USE, the process ID, the port number, and the corresponding queue
number.

Input Queues

 UDP package uses a set of input queues, one for each process.

Control-Block Module

 The control-block module is responsible for the management of the control-block table. When a
process starts, it asks for a port number from the operating system.
  The operating system assigns port numbers to servers and clients. The process passes the process ID
and the port number to the control-block module to create an entry in the table for the process.

Input Module

 The input module receives a user datagram from the IP. It searches the control-block table to find an
entry having the same port number as this user datagram.
 If the entry is found, the module uses the information in the entry to transmit the data. If the entry is
not found, it generates an ICMP message.

Output Module

 The output module is responsible for creating and sending user datagrams.

Transmission Control Protocol (TCP)

5.7 TCP SERVICES

Process-to-Process Communication

 TCP provides process-to-process communication using port numbers

Stream Delivery Service

 TCP allows the sending process to deliver data as a stream of bytes and allows the receiving process to
obtain data as a stream of bytes.

Sending and Receiving Buffers

  Because the sending and the receiving processes may not send or receive data at the same rate, T CP
needs buffers for storage. There are two buffers, the sending buffer and the receiving buffer, one for each
direction.

 At the sender, the white section contains empty slots that can be filled by the sending process.
 The colored area holds bytes that have been sent but not yet acknowledged. The TCP sender keeps
these bytes in the buffer until it receives an acknowledgment.
 The shaded area contains bytes to be sent by the sending TCP.
 Until the bytes sending from shaded area and receiving acknowledgements for the sent bytes, the
sending process does not send any new bytes. This leads congestion control.
 At the receiver, the circular buffer is divided into two areas. The white area contains empty slots to be
filled by bytes received from the sender.
 The colored sections contain received bytes. The received bytes can be read by the receiver process
and acknowledgement is sent to the sender after removing the byte from buffer.

Segments

 The IP layer may send data in packets, not as a stream of bytes. The TCP groups a number of bytes
into a packet called a segment.
 TCP adds a header to each segment and delivers the segment to the IP layer for transmission. The segments
are no need to have the same size.

Full-Duplex Communication

 TCP offers full-duplex service, where data can flow in both directions at the same time.
Multiplexing and Demultiplexing

 TCP performs multiplexing at the sender and demultiplexing at the receiver.

Connection-Oriented Service

 When a process wants to send to and receive data from another process, the following three phases
occur:
1. The two TCPs establish a virtual connection between them.
2. Data are exchanged in both directions.
3. The connection is terminated.

Reliable Service

 TCP is a reliable transport protocol. It uses an acknowledgment mechanism to check the successful
reception of data.

Flow Control

 TCP provides flow control. The sending TCP controls how much data can be accepted by the receiving
process; the receiving TCP controls how much data can to be sent by the sending TCP. This is done to
prevent the slower receiver from faster sender.

Error Control

 To provide reliable service, TCP implements an error control mechanism.

Congestion Control

 TCP can control congestion in the network. The amount of data sent by a sender is not only controlled
by the receiver (flow control), but is also determine the level of congestion in the network.

TCP SEGMENT (Header Format)

❑ Source port address. This is a 16-bit field that defines the port number of the application program that
send segment at sender site.
❑ Destination port address. This is a 16-bit field that defines the port number of the application program
that receive segment at receiver site.
❑ Sequence number. This 32-bit field defines the number assigned to the first byte of data in this segment.
❑ Acknowledgment number. This 32-bit field defines the byte number that the receiver is expecting to
receive from the sender. If the receiver of the segment has successfully received byte number x from the
sender, it returns x+ 1 as the acknowledgment number.
❑ Header length. This 4-bit field indicates the total length of the TCP header. The length of the header can
be between 20 and 60 bytes.
❑ Reserved. This is a 6-bit field reserved for future use.
❑ Control. This field defines 6 different control bits or flags. These bits enable flow control, connection
establishment and termination, connection reset, and the mode of data transfer in TCP.

Control Field

❑ Window size. This field defines the window size of the sending TCP in bytes.
❑ Checksum. This 16-bit field contains the checksum. The calculation of the checksum for TCP follows the
same procedure as the UDP. the use of the checksum in the UDP datagram is optional, whereas the use of the
checksum for TCP is mandatory.
❑ Urgent pointer. This 16-bit field, which is valid only if the urgent flag is set, is used when the segment
contains urgent data.
❑ Options. The 40 bytes of optional information used in the TCP header.

5.10 A TCP CONNECTION

 TCP is a connection-oriented transport protocol that establishes a virtual path between the source and
destination. In TCP, connection-oriented transmission requires three phases: connection establishment,
data transfer, and connection termination.

Connection Establishment
 Each party must initialize communication and get approval from the other party before any data are
transferred.

Three-Way Handshaking

 The connection establishment in TCP is called three-way handshaking.

 When the server is ready to accept a connection from the clients it sends a request is called passive
open over the network.
 A client that wishes to connect to a server that issues a request called an active open. TCP can now start
the three-way handshaking process.

1. The client sends the first segment, a SYN segment, in which only the SYN flag is set. The client
chooses a random number as the first sequence number and sends this number to the server. This
sequence number is called the initial sequence number (ISN). When the data transfer starts, the ISN is
incremented by 1.
2. The server sends the second segment with two flag bits set: SYN and ACK. The server uses this
segment to initialize a sequence number from the server to the client. The server also acknowledges
the receipt of the SYN segment from the client by setting the ACK flag and acknowledgment number
field. It also define the receive window size, rwnd.
 3. The client sends the third segment that is ACK segment. It acknowledges the receipt of the second
segment with the ACK flag and acknowledgment number field. The client also define the server
window size.

SYN Flooding Attack

 When one or more malicious attackers send a large number of SYN segments to a server by using fake
IP addresses in the datagrams, the server allocates the necessary resources. The TCP server then sends
the SYN + ACK segments to the fake clients.
 If the number of SYN segments is large during the short period of time, the server may be unable to
accept connection requests from valid clients. This is called SYN flooding attack.
 To prevent this type of attacks, the server can verify the connection request coming from a valid IP
address by using cookie mechanism.

Data Transfer

 After connection is established, the client and server can send data and acknowledgments in both
directions.
Example:
 After a connection is established, the client sends 2,000 bytes of data in two segments. The server then
sends 2,000 bytes in one segment. The client sends one more segment.
 The first three segments carry both data and acknowledgment, but the last segment carries only an
acknowledgment because there is no more data to be sent. Each segment has the sequence number and
acknowledgement number.
 The data segments sent by the client are set by PSH (push) flag so that the server TCP tries to deliver data to
the server process. The segment from the server does not set the push flag.
Pushing Data
 The application program at the sender can request a push operation, and create a segment and send it
immediately and not wait for the window to be filled. The sending TCP must also set the push bit
(PSH).

Urgent Data
 If an application program needs to send urgent bytes, send a segment with the URG bit set. The
sending application program tells the sending TCP that the piece of data is urgent.
 The sending TCP creates a segment and inserts the urgent data at the beginning of the segment.
 When the receiving TCP receives a segment with the URG bit set, it informs the receiving
application about the situation.

Connection Termination

Three-Way Handshaking
1. After a client process sending a close command to the client TCP, TCP sends the FIN segment in
which the FIN flag is set.
2. After receiving the FIN segment the server TCP sends the second segment, a FIN+ACK segment, to
confirm the receipt of the FIN segment from the client and to announce the closing of the connection.
This segment can also contain the last segment from the server.
3. The client TCP sends the last segment that is an ACK segment, to confirm the receipt of the FIN segment
from the TCP server. This segment contains the acknowledgment number. This segment cannot carry data
and has no sequence numbers.