國立清華大學黃能富教授 TCP - 1 Transmission Control Protocol (TCP) All rights reserved. No part of this publication and file may be reproduced, stored in a retrieval

國立清華大學黃能富教授TCP - 1

Transmission Control Protocol (TCP)

All rights reserved. No part of this publication and file may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without prior written permission of Professor Nen-Fu Huang (E-mail: [email protected]).


Transmission Control Protocol (TCP) Services

The service provided by TCP is the reliable end-to-end transport of data between host processes.

MultiplexingConnection managementData transportSpecial capabilitiesError reporting


Multiplexing and Logical Connections

TCP

IP

NAP

Internet

Host AProcesses

TCP

IP

NAP

Host BProcesses

TCP

IP

NAP

Host C

Processes

1 2 ... k

1 2 ... m

1 2 ... n

NAP: Network Access Protocol

Ports

Ports

Ports


Connection Management

A logical connection is endowed with certain properties that endure for the lifetime of the connection.

A connection between two TCP users may be set up if:No connection between the two sockets

currently existsInternal TCP resources are sufficientBoth users has agrees to the connection


Data Transport

Full-duplex: both users may transmit any time

Timely: a timeout with submitted dataOrdered: TCP is stream orientedLabeled: all data transferred over the

connection carries the associates security and precedence levels

Flow controlled: prevent internal TCP congestion

Error controlled: TCP makes use of a simple checksum


Special Capabilities

TCP supports two special capabilities associated with the transfer of data over an established connection:Data stream push (Send, Receive)Urgent data signaling (Urgent data is incoming in

the data stream)Error reporting. Conditions in the internetw

ork environment for which TCP cannot compensate.


TCP Segment Format

Source Address

Destination Address

Zero Protocol Segment Length

TCP Header

Data ( 不固定長度)

4 6 1 1 1 1 1 1 16 位元Source port Destination port

Sequence numberAcknowledgment number

Dataoffset Rsvd

URG

ACK

P SH

RST

SYN

F IN

Window

Checksum Urgent pointer

Options + Padding

Data (不固定長度)

TCP 標頭格式

TCP 檢查碼涵蓋範圍


TCP Segment Format

SOURCE PORT (16 bits) : Identifies source port.DESTINATION PORT (16 bits) : Identifies

destination port.SEQUENCE NUMBER (32 bits) : Sequence

number of the first data octet in this segment, except when SYN is present. If SYN is present, it is the initial sequence number (ISN) and the first data octet is ISN+1.

ACKNOWLEDGMENT NUMBER (32 bits) : A piggybacked acknowledgment. Contains the sequence number of the next octet that the TCP entity expects to receive.


DATA OFFSET (4 bits) : Number of 32-bits words in the Header.

RESERVED (6 bits) : Reserved for future use Flags (6 bits) :

URG : Urgent pointer field significantACK : Acknowledgment field significantPHS : Push functionRST : Reset the connectionSYN : Synchronize the sequence numbersFIN : No more data from sender

TCP Segment Format


TCP Segment Format

WINDOW (16 bits) : Flow control credit allocation, in octets. Contains the number of data octets beginning with the one indicated in the acknowledgeable field that the receiver is willing to accept.

CHECKSUM (16 bits) : The one’s complement of the sum module 216-1 of all the 16-bit words in the segment plus a pseudoheader .

URGENT POINTER (16 bits) : Points to the octet following the urgent data. This allows the receiver to know how much urgent data are coming.

OPTIONS (Variable) : At present, only one option is defined, which specifies the maximum segment size that will be accepted.


Example of Using TCP And IP Service Primitives

Process

TCP

IP

NAP-1

ServiceResponse Primitives

ServiceRequest Primitives

Send Deliver

Primitives

InternetPackets

Process

TCP

IP

NAP-2

ServiceResponse Primitives

ServiceRequest Primitives

Send Deliver

Primitives

Packets

Host A Host B


編號通訊協定編號通訊協定5 Remote job entry 68 Bootstrap protocol client

7 Echo 69 Trivial File Transfer protocol

9 Discard 75 any private dial out service

11 Active users 77 any private RJE service

13 Daytime 79 Who is on system

15 Who is up ? 101 NIC Host name server

17 Quote of the day 102 ISO- TSAP

19 Character generator 103 X.400

20 FTP (Default data) 104 X.400-SND

21 FTP (Control) 105 CSNet name server

23 Telnet 109 Post Office protocol,V2

25 SMTP 113 Authentication service

37 Time 115 Simple File Transfer protocol

39 Resource Location

protocol

119 Network News Transfer

protocol

42 Host name server 123 Network Time protocol

43 NICNAME(Who is) 129 Password generator protocol

53 Domain name server 161 SNMP Agent port

67 Bootstrap protocol

server

162 SNMP Management Station

port

Reserved TCP Port Numbers


Connection Establishment

Connections can be opened in one of two modes:

Active

»With an active open, the user requests that TCP attempts to open a connection with a specified remote socket, at given precedence and security levels.

Passive

» In passive mode, a user has request TCP to listen an incoming connection request for the specified port.


Data Transfer

Once a connection has been established between two sockets, the two TCP users may exchange data.

A user sends data by means of the send primitive. Two flags can be used:

PUSH FLAG URGENT FLAG

The deliver primitive signals the user that data have arrived.

The allocate primitive is used by a TCP user to issue TCP an incremental allocation for receive data.


Connection Termination

A TCP user may terminate a connection in one of the two ways:

THE CLOSE PRIMITIVE THE ABORT PRIMITIVE

A CLOSE PRIMITIVE triggers the following sequence of events:The local TCP (where the Close was issued)

transmit any buffered send data and then signals the remote TCP that it is closing the connection.

The remote TCP delivers all outstanding receive data to its user and informs the user of the remote Close request by means of a closing primitive.



The remote user may send any pending data and then issued a Close primitive.

The remote TCP transmits any outstanding send data and signals the other TCP that it is ready to terminate the connection.

The local TCP delivers any outstanding data to the local user and then issues a Terminate primitive. It also signals the remote TCP that it has terminated the connection.

The remote TCP issues a Terminate primitive to its user.



TCP TCP

(1) Close (3) Closing + Close

(7) Terminate

(2)

(4)

(5)

(6)

(8) Terminate


State Machine Description

Closed

Active Open Send SYN

Listen SYN sent

Established

Close wait

FIN wait

Closed

Passive Open

Receive SYN/ Send SYNReceive SYN

Close

Close

Receive FINClose/Send FIN

Close/Send FIN

Receive FIN


Transmission Control Protocol (TCP)

Basic TCP operationOne difficulty that TCP faces is that

segments may arrive out of order. The sequence number is used in the TCP header.

A second difficulty is that TCP segments may be lost. The sequence numbers help with this difficulty as well.


Connection Establishment

The purpose of connection establishment is to set up a logical connection between two TCP users.

The connection serves two purposes:It specifies the characteristics to be used for

all data transfers on the connection, including precedence and security.

It enables each TCP entity to maintain state information concerning the connection, such as last sequence number used, last sequence number acknowledged, and last sequence number received.


The Robustness of The Protocol

The SYN segment functions both as a connection request and a connection acceptance.

If a SYN arrives while the requested user is closed. Three courses of action are possible:TCP could reject the connection by sending a reset

(RST) segment back to the other TCP.The request could be queued until a matching

open is issued by the user.The user could be notified of the pending request.The TCP specification indicates the first action.


Unreliable Network Service

Suppose that TCP entity A issues a SYN to TCP entity B. A expects to get a SYN back, confirming the connection. Two things can go wrong: A’s SYN can be lost or B’s answer

ing SYN can be lost. Both cases can be handled by use of a retransmit-SYN timer. If B’s response is lost, then B will receive two SYNs from A. If B’s response is delayed, then A will get two responding SYNs

. All of this means that A and B must simply ignore duplicate SYN

s once a connection is established. The duplication of data segments are possible.


The Two-Way Handshake: Problem with Obsolete Data Segments

One way of attacking this problem is to start each new connection with a different sequence number, far removed from the sequence number of the most recent connection.

The connection request is of the form SYN i. The data is sequence-numbered beginning with i+1.

工作站 A 工作站 B

SYN SYN N=0 建立連線 N=1 N=2 傳送資料結束連線 SYN

SYN N=0 建立新連線 N=1 N=2 接受過時之封包丟棄正確之封包


The Two-Way Handshake: Problem with Obsolete SYN Segments

A duplicate SYN i may survive past the termination of a connection.

The way out of the problem is for each side to acknowledge explicitly the other’s SYN and sequence number.

This procedure is known as a three-way handshake.A new state (SYN received) is added. In this state, the

transport entity hesitates during connection opening to assure that the SYN segments sent by the two sides have both been acknowledged before the connection is declared established.

A new control segment, RST, is used to reset the other side when an erroneous SYN is detected.


The Two-Way Handshake: Problem with Obsolete SYN Segments (cont.)

3

1

2B 收到由 A 產生但過時之連線要求。B 接受此要求並且回覆。同時 A 產生新的連線要求。B 收到新的連線要求，但誤認為重複要求而丟棄之。A 收到回覆，認定連線建立成功並開始傳送資料，B 認為 A 傳送之資料順序編號錯誤而丟棄之。

4


SYN i SYN k SYN j

N=k+1

1

2

3

4K+1 <> i + 1 ? Drop !!


Examples of Three-Way Handshake

(a) Normal Operation

3

1

2B 收到由 A 產生之連線要求。B 接受此要求並且回覆。A 收到正確回覆，認定連線建立成功，除回覆之外並開始傳送資料。


SYN i SYN j, ACK i+1

Data i+1,ACKj+1

1

2

3



SYN i SYN j, ACK i+1 RST,ACKj+1


3

1

2B 收到由 A 產生但過時之連線要求。B 接受此要求並且回覆。A 拒絕此回覆，連線失敗。

(b) Delayed SYN

1

2

3



3

1

2A 欲建立一連線。B 接受此要求並且回覆。A 收到由 B 產生但過時之回覆。A 拒絕此過時之回覆。A 收到正確回覆，認定連線建立成功，除回覆之外並開始傳送資料。


SYN k, ACK p SYN i SYN j, ACK i+1

RST,ACK k+1

Data i+1,ACK j+1

1

2

4

3

5

4

5

(c) Delayed SYN/ACK


Retransmission Strategy

Two events necessitate the retransmission of a segment:

The segment may be damaged in transit but nevertheless arrive at its destination.

The segment fails to arrive its destination.

A positive acknowledgment (ACK) can be used: The receiver must acknowledge successfully received segments.

A cumulative acknowledgment is permitted. Thus, an ACK n+1 means that the TCP has received all of the data up through sequence number n.


Retransmission Strategy

At what value should the timer be set?The Timer should be set at a value a bit

longer than the round trip delay (send segment, receive ACK).

This delay is variable even under constant network load.

The statistics of the delay will vary with changing network conditions.

A fixed timer value could be used, based on an understanding of the network’s typical behavior.


Retransmission Strategy (cont.)

A dynamic timer value could be used, based on the average of the observed delays. This value cannot be trusted because:

The peer entity may not acknowledge a segment immediately.

If a segment has been retransmitted, the sender cannot know whether the received ACK is a response to the initial transmission or the retransmission.

Network conditions may change suddenly.

The TCP standard suggests the use of a dynamic timer.


Duplicate Detection

If a segment is lost and then retransmitted, no confusion will result.

If an ACK is lost, one or more segments will be retransmitted and, if they arrive successfully, be duplicates of previously received segments.

There are two cases:A duplicate is received before the close of

the connection.A duplicate is received after the close of

the connection.


Duplicate Detection

The receiver must assume that its acknowledgment was lost, and therefore, must acknowledge the duplicate. Consequently, the sender must not get confused if it receives multiple ACKs to the same segment.

The sequence number space must be long enough so as not to cycle in less than the maximum possible segment lifetime.


Example of Incorrect Duplicate Detection

工作站 A 工作站 B N=0 N=1 N=2 N=0 ACK 3 N=1 ACK 3 N=3 ACK 4 N=4 ACK 5 N=5 ACK 6 N=6 ACK 7 N=7 ACK 0 N=0

TimeoutTimeout

Duplicate


How Big Must The Sequence Space Be?

TCP uses a 32-bit sequence-number (up to 232

different sequence numbers).A more subtle problem: If a new connection is set

up between the same sockets and the old segment reappears, it could be accepted on the new connection.

To prevent this, the uniqueness of sequence numbers must be preserved not only within a connection but across connections.

When a new connection is set up between the same pair of sockets, the initial SN is generated by incrementing the last SN used on the old connection.


How Big Must The Sequence Space Be? (cont.)

The procedure works fine unless a system crash occurs.

To cover this, TCP recommends the use of a combination of measures:Clock-based initial SN : When new

connections are made, an initial 32-bit sequence number (ISN) is generated using the value of a 32-bit clock.

Quite time : The TCP should refrain from emitting segments for a period of time equal to the maximum expected lifetime of a segment.


Flow Control

Allow a receiving TCP to regulate the rate at which data arrives from a sending TCP.

This mechanism is complicated by the transit delay between the two TCP entities and by the fact that segments may lost.

The rate of segment transmission should be retrained because a lack of receiver buffer space.

TCP makes use of a credit allocation scheme.


Flow Control

TCP entity acknowledges incoming data with a message of the form (ACK i, CREDIT j):All sequence numbers through i-1 are

acknowledged; the next expected sequence number is i.

Permission is granted to send data corresponding to sequence number i through i+j-1.

This mechanism is quite powerful. Consider that the last message issued by B was (ACK i, CREDIT j). Then:


Sending And Receiving Flow Control Perspectives

To increase or decrease credit to an amount k when no additional data has arrived, B can issue (ACK i, CREDIT k).

To acknowledge incoming data corresponding to m additional sequence numbers without increasing credit, B can issue (ACK i+m, CREDIT j-m).

The conservative approach to allow only new segment up to the limit of available buffer space. (see example)


Example of TCP Credit Allocation Protocol

1

23

0

4

7

5

6 1

23

0

4

7

5

6

1

23

0

4

7

5

6

1

23

0

4

5

67

N=4

1

23

0

4

7

5

6

1

23

0

4

5

67

1

23

0

4

5

67

1

23

0

4

7

5

6

1

23

0

4

7

5

6

傳送端 TCP A 接收端 TCP B

(b)

(c)

(e)

(f)

(g)

(i)

(a)

(d)

(h)

ACK 3

Credit = 5

ACK 0Credit = 7

N=3

N=1

N=0

N=2

N=6

N=5

N=7


Sending And Receiving Flow Control Perspectives (cont.)

A conservative flow control scheme may limit the throughput of a TCP connection in long-delay situations. The receiver should potentially increase throughput by optimistically granting credit for space it does not have.

One problem with the ACK/CREDIT approach is that segment may arrive out of order; included segments with credit allocation.

To avoid this problem, the standard strongly recommends that windows are not reduced.

A second problem to consider is that an ACK/CREDIT segment may be lost. Future acknowledgment will resynchronize the protocol.


Examples of Flow Control with Non-sequenced Network ServiceTCP A TCP B

N=0 N=1

N=2 ACK 2, Credit = 6 first, and then change as N=3 ACK 2, Credit = 4 N=4 N=5


Deadlock Problem

B sends (ACK n, CREDIT 0), temporarily closing the window.

Subsequently, B sends (ACK N, CREDIT M), but this segment is lost.

A is waiting the opportunity to send data and B thinks that it has granted that opportunity.

A window timer can be used.This timer is reset with each outgoing

ACK/CREDIT segment. If the timer expires, the protocol entity is

required to send an ACK/CREDIT segment, even if it duplicates a previous one.



The side that initiates the termination procedure:In response to a user’s close primitive, a

FIN segment is sent to request termination.Having sent the FIN, the TCP entity places

the connection in the FIN wait state. In this state, TCP must continue to accept data from the other side and deliver that data to its user.

When a FIN is received in response, TCP informs its user and closes the connection.



The side that does not initiate a termination:When a FIN segment is received, TCP

informs its user of the termination request (Close primitive) and places the connection in the close wait state.

When the user issues a close primitive, TCP sends a responding FIN segment and closes the connection.


Connection Termination (cont.)

Segment may arrive out of order.The potential loss of segments and

presence of obsolete segmentsFor graceful close, a TCP entity requires:

It must send a FIN i and receive an ACK i

It must receive a FIN j and send an ACK j

It must wait an interval equal to the twice the maximum expected segment lifetime.


Crash Recovery

When the system upon which a TCP entity is running fails and subsequently restarts, the state information of all active connections is lost. (half-open).

The still active side of a half-open connection can close the connection using a give-up timer.

Half-open connections can be terminated more quickly by the use of the RST segment. The failed side returns a RST segment to every segment that it receives.


Implementation Policy Options

Send policyConstruct a segment for each batch of data.Wait until a certain amount of data accumulated.

Delivery policyDeliver data as each in-order segment is received.Buffer data from a number of segments before

delivery.

Accept policyAccept only segments that are in order.Accept all segments that are within the receive

window.


Implementation Policy Options

Retransmission policyFirst_only: one retransmission timer for the

entire queue.Batch: one retransmission timer for the entire

queue.Individual: maintain one timer for each

segment in the queue.Acknowledge policy

Automatic ACK: an empty segment containing current acknowledgment information.

Timed ACK: piggyback or timeout.

Documents

國立清華大學黃能富教授 TCP - 1 Transmission Control Protocol (TCP) All rights reserved. No part of this publication and file may be reproduced, stored in a retrieval