The document discusses the Transport layer protocols TCP and UDP. It describes TCP as a connection-oriented protocol that provides reliable, ordered delivery of streams of data through mechanisms like sequencing, acknowledgment, flow control and error checking. UDP is described as a simpler connectionless protocol that provides best-effort delivery without checking for errors or lost packets. The key concepts of ports, sockets, multiplexing and demultiplexing are also covered, as well as the header formats and functions of TCP and UDP.

1. The Transport Layer

2. What You'll Learn in This Hour
 Connections oriented and connectionless
protocols
 Ports and sockets
 TCP
 UDP

3. At the completion of this hour, you
will be able to
 Describe the basic duties of the Transport layer
 Explain the difference between a connection-oriented protocol and a
connectionless protocol
 Explain how Transport layer protocols provide an interface to network
applications through ports and sockets
 Describe the differences between TCP and UDP
 Identify the fields that make up the TCP header
 Describe how TCP opens and closes a connection
 Describe how TCP sequences and acknowledges data transmissions
 Identify the four fields that comprise the UDP header

4.  the Transport layer protocols to provide the
following:
– Interface for network applications
– A mechanism for multiplexing/demultiplexing
– Error checking, flow control, and verification
– Transport Control Protocol (TCP)
– User Datagram Protocol (UDP)

5. Transport Layer Concepts
 Connection-oriented and
connectionless protocols
 Ports and sockets
 Multiplexing

6. Connection-Oriented and Connectionless Protocols
Connection-Oriented
Connectionless-Oriented

7. Ports and Sockets
 A port is a predefined internal address that
serves as a pathway from the application to
the Transport layer or from the Transport
layer to the application.
 A socket is an address formed by
concatenating the IP address and the port
number. For instance, the socket number
111.121.131.141.21 refers to port 21 on the
computer with the IP address
111.121.131.141.

8. Port

9. Socket
1.1.1.11.1.1.2
Socket 1.1.1.2.2500
Socket 1.1.1.1.23

10. Well-Known Port
 A well-known port is a port number that is
assigned to a specific application by ICANN
 See more details in “Sams Teach Yourself
TCP/IP in 24 Hours, Third Edition”
 Or you can see in http://www.iss.net/
security_center/advice/
Exploits/Ports/default.htm

11. Multiplexing/Demultiplexing
 The socket addressing system enables TCP
and UDP to perform another important
Transport layer task: multiplexing and
demultiplexing

12. Multiplexing/Demultiplexing
 Multiplexing/demultiplexing enables the lower levels
of the TCP/IP stack to process data without regard to
which application initiated that data.
 All associations with the originating application are
settled at the Transport layer, and data passes to and
from the Internet layer in a single, application-
independent pipeline.
 The key to multiplexing and demultiplexing is the
socket address. Because the socket address
combines the IP number with the port number, it
provides a unique identifier for a specific application
on a specific machine.

13. Multiplexing/Demultiplexing

14. Multiplexing/Demultiplexing
 See the Telnet server depicted in previous page
 All client machines use the well-known port address
TCP 23 to contact the Telnet server, but the
destination socket for each of the connecting PCs is
unique.
 Likewise, all network applications running on the
Telnet server use the server's IP address, but only
the Telnet service uses the socket address,
consisting of the server's IP address plus TCP port
23.

15. TCP: The Connection-Oriented
Transport Protocol
 Stream-oriented processing— TCP processes data in a stream. In other words,
TCP can accept data a byte at a time rather than as a preformatted block. TCP f
ormats the data into variable-length segments, which it will pass to the Internet l
ayer.
 Resequencing— If data arrives at the destination out of order, the TCP module
is capable of resequencing the data to restore the original order.
 Flow control — TCP's flow control feature ensures that the data transmission
won't outrun or overrun the destination machine's capability to receive the data.
This is especially critical in a diverse environment in which there may be conside
rable variation of processor speeds and buffer sizes.
 Precedence and security— The Department of Defense specifications for TCP
call for optional security and priority levels that can be set for TCP connections.
Many TCP implementations, however, do not provide these security and priority
features.
 Graceful close— TCP is as careful about closing a connection as it is about
opening a connection. The graceful close feature ensures that all segments hav
e been sent and received before a connection is closed.

17. TCP Header Format
192 bits
24 Bytes

18. TCP Header
 Source Port (16-bit)— The port number assigned to the application on the
source machine.
 Destination Port (16-bit)— The port number assigned to the application on
the destination machine.
 Sequence Number (32-bit)—The sequence number of the first byte in this
particular segment, unless the SYN flag is set to 1. If the SYN flag is set to
1, the Sequence Number field provides the initial sequence number (ISN),
which is used to synchronize sequence numbers. If the SYN flag is set to 1,
the sequence number of the first octet is one greater than the number that a
ppears in this field (in other words, ISN+1).
 Acknowledgment Number (32-bit)— The acknowledgment number
acknowledges a received segment. The value is the next sequence number
the receiving computer is expecting to receive, in other words, the
sequence number of the last byte received +1.
 Data offset (4 bits) — A field that tells the receiving TCP software how long
the header is and, therefore, where the data begins. The data offset is
expressed as an integer number of 32-bit words.

19. TCP Header
 Reserved (6 bits)— Reserved for future use. The Reserved field
provides room to accommodate future developments of TCP and must
be all zeros
 Control flags (1 bit each)— The control flags communicate special
information about the segment.
– URG— A value of 1 announces that the segment is urgent and the Urgent Pointer field
is significant.
– ACK— A value of 1 announces that the Acknowledgment Number field is significant.
– PSH— A value of 1 tells the TCP software to push all the data sent so far through the
pipeline to the receiving application.
– RST— A value of 1 resets the connection.
– SYN— A value of 1 announces that sequence numbers will be synchronized, marking
the beginning of a connection. See the discussion of the three-way handshake, later in
this hour.
– FIN— A value of 1 signifies that the sending computer has no more data to transmit.
This flag is used to close a connection.

20. TCP Header
 Window (16-bit)— A parameter used for flow control. The window defines
the range of sequence numbers beyond the last acknowledged sequence n
umber that the sending machine is free to transmit without further acknowle
dgment.
 Checksum (16-bit)— A field used to check the integrity of the segment. A
receiving computer performs a checksum calculation based on the segment
and compares the value to the value stored in this field. TCP and UDP
include a pseudo-header with IP addressing information in the checksum
calculation. See the discussion of the UDP pseudo-header later in this
hour.
 Urgent Pointer (16-bit)— An offset pointer pointing to the sequence number
that marks the beginning of any urgent information.
 Options— Specifies one of a small set of optional settings.
 Padding— Extra zero bits (as needed) to ensure that the data begins on a
32-bit boundary.
 Data— The data being transmitted with the segment.

21. TCP Connection
 Passive open— A given application process notifies
TCP that it is prepared to receive incoming connectio
ns through a TCP port. Thus, the pathway from TCP t
o the application is opened in anticipation of an incom
ing connection request.
 Active open— An application requests that TCP
initiate a connection with another computer that is in
the passive open state. (Actually, TCP can also
initiate a connection to a computer that is in the
active open state, in case both computers are
attempting to open a connection at once.)

22. Establishing a Connection
 This synchronization of sequence numbers is called a three-way
handshake. The three-way handshake always occurs at the
beginning of a TCP connection. The three steps of a three-way
handshake are as follows:

23. Establishing a Connection

25. TCP Retransmission

26. TCP Flow Control
 The Window field in the TCP header provides a flow control mechanism
for the connection.
 The purpose of the Window field is to ensure that the sending computer
doesn't send too much data too quickly, which could lead to a situation
in which data is lost because the receiving computer can't process
incoming segments as quickly as the sending computer can transmit
them.
 The flow control method used by TCP is called the sliding window
method. The receiving computer uses the Window field (also known as
the buffer size field) to define a window of sequence numbers beyond
the last acknowledged sequence number that the sending computer is
authorized to transmit.
 The sending computer cannot transmit beyond that window until it
receives the next acknowledgment.

27. Sliding Window
Stop and Wait
Sliding Window

28. Closing a Connection
 When it is time to close the connection, the computer initiating
the close, Computer A, places a segment in the queue with the
FIN flag set to one.
 The application then enters what is called the fin-wait state. In
the fin-wait state, Computer A's TCP software continues to
receive segments and processes the segments already in the
queue, but no additional data is accepted from the application.
 When Computer B receives the FIN segment, it returns an
acknowledgment to the FIN, sends any remaining segments,
and notifies the local application that a FIN was received.
 Computer B sends a FIN segment to Computer A, which
Computer A acknowledges, and the connection is closed

29. Closing a Connection

30. Closing a Connection (Continue)

31. UDP: The Connectionless Transport
Protocol
 UDP is much simpler than TCP, and it doesn't
perform any of the functions listed in the preceding
section..
 First, although UDP is sometimes described as
having no error-checking capabilities, in fact, it is
capable of performing rudimentary error checking.
 Second, UDP does not offer the resequencing of data
provided by TCP.

32. UDP Header

33. UDP Header
 Source Port— This field occupies the first 16 bits of the UDP header.
This field typically holds the UDP port number of the application sendin
g this datagram.
 Destination Port— This 16-bit field holds the port address to which the
UDP software on the receiving machine will deliver this datagram.
 Length— This 16-bit field identifies the length in octets of the UDP
datagram. The length includes the UDP header as well as the UDP dat
a payload.
 Checksum— This 16-bit field is used to determine whether the
datagram was corrupted during transmission. The checksums
generated at the source and verified at the destination allow the client
application to determine if the datagram has been corrupted.