OSILayer4:

TransportLayerOSILayer4:TransportLayerAnoverviewoflayer4

TCP(TransmissionControlProtocol)UDP(UserDatagramProtocol)Anapplication:NATandPATLayer4performsmultiplefunctions:segmentingupper-layerapplicationdataestablishingend-to-endoperationssendingsegmentsfromoneendhosttoanotherFlowcontrolandreliabilitycanbecomparedtotalkingtoaforeigner.Oftenyouwouldasktheforeignertorepeathis/herwords(reliability)andtospeakslowly(flowcontrol)OSILayer4:TransportLayer

TwoparticularlyimportantLayer4protocols:

TransmissionControlProtocol(TCP)UserDatagramProtocol(UDP)Layer4:TheTransportLayerDivideoutgoingmessagesintosegmentsReassemblemessagesatthedestinationstationTCP:reliableConnection-orientedSoftwarecheckingforsegmentRe-sendanythinglostorerrorUsesacknowledgmentsProvidesflowcontrolUDP:

unreliable

connectionless

providesnosoftwarecheckingforsegmentusesnoacknowledgmentsprovidesnoflowcontrolLayer4:TheTransportLayerBothTCPandUDPuseport

tokeeptrackofdifferentconversationsthatcrossthenetworkatthesametimeApplicationsoftwaredevelopershaveagreedtousethewell-knownportnumbersthataredefinedinRFC1700

Portnumbersbelow255arereservedforTCPandUDPpublicapplications.ServiceModelSocketispresentedas(IP_address,port)Everyconnectionisexpressedas(socketsource,socketdestination),whichisapoint-to-pointfull-duplexchannelDoesnotsupportmulticastandbroadcastSocketLayer4:TheTransportLayerAnoverviewoflayer4TCP(TransmissionControlProtocol)UDP(UserDatagramProtocol)Anapplication:NATandPATTCPServiceModelProblemsmustbesolvedinTCP:ReliabletransferFlowcontrolSlidingwindowcongestionavoidance…ConnectionmanagementEstablishconnection：threehandshakesReleaseconnection：fourhandshakesTCP首部20字節固定首部目的端口數據偏移檢驗和選項（長度可變）源端口序號緊急指針窗口確認號保留FINSYNRSTPSHACKURG位08162431填充源端口和目的端口字段——各占2字節端口是運輸層與應用層的服務接口運輸層的復用和分用功能都要通過端口才能實現TCP首部20字節固定首部目的端口數據偏移檢驗和選項（長度可變）源端口序號緊急指針窗口確認號保留FINSYNRSTPSHACKURG位08162431填充序號字段——占4字節TCP傳送的數據流中的每一個字節都編上一個序號序號字段的值指本報文段所發送的數據的第一個字節的序號TCP首部20字節固定首部目的端口數據偏移檢驗和選項（長度可變）源端口序號緊急指針窗口確認號保留FINSYNRSTPSHACKURG位08162431填充確認號字段——占4字節，是期望收到對方的下一個報文段的數據的第一個字節的序號TCP首部20字節固定首部目的端口數據偏移檢驗和選項（長度可變）源端口序號緊急指針窗口確認號保留FINSYNRSTPSHACKURG位08162431填充數據偏移（即首部長度）——占4位指出TCP報文段的數據起始處距TCP報文段的起始處的長度單位是32位字（以4字節為計算單位）TCP首部20字節固定首部目的端口數據偏移檢驗和選項（長度可變）源端口序號緊急指針窗口確認號保留FINSYNRSTPSHACKURG位08162431填充保留字段——占6位，保留為今后使用，目前置0TCP首部20字節固定首部目的端口數據偏移檢驗和選項（長度可變）源端口序號緊急指針窗口確認號保留FINSYNRSTPSHACKURG位08162431填充緊急URG1時，表明緊急指針字段有效告訴系統此報文段中有緊急數據，應盡快傳送(相當于高優先級的數據)

TCP首部20字節固定首部目的端口數據偏移檢驗和選項（長度可變）源端口序號緊急指針窗口確認號保留FINSYNRSTPSHACKURG位08162431填充ACK1時確認號字段有效ACK0時確認號字段無效TCP首部20字節固定首部目的端口數據偏移檢驗和選項（長度可變）源端口序號緊急指針窗口確認號保留FINSYNRSTPSHACKURG位08162431填充推送PSH(PuSH)——接收TCP收到PSH=1的報文段，就盡快地交付接收應用進程，而不再等到整個緩存都填滿了后再向上交付TCP首部20字節固定首部目的端口數據偏移檢驗和選項（長度可變）源端口序號緊急指針窗口確認號保留FINSYNRSTPSHACKURG位08162431填充復位RST(ReSeT1時，表明TCP連接中出現嚴重差錯（如由于主機崩潰或其他原因），必須釋放連接，然后再重新建立運輸連接TCP首部20字節固定首部目的端口數據偏移檢驗和選項（長度可變）源端口序號緊急指針窗口確認號保留FINSYNRSTPSHACKURG位08162431填充同步SYN=1表示這是一個連接請求或連接接受報文TCP首部20字節固定首部目的端口數據偏移檢驗和選項（長度可變）源端口序號緊急指針窗口確認號保留FINSYNRSTPSHACKURG位08162431填充終止FIN(FINis)——用來釋放一個連接。FIN1表明此報文段的發送端的數據已發送完畢，并要求釋放運輸連接。TCP首部20字節固定首部目的端口數據偏移檢驗和選項（長度可變）源端口序號緊急指針窗口確認號保留FINSYNRSTPSHACKURG位08162431填充窗口字段——占2字節，用來讓對方設置發送窗口的依據，單位為字節。TCP首部20字節固定首部目的端口數據偏移檢驗和選項（長度可變）源端口序號緊急指針窗口確認號保留FINSYNRSTPSHACKURG位08162431填充檢驗和——占2字節。檢驗和字段檢驗的范圍包括首部和數據這兩部分TCP首部20字節固定首部目的端口數據偏移檢驗和選項（長度可變）源端口序號緊急指針窗口確認號保留FINSYNRSTPSHACKURG位08162431填充緊急指針字段——占16位，指出在本報文段中緊急數據共有多少個字節（緊急數據放在本報文段數據的最前面）

TCP首部20字節固定首部目的端口數據偏移檢驗和選項（長度可變）源端口序號緊急指針窗口確認號保留FINSYNRSTPSHACKURG比特08162431填充TCP最初只有一種選項，即最大報文段長度MSS(MaximumSegmentSize)MSS告訴對方緩存所能接收的報文段的數據字段的最大長度是MSS個字節數據字段加上TCP首部才等于整個的TCP報文段。TCP首部20字節固定首部目的端口數據偏移檢驗和選項（長度可變）源端口序號緊急指針窗口確認號保留FINSYNRSTPSHACKURG位08162431填充填充字段——這是為了使整個首部長度是4字節的整數倍。TCPProtocolHostsexchangedatabyusingsegment(TPDU)Eachsegmenthas:aheaderof20bytes(exceptoptionalparts)

0ormoredatabytesThesizeofthesegmentmustbematchedwithIPpackets,andalsomustsatisfythedemandofbottomlayersForexample,theMTU(MaximalTransferUnit)ofEthernetis1500bytesEachbytehasa32bitssequencenumberReliableConnection?

Two-armyProblem

TCP:EstablishConnectionSYN=1,seq=xClosedClosedActiveopenPassiveopenABClientServerTheFirstHandshakeServer:executesLISTEN

andACCEPTprimitive,andmonitorspassivelyClient:executesCONNECTprimitive,generateaTCPsegmentwithSYN=1andACK=0,whichstandsforconnectionrequestSYN=1,seq=xSYN=1,ACK=1,seq=y,ack=x1TheSecondHandshakeServerchecksifexistsserviceprocessmonitoringtheportIfnoneprocess,answeraTCPsegmentwithRST=1Ifexistsprocess,decidestorejectortoaccepttherequestIfaccepttheconnectionrequest,sendasegmentwithSYN=1andACK=1ClosedClosedActiveopenPassiveopenABClientServer

TCP:EstablishConnectionSYN=1,seq=xACK=1,seq=x+1,ack=y1SYN=1,ACK=1,seq=y,ack=x1TheThirdHandshakeTheclientsendsasegmentwithSYN=0andACK=1

toacknowledgetheconnectionClosedClosedActiveopenPassiveopenABClientServer

TCP:EstablishConnectionSYN=1,seq=xACK=1,seq=x+1,ack=y1DataTransferSYN=1,ACK=1,seq=y,ack=x1Whentheserverreceivestheacknowledgement,itinformstheupperlayerapplications

TCP:EstablishConnectionClosedClosedActiveopenPassiveopenABClientServerSYN-SENTESTAB-LISHEDSYN-RCVDLISTENESTAB-LISHEDSYN=1,seq=xACK=1,seq=x+1,ack=y1DataTransferSYN=1,ACK=1,seq=y,ack=x1

TCP:EstablishConnectionClosedClosedActiveopenPassiveopenABClientServerExample:EstablishConnection

TCPATCPB1.CLOSEDLISTEN2.SYN-SENT--><SEQ=100><CTL=SYN>-->SYN-RECEIVED3.ESTABLISHED<--<SEQ=300><ACK=101><CTL=SYN,ACK><--SYN-RECEIVED4.ESTABLISHED--><SEQ=101><ACK=301><CTL=ACK>-->ESTABLISHED5.ESTABLISHED--><SEQ=101><ACK=301><CTL=ACK><DATA>-->ESTABLISHEDBasic3-WayHandshakeforConnectionSynchronizationNotethattheACKdoesnotoccupysequencenumberspace(ifitdid,wewouldwindupACKingACK's!)Datatransfer

——stop-and-waitprotocol(a)NoerrorASend

M1ACK

M1BSend

M2Send

M3ACKM2ACK

M3ASend

M1BResend

M1Send

M2ACK

M1Disposethesegment(b)OutoftimettttDatatransfer

——stop-and-waitprotocolAftersendingasegment,preserveabackuptemporarilyEachsegmentandACKmusthaveIDTheresend-timemustbemorethanaverage-travel-time*2stop-and-waitprotocolisasimpleprotocol,buthaspoorefficiencyDatatransfer

——LostACKandLateACKASend

M1BOutoftimeResendM1SendM2DisposetherepeatedM1andresendACKM2(a)LostACKACK

M1ASend

M1BOutoftimeResendM1Send

M2DisposetherepeatedM1andresendACKM1(b)LateACKACKM1ReceivethelateACKanddonothingttttReliableCommunicationARQ(AutomaticRepeatreQuest)。Itmeansthe‘resendrequest’isautomaticallysentandthereceiverneednotrequestthesendertoresendtheerrorsegmentContiguousARQProtocol123456789101112(a)發送方維持發送窗口（發送窗口是5）發送窗口(b)收到一個確認后發送窗口向前滑動向前123456789101112發送窗口SegmentttACKFIN=1,seq=uESTAB-LISHEDCLOSEDDataTransferESTAB-LISHEDTCP:ReleaseConnectionActiveClosePassiveCloseABClientServerFIN=1,seq=uACK=1,seq=v,ack=u1ESTAB-LISHEDDataTransferESTAB-LISHEDActiveCloseInformUpperLayerABClientServerTCP:ReleaseConnectionFIN=1,seq=uACK=1,seq=v,ack=u1FIN=1,ACK=1,seq=w,ack=u1PassiveCloseDataTransferESTAB-LISHEDDataTransferESTAB-LISHEDActiveCloseInformUpperLayerABClientServerTCP:ReleaseConnectionFIN=1,seq=uACK=1,seq=v,ack=u1FIN=1,ACK=1,seq=w,ack=u1ACK=1,seq=u+1,ack=w1TCP:ReleaseConnectionPassiveCloseDataTransferESTAB-LISHEDDataTransferESTAB-LISHEDActiveCloseInformUpperLayerABClientServerCLOSEDACK=1,seq=u+1,ack=w1FIN=1,seq=uACK=1,seq=v,ack=u1FIN=1,ACK=1,seq=w,ack=u1FIN-WAIT-1CLOSE-WAITFIN-WAIT-2LAST-ACKWait

2MSLTIME-WAITCLOSEDBeforereleasingconnection,theclientmustwaitfor2MSLTCP:ReleaseConnectionPassiveCloseDataTransferESTAB-LISHEDDataTransferESTAB-LISHEDActiveCloseInformUpperLayerABClientServerWhymustwaitfor2MSL?ToensurethelastACKsentbyAcanreachBTopreventanyinvalidconnectionrequestsegmentfromemergingAfterwaitingfor2MSL,wecanmakesurethatallsegmentsontheconnectionhavedisappearedT

C

P

的

有

限

狀

態

機CLOSEDESTABLISHEDLISTENCLOSE_WAITFIN_WAIT_1SYN_RCVDFIN_WAIT_2CLOSINGTIME_WAITSYN_SENTLAST_ACK主動打開被動打開被動關閉主動關閉起點被動打開主動打開發送SYN同時打開收到SYN，發送SYN,ACK收到ACK數據傳送階段

關閉發送FIN

關閉發送FIN

關閉發送FIN收到RST

收到SYN發送SYN,ACK

關閉或超時收到ACK

收到SYN,ACK發送ACK收到ACK收到ACK收到FIN發送ACK收到FIN,ACK

發送ACK收到FIN發送ACK同時關閉收到FIN發送ACK發送SYN定時經過兩倍報文段壽命后關閉Layer4:TheTransportLayerAnOverviewofLayer4TCP(TransmissionControlProtocol)UDP(UserDatagramProtocol)Anapplication:NATandPATUDP(UserDatagramProtocol)WhydoweneedUDP?Noconnectionestablishment(whichcanadddelay)Simple:noconnectionstateatsender,receiverSmallsegmentheaderNocongestioncontrol:UDPcanblastawayasfastasdesiredUDP(UserDatagramProtocol)Connectionless:nohandshakingbetweenUDPsender,receivereachUDPsegmenthandledindependentlyofothersOftenusedforstreamingmultimediaapplicationslosstolerantratesensitiveUDPareusedin:RIP:TosendtherouteinformationperiodicallyDNS:AvoidthedelaytosetuptheTCPconnectionSNMP:Whencongestion,SNMPmuststillrunable.Withoutthecongestionandreliabilitycontrolmechanism,UDPhasbetterperformancethanTCPunderthecircumstances.OtherprotocolsincludeTFTP,DHCPAddreliabilityatapplicationlayerifnecessaryUDP(UserDatagramProtocol)Layer4:TheTransportLayerAnOverviewofLayer4TCP(TransmissionControlProtocol)UDP(UserDatagramProtocol)Anapplication:NATandPATNAT,istheprocessofswappingoneaddressforanotherintheIPpacketheaderInpractice,NATisusedtoallowhoststhatareprivatelyaddressedtoaccesstheInternetOneofsolutionstoIPaddressdepletionConservesregistered(legal)addressesIncreasesFlexibilitywhenconnectingtoInternetRFC1631-

NetworkAddressTranslator(NAT)WhatisNAT?NATasimpleconceptPrivateaddresses

Registeredaddresses

NATtypesStaticNAT: FixedmappingofaninternaladdresstoanregisteredaddressDynamicNAT: Mappingisdonedynamicallyonafirstcomefirst

servedbasisPAT(Overload):

Portaddresstranslationisusedtoallowmanyinternaluserstoshareasingle‘insideglobal’