Bài giảng Network+ Certification - Chapter 7, Transport Layer Protocols

Tài liệu Bài giảng Network+ Certification - Chapter 7, Transport Layer Protocols: Chapter 7, Transport Layer Protocols |1| Chapter Overview A. TCP and UDP B. SPX and NCP Chapter 7, Lesson 1 TCP and UDP 1. TCP |2| A. TCP characteristics 1. TCP is the acronym for Transmission Control Protocol. 2. Connection-oriented protocol 3. Reliable 4. Used to carry relatively large amounts of data, such as entire files 5. Complements Internet Protocol (IP) by providing services that IP lacks 6. Defined in Request for Comments (RFC) 793, published by the Internet Engineering Task Force (IETF) |3| 7. TCP functions a. Guaranteed delivery b. Packet acknowledgment c. Flow control d. Error detection e. Error correction B. The TCP header 1. TCP encapsulates application layer data by applying a header. |4| 2. Segmentation a. TCP splits the message received from the application layer into datagram-sized segments and encapsulates each segment with its own header. b. The collection of segments that make up an application laye...

pdf10 trang | Chia sẻ: honghanh66 | Lượt xem: 776 | Lượt tải: 0download
Bạn đang xem nội dung tài liệu Bài giảng Network+ Certification - Chapter 7, Transport Layer Protocols, để tải tài liệu về máy bạn click vào nút DOWNLOAD ở trên
Chapter 7, Transport Layer Protocols |1| Chapter Overview A. TCP and UDP B. SPX and NCP Chapter 7, Lesson 1 TCP and UDP 1. TCP |2| A. TCP characteristics 1. TCP is the acronym for Transmission Control Protocol. 2. Connection-oriented protocol 3. Reliable 4. Used to carry relatively large amounts of data, such as entire files 5. Complements Internet Protocol (IP) by providing services that IP lacks 6. Defined in Request for Comments (RFC) 793, published by the Internet Engineering Task Force (IETF) |3| 7. TCP functions a. Guaranteed delivery b. Packet acknowledgment c. Flow control d. Error detection e. Error correction B. The TCP header 1. TCP encapsulates application layer data by applying a header. |4| 2. Segmentation a. TCP splits the message received from the application layer into datagram-sized segments and encapsulates each segment with its own header. b. The collection of segments that make up an application layer message is called a sequence. c. The destination end system reassembles the segments into the original sequence. d. The segmentation process is completely separate from the network layer fragmentation process. (1) In other words, the segments produced by TCP can later be fragmented by IP. |5| 3. The TCP message format a. Source Port (2 bytes). Identifies the process on the transmitting system that generated the information carried in the Data field b. Destination Port (2 bytes). Identifies the process on the receiving system for which the information in the Data field is intended 2 Outline, Chapter 7 Network+ Certification, Second Edition c. Sequence Number (4 bytes). Identifies the location of the data in this segment in relation to the entire sequence d. Acknowledgment Number (4 bytes). In acknowledgment (ACK) messages, this field specifies the sequence number of the next segment expected by the receiving system. e. Data Offset (4 bits). Specifies the number of 4-byte words in the TCP header f. Reserved (6 bits). Unused g. Control Bits (6 bits). Contains 6 flag bits that identify the functions of the message h. Window (2 bytes). Specifies how many bytes the computer can accept from the connected system i. Checksum (2 bytes). Contains the results of a cyclical redundancy check (CRC) computation performed by the transmitting system (1) Used by the receiving system to detect errors in the TCP header, data, and parts of the IP header j. Urgent Pointer (2 bytes). When the urgent (URG) control bit is present, this field indicates which part of the data in the segment the receiver should treat as urgent. k. Options (variable). May contain information related to optional TCP connection configuration features l. Data (variable). May contain one segment of an information sequence generated by an application layer protocol C. Ports and sockets 1. TCP and UDP both use Source Port and Destination Port fields for protocol identification. |6| 2. A port number refers to a specific application or process running on a TCP/IP computer. 3. A socket is the combination of a port number and an IP address. a. Sockets are expressed as the IP address followed by a colon and then the port number. (1) Example: 192.168.2.66:80 4. Well-known ports are port numbers assigned to common Internet applications by the Internet Assigned Numbers Authority (IANA). a. Well-known port numbers are published in RFC 1700, “Assigned Numbers.” 5. The most commonly used port numbers are listed in a file called Services on every computer running a TCP/IP client. 6. Most well-known port numbers are assigned to servers. 7. Clients typically choose a port number at random (called an ephemeral port number) when communicating with a server. a. Ephemeral port numbers always have values higher than 1024. 8. TCP and UDP maintain their own separate lists of well-known port numbers. Outline, Chapter 7 3 Network+ Certification, Second Edition 9. Users rarely have to specify a port number in a client program (because it is automatic), but you can usually configure the client to use nonstandard port numbers. a. For example, Web servers often use nonstandard port numbers for their administrative pages to protect them from being seen by the average user. (1) The administrator must specify the correct port number in the URL to access them. D. Control bits 1. The Control Bits field of the TCP header contains six flags used by TCP to signify particular message functions. |7| 2. The six control bits are as follows: a. URG. Indicates that the segment contains urgent data (1) When this flag is present, the receiving system reads the contents of the Urgent Pointer field to determine which part of the Data field contains the urgent information. b. ACK. Indicates that the message is an acknowledgment of a previously transmitted segment (1) When this flag is present, the system receiving the message reads the contents of the Acknowledgment Number field to determine what part of the sequence it should transmit next. c. PSH. Indicates that the receiving system should immediately forward the data it has received in the current sequence to the process identified in the Destination Port field, rather than wait for the rest of the sequence to arrive d. RST. Causes the receiving system to reset the TCP connection and discard all of the segments of the sequence it has received so far e. SYN. Synchronizes the systems’ respective Sequence Number values during the establishment of a TCP connection f. FIN. Terminates a TCP connection E. Establishing a connection 1. TCP systems must establish a connection before transmitting application data. 2. The connection typically persists for the duration of a file transmission. 3. The connection establishment process is called a three-way handshake. |8| 4. Three-way handshake functions a. Verify that both computers are operating and ready to receive data b. Exchange initial sequence numbers (ISNs) c. Exchange maximum segment sizes (MSSs) d. Exchange port numbers 5. Sequence numbers a. Used to number the packets sent to the other computer during the sequence b. Each computer maintains its own series of sequence numbers. 4 Outline, Chapter 7 Network+ Certification, Second Edition c. Each computer also keeps track of the other computer’s sequence numbers. |9| 6. Three-way handshake messages a. SYN. The computer initiating the connection sends a message containing the SYN control bit and its ISN (in the Sequence Number field). b. ACK/SYN. The other computer responds with a message containing the ACK control bit, which acknowledges the SYN message it has received, plus its own SYN control bit and ISN. c. ACK. The first computer replies with a message containing an ACK control bit, which acknowledges the receipt of the other computer’s SYN message. 7. A TCP connection actually consists of two separate connections, one in each direction. a. TCP is a full-duplex protocol because the systems establish each connection separately and terminate each connection separately. 8. MSS a. Specifies the largest amount of data the system can receive in one packet b. The systems exchange MSS information during the connection establishment to determine how large to make their segments. c. MSS information is carried in the Options field of the TCP header. F. Transmitting data 1. Once the connection is established, the transmission of application data can begin. |10| 2. Information needed to transmit data, as supplied during connection establishment: a. Port number b. Sequence number c. MSS G. Acknowledging packets |11| 1. TCP implements its packet acknowledgment and error correction functions by using the Sequence Number and Acknowledgment Number fields. 2. Each computer increments its own Sequence Number field by the number of bytes it transmits to the other computer. a. Example: if Computer A’s ISN is 1000, the first message it sends to Computer B after the handshake will have a Sequence Number value of 1001. (1) If that first message contains 225 bytes of data, Computer A’s next message will have a Sequence Number value of 1226. 3. The Acknowledgment Number field contains the value that the computer expects to receive from the other computer in the Sequence Number field of its next packet—in other words, the number of bytes received from the sender. Outline, Chapter 7 5 Network+ Certification, Second Edition a. Example: when Computer B receives the 225-byte packet from Computer A, it replies with an acknowledgment message (containing the ACK control bit) that has an Acknowledgment Number field value of 1226. (1) Computer B does this because it expects Computer A’s next message to have a Sequence Number value of 1226. 4. Incrementing the Acknowledgment Number field by the number of bytes transmitted by the other computer indicates that the data was received correctly. a. This process is called a packet acknowledgment. b. Example: if Computer A transmits the 225-byte packet to Computer B, and Computer B’s acknowledgment message has an Acknowledgment Number field value of 1001, this indicates that Computer B has failed to receive the 225 bytes of data correctly. (1) Computer A must therefore retransmit it. 5. The incrementing of Sequence Number and Acknowledgment Number values occurs simultaneously on both computers. 6. Messages functioning solely as acknowledgments do not cause sequence numbers to be incremented. |12| 7. Delayed acknowledgments a. TCP systems do not have to send an individual acknowledgment for every message they receive. (1) Example: A system might send an acknowledgment message for each 10 data transmissions. b. The frequency of acknowledgment is left up to the individual TCP implementation. |13| 8. Positive and negative acknowledgments a. Positive acknowledgment with retransmission is a system in which TCP systems acknowledge only the number of consecutive bytes that they have received correctly. b. Negative acknowledgment is a system in which the computer specifies the information that it has not received correctly. For example: (1) If 10 data segments are transmitted, and the destination system receives all but the seventh, it acknowledges that all of the bytes through the end of the sixth segment have arrived correctly. (2) The sender must retransmit segment 7, plus segments 8, 9, and 10. c. The sending system maintains a queue of the messages it transmits, and deletes them from the queue when they are acknowledged. (1) Messages that are not acknowledged are retransmitted. H. Detecting errors 1. Transmissions can fail for two reasons: a. Because they never arrive at the destination b. Because they are corrupted in transit and fail the error detection check 6 Outline, Chapter 7 Network+ Certification, Second Edition |14| 2. TCP provides the only end-to-end error detection for the application layer data in the packet. a. IP provides error detection, but only for the IP header fields, not the data. b. The data-link layer protocols used on local area networks (LANs) provide error detection, but only for individual hops. c. Other data-link layer protocols (such as SLIP and PPP) provide no error detection at all. |15| 3. TCP computes a checksum value based on three elements: a. The TCP header b. The application layer information in the TCP Data field c. A pseudo-header that consists of the IP header’s Source IP Address, Destination IP Address, Protocol, and Length fields, plus 1 byte of padding 4. The results of the computation are placed in the Checksum field and are transmitted to the destination. 5. The destination system performs the same computation and compares its results with the value of the Checksum field. a. If the values do not match, the message is discarded. |16| I. Flow control 1. Flow control allows a receiving system to control the transmission rate of the sending system. a. The receiving system does this by providing information to the source system that enables the source system to regulate the speed at which it transmits data. 2. Each computer has a buffer for storing incoming packets. 3. When a computer transmits too quickly, the buffer on the receiving system can fill up, causing packets to be dropped. 4. TCP uses the Window field in its acknowledgment messages to implement flow control. a. The Window value indicates how much buffer space the receiving system has available. 5. The sending system is permitted to transmit only the number of bytes specified in the Window field. a. After that, it must stop transmitting until further acknowledgment messages arrive with Window values greater than zero. |17| 6. This type of flow control is called a sliding window technique. J. Terminating the connection |18| 1. Once all of the data for the transaction has been transmitted and acknowledged, the TCP connection is terminated. 2. The receiving computer uses the Sequence Number values in the TCP header to reassemble the segments into the correct sequence. 3. Because a TCP connection actually consists of two connections, with one running in each direction, they must be closed individually. 4. The termination sequence uses handshake messages, just as the connection establishment process does. Outline, Chapter 7 7 Network+ Certification, Second Edition a. Computer A transmits a message containing the FIN control bit, indicating that it wants to terminate the connection. b. Computer B responds with an acknowledgment message containing the ACK bit, and the connection in that direction is closed. c. Computer B then transmits its own FIN message. d. Computer A responds with its own ACK message, and the connection running in the other direction is now closed. 5. The FIN and ACK control bits cannot be combined in the same message, as with the SYN/ACK bits in the connection establishment process. 6. Sometimes the connection can be terminated in only one direction, leaving the other direction open. a. This is called a half close. 2. UDP |19| A. UDP characteristics 1. UDP is the acronym for User Datagram Protocol. 2. Defined in RFC 768, “User Datagram Protocol” 3. Connectionless protocol 4. UDP is essentially a subset of TCP. 5. Does not provide packet acknowledgment, flow control, segmentation, or guaranteed delivery services 6. Generates far less overhead than TCP does a. The UDP header is only 8 bytes, compared to 20 bytes for TCP. b. No connection establishment or termination handshake messages 7. Used primarily for brief transactions consisting of a single request and a single reply a. Domain Name System (DNS) and Dynamic Host Configuration Protocol (DHCP) rely primarily on UDP for their messaging. b. The reply functions as a tacit acknowledgment to the request. B. The UDP header 1. UDP encapsulates application layer data, just like TCP does. |20| 2. The UDP message format a. Source Port (2 bytes). Identifies the process on the transmitting system that generated the information carried in the Data field b. Destination Port (2 bytes). Identifies the process on the receiving system for which the information in the Data field is intended c. Length (2 bytes). Specifies the length of the UDP header and data in bytes d. Checksum (2 bytes). Contains the results of a CRC computation performed by the transmitting system (1) The receiving system uses the Checksum field to detect errors in the UDP header, data, and parts of the IP header. e. Data (variable). Contains the information generated by the application layer process specified in the Source Port field 8 Outline, Chapter 7 Network+ Certification, Second Edition 3. The functions of the Source Port, Destination Port, and Checksum fields are exactly the same as those for their TCP counterparts. 4. The Checksum function is defined as being optional in the UDP standard, but most implementations use it. Chapter 7, Lesson 2 SPX and NCP 1. SPX |21| A. SPX characteristics 1. SPX is the acronym for Sequenced Packet Exchange. 2. Connection-oriented protocol 3. Provides packet acknowledgment and flow control, much like TCP 4. SPX is the IPX counterpart to TCP, but is not used as often as TCP. 5. Used for printer traffic and remote administration 6. Messages are carried in IPX datagrams. |22| B. The SPX message format 1. Connection Control (1 byte). Contains a code that identifies the message as performing a certain control function, such as End Of Message or Acknowledgment Required 2. Datastream Type (1 byte). Identifies the type of information found in the Data field or contains a code used during the connection termination sequence 3. Source Connection ID (2 bytes). Contains the number used by the transmitting system to identify the current connection 4. Destination Connection ID (2 bytes). Contains the number used by the receiving system to identify the current connection 5. Sequence Number (2 bytes). Specifies the location of this message in the sequence 6. Acknowledgment Number (2 bytes). Contains the Sequence Number value that the system expects to find in the next packet it receives, thus acknowledging the successful receipt of all of the previous packets 7. Allocation Number (2 bytes). Used for flow control (that is, the interactive regulation of the data transmission speed) a. Specifies the number of packet receive buffers that are available on the transmitting system 8. Data (variable). Contains the information generated by an application or upper layer protocol 2. NCP |23| A. NCP characteristics 1. NCP is the acronym for NetWare Core Protocol. 2. Used for NetWare file sharing traffic, among many other functions a. Novell Directory Services (NDS) authentication traffic 3. Used much more frequently than SPX 4. Messages are carried in IPX datagrams. Outline, Chapter 7 9 Network+ Certification, Second Edition 5. Requires an acknowledgment for each message transmitted 6. NetWare Core Packet Burst Protocol (NCPB) a. A variant of NCP that enables the transmission of multiple messages with one acknowledgment B. The NCP header 1. NCP uses different message formats for requests and replies. |24| 2. The NCP Request message format a. Request Type (2 bytes). Specifies the basic type of request performed by the message, using codes that represent the following functions: (1) Create a Service Connection (2) File Server Request (3) Connection Destroy (4) Burst Mode Protocol Packet b. Sequence Number (1 byte). Contains a value that indicates this message’s place in the current NCP sequence c. Connection Number Low (1 byte). Contains the number of the client’s connection to the NetWare server d. Task Number (1 byte). Contains a unique value that the connected systems use to associate requests with replies e. Connection Number High (1 byte). Unused f. Function (1 byte). Specifies the exact function of the message g. Subfunction (1 byte). Further describes the function of the message h. Subfunction Length (2 bytes). Specifies the length of the Data field i. Data (variable). Contains information that the server will need to process the request, such as a file location |25| 3. The NCP Reply message format a. Reply/Response Type (2 bytes). Specifies the type of reply in the message, using codes that represent the following functions: (1) File Server Reply (2) Burst Mode Protocol (3) Positive Acknowledgment b. Sequence Number (1 byte). Contains a value that indicates this message’s place in the current NCP sequence c. Connection Number Low (1 byte). Contains the number of the client’s connection to the NetWare server d. Task Number (1 byte). Contains a unique value that the connected systems use to associate requests with replies e. Connection Number High (1 byte). Unused f. Completion Code (1 byte). Indicates whether the request associated with this reply has been successfully completed g. Connection Status (1 byte). Indicates whether the connection between the client and the server is still active h. Data (variable). Contains information sent by the server in response to the request 10 Outline, Chapter 7 Network+ Certification, Second Edition |26| Chapter Summary A. TCP 1. Connection-oriented protocol 2. Used to carry relatively large amounts of data 3. Provides guaranteed delivery, packet acknowledgment, flow control, error detection, and error correction B. UDP 1. Connectionless protocol 2. Essentially a subset of TCP 3. Generates less overhead than TCP does 4. Used primarily for brief transactions consisting of a single request and a single reply |27| C. SPX 1. Connection-oriented protocol 2. Provides packet acknowledgment and flow control, much like TCP D. NCP 1. Used for NetWare file sharing traffic, among many other functions 2. Used much more frequently than SPX 3. Requires an acknowledgment for each message transmitted

Các file đính kèm theo tài liệu này:

  • pdfch07_7408.pdf
Tài liệu liên quan