Unit-IV

Transport Layer Protocols

4.1 User Datagram Protocol:
The User Datagram Protocol (UDP) is a connectionless, unreliable transport protocol. It does not add
anything to the services of IP except for providing process-to-process communication instead of host-
to-host communication.
4.1.1 User Datagram
UDP packets, called user datagrams. It has a fixed-size header of 8 bytes. Figure shows the format of
a user datagram. The fields are as follows:

Source port number.

i. This is the port number used by the process running on the source host.
ii. It is 16 bits long. The port number can range from 0 to 65,535.
iii. If the source host is the client, the port number is a temporary port number. It requested by the
process and chosen by the UDP software running on the source host.
iv. If the source host is the server, the port number is a well-known port number.
Destination port number.
i. This is the port number used by the process running on the destination host. It is also 16 bits long.
ii. If the destination host is the server, the port number is a well-known port number.
iii. If the destination host is the client, the port number is a temporary port number.
Length.
i. This is a 16-bit field that defines the total length of the user datagram, header plus data.
ii. The 16 bits can define a total length of 0 to 65,535 bytes.
UDP length = IP length − IP header’s length
Checksum.
This field is used to detect errors over the entire user datagram (header plus data).

Dump of a UDP header

The following is a dump of a UDP header in hexadecimal format.
CB84000D001C001C
1. The source port number is the first four hexadecimal digits (CB8416), which means that the source
port number is 52100.
2. The destination port number is the second four hexadecimal digits (000D16), which means that the
destination port number is 13.
3. The third four hexadecimal digits (001C16) define the length of the whole UDP packet as 28 bytes.
4. The length of the data is the length of the whole packet minus the length of the header, or 28 – 8 =
20 bytes.
5. Since the destination port number is 13 (well-known port), the packet is from the client to the
server.
6. The client process is the Daytime (see Table).
For practice: - 0035140C002D0000
UDP Port Range Groups
• 0 to 1023 - Well known port numbers. Only special companies like Apple QuickTime, MSN,
SQL Services, Gopher Services and other prominent services have these port numbers.
 • 1024 to 49151 - Registered ports; meaning they can be registered to specific protocols by
software corporations.
• 49152 to 65536 - Dynamic or private ports; meaning that they can be used by just about
anybody.

Table: Well-known Ports used with UDP

4.1.2 UDP Services
General Services Provided By UDP
Process-to-Process Communication
UDP provides process-to-process communication using socket addresses. socket addresses is a
combination of IP addresses and port numbers.
Connectionless Services
UDP provides a connectionless service. i.e. Each user datagram sent by UDP is an independent
datagram.
Flow Control
UDP does not provide flow control.
Error Control
There is no error control mechanism in UDP except for the checksum.
Congestion Control
UDP is a connectionless protocol, it does not provide congestion control.
Encapsulation and Decapsulation
To send a message from one process to another, the UDP protocol encapsulates and decapsulates
messages.
Queuing
In UDP, queues are associated with ports.
Multiplexing and Demultiplexing
There is only one UDP but possibly several processes that may want to use the services of UDP.
4.1.3 UDP Applications.
Here are few applications where UDP is used to transmit data:
Domain Name Services
Simple Network Management Protocol
File Transfer Protocol
Trivial File Transfer Protocol
Routing Information Protocol
Kerberos
4.2 Transmission Control Protocol:
4.2.1Basics:
Transmission Control Protocol (TCP) is a connection-oriented, reliable protocol. TCP provide a
connection-oriented service through three phases: connection establishment, data transfer, and
connection terminate. TCP uses a combination of GBN(Go-Back-N) and SR (Selective Repeat)
protocols to provide reliability.
4.2.2 TCP Services
Process-to-Process Communication
TCP provides process-to-process communication using port numbers.
Stream Delivery Service
TCP is a stream-oriented protocol.
Full-Duplex Communication
TCP offers full-duplex service, where data can flow in both directions at the same time.
Multiplexing and Demultiplexing
TCP performs multiplexing at the sender and demultiplexing at the receiver.
Connection-Oriented Service
TCP is a connection-oriented protocol. The following three phases occur:
1. The two TCP’s establish a logical connection between them.
2. Data are exchanged in both directions.
3. The connection is terminated.
Reliable Service
TCP is a reliable transport protocol. It uses an acknowledgment mechanism to check the safe and sound
arrival of data.
4.2.3 TCP features
Reliability through acknowledgement and sequencing
To provide reliability, TCP assigns a sequence number to each sent segment. This number not only
helps the destination host in reordering any incoming segments that arrived out of the order but also
help in verifying that all sent segments were received.
Acknowledgement numbers are used in opposite direction. These numbers are used to send the
verification of received segments, notification of lost segments and acknowledgement for next
segments.
Flow control through Windowing
Windowing is the process of controlling the flow of segments. It ensures that one host doesn’t flood
another host with too many segments, overflowing its receiving buffer.
Reordering segments and in correct order and dropping extra segments
To arrange the arrived segments in correct order, receiver computer uses the sequence numbers of the
segments. To detect and drop the duplicate or extra segments, it compares the received segments with
the requested segments
OR
• Numbering System
• Byte Number
• Sequence Number
• Acknowledgement Number
• Reliable transfer of data
• Flow Control
• Error Control
• Congestion Control
• Inter-operability
• Flexibility
• Multi-Vendor Support
• Window Based Protocol
• Connection oriented service
• Full duplex data transfer
4.2.4 Segment
A packet in TCP is called a segment. The format of a segment is shown in Figure. The segment consists
of a header of 20 to 60 bytes, followed by data from the application program. The header is 20 bytes
if there are no options and up to 60 bytes if it contains options.

❑ Source port address. This is a 16-bit field that defines the port number of the
application program in the sender host.
❑ Destination port address. This is a 16-bit field that defines the port number of the
application program in the receiving host.
❑ Sequence number. This 32-bit field defines the number assigned to the first byte of data contained
in this segment.
❑ Acknowledgment number. This 32-bit field defines the byte number that the receiver of the
segment is expecting to receive from the other party. If the receiver of the segment has successfully
received byte number x from the other party, it returns x + 1 as the acknowledgment number.
Acknowledgment and data can be piggybacked together.
❑ Header length. This 4-bit field indicates the number of 4-byte words in the TCP header. The length
of the header can be between 20 and 60 bytes. i.e. 5 (5 × 4 = 20) and 15 (15 × 4 = 60).
❑ Control. This field defines 6 different control bits or flags. 1 URG: Urgent pointer is valid, 2 ACK:
Acknowledgment is valid, 3 PSH: Request for push, 4 RST: Reset the connection, 5 SYN: Synchronize
sequence numbers, 6 FIN: Terminate the connection
These bits enable flow control, connection establishment and termination, connection abortion, and
the mode of data transfer in TCP.
❑ Window size. This 16-bit field defines the window size of the sending TCP in bytes.
The maximum size of the window is 65,535 bytes.
❑ Checksum. This 16-bit field contains the checksum.
❑ Urgent pointer. This 16-bit field is valid only if the urgent flag is set. This field is
used when the segment contains urgent data.
The value of this field is added to the sequence number to get the byte number of the last urgent byte
in the data section of the segment.
❑ Options. There can be up to 40 bytes of optional information in the TCP header.
4.2.5 A TCP Connection
In TCP, connection-oriented transmission requires three phases: Connection Establishment,
Data Transfer, And Connection Termination.
Connection Establishment
The connection establishment in TCP is called three-way handshaking.
1. The client sends the first segment, a SYN segment.
• Set the SYN flag.
• The segment is used for synchronization of sequence number.
• This sequence number is called the initial sequence number (ISN).
• If client wants to define Maximum Segment Size (MSS), add MSS option.
• Does not define the window size.
 • A SYN segment cannot carry data, but it consumes one sequence number.
2. The server sends a second segment, a SYN + ACK segment
• Set the SYN and ACK flag
• Acknowledge the receipt of the first segment using the ACK flag and acknowledgment number
field
o Acknowledgment number = client initialization sequence num+ 1
o Must also define the receiver window size for flow control
• SYN information for the server.
Initialization sequence number from server to client.
Window scale factor if used.
MSS is defined.
• A SYN + ACK segment cannot carry data, but does consume one sequence number.
3. The client sends the third segment, ACK segment.
• Acknowledge the receipt of second segment.
ACK flag is set.
Acknowledgement number = server initialization sequence number + 1
Must also define the server window size. Set the window size field.
The sequence number is the same as the one in the SYN segment
• In some implementation, data can be sent with the third packet.
Must have a new sequence number showing the byte number of the first byte in the data
• An ACK segment, if carrying no data, consumes no sequence number.

Figure :- Connection establishment using three-way handshaking

2 Data Transfer
• Bidirectional data transfer takes place after connection is established.
o Both parties can send data and acknowledgments in both directions.
o The acknowledgment can be piggybacked with the data.
Pushing Data
• In TCP, both sender and receiver have buffers to hold data.
o In sender, application data to be sent is temporary hold in the buffer.
o In receiver, receiving data is temporary hold in the buffer.
o Thus, for applications, they may encounter delayed transmission and reception.
• TCP thus support PUSH operation.
o Sending TCP must create a segment and send the data immediately. Must not wait for the
window to be filled.
o Receiving TCP must deliver data to the application immediately. Does not wait for more
data to come.
Urgent Data
• TCP is a stream-oriented protocol.
• In some cases, an application needs to send urgent data.
• Solution: send a segment with URG bit set.
 o Sender creates a segment, insert the urgent data at the beginning of the segment and sends
the segment with the URG bit set.
o The urgent pointer field defines the end of the urgent data and the start of normal data.

Figure: Data transfer

3 Connection Termination
Connection Termination with two option: three-way handshaking and four-way handshaking with a
half-close option.
A Three-Way Handshaking
1. Client TCP sends the FIN segment
• FIN flag is set.
• Two choices.
o FIN segment is only a control segment. Consume only one sequence number.
o FIN segment can include the last chunk of data sent by the client.
2. The server TCP sends the FIN+ACK segment
• ACK bit is set. Confirm the receipt of FIN segment.
• FIN bit is set. Announce the closing of the connection in the other direction.
• Two choices
o FIN+ACK segment is only a control segment. Consume only one sequence number.
o FIN +ACK segment can include the last chunk of data sent by the client.
3. Client TCP sends the last ACK segment
• ACK bit is set. Confirm the receipt of the FIN+ACK segment for the TCP server.
• This segment cannot carry data and consume no sequence number. No further response!

Figure: Connection termination using three-way handshaking

B Four-Way Handshaking with Half-Close
In TCP, one end can stop sending data while still receiving data. This is called a half-close.
1. The data transfer from the client to the server stops. The client sends a FIN segment announcing its
wish for connection termination.
2. The server sending the ACK segment acknowledging the FIN segment from client.
o The connection is closed in one direction.
o But server can continue sending data to client.
3. Server sends a FIN segment to close the connection
4. Client sends an ACK segment to acknowledges the FIN segment from Server.

Figure: Half-close
4.2.6 State Transition Diagram
To keep track of all the different events happening during connection establishment, connection
termination, and data transfer, TCP is specified as the finite state machine
(FSM) as shown in Figure.

Figure: State transition diagram

 Table: - States for TCP
The figure shows the two FSMs used by the TCP client and server combined in one diagram. The
rounded-corner rectangles represent the states. The transition from one state to another is shown using
directed lines. Each line has two strings separated by a slash. The first string is the input, what TCP
receives. The second is the output, what TCP sends. The dotted black lines in the figure represent the
transition that a server normally goes through; the solid black lines show the transitions that a client
normally goes through. But, in some situations, a server transitions through a solid line or a client
transitions through a dotted line. The colored lines show special situations. Note that the rounded-
corner rectangle marked ESTABLISHED is in fact two sets of states, a set for the client and another
for the server, that are used for flow and error control. Table shows the list of states for TCP.
4.2.7 Windows in TCP
TCP uses two windows (send window and receive window) for each direction of data transfer, which
means four windows for a bidirectional communication.
Send Window
The window is use of size 100 bytes (normally thousands of bytes). The send window size is dictated
by the receiver (flow control) and the congestion in the underlying network (congestion control). The
figure shows how a send window opens, closes, or shrinks.

Figure: Send window in TCP

The send window in TCP is similar to one used with the Selective Repeat protocol, but with some
differences:
1. One difference is the nature of entities related to the window. The window in SR numbers packets,
but the window in the TCP numbers bytes. Although actual transmission in TCP occurs segment by
segment, the variables that control the window are expressed in bytes.
2. The second difference is that, in some implementations, TCP can store data received from the
process and send them later, but we assume that the sending TCP is capable of sending segments of
data as soon as it receives them from its process.
3. Another difference is the number of timers. The theoretical Selective Repeat protocol may use
several timers for each packet sent, but the TCP protocol uses only one timer.
Receive Window
The window size is 100 bytes. The figure shows how the receive window opens and closes; the window
Should never shrink.

Figure: Receive window in TCP

There are two differences between the receive window in TCP and the one used
for SR.
1. The first difference is that TCP allows the receiving process to pull data at its own pace. This means
that part of the allocated buffer at the receiver may be occupied by bytes that have been received and
acknowledged, but are waiting to be pulled by the receiving process. The receive window size is then
always smaller or equal to the buffer size, as shown in the above figure. The receiver window size
determines the number of bytes that the receive window can accept from the sender before being
overwhelmed (flow control). In other words, the receive window size, normally called rwnd, can be
determined as:
rwnd = buffer size − number of waiting bytes to be pulled
2. The second difference is the way acknowledgments are used in the TCP protocol. Remember that
an acknowledgement in SR is selective, defining the uncorrupted packets that have been received. The
major acknowledgment mechanism in TCP is a cumulative acknowledgment announcing the next
expected byte to receive. The new versions of TCP, however, uses both cumulative and selective
acknowledgements.
4.2.8 Flow Control
A flow control balances the rate a producer creates data with the rate a consumer can use the data. TCP
separates flow control from error control.
Figure shows unidirectional data transfer between a sender and a receiver; bidirectional data transfer
can be assumed from the unidirectional process.

Figure: Data flow and flow control feedbacks in TCP

4.2.9 Error Control
TCP provides reliability using error control. Error control includes mechanisms for detecting and
resending corrupted segments, resending lost segments, storing out-of order segments until missing
segments arrive, and detecting and discarding duplicated segments. Error control in TCP is achieved
through the use of three simple tools: checksum, acknowledgment, and time-out.
4.2.10 TCP Congestion Control
Congestion control in TCP is based on both open-loop and closed-loop mechanisms. TCP uses a
congestion window and a congestion policy that avoid congestion and detect and control congestion
after it has occurred.
Congestion Window
The sender window size is determined by the available buffer space in the receiver (rwnd).
If the network cannot deliver the data as fast as it is created by the sender, it must tell the sender to
slow down.
The sender has two pieces of information: the receiver-advertised window size and the congestion
window size. The actual size of the window is the minimum of these two.
Actual window size = minimum (rwnd, cwnd)
Congestion Policy
TCP’s general policy for handling congestion is based on three phases: slow start, congestion
avoidance, and congestion detection.
In the slow start phase, the sender starts with a slow rate of transmission, but increases the rate rapidly
to reach a threshold. When the threshold is reached, the rate of increase is reduced. Finally, if ever
congestion is detected, the sender goes back to the slow start or congestion avoidance phase, based on
how the congestion is detected.
4.2.11 TCP Timers
To perform its operation smoothly, most TCP implementations use at least four timers as shown in
Figure.

Figure: TCP timers

Retransmission Timer:
To retransmit lost segments, TCP employs one retransmission timer (for the whole connection period)
that handles the retransmission time-out (RTO), the waiting time for an
Acknowledgment of a segment.
Persistence Timer
To deal with a zero-window-size advertisement, TCP needs another timer. If the receiving
TCP announces a window size of zero, the sending TCP stops transmitting segments until
the receiving TCP sends an ACK segment announcing a nonzero window size. This ACK segment can
be lost. ACK segments are not retransmitted in TCP. Both TCPs might continue to wait for each other
forever (a deadlock).
To correct this deadlock, TCP uses a persistence timer for each connection.
Keepalive Timer
A keepalive timer is used in some implementations to prevent a long idle connection
between two TCPs. Suppose that a client opens a TCP connection to a server, transfers
some data, and becomes silent. Possibly the client has crashed. In this case, the connection
remains open forever.
TIME-WAIT Timer
The TIME-WAIT (2MSL) timer is used during connection termination.
4.2.12 Options
The TCP header can have up to 40 bytes of optional information. Options convey additional
information to the destination or align other options. Types of option shown in fig.

Figure: Options
End of Option (EOP)
The end-of-option (EOP) option is a 1-byte option used for padding at the end of the option section. It
can only be used as the last option. Only one occurrence of this option is allowed. After this option,
the receiver looks for the payload data.
No Operation (NOP)
The no-operation (NOP) option is a 1-byte option used as a filler. But it normally comes before another
option to help align it in a four-word slot.
Maximum Segment Size (MSS)
The maximum-segment-size option defines the size of the biggest unit of data that can
be received by the destination of the TCP segment. It defines the maximum size of the data, not the
maximum size of the segment. Since the field is 16 bits long, the value can be 0 to 65,535 bytes.
Window Scale Factor
To increase the window size, a window scale factor is used. The new window size is determined by
following:
New window size = window size defined in the header × 2 window scale factor
Timestamp
This is a 10-byte option. The active open announces a timestamp in the connection request segment
(SYN segment). If it receives a timestamp in the next segment (SYN + ACK) from the other end, it is
allowed to use the timestamp; otherwise, it does not use it any more. The timestamp option has two
applications: it measures the round-trip time and prevents wrap around sequence numbers.
Measuring RTT Timestamp can be used to measure the round-trip time (RTT).
PAWS The timestamp option has another application, protection against wrapped
sequence numbers (PAWS).
SACK-Permitted [Selective Acknowledgment (SACK) ]
The SACK-permitted option of 2 bytes is used only during connection establishment.
The host that sends the SYN segment adds this option to show that it can support the SACK
option. If the other end, in its SYN + ACK segment, also includes this option, then the two ends can
use the SACK option during data transfer. The SACK-permitted option is not allowed during the data
transfer phase.
SACK Options
The SACK option is variable length. It is used during data transfer only if both ends agree.
The option includes a list for blocks arriving out of order. Each block occupies two 32-bit numbers
that define the beginning and the end of the blocks.
4.3 SCTP
Stream Control Transmission Protocol (SCTP) is a new transport-layer protocol designed to combine
some features of UDP and TCP in an effort to create a better protocol for multimedia communication.
4.3.1 SCTP Services
1. Process-to- Process communication
SCTP uses all important ports of TCP.
2. Multi- Stream Facility
SCTP provides multi-stream service to each connection, called as association. If one stream gets
blocked, then the other stream can deliver the data.
3. Multihoming
Multihoming allows both ends (sender and receiver) to define multiple IP addresses for
communication. But, only one of these can be defined as primary address and the remaining can be
used as alternative addresses.
4. Full- Duplex Communication
SCTP provides full-duplex service (the data can flow in both directions at the same time).
5. Connection- Oriented Service
The SCTP is a connection-oriented protocol, just like TCP with the only difference that, it is
called association in SCTP. If User1 wants to send and receive message from user2, the steps are:
Step1: The two SCTPs establish the connection with each other.
Step2: Once the connection is established, the data gets exchanged in both the directions.
Step3: Finally, the association is terminated.
6. Reliability
SCTP uses an acknowledgement mechanism to check the arrival of data.
4.3.2 SCTP Features
1. Transmission Sequence Number (TSN)
The unit of data in SCTP is a data chunk. Data transfer in SCTP is controlled by numbering the data
chunks. In SCTP, TSN is used to assign the numbers to different data chunks.
2. Stream Identifier (SI)
The SI is a 16-bit number and starts with 0. In SCTP, there may be several streams in each
association. Each stream in SCTP needs to be identified using a stream identifier (SI). Each data
chunk needs to carry the SI in the header, so that it is properly placed in its stream on arrival.
3. Stream Sequence Number (SSN)
SCTP defines each data chunk in each stream with a stream sequence number (SSN). It is delivered
data chunk to the appropriate stream and in the proper order at the destination SCTP. This means that,
SSN in addition to a SI,
4. Packets
In SCTP, the data is carried out in the form of data chunks and control information is carried
as control chunks. Data chunks and control chunks are packed together in the packet.
5. Acknowledgment Number
SCTP acknowledgment numbers are chunk-oriented.
4.3.3 Packet Format
A SCTP packet contains a mandatory general header and a set of blocks called chunks. There are two
types of chunks: control chunks and data chunks. A control chunk controls and maintains the
association. A data chunk carries user data. In a packet, the control chunks come before the data
chunks. Figure shows the general format of a SCTP packet.

Figure: SCTP packet format

General Header
The general header (packet header) defines the end points of each association. This guarantees that the
packet belongs to a particular association. It also preserves the integrity of the contents of the packet
including the header itself. The format of the general header is shown in Figure.

Figure: General header

There are four fields in the general header:
❑ Source port address.
This is a 16-bit field that defines the port number of the process sending the packet.
❑ Destination port address.
This is a 16-bit field that defines the port number of the process receiving the packet.
❑ Verification tag.
This is a number that matches a packet to an association. This prevents a packet from a previous
association from being mistaken as a packet in this association. It serves as an identifier for the
association; it is repeated in every packet during the association. There is a separate verification used
for each direction in the association.
❑ Checksum.
This 32-bit field contains a CRC-32 checksum. Note that the size of the checksum is increased from
16 bits (in UDP, TCP, and IP) to 32 bits in SCTP to allow the use of the CRC-32 checksum.
Chunks
Control information or user data are carried in chunks. Chunks have a common layout
as shown in Figure.

Figure: Common layout of a chunk

The first three fields are common to all chunks; the information field depends on the type of chunk.
The important point to remember is that SCTP requires the information section to be a multiple of 4
bytes; if not, padding bytes (eight 0s) are added at the end of the section.
The description of the common fields are as follows:
❑ Type.
This 8-bit field can define up to 256 types of chunks. Only a few have been defined so far; the rest are
reserved for future use. See Table for a list of chunks and their descriptions.
❑ Flag.
This 8-bit field defines special flags that a particular chunk may need. Each bit has a different meaning
depending on the type of chunk.
❑ Length.
This 16-bit field defines the total size of the chunk, in bytes, including the type, flag, and length fields.

Table: Chunks
4.3.4 A SCTP Association
SCTP, like TCP, is a connection-oriented protocol. But, a connection in SCTP is called an association
to emphasize multihoming.
Association Establishment
The server must be prepared to accept an incoming association. This preparation is normally done by
calling socket, bind, and listen and is called a passive open.
 Figure : Four-way handshaking
1 The client issues an active open by calling connect or by sending a message, which implicitly opens
the association. The client SCTP send an INIT message (which stands for "initialization") to the server,
which contains the client's list of IP addresses, initial sequence number, initiation tag to identify all
packets in this association, number of outbound streams the client is requesting, and number of inbound
streams the client can support.
2 The server acknowledges the client's INIT message with an INIT-ACK message, which contains the
server's list of IP addresses, initial sequence number, initiation tag, number of outbound streams the
server is requesting, number of inbound streams the server can support, and a state cookie. The state
cookie contains all of the state that the server needs to ensure that the association is valid, and is
digitally signed to ensure its validity.
3 The client echos the server's state cookie with a COOKIE-ECHO message. This message may also
contain user data bundled within the same packet.
4 The server acknowledges that the cookie was correct and that the association was established with a
COOKIE-ACK message. This message may also contain user data bundled within the same packet.
The minimum number of packets required for this exchange is four; hence, this process is called
SCTP's four-way handshake.
Data Transfer
The purpose of an association is to transfer data between two ends. After the
association is established, bidirectional data transfer can take place. The client and the
server can both send data. SCTP supports piggybacking.
A message received from a process becomes a DATA chunk, or chunks if fragmented, by adding a
DATA chunk header to the message. Each DATA chunk formed by a message or a fragment of a
message has one TSN. Only DATA chunks use TSNs and only DATA chunks are acknowledged by
SACK chunks.
Multihoming Data Transfer
Multihoming allows both ends to define multiple IP addresses for communication. But, only one of
these addresses can be defined as the primary address; the rest are alternative addresses.
Data transfer uses the primary address of the destination. If the primary is not available, one of the
alternative addresses is used.
Multistream Delivery
SCTP uses TSN numbers to handle data transfer, movement of data chunks between the source and
destination. The delivery of the data chunks is controlled by SIs and SSNs.
SCTP can support multiple streams, which means that the sender process can define different streams
and a message can belong to one of these streams. Each stream is assigned a stream identifier (SI)
which uniquely defines that stream.
SCTP supports two types of data delivery in each stream: ordered (default) and unordered.
Fragmentation
SCTP preserves the boundaries of the message from process to process when creating a DATA chunk
from a message if the size of the message does not exceed the MTU of the path.
Association Termination
If one end closes the association, the other end must stop sending new data. If any data are left over in
the queue of the recipient of the termination request, they are sent and the association is closed.
Association termination uses three packets, as shown in Figure.
 Figure: Association termination
4.3.5 Flow Control
SCTP handle two units of data: the byte and the chunk. The values of rwnd and cwnd are expressed in
bytes; the values of TSN and acknowledgments are expressed in chunks.
Receiver Site
The receiver has one buffer (queue) and three variables. The queue holds the received data chunks that
not read by the process. Three variables: 1. cumTSN holds the last TSN received. 2. winSize holds the
available buffer size. 3. lastACK holds the last cumulative acknowledgment, lastACK. Figure shows
the queue and variables at the receiver site.

Figure: Flow control, receiver site

1. When the site receives a data chunk stores end of buffer (queue) and subtracts size of the chunk
from winSize. TSN number of the chunk is stored in cumTSN variable.
2. When the process reads a chunk, it removes from the queue. Size of the removed chunk is add to
winSize.
3. When the receiver decides to send a SACK, it checks the value of lastAck; if it is less than cumTSN,
it sends a SACK with a cumulative TSN number equal to the cumTSN. It also includes the value of
winSize as the advertised window size. The value of lastACK is then updated to hold the value of
cumTSN.
Sender Site
The sender has one buffer (queue) and three variables. We assume each chunk is 100 bytes long.
The buffer holds the chunks that either sent or ready to be sent. Three variables: 1. curTSN refers to
the next chunk to be sent. 2. rwnd holds the last value advertised by the receiver (in bytes). 3. inTransit
holds the number of bytes in transit, bytes sent but not yet acknowledged. The following is the
procedure used by the sender.
1. By curTSN pointed to a chunk can be sent if the size of the data is less than or equal to the quantity
(rwnd − inTransit).The value of curTSN is incremented by one after sending chunk and now points to
the next chunk to be sent. The value of inTransit is incremented by the size of the data in the transmitted
chunk.
2. When a SACK is received, the chunks with a TSN less than or equal to the cumulative TSN in the
SACK are removed from the queue and discarded. The sender does not have to worry about them
anymore. The value of inTransit is reduced by the total size of the discarded chunks. The value of rwnd
is updated with the value of the advertised window in the SACK.
 Figure: Flow control, sender site
4.3.6 Error Control
SCTP uses a SACK chunk to report the state of the receiver buffer to the sender. Each implementation
uses a different set of entities and timers for the receiver and sender sites.
Receiver Site
❑As shown in fig.
❑The last ack. was for data chunk 20
❑Receiver stores all arriving chunks in a queue
▪ Leave space for any missing chunks
▪ Discard duplicate message
❑SACK includes
▪ The TSN numbers for out of order chunks, Relative to the cumulative TSN
▪ The TSN number for duplicate data chunks

Figure: Error control, receiver site

Sender Site
❑ As shown in fig.
❑ There are two queues at the sender site
▪ A sending queue and a retransmission queue
❑ Assume each data chunk is 100 bytes
▪ 1400 bytes (TSN=23~TSN=36) are transmitted
▪ inTranmit= 1400
❑ When a packet is sent, one retransmission timer sstarts for that Packet (all data chunks in that packet)
❑ Chunks in a packet is moved to the retransmission queue
▪ When the retransmission timer for a packet expires
▪ When Four duplicate SACK arrives that declare a packet as missing
❑ The chunks in the retransmission queue have priority
Figure: Error control, sender site
 Unit V
Application Layer Protocols
5.1 World Wide Web and HTTP
5.1.1 World Wide Web
The WWW today is a distributed client-server service, in which a client using a browser can access a
service using a server. But the service provided is distributed over many locations called sites. Each
site holds one or more web pages. Each web page can contain some links to other web pages in the
same or other sites. A web page can be simple or composite. A simple web page has no links to other
web pages; a composite web page has one or more links to other web pages. Each web page is a file
with a name and address.

5.1.2 HTTP
The Hyper Text Transfer Protocol (HTTP) is used to define how the client-server programs can be
written to retrieve web pages from the Web. An HTTP client sends a request; an HTTP server returns
a response. The server uses the port number 80; the client uses a temporary port number. HTTP uses
the services of TCP, which is a connection-oriented
and reliable protocol. This means that, before any transaction between the client and the server take
place, a connection needs to be established between them. After the transaction, the connection should
be terminated. The client and server do not need to worry about errors in messages exchanged or loss
of any message, because the TCP is reliable and will take care of this matter.
5.2 File Transfer: FTP and TFTP
5.2.1 FTP
FTP is a stranded mechanism provided by the Internet for copying a file from one host to the other.

1.The basic model of FTP is shown Fig.

2.FTP established two connections between the client and server. One is for data transfer and the other
is for the control information.
3.The fact that FTP separates control and data makes it very efficient.
4.The control connection uses simple rules of communication. Only one line of command or a line of
response is transferred at a time.
5.But the data connection uses more complex rules due to the variety of data types being transferred.
6.FTP uses port 21 for the control connection and port 20 for the data connection.
7.As shown in the figure client has three components namely:
i.User interface
 ii.Control process and
iii.Data transfer process.
8.The Server has two components: the control process and data transfer process.
9.The control connection is maintained during the entire interactive FTP session. The data connection
is first opened, file is transferred and data connection is closed. This is closed. This is done for
transferring each file.
Control connection:
‣ This connection is created in the same way as the other application programs described earlier.
‣ Control connection remains alive during the entire process.
‣ The IP uses minimize delay type services because this is an interactive connection between a
user and server.
Data Connection:
‣ Data connection uses the port 20 at the site. This connection is opened when data to be
transferred is ready and it is closed when transfer of data is over.
‣ The service types used by IP is maximize throughput
5.2.2 TFTP
Trivial File Transfer Protocol (TFTP) is designed for the bootstrap and configuration files transfer. It
is so simple that the software package can fit into the read-only memory of a diskless workstation. It
can be used at bootstrap time. The reason that it fits on ROM is that it requires only basic IP and UDP.
However, there is no security for TFTP. TFTP can read or write a file for the client. Reading means
copying a file from the server site to the client site. Writing means copying a file from the client site to
the server site. TFTP uses the services of UDP on the well-known port 69.
5.3 Electronic Mail
5.3.1 Architecture
The architecture of the email system is shown in Fig. It consists of two kinds of subsystems: User Agents and
Message Transfer Agents. The user agents allow people to read and send email. And the message transfer agents
move the messages from the source to the destination. Message Transfer Agents also refer as Mail Servers.

Figure: Architecture of the email system.

The user agent is a program that provides a graphical interface, or sometimes a text- and command-based
interface that lets users interact with the email system. It includes a means to compose messages and replies to
messages, display incoming messages, and organize messages by filing, searching, and discarding them. The
act of sending new messages into the mail system for delivery is called mail submission.
The message transfer agents are typically system processes. They run in the background on mail server
machines and are intended to be always available. Their job is to automatically move email through the system
from the originator to the recipient with SMTP (Simple Mail Transfer Protocol). This is the message transfer
step.
Message transfer agents also implement mailing lists, in which an identical copy of a message is delivered to
everyone on a list of email addresses.
Mailboxes store the email that is received for a user. They are maintained by mail servers. User agents simply
present users with a view of the contents of their mailboxes.
5.3.2 Web-Based Mail
E-mail is a common application. Some websites provide this service to anyone who accesses the site. Three
common sites are Hotmail, Yahoo, and Google.
Alice is the sender and Bob is the receiver. Both Alice and Bob use Web servers, but not necessarily the same
server. Alice sends the message to the Web server using HTTP transactions. Alice sends an HTTP request
message to her Web server using the name and address of Bob’s mailbox as the URL. The server at the Alice
site passes the message to the SMTP client and sends it to the server at the Bob site using SMTP protocol. Bob
receives the message using HTTP transactions. But the message from the server at the Alice site to the server
at the Bob site still takes place using SMTP protocol. Figure shows the idea.
 Figure: Web-based e-mail
5.3.3 Email Security
e-mail exchanges can be secured using two application-layer securities designed in particular for e-mail systems.
These Two protocols, Pretty Good Privacy (PGP) and Secure MIME (SMIME).
PGP - Pretty Good Privacy
Pretty Good Privacy (PGP) was invented to provide e-mail with privacy, integrity, and authentication. PGP can
be used to create a secure e-mail messages.
The services provide by PGP: Plaintext, Message Integrity, Compression, Confidentiality with One-Time
Session Key, Code Conversion, Segmentation.
• general purpose application to protect (encrypt and/or sign) files
• can be used to protect e-mail messages
• can be used by corporations as well as individuals
• based on strong cryptographic algorithms (IDEA, RSA, SHA-1)
Secure MIME (SMIME)
Another security service designed for electronic mail is Secure/Multipurpose Internet Mail Extension
(S/MIME). The protocol is an enhancement of the Multipurpose Internet Mail Extension (MIME)
protocol. Based on technology from RSA Security. Industry standard for commercial and
organizational use.
Services Provided by SMIME: Cryptographic Message Syntax (CMS), Data Content Type, Signed-
Data Content Type, Enveloped-Data Content Type, Digested-Data Content Type, Encrypted-Data
Content Type, Authenticated-Data Content Type, Key Management, Cryptographic Algorithms.
5.3.4 SMTP
• SMTP is simple mail transfer protocol.
• It is connection-oriented text-based protocol in which sender communicates with receiver using a command
and supplying data over reliable TCP connection.
• SMTP is standard application layer protocol for delivery of email over TCP/IP network.
• SMTP establish a TCP connection between Sender And port number 25 of receiver
5.3.5 POP
POP (Post Office Protocol) is also called as POP3 protocol. This is a protocol used by a mail server in
conjunction with SMTP to receive and holds mail for hosts. POP3 mail server receives e-mails and
filters them into the appropriate user folders. When a user connects to the mail server to retrieve his
mail, the messages are downloaded from mail server to the user's hard disk.
5.3.6 IMAP
Another mail access protocol is Internet Mail Access Protocol, version 4 (IMAP4). IMAP4 is similar
to POP3, but it has more features; IMAP4 is more powerful and more complex.
❑ A user can check the e-mail header prior to downloading.
❑ A user can search the contents of the e-mail for a specific string of characters prior to downloading.
❑ A user can partially download e-mail. This is especially useful if bandwidth is limited and the e-
mail contains multimedia with high bandwidth requirements.
❑ A user can create, delete, or rename mailboxes on the mail server.
❑ A user can create a hierarchy of mailboxes in a folder for e-mail storage.
5.3.7 MIME
▪ MIME is Multipurpose Internet Mail Extensions.
▪ It is an extension of SMTP that allows the transfer of multimedia messages.
▪ If binary data is included in a message MIME header are used to inform the receiving mail agent:
▪ Content-Transfer-Encoding: Header alerts the receiving user agent that the message body has been
ASCII encoded and the type of encoding used.
 ▪ Content-Type: Header informs the receiving mail agent about the type of data included in the
message.
5.3.8 SNMP
SNMP stands for simple network management protocol. It is a way that servers can share information
about their current state, and also a channel through which an administer can modify pre-defined
values. While the protocol itself is very simple, the structure of programs that implement SNMP can
be very complex.
5.4 DNS-
5.4.1 Concept of Domain Name Space
A name space that maps each address to a unique name can be organized in two ways: flat or
hierarchical.
In a flat name space, a name is assigned to an address. A name in this space is a sequence of characters
without structure. Cannot be used in a large system such as the Internet. Required centrally controlled
to avoid ambiguity and duplication.
In a hierarchical name space, each name is made of several parts. The first part can define
the nature of the organization, the second part can define the name of an organization, the third part
can define departments in the organization, and so on.
The hierarchical structure of the domain name space consists of a root domain, top-level domains,
second level domains, subdomains, and host names.

• The Root Domain is at the top of the hierarchy and is represented by a period (.).
• Top-Level Domains are two or three-character name codes, representing organisation type or
geographic location, eg: .com, .gov, .edu, .uk, .es etc. Top-level domains can contain second-
level domains and host names.
• Second-Level Domains are registered to individuals and organisations for use on the Internet.
A second-level name has two name components: a top-level name and a unique second-level
name, eg: jaihind.edu.
• Subdomains are created when organisations extend their DNS tree to represent departments,
divisions, or other geographic locations. Subdomains have three name components: a top-level
name, a unique second-level name, and a unique name representing the department or location,
eg: admin.jaihind.edu
• Host names are the names of specific computers on the Internet or in a private network. A host
name is the leftmost portion of a fully qualified domain name (FQDN), which describes the
exact position of a host within the domain hierarchy. comp1.admin.jaihind.edu is a FQDN.
DNS uses a host's FQDN to resolve a name to an IP address. The host name does not have to
be the same as the computer name.
5.4.2 DNS Operation
a hostname se.sjsu.edu is requesting the IP address of mail.yahoo.com. the authoritative DNS server
for mail.yahoo.com is dns.yahoo.com. The way the DNS resolves the request is shown below.
The host se.sjsu.edu sends a DNS query to the local DNS server to translate the hostname
‘mail.yahoo.com’ to the IP address. In response, the local DNS server i.e. dns.sjsu.edu forwards the
query to the root DNS server. The root DNS server finds the suffix as ‘com’ and returns a list of IP
address of the top-level DNS server responsible for ‘com’. The local DNS server then sends the same
query to one of the top-level DNS servers which were provided by the root DNS server. The top-level
DNS server finds a suffix yahoo.com and returns the local DNS server with an IP address of the
authoritative DNS server for Yahoo i.e. yahoo.com. Finally, the local DNS server sends the same query
again to the authoritative DNS server dns.yahoo.com, which in turn responds with the IP address of
mail.yahoo.com.
5.5 DHCP
5.5.1 Static and Dynamic Allocation
Static Allocation
A static Internet Protocol (IP) address (static IP address) is a permanent number assigned to a computer
by an Internet service provider (ISP). Static IP addresses are useful for gaming, website hosting or
Voice over Internet Protocol (VoIP) services. Speed and reliability are key advantages. Because a static
address is constant, systems with static IP addresses are vulnerable to data mining and increased
security risks.
A static IP address is also known as a fixed address. This means that a computer with an assigned static
IP address uses the same IP address when connecting to the Internet.
Dynamic Allocation
A dynamic Internet Protocol address (dynamic IP address) is a temporary IP address that is assigned
to a computing device or node when it’s connected to a network. A dynamic IP address is an
automatically configured IP address assigned by a DHCP server to every new network node.
5.5.2 DHCP Operation
DHCP (Dynamic Host Configuration Protocol) is a client-server protocol that uses DHCP servers and
DHCP clients. A DHCP server is a machine that runs a service that can lease out IP addresses and
other TCP/IP information to any client that requests them. The DHCP server typically has a pool of IP
addresses that it is allowed to distribute to clients, and these clients lease an IP address from the pool
for a specific period of time, usually several days. Once the lease is ready to expire, the client contacts
the server to arrange for renewal. DHCP clients are client machines that run special DHCP client
software enabling them to communicate
with DHCP server.

DHCP clients obtain a DHCP lease for an IP address, a subnet mask, and various DHCP options from
DHCP servers in a four-step process:
DHCP DISCOVER: The client broadcasts a request for a DHCP server.
DHCPOFFER: DHCP servers on the network offer an address to the client.
DHCPREQUEST: The client broadcasts a request to lease an address from one of the offering DHCP
servers.
DHCPACK: The DHCP server that the client responds to acknowledges the client,
assigns it any configured DHCP options, and updates its DHCP database. The
client then initializes and binds its TCP/IP protocol stack and can begin network
communication.
5.6 Remote Login: TELNET and SSH.
5.6.1 TELNET
TELNET is abbreviation for Terminal Network. It is standard TCP/IP protocol for virtual terminal
services proposed by ISO. TELNET enables establishment of connection to a remote system in such a
way that a local terminal appears to be terminal at remote system. TELNET is general purpose client
server application program
Local Login When user log in to local time sharing system it is called local login. The keystrokes
accepted by terminal driver. Terminal driver passes the character to the operating system. Operating
system interprets the combination of character and invoke the desired application or utility.

Remote login When user wants to access the application or utility located at the remote machine, he
or she performs remote login. Here the telnet client and server program come into use. The user sends
the keystrokes to local operating system. local operating system accept it, but do not interpret them.
The characters are send to TELNET client. TELNET client transform the character to a universal
character set called Network Virtual Terminal Character and deliver them to the local TCP/IP stack.

As shown in above figure the command/text in NVT form travel through internet, and arrive at TCP/IP
stack of remote Machine. Here the characters are delivered to the operating system and Passed to the
TELNET server. Which changes the characters to the understandable characters by the remote
computer. But, characters could not directly pass to the operating system because remote operating
system is not designed to receive characters from TELNET server. The solution is to add piece of
software called Pseudo- terminal driver, which pretends that characters are coming from terminal. The
operating system passes the characters to appropriate application program.
5.6.2 SSH
Secure Shell (SSH) is a secure application program that can be used for several purposes such as
remote logging and file transfer, it was originally designed to replace TELNET. There are two versions
of SSH: SSH-1 and SSH-2.
SSH is an application-layer protocol with three components, as shown in Figure.
 Figure: Components of SSH
1. SSH-TRANS
The Transport Layer Protocol provides server authentication, confidentiality, and integrity. It may
optionally also provide compression. The transport layer will typically be run over a TCP/IP
connection, but might also be used on top of any other reliable data stream.
2. SSH-AUTH
The User Authentication Protocol authenticates the client-side user to the server. It runs over the
transport layer protocol.
3. SSH-CONN
The Connection Protocol multiplexes the encrypted tunnel into several logical channels. It runs over
the user authentication protocol.