In this exercise, we will study the TCP protocol used in the TCP/IP architecture to correct errors that the network layer may have introduced during packet forwarding.
Question 1: In which OSI layer is TCP ?
TCP is a connection oriented protocol with 3 phases: Opening, Data Transfer and Closing. The 14th byte is made of control bits indicating which filed are useful in the header and may be used to indicate the nature of the message (opening, closing,…).
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Port | Destination Port |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sequence Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Acknowledgment Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data | |U|A|P|R|S|F| |
| Offset| Reserved |R|C|S|S|Y|I| Window |
| | |G|K|H|T|N|N| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Checksum | Urgent Pointer |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| data |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The opening phase consists in the exchange of 3 packets, the client opens the connection by sending a message with the bit SYN set to 1, the server answers with a message with the SYN and ACK control bits set to one and the client answers withthe ACK control bit set to 1. Both hosts have to maintain a context (i.e. information stored in computer’s memory) called TCB (Transmission Control Block). This structure contains useful information to guaranty that all the information is received by the other end in the correct order.
The connection is closed by the exchange of 4 messages. One host (client or server) sends a message with FIN control bit set, the other end acknowledges the message. After it sends another message with the FIN control bit set. The first host acknowledges this message.
Finite State Machine
We call RTT (Round Trip Time) the time between the transmission of the first bit of the message and the reception of the last bit of the corresponding acknowledgment.
Question 2 How many RTTs are needed to open a connection ?
Question 3 How many RTTs are needed to close a connection ?
The following Finite State Machine describes the different states of a connection. An active OPEN means that the host is initiating the connection (client) and a passive OPEN that the host is waiting for connection (server).
+---------+ ---------\ active OPEN
| CLOSED | \ -----------
+---------+<---------\ \ create TCB
| ^ \ \ snd SYN
passive OPEN | | CLOSE \ \
------------ | | ---------- \ \
create TCB | | delete TCB \ \
V | \ \
+---------+ CLOSE | \
| LISTEN | ---------- | |
+---------+ delete TCB | |
rcv SYN | | SEND | |
----------- | | ------- | V
+---------+ snd SYN,ACK / \ snd SYN +---------+
| |<----------------- ------------------>| |
| SYN | rcv SYN | SYN |
| RCVD |<-----------------------------------------------| SENT |
| | snd ACK | |
| |------------------ -------------------| |
+---------+ rcv ACK of SYN \ / rcv SYN,ACK +---------+
| -------------- | | -----------
| x | | snd ACK
| V V
| CLOSE +---------+
| ------- | ESTAB |
| snd FIN +---------+
| CLOSE | | rcv FIN
V ------- | | -------
+---------+ snd FIN / \ snd ACK +---------+
| FIN |<----------------- ------------------>| CLOSE |
| WAIT-1 |------------------ | WAIT |
+---------+ rcv FIN \ +---------+
| rcv ACK of FIN ------- | CLOSE |
| -------------- snd ACK | ------- |
V x V snd FIN V
+---------+ +---------+ +---------+
|FINWAIT-2| | CLOSING | | LAST-ACK|
+---------+ +---------+ +---------+
| rcv ACK of FIN | rcv ACK of FIN |
| rcv FIN -------------- | Timeout=2MSL -------------- |
| ------- x V ------------ x V
\ snd ACK +---------+delete TCB +---------+
------------------------>|TIME WAIT|------------------>| CLOSED |
+---------+ +---------+
Question 4 Looking at the finite state machine, what happens if both the server and the client send a SYN message to the other one?
$ netstat
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 localhost:56952 localhost:ldap ESTABLISHED
tcp 0 0 localhost:ldap localhost:40022 CLOSING
tcp 0 0 localhost:ldap localhost:56952 ESTABLISHED
The previous command gives the state of TCP connections on a machine.
Question 5 Give an explanation of the CLOSING state for the second connection.
Question 6 Do routers in the network have to maintain states like TCB when a TCP connection is opened? Why ?
Question 7 In which conditions a TCB is created on a server ?
Question 8 In which condition a TCB is destroyed ?
Question 9 A malicious host decides to send plenty of SYN messages to a server, what may happen after a certain period of time ?
Packet Format
Question 10 The Ethernet frame imposes a SDU of 1500. In a IP-PDU, the header is 20 Byte long, what will be the SDU size of a TCP-PDU ?
Performances
During the opening phase, TCP exchanges a 32 bit sequence number in the SEQUENCE NUMBER field of the message header. Contrary to LAP-B or X.25, TCP numbers the exchanged bytes, and the Acknowledgement Number field contains the next expected byte number.
Question 11 If we suppose a link speed of 100 MBit/s and a continuous transmission of information, how long will it take to use the 2^32 values of the sequence field.
Question 12 The CERN in Geneva opens a TCP connection with a laboratory located in Chicago to transfer information concerning LHC (Large Hadron Collider) experiments. A dedicated link at 100 MBit/s is used. How many unacknowledged messages have to be sent to continuously send TCP messages?
Question 13 CERN plans to increase the transmission speed to 1TBit/s, what will be the problem with the current version of TCP, especially with the sequence and acknowledge fields ?
Acknowledgment optimisation
RFC 793 gives the definition of the acknowledgement field:
Acknowledgment Number: 32 bits
If the ACK control bit is set this field contains the value of the
next sequence number the sender of the segment is expecting to
receive.
You can note that there is no negative acknowledgment, TCP will only positively acknowledge a correct sequence and will not give any feedback of incorrect sequences.
Question 14 in the following scheme, give the acknowledge field value
RFC 793 says:
Retransmission Timeout
Because of the variability of the networks that compose an
internetwork system and the wide range of uses of TCP connections the
retransmission timeout must be dynamically determined. One procedure
for determining a retransmission time out is given here as an
illustration.
An Example Retransmission Timeout Procedure
Measure the elapsed time between sending a data octet with a
particular sequence number and receiving an acknowledgment that
covers that sequence number (segments sent do not have to match
segments received). This measured elapsed time is the Round Trip
Time (RTT). Next compute a Smoothed Round Trip Time (SRTT) as:
SRTT = ( ALPHA * SRTT ) + ((1-ALPHA) * RTT)
and based on this, compute the retransmission timeout (RTO) as:
RTO = min[UBOUND,max[LBOUND,(BETA*SRTT)]]
where UBOUND is an upper bound on the timeout (e.g., 1 minute),
LBOUND is a lower bound on the timeout (e.g., 1 second), ALPHA is
a smoothing factor (e.g., .8 to .9), and BETA is a delay variance
factor (e.g., 1.3 to 2.0).
Question 15 For what purpose RTO is used ? Why is it necessary to compute dynamically its value?
Question 16 When computing the timeout is it better to underestimate or overestimate the RTO value? Why?
All implementations of TCP make the assumption that when a sender receives 4 times the same acknowledgment value, this can be considered as a negative acknowledgement.
Question 17 Why this proposition increases TCP performance ?
Question 17 Which major assumption is made on the network to allow this optimization ?
Question 1: In which OSI layer is TCP ?
Question 3 How many RTTs are needed to close a connection ?
Question 4 Looking at the finite state machine, what happens if both the server and the client send a SYN message to the other one?client serverCLOSED CLOSEDCLOSED LISTEN----SYN---><---SYN---SYN SENT SYN SENT----ACK---><---ACK---ESTAB ESTABQuestion 6 Do routers in the network have to maintain states like TCB when a TCP connection is opened? Why ?
Question 8 In which condition a TCB is destroyed ?
Question 9 A malicious host decides to send plenty of SYN messages to a server, what may happen after a certain period of time ?
Question 10 The Ethernet frame imposes a SDU of 1500. In a IP-PDU, the header is 20 Byte long, what will be the SDU size of a TCP-PDU ?
Question 11 If we suppose a link speed of 100 MBit/s and a continuous transmission of information, how long will it take to use the 2^32 values of the sequence field.
Good evening professor, why do we say that there is a propagation delay of 50ms? is the duration of the acknowledgement message 40 ms? how did we obtain this value for the ack mesagge?Sorry to bother you in the holidays.Best regards
It is a common value, if you do a ping between France and US you should find something close to 50 to 100 ms:
Question 13 CERN plans to increase the transmission speed to 1TBit/s, what will be the problem with the current version of TCP, especially with the sequence and acknowledge fields ?
Some of you, propose to use the same trick as in HDLC and to force the receiver to send an ACK0 to avoid confusion. Here it will not work since the sending rate is too high and the propagation delays will make that this ACK will never reach in time the sender. The only possibility to avoid confusion is to force the sender to stop after sending the full window (minus 1 byte), but performances will be bad since the link will no be fully used
Good morning professor. I do not understand why after the first ack, the number does not change. Could you please explain it?
Because TCP is a very optimistic protocol and never give bad news to the sender. TCP will just inform that until byte 1020 it was ok. Then due to anticipation protocol the sender continue to send packets, TCP will continue to acknowledge until byte 1020 it was ok. In fact TCP memorize out of sequence messages and when the gap is filled, TCP will acknowledge all data it has received.
Question 15 For what purpose RTO is used ? Why is it necessary to compute dynamically its value?
Some of you said that the RTO value depends on the error rate of the link, this is not true the formula only depend of RTT (error rate is used by TCP to reduce transmission rate to avoid network congestions, but that’s another story)
Question 16 When computing the timeout is it better to underestimate or overestimate the RTO value? Why?
Some of you answered that it is better not to over or under estimate the RTO value. This will be of course the best solution, but in the previous question we saw that the transmission time may vary due to network congestions (packet stays longer in routers memory) or rerouting (less frequent). So it is impossible to have the RTT exact value.
Some of you said that the receiver has also to acknowledge every message.
Q.11) In the class we calculated from 2^32/2^5 = 2^27 bits.So the time is 2^27/ 100*10^6 s.From the answer above, it means that this question is continuously from Q.10?
Hi, I don’t remember 🙂 yes the previous question allowed us to know the data size un TCP-PDU