Chapter 15 Transmission Control Protocol (TCP)

15.1 TCP Services TCP/IP protocol suite

Well-known ports used by TCP

Stream Delivery Stream Data Service (stream transport layer service) The sending TCP 1) accepts a stream of characters from sending application program 2) creates packets called segments, of appropriate size extracted from the stream 3) sends segments across the network The receiving TCP 1) receives segments, extracts data from segments 2) orders segments if they have arrived out of order 3) delivers segments as a stream of characters to the receiving application program

Stream Delivery (cont’d)

Sending and receiving buffers For stream delivery, the sending and receiving TCPs use buffers the sending TCP uses sending buffer to store the data coming from the sending application program. the sending application program writes data to the buffer of the sending TCP the receiving TCP receives the segments and stores them in a receiving buffer the receiving application program uses the read operation to read the data from the receiving buffer. Since the rate of reading can be slower than the rate of receiving, the data is kept in the buffer until the receiving application reads it completely.

Sending and receiving buffers (cont’d)

Segments The IP layer, as a service provider for TCP, needs to send data in packets, not as a stream of bytes At the transport layer, TCP groups a number of bytes together into a packet called a segment. TCP adds a header to each segment and delivers the segment to the IP layer for transmission

TCP Segments

15.2 TCP Features Numbering System Flow Control Error Control Congestion Control

Numbering System Byte numbers All data bytes being transferred in each connection are numbered by TCP. The numbering starts with a randomly generated number. Number range for first byte : 0 ~ 2 32 -1 If random number is 1,057 and total number 6,000bytes, the bytes are numbered from 1,057 to 7,056 Byte numbering is used for flow and error control.

Numbering System (cont’d) Sequence number After the bytes have been numbered, TCP assigns a sequence number to each segment that is being sent. Sequence number for each segment is number of the first byte carried in that segment.

Example 15.1 Suppose a TCP connection is transferring a file of 5,000 bytes. The first byte is numbered 10,001. What are the sequence numbers for each segment if data are sent in five segments, each carrying 1,000 bytes? Solution The following shows the sequence number for each segment:

Numbering System (cont’d) Acknowledgment Number The value of the acknowledgment field in a segment defines the number of the next byte a party expects to receives. The acknowledgment number is cumulative.

15.3 Segment TCP Segment Format

Segment (cont’d) Source port address Destination port address defining the port number of application program in the host that is sending the segment Destination port address defining the port number of application program in the host that is receiving the segment Sequence number defining the number assigned to the first byte of data contained in this segment during the connection establishment, each party uses a random number generator to create an initial sequence number (ISN)

Segment (cont’d) Acknowledgment number Header length Reserved If the source of the segment has successfully received byte number x from the other party, it defines x+1 as the acknowledgment number Header length Indicating the number of 4-byte words in the TCP header the value between 5 and 15 (20 and 60 bytes) Reserved For future use

Segment (cont’d) Control Enabling flow control, connection establishment and termination, and mode of data transfer in TCP

Segment (cont’d) Window size Checksum : picture in next page defining the size of the window, in bytes, that the other party must maintain. maximum size of window : 65,535 bytes Checksum : picture in next page Urgent pointer used when the segment contains urgent data defining the number that must be added to the sequence number to obtain the number of the last urgent byte in the data section of the segment Options : 40 bytes

Pseudoheader added to the TCP segment The use of the checksum in TCP is mandatory.

Encapsulation A TCP segments is encapsulated in an IP datagram

15.4 A TCP Connection TCP is connection-oriented Establishes a virtual path between the source and destination TCP connection is virtual, not physical TCP uses the services of IP to deliver individual segments to the receiver, but it controls the connection itself If a segment is lost or corrupted, it is retransmitted

Connection Establishment using Three-way Handshake The server program tells its TCP to make a passive open The Client program issues a request for an active open.

Connection Establishment using Three-way Handshake (cont’d) A SYN segment cannot carry data, but it consumes one sequence number. A SYN + ACK segment cannot carry data, but does consume one sequence number. An ACK segment, if carrying no data, consumes no sequence number.

Data Transfer

Data Transfer (cont’d) Urgent data To send urgent data Use of URG bit set by sending TCP Receiving TCP extracts the urgent data from the segment using urgent pointer

Connection Termination using Three-way Handshake

Connection Termination using Three-way Handshake (cont’d) The FIN segment consumes one sequence number if it does not carry data The FIN + ACK segment consumes one sequence number if it does not carry data

Half-Close

15.5 State Transition Diagram To keep track of all the different events happening during connection establishment, connection termination, and data transfer, the TCP software is implemented as a finite state machine.

State Transition Diagram (cont’d)

State for TCP

Scenarios To understand the TCP state machines and the transition diagrams, we go through some scenario in this section. Connection Establishment and half-Close Termination Scenario where the server process issues a passive open and passive close, and the client process issues an active close.

Transition Diagram for Connection and Half-close Termination

Time-line diagram for previous Transition Diagrams

Transition Diagram for a Common Scenario

Time Line for a Common Scenario

Simultaneous Open

Simultaneous Close

Denying a Connection

Aborting a Connection

15.6 Windows in TCP TCP uses two Windows Send window and receive window This means four windows for a bidirectional communication To make simple, we make an assumption that communication is only unidirectional The bidirectional communication can be inferred using two unidirectional communications with piggybacking

Send Window in TCP

Receive Window in TCP

15.7 Flow Control In TCP, the sender window size is totally controlled by the receiver window value. However, the actual window size can be smaller if there is congestion in the network. Some Points about TCP’s Sliding Windows: The size of the window is the lesser of rwnd and cwnd The source does not have to send a full window’s worth of data. The window can be opened or closed by the receiver, but should not be shrunk. The destination can send an acknowledgment at any time as long as it does not result in a shrinking window. The receiver can temporarily shut down the window; the sender, however, can always send a segment of one byte after the window is shut down. To prevent deadlock by proving

Data Flow and Flow Control Feedbacks in TCP

An example of flow control

Example 15.2 Following figure shows the reason for the mandate in window shrinking. Part a of the figure shows values of last acknowledgment and rwnd. Part b shows the situation in which the sender has sent bytes 206 to 214. Bytes 206 to 209 are acknowledged and purged. The new advertisement, however, defines the new value of rwnd as 4, in which 210 + 4 < 206 + 12. When the send window shrinks, it creates a problem: byte 214 which has been already sent is outside the window. The relation discussed before forces the receiver to maintain the right-hand wall of the window to be as shown in part a because the receiver does not know which of the bytes 210 to 217 has already been sent. One way to prevent this situation is to let the receiver postpone its feedback until enough buffer locations are available in its window. In other words, the receiver should wait until more bytes are consumed by its process.

Example 15.2 (cont’d)

15.8 Error Control TCP is a reliable transport layer protocol Application program that delivers a stream of data to TCP relies on TCP to deliver the entire stream to the application program on the other end in order, without error, and without any part lost or duplicated. Error control in TCP is achieved through the use of three tools Checksum Acknowledgment Time-Out

Normal Operation

Lost Segment

Fast Retransmission

Lost Acknowledgment

Lost Acknowledgment Corrected by Resending a Segment Lost acknowledgments may create deadlock if they are not properly handled.

15.9 Congestion Control Congestion in a network may occur if the load on the network is greater than the capacity of the network Congestion control refers to the mechanism and techniques to control the congestion and keep the load below the capacity Congestion in a network or internetwork occurs because routers and switches have queues.

Congestion Control (cont’d) Congestion window Today, TCP protocols include that the sender’s window size is not only determined by the receiver but also by congestion in the network Actual window size = minimum (rwnd, cwnd)

Slow Start, Exponential Increase

Congestion Control (cont’d) In the slow start algorithm, the size of the congestion window increases exponentially until it reaches a threshold. Start  cwnd = 1 After 1 RTT  cwnd = 1 x 2 = 2  21 After 2 RTT  cwnd = 2 x 2 = 4  22 After 3 RTT  cwnd = 4 x 2 = 8  23

Congestion Avoidance, Additive Increase When the size of the congestion window reaches the slow start threshold, in the congestion avoidance algorithm, the size of the congestion window increases additively until congestion is detected

Congestion Avoidance, Additive Increase

Congestion Detection : Multiplicative Decrease Most implementations react differently to congestion detection: If detection is by time-out, a new slow start phase starts. If detection is by three ACKs, a new congestion avoidance phase starts.

TCP Congestion Policy Summary

Congestion Example

TCP Timers To perform its operation smoothly, most TCP implementations uses at least four timers

TCP Timers (cont’d) Round Trip Time(RTT) To calculate the retransmission(RTO), we first need to calculate the round-trip time(RTT) In TCP, there can be only one RTT measurement in progress at any time Measured RTT (RTTM) : how long it takes to send a segment and receive an acknowledgment of it.

TCP Timers (cont’d) Smoothed RTT (RTTS) : Weighted average of RTTM and previous RTTS Original  No Value After first measurement  RTTS = RTTM After any other measurement  RTTS = (1- ) RTTS +  · RTTM The value of  is implementation-dependent, but it is normally set to 1/8

TCP Timers (cont’d) RTT Deviation (RTTD) Original  No Value After first measurement  RTTD = RTTM/2 After any other measurement  RTTD = (1- ) RTTD +  · l RTTS – RTTM I * The value of  is also implementation dependent, but is it is usually is sent to ¼.

TCP Timers (cont’d) Retransmission Timeout (RTO) Original  Initial Value After any measurement  RTO = RTTS + 4 RTTD

Example 15.3 (cont’d) Let us give a hypothetical example. Figure 15.39 shows part of a connection. The figure shows the connection establishment and part of the data transfer phases. 1. When the SYN segment is sent, there is no value for RTTM, RTTS, or RTTD. The value of RTO is set to 6.00 seconds. The following shows the value of these variable at this moment: 2. When the SYN+ACK segment arrives, RTTM is measured and is equal to 1.5 seconds.

Example 15.3 (cont’d) 3. When the first data segment is sent, a new RTT measurement starts. No RTT measurement starts for the second data segment because a measurement is already in progress. The arrival of the last ACK segment is used to calculate the next value of RTTM. Although the last ACK segment acknowledges both data segments (cumulative), its arrival finalizes the value of RTTM for the first segment. The values of these variables are now as shown below.

Example 15.3 (cont’d)

TCP Timers (cont’d) Persistence Timer When acknowledgment with non-zero window size after zero window size is lost, to correct deadlock, TCP uses a persistence timer for each connection When the sending TCP receives an acknowledgment with a window size of zero, the persistence timer is started When persistence timer goes off, the sending TCP sends a special segment called a probe The probe alerts the receiving TCP that the acknowledgment was lost and should be resent. If a response is not received, the sender continues sending the probe segments and doubling, and resetting the value of the persistence timer until the value reaches a threshold (usually 60 seconds). After that sender sends one probe segment every 60s until the window is reopened.

TCP Timers (cont’d) KeepaliveTimer TIME-WAIT Timer Used to prevent a long idle connection between two TCPs. Each time the server hears from a client, it resets this timer. Time-out is usually 2 hours. After 2 hours, sending 10 probes to client (each 75 secs), then terminates connection. TIME-WAIT Timer The time-wait timer is used during connection termination.

15.11 Options The TCP header can have up to 40 bytes of optional information We can define two categories of options 1-byte option End of option List No operation Multiple-byte option Maximum segment size Window scale factor Timestamp SACK-permitted SACK

Options (cont’d)

EOP can be used only once End-of-option option End of option (EOP) After this option, the receiver looks for the payload data EOP option imparts 2 pieces of information to the destination No more options in the header Data from the application program starts at the beginning of the next 32-bit word EOP can be used only once

NOP can be used more than once No-operation option No Operation Is One-byte option used as a filler NOP can be used more than once

Maximum segment size (MSS) Defining the size of the biggest unit of data that can be received by the destination of the TCP segment In spite of its name, defining the maximum size of the data, not the maximum size of the segment Value of 0 to 65,535 bytes : default is 536 To be determined during the connection establishment phase by the destination of the segment Used only in the segments that make the connections. Not used in the segments during data transfer

Window-scale-factor option defining the size of the sliding window new window size = window size defined in the header x 2 window scale factor Determined in phase of the connection setup The largest value of scale factor allowed by TCP/IP is 14. The value of the window scale factor can be determined only during connection establishment; it does not change during the connection

Timestamp option Timestamp 10-byte option The end with the active open announces a timestamps in the connection request segment (SYN Segment) If it receives a timestamp in the next segment (SYN + ACK) from the other end, it is allowed to use the timestamp.

Example 15.5 Following figure shows an example that calculates the round-trip time for one end. Everything must be flipped if we want to calculate the RTT for the other end.

Example 15.5 (cont’d)

SACK SACK-permitted and SACK Options SACK-permitted option is used only during connection established with SYN segment and SYN + ACK segment. SACK-permitted option is not allowed during the data transfer phase. Used to show that the host can support the SACK option. SACK Option is used during data transfer only if both ends agree The option includes a list for blocks arriving out-of-order.

SACK (cont’d)

Example 15.6 Let us see how the SACK option is used to list out-of-order blocks. In Figure 15.49 an end has received five segments of data.

Example 15.7 Following figure shows how a duplicate segment can be detected with a combination of ACK and SACK. In this case, we have some out-of-order segments (in one block) and one duplicate segment. To show both out-of-order and duplicate data, SACK uses the first block, in this case, to show the duplicate data and other blocks to show out-of-order data. Note that only the first block can be used for duplicate data. The natural question is how the sender, when it receives these ACK and SACK values, knows that the first block is for duplicate data (compare this example with the previous example). The answer is that the bytes in the first block are already acknowledged in the ACK field; therefore, this block must be a duplicate.

Example 15.7 (cont’d)

Example 15.8 Figure 15.51 shows what happens if one of the segments in the out-of-order section is also duplicated. In this example, one of the segments (4001:5000) is duplicated. The SACK option announces this duplicate data first and then the out-of-order block. This time, however, the duplicated block is not yet acknowledged by ACK, but because it is part of the out-of-order block (4001:5000 is part of 4001:6000), it is understood by the sender that it defines the duplicate data.

Example 15.8 (cont’d)

15.12 TCP Package A TCP package involving a table called Transmission Control Blocks, a set of timers, and three software modules: main module, input processing module, output processing module.

TCP Package (cont’d)

TCP Package (cont’d) Transmission Control Block (TCBs) To control the connection, TCP uses a structure to hold information about each connection. TCP keeps an array of TCBs in the form of a table

TCP Package (cont’d) State : defining the state of the connection according to the state transition diagram Process : defining the process using this connection at this machine as a client or a server Local IP address : defining the IP address of the local machine used by this connection Local port number : defining the local port number used by this connection Remote IP address Remote port address Interface : defining the local interface Local window : holding information about the window at the local TCP Remote window

TCP Package (cont’d) Sending sequence number Receiving sequence number Sending ACK number Time-out values : retransmission time-out, persistence time-out, keepalive time-out, and so on Round-trip time Buffer size : defining the size of the buffer at the local TCP Buffer pointer : pointer to buffer where the receiving data is kept until is read by the application

TCP Main Module The main module is invoked by an arrived TCP segment, a time-out, or a message from an application program

TCP Main Module (Cont’d)

TCP Main Module (Cont’d)

TCP Main Module (Cont’d)

TCP Main Module (Cont’d)

TCP Main Module (Cont’d)

TCP Main Module (Cont’d)

TCP Main Module (Cont’d)

TCP Main Module (Cont’d)

TCP Package (cont’d) Input processing module Output processing module handles all the details needed to process data or acknowledgment received when TCP is in the ESTABLISHED state sends an ACK if needed, takes care of the window size, does error checking, and so on Output processing module handles all the details needed to send out data received from application program when TCP is in the ESTABLISHED state handles retransmission time-outs, persistent time-outs, and so on

Summary (1/4) Transmission Control Protocol (TCP) is one of the transport layer protocols in the TCP/IP protocol suite. TCP provides process-to-process, full-duplex, and connection-oriented service. The unit of data transfer between two devices using TCP software is called a segment; it has 20 to 60 bytes of header, followed by data from the application program. A TCP connection consists of three phases: connection establishment, data transfer, and connection termination. Connection establishment requires three-way handshaking; connection termination requires three- or four-way handshaking. TCP software is normally implemented as a finite state machine. (FSM)

Summary (2/4) TCP uses flow control, implement as a sliding window mechanism, to avoid overwhelming a receiver with data. The TCP window size is determined by the receiver-advertised window size (rwnd) or the congestion window size (cwnd), whichever is smaller. The window can be opened or closed by the receiver, but should not be shrunk. The bytes of data being transferred in each connection are numbered by TCP. The numbering starts with a randomly generated number. TCP uses error control to provide a reliable service. Error control is handled by the checksum, acknowledgement, and time-out. Corrupted and lost segments are retransmitted and duplicate segments are discarded. Data may arrive out of order and temporarily stored by the receiving TCP, but TCP guarantees that no out-of-order segment is delivered to the process. In modern implementations, a retransmission occurs if the retransmission timer expires or three duplicate ACK segments have arrived.

Summary (3/4) TCP uses congestion control to avoid and detect congestion in the network. The slow start (exponential increase), congestion avoidance (additive increase), and congestion detection (multiplicative decrease) strategies are used for congestion control. In the slow start algorithm the size of the congestion window increases exponentially until it reaches a threshold. In the congestion avoidance algorithm the size of the congestion window increases additively until congestion is detected. Different TCP implementations react differently to congestion detection: If detection is by time-out, a new slow start phase starts. If detection is by three ACKs, a new congestion avoidance phase starts. TCP uses four timers (retransmission, persistence, keepalive, and time-waited) in its operation. In TCP, there can be only be one RTT measurement in progress at any time. TCP does not consider the RTT of a retransmitted segment in its calculation of an RTT.

Summary (4/4) TCP uses options to provide more services. The maximum segment size option is used in connection setup to define the largest allowable data segment. The value of MSS is determined during connection establishment and does not change during the connection. The window scale factor is a multiplier that increases the window size. The timestamp option shows how much time it takes for data to travel between sender and receiver. One application of timestamp option is in the calculation of round trip time (RTT).

Q/A