1. 1 © 2004, Cisco Systems, Inc. All rights reserved. CCNA 2 v3.1 Module 10 Intermediate TCP/IP

2. Objectives

3. TCP Operation The transport layer is responsible for the reliable transport of and regulation of data flow from source to destination.

4. Synchronization or Three-Way Handshake TCP is connection oriented Communicating hosts go through a synchronization process to establish a virtual connection. This synchronization process insures that both sides are ready for data transmission and allows the devices to determine the initial sequence numbers.

5. Denial-of-Service Attacks 1.Hacker initiates a SYN but spoofs the source IP address. 2.Target replies to the unreachable IP address and waits for final ACK. 3.Hackers floods target with false SYN requests tying up its connection resources, preventing it from responding to legitimate connection requests.

6. TCP Sequence and Acknowledgment Numbers

7. Positive ACK Acknowledgement is a common step in the synchronization process which includes sliding windows and data sequencing.

8. Sequence and ACK numbers Each TCP segment is numbered before transmission so that the receiver will be able to properly reassemble the bytes _____________________. They also identify missing data pieces so the sender can ____________ them. Only the _________________ need to be re-transmitted. Positive Acknowledgement and Retransmission TCP utilizes PAR to control data flow and confirm data delivery. Source sends packet, starts timer, and waits for _____. If timer expires before source receives ACK,source __________________ and ______________. in their original order retransmit missing segments ACK retransmits packet re-starts timer

9. Acknowledgements

10. Windowing is the number of data segments the transmitting machine is allowed to send without receiving an acknowledgment for them Flow control is used to control the data flow between the connection. If for any reason one of the two hosts are unable to keep up with the data transfer, it is able to send special signals to the other end, asking it to either stop or slow down so it can keep up. Flow Control

11. TCP Sliding Window

12. Sliding window refers to the fact that the window size is negotiated ___________ during the TCP session. _______________ determines the amount of data that you can transmit before receiving an acknowledgment. Windowing and Window Size If the source receives no acknowledgment, it knows to retransmit at a ________ rate. Window size dynamically slower Expectational acknowledgment means that the acknowledgment number refers to the octet that is ______________. next expected Fast enough for you? I didn’t get all of that, slow down.

13. TCP Segment Format Number of the calling port Number of the called portUsed to ensure correct sequencing of the arriving data Next expected Segment Number of 32-bit words in the header set to zero Control setup and termination of session Number of octets sender is willing to accept Indicates the end of the urgent data Upper layer protocol data

14. Protocol Graph: TCP/IP

15. TCP and UDP: 1.TCP enables connection-oriented, ________ transmission. TCP is used by ________________________ 2. 3.UDP provides, ______________ non-guaranteed transmission. UDP is used by __________________________. Applications that do not need guaranteed delivery use the faster UDP. UDP has no windowing or acknowledgments, or error detection. FTP, HTTP, SMTP, and DNS. reliable connectionless DNS, TFTP, SNMP, and DHCP UDP

16. UDP Segment Format  0 – 15  16 - 31  31 - 47  48 – 63  64  Source PortDestination PortLengthChecksumData… Optional - used only if reply is expected Specifies the application/protocol to which UDP needs to pass the data Number of octets in the UDP segment Ensure that the data has not been damaged during transmission

17. Port Numbers and Socket

18. Port Numbers

19. Telnet Port Numbers

20. Ports for Clients Whenever a client connects to a service on a server, a source and destination port must be specified. TCP and UDP segments contain fields for source and destination ports.

21. 1.1. Client requests a web page from server Destination Port Source Port Ports for Clients The port number combines with the network address to form a socket. Destination ports (services) are normally defined using the well-known ports. Source ports set by the client are determined dynamically. Usually source ports are randomly assigned a number above 1023. 80 1032 Port numbers are 16-bit values ranging from 0 to 65535. This range is divided into three different categories: 1032 2. Server responds to client 1.Below 1023 are well-known ports. 2.1024 to 49151 are registered ports ( used by ordinary user processes). 3.Between 49152 and 65535 are defined as dynamic or private ports.

22. Port Numbering and Well-Known Port Numbers Port numbers are divided into three different categories: 1.Well-known ports 2.Registered ports 3.Dynamic or private ports

23. 10.Port numbers in the range of _____ - _____ are controlled by ICANN. 5.TCP/IP associate ______ at the transport layer with certain applications. 4.The _________________ field determines which service the source is requesting. 3.Ports ensure packets reach the ______________________ on the server. 2.__________ work as source and destination addresses for TCP segments. 1.Both _____ and _____ use port or socket numbers. 9. Source port numbers are dynamically assigned by the originating host, and are usually a number larger than _____. 8.Port numbers have the following assigned ranges:  Below 255 are reserved for ___________________.  From ___ - ____ assigned to companies for marketable applications.  Above 1023 are ____________. 7.Conversations that do not involve applications with well-known ports are assigned ports __________ selected from a specific range. 6.Software developers have agreed on ____________ ports, for example:  a packet bound for an FTP server would use port ___. TCPUDP Port Nos. appropriate service destination port ports well-known 21 randomly public applications 2551023 unregulated 1023 0 Overview of Transport Layer Ports

24. Reserved TCP and UDP Ports for Services PortKey WordDescription 0Reserved 1-4Unassigned 5RJERemote Job Entry 7ECHOEcho 9DISCARDDiscard 11USERActive Users 13DAYTIMEDaytime 15NETSTATWho is UP on NETSTAT 17QUOTEQuote of the Day 19CHARGENCharacter generator 20FTP-DATAFTP – Data channel 21 23 25 37TIMETime of day 39RLPResource Location 42NAMESERVERHost Name Server 43NICNAMEWho is… 53 PortKey WordDescription 67BOOTPSBOOTP Server 68BOOTPCBOOTP Client 69 75Any private Dial-out 77Any private RJE service 79FINGERFinger 80 95SUPDUPSUPDUP Protocol 101HOSTNAMENIC Host name server 102ISO-TSAP 110 113AUTHAuthentication Service 117UUCP-PATHUUCP Path Service 123NTPNetwork Time Protocol 133-159Unassigned 160-223Reserved 161 224-241Unassigned 242-255Unassigned TELNET Terminal connection SMTP Simple Mail Transfer HTTP Hyper-Text Transfer

25. Reserved TCP and UDP Port Numbers

26. Summary