UDP protocol.

advantages

  • No connection is required.
  • Stateless connections. TCP needs to maintain the connection state.
  • Small group header overhead. The TCP header is 20 bytes and the UDP header is 8 bytes.
  • UDP has no congestion control and is suitable for real-time applications. Data loss is allowed with low latency.

Minimum transmission unit

  • Message. One indivisible packet is delivered at a time.

UDP header format

  • Source port
  • Destination port
  • The length of the
  • The checksum

TCP protocol

The characteristics of

  • Connection-oriented transport layer protocol

  • Each TCP protocol can only be point-to-point. (Cannot broadcast, multicast)

  • TCP provides reliable delivery services, ensuring that data is transmitted without error, loss, duplication, and order. (Reliable and orderly, no loss, no weight)

  • TCP provides full-duplex communication. Both ends of the TCP connection are equipped with send cache and receive cache to temporarily store the data of two-way communication.

    • The sending cache stores: (1) The sending application sends the data to the sender TCP to be sent. ② The TCP data has been sent but has not been acknowledged.
    • The receive cache stores: ① Data that arrives on demand but has not yet been read by the receiving application. ② The data arrives out of order.

  • TCP is byte stream oriented. While the application interacts with TCP one block at a time (varying in size), TCP sees the data delivered by the application as a series of unstructured characters.

Transfer data unit

Message segment.

A TCP packet segment consists of: ①TCP header; (2) the TCP data.

TCP header field

  1. Source port and destination port fields. 2 bytes each. A port is a service interface between the transport layer and the application layer. The multiplexing and splitting functions of the transport layer are realized through ports.

  2. Sequence number field. 4 bytes. TCP is byte stream oriented. Each byte in the data stream transmitted in a TCP connection is numbered. The value of the ordinal field refers to the ordinal number of the first byte of the data sent in this text segment.

  3. Confirmation number field. 4 bytes. The sequence number of the first byte of the next segment data expected to be received from the peer. Confirmation number =N indicates that all data has been received correctly until n-1 is required.

  4. Data offset (the header length). Of four.

  5. Reserved fields. Account for six. Reserve it for future use.

  6. Emergency URG. The emergency pointer field is valid when URG=1. Tells the system that there is urgent data in this segment and should be transmitted as soon as possible. URG needs to be used in conjunction with the emergency pointer. Data from the first byte to the byte indicated by the emergency pointer is emergency data.

  7. Confirm the ACK bit. The confirmation number field is valid only if ACK=1. When ACK=0, the confirmation number is invalid. TCP states that after a connection is established, all segments sent must have an ACK of 1.

  8. Push bit PSH. If PSH=1 is received, TCP should deliver the segment to the receiving application process as soon as possible. Instead of waiting until the entire cache is full and then delivering up.

  9. Reset bit RST. When RST=1, it indicates that there has been a serious error in the TCP connection (such as a host crash or other cause) and that the connection must be released before the transport connection is re-established.

  10. The synchronization bit is SYN. SYN=1 indicates that this is a connection request packet or a connection receive packet.

    When SYN=1 and ACK=0, the packet is a connection request packet. If the peer agrees to set up a connection, SYN=1 and ACK=1 are used in the response packet.

  11. The termination bit is FIN. Use to release a connection. FIN=1 indicates that the sender of this segment has completed sending data and requires the release of the transmission connection.

  12. Window fields. It’s 2 bytes. Is now allowed to send the amount of data, in bytes.

  13. And test. It’s 2 bytes. The scope of inspection includes the header and the data.

  14. Emergency pointer field. 16. Indicate the number of bytes of urgent data in the article.

  15. Option field. Variable length. TCP initially specified only one option, the maximum segment length MSS. MSS is the maximum length of a data field in a TCP packet segment.

  16. Fill in the fields. In order for the entire header length to be an integer multiple of 4 bytes.

TCP Connection Management

TCP is a connection-oriented protocol. Therefore, each TCP connection has three phases: connection establishment, data transfer, and connection release. TCP connection management is to ensure that the establishment and release of transport connections can be normal.

During the establishment of a TCP connection, the following problems must be solved:

  1. So that each side is clearly aware of the other;
  2. Allow both parties to negotiate parameters such as maximum window value, whether to use window expansion options, timestamp options, quality of service, and so on;
  3. The ability to allocate transport entity resources such as cache size, items in join tables, and so on.

Each TCP connection has two endpoints. The endpoint of a TCP connection is not the host, the IP address of the host, the application process, or the transport layer protocol interface. The port of a TCP connection is called a socket or socket. A socket is a port spliced to an IP address.

Each TCP connection is uniquely identified by two endpoints (that is, two sockets) at both ends of the communication.

TCP connections are established in client/server mode.

  • Client: an application process that initiates the connection.
  • Server: An application process that waits passively for a connection to be established.

TCP connection establishment – three-way handshake

The procedure for establishing a connection is as follows:

  1. The client’S TCP first sends a connection request segment to the server’s TCP.

    This special segment does not contain application-layer data, and the SYN flag bit in the header is set to 1. In addition, the client randomly selects a start sequence number seq=x (connection request packets do not carry data, but consume an sequence number).

  2. After the server’s TCP receives the connection request segment, if it agrees to establish a connection, it sends an acknowledgement back to the client and assigns TCP cache and variables to the TCP connection.

    In the acknowledgment packet segment, the SYN and ACK bits are set to 1, the acknowledgment number field is x+1, and the server randomly generates the start sequence seq=y (the acknowledgment packet does not carry data, but consumes a sequence number). The confirmation segment also does not contain application-layer data.

  3. When the client receives the acknowledgement segment, it also acknowledges to the server and assigns cache and variables to the connection.

    The ACK flag bit of the acknowledgment segment is set to 1, seq=x+1, and ACK =y+1 in the acknowledgment field. The segment can carry data. If it does not carry data, no sequence number is consumed.

After successfully completing the above three steps, the TCP connection is established and application layer data can be transferred.

TCP provides full-duplex communication. Therefore, application processes on both sides of the communication can send data at any time.

Note: Server side resources are allocated on the second handshake, while client side resources are allocated upon completion of the third handshake. Therefore, the server is vulnerable to SYN flood attacks. (Solution: SYN cookie)

TCP connection release – four waves

Either of the two processes involved in a TCP connection can terminate the connection. The process is as follows:

  1. To close the connection, the client sends a connection release segment to its TCP, stops sending data again, and actively closes the TCP connection.

    The FIN flag bit of the packet is set to 1 and seq= U, which is equal to the sequence number of the last byte of the previously transmitted data plus 1 (even if the FIN packet segment does not carry data, it consumes a sequence number).

    TCP is full-duplex, that is, you can think of a TCP connection with two data paths. When an FIN packet segment is sent, the end that sends the FIN packet cannot send data. That is, one of the data paths is closed, but the other end can still send data.

  2. Upon receiving the connection release segment, the server sends an acknowledgement. Confirmation number ACK = U +1.

    The segment number seq=v, which is equal to the last byte number of the previously transmitted data plus 1.

    At this point, the client to server connection is released, and the TCP connection is half-closed.

    If the server sends data, the client still receives it, that is, the connection from the server to the client is not closed.

  3. If the server has no more data to send to the client, TCP is notified to release the connection.

    In this case, the server sends a connection release segment with FIN=1. Seq = w, ack = u + 1.

  4. Upon receiving the connection release segment, the client must issue an acknowledgement.

    In the acknowledgment segment, ACK field is set to 1, acknowledgment number ACK =w+1, serial number SEq = U +1.

    At this time, the TCP connection has not been released, and the connection can be closed only after the time set by the timer is 2MSL.

A brief summary of TCP connection establishment and release

  • A connection is established in three steps:

    • SYN=1, seq=x;
    • SYN=1, ACK=1, seq=y, ack=x+1;
    • ACK = 1, seq = x + 1, ACK = y + 1.

  • Connection release in four steps:

    • FIN=1, seq=u;
    • ACK=1, seq=v, ack=u+1;
    • FIN=1, ACK=1, seq=w, ack=u+1;
    • ACK = 1, seq = u + 1, ACK = w + 1.

TCP Reliable transmission

TCP provides reliable data transfer service purpose: ensure that the byte stream read by the receiving process from the cache is exactly the same as the byte stream sent by the sender.

TCP uses verification, sequence number, validation, and retransmission mechanisms to achieve this.

The serial number

The sequence number field in the TCP header ensures that data can be submitted to the application layer in an orderly manner.

TCP treats data as an unstructured but ordered byte stream, and the sequence number is based on the byte stream being transmitted, not on the segment.

In A TCP connection, each byte in the transmitted data stream is numbered. The value of the ordinal field is the ordinal number of the first byte of the data sent in this text segment.

confirm

The acknowledgement number of the TCP header is the sequence number of the first byte of the data in the next segment expected to be received from the peer. The sequence number of the first byte of the data that is expected to receive/from/the other party/in the next segment of the packet. The sender cache continues to store segments that have been sent but received no acknowledgement, so that they can be retransmitted if needed.

By default, TCP uses cumulative acknowledgment, which means TCP recognizes only the bytes in the data stream up to the first lost byte.

For example, receiver B receives packets numbered 0 to 2 and 6 to 7 from A but does not receive packets numbered 3 to 5. In this case, receiver B is still waiting for packets numbered 3 to 5. In this case, the acknowledgement number field of the next packet numbered B to A is 3.

The retransmission

There are two types of events that cause TCP to retransmit a segment: timeout and redundant ACK.

  1. timeout

    When TCP sends a segment, it sets a timer for the segment. If the retransmission time set by the timer expires but no acknowledgement is received, the packet is retransmitted.

  2. Redundant ACK (Redundant confirmation)

    One problem with timeout retransmission is that the timeout period is often too long. Fortunately, the sender can usually do a better job of detecting packet loss by noticing the redundant ACK before the timeout event occurs.

    Redundant ACK: Indicates an ACK to reconfirm a packet segment that the sender has already received.

    According to TCP, when a segment larger than the expected sequence number arrives, a redundant ACK is sent to indicate the sequence number of the next expected byte.

    According to TCP, when the sender receives three redundant ACK packets for the same packet segment, the packet segment following the acknowledged packet segment is considered lost. In this case, the lost segment can be retransmitted immediately. This technique is often referred to as fast retransmission.

TCP Flow Control

TCP provides a flow control service to eliminate the possibility that the sender will overflow the receiver’s cache, so flow control can be said to be a speed-matching service (matching the sender’s send rate and the receiver’s read rate).

TCP provides a flow control mechanism based on the sliding window protocol.

Implementation method:

  • In the process of communication, the receiver dynamically adjusts the sending window size of the sender according to the size of its own receiving cache, which isReceive window RWNDThat is, you can adjust the window field at the beginning of the TCP packet segment to limit the rate at which the sender injects packets into the network.
  • At the same time, the window determined by the sender based on its estimate of the current network congestion program is calledCongestion window CWND, its size is closely related to the bandwidth and latency of the network.
  • For example, in communication, valid data is sent only from A to B, and B only sends an acknowledgement packet to A. In this case, B can set the window field in the header of the acknowledgement packet to notify A of RWND. RWND is the maximum number of bytes a receiver can receive continuously. Sender A always limits the size of its sending window according to the latest RWND value received. In this way, the amount of unacknowledged data can be controlled within the RWND size, ensuring that A will not overflow the receiving cache of B. The actual size of the send window of A is the minimum in RWND and CWND.

TCP congestion control

Congestion control is to prevent excessive data injection into the network, so that the network routers or links do not overload.

When congestion occurs, the breakpoint does not know the details of the congestion, and for the breakpoint of communication connection, congestion is often shown as an increase in communication delay.

Congestion control is similar to flow control in that it is achieved by controlling the rate at which the sender sends data.

Difference between congestion control and flow control

Congestion control is a global process that involves all hosts, all routers, and all factors associated with degrading network traffic performance.

In contrast, flow control is often point-to-point traffic control, where the receiver controls the sender and all it has to do is to suppress the rate at which the sender sends data so that the receiver can receive it in time.

Windows required for congestion control

When determining the rate of sending packets, the sender must consider the receiving capability of the receiver and prevent network congestion globally. Therefore, the TCP protocol requires the maintenance of the following two Windows:

  • Receiving window RWND: The latest window value promised by the receiver based on the current receiving cache size, reflecting the capacity of the receiver. The sender is notified by the receiver according to the window field it puts in the header of the TCP packet.
  • Congestion window CWND: Indicates the window value set by the sender based on the estimated network congestion. It reflects the current capacity of the network. As long as the network is not congested, the congestion window is enlarged to allow more packets to be sent out. However, as long as the network is congested, the congestion window should be reduced to reduce the number of packets injected into the network.

The upper limit of the sending window should be the smaller of the receiving window RWND and the congestion window CWND, that is:

  • Send window upper limit = Min[RWND, CWND]

Note: The receiver always has a large enough cache space, so the size of the send window is determined by the congestion level of the network; that is, the send window can be equated to the congestion window.

Four algorithms for congestion control

  • Slow start
  • Congestion avoidance
  • Fast retransmission
  • Fast recovery
Start slowly and avoid congestion

  1. Slow start algorithm

    When the TCP is just connected and a new TCP segment is sent, the congestion window CWND =1, that is, a maximum segment length MSS. After each acknowledgement of a new segment is received, XWND is increased by 1, that is, an MSS is increased. By gradually increasing the CWND of the sender, the rate of packet injection into the network can be more reasonable.

    A to B to send data, for example, when sending A congestion window to 2, then A can send two TCP segment at A time, when after A RTT (also known as A transfer rounds), A receiving B for just two message confirmation, and then adjust the congestion window is 4, the next time you can send A send four segments.

    After the slow start algorithm is used, the CWND window doubles after each transmission round trip (i.e., round-trip delay RTT), that is, the CWND size increases exponentially. In this way, the slow start increases the CWND window to a specified slow start threshold ssthRES (threshold), and then the congestion avoidance algorithm is used.

  2. Congestion avoidance algorithm

    The congestion avoidance algorithm is: The congestion window CWND at the sender increases the size of an MSS every round trip delay RTT, instead of doubling, so that CWND grows slowly in a linear law (i.e., the addition increases) and when there is a timeout (network congestion), the slow start threshold SSthresh is equal to half of the current CWND (i.e., the multiplication decreases).

  • Different algorithms are performed according to the size of the CWND, which can be summarized as follows:

    • whencwnd < ssthresh, using the slow start algorithm;
    • whencwnd > ssthresh, stop using the slow start algorithm and use the congestion avoidance algorithm.
    • whencwnd = ssthresh, you can use either the slow start algorithm or the congestion avoidance algorithm (as is common).

  • Network congestion handling

    • When network congestion occurs, no matter in the slow start phase or congestion avoidance phase, as long as the sender detects the occurrence of timeout events (the acknowledgement is not received on time, the retransmission timer times out), the slow start threshold SSthRESH should be set to half of the sender’s CWND value when congestion occurs, but not less than 2. Then reset the congestion window CWND to 1 and perform the slow start algorithm. The goal is to quickly reduce the number of packets sent by the host to the network, giving the congested router enough time to clear the queue.

    • Congestion avoidance is not a complete way to avoid congestion. It is impossible to completely avoid network congestion with the above measures. Congestion avoidance refers to the control of the growth of the congestion window according to the linear law in the phase of congestion avoidance, so that the network is less prone to congestion.

      Note: In the slow start (exponential growth) stage, if 2* CWND > SSThRESH, then the CWND of the next RTT should be equal to SSThRESH, not 2* CWND, i.e. CWND cannot cross the SSthRESH value. In the figure above, for the 16th round, CWND =8. For the 17th round, CWND =12 instead of 16.

  • In the slow start and congestion avoidance algorithms, multiplication decrease and addition increase methods are used. Multiplication reduction means that the slow start threshold SSthresh is set to half of the current congestion window value once a timeout occurs (that is, network congestion is likely to occur), either in the slow start phase or in the congestion avoidance phase. When congestion occurs frequently on the network, the SSthRESH value decreases rapidly to greatly reduce the number of packets injected into the network. When the addition increases, the congestion window CWND is increased by an MSS after the implementation of the congestion avoidance algorithm and the acknowledgement of all packet segments is received (that is, after one RTT), so that the congestion window slowly increases to prevent premature network congestion.

Fast retransmission and fast recovery

  1. Fast retransmission

    In the previous section of TCP reliable Transport Mechanism, the fast retransmission technology uses redundant ACKS to detect the occurrence of packet loss. Similarly, redundant ACKS are used to detect network congestion (when a packet is lost, of course, it means that the network may be congested). Fast retransmission does not cancel the retransmission timer, but in some cases can retransmit lost segments earlier.

    When the sender receives three consecutive ACK packets, the sender directly retransmits the packet segment that has not been received without waiting for the timeout of the retransmission timer set for the packet segment.

  2. Fast recovery

    The principle of the fast recovery algorithm: When the sender receives three consecutive redundant ACK (i.e. repeated acknowledgement), the multiplicative reduction algorithm is executed, and the slow start threshold SSthRESH is set to half of the sender CWND when congestion occurs. Unlike the slow start (slow start algorithm sets the congestion window CWND to 1), it sets the value of CWND to the value changed by the slow start threshold SSthresh, and then executes the congestion avoidance algorithm (addition increase), making the congestion window slowly increase linearly.

    The slow start process of CWND starting from 1 is skipped, so it is called fast recovery.

Flow control & Congestion control summary

In flow control, the amount of data sent by the sender is determined by the receiver, while in congestion control, it is determined by the sender itself by detecting network conditions. In fact, the slow start, congestion avoidance algorithm, fast retransmission and fast recovery algorithms should be used in the congestion control mechanism at the same time. When the sender detects a timeout, the slow start and congestion avoidance algorithms should be used. When the sender receives a redundant ACK, the fast retransmission and fast recovery algorithms should be used.

The actual size of the sender window is determined by both flow control and congestion control.