Mô tả:
Important Concepts in
Computer Networking
Dr. Nguyen Tuan Nam
Sequence number (SEQ)
• Used in many protocols
• Stamped in the header of packet
• Purpose
– To distinguish between 2 packets from the
same host (ID, CMND)
– To put packets in correct order
• Example?
WNC 2010
2
TCP-Connection Establishment
• Client-Server
• 3-way handshake
• How many packets
Client
Server
Connection Request
(SYN=1; SEQ=client_seq)
needed to setup the
connection?
• SYN attack
– Half-open
connection
Connection Granted
(SYN=1; SEQ=server_seq,
ACK=client_seq + 1)
ACK
(SYN=0; SEQ=client_seq+1,
ACK=server_seq + 1)
• How to prevent SYN
attack
WNC 2010
3
TCP-Data Sending
• ACK for
Client
reliability
Server
Data
[SYN=0; SEQ=70;
Data (10bytes)]
• ACK can be
piggybacked
ACK=80
may contain Data
Data
[SYN=0; SEQ=80;
Data (20bytes)]
ACK=100
WNC 2010
4
TCP-Data Sending
• ACK missing
Client
Server
Data
[SYN=0; SEQ=70;
Data (10bytes)]
Timeout
ACK=80
Data
[SYN=0; SEQ=70;
Data (10bytes)]
ACK=80
WNC 2010
5
TCP-Cumulative ACK
• ACK the last
Client
in-order
byte of data
Server
SEQ=70; 10bytes of data
SEQ=80; 20bytes of data
ACK=80
ACK=100
SEQ=100; 10bytes of data
ACK=110
WNC 2010
6
TCP-Cumulative ACK
• Duplicate ACK?
Client
• Fast retransmit
– 3 duplicate ACK
– Retransmit
before timeout
– Why not 2?
– Cheating?
SEQ=70; 10b
SEQ=80;
Server
ytes of data
20bytes o
SEQ=100; 20
f data
bytes of data
ACK=80
ACK=80
WNC 2010
7
TCP-Closing
• Either side can
Client
end the
connection
Server
FIN
ACK
FIN
• Full-duplex
ACK
WNC 2010
8
IP-Fragment
• IP max size = 64KB
• Breaking up of single IP packet into 2 or more
IP packets of smaller size
– Transmission medium has limit on Maximum size of a
frame (MTU). Why?
– Possible to avoid Fragment? (size < 536 bytes à pkt
size ~ 512 bytes to 536 bytes)
• Where it can be fragmented?
– Source
– Intermediate Router
• Where fragments can be reassembled? Why?
WNC 2010
9
Example of IP Fragment
• Datagram of 3980 bytes
• MTU = 1500 bytes
• SEQ (ID) = 245
Fragment
Data Size
SEQ(ID)
Offset
Flag
1st
1480
bytes
245
0
1
(more fragment)
2nd
1480
bytes
245
1480
1
(more fragment)
3rd
1020
bytes
245
2960
0
(no more)
WNC 2010
10
IP-Fragment (cont.)
• Fragmentation bit: can be set to allow/not allow
•
•
•
•
fragmentation
If bit is set to “Don’t fragment” and packet size > MTU,
what happens?
Will all fragments go through same path?
Will all fragments arrive at destination in correct order?
How to determine the size of the original IP packet?
Multiple fragmentations if go through multiple links with
different MTUs
WNC 2010
11
Issues with IP Fragmentation
• CPU & Memory overhead
– Sender
– Receiver
• Fragment lost
– NFS datagram ~ 8500 bytes
– Ethernet MTU ~ 1500 bytes
– If link drops one in six packets à What is the odd that NFS data
can be transferred over this link?
• Firewall
– Layer 4 or up
– Non-initial fragment
WNC 2010
12
Avoiding IP Fragmentation
• TCP – MSS (Maximum Segment Size):
– Between 2 end hosts
– Packets still can be fragmented?
Client
Router
R2
Router
R1
Server
• PMTUD:
– ICMP - "Destination Unreachable“
– Support by TCP only
– ICMP may get dropped by routers/firewalls
WNC 2010
13
Big Picture (FTP example)
Client
Server
Image File (1KB) need to
send to server
512 bytes
512 bytes
TCP header
512 bytes
IP header
TCP header
512 bytes
IP header
TCP header
MAC header
Need to send to next
router R1
512 bytes
WNC 2010
R1
14
Big Picture (FTP example)
Client
Router
R1
Server
Need to send to next
router R2
MAC header
IP header
TCP header
512 bytes
IP header
TCP header
512 bytes
WNC 2010
R2
15
Big Picture (FTP example)
Client
Router
R2
Server
Need to send to Server
MAC header
IP header
TCP header
512 bytes
IP header
TCP header
512 bytes
WNC 2010
Server
16
Big Picture (FTP example)
Client
Server
512 bytes
TCP header
MAC header
512 bytes
IP header
TCP header
512 bytes
IP header
TCP header
512 bytes
WNC 2010
17
Quiz
• If at data link layer, MTU = 512 bytes
– Should FTP application use an FTP packet size
of 512 bytes?
WNC 2010
18
Path MTU Discovery (IP)
• Path MTU = smallest MTU of any of the IP hops
of the path between a source and destination
• How it work?
– Set DF bit in the IP header as “Don’t fragment”
– Wait for ICMP error message (Datagram too big)
– Reduce the IP packet size and repeat
– Trial-and-error
WNC 2010
19
Comparison between Client-Server
vs. Peer-to-Peer models
• Maintenance
• Security
• Updating data
• Traffic/bandwidth
• Robustness (single point of failure)
• Copyrighted materials control
WNC 2010
20
- Xem thêm -