Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Tcp udp


Published on

slides about network montoring and ethical hacking
By : Dr.Ahmad Manasrah

Published in: Education
  • Be the first to comment

Tcp udp

  1. 1. Yarmouk University – Faculty of Information Technology and CS Computer Science Department Transport Layer
  2. 2. 23-2 USER DATAGRAM PROTOCOL (UDP) The User Datagram Protocol (UDP) is called a connectionless, unreliable transport protocol. It does not add anything to the services of IP except to provide process-to-process communication instead of host-to-host 23.2 communication.
  3. 3. 23.3 Table 23.1 Well-known ports used with UDP
  4. 4. Figure 23.9 User datagram format 23.4
  5. 5. 23.5 UDP length = IP length – IP header’s length Note
  6. 6. 23-3 TCP TCP is a connection-oriented protocol; it creates a virtual connection between two TCPs to send data. In addition, TCP uses flow and error control mechanisms at the transport level. 23.6
  7. 7. 23.7 Table 23.2 Well-known ports used by TCP
  8. 8. 23.8 The bytes of data being transferred in each connection are numbered by TCP. The numbering starts with a randomly generated number. USING sequence number and the acknowledgment number FIELDS. These two fields refer to the byte number and not the segment number. Note
  9. 9. Figure 23.16 TCP segment format 23.9
  10. 10. Field Description Source port address. This is a 16-bit Destination port address This is a 16-bit field Sequence number This 32-bit field defines the number assigned to the first byte of data contained in this segment. Acknowledgment number This 32-bit field defines the byte number that the receiver of the segment is expecting to receive from the other party. If the receiver of the segment has successfully received byte number x from the other party, it defines x + I as the acknowledgment number. Header length This 4-bit field indicates the number of 4-byte words in the TCP Header. The length of the header can be between 20 and 60 bytes. Therefore, the value of this field can be between 5 (5 x 4 =20) and 15 (15 x 4 =60). Reserved This is a 6-bit field reserved for future use Control This field defines 6 different control bits or flags Window size This field defines the size of the window, in bytes, that the other party must maintain. Note that the length of this field is 16 bits, which means that the maximum size of the window is 65,535 bytes. This value is normally referred to as the receiving window (rwnd) and is determined by the receiver. Checksum This 16-bit field Urgent pointer •This l6-bit field, which is valid only if the urgent flag is set, is used when the segment contains urgent data. It defines the number that must be added to the sequence number to obtain the number of the last urgent byte in the data section of the segment Options There can be up to 40 bytes of optional information in the TCP header
  11. 11. Figure 23.17 Control field 23.11 These bits enable flow control, connection establishment and termination, connection abortion, and the mode of data transfer in TCP.
  12. 12. 23.12 Table 23.3 Description of flags in the control field
  13. 13. Connection establishment using three-way handshaking Random With the connection now established, the client will send data whose first byte will be given sequence number 4,568. The server's first byte of data will be numbered 12,999.
  14. 14. Connection establishment using three-way handshaking
  15. 15. Figure 23.18 Connection establishment using three-way handshaking 23.15
  16. 16. Note • A SYN segment cannot carry data, but it consumes one sequence number. • A SYN + ACK segment cannot carry data, but does consume one sequence number. • An ACK segment, if carrying no data, consumes no sequence number. 23.16
  17. 17. simultaneous Connection establishment using three-way handshaking It will not require a 3rd ACK segments. It will be handled in 2 way handshake
  18. 18. Figure 23.19 Data transfer 23.18
  19. 19. Connection termination using three-way handshaking 23.19
  20. 20. Note • The FIN segment consumes one sequence number if it not carry data. • The FIN + ACK segment consumes one sequence number if it does not carry data. 23.20
  21. 21. Simultaneous Connection termination
  22. 22. Connection termination using Half-close Four-way handshaking
  23. 23. Connection termination using Half-close Four-way handshaking
  24. 24. Connection termination using Half-close Four-way handshaking 23.24 One End can stop sending data while receiving data. And normally issued by the CLIENT The termination can be only for the outbound connection (i.e. Sorting) for the client (requester) and the server can terminate the inbound connection and maintain the outbound Request for the termination but the 3rd way is not initiated yet. Until the server finishes the processing and send a FIN back to the client. In the half closed connection, the client closes outbound, thus cannot send out data only ACK. And server closes inbound connection, thus he still can send data if needed.
  25. 25. Note • ACK segments do not consume sequence numbers and are not acknowledged. • Data may arrive out of order and be temporarily stored by the receiving TCP, but TCP guarantees that no out-of-order segment is delivered to the process. 23.25
  26. 26. Figure 23.24 Normal operation 23.26
  27. 27. Figure 23.25 Lost segment 23.27
  28. 28. 23.28 The receiver TCP delivers only ordered data to the process. Note