Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

6 app-tcp

2,241 views

Published on

Computer Networking : Principles, Protocols and Practice, 6th lesson : Internet applications and transport layer

Published in: Engineering
  • Be the first to comment

6 app-tcp

  1. 1. Week 6 Internet applications UDP and TCP
  2. 2. Agenda • Internet applications • DNS • Email • Web • UDP • TCP
  3. 3. DNS messages Each DNS request contains a number that will be returned in the response by the server to allow the client to match the request. 32 bits Identification Flags 12 bytes Number of questions Number of answers Number of authority Number of additional Questions (variable number of resource records) Answers (variable number of resource records) Authority (variable number of resource records) Additional information (variable number of resource records) lQuestion/Response lRecursive question or not lAuthoritative answer or not lPossible error
  4. 4. Examples • Wireshark packet traces • openDNS resovers • 8.8.8.8 • 2001:4860:4860::8888
  5. 5. dig dig www.ietf.org @2001:4860:4860::8888 ; <<>> DiG 9.8.3-P1 <<>> www.ietf.org @2001:4860:4860::8888 ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36945 ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.ietf.org. IN A ;; ANSWER SECTION: www.ietf.org. 1441 IN CNAME www.ietf.org.cdn.cloudflare.net. www.ietf.org.cdn.cloudflare.net. 43 IN A 104.20.1.85 www.ietf.org.cdn.cloudflare.net. 43 IN A 104.20.0.85 ;; Query time: 39 msec ;; SERVER: 2001:4860:4860::8888#53(2001:4860:4860::8888) ;; WHEN: Tue Oct 21 09:16:50 2014
  6. 6. dig • Packets exchanged sudo tcpdump -n -i en4 -vv udp port 53 tcpdump: listening on en4, link-type EN10MB (Ethernet), capture size 262144 bytes 09:16:50.749400 IP6 (flowlabel 0x8ea5d, hlim 64, next-header UDP (17) payload length: 38) 2001:6a8:3080:2:2908:3cb4:bbb4:ae0e.56551 > 2001:4860:4860::8888.53: [bad udp cksum 0x602c -> 0x0ffa!] 36945+ A? www.ietf.org. (30) 09:16:50.769351 IP6 (hlim 55, next-header UDP (17) payload length: 115) 2001:4860:4860::8888.53 > 2001:6a8:3080:2:2908:3cb4:bbb4:ae0e.56551: [udp sum ok] 36945 q: A? www.ietf.org. 3/0/0 www.ietf.org. CNAME www.ietf.org.cdn.cloudflare.net., www.ietf.org.cdn.cloudflare.net. A 104.20.1.85, www.ietf.org.cdn.cloudflare.net. A 104.20.0.85 (107)
  7. 7. wireshark
  8. 8. wireshark
  9. 9. DNS spoofing attack • What is this attack ? • How to counter it ?
  10. 10. Agenda • Internet applications • DNS • Email • Web • UDP • TCP
  11. 11. MIME • Multipurpose Internet Mail Extensions • Constraints • must remain compatible with old email servers • short US-ASCII Lines • must support non-English text • must support various formats • must allow to transmit audio, video, ..
  12. 12. MIME (2) • New header fields • MIME-Version: • version of MIME used to encode message • Content-Description: • comment describing the content of the message • Content-Type: • type of information inside message • Content-Transfer-Encoding: • how the message has been encoded • Content-Id: • unique identifier for the content
  13. 13. MIME: Content-Type • Content-Type : type/encoding • type of content • text, image, video, application • multipart • encoding of content • text/plain , text/html, image/gif, image/jpeg , audio/basic, video/mpeg, video/quicktime, application/octet-stream, application/postscript • multipart/alternative, multipart/mixed • attachment
  14. 14. Character sets l How to support rich character sets ? • Content-Type: text/plain; charset=us-ascii • Content-Type: text/plain; charset=iso-8859-1 • Character set suitable for Western European languages, defined by ISO, 8 bits per character • Content-Type: text/plain; charset=unicode • Universal character set
  15. 15. Content encoding • How to encode non-text data ? • Base64 • Base64 • uses ASCII characters A...Z,a...z,0...9, "+" et "/" • A=0, B=1, C=2, ... +=62 et /=63 • Each character is used to encode 6 bits • 24 bits from initial message -> 4 ASCII characters • Special character “=” used for padding
  16. 16. Multipart/mixed Date: Mon, 20 Sep 1999 16:33:16 +0200 From: Nathaniel Borenstein <nsb@bellcore.com> To: Ned Freed <ned@innosoft.com> Subject: Test MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="simple boundary" preamble, to be ignored --simple boundary Content-Type: text/plain; charset=us-ascii partie 1 --simple boundary Content-Type: text/plain; charset=us-ascii partie 2 --simple boundary
  17. 17. Agenda • Internet applications • DNS • Email • Web • UDP • TCP
  18. 18. HTTP Client Server Request Method Header CRLF MIME Document Method GET lPOST l... Header contains additional information about request sent by client Response Status line Header CRLF MIME Document Header contains information about server and optional parameters specific to response Success or failure HTTP is a stateless protocol, server does not maintain any state from one request to another
  19. 19. HTTP/1.0 • HTTP 1.0 - non-persistent connection Client Server CONNECT.request CONNECT.indication CONNECT.confirm CONNECT.response DATA.request(Request) DATA.ind(Request) DATA.req(Response) DATA.ind(Response) DISCONNECT.ind DISCONNECT.req DISCONNECT.req DISCONNECT.ind
  20. 20. HTTP : Methods • Methods • GET • method used to request a "document" stored on server • GET <document> HTTP/1.0 • POST • method used to send a "document" to a server • document is part of the request and encoded as a MIME document
  21. 21. Request headers • Host: <name> • Name of the server where the document is stored • Authorization • allows to perform access control • If-Modified-Since: <date> • server will only send if more recent than date • Referer: <url> • URL visited by the client before this request • User-Agent: <agent> • client’s browser
  22. 22. HTTP : Status line • Format : Version_HTTP Code Comment • Success/Failure • 2xx : Success • Example : HTTP/1.0 200 OK • 3xx : Redirection • 4xx : Client-side error • 5xx : Server-side error
  23. 23. HTTP Response • Date • date of the document attached to response • Server • Name and version of http server used • Content-* • MIME header of the attached document
  24. 24. HTTP 1.1 HTTP 1.0 a single TCP connection is used to transmit a single document (html file, image,...) HTTP 1.1 uses a single persistent TCP connection This TCP connection can be used for several requests and the corresponding responses the cost of establishing and releasing the TCP connection is amortised over multiple requests Although HTTP 1.1 uses a single TCP connection for multiple requests, HTTP 1.1 remains stateless
  25. 25. HTTP 1.1 Client Server CONNECT.request CONNECT.indication CONNECT.confirm CONNECT.response DISCONNECT.ind HTTP/1.1 200 OK Keep-Alive: timeout=15, max=99 Connection: Keep-Alive ... DISCONNECT.req DISCONNECT.req DISCONNECT.ind GET / HTTP1.1 Connection: Keep-Alive ... HTTP/1.1 200 OK Keep-Alive: timeout=15, max=100 Connection: Keep-Alive GET /images/logo.gif HTTP1.1 ... Connection: Keep-Alive ...
  26. 26. HTTP Authentication Client Server HTTP/1.0 401 Authorization req WWW authenticate: machin ... GET / HTTP1.1 ... Browser asks user/password to user HTTP/1.1 200 OK ... GET / HTTP1.1 Authorization: User-password ... GET /images/t.gif HTTP1.1 Authorization: User-password ... Browser sends user/password in each request
  27. 27. HTTP Cookies Client Server HTTP/1.0 200 OK Set-Cookie: machin ... GET / HTTP1.1 ... Browser saves cookie Normal response HTTP/1.1 200 OK ... GET /doc HTTP1.1 Cookie: machin ... GET /images/t.gif HTTP1.1 Cookie: machin ... Browser sends cookie in all requests sent to server Response is function of URL and cookie
  28. 28. Examples • Wireshark packet traces • Google chrome network diagnostics
  29. 29. Example curl -v www.ietf.org * Rebuilt URL to: www.ietf.org/ * Hostname was NOT found in DNS cache * Trying 2400:cb00:2048:1::6814:155... * Connected to www.ietf.org (2400:cb00:2048:1::6814:155) port 80 (#0) > GET / HTTP/1.1 > User-Agent: curl/7.38.0 > Host: www.ietf.org > Accept: */* >
  30. 30. Example < HTTP/1.1 200 OK < Date: Tue, 21 Oct 2014 07:31:08 GMT < Content-Type: text/html < Transfer-Encoding: chunked < Connection: keep-alive < Set-Cookie: __cfduid=d90d850d78da8f53eb24ac0bed60aa2231413876667742; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.ietf.org; HttpOnly < Last-Modified: Fri, 10 Oct 2014 22:38:16 GMT < ETag: W/"8842406-4ac2-50519347abeda" < Vary: Accept-Encoding * Server cloudflare-nginx is not blacklisted < Server: cloudflare-nginx < CF-RAY: 17cbc0f5613b0c23-AMS < <!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/GeneralPage.dwt" codeOutsideHTMLIsLocked="false" -->
  31. 31. Chrome
  32. 32. Agenda • Internet applications • DNS • Email • Web • UDP • TCP
  33. 33. Transport layer Transport Segments Transport Network Network Network Datalink Datalink Datalink Physical Physical Physical • Objectives • Improve service provided to applications • Multiplexing
  34. 34. Network service Network Packets Network Packets Network Datalink Datalink Datalink Physical Physical Physical • Characteristics • Connectionless • Unreliable • Maximum packet size
  35. 35. UDP protocol 32 bits Source Port Destination port Used to identify the application that sent this segment on sending host 8 bytes UDP length UDP Checksum Payload Used to identify the application that will receive this segment on destination host Constraint Each UDP segment must fit inside a single IP packet Checksum computed over the entire UDP segment and part of the IP header to detect transmission errors. 0 means that the sender did not compute a checksum.
  36. 36. UDP ports Request Client Server Source port : 1234 Destination port: 5678 Source port : 5678 Destination port: 1234 Response
  37. 37. UDP : limitations • Maximum length of UDP SDUs depends on maximum size of IP packets • Unreliable connectionless service • SDUs can get lost but transmission errors will be detected • UDP does not preserve ordering • UDP does not detect nor prevent duplication
  38. 38. Usage of UDP • Request-response applications • DNS, RPC, NFS, .. • Applications with short delay • Games • Multimedia transfer • Voice over IP • Video over IP
  39. 39. Agenda • Internet applications • DNS • Email • Web • UDP • TCP
  40. 40. TCP • Service provided • Connection-oriented • Reliable • No losses, no errors, no duplications • Bytestream
  41. 41. TCP port numbers Request Client : C Server : S Source Port : 1234 Destination Port: 5678 Source Port : 5678 Destination Port: 1234 Response Established TCP connections on client Local IP Remote IP Local Port Remote Port C S 1234 5678 Established TCP connections on server Local IP Remote IP Local Port Remote Port S C 5678 1234
  42. 42. TCP segment 32 bits Source port Destination port THL Reserved Flags Window Checksum Urgent pointer Payload 20 bytes Sequence number Optional header extension Flags : used to indicate the function of a segment SYN : used during establishment FIN : used during connection release RST : used in case of problems ACK : if true, means that the Acknowledgement number inside the segment is valid Computed over the entire segment and part of the IP header Acknowledgement number Segment header length
  43. 43. Multiple connections Client: A Client : B Server : S TCP connections on server IP local IP remote Port local Port remote S A 80 1234 S A 80 1235 S B 80 1235 TCP connections on host A IP local IP remote Port local Port remote A S 1234 80 A S 1235 80 TCP connections on host B IP local IP remote Port local Port remote B S 1235 80
  44. 44. Three-way handshake ACK(seq=x+1, ack=y+1) CONNECT.req CONNECT.ind SYN+ACK(ack=x+1,seq=y) CONNECT.resp Initial sequence number (x) CONNECT.conf Initial sequence number (y) SYN(seq=x) Connection established Connection established The sequence numbers of all segments A->B will start at x+1 The sequence numbers of all segments B->A will start at y+1
  45. 45. Connection refused RST+ACK(ack=x+1,seq=0) DISCONNECT.req CONNECT.req DISCONNECT.ind CONNECT.ind SYN(seq=x) Connection refused A TCP entity should never send a RST segment upon reception of another RST segment
  46. 46. Reliable data transfer DATA.req ("abcd") DATA.ind("abcd") (seq=123,"abcd") DATA.req ("jkl") (seq=127,"efg") (seq=132,"jkl") DATA.req ("efg") (ack=127) (ack=135) DATA.ind("efghijkl") DATA.req ("hi") (seq=130,"hi")
  47. 47. Reliable data transfer (seq=123,"abcd") (seq=127,"ef") (seq=123,"abcd") (seq=127,"ef") (ack=123) Retransmission timer (ack=129) (ack=129) "abcdef" unnecessary retransmission Retransmission of all unacked segments “ef” placed in buffer
  48. 48. Fast retransmit (seq=120,"xyz") (seq=123,"abcd") (ack=123) (seq=129,"gh") (seq=131,"ij") (ack=123) First duplicate ack (ack=123) Second duplicate ack (ack=123) Third duplicate ack (seq=127,"ef") Out of sequence Out of sequence Out of sequence
  49. 49. Fast retransmit (seq=123,"abcd") (ack=123) (ack=123) (ack=123) (ack=123) (ack=133) (seq=123,"abcd") "abcdefghij" (seq=127,"ef") Out of sequence, in buffer (seq=129,"gh") Out of sequence, in buffer (seq=131,"ij") Out of sequence, in buffer
  50. 50. Flow control (seq=122,"abcd") (ack=126,rwin=0) Last_ack=122, swin=100, rwin=4 To transmit : abcdefghijklm Last_ack=122, swin=96, rwin=0 Last_ack=126, swin=100, rwin=0 (ack=126,rwin=2) (seq=126,"ef") (ack=128,rwin=20) Last_ack=126, swin=100, rwin=2 Last_ack=126, swin=98, rwin=0 Last_ack=128, swin=100, rwin=20 Last_ack=128, swin=93, rwin=13 (seq=128,"ghijklm") (ack=135,rwin=20) Last_ack=135, swin=100, rwin=20
  51. 51. Connection release FIN(seq=x) DISCONNECT.req (A-B) DISCONNECT.ind(A-B) ACK(ack=x+1) DISCONNECT.conf(A-B) ACK(ack=y+1) DISCONNECT.req(B-A) DISCONNECT.conf(A-B) outgoing connection closed DISCONNECT.ind(B-A) FIN(seq=y) Time WAIT Maintain state for this connection during twice MSL to be able to retransmit ACK if a segment is received from the other entity incoming connection closed incoming connection closed outgoing connection closed State can be removed Last sent data : x-1 Last sent data : y-1
  52. 52. Abrupt release RST(seq=x) DISCONNECT.req (abrupt) DISCONNECT.ind(abrupt) Connection closed Connection closed State can be removed State can be removed Last sent data : x

×