Networking essentials lect3

2
C/Embedded Base Camp
Networking essentials.
Lecture 3
Petro Shevchenko
Maksym Vysochinenko
October 2021

3
1. Transport Layer (L4)
2. UDP Overview
3. TCP Communication Process
4. The Socket API
5. Tools and Utilities
Agenda

5
Transport Layer
Role of the Transport Layer
● Responsible for establishing a
temporary communication session
between two applications and delivering
data between them.
● Link between the application layer and
the lower layers that are responsible for
network transmission.

6
Transport Layer
Transport Layer Functions
● Data Segmentation
○ The Transport layer divides the
data into pieces and adds a
header for delivery over the
network
● Addressing
○ For addressing at the transport
level, ports are used, a number
from 1 to 65535.
○ Port numbers are associated with
processes on a host and must be
unique

7
Transport Layer
Socket Pairs
• The source and destination ports are placed
within the segment.
• The segments are then encapsulated within an
IP packet.
• The combination of the source IP address and
source port number, or the destination IP
address and destination port number is known
as a socket.
• Sockets enable multiple processes, running on a
client, to distinguish themselves from each
other, and multiple connections to a server
process to be distinguished from each other.

8
Transport Layer
Port Number Groups
▪ Well-known Ports (Numbers 0 to 1023) - These numbers are reserved for services
and applications.
▪ Registered Ports (Numbers 1024 to 49151) - These port numbers are assigned by
IANA to a requesting entity to use with specific processes or applications.
▪ Dynamic or Private Ports (Numbers 49152 to 65535) - Usually assigned
dynamically by the client’s OS and used to identify the client application during
communication.

9
Transport Layer
Port Number Groups (Cont.)
Well Known
Port
Numbers

10
Transport Layer
Transport Layer Reliability
▪ TCP/IP provides two transport layer
protocols:
• Transmission Control Protocol (TCP)
• Considered reliable which ensures
that all of the data arrives at the
destination.
• Additional fields needed in header
which increases size and delay.
• User Datagram Protocol (UDP)
• Does not provide for reliability.
• Fewer fields and is faster than TCP.

11
▪ TCP - databases, web
browsers, and email
clients require that all data
that is sent arrives at the
destination in its original
condition.
▪ UDP - if one or two
segments of a live video
stream fail to arrive, if
disruption in the stream,
may not be noticeable to
the user.
Transport Layer
The Right Transport Layer Protocol for the Right Application

12
User Datagram Protocol (UDP)
Overview

13
UDP Overview
UDP Features
▪ UDP is a stateless protocol – no
tracking
▪ Reliability handled by application

14
UDP Overview
UDP Low Overhead versus Reliability
▪ UDP not connection-
oriented
▪ No retransmission,
sequencing, and flow
control
▪ Functions not provided
by the transport layer
implemented
elsewhere

15
UDP Overview
UDP Datagram Reassembly
UDP: Connectionless and Unreliable
▪ UDP reassembles data
in order received and
forwards to application
▪ Application must identify
the proper sequence

16
UDP Overview
UDP Header
● Source Port - This field identifies the sender's port
● Destination Port - This field identifies the receiver's port
● Length - This field specifies the length in bytes of the UDP header and UDP data
● Checksum - The checksum field may be used for error-checking of the header and data

17
UDP Overview
Applications that use UDP
Three types of applications best
suited for UDP:
● Live video and multimedia
● Simple request and reply
● Handle reliability
themselves

18
Transmission Control Protocol (TCP)
Communication Process

19
TCP Communication Process
TCP Reliability- Guaranteed and Ordered Delivery
• TCP can also help maintain the flow of
packets so that devices do not become
overloaded.
• There may be times when TCP segments do
not arrive at their destination or arrive out
of order.
• All the data must be received and the data
in these segments must be reassembled into
the original order.
• Sequence numbers are assigned in the
header of each packet to achieve this goal.

20
Reliability and Flow Control
TCP Flow Control – Maximum Segment Size
Maximum Segment Size (MSS) is the
maximum amount of data that the
destination device can receive.
• A common MSS is 1,460 bytes when
using IPv4.
• A host determines the value of its MSS
field by subtracting the IP and TCP
headers from the Ethernet maximum
transmission unit (MTU), which is 1500
bytes be default.
• 1500 minus 40 (20 bytes for the IPv4
header and 20 bytes for the TCP
header) leaves 1460 bytes.

21
TCP Header Format (RFC 793)
Source Port - The source port number (16 bits)
Destination Port - The destination port number (16
bits)
Sequence Number - The sequence number of the
first data octet in this segment (32 bits)
Acknowledgment Number - If the ACK control bit is
set this field contains the value of the next
sequence number the sender of the segment is
expecting to receive (32 bits)
Data Offset - The number of 32 bit words in the TCP
Header. This indicates where the data begins (4
bits)
Reserved - Reserved for future use. Must be zero
(6 bits)

22
TCP Header Format (Cont.)
Flags - The six control bit flags are as follows:
● URG: Urgent Pointer field significant
● ACK: Acknowledgment field significant
● PSH: Push Function
● RST: Reset the connection
● SYN: Synchronize sequence numbers
● FIN: No more data from sender
Window - The number of data octets beginning
with the one indicated in the acknowledgment
field which the sender of this segment is willing
to accept (16 bits)
Checksum - The header and data checksum
(16 bits)
Urgent Pointer - The urgent pointer points to the
urgent data (16 bits)
Options - The Options have variable length
data - The segment data have variable length

23
TCP Connection Establishment
Step 1: The initiating client requests a client-to-server
communication session with the server.
Step 2: The server acknowledges the client-to-server
communication session and requests a server-to-client
communication session.
Step 3: The initiating client acknowledges the server-
to-client communication session.
Main tasks:
1 – Synchronize counters SEQ ACK
2 – Define algorithms
3 – Measure RTT – round-trip time
>> calculate RTO Retransmission timeout

24
Session Termination
Step 1: When the client has no more data to
send in the stream, it sends a segment with the
FIN flag set.
Step 2: The server sends an ACK to
acknowledge the receipt of the FIN to
terminate the session from client to server.
Step 3: The server sends a FIN to the client to
terminate the server-to-client session.
Step 4: The client responds with an ACK to
acknowledge the FIN from the server.

25
Sequence Numbers and Acknowledgments

26
Window Sliding
● There is two way to send TCP segments:
○ The sender sends one segment and
waits for an acknowledgment, after
that it sends the next segment
○ The sender sends several segments
one-by-one without waiting for an
acknowledgment, this is called
window sliding
● The internal device buffer can be of limited
size, so the window size must not exceed
this value
● The sender after sending the data by the
window size stops the transmission waiting
for an acknowledgment
● After confirming reception, the sender
continues to transmit

27
TCP Reliability – Data Loss and Retransmission
No matter how well designed a network is,
data loss occasionally occurs.
TCP provides methods of managing these
segment losses. Among these is a mechanism
to retransmit segments for unacknowledged
data.

28
TCP Reliability – Data Loss and Retransmission (Cont.)
Host operating systems today typically employ
an optional TCP feature called selective
acknowledgment (SACK), negotiated during the
three-way handshake.
If both hosts support SACK, the receiver can
explicitly acknowledge which segments (bytes)
were received including any discontinuous
segments.

29
TCP Flow Control – Retransmits
▪ Congestion causes
retransmission of lost TCP
segments
▪ Retransmission of segments can
make the congestion worse
▪ To avoid and control congestion,
TCP employs several congestion
handling mechanisms, timers,
and algorithms
▪ Example: Reduce the number of
bytes it sends before receiving
an acknowledgment
▪ RTO – retransmission timeout

34
Tools and utilities overview
ifconfig - configure a network interface
nmcli - command-line tool for controlling NetworkManager
route - show / manipulate the IP routing table
ping - send ICMP ECHO_REQUEST to network hosts
traceroute - Trace the route to a host
netstat - Print network connections, routing tables, interface statistics
dig - DNS lookup utility
ncat - Concatenate and redirect sockets
nmap - Network exploration tool and security / port scanner
tcpdump - dump traffic on a network
wireshark - Interactively dump and analyze network traffic

35
NAME
ifconfig - configure a network interface
SYNOPSIS
ifconfig [-v] [-a] [-s] [interface]
ifconfig [-v] interface [aftype] options | address ...
DESCRIPTION
Ifconfig is used to configure the kernel-resident network interfaces. It is used at boot time
to set up interfaces as necessary. After that, it is usually only needed when debugging or
when system tuning is needed.

36
NAME
nmcli - command-line tool for controlling NetworkManager
SYNOPSIS
nmcli [OPTIONS...] {help | general | networking | radio | connection | device | agent | monitor} [COMMAND] [ARGUMENTS...]
DESCRIPTION
nmcli is a command-line tool for controlling NetworkManager and reporting network status. It can be utilized as a r
eplacement for nm-applet or other graphical clients. nmcli is used to create, display, edit, delete, activate, and
deactivate network connections, as well as control and display network device status.

37
NAME
route - show / manipulate the IP routing table
SYNOPSIS
route [-CFvnNee] [-A family |-4|-6]
route [-v] [-A family |-4|-6] add [-net|-host] target [netmask Nm] [gw Gw] [metric N] [mss M] [window W] [irtt I] [reject] [mod]
[dyn] [reinstate] [[dev] If]
route [-v] [-A family |-4|-6] del [-net|-host] target [gw Gw] [netmask Nm] [metric M] [[dev] If]
route [-V] [--version] [-h] [--help]

38
NAME
ping - send ICMP ECHO_REQUEST to network hosts
SYNOPSIS
ping [-aAbBdDfhLnOqrRUvV46] [-c count] [-F flowlabel] [-i interval] [-I
interface] [-l preload] [-m mark] [-M pmtudisc_option] [-N node info_option] [-w deadline] [-W timeout] [-p pattern] [-Q
tos] [-s packetsize] [-S sndbuf] [-t ttl] [-T timestamp option] [hop ...] destination
DESCRIPTION
ping uses the ICMP protocol's mandatory ECHO_REQUEST datagram to elicit
an ICMP ECHO_RESPONSE from a host or gateway.

39
NAME
traceroute - Trace the route to a host
SYNOPSIS
traceroute [OPTION...] HOST
DESCRIPTION
Print the route packets trace to network host.
-f, --first-hop=NUM Set initial hop distance, that is the time-to-live.
-g, --gateways=GATES List of gateways for loose source routing.
-I, --icmp Use ICMP ECHO as probe.

40
NAME
netstat - Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships
SYNOPSIS
netstat [address_family_options] [--tcp|-t] [--udp|-u] [--udplite|-U] [--sctp|-S] [--raw|-w] [--l2cap|-2] [--rfcomm|-f] [--listening|-
l] [--all|-a] [--numeric|-n] [--numeric-hosts] [--numeric-ports] [--numeric-users] [--symbolic|-N] [--extend|-e[--extend|-e]] [--
timers|-o] [--program|-p] [--verbose|-v] [--continuous|-c] [--wide|-W]
netstat {--route|-r} [address_family_options] [--extend|-e[--extend|-e]] [--verbose|-v] [--numeric|-n] [--numeric-hosts]
[--numeric-ports] [--numeric-users] [--continuous|-c]

41
NAME
dig - DNS lookup utility
SYNOPSIS
dig [@server] [-b address] [-c class] [-f filename] [-k filename] [-m] [-p port#] [-q name] [-t type] [-v] [-x addr] [-y
[hmac:]name:key] [[-4] | [-6]] [name] [type] [class] [queryopt...]
dig [-h]
dig [global-queryopt...] [query...]
DESCRIPTION
dig is a flexible tool for interrogating DNS name servers. It performs DNS lookups and displays the answers that are returned
from the name server(s) that were queried. Most DNS administrators use dig to troubleshoot DNS problems because of its
flexibility, ease of use and clarity of output. Other lookup tools tend to have less functionality than dig.

42
NAME
ncat - Concatenate and redirect sockets
SYNOPSIS
ncat [OPTIONS...] [hostname] [port]
DESCRIPTION
Ncat is a feature-packed networking utility which reads and writes data across networks from the command line. Ncat was
written for the Nmap Project and is the culmination of the currently splintered family of Netcat incarnations.
-p, --source-port port Specify source port to use
-s, --source addr Specify source address to use (doesn't affect -l)
-l, --listen Bind and listen for incoming connections
-k, --keep-open Accept multiple connections in listen mode
-n, --nodns Do not resolve hostnames via DNS
-t, --telnet Answer Telnet negotiations
-u, --udp Use UDP instead of default TCP
Echo server - ncat -l 12345 -k -c 'xargs -n1 echo'
Server Client

43
NAME
nmap - Network exploration tool and security / port scanner
SYNOPSIS
nmap [Scan Type...] [Options] {target specification}
DESCRIPTION
Nmap (“Network Mapper”) is an open source tool for network exploration and security auditing. It was designed to rapidly
scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what
hosts are available on the network, what services (application name and version) those hosts are offering, what operating
systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics.

44
NAME
tcpdump - dump traffic on a network
SYNOPSIS
tcpdump [ -AbdDefhHIJKlLnNOpqStuUvxX# ] [ -B buffer_size ]
[ -c count ]
[ -C file_size ] [ -G rotate_seconds ] [ -F file ]
[ -i interface ] [ -j tstamp_type ] [ -m module ] [ -M secret ]
DESCRIPTION
Tcpdump prints out a description of the contents of packets on a network interface that match the boolean expression; the
description is preceded by a time stamp, printed, by default, as hours, minutes, seconds, and fractions of a second since
midnight.
tcpdump -i eth0
tcpdump host 1.1.1.1
tcpdump port 80 -w capture_file.pcap

45
NAME
wireshark - Interactively dump and analyze network traffic
SYNOPSIS
wireshark [ -a <capture autostop condition> ] ...
[ -b <capture ring buffer option> ] ... [ -B <capture buffer size> ]
[ -c <capture packet count> ] [ -C <configuration profile> ]
DESCRIPTION
Wireshark is a GUI network protocol analyzer. It lets you interactively browse packet data from a live network or from a
previously saved capture file. Wireshark's native capture file format is pcap format, which is also the format used by tcpdump and
various other tools.

46
Homework #2. Preparation to practice
1. Install examples:
a. Log into your GitHub account and fork the following repository
https://github.com/PetroShevchenko/GL-ESK-ETHERNET
b. Clone the repository from your GitHub account into a local repository by running
the following command
user@host:~$ git clone https://github.com/<githubusername>/GL-ESK-ETHERNET.git
2. Import cloned project into STM32Cube IDE workspace
3. Build the project and upload the firmware to the GL ESK
4. Power off the board then plug-in an Ethernet cable to the board. Power on the board
5. DHCP uses to assign a new IP address of the board. If successful, you will see the
assigned IP address on the LCD

Networking essentials lect3

More Related Content

What's hot

Similar to Networking essentials lect3

More from Roman Brovko

Recently uploaded

Networking essentials lect3