Module 1: Architectural Overview of the Transport Layer

1. Core Functionalities

  • Process-to-Process Logical Communication: Unlike the Network Layer (host-to-host), the Transport Layer provides logical communication channels directly between application processes.
  • Multiplexing and Demultiplexing:
    • Multiplexing: Multiple application processes on the sender side can concurrently transmit data utilizing the same Transport Layer protocol.
    • Demultiplexing: The receiving Transport Layer strips the segment header and accurately delivers the payload to the specific target application process.
  • Comprehensive Error Detection: Validates structural integrity across both the segment header and the data payload fields.
  • Primary Protocols: Transmission Control Protocol (TCP) and User Datagram Protocol (UDP).

2. Port Addressing Mechanics

  • The Role of Ports: Ports serve as software-defined interfaces that allow data to flow downward from application layers to the transport infrastructure, and guide received transport segments upward to the corresponding active OS processes.
  • Port Number Allocation: Formatted as a 16-bit unsigned integer, yielding $2^{16} = 65,536$ discrete logical ports.

Port Classifications

| Category | Port Range | Description & Common Assignments | | :— | :— | :— | | Well-Known Ports (Server) | $0 \sim 1023$ | Assigned system-wide to fundamental standard services.
• FTP: 21 | TELNET: 23 | SMTP: 25
• DNS: 53 | TFTP: 69 | HTTP: 80 | SNMP: 161 | | Registered Ports (Server) | $1024 \sim 49151$ | Assigned to user applications or custom services registered via IANA. | | Ephemeral Ports (Client) | $49152 \sim 65535$ | Allocated dynamically by the client OS kernel for temporary runtimes. |

The Internet Socket

An internet socket acts as the unique global identifier for a network process, formed by binding an IP address with a port number: \(\text{Socket} = (\text{IP Address} : \text{Port Number})\)

Module 2: User Datagram Protocol (UDP)

1. UDP Characteristics

  • Minimalist Design: Inherits IP behavior while adding basic multiplexing, demultiplexing, and error-checking capabilities.
  • Connectionless State: Zero handshake overhead and no maintained state machines on endpoints.
  • Low Header Overhead: Standard fixed header size is only 8 bytes.
  • Best-Effort Delivery: Does not guarantee message arrival, sequencing, or duplicate protection.
  • Message-Oriented: Preserves application-layer boundary blocks without segment merging or dividing.
  • Protocol Field: Identified by value 17 within the underlying IP packet header.

2. Segment Header Structure

The 8-Byte UDP header is structured into four 2-byte fields:


0                   15 16                   31
+----------------------+----------------------+
|     Source Port      |   Destination Port   |
+----------------------+----------------------+
|        Length        |       Checksum       |
+----------------------+----------------------+
  • Source Port: Identifies the sending process; filled with all zeros if a return response is not required.
  • Destination Port: Essential field utilized for routing the payload on arrival.
  • Length: Indicates the total length of the UDP segment (Header + Data). Minimum value is 8 bytes.
  • Checksum: Evaluates transmission errors. If an error is detected, the segment is discarded. (Set to all zeros if the sender opts out of computation).

3. Checksum Verification & The Pseudo-Header

During checksum verification, a 12-Byte Pseudo-Header is prepended to the UDP segment. This block is used solely for the arithmetic computation and is never transmitted over the wire.

Module 3: Transmission Control Protocol (TCP)

1. TCP Characteristics

  • Connection-Oriented: Requires explicit state synchronization between endpoints prior to data transfer.
  • Reliable Byte-Stream Delivery: Guarantees data arrival without corruption, loss, or duplicate insertion.
  • Full-Duplex Communication: Allows concurrent bidirectional data transfers sustained by decoupled caching windows.
    • Sender Cache: Stores data generated by the application layer awaiting transmission, along with segments already transmitted but waiting for an acknowledgment (ACK).
    • Receiver Cache: Stores sequentially arrived bytes awaiting application reads, alongside out-of-order data blocks.
  • Byte-Stream Abstraction: Re-evaluates application blocks into an un-structured sequence of ordered bytes, adjusting segment lengths according to receiver window updates and network congestion limits.

2. TCP Segment Header Structural Analysis

The standard TCP header requires a base length of 20 bytes up to a maximum of 60 bytes, depending on optional fields.


0                   15 16                   31
+----------------------+----------------------+
|          Source Port |     Destination Port |
+----------------------+----------------------+
|                    Sequence Number          |
+----------------------+----------------------+
|                 Acknowledgment Number       |
+----------------------+----------------------+
| Data | Reserved |     |                     |
|Offset|   (6b)   |Flags|     Window Size     |
+----------------------+----------------------+
|             Checksum |       Urgent Pointer |
+----------------------+----------------------+
|               Options (Variable)            |
+----------------------+----------------------+
  • Source & Destination Ports (2B each): Routes traffic to the correct endpoint applications.
  • Sequence Number (4B): Tracks data indices over a range of $0 \sim 2^{32}-1$. Represents the exact absolute byte index of the first data byte enclosed within the specific segment payload.
  • Acknowledgment Number (4B): Explicitly states the next sequential byte index the receiver expects to get. An acknowledgment value of $N$ confirms that all bytes up to $N-1$ have been successfully received.
  • Data Offset (4 bits): States the structural size of the TCP header measured in 32-bit (4-byte) words.
  • Control Flags (6 bits):
    • URG: Urgent Pointer field is valid when set to 1.
    • ACK: Validates the Acknowledgment field when set to 1. Must remain active after connection setup.
    • PSH: Commands the receiver to push arrived data straight to the application process rather than waiting for the cache buffer to fill up.
    • RST: Indicates a severe connection error; forces an immediate connection reset.
    • SYN: Synchronization flag used during connection establishment. SYN=1, ACK=0 indicates a connection request; SYN=1, ACK=1 indicates a connection acceptance.
    • FIN: Terminates the stream; indicates the sender has completed data transmission.
  • Window Size (2B): Used for flow control. Advertises the current available capacity in the receiver’s cache buffer.
  • Checksum (2B): Covers both the TCP header and payload, utilizing a 12-byte pseudo-header (with IP protocol code set to 6).
  • Urgent Pointer (2B): Indicates the boundary where urgent payload data ends within the segment.
  • Options: Variable-length field; includes parameters like the Maximum Segment Size (MSS).
  • Padding: Zero-filled bits used to ensure the header ends cleanly on a 4-byte boundary.

3. TCP Connection Management Lifecycle

Connection Establishment (Three-Way Handshake)

Before initialization, the server process transitions into a passive LISTEN state.


Client                                      Server
|                                           |  (LISTEN)
| ----- SYN=1, seq=x -------------------->  |  (SYN-RCVD)
|                                           |  Allocates buffers & vars
| <---- SYN=1, ACK=1, seq=y, ack=x+1 ------ |
| Allocates buffers & vars                  |
| ----- ACK=1, seq=x+1, ack=y+1 --------->  |  (ESTABLISHED)
|                                           |
(ESTABLISHED)

⚠️ Security Note: The Three-Way Handshake is vulnerable to SYN Flood Attacks, where an attacker exhausts server resource tables by leaving connections half-open in the SYN-RCVD state.

Connection Termination (Four-Way Wave)

Since TCP connections operate in full-duplex, each unidirectional stream must be closed independently.


Client                                      Server
|                                           |
(FIN-WAIT-1)                                   |
| ----- FIN=1, seq=u -------------------->  |  (CLOSE-WAIT)
|                                           |  Client-to-Server closed
| <---- ACK=1, seq=v, ack=u+1 ------------- |  Server can still send data
(FIN-WAIT-2)                                   |  (Half-Closed State)
|                                           |
|                                           |  (LAST-ACK)
| <---- FIN=1, ACK=1, seq=w, ack=u+1 ------ |  Server finished sending
|                                           |
(TIME-WAIT)                                    |
| ----- ACK=1, seq=u+1, ack=w+1 --------->  |  (CLOSED)
|                                           |
Waits 2*MSL
|
(CLOSED)
  • The TIME-WAIT State: The active closer must wait for a duration of $2 \times \text{MSL}$ (Maximum Segment Lifetime) before transitioning to CLOSED. This ensures the final ACK reaches the destination and clears any delayed, wandering segments from the network path.

4. Reliable Data Transfer Mechanisms

  • Sequence Numbers: Enforces strict spatial reordering of byte-streams before exposing them to the application layer.
  • Acknowledgment Tracking: Uses Cumulative Acknowledgments, meaning the tracking index flags receipt only up to the last contiguous in-order byte.
  • Retransmission Triggers: Driven by two distinct events:
    1. Timeout Expiry: Managed via a dynamic adaptive timer that tracks the Exponential Weighted Moving Average ($RTT_S$).
    2. Fast Retransmit (Triple Duplicate ACKs): If the sender receives three identical duplicate ACKs for a specific segment, it assumes the subsequent segment was lost and triggers an immediate retransmission before the timeout timer expires.

5. Flow Control Mechanics

Flow control matches the sender’s transmission rate with the receiver’s reading rate to prevent buffer overflows.

  • Mechanism: Driven by a sliding window architecture.
  • Variables:
    • rwnd (Receiver Window): The available space advertised by the receiver.
    • cwnd (Congestion Window): The calculated limit imposed by network capacity constraints.
  • Governing Rule: The effective sending window boundary is constrained by: \(\text{Max Allowed Window} = \min(\text{rwnd}, \text{cwnd})\)

6. Congestion Control Strategies


cwnd (MSS)
|
32 |                                         / \  (Congestion Detected: Timeout)
|                                        /   

16 |                    / \ (ssthresh=16)  /     

|                   /   --------------/       

8 |                  /                             

|      /\         /                               

4 |     /  -------/                                 

|    /                                              

1 +---+------------------------------------------------+---> RTT

1. Slow Start

  • Initialization: Starts with a base configuration of $\text{cwnd} = 1 \text{ MSS}$.
  • Growth Vector: The window size expands exponentially, doubling after each Round Trip Time (RTT). \(\text{cwnd} = \text{cwnd} \times 2\)
  • Boundary: Continues until cwnd hits the slow start threshold parameter (ssthresh).

2. Congestion Avoidance

  • Growth Vector: Shifts to linear growth once $\text{cwnd} \ge \text{ssthresh}$. The congestion window increases by $1 \text{ MSS}$ per RTT to probe network capacity limits safely. \(\text{cwnd} = \text{cwnd} + 1\)

3. Congestion Response Processing

  • Timeout Scenario: If a packet drop triggers a timeout, ssthresh is cut in half relative to the current cwnd value, and cwnd is reset back to $1 \text{ MSS}$, restarting the Slow Start cycle. \(\text{ssthresh} = \frac{\text{cwnd}}{2}, \quad \text{cwnd} = 1\)
  • Fast Recovery Scenario: When a drop is handled via Fast Retransmit (triggered by triple duplicate ACKs), the protocol skips the aggressive reset to $1 \text{ MSS}$. It cuts ssthresh in half, sets cwnd equal to the new ssthresh level, and transitions directly into Congestion Avoidance. \(\text{ssthresh} = \frac{\text{cwnd}}{2}, \quad \text{cwnd} = \text{ssthresh}\)