EE5412 TCP/IP [TcpIpQA0.doc]
---------
Domain Name Service and function of a “name server” in TCP/IP –
Domain name service (DNS) is the naming protocol used in the TCP/IP protocol suite, which enables IP routing to occur indirectly through the use of names instead of IP addresses. To accomplish this DNS provides a domain name to IP address translation service.
---------------------
The name server provides name-to-IP address translation service. It must also recognize that an address is outside its administrative zone of authority and must forward the address to another name server for translation into an appropriate IP address.
Eventually a name server will be reached that has administrative authority over the domain containing the host name to resolve and will return an IP address through a reversed hierarchy to provide the originating name server with a response to its query. Most name servers cache the results of previous name queries which can considerably reduce off-domain or internet network traffic.
DNS permits decentralized administration of resource names and specifies redundancy of Servers as a way of providing a reliable query service for users.
Decentralization of name administration is accomplished by user of multiple name fields, with each field further specifying a sub-domain.
The ‘top-level’ domain is centrally administered by the DDN Network Information Center which assigns administrative responsibility for immediately-subordinate sub-domains. Administrators for these sub-domains may in turn, create further partitioning through additional sub-domains.
------------------
ARP in TCP/IP -
ARP is Address Resolution protocol in TCP/IP. It is a mean of mapping IP address to hardware address before message can be send across a physical network. ARP maintains a table of MAC address and their corresponding IP address.
When ARP cannot find an IP address, it broadcast an “ARP REQUEST” to all o host on the network. If a host does have this IP address, it will return that information to the requester in an “ARP REPLY”. Thus the requester will be able to update its ARP table.
---------------------------------
Difference between TCP and UDP transport layer protocol
TCP is a connection-oriented protocol, meaning that TCP will set up, maintain and tear down a connection. TCP keeps track of the status and state of data passing through it. TCP ensures reliable end-to-end data transmission. TCP can also multiplex data from different applications and is full duplex.
UDP is connectionless transport level protocol for applications in layer above. UDP does not do any end-to-end error checking but uses a checksum in the UDP header.
UDP is used for small data transfers where an error is not a serious problem. It is faster and cheaper.
RIP, Routing Information Protocol and DNS, Domain Name Service use UDP.
-----------------------------------
Network congestion will increase the probability of “packet loss” which will in turn initiate packet retransmission and cause more congestion.
Technique used by TCP in Congestion control as follows -
Congestion Control
Congestion => packet-lost => retransmission. Retransmission => increase in input => more congestion => more loss.
To avoid the problem TCP use packet loss as a measure of congestion and responds by reducing the rate it transmit.
Slow Start
Whenever a message is lost, TCP begin congestion control. Instead of re-transmitting enough data to fill the window, TCP begins by sending a single packet. If “Ack” arrives without additional loss, TCP doubles the amount of data being sent and sends two additional packets.
If “Ack” arrives for these two, then TCP sends four more and so on. The increase continues until TCP is sending half of the receiver’s advertised window [ie window threshold], at which TCP slow down the rate of increase [ie. phase of congestion control].
By backing off quickly, TCP is able to alleviate congestion and help to avoid congestion collapse.
The congestion control double the congestion window every time the acknowledgements comes back which takes one round trip time (RTT) This is called the exponential growth of the congestion window in the slow start mechanism.
The exponential growth stops at the congestion threshold at which transmission rate is only increased linearly by adding one to the congestion window each time the ack comes back.
Linear increase continues until time out on missing ack or continuous ack on same packet occur. The congestion threshold is then set to half of the current congestion window and congestion window set to 1 packet.
Fast retransmit/Fast recovery
Lost of packet is indicated by the receiving of the same ack packet continuously or the timeout due to missing ack packet.
Timeout due to missing ack packet indicates packet loss due to network congestion. This will initiate congestion control and Slow Start procedure.
Receiving same ack packet continuously indicates packet loss due to transmission error. Since ack packets are received, the network is not congested. Sender can retransmit the packet before the timer expires and continue with the current congestion window. The sender performs packet recovery from packet loss. This will improve the efficiency of TCP. This is called fast retransmit and fast recovery.
Difference between “Slow Start” and “Fast retransmit/fast recovery” in TCP
• Fast Retransmit – When the sender receives the third duplicate acknowledgment, it realizes that some packets are lost and then retransmits them. This retransmission is faster than the regular timeout mechanism.
• Fast Recovery – When the Fast Retransmit mechanism signals packet loss, the sender halves the congestion window rather than drop the congestion window to 1.
Decide time out for varying delays encountered in Internet environment
Adaptive Retransmission
To avoid excessive retransmission delay
To support various networks with different delay requirements
TCP monitors current delay on each connection and estimate round-trip delay for each active connection by measuring the time needed to receive a response.
TCP generates a sequence of round-trip estimates and uses a statistical function to produce a weighted average.
In addition to a weighted average, TCP keeps an estimated of the variance, and use a linear combination of the estimated mean and variance as a value for retransmission.
TCP adaptive retransmission works well.
Variance helps TCP react quickly when delay increases following a burst of packets.
Weighted average helps TCP reset the retransmission timer if the delay returns to a lower value after a temporary burst.
When delay remains constant, TCP adjusts the retransmission timeout to a value that is slightly longer than the mean round-trip delay.
When delays start to vary, TCP adjusts the retransmission timeout to a value greater than the mean to accommodate peaks.
The goal is to wait long enough to determine that a packet was lost without waiting longer than necessary.
----------------------------
To close a TCP connection gracefully
Three Way Handshake
Problem: Delayed packets from previous connection arrive and appear to be valid packets on new connection.
To guarantee that connections are established or terminated reliably, TCP use Synchronization segment (SYN segment) to create a connection and Finish segment (FIN) to close a connection.
Ack sent in each direction are used to guarantee that all data has arrived before the connection is terminated.
TCP retransmits lost SYN or FIN segments. TCP will not open or close a connection until both ends have interacted
--------------------------
Consider the three-way handshake in TCP connection setup.
a. Suppose that an old SYN segment from station A arrives at station B requesting a TCP connection. Explain how the three-way handshake procedure ensures that the connection is rejected.
Ans:
In a three-way handshake procedure, one must ensure the selection of the initial sequence number is always unique. If station B receives an old SYN segment from A, B will acknowledge the request based on the old sequence number. When A receives the acknowledgement segment from B, A will find out that B received a wrong sequence number. A will discard the acknowledgment packet and reset the connection by sending a new SYN segment.
b. Now suppose that an old SYN segment from station A arrives at station B, followed a bit later by an old ACK segment from A to a SYN segment from B. Is this connection request also rejected?
Ans:
In an old SYN segment from A arrives at B, followed by an old ACK segment from A to a SYN segment from B, the connection will also be rejected. Initially, when B receives an old SYN segment, B will send a SYN segment with its own distinct sequence number set by itself. If B receives the old ACK from A, B will notify A that the connection is invalid since the old ACK sequence number does not match the sequence number previously defined by B. Therefore, the connection is rejected.
----------------------------
[Stalling 17.10]
In TCP/IP, is a dead lock possible using a two-way handshake instead of a three way handshake? Give an example.
Ans:
Deadlocks are possible. For example, an old packet initiate a connection arrives at A and A acknowledges it. The acknowledgement is lost, but A is now open. Now the same thing happens to B, and both are open, but expecting different sequence numbers.
Source: [TANE96]
-----------------------------
Usage of ICMP to test reachability and to trace a route
Using ICMP Messages to test Reachability
Ping use ICMP echo messages. Ping sends a datagram that contains an ICMP echo request message to the destination which sends an ICMP echo reply message. After sending the request, ping waits a shot time for the reply. If no reply arrives, ping retransmits the request twice. If no reply arrives for the retransmission, ping declares that the remote machine is not reachable.
Using ICMP to trace a route
TIME TO LIVE field in a datagram header is used to recover from routing error. If a counter reaches zero, the router discards the datagram and sends an ICMP time exceeded error back to the source.
A tool named TRACEROUTE use ICMP time exceeded messages to find a list of all routers along a path to a given destination. TRACEROUTE sends a series of datagrams and waits for a response to each.
TRACEROUTE send the TIME TO LIVE value in the first datagram to 1 before sending the datagram. The first router that receives the datagram decrements the time to live, discards the datagram, and sends back an ICMP time exceeded message. Because the ICMP message travels in an IP datagram, TRACEROUTE can extract the IP source address and announce the address of the first router along the path to the destination.
After it discovers the address of the first router, TRACEROUTE repeats the process with TIME TO LIVE sets to 2. The first router decrement the counter to 1 and forward the datagram. The second counter will decrement the counter to zero, discard the packet and sends back an error message.
-------------------------
IPV6 enchancements over IPV4
Expanded address space – 128 bit instead of 32 bit
Improved option mechanism – options are placed in separate optional header. This simplifies and speeds up router processing of IPV6 packets. It also makes it easier to add additional options. [options are not examined by intermediate routers]
Address auto-configuration – enable dynamic assignment of IPV6 address.
Increased addressing flexibility and capability – support conference call, multi-cast address
Support for resource allocation – label of packets belong to a particular traffic flow, support for audo and video traffic
--------------------------------------------
[Stalling 17.19]
b. A TCP entity opens a connection and uses slow start. Approximately how many round-trip times are required before TCP can send N segments? Briefly explain how you get the answer.
TCP initializes the congestion window to 1, sends an initial segment, and waits. When the ACK arrives, it increases the congestion window to 2, sends 2 segments, and waits. When the 2 ACKs arrive, they each increase the congestion window by one, so that it can send 4 segments. In general, it takes log2N round trips before TCP can send N segments.
c. Assume a round trip delay of a link across a continent is 60 ms. The link bandwidth is 1 Gbps. Assume the packet size of 10k bits is used. Determine the minimum window size needed to keep the pipe full.
Ans: packet transmission time = 100k/1G sec = 0.1 msec.
Minimum window size = [60msec] / [0.1msec] = 600
---------------------------
Keine Kommentare:
Kommentar veröffentlichen