CCNA Exploration

Network Fundamentals

Chapter 4
OSI Transport Layer

Copyright © 2008 Version 4.0 Ch 4 - 1

 Objectives

• Explain the need for the Transport layer

• Identify the role of the Transport layer as it provides the
end-to-end transfer of data between applications
• Describe the role of the two TCP/IP Transport layer
protocols: TCP and UDP
• Explain the key functions of the Transport layer,
including reliability, port addressing and segmentation
• Explain how TCP and UDP each handle key functions
• Identify when it is appropriate to use TCP or UDP and
provide examples of applications that use each protocol

Copyright © 2008 Version 4.0 Ch 4 - 2

 Role of the Transport Layer

• Enables multiple applications to communicate over the network at

the same time on a single device
• Ensures that all data is received reliably and in order by the correct
application
• Employs error handling mechanism

Copyright © 2008 Version 4.0 Ch 4 - 3

 Transport Layer Functions

• Tracking the individual communication between applications on the

source and destination hosts
– any host may have multiple applications that are communicating over
the network
– responsibility of the Transport layer to maintain the multiple
communication streams between these applications
• Segmenting the application data and managing each segment
– the data stream must be prepared to sent in manageable pieces
– segments the application data and encapsulates each segment with a
header to indicate which communication it is associated
• Reassembling the segments into streams of application data
– each segment is directed to the appropriate application and
reconstructed into a complete data stream

Copyright © 2008 Version 4.0 Ch 4 - 4

 Transport Layer Functions (cont’d)

• Identifying the different applications

– the Transport layer assigns an application an identifier, called the port
number, to indicate which application that segment is associated

Copyright © 2008 Version 4.0 Ch 4 - 5

 Separating Multiple Communications

• The Transport layer segments the data and manages the separation
of data for different applications
– multiple applications running on a device receive the correct data
– data from the phone call is not directed to the web browser

Copyright © 2008 Version 4.0 Ch 4 - 6

 Managing Information

• E-mail and web page

– information must be completely received and presented to be
considered useful
– slight delays are considered acceptable in order that complete
information is received and presented
– network manages the resending of missing segments

• Telephone conversation
– missing parts of a conversation may be considered acceptable
– infer the missing audio from the context of the conversation
– ask the opposite party to repeat
– user manages the resending of missing information

Copyright © 2008 Version 4.0 Ch 4 - 7

 Segmentation

• Dividing data into small parts, and sending these parts from source
to destination, enables may different applications to be interleaved
(or multiplexed) on the same network
– makes error recovery and retransmission of damaged data easier
– without segmentation, only one application would be able to receive
data
– each of these applications
is a conversation
• Transport layer adds a
header containing binary
data to identify each
segment of data

Copyright © 2008 Version 4.0 Ch 4 - 8

 Controlling the Conversations

• Segmentation and re-assembly

– at the source, the Transport layer divides the application data into
smaller blocks because there is a limit on the amount of data in a single
PDU
– at the destination, the Transport layer re-assembles the PDUs
• Conversation multiplexing
– each application is
assigned and identified by
a port number

Copyright © 2008 Version 4.0 Ch 4 - 9

 Controlling the Conversations (cont’d)

• Connection-oriented conversations
– establishes a session between the applications
– ensures the application is ready to receive the data
• Reliable delivery
– lost segments are re-sent so that the data is received complete
• Ordered data reconstruction
– numbering and sequencing the segments to ensure they are
reassembled into the proper order
• Flow control
– regulating the rate of data flow to prevent the loss of segments and
avoid the need for re-transmission

Copyright © 2008 Version 4.0 Ch 4 - 10

 Reliable Communication

• Reliable delivery of data ensures that each piece of data the source
sends arrives at the destination
– keep track of all data pieces transmitted
– acknowledge the receipt of the data by the destination
– retransmit any unacknowledged data

• These reliability processes place additional overhead on the

network resources due to the tracking, acknowledgement and
retransmission
– control information is contained in the Transport header
– trade-off between the choice of reliability and the burden it places on the
network

Copyright © 2008 Version 4.0 Ch 4 - 11

 Determining The Need For Reliability

• Applications, such as web pages, e-mails and databases, are

designed to use a Transport layer that implements reliability
– missing data could cause a corrupt communication

• Other applications, such

as voice and video, are
more tolerant to the loss
of small amounts of
data
– missing segments
would only create a
momentary disruption
in the data stream

Copyright © 2008 Version 4.0 Ch 4 - 12

 Transmission Control Protocol

• TCP is a connection-oriented (CO) and reliable protocol, RFC 793

– guaranteed delivery
• Each TCP segment uses a 20-byte header

Copyright © 2008 Version 4.0 Ch 4 - 13

 User Datagram Protocol

• UDP is a connectionless (CL) and unreliable protocol, RFC768

– best-effort delivery
– does not provide retransmission, sequencing and flow control
• Each UDP datagram uses 8 bytes of overhead in the header
• UDP is a simpler design and generates less overhead than TCP,
resulting in a faster transfer of data
• Datagram may not arrive in the order in which it was sent

Copyright © 2008 Version 4.0 Ch 4 - 14

 Port Addressing

• TCP and UDP use unique port numbers in the header fields to keep
track of the various applications
– source and destination ports
– source port number in a client request is a randomly generated number
– destination port number
is a default or manually
assigned number
• A socket is a
combination of the
Transport layer port
number and Network
layer IP address
– 192.168.1.20:80
– 192.168.100.40:49152

Copyright © 2008 Version 4.0 Ch 4 - 15

 Port Numbers

• Port numbers are assigned by the Internet Assigned Numbers

Authority (IANA)

• Well known ports: 0 to 1023

– commonly used for server applications

• Registered ports: 1024 to 49151

– assigned to user processes or applications

• Dynamic or private ports: 49152 to 65535

– assigned dynamically to client applications when initiating a connection

Copyright © 2008 Version 4.0 Ch 4 - 16

 TCP and UDP Port Numbers

Copyright © 2008 Version 4.0 Ch 4 - 17

 TCP/UDP Common Ports

Copyright © 2008 Version 4.0 Ch 4 - 18

 Netsat

• A network utility used to verify the connections

– lists the protocol in use, the local address and port number, the foreign
address and port number, and the state of the connection
• Can be used to examine open connections on a host when
performance appears to be compromised
– unexplained TCP connections can pose a major security threat

source port destination port connection state

protocol used address or name of remote host

Copyright © 2008 Version 4.0 Ch 4 - 19

 Segmentation and Reassembly

• The Transport layer divides the data into pieces and adds a header
– ensures that data is transmitted within the limits of the media
– data from different application can be multiplexed on to the media

Copyright © 2008 Version 4.0 Ch 4 - 20

 Reliable TCP Conversations

• Connection-oriented (CO) session

– establishment of a session between the hosts in both directions
– connection enables the tracking of a session

• Acknowledgements
– destination sends acknowledgements to the source for the segments
that it receives
– source keeps track of which segments are awaiting acknowledgement
– if the source does not receive an acknowledgement within a
predetermined amount of time, it retransmits that data to the destination

• The reliability is achieved by having fields in the TCP header

Copyright © 2008 Version 4.0 Ch 4 - 21

 TCP Header Fields

• Source port
– TCP session on the device that opened a connection – normally a
random value above 1023
• Destination port
– identifies the upper layer protocol or application on remote site
• Sequence number
– indentifies the sequence of each transmitted segment
• Acknowledgement number
– contains the value of the next sequence number the receiver is
expecting to receive
• Header length
– specifies the size of the TCP header

Copyright © 2008 Version 4.0 Ch 4 - 22

 TCP Header Fields (cont’d)

• Flags (URG, ACK, PSH, RST, SYN, FIN)

– used in session management and in the treatment of the segments
– the value of each flag is either a 1 or 0
– 1 indicates that control information is contained in the segment
• Window size
– determines the number of bytes that can be sent before an
acknowledgement from the receiver is necessary
• Checksum
– used for error-checking of the header and data
• Urgent pointer
– only used with URG flag and points to the sequence number of the last
byte in a sequence of urgent data

Copyright © 2008 Version 4.0 Ch 4 - 23

 TCP Server Processes

• A client initiates a communication with a request for information or

other services using a random port number as the source port
• Each application process running on the server is configured to use
an unique port number

Copyright © 2008 Version 4.0 Ch 4 - 24

 TCP Connection Establishment

• The hosts perform a three-way handshake to establish a connection

– the initiating client sends a segment containing an initial sequence
number
– the server responds with a segment containing an acknowledgement
and its own synchronizing sequence number
– the initiating client responds with an acknowledgement

Copyright © 2008 Version 4.0 Ch 4 - 25

 Three-Way Handshake (SYN)

• SYN flag set to validate an Initial Sequence Number (ISN)

• Relative sequence number is 0
• Random source port is 1069
• Well-know destination port is 80 (http)

Copyright © 2008 Version 4.0 Ch 4 - 26

 Three-Way Handshake (SYN, ACK)

• ACK flag set to indicate a valid Acknowledgement number

• Acknowledgement number response to ISN as relative value of 1
• SYN flag set to indicate ISN for server to client session
• Source port of 80 and destination port of 1069

Copyright © 2008 Version 4.0 Ch 4 - 27

 Three-Way Handshake (ACK)

• ACK flag set to indicate a valid Acknowledgement number

• Acknowledgement number response to ISN as relative value of 1
• Source port is 1069 and destination port is 80 (http)

Copyright © 2008 Version 4.0 Ch 4 - 28

 TCP Connection Termination

• The session termination involves a four-step process

– when the client has no more data to send, it sends a segment with the
FIN flag set
– the server responds with an ACK to acknowledge receipt of the FIN to
terminate the session
– the server sends a FIN to the client to terminate the session
– the client responds with an
ACK to acknowledge the
FIN request from the server

Copyright © 2008 Version 4.0 Ch 4 - 29

 Termination (FIN)

• Server sets FIN flag to indicate a session termination

• Server sequence number is 440

Copyright © 2008 Version 4.0 Ch 4 - 30

 Termination (ACK)

• ACK flag set to indicate a valid Acknowledgement number

• Acknowledgement number response to ISN as relative value of 441
• Source port is 1069 and destination port is 80 (http)

Copyright © 2008 Version 4.0 Ch 4 - 31

 TCP Reassembly

• The segments may arrive out of order at the destination

• The sequence number in the TCP header enables each segment to
be uniquely identified and acknowledged
– how to reassemble and reorder received segments
• Any segments that
arrive with non-
contiguous numbers are
held for later processing
– when the missing
segments arrive, they
are processed

Copyright © 2008 Version 4.0 Ch 4 - 32

 TCP Acknowledgement and Windowing

• The sequence number and acknowledgement number are used

together to confirm receipt of the segments
• The acknowledgement number in the segment sent back to the
source indicates the next segment the receiver expects to receive
• The amount of data that a
source can transmit before
an acknowledgement must
be received is called the
window size
– this technique is known
as windowing
– reduce the overhead of
the acknowledgements

Copyright © 2008 Version 4.0 Ch 4 - 33

 TCP Retransmission

• TCP provides a mechanism to retransmit unacknowledged

segments
– source device retransmits data from the last acknowledgement when it
does not receive an acknowledgement after timeout
• Destination device usually acknowledges contiguous segments that
complete the stream
• Selective Acknowledgements
allow a destination to
acknowledge discontinuous
segments and the host would
only need to retransmit the
missing data

Copyright © 2008 Version 4.0 Ch 4 - 34

 TCP Flow Control

• Flow control adjusts the effective rate of data flow the network and
destination device can support without loss
– prevents the data from the source to overwhelm the destination
• When the source receives an acknowledgement for the specified
amount of transmitted segments, it can continue sending more data

Copyright © 2008 Version 4.0 Ch 4 - 35

 Flow Control (cont’d)

• The window size field specifies the number of bytes sent before an
acknowledgement is expected
– an initial window size is determined during the session startup via the
three-way handshake
– the acknowledgement number is the number of the next expected byte

• TCP attempts to manage the rate of transmission so that all data will
be received and retransmissions are minimized

Copyright © 2008 Version 4.0 Ch 4 - 36

 Dynamic Window Size

• The initial window size is determined during the session setup

• If segments are lost because of congestion or limited buffer
memory, the receiver will acknowledge the last received sequential
segment and reply with a reduced window size
– effectively slows down the rate of transmission

Copyright © 2008 Version 4.0 Ch 4 - 37

 Dynamic Window Size (cont’d)

• After periods of transmission with no data losses or constrained

resources, the receiver will begin to increase the window field
– fewer acknowledgements need to be sent
– window size will continue to increase until there is data loss, which will
cause the window size to decrease

• The dynamic increasing and decreasing of window size is a

continuous process in TCP to determine the optimum window size

Copyright © 2008 Version 4.0 Ch 4 - 38

 UDP Datagram Reassembly

• Datagrams may take different paths to a destination and may arrive

in the wrong order
• UDP does not keep track of sequences numbers
– no way to reorder the datagrams into the transmission order
– simply reassembles the
data in the order that it
was received and forwards
it to the application
• The application identifies
the proper sequence and
determines how the data
should be processed

Copyright © 2008 Version 4.0 Ch 4 - 39

 UDP Server Processes and Requests

• UDP-based servers are assigned well-known or registered port

numbers
• UDP server listens for client request, as shown in the figure
– client requests use well-known port numbers as the destination port
– forwards the application data based on its port number

Copyright © 2008 Version 4.0 Ch 4 - 40

 UDP Client Processes

• Clients requests to UDP server use random port numbers as the

source port
• Server response to UDP clients use random port numbers as the
destination port

Copyright © 2008 Version 4.0 Ch 4 - 41