Chuong 5

Trng ai Hoc Bach Khoa Tp.
HCM
LP VAN CHUYEN
(Transport Layer)
CHNG V
Ban quyen 2004- Khoa Cong Nghe Thong Tin
Trang 1
Trng ai Hoc Bach Khoa Tp.HCM
CAC PHAN TRNH BAY

Nhac lai ve lp mang (network layer) Muc tieu cua lp van chuyen Hng giai quyet cho lp van chuyen Cac giao thc lp van chuyen trong TCP/IP Cac van e khac
Trang 2
NHAC LAI: LP MANG (Network Layer)

Cung cap s lien lac gia cac may tnh tren mang.
Giao thc (Protocol): IP, IPX, Apple Talk, NetBEUI

Ban quyen 2004- Khoa Cong Nghe Thong Tin Trang 3

nh tuyen

a ch ch c xem xet. Bang ng i tai cac bo nh tuyen.
Trang 4

Cac giao thc co kha nang nh tuyen
Trang 5
MUC TIEU cua lp van chuyen
Cung cap viec van chuyen d lieu trong suot gia cac he thong au cuoi (end systems).
MUC TIEU cua lp van chuyen

Chat lng dch vu (QoS)

Tin cay -> phat hien loi, ieu khien loi (error detection, error control) Nhanh nhat co the c -> ieu khien dong (flow control)
Cung cap lien lac gia ng dung vi ng dung

a dch vu Can thiet phai m rong khai niem a ch

HNG GIAI QUYET CHO LP VAN CHUYEN

Tng quan gia lp van chuyen va lp lien ket d lieu
Cac iem tng t

Tnh tin cay

Phat hien loi Xac nhan Truyen lai Phat hien viec nhan d lieu trung lap

ieu khien dong

Dng lai va i Ca so trt
iem khac biet

Cac thc the cua lp lien ket d lieu lien lac qua kenh truyen vat ly. Cac thc the lp van chuyen oi thoai thong qua mang -> a ch tng minh.
LP VAN CHUYEN TRONG TCP/IP
Trang 9
TCP (Transmission Control Protocol)

Mot giao thc pho bien lp van chuyen c chuan hoa tren RFC 793 Cac ac iem chnh

Tin cay Hng ket noi (Connection oriented) Hoat ong hai chieu ong thi Phan manh thong iep va rap lai ch
Trang 10

Quan he gia TCP va IP
TCP dung IP IP la mot giao thc truyen nhan khong tin cay TCP th lai la mot giao thc truyen nhan tin cay Lam the nao e thc hien c ieu nay ?

Cac van e can lu y

Tnh tin cay cua TCP

Mat d lieu Nhan d lieu trung lap Thi gian i Th t nhan Mot trong hai pha co s co hay khi ong lai Thiet lap ket noi tin cay Truyen nhan d lieu tin cay ong ket noi tin cay

Giai phap thiet lap ket noi tin cay

Can va u cho viec thiet lap trong sang va tin cay. Trao oi nhau vi ba thong iep. Con c goi la bat tay ba lan (Three-way handshake). Thong iep SYN c dung e ong bo trong viec thiet lap ket noi. Co th t

Cac phan oan (segment) c gan nhan vi mot ch so tuan t (sequence number) Initial Sequence Numbers (ISNs) phai c trao oi moi khi thiet lap ket noi
Trang 13

Time
Trang 14

Giai phap truyen nhan d lieu tin cay

Xac thc (ACKnowledgement)

Ben nhan tra lai mot thong iep ngan khi nhan c d lieu. Ben gi khi ong timer khi thong iep c truyen. Neu timer het hieu lc trc khi ACK en th ben gi truyen lai thong iep tren.
Truyen lai

Trang 15

Time
Trang 16

Time
Send n
Timer expires Retransmit n
Packet lost Receive n Send ACK n+1
Receive n+1 Send n+1 Receive n+1


Thi gian i cho en khi truyen lai
Phu thuoc vao:

Hng giai quyet:

Khoang cach en ch. Cac ieu kien lu thong mang hien hanh. Nhieu ket noi c m ong thi. c lng c thi gian round trip tren moi ket noi Dung thi gian c lng hien hanh e xet lai retransmission timer c biet nh la adaptive retransmission Cha khoa cua TCP
Trang 19

ieu khien dong

Truyen nhanh co the c. S dung giao thc sliding window.
Trang 20

ieu khien dong (t.t)
Ben nhan

Bao khong gian bo em san co e dung (available buffer space) c goi la window Moi ACK co kem theo thong tin mi nhat ve window. Co the gi ay window trc khi ACK en.
Ben gi
Trang 21
Trang 22

Giai phap ong ket noi tin cay
Thong iep FIN c dung e ong ket noi. Time

Send FIN Receive FIN Send ACK Send FIN Receive FIN Receive ACK Receive ACK
Receive ACK
a ch ng dung

Khong the dung a ch IP. Khong the s dung cac ch so tren he ieu hanh:

Process ID Task number Job name
Phai lam viec tren tat ca cac he thong may tnh
Trang 24
a ch ng dung
Ch so port

Moi ng dung c gan mot ch so nguyen. Mo hnh Client-Server. Server :

Luon dung mo ch so port a biet (well-known port) Lay ch so port cha dung t he thong.
Client :
Trang 25
a ch ng dung
Ch so port va cac dch vu
Trang 26
a ch ng dung
Ch so cac port chuan
Xem tap tin /etc/services tren cac he thong UNIX va \winnt\system32\drivers\etc\services tren Windows NT

nh dang cua TCP Segment
Trang 28
UDP (User Datagram Protocol)

c chuan hoa tren RFC 768
Cac ac iem chnh:

Giao thc khong ket noi (Connectionless protocol) Phan phoi thong iep khong tin cay nhng best effort Co kha nang phat hien loi (trng checksum) Khong ieu khien dong (khong window) Khong ieu khien loi (khong ACK) Cung cap a ch ng dung (ch so port)
Trang 29

nh dang thong iep UDP
Trang 30

Qua trnh truyen nhan
Trang 31
CAC VAN E KHAC

An toan mang
SSL /TSL (Transport Secure Layer)
Trang 32
CAC VAN E KHAC

An toan mang
OS Fingerprinting

Mot phng thc phat hien ra he ieu hanh cua may xa da tren nhng thong tin c trch ra tren cac TCP segment tra ve cua cac may o. Do moi he ieu hanh hien thc TCP stack khac nhau. Tham khao tai lieu Strange Attractors and TCP/IP Sequence Number Analysis, Michal Zalewski, 2001

Initial Sequence Numbers (ISNs). OpenBSD la tot nhat , Linux la kha tot. Cac he ieu hanh khac th co rat nhieu van e.
Trang 33
Nmap & NDIS

CAC VAN E KHAC

An toan mang
T choi dch vu (DOS- Denial Of Service)
Trang 34
CAC VAN E KHAC

T choi dch vu (DOS- Denial Of Services)
TCP SYN flooding con goi la cach tan cong TCP half-open C (masquerading B) A
seq=(Sb,?) flags=SYN,
a,Sb) ACK, seq=(S flags=SYN+
A A allocates allocates kernel kernel resource resource for handling the starting for handling the starting connection connection
No B No answer answer from from B B 120 120 sec sec timeout timeout Free Free the the resource resource
Denial of Services kernel resources exhausted

Trang 35
CAC VAN E KHAC

DDOS (Distributed Denial Of Services) 1. Cracking 2. Signalling 3. Flooding
ISP
mbehring
Target
Trang 36
CAC VAN E KHAC

NAT/PAT
Network Address Translation/Port Address Translation Internet

203.162.4.100
NAT/PAT
192.168.1.0/24
Trang 37
CAC VAN E KHAC

NAT/PAT IN (ip addr, port) (192.168.1.2, 2000) (192.168.1.3, 3000) (192.168.1.20, 3000) OUT (ip addr, port) (203.162.4.100, 2789) (203.162.4.100, 2790) (203.162.4.100, 2791)
Trang 38
CAC VAN E KHAC

Chat lng dch vu (QoS)

Hang i cong bang (Fair Queue) RTP AVVID
Trang 39
TONG KET
Nhac lai ve lp mang

Muc tieu cua lp van chuyen

Giao thc, giao thc co the nh tuyen. Bang ng i va cac giao thc nh tuyen. a ch. Chat lng dch vu(QoS). Cung cap lien lac gia ng dung va ng dung. Co s tng ong vi lp lien ket d lieu. TCP, UDP

Hng giai quyet cho lp van chuyen

Cac giao thc lp van chuyen trong TCP/IP Cac van e khac
Can tm hieu them

Chuong 5

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Chuong 5

Uploaded by

Copyright:

Available Formats

Trng ai Hoc Bach Khoa Tp.

Ban quyen 2004- Khoa Cong Nghe Thong Tin

Trng ai Hoc Bach Khoa Tp.HCM

CAC PHAN TRNH BAY

Ban quyen 2004- Khoa Cong Nghe Thong Tin

Trng ai Hoc Bach Khoa Tp.HCM

NHAC LAI: LP MANG (Network Layer)

Giao thc (Protocol): IP, IPX, Apple Talk, NetBEUI

Trng ai Hoc Bach Khoa Tp.HCM

NHAC LAI: LP MANG (Network Layer)

a ch ch c xem xet. Bang ng i tai cac bo nh tuyen.

Ban quyen 2004- Khoa Cong Nghe Thong Tin

Trng ai Hoc Bach Khoa Tp.HCM

NHAC LAI: LP MANG (Network Layer)

Cac giao thc co kha nang nh tuyen

Ban quyen 2004- Khoa Cong Nghe Thong Tin

Trng ai Hoc Bach Khoa Tp.HCM

MUC TIEU cua lp van chuyen

Trng ai Hoc Bach Khoa Tp.HCM

MUC TIEU cua lp van chuyen

Chat lng dch vu (QoS)

Cung cap lien lac gia ng dung vi ng dung

a dch vu Can thiet phai m rong khai niem a ch

Trng ai Hoc Bach Khoa Tp.HCM

HNG GIAI QUYET CHO LP VAN CHUYEN

Tng quan gia lp van chuyen va lp lien ket d lieu

Cac iem tng t

Tnh tin cay

ieu khien dong

Dng lai va i Ca so trt

iem khac biet

Trng ai Hoc Bach Khoa Tp.HCM

LP VAN CHUYEN TRONG TCP/IP

Ban quyen 2004- Khoa Cong Nghe Thong Tin

Trng ai Hoc Bach Khoa Tp.HCM

TCP (Transmission Control Protocol)

Ban quyen 2004- Khoa Cong Nghe Thong Tin

Trng ai Hoc Bach Khoa Tp.HCM

TCP (Transmission Control Protocol)

Quan he gia TCP va IP

Trng ai Hoc Bach Khoa Tp.HCM

TCP (Transmission Control Protocol)

Cac van e can lu y

Tnh tin cay cua TCP

Trng ai Hoc Bach Khoa Tp.HCM

TCP (Transmission Control Protocol)

Giai phap thiet lap ket noi tin cay

Ban quyen 2004- Khoa Cong Nghe Thong Tin

Trng ai Hoc Bach Khoa Tp.HCM

TCP (Transmission Control Protocol)

Ban quyen 2004- Khoa Cong Nghe Thong Tin

Trng ai Hoc Bach Khoa Tp.HCM

TCP (Transmission Control Protocol)

Giai phap truyen nhan d lieu tin cay

Xac thc (ACKnowledgement)

Ban quyen 2004- Khoa Cong Nghe Thong Tin

Trng ai Hoc Bach Khoa Tp.HCM

TCP (Transmission Control Protocol)

Ban quyen 2004- Khoa Cong Nghe Thong Tin

Trng ai Hoc Bach Khoa Tp.HCM

TCP (Transmission Control Protocol)

Timer expires Retransmit n

Packet lost Receive n Send ACK n+1

Receive n+1 Send n+1 Receive n+1