Manual:Connection oriented communication (TCP/IP)

From MikroTik Wiki
Jump to navigation Jump to search

Connection oriented communication (TCP/IP)

The connection-oriented communication is a data communication mode in which you must first establish a connection with remote host or server before any data can be sent. It is similar with analog telephone network where you had to establish connection before you are able to communicate with a recipient. Connection establishment included operations such as dial number, receive dial tone, wait for calling signal etc.


TCP session establishment and termination

Process when transmitting device establishes a connection-oriented session with remote peer is called a three-way handshake. As the result end-to-end virtual (logical) circuit is created where flow control and acknowledgment for reliable delivery is used. TCP has several message types used in connection establishment and termination process (see Figure 2.1.).

File:Image2001.gif

Connection establishment process

  1. The host A who needs to initialize a connection sends out a SYN (Synchronize) packet with proposed initial sequence number to the destination host B.
  2. When the host B receives SYN message, it returns a packet with both SYN and ACK fags set in the TCP header (SYN-ACK).
  3. When the host A receives the SYN-ACK, it sends back ACK (Acknowledgment) macket.
  4. Host B receives ACK and at this stage the connection is ESTABLISHED.

Connection-oriented protocol services are often sending acknowledgments (ACKs) after successful delivery. After packet with data is transmitted, sender waits acknowledgement from receiver. If time expires and sender did not receive ACK, packet is retransmitted.


Connection termination

When the data transmission is complete and the host wants to terminate the connection, termination process is initiated. Unlike TCP Connection establishment, which uses three-way handshake, connection termination uses four-way massages. Connection is terminated when both sides have finished the shut down procedure by sending a FIN and receiving an ACK.

  1. The host A, who needs to terminate the connection, sends a special message with the FIN (finish) flag, indicating that it has finished sending the data.
  2. The host B, who receives the FIN segment, does not terminate the connection but enters into a "passive close" (CLOSE_WAIT) state and sends the ACK for the FIN back to the host A. Now the host B enters into LAST_ACK state. At this point host B will no longer accept data from host A, but can continue transmit data to host A. If host B does not have any data to transmit to the host A it will also terminate the connection by sending FIN segment.
  3. When the host A receives the last ACK from the host B, it enters into a (TIME_WAIT) state, and sends an ACK back to the host B.
  4. Host B gets the ACK from the host A and closes the connection.


Segments transmission (windowing)

Now that we know how the TCP connection is established we need to understand how data transmission is managed and maintained. In TCP/IP networks transmission between hosts is handled by TCP protocol.

Let’s think about what happens when datagrams are sent out faster than receiving device can process. Receiver stores them in memory called a buffer. But since buffer space are not unlimited, when its capacity is exceeded receiver starts to drop the frames. All dropped frames must be retransmitted again which is the reason for low transmission performance.

To address this problem, TCP uses flow control protocol. window mechanism is used to control the flow of the data. When connection is established, receiver specifies window field (see, TCP header format, Figure 1.6.) in each TCP frame. Window size represents the amount of received data that receiver is willing to store in the buffer. window size (in bytes) is send together with acknowledgements to the sender. So the size of window controls how much information can be transmitted from one host to another without receiving an acknowledgment. Sender will send only amount of bites specified in window size and then will wait for acknowledgments with updated window size.

If the receiving application can process data as quickly as it arrives from the sender, then the receiver will send a positive window advertisement (increase the windows size) with each acknowledgement. It works until sender becomes faster than receiver and incoming data will eventually fill the receiver's buffer, causing the receiver to advertise acknowledgment with a zero window. A sender that receives a zero window advertisement must stop transmit until it receives a positive window. Windowing process is illustrated in Figure 2.2.

File:Image2002.gif

The host A starts transmit with window size of 1000, one 1000byte frame is transmitted. Receiver (host B) returns ACK with window size to increase to 2000. The host A receives ACK and transmits two frames (1000 bytes each). After that receiver advertises an initial window size to 2500. Now sender transmits three frames (two containing 1,000 bytes and one containing 500 bytes) and waits for an acknowledgement. The first three segments fill the receiver's buffer faster than the receiving application can process the data, so the advertised window size reaches zero indicating that it is necessary to wait before further transmission is possible.

The size of the window and how fast to increase or decrease the window size is available in various TCP congestion avoidance algorithms such as Reno, Vegas, Tahoe etc.

Ethernet networking

CSMA/CD

The Ethernet system consists of three basic elements:

  • the physical medium used to carry Ethernet signals between network devices,
  • medium access control system embedded in each Ethernet interface that allow multiple computers to fairly control access to the shared Ethernet channel,
  • Ethernet frame that consists of a standardized set of bits used to carry data over the system.

Ethernet networking uses Carrier Sense Multiple Access with Collision detection (CSMA/CD) protocol for data transmission on shared medium that helps to control and manage access to shared bandwidth when two or more devices want transmit data at the same time. CSMA/CD is a modification of Carrier Sense Multiple Access. Carrier Sense Multiple Access with Collision Detection is used to improve CSMA performance by terminating transmission as soon as a collision is detected, and reducing the probability of a second collision on retry.

Before we discuss a little more about CSMA/CD we need understand what are collision, collision domain and network segment. A collision is the result of two devices on the same Ethernet network attempting to transmit data at exactly the same time. The network detects the "collision" of the two transmitted packets and discards them both.

If we have one large network and we break up it into number of smaller ones – this often called network segmentation. This may be done by using devices like routers and switchs. It means that each of switch port create separate network segment and only such device as hub just connect networks segments together by creating one collision domain. Each network segment on switch create separate collision domain. A collision domain is a physical network segment where data packets can "collide" with one another for being sent on a shared medium. Therefore on hub only one computer can receive data simultaneously otherwise collision can occur and data will be lost. Whereas switch “switch” frames from one port to another and each of computers can send data simultaneously regardless from other computers.

File:Image2003.gif

Hub (called also repeater) is specified in Physical layer of OSI model because it regenerates only electrical signal and sends out input signal to each of ports. Today hubs did not dominate on the LAN networks and are replaced with switches.

Carrier Sense – means that a transmitter listens for a carrier (encoded information signal) from another station before attempting to transmit.

Multiple Access – means that multiple stations send and receive on the one medium.

Collision Detection - involves algorithms for checking for collision and advertises about collision with collision response – “Jam signal”.

When the sender is ready to send data, it checks continually if the medium is busy. If the medium becomes idle the sender transmits a piece of data a frame.

Look at the Figure 2.4 bellow there is explained simple example of CSMA/CD.

File:Image2004.gif


  1. Any host on the segment that want to send data “listen” what really happen on the physical medium(wire) an check whether is someone else that already sending data.
  2. If Host A and host C on shared network segment determine that no one else is sending data and then send data.
  3. If Host A and Host C listen to the medium at the exact same time, and then send their data onto the segment at the same time, a collision will occur. Collision cause what we refer to as "noise", that is a change in the voltage of the signals in the line (wire).
  4. Host A and Host B detect this collision and send out “jam” signal to tell to other station not to send data at this time. Both Host A and Host C need to retransmit this data, but we don't want that them to send their data simultaneously again. To avoid this, host A and host B will start a random timer (ms) before attempting to start CSMA/CD process again by listening to the wire.

Each computer on Ethernet network operates independently of all other stations on the network: there is no central controller therefore probability that


Half and Full duplex Ethernet

Ethernet standards such as Ethernet II and Ethernet 802.3 are passed through formal IEEE (Institute of Electrical and Electronics Engineers) standardization process. The difference is that Ethernet II header includes Protocol type field whereas in Ethernet 802.3 this field was changed to length field. Ethernet is the standard CSMA/CD access method. Ethernet supports different data transfer rates Ethernet (10BaseT) – 10 Mbps, Fast Ethernet (100Base-TX) – 100 Mbps Gigabit Ethernet (1000Base-T) – 1000 Mbps through different types of physical mediums (twisted pairs (Copper), coaxial cable, optical fiber). Today Ethernet cables consist of four twisted pairs (8 wires). For example, 10Base-T uses only one of these wire pairs for running in both directions using half-duplex mode.

Half-duplex data transmission means that data can be transmitted in both directions between two nodes, but only one direction at the same time. Also in the Gigabit Ethernet is defined (Half-duplex) specifications, but it isn’t used in practice.

Full-duplex data transmission means that data can be transmitted in both directions using different twisted pairs for each of direction at the same time. Full Duplex Ethernet, collisions are not possible since data is transmitted and received on different wires, and each segment is connected directly to a switch. Full-duplex Ethernet offers hundreds present performance in both directions for example, if yours computer supports Gigabit Ethernet (full duplex mode) and your gateway (router) also support it than betweens your computer and gateway are available 2Gbps aggregated bandwidth. Whereas if you had used half duplex mode than you cloud got theoretical 1Gbps aggregated bandwidth by theoretically because there is used CSMA/CD protocol.


Simple network communication example

ARP protocol operation

Address Resolution Protocol (ARP) is a protocol for mapping an Internet Protocol (IP) address of host in the local network to the hardware address (MAC address). The physical/hardware address is also known as a Media Access Control or MAC address. Each network device maintains ARP tables (cache) that contain list of MAC address and its corresponding IP address. MAC addresses uniquely identify every network interface in the network. IP addresses are used for path selection to destination (in the routing process), but frame forwarding process from one interface to next occur using MAC addresses.

When host on local area network want to send IP packet to another host in this network it must looks for Ethernet MAC address of destination host’s into own ARP cache. If host doesn’t find the destination host’s MAC address in ARP table, it uses ARP request to find this information. ARP sends broadcast request message to all devices on the LAN by asking the devices with the specified IP address to reply with its MAC address. A device that recognizes the IP address as its own return ARP response with own MAC address. Figure 2.5 shows how an ARP looks for MAC address on the local network.

File:Image2005.gif


Commands that displays current ARP entries on PC (linux, DOS) and a MikroTik router (commands might do the same thing, but they syntax may be different):

For windows and Unix like machines:

arp – a displays the list of IP addresses with its corresponding MAC addresses

ip arp print – same command as arp – a but display the ARP table on a MikroTik Router.