CCNA-1. Chapter4. OSI Transport layer.

The Transport layer primary responsibilities:

• Tracking the individual communication between applications on the source and destination hosts
• Segmenting data and managing each piece
• Reassembling the segments into streams of application data
• Identifying the different applications

Some protocols at the Transport layer provide additional functions:

• Connection-oriented conversations (data for a communication between the two applications can be closely managed)
• Reliable delivery (source device retransmit any data that is lost)
• Ordered data reconstruction (ensure that segments are reassembled into the proper order)
• Flow control (sending application reduce the rate of data flow)

UDP (RFC 768) transport protocol that provide low overhead (8 bytes )data delivery. PDU - datagram. Datagrams sent "best effort"  
 Applications that use UDP:

• Domain Name System (DNS)
• Video Streaming
• Voice over IP (VoIP)

TCP (RFC 793) incurs additional overhead (20 bytes), same order delivery, reliable delivery, and flow control. PDU - segment.  
TCP segment fields values:

• Source port - TCP session on a device that opened connection - normally a random value above 1023
• Destination port - Identifies upper layer protocol or apptlication on remote site
• Sequence number - Specifies the number of the last octet (byte) in a segment (+1 for each byte of data sent from the client)
• Acknowledgement Number - Specifies the next octet expected by reciever (equal to the received sequence value plus 1)
• Header Length - specifies the length of segment header in bytes
• Reserved - set to 0
• Code bits - used in session management and in treatment of segments.
  
  • URG - Urgent pointer field significant
  • ACK - Acknowledgement field significant
  • PSH - Push function
  • RST - Reset the connection
  • SYN - Synchronize sequence numbers
  • FIN - No more data from sender
• Window - how many bytes must be recieved before sending acknowlegement (determined during the session startup)
• Checksum - used for error checking of header and data
• Urgent - onty used with an URG (Urgent) code bit
• Options - Optional information

Applications that use TCP:

• Web Browsers
• E-mail
• File Transfers

Socket - combination of the Transport layer port number and the Network layer IP address. Types of port numbers (Port numbers are assigned by The Internet Assigned Numbers Authority (IANA)).:

• Well Known Ports (0 to 1023) - these numbers are reserved for services and applications.
  
  • TCP: FTP-21 SMTP-25 Telnet-23 HTTP-80 POP3-110, IRC(Internet Relay Chat)-194, HTTPS-443
  • UDP:  RIP - 520 TFTP- 69, DHCP- 67
  • TCP\UDP: DNS - 53, SNMP - 161, AOL Instant manager,IRC - 531
• Registered Ports (1024 to 49151) - assigned to user processes or applications. May be used dynamically as source port.
  
  • TCP: MSN Messenger-1863 Cisco SCCP(VoIP)-2000 Alternate HTTP-8008 Alternate HTTP-8080
  • UDP: RADIUS Authentication Protocol - 1812, RTP(Voice and video transport protocol) - 5004, SIP(Voip) - 5060
  • TCP\UDP: MS SQL - 1433, WAP(MMS) - 2948
• Dynamic or Private Ports (49152 to 65535) -known as Ephemeral Ports, assigned dynamically as source port.

TCP connection establishment (the three way hanshake):

• Establishes that the destination device is present on the network: client sends an initial sequence value (ISN) (SYN=1)
• Verifies active destination service and if  destination port number accept requests: reciever send acknowledgement value plus its own synchronizing sequence value (SYN=1, ACK=1)
• Informs that client intends to establish a communication session: client responds with an acknowledgement value  (ACK=1)

TCP connection termination:

• When the client has no more data to send in the stream, it sends a segment with the FIN flag set. (FIN=1)
• The server sends an ACK to acknowledge the receipt of the FIN to terminate the session from client to server. (ACK=1)
• The server sends a FIN to the client, to terminate the server to client session. (FIN=1)
• The client responds with an ACK to acknowledge the FIN from the server. (ACK=1)

Security can be added to the data network by:

• Denying the establishment of TCP sessions
• Only allowing sessions to be established for specific services
• Only allowing traffic as a part of already established sessions

Selective Acknowledgements - an optional feature. If both hosts support Selective Acknowledgements, destination acknowledge bytes in discontinuous segments (less than window size) and the host would only need to retransmit the missing data. TCP flow conrol mechanisms (RFC 2581):

• Delay of retransmiting if the acknowledge not recieved (if network is congested - acknowledge can be not lost but delayed)
• Reducing Window Size - require that received segments be acknowledged more frequently.

TCP connection states:

• LISTEN - The local connection is waiting for a connection request from any remote device.
• ESTABLISHED The connection is open, data may be exchanged through the connection.
• TIME-WAIT The local connection is waiting a default period of time after sending a connection termination request before closing the connection. This is a normal condition, and will normally last between 30 - 120 seconds.
• CLOSE-WAIT The connection is closed, but is waiting for a termination request from the local user.
• SYN-SENT The local connection is waiting for a response after sending a connection request.
• SYN_RECEIVED The local connection is waiting for a confirming connection request acknowledgment.