Module 3 Flashcards
Transport Layer
Allows traffic to be directed to specific network applications
Application Layer
Allows applications to communicate in a way they understand
Multiplexing
Nodes on a network have the ability to direct traffic on a network to many different receiving services.
Demultiplexing
taking traffic that is aimed at the same node and delivering it to the proper receiving service
TCP
UDP
PORT
a 16 bit number that’s used to direct traffic to specific services running on a networked computer
TCP Segment
Made up of a TCP header and a data section
TCP Header content
- Source Port (16bit)
- Destination Port (16bit)
- Sequence Number (32bit) -Keeps track of tcp segments
- Acknowledgement number (32) - number of the next expected segment
- Header Length (4) - tells receiving device where the payload begins
- Empty (6)
- Control Flags (6) -URG, ACK, PSH, RST,SYN,FIN
- Window (16)
- Checksum (16) - data integrity
- Urgent (16) - points out segments that is more important than others
- Options (16) -
- Padding - sequence of zeros to ensure that payload begins at the expected location.
- Data payload
What are the 6 tcp flags?
- SYN (Synchronize):
Purpose: The SYN flag is used during the initial connection establishment phase (the handshake) between a client and server. When set, it indicates a request to synchronize sequence numbers to initiate a connection.
Usage: A connection is established using a three-way handshake:
Client sends SYN to server to initiate the connection.
Server responds with SYN-ACK.
Client sends ACK, and the connection is established. - ACK (Acknowledgment):
Purpose: This flag indicates that the sender has successfully received the data and is acknowledging it. It is used in nearly every TCP packet after the connection is established.
Usage: During data transfer, every packet with data includes an ACK flag, confirming the receipt of previous packets. - FIN (Finish):
Purpose: The FIN flag signals the termination of the connection. When either the client or server is done sending data, they send a packet with the FIN flag set, indicating that no more data will be sent.
Usage: A four-step process is followed to close the connection:
Client sends FIN.
Server acknowledges with ACK.
Server sends its own FIN.
Client acknowledges with ACK to complete the termination. - RST (Reset):
Purpose: The RST flag is used to reset a connection immediately. It can be used if there is an error or if a device receives data for a connection that doesn’t exist (such as if the server is not accepting new connections).
Usage: When a device sends an RST, the connection is forcibly terminated without following the normal termination process (FIN/ACK). - PSH (Push):
Purpose: The PSH flag instructs the receiving device to immediately pass the data to the application layer rather than buffering it. It tells the receiver to “push” the data up to the application.
Usage: Typically used when a sender wants the receiver to process data without waiting for more packets (e.g., in interactive applications like telnet or SSH). - URG (Urgent):
Purpose: This flag indicates that the data contained in the packet should be prioritized and processed immediately, as it is urgent. Along with the URG flag, a special urgent pointer in the TCP header tells where the urgent data ends.
Usage: The URG flag is used less often in modern protocols, but it can be used for situations where certain data needs to be processed before others.
Three way handshake
The three-way handshake is a process used in TCP (Transmission Control Protocol) to establish a reliable connection between a client and a server. This process ensures that both sides are synchronized and ready to transmit data. Here’s how it works:
SYN (Synchronize):
The client starts the process by sending a SYN packet to the server. This packet contains an initial sequence number (SYN flag set) and is essentially a request to initiate a connection.
The SYN packet tells the server, “I want to start communication, and here is my initial sequence number.”
SYN-ACK (Synchronize-Acknowledgment):
The server responds by sending a SYN-ACK packet back to the client. This packet acknowledges the client’s SYN packet with an ACK and includes the server’s own initial sequence number, indicated by the SYN flag.
The SYN-ACK tells the client, “I acknowledge your request, and here’s my sequence number.”
ACK (Acknowledgment):
Finally, the client responds with an ACK packet. This packet acknowledges the server’s SYN-ACK and finalizes the establishment of the connection. After this, the data transmission can begin.
The ACK tells the server, “I received your response, and I am ready to start sending data.”
4 way handshake
The four-way handshake is the process used in TCP (Transmission Control Protocol) to gracefully terminate a connection between a client and a server. After data transmission is complete, both the client and the server must ensure that no more data will be sent before the connection is fully closed. Here’s how it works:
Steps in the Four-Way Handshake:
FIN (Finish):
The client sends a FIN packet to the server to indicate that it has finished sending data and wants to close the connection. This is the first step in initiating the termination process.
The FIN flag tells the server, “I have no more data to send, and I want to close the connection.”
ACK (Acknowledgment):
The server responds with an ACK packet, acknowledging that it has received the client’s FIN request. However, the server may still need to send some data of its own before it can fully close the connection.
The server tells the client, “I acknowledge your request, but I might still have some data to send.”
FIN (Finish):
After the server finishes sending any remaining data, it sends a FIN packet to the client, signaling that it has finished its own data transmission and is ready to close the connection.
The server says, “I am done sending data, and I want to close the connection as well.”
ACK (Acknowledgment):
Finally, the client responds with an ACK packet, confirming that it has received the server’s FIN packet. At this point, both sides have agreed to terminate the connection, and it is fully closed.
The client tells the server, “I acknowledge your request to close the connection.”
Socket
A socket is an active port or endpoint
Once a TCP segment tells a service to listen for requests through a port, that listening port becomes a “socket.” In other words, a socket is an active port used by a service. Once a socket is activated, a client can send and receive data through it.
Instantiation
The actual implementation of something defined elsewhere
TCP Socket States
- LISTEN: A TCP socket is ready and listening for incoming connections
- SYN_SENT: A synchronization request has been sent but a connection has not been established yet
- SYN-RECEIVED: A socket previously in a LISTEN state has received a synchronization request and sent a SYN/ACK back
- ESTABLISHED: The TCP connection is in working order and both sides are free to send each other data
- FIN_WAIT: A FIN has been sent, but the corresponding ACK from the other end hasn’t been received yet.
- CLOSE_WAIT: The connection has been closed at the TCP layer, but that the application that opened the socket hasn’t released its hold on the socket yet.
- CLOSE: The connection has been fully terminated and that no further communication is possible
