Modules 14-15 Network Application Communications

Question 1

Why the “layer” approach to the network model?W

Answer 1

Seperation : Breaking a bigger task (data communication) into smaller tasks (functions)

Abstraction: Changes to one layer minimizes the impact on other layers

Design: Easier to implement functions/protocols as long as interconnection between layers are kept intact.

Complexity: easier to learn, troubleshoot and standardize.

Question 2

What is the role of the transport layer? Example?

Answer 2

The transport layer is responsible for logical communications between applications running on different hosts.

This may include services such as establishing a temporary session between two hosts and the reliable transmission of information for an application.

Question 3

How does the transport layer establish connection?

Answer 3

A process server, runs on a server machine, acts as a proxy (on behalf of another), then listens to connect requests, whenever a request arrives, it spawns the requested server allowing it to inherit the connection.

Question 4

Which transport layer ports do we have? What are their ranges?

Answer 4

Well-known ports (0-1023): used by servers (web,email,dns)

Registered ports( 1024-49151) : assigned by IANA to a requested entity, but not controlled; used by client applications.

Private and/or dynamic ports (49152-65535): assigned dynamically by the client OS to identify an application / service end-point.

Question 5

What do we need to distinguish communication processes from each other?

Answer 5

1. Source port: selected dynamically (OS), used as return address
2. Destination port ( e.g Port 80 for HTTP)
3. Source Ip address (eg. 192.168.1.5)
4. Destination Ip address ( e.g. 192.168.1.1)
5. Protocol ( e.g TCP or UDP)

Question 6

Explain a socket and socket pairs

Answer 6

Socket:

One end-point to a two-way communication 192.168.1.1:10

Socket Pairs: Two ends of the communication (local and remote)

Question 7

What are the most common transport protocols? And what are their properties?

Answer 7

TCP UDP and QUIC

Question 8

What is User Datagram Protocol (UDP) ? And where can we use it?

Answer 8

UDP does not track information sent or received and is known as a stateless protocol. It also does not have a flow control and has no acknowledgment that the data is received at the destination. It does also not require an established connection which means that it is not reliable. But it can process UDP datagrams faster than TCP segments.

UDP is used for live media streaming, DNS, SNMP, DHCP, VoIP, online games, IPTV because it is faster.

Question 9

What is Transmission Control Protocol (TCP)

Answer 9

TCP is the reliable, full-featured transport layer protocol. This is because it ensures that all of the data arrives at the destination, by including fields that ensure the delivery of application data. These fields require additional processing by the sending and receiving hosts.

Also implements flow control and congestion control.

Question 10

What are the most important TCP header fields according to the slides?

Answer 10

Sequence number. A 32-bit field is used for data reassembly purposes.

Acknowledgment Number: A 32-bit field is used to indicate that data has been received and the next byte expected from the source.

Header Length: A 4-bit field known as ʺdata offsetʺ that indicates the length of the TCP segment header.

Window size: A 16-bit field is used to indicate the number of bytes that can be accepted at one time.

Window: the number of bytes the receiver is willing to receive (receiver advertised window)

Checksum A 16-bit field used for error checking of the segment header and data.

TCP flags:
- SYN (establish), ACK
(acknowledge), RST (reset), FIN
(terminate)
- URG and PUSH flags are rarely
used!

Question 11

How does TCP establish connection?

Answer 11

TCP uses a method called 3-way-handshake

1. SYN The initiating client requests a client-to-server communication session with the server by sending a SYN request to the server.

2.SYN, ACKThe server acknowledges the client-to-server communication and requests a server-to-client communication session. The server sends ACK response and SYN requests to the client.

3.ACK The initiating client acknowledges the server-to-client communication session.
The client sends ACK response to B

Question 12

How does TCP terminate a connection?

Answer 12

4 way handshake

1. FIN, When the client has no more data to send in the stream, it sends a segment with the FIN flag set to the server.

2.ACK, The server sends an ACK to acknowledge the receipt of the FIN to terminate the session from client to server.

3.The server sends a FIN to the client to terminate the server-to-client session.

4.The client responds with an ACK to acknowledge the FIN from the server

Question 13

In which order must the data stream and packets/segments come? How is this possible?

Answer 13

The TCP data stream can only be pushed to the application layer buffer in-order.
The TCP packets/segments in the stream however can arrive out of order. If they take different routines in the network or due to parallelism in the routers.

This is possible because the usage of sequence numbers allows re-assembly of the data stream at the receiver side even in presence of out-of-order segments. These sequence numbers are randomly selected upon TCP (SYN, SYN/ACK) connection and are incremented further as data is being transmitted by the sender.

Question 14

What is the acknowledgment number and what is a Duplicate Acknowledgment number?

Answer 14

Acknowledgment number is a 32 bit field in the header. This is used to indicate that data has been received and the next byte expected from the source.
It does this by sending back ACK packets(DELAYED 500ms RFC 1122 200ms Windows) from the receiver to sender when the data has been received.

The receiver can also send something called a Duplicate ACK(NOT DELAYED). This happends when the receiver sees a gap between received segments. And after 3 DupACKs the sender retransmits the missing segment.

ACK packets are unreliable (less costly to drop than data packets)

Question 15

Why is timeout important in TCP error control?

Answer 15

Timeout is important in TCP error control because we have something called Retransmission Timeout. RTO

Retransmission timeout makes it so that when a packet fails to be delivered, there is a timeout that waits to check if it is delivered. If not deliver the packet is retransmitted to the receiver.

Question 16

Why is it difficult to determine the right RTO value?

Answer 16

If its too long, it will become to slow to detect a loss, but if its too short we are at risk of getting false positives.

Question 17

What is congestion on a network? What does it result?

Answer 17

Reduced quality of service occurs when a network node or link carries more data than it can handle. this results in packets being discarded by the overloaded router.

When packets containing TCP segments do not reach their destination, they are left unacknowledged.
Retransmission of lost TCP is also an occurrence, and if the retransmission is not properly controlled, the additional retransmission of the TCP segments makes the congestion even worse.

Question 18

How can we avoid congestion on a network?

Answer 18

Using flow control
If the source determines that the TCP segments are either not being acknowledged or not acknowledged in a timely manner, then it can reduce the number of bytes it sends before receiving an acknowledgment.

Question 19

What is a Congestion Window (cwnd) where does it start? And how does it work?
What is SStresh?

Answer 19

The number of bytes TCP sender can inject into the netwrok before expecting to receive an ACK.
Starts with 3 or 10 packets

Then it probes for the available bandwidth in slow -start mode (exponential growth, binary search)
TCP leaves slow-start(SS) mode to Congestion Avoidance (CA) mode after it reaches SSThresh value(Largest possible advertised window)

Question 20

What is Stream Constrol Transmission Protocol(SCTP)

Answer 20

A message-oriented data transfer protocol that has reliable delivery, congestion control and is connection-oriented.
It has a 4-way handshake with the exchange of cookies

INIT, INIT-ACK, Cookie-Echo Cookie-ACK

Question 21

What is Datagram Congestion Control Protocol (DCCP)

Answer 21

Message-oriented and unreliable and unordered data transfer.
Has a reliable connection setup and teardown.
Each endpoint can negotiate congestion control mechanism on connection setup.

DCCP = UDP + Congestion Control

or DCCP = TCP - bytestream semantic - full reliability

Question 22

What is Quick UDP Internet Connections (QUIC)

Answer 22

QUIC runs encrypted (TLS 1.3), encapsulated over UDP in order to bypass the middleboxes(routers) that wouldn’t allow anything to pass except TCP/UDP

Userland, 0-RTT handshake with cookies, multiplexed in-order reliable stream-
based transport (solves TCP’s HOL-blocking)

Connection-oriented
Byte-stream-based (segments)
In-order delivery
Reliability
Flow control
Congestion control
Multi-streaming/Multiplexing

Question 23

What makes it so Wireless networks can be lossy? What makes it so we don’t notice them as much?

Answer 23

Adverse channel conditions are caused by:

Frame collisions: Due to contending hosts on the shared wireless medium

Environmental noise: Leading to high bit-error rate and hence frame loss

Most of the MAC frame losses are masked from the transport layer by some form of mAC-level frame retransmission on the wireless segment of the end-to-end path

Question 24

What makes it so wireless networks dynamically change?

Answer 24

Channel conditions: noise, interference, contention

RTT (Round-trip-time) due to changing channel conditions and distance

Dynamic topology: Movement, node density, physical obstacles

Battery devices can’t always run full-stack transport protocols and that can lead to losses/retransmissions which are also expensive on wireless.

Question 25

How can we improve wireless transport performance?

Answer 25

Explicitly Congestion Notification (ECN) with active queue management

Delay-based, model-based or hybrid (instead of loss-based) gongestion control mechanism

Better transport protocols (message based instead of byte stream based)

Question 26

What is ECN? Explicit Congestion Notification

Answer 26

ECN allows end-to-end notification of network congestion without dropping packets

Question 27

Active Queue Management (AQM)

Answer 27

Dropping/marking packets randomly at the bottleneck on the onset of congestion (i.e before the buffer is full) to signal to the sender to reduce its rate.

Question 28

Name 4 other types of TCP

Answer 28

Loss-based
Delay-based
Model-based
TCP

Question 29

Does TCP work well over SATCOM? And what is TCP splitting?

Answer 29

No feedback loops are too long on the Satcom links
Slows down cwnd growth and makes packet losses too costly

TCP splitting is a technique used by SATCOM providers to speed up the connection setup and cwnd growth using Performance Enhancing Proxy (PEP)

Question 30

Does QUIC work well over SATCOM?

Answer 30

No, QUIC’s encrypted headers make it hard for PEP’s to split the connection , basically PEP’s don’t undersyand QUIC.

Question 31

What is the Presentation layers responsible for?

Answer 31

The Presentation Layer is responsible for common formatting of data for presentation (e.g data encryption, compression, charset conversion, etc.)

Question 32

What is the Session layer responsible for?

Answer 32

The Session layer is responsible for establishing and maintaining sessions i.e dialogues between source and destination applications. It offers authentication and authorization.

Question 33

How does the Client/Server model work?

Answer 33

A request is made by the client to a server (more often asking for a resource); the server provides the response/resource.

Example #1: HTTP GET request to a web server to get a response (html.js.xml.css.jpeg object)

Internet servers should have a public IP address to be reachable from any client.

Question 34

How does the Peer-to-Peer (P2P) model work? Give example. What are the main challenges?

Answer 34

No dedicated server is involved in communication. Two devices communicate directly, and each can function as both client and server

Skype, BitTorrent

The main challenge with P2P apps is the ability to know the other peer’s addresses. This is because most clients are behind some sort of NAT, so their public IP address is not known to their other peer.

Some applications keep a list of users in (a set of) servers using a technnique called NAT hole-punching to traverse areound NATs.

Question 35

How do we get a URL(Uniform Resource Location)?

Answer 35

The URL is requested from a web server using an HTTP (GET) request, often initiated by a browser application; the web server responds.

Question 36

Which HTTP request methods do we have?

Answer 36

GET: Retrieve info from the server (Sends the GET message to the webserver to request HTML pages.)
HEAD: Same as GET but only header
POST: send data(upload) (form data)
PUT: Replace with uploaded content. This uploads resources or content to the web server, such as an image.
DELETE: Removes resource
CONNECT: Two-way communication

Question 37

What is HTTP

Answer 37

HTTP is a request/response protocol.
When a client, typically a web browser, sends a request to a web server, HTTP specifies the message types used for that communication.

Question 38

What is HTTPS? How does it work

Answer 38

Compared to HTTP, HTTPS provides encryption and authentication over HTTP

It uses Transport Layer Security (TLS) for encryption to protect against eavesdropping and tampering (man in the middle)

Question 39

What is Post Office Protocol (POP)?

Answer 39

Post Office Protocol (POP) POP is used by an application to retreive mail from a mail server by downloading mail from the server to the client and then deleted oin the server.

Question 40

What is Domain Name system (DNS)? How does it work?

Answer 40

A way to convert hostnames to numerical addresses (uis.no to 152.94.26.120)

1) Client (i.e., browser) looks for the DNS match in a local cache (i.e., in browser
or OS)
2) If no match, client issues DNS request (i.e., DNS query, address lookup) (on
port 53, UDP) to a DNS resolver
3) DNS resolver looks for DNS name server that has the requested IP address in
a recursive fashion (e.g., using DNS forwarding)
4) Resolver parses the hierarchy from DNS root server down to authoritative
DNS name server

Question 41

What is DNS Hierarchy

Answer 41

The DNS protocol uses a hierarchical system to create a database to provide name resolution

.com - a business or industry
.org - a non-profit organization
.au - Australia
.co - Colombia

Question 42

What is nslookup?

Answer 42

Nslookup is a unix-based network administration tool for obtaining DNS records for troubleshooting and verification

Question 43

What is DHCP? What can devices do with it? And when do we not use it

Answer 43

A network management protocol that automates the assignment of IPv4 addresses, subnet masks, gateways, and other parameters.

Devices joining a network can send DHCP requests to a server operated by the ISP/network provider.

DHCP is used on the access edge (end-user) Static addressing for gateways, routers, etc.

Question 44

What is FTP (File transfer Protocol)?

Answer 44

FTP is a protocol for transferring files in a client/server network

1. Control Connection: The client opens the first connection to the server for control traffic.

2.Client opens second connection for data traffic.

3.Server transfers data to the client.

Question 45

Server Message Block (SMB)

Answer 45

The Server Message Block (SMB) is a client/server file sharing protocol that describes the structure of shared network resources, such as directories, files, printers, and serial ports.It is a request-response protocol. All SMB messages share a common format

Start, Authenticate and terminate sessions
Control file and printer access.
Allow an application to send or receive messages to or from another device.

Question 46

What is HTTP2.0 ?

Answer 46

HTTP2.0 is an improvement of original HTTP,
It has:

Faster page load time

Binary instead of plaintext

Optional TLS encryption

HTTP header compression and server push

Multi-streaming, allows multiplexing(Multiplexing is a method used by networks to consolidate multiple signals – digital or analog – into a single composite signal that is transported over a common medium,)

request/responses

Question 47

What is HTTP 3.0

Answer 47

HTTP/3 is HTTP/2 overt QUIC Instead of TCP

Question 48

What is retransmission timeout (RTO)?

Answer 48

An RTO occurs when the sender is missing too many acknowledgments and decides to take a time out and stop sending altogether. When the timeout expires, missing packet is retransmitted and cwnd=1.

It is difficult to determine the right RTO value!
-Too long: too slow to detect loss
-Too short: risk of false positives

Question 49

What is Receiver advertised window (rwnd)?

Answer 49

It is a sliding window chosen based on the available TCP receiver buffer size.
The sizes are exchanged during connection establishment.

Question 50

What is Simple Mail Transfer Protocol (SMTP)

Answer 50

Simple Mail Transfer Protocol (SMTP) When a client sends email, the client SMTP process connects with a server SMTP process on port 25.
After the connection is made, the client attempts to send the email to the server across the connection.

When the server receives the message, it either places the message in a local account, if the recipient is local or forwards the message to another mail server for delivery.

Question 51

What is IMAP Internet Message Access Protocol?

Answer 51

Internet Message Access Protocol (IMAP) User connects to an IMAP-capable server, and copies of the messages are downloaded to the client application, as shown in the figure. The original messages are kept on the server until manually deleted.