Transport Layer Flashcards
What is a socket and how is it defined?
A socket is an interface between the application and the transport layer. It is identified by other processes with:
- IP Address
- Port nr.
- Transport Protocol
Describe the process of the TCP handshake.
- ) SYN with rand (sequence) nr. x
- ) SYN ACK x++ and rand (sequence) nr. y
- ) ACK x++ and y++
- ) Send and receive data
What is a “Fast Open” handshake? How is it implemented?
After the first 3-way-handshake the client can ask for a TCP Cookie. Afterwards it doesn’t have to do the 3-way-handshake again for a new TCP session.
This can be added as TCP Option to the TCP Header
Which 2 methods can be used to terminate a TCP connection?
- FIN (Control Bit)
- RST (Control Bit)
Describe the process of terminating a TCP connection (nicely).
- ) Client -> Server FIN
- ) Server -> Client ACK
- ) Server -> Client FIN
- ) Client -> Server ACK
What “data flow” mechanism uses TCP?
Sliding window with buffer. Buffer size is sent with the “Window” in TCP Header. Sequence nr. are used to identify the correct flow of segments.
How big is the MSS (Maximum Segment Size) of TCP and can we reduce fragmentation with it?
MSS is derived from the MTU of Link layer. MSS = MTU - IP header length - TCP Header length. Avoids fragmentation on our end but fragmentation can happen because some routers may have a lower MTU than we have
Describe the UDP Header.
Have a look at the slides.
What is the (biggest) problem of UDP?
It is used for DDoS attacks. If the attacker uses a protocol which allows him to send a small request that leads to a bigger response he can amplify the attack.
How is a UDP response reassembled to its request?
It is not. UDP doesn’t care about that. If a protocol needs to that (e.g. DNS) the protocol has to have the information on itself.
Why does DNS use UDP?
DNS only needs to transmit little data. So we want them to transmit fast and without much overhead. UDP is perfect for that and to reassemble response and request, DNS provides an option for that.