Skip to content

0x351 Network and Transport

1. Network Layer (3)

Network layer provides logical communication between hosts (even across network boundary). A packet in the network layer is referred to as a datagram

This layer can be programmed with TUN/TAP devices

1.1. IP

The IP service model is a best-effort delivery service: it does not guarantee the delivery of the packet, therefore it is a unreliable service.

1.1.1. Subnet Mask

Subnet mask divided ip into two portion: network portion and host portion

The host portion

  • all 1: broadcast address
  • all 0: network address
  • all 0 + 1, all 1 - 1: usually default gateway (packet will be sent to the gateway node if the target IP is not under the same network)

1.2. IGP

Interior Gateway Protocol exchanges routing table information within an Autonomous System

1.2.1. OSPF

1.2.2. RIP

1.3. EGP

Exterior Gateway Protocol used to exchange routing information between autonomous systems

1.3.1. BGP

Boarder Gateway Protocol

1.4. ICMP

1.4.1. command

  • tcpdump -nni en0 icmp: filter icmp packets

2. Transport Layer (4)

Transport layer provides logical communication between processes. A packet in the transport layer is refered to as a segment.

Within an end system, a transport protocol moves message from application processes to the network edge and vice versa, but it doesn't have any say about how the messages are moved within the network core.

It can offer certain services even the underlying network protocol does not offer the corresponding service (e.g: reliable data transfer, encryption)

2.1. Multiplexing and Port Number

The most fundamental responsibility of UDP and TCP is to extend IP's delivery service between two end systems to a dlivery service between two processes running on the end systems. This delivery is called trasnport-layer multiplexing and demultiplexing

  • The job of gathering data chunks at the src host from different sockets, encapsulating each data chunk with header infromation to create segments, and passing the segments to the network layer is called multiplexing

  • The delivery of the data in a transport-layer segment to the correct socket is called demultiplexing

The multiplexing requries special fields to indicate source and destination sockets, those fields are source port number field and destination port field

Port number is a 16-bit number, and 0 - 1023 are called well-known port number.

#To find the process/service listening on a particular port
lsof -i :80

2.2. UDP

unreliable, connectionless service

UDP socket is identified by a two-tuple (dest IP, dest port)

The only service provided by UDP are

  • process-toprocess data delivery
  • error checking

2.3. TCP

reliable, connection-oriented service

TCP socket is identified by a four-tuple (src IP, src port, dest IP, dest port)

2.4. QUIC

RFC9000!!

QUIC improves performance of connection-oriented web applications that are currently using TCP

Main characterstics of QUIC are

  • use UDP instead of TCP, QUIC manages multiple streams and deals with the loss recovery
  • key exchange is done in the intiail handshake process

3. Session Layer (5)

4. Presentation Layer (6)

4.1. XDR

  • external data representation
  • a standard data serialization format

5. Socket Programming

API (socket (2))

  • system call to create a socket and return its file descriptor.
  • There are three socket domains: AF_UNIX for socket on the same host, AF_INET for IPv4, AF_INET6 for IPv6.
  • There are two types: SOCK_STREAM for connection-oriented communication (e.g: TCP), SOCK_DGRAM for connectionless communication (e.g.: UDP)

5.1. Stream Socket

stream

API (bind (2)) bind socket to an address. addr is a generic structure to handle both pathname (for unix socket) and IP (for inet socket)

API (listen (2)) Listening for incoming connections, backlog is the limit of pending connections.

API (accept (2)) server side interface to accept a connection can be configured as either blocking or nonblocking

API (connect (2)) client side interface connecting to a peer socket

5.2. Datagram Socket

datagram

recvfrom sendto

5.3. DNS

getaddrinfo (3): domain -> address getnameinfo (3): address -> domain

6. Reference

[1] Kurose, James F. Computer networking: A top-down approach featuring the internet, 3/E. Pearson Education India, 2005.