Transport Layer

UNIT 4

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 The transport service in networking plays
a crucial role in ensuring reliable data

The Transport transmission between applications on

different machines.

Service It sits between the application layer

(where user applications like web browsers
or email clients operate) and the network
layer (which handles data transmission
over networks).

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 1. Services Provided to Upper Layers ● Transport Entity: This is the software
• The transport layer is designed to or hardware responsible for performing
provide reliable, efficient, and cost- tasks in the transport layer. It can be
effective data transmission for part of the operating system, a library
applications, no matter how unreliable for applications, or even on the network
the network underneath might be. interface card.

• It hides the imperfections of the network ● Connection-Oriented vs.

from the application layer by handling Connectionless Transport:
errors, retransmissions, and flow • Connection-Oriented: Like a phone call
control. —establish a connection, transfer data,
then disconnect. It ensures reliable
• So, even if the network loses or corrupts delivery.
packets, the transport layer will make
sure the application doesn't have to • Connectionless: Like sending a letter—
worry about it. just send data without establishing a
connection. It’s faster but less reliable.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 2. Why Do We Need the Transport Layer? 3. Transport Service Primitives

Although the network layer moves packets To communicate over a network, the
between machines, it may not be reliable. The transport layer provides a set of simple
network might lose packets, routers could operations called transport service
crash, or packets may arrive out of order. The primitives. These are commands or
transport layer ensures that: functions that applications can use to
establish and manage connections.
• Lost or damaged packets are
retransmitted.
Here are the five key primitives in a
• Data is delivered in the correct order.
simple transport service:
• Connections are maintained even if there
are network failures.

In short, the transport layer makes

communication reliable by compensating
for network problems that applications don’t
need to handle directly.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 4. Connection Establishment and Release

To manage connections, the transport layer 5. Nesting of Data Units (Frames,

follows a process for establishing and releasing Packets, Segments)
connections.
Data flows from the application, through the
• Connection Establishment: First, the server transport layer, to the network, and
waits for clients with a LISTEN command. ultimately to the physical hardware. At each
When a client wants to connect, it sends a stage, the data gets wrapped in a different
CONNECT request. The server accepts this “envelope”:
connection, and data transfer can begin.
• Frame: Used by the physical (link)
• Connection Release: When either the client layer.
or server no longer needs the connection, • Packet: Used by the network layer.
they can call DISCONNECT. There are two • Segment: Used by the transport layer.
ways to release the connection:
• Asymmetric: One side initiates the
Each layer adds its own header (control
disconnection, and both sides disconnect.
information) to ensure the data gets
• Symmetric: Both sides must independently
delivered correctly.
close their part of the connection.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 Here’s a simple breakdown of how socket
Berkeley Sockets provide a way for
programming works:
applications to communicate over a
network, especially when using the TCP
1. Server Side:
protocol (which is reliable and connection-
1. SOCKET: Creates a new
oriented).
"communication endpoint" (think of
it as setting up a telephone).
Socket = IP address + port number
2. BIND: Associates an address (like a
phone number) to this endpoint.
These socket "primitives" are basic
3. LISTEN: The server is now waiting
commands used to manage network
for calls (clients) to connect, and it
connections. They originated in the Berkeley
can queue multiple calls.
UNIX system in 1983 and have since
4. ACCEPT: When a client calls (tries to
become widely used.
connect), this command accepts the
call, allowing communication.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 • Sockets are versatile: They work for
2. Client Side: both connection-oriented (TCP) and
• SOCKET: Similar to the server, it creates connectionless (UDP) services. For
an endpoint. UDP, there’s no ongoing connection,
• CONNECT: The client calls the server and you send individual messages
(requests a connection). This blocks the instead of setting up a connection first.
client until the connection is successful.
• The socket API became popular
because it makes it easy to program
3. Data Transmission (once connected):
network applications. You can use it with
• SEND: Sends data over the connection
various protocols, not just TCP.
(like talking over the phone).
• RECEIVE: Receives data from the
Sockets are not perfect. For instance, if a
connection (listening on the other end).
web browser is downloading multiple files
from a server, each file usually uses a
4. Closing the Connection: separate connection.
1. CLOSE: Both the client and server can
end the connection. When both have This can be inefficient, and newer protocols
closed it, the connection is released. like SCTP and QUIC try to improve on this
by grouping streams together more
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept effectively.
 6. Reliable Data Transmission:
One of the most critical roles of the
• Timers and Retransmissions: The
transport layer is providing reliable
transport layer uses timers to know
communication, even if the network is
when a packet needs to be resent. If it
unreliable. It achieves this through:
doesn’t get an acknowledgment in time,
it will send the packet again.
• Acknowledgments: Every time a
packet (or segment) of data is sent, the • Flow Control: It makes sure that the
receiver sends back an
sender doesn’t overwhelm the receiver
acknowledgment (ACK) to confirm that
with too much data at once. It ensures
it was received. If the sender doesn’t
both sides communicate at a rate they
receive an ACK within a certain time, it
can handle.
retransmits the data.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 Elements of Transport
Protocol The Elements of Transport Protocols
discusses the different aspects that
transport protocols must handle.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 1. Addressing

Purpose: When a process (like an

application) wants to communicate with
another process on a different device, it needs • NSAP (Network Service Access
to know where to send the data. Point): This is the network layer address,
like an IP address, which tells the network
• TSAP (Transport Service Access where a specific host or device is.
Point): This is a specific "address" in the • Example: IP addresses (like
transport layer, like a port number. [Link]) are examples of NSAP.
• Example: In the Internet, ports (like
port 80 for web traffic) are used to
identify processes or services. TSAP is
just a general term for these ports.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 2. Connection Establishment and
Release
PC 1 PC 2
Connection establishment: For
connection-oriented transport protocols (like Send
TCP), a connection must be established SYN
before any data transmission takes place. SYN
This is done using a three-way Received
handshake:
Send
SYN + ACK
• SYN: The client sends a synchronize
(SYN) message to the server to SYN + ACK
initiate the connection. Received
• SYN-ACK: The server acknowledges
Send
the SYN request and sends a SYN- ACK
ACK (synchronize acknowledgment).
• ACK: The client acknowledges the ACK
server's response, and the Received
connection is established.
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept
 Solution to Delayed and Duplicate
Problem of Delayed and Duplicate Packets
Packets
The transport protocol has to prevent old
• Network issues: The transport layer packets from reappearing and being treated
deals with complex scenarios where as new.
packets can be delayed, duplicated, or
lost. • Approach 1: Throwaway addresses:
Each time a connection is made, a new
• Example of the issue: Imagine you're transport address is created and
transferring money through a bank app. If discarded afterward. This ensures old
the network is congested, the transfer packets can't find their way to the right
request packet might get delayed, and process.
you might unknowingly send the request
again, leading to double transfers. This is • Approach 2: Connection Identifiers:
dangerous and needs careful handling in Each connection gets a unique ID. Even
protocols. if packets are delayed, the system can
check the ID and discard old packets.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 Limiting Packet Lifetime

A practical way to handle this is to give each Ensuring Duplicate Packets Don’t
packet a limited lifetime (the time it is allowed Cause Problems
to live in the network).
• Sequence Numbers: Each packet gets
Techniques to limit lifetime: a unique sequence number. These
• Restricted network design: numbers are chosen so that they aren't
Designing the network so that packets reused until enough time has passed
can't loop around indefinitely. that old packets can't still be floating
• Hop counter: Each packet has a around in the network.
counter (hop count) that decreases
every time it passes through a router. • Waiting Period (T): The system waits
When the count reaches zero, the for a certain time (T seconds) to ensure
packet is discarded. that all old packets are gone before
• Timestamping: Each packet gets a using the same sequence number
timestamp, and routers discard again.
packets older than a set time.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 Connection release: The connection must
be properly closed when communication is 3. Error Control: Ensures reliable delivery by
complete. This is done using a four-way detecting and correcting errors through
termination handshake to ensure all data is techniques like ACK/NACK and
transmitted before the connection is closed: retransmissions.

• FIN: One side sends a finish (FIN) 4. Flow Control: Prevents the sender from
message to signal it has no more data overwhelming the receiver, often using the
to send. sliding window mechanism.
• ACK: The other side acknowledges the
FIN and might continue sending data. 5. Multiplexing: Enables multiple
• FIN: The second party sends its own applications to share a single network
FIN message once it has finished connection by using port numbers.
sending its data.
• ACK: Finally, the first party 6. Crash Recovery: Allows systems to
acknowledges the second FIN, closing recover from crashes without losing data or
the connection. corrupting ongoing communications.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 • Congestion control is about preventing
the network from overloading too
much data, which can cause delays
and lost packets.

• It’s the responsibility of the network

(routers) and the transport layer

Congestion Control (which sends the data).

• When too many packets are sent too

quickly, routers become overwhelmed,
leading to poor performance.

• The transport layer, especially in

protocols like TCP, is in charge of
adjusting the rate at which packets
are sent to avoid congestion.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 Fairness in Bandwidth Allocation
• Fairness means distributing the available Example of Fairness
bandwidth evenly among users. Imagine four data flows (A, B, C, and D)
• However, this is not as simple as giving traveling through a network. Each link
everyone an equal share. (connection between routers) has a capacity
• If different connections take different of 1 unit of bandwidth:
paths through the network, they might • Three flows (B, C, and D) share one link,
encounter different bottlenecks (places so each gets 1/3 of the bandwidth.
where the network is congested). • Flow A shares another link with B, so A
• A flow that crosses multiple congested gets 2/3 of that link's bandwidth.
links should get less bandwidth than a This setup is fair because no flow can get
flow that only crosses one congested link. more bandwidth without hurting another flow
• The idea of max-min fairness ensures that has less.
that the flow with the least bandwidth
cannot get more without reducing the Practical Fairness
bandwidth of another flow that has even In practice, fairness isn’t about giving
less. everyone exactly the same amount of
• Essentially, you can’t increase the bandwidth. The focus is on ensuring that no
bandwidth for one flow without making connection gets starved (receiving little or no
another flow worse off. bandwidth), and that all connections get a
reasonable share of the network’s capacity.
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept
 Controlling Data Sending:
• Data transmission can be limited by two
convergence in congestion control is about
things:
how quickly a network can adjust to changes • Flow control: If the receiver is slow
in traffic and reach an optimal point where all
or has limited buffer space.
available bandwidth is used efficiently and • Congestion control: If the network
fairly among users.
itself is crowded, the sender needs to
slow down.
When different users or "flows" (like devices
downloading data) share the same network,
Analogy
they should all get a fair share of the
Imagine water flowing through pipes. If the
bandwidth, and this allocation needs to adjust
receiving bucket is small, the sender should
quickly when new flows join or leave.
slow down to prevent overflow (flow control).
Similarly, if the pipe (network) is narrow, too
much water at once will spill over (congestion
control).

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 Leaky Bucket Algorithm
Concept:
• The Leaky Bucket algorithm enforces a
fixed output rate, regardless of the
incoming burstiness of traffic.
• Think of it as a bucket with a small hole at
the bottom (the leak).
• Incoming data packets are added to the
bucket (queue), and they leave at a
constant rate (the rate of leakage).

How it Works:
• If the bucket (queue) overflows (too many
packets arrive), excess packets are
discarded.
• It ensures a steady output rate, suitable
for managing congestion in the network.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 Token Bucket Algorithm
Concept:
• The Token Bucket algorithm allows for a
more flexible control over traffic
compared to the Leaky Bucket.
• It allows for bursty traffic up to a certain
limit, as long as tokens (representing
permission to send data) are available in
the bucket.

In short: Token = permission slip to

transmit data.

How it Works:
• Tokens are added to the bucket at a fixed
rate.
• To send a packet, a token must be
removed from the bucket.
• If there are no tokens, packets wait until
tokens are available.
• The bucket has a maximum token
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept
capacity, preventing unlimited bursts.
 Additive Increase, Multiplicative
Decrease (AIMD):
Types of Feedback for Congestion:
A common approach in congestion control is
AIMD, used by TCP. Here’s how it works:
Different ways the network can tell the sender
to slow down include: • Additive Increase: The sender
• Explicit & Precise: Routers tell the
slowly increases its sending rate.
exact rate to send (e.g., XCP). • Multiplicative Decrease: When
• Explicit but Imprecise: Routers just
congestion happens (detected by
send a warning signal but don’t
packet loss or delay), the sender
specify how much to slow down (e.g.,
reduces its rate more aggressively (by
ECN with TCP).
a bigger fraction).
• Implicit: The sender infers congestion
by measuring things like delay or
Over time, this method ensures fairness and
packet loss (e.g., TCP CUBIC).
efficient use of the network’s capacity. It
prevents one user from hogging all the
bandwidth and helps the network converge to
the right operating point.
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept
 To fix this, wireless networks like Wi-Fi use
quick retransmissions to resend lost packets
In wireless networks, packets are often lost
before TCP even notices, preventing
due to transmission errors, not because of
unnecessary slowdowns.
congestion like in wired networks.
However, wireless networks also have
But TCP, the protocol used to control
changing capacities (e.g., due to signal
congestion, slows down whenever it sees
strength), which TCP can struggle to handle.
packet loss, assuming there's network
congestion.
In more complex wireless setups, like mesh
networks, specialized protocols are needed to
This is a problem for wireless networks, where
manage these issues effectively.
packet loss is common and not always related
to congestion.
In short, wireless networks need extra
techniques to handle packet loss and
changing speeds so that TCP can work
properly without slowing down too much.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 Internet Transport Protocols

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 UDP UDP is a simple, lightweight protocol that
sends data without establishing a connection.
User Datagram Protocol
Purpose of UDP:

• UDP is a "connectionless" protocol that

sends data packets without setting up a
connection between sender and receiver.

• It allows applications to send small,

encapsulated packets (called IP
datagrams) directly over the Internet
without delay from extra setup or error-
checking.

• UDP is faster and more efficient for short,

low-priority data, while TCP is more
reliable and suited for larger or sensitive
data transmissions.
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept
 Structure of UDP Packets:
Each UDP packet has an 8-byte header
32 bits
followed by the data (payload) it’s
carrying.
Source Port Destination
(16 bits) Port
The header includes four key fields:
(16 bits)
UDP header • Source Port: Identifies the
UDP Length Checksum 8 bytes sender's application.
(16 bits) (16 bits) • Destination Port: Identifies the
receiver's application.
Payload • Length: Specifies the total size of
the header and data.
• Checksum (optional): Provides a
basic check for data integrity by
detecting errors during
transmission.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 Checksum for Error Detection:

• The Checksum checks the data for

Ports as “Mailboxes”:
errors by calculating a value based on
• Ports are like mailboxes where each
the header and data. The receiver
application has its unique "mailbox"
performs the same calculation; if the
(port number) on a device.
values don’t match, it indicates an
error in transmission.
• When a UDP packet arrives, it’s
delivered to the destination port
• This is optional; in some cases, error
(application) specified in the header.
detection can be skipped to save
processing time (e.g., in real-time
audio where minor errors are
acceptable).

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 UDP Characteristics:

• UDP doesn’t handle flow control or

congestion control, which means it
doesn’t adjust sending speed or respond Example Use - DNS (Domain Name
to network overloads. It also doesn’t System):
retransmit lost packets.
• A common use for UDP is DNS, where
a client sends a quick request to look
• UDP simply sends packets and leaves it
up an IP address for a website.
up to the applications to handle missing
data if necessary.
• The server replies with a single UDP
packet containing the IP address, and
• It doesn’t guarantee delivery, correct there’s no setup or teardown required
order, or retransmission of lost data, (only one request and one reply).
making it useful for applications where
speed is more important than reliability, • This simplicity makes UDP fast and
like video streaming or online gaming. effective for short exchanges.

• With UDP, applications get control over

timing and retransmission since UDP just
passes data with minimal handling.
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept
 What is RPC (Remote Procedure Call)?
• Imagine calling a function in
programming: you give it parameters,
and it returns a result.

• RPC is a way to make this function call

happen over a network, so it looks like a
normal function call to the programmer
but is actually a call to a function on
another machine.
Remote Procedure Call
Why Use RPC?
• RPC allows a programmer to call
functions on a remote computer as if
they were on the local machine, hiding
all networking details.

• For example, a function like

getIPAddress(hostName) could use RPC
to query a remote DNS server for the IP
address without the programmer
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept
needing to manage the networking code.
 How RPC Works:
RPC involves two components: the client
stub and the server stub.
• Client Stub: Represents the remote
function within the client’s code.
• Server Stub: Represents the remote
function on the server side and
receives the call from the client.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 1. Client calls the Client Stub:
• The client code calls the function locally (e.g.,
getIPAddress(hostName)).
5. Server Executes the Function:
• This call is intercepted by the client stub, which
• The server stub then calls the actual
prepares the data for transmission.
function (e.g., looking up the IP address for
2. Marshaling Parameters: hostName).
• The client stub takes the function parameters
(e.g., hostName), “packages” them into a 6. Sending the Response:
message that can be sent over the network, a • Once the server completes the function, it
process called marshaling. sends the result back to the client, following
similar steps in reverse: the server stub
3. Sending the Request: packages the result, the operating system
• The marshaled message is sent over the network sends it, and the client stub receives and
to the server machine.
unpacks it for the client.

4. Server Stub Receives the Request:

•
7. Client Receives the Response:
The server’s operating system receives the
message and passes it to the server stub.
• Finally, the client stub gives the result to the
• The server stub “unpackages” the parameters, or client program, completing what feels like a
unmarshals them, to prepare them for the normal function call.
function call on the server side.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 Challenges with RPC:
Pointer Parameters: Why Use UDP for RPC?
• In local functions, pointers are easy to • UDP works well with RPC because it
use since they reference locations in allows quick, one-way messages, which
the same memory space. But RPC uses suits short, simple request-reply
two separate machines, so pointers functions (e.g., DNS queries).
need to be handled differently (e.g., by
copying values back and forth). • However, UDP has a few limitations:
Parameter Size: • UDP doesn’t guarantee delivery, so
• RPC can struggle to handle parameters the client might need to retransmit
of unknown size or complex types, the request if a reply doesn’t come
especially if there’s no easy way to back.
determine their size beforehand. • Large messages may need to be split
Global Variables: up due to UDP size limits.
• Some programs use global variables to • Certain functions (like incrementing a
store information. However, in RPC, the counter) might be risky to repeat if a
client and server don’t share memory, message is lost, so for these, RPC
so global variables cannot be accessed might instead use TCP to ensure the
by the remote function. message isn’t lost or duplicated.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 RTP (Real-time Transport Protocol) is
designed for delivering audio and video
over networks.

Realtime Transport It is particularly useful for real-time

multimedia applications such as internet
Protocol radio, telephony, and video conferencing.

It helps ensure that media streams are

transmitted efficiently, even though they
travel over the internet where packet loss,
delays, and varying transmission times
can occur.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 1. Purpose of RTP
2. How RTP Works
• Multiplexing Streams: RTP allows
• Stream Input: A multimedia
multiple media streams (like audio
application inputs different types of
and video) to be combined and sent
streams (audio, video).
over a single UDP stream.
• RTP Library: The application sends
• Time-Sensitive Delivery: It is
these streams to an RTP library, which
specifically designed for real-time
is responsible for creating RTP packets
applications, ensuring that media is
from the incoming data.
played out in the correct sequence
• Packet Creation: The RTP library
and timing.
encapsulates the data into packets,
• Handling Variability: RTP can help
adding necessary headers and
manage issues related to network
metadata.
delays and variations in packet arrival
• Sending Data: These RTP packets are
time (known as jitter).
then placed in UDP packets and sent to
the intended destination.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 3. Protocol Stack Placement
RTP operates at the application layer but
functions like a transport protocol. Here’s how
it fits into the protocol stack:

• Multimedia Application: This software

creates and manages audio/video
content.
• RTP: This protocol multiplexes multiple
streams and formats them into RTP
packets.
• UDP: RTP packets are encapsulated in
UDP for transport. UDP is chosen because
it allows for faster transmission without
the overhead of ensuring delivery.
• IP: The packets are sent over the Internet
Protocol (IP).
• Ethernet: The packets travel over a
physical medium (like Ethernet).
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept
 4. RTP Packet Structure
An RTP packet contains several fields in its
header that help manage and identify the
transmitted data:
• Version: Identifies the version of RTP
being used (currently version 2).
• Payload Type: Indicates the format of
the data (e.g., audio codec type, video
format).
• Sequence Number: Each packet is
numbered sequentially. This helps the
receiver determine if any packets are
missing (packet loss detection).
• Timestamp: This indicates when the first
sample of the packet was taken, allowing
for proper timing during playback.
• Synchronization Source Identifier
(SSRC): Identifies the source of the
stream, enabling multiplexing of multiple
streams into one.
• Contributing Source Identifier
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept
(CSRC): If multiple sources are mixed
together (like in a conference), this field
 5. Dealing with Packet Loss and Timing

• Packet Loss: RTP does not request

6. Handling Multiple Streams
retransmission of lost packets, as the
RTP is capable of handling multiple audio
retransmitted packets would likely arrive
and video streams simultaneously:
too late to be useful. Instead, the
receiver can skip missing packets or
• Synchronization: By using
interpolate data based on surrounding
packets. timestamps, different media streams
(like audio and video) can be
• Timestamping: The timestamp field synchronized. For example, if you have
allows the receiver to buffer packets and a video stream and two audio streams
play them at the right time, regardless (for different languages), RTP ensures
of when they arrive. This is critical for they play together seamlessly.
smooth playback, especially in scenarios
with varying network delays.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 TCP is a complex protocol that ensures
reliable data transmission through:
• Splitting data into segments.
• Using sequence numbers to reorder

Transmission Control •
data.
Sending acknowledgments to confirm
Protocol: Introduction •
receipt.
Retransmitting lost data.
• Controlling data flow and managing
network congestion.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 1. Sockets and Ports
• TCP connections are established
between endpoints called sockets.
• Each socket has an IP address and a
port number (a 16-bit identifier for
services on the host).
• Ports below 1024 are well-known
ports (e.g., HTTP on 80, HTTPS on
The TCP Service Model 443) reserved for standard services.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 2. Connection Establishment
4. Full-Duplex, Point-to-Point Connections
• For two devices to communicate over TCP,
• TCP connections are full duplex (data
a connection must be set up between
flows in both directions simultaneously).
sockets on each end.
• They are point-to-point, meaning each
• Connections are identified by pairs of
connection links exactly two endpoints.
sockets, (socket1, socket2), rather than
by virtual circuit numbers.
5. Byte Stream, Not Message Stream
• TCP sends data as a byte stream rather
3. inetd and Daemons
than as individual messages.
• Some services (like SSH) use a main
• For example, data sent in chunks can arrive
process, inetd, to monitor multiple ports
as a single block. The receiver sees the
and start the appropriate service only
data as a continuous stream of bytes
when a request arrives, which saves
without information about the original
memory and resources.
chunk sizes.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 6. Buffered Transmission and PUSH
Flag
• TCP may buffer (delay) small amounts
of data to send larger packets at once.
• Applications can request immediate
data sending using a PUSH flag (or
the TCP_NODELAY option on some
systems).

7. Urgent Data
• TCP has a rarely used urgent data
feature for high-priority messages
(e.g., CTRL-C interrupt).
• When urgent data is received, it
interrupts the receiving application to
be processed immediately.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 Key Features of TCP
1. Sequence Numbers:
1. Every byte of data sent over a TCP
connection has a unique sequence
number.
2. Sequence numbers help keep track of
data order, ensuring that data arrives
at the receiver in the correct
sequence.
TCP 3. TCP assigns a 32-bit sequence number
(Transmission Control Protocol) to each byte, which allows it to handle
very large amounts of data.

2. TCP Segments:
• Data is divided into chunks called
segments before transmission.
• Each segment has a header (20 bytes)
and data (variable size).
• TCP decides the segment size based on
network limits, so data can be transferred
efficiently without being too large for the
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept
network to handle.
 For example:
• If a packet with 1500 bytes (Ethernet’s
typical MTU) tries to pass through a
network link that only allows 1400
3. MTU (Maximum Transfer Unit):
bytes, the packet is too large to fit
through that link in one piece.
• MTU is the largest packet size a
• The router handling this link will need to
network link can handle. For example,
split the 1500-byte packet into smaller
on Ethernet networks, the MTU is
chunks, or fragments, so they’re each
usually 1500 bytes.
within the 1400-byte limit.
• If a segment is larger than the MTU, it
must be split or fragmented, which
slows down transmission and
4. Sliding Window Protocol:
increases the risk of data issues.
• TCP uses a sliding window protocol
• TCP uses Path MTU Discovery to
to control the flow of data.
find the smallest MTU along the path,
• The sender keeps track of how much
adjusting the segment size to prevent
data has been sent but not yet
fragmentation.
acknowledged by the receiver.
• The window size represents the
amount of data that can be sent before
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept needing an acknowledgment.
 6. Handling Out-of-Order Segments:
5. Acknowledgments:
• Sometimes, segments arrive out of
• When a segment arrives, the receiver
order due to network delays or routing
sends an acknowledgment (ACK)
issues.
with the next sequence number it
• TCP can receive segments out of
expects.
sequence (like bytes 3072-4095
• For example, if it receives data up to
arriving before bytes 2048-3071).
byte 2047, it will send an ACK with the
• It waits until missing data arrives and
number 2048, indicating it’s ready for
then reassembles everything in the
the next segment starting at byte
correct order.
2048.
• If the sender doesn’t receive an
7. Reliable Data Transfer:
acknowledgment in time, it
• TCP resends data if an acknowledgment
retransmits the segment, assuming
isn’t received within a certain time.
it may have been lost.
• It ensures that data is reassembled in
the correct order, providing a reliable,
ordered byte stream to applications.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 Example of TCP in Action
Imagine a large file being sent from
Computer A to Computer B:

1. Computer A divides the file into

segments, each with a sequence number.
Why TCP is Reliable
2. It sends these segments, one by one,
according to the sliding window protocol.
TCP ensures that all data is accounted for,
3. Computer B receives the segments and
arrives in the right order, and any lost or
sends acknowledgments for each.
out-of-order data is corrected by
4. If a segment is lost or arrives out of
retransmission and reordering.
order, Computer B holds onto the
received segments, waiting for the
This makes it perfect for applications like
missing ones.
web browsing, file transfers, and emails
5. If Computer A doesn’t get an
where data accuracy is critical.
acknowledgment in time, it resends the
missing segments.
6. Once all segments are received in order,
Computer B reassembles them into the
original file.
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept
 1. Source Port & Destination Port
TCP segment Header • Source Port: The port number from
which data originates on the sender’s
side.
• Destination Port: The port number to
which data is directed on the receiver’s
side.
• Together with IP addresses, they form a
unique "5-tuple" connection identifier
(protocol, source IP, source port,
destination IP, and destination port).

2. Sequence Number
• Every byte in TCP is assigned a unique
number, called the sequence number.
• Sequence Number Field: Indicates the
byte position of the segment's first byte in
the overall data stream, helping in data
ordering.
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept
 6. Flags (8 individual 1-bit flags)
• CWR (Congestion Window Reduced)
3. Acknowledgment Number
and ECE (ECN-Echo): Used for managing
• Used by the receiver to indicate the
congestion when ECN is enabled, telling
next expected byte from the sender,
the sender to slow down.
thus acknowledging all prior data.
• URG (Urgent): Signals that the Urgent
• This is cumulative, meaning it covers
pointer field has urgent data, which should
all bytes received up to that point.
be processed immediately.
• ACK (Acknowledgement): Indicates that
4. TCP Header Length
the segment includes an acknowledgment.
• Shows how long the TCP header is,
• PSH (Push): Asks the receiver to deliver
measured in 32-bit words.
the received data immediately without
• Important to know where the actual
waiting for a full buffer.
data starts in the segment, especially
• RST (Reset): Used to reset connections if
if optional headers are added.
there's an error or confusion, such as after
a host crash.
5. Reserved Bits
• SYN (Synchronize): Used to start
• A 4-bit field that remains unused but
connections; it’s set to 1 for the initial
is reserved for potential future use.
handshake message.
• FIN (Finish): Used to gracefully close a
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept connection by signaling the end of data.
 10. Options
7. Window Size Provides additional information not covered by
• Indicates the number of bytes the the regular header.
receiver is willing to accept, starting
from the acknowledged byte. This is part • Examples include:
of TCP’s sliding window for flow control. • MSS (Maximum Segment Size):
Specifies the largest segment a host
8. Checksum can accept.
• A value calculated to check for errors in • Window Scale: Allows a larger
the header and data. If the data changes
window size by shifting the Window
during transit, the checksum won’t
field value.
match, and the segment can be
• Timestamp: Provides round-trip
discarded.
timing and ensures old data isn’t
9. Urgent Pointer confused with new data on fast
• Points to where urgent data starts in the connections.
sequence. Used in cases when the URG • SACK (Selective
flag is set, but it’s rarely used in Acknowledgement): A receiver can
practice. tell the sender which specific parts of
data have been received, helping
improve retransmission efficiency.
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept
 TCP Connection Establishment
TCP connection establishment using
the three-way handshake process:
Client Server
1. Connection Request (SYN)
Sen • Initiator (Client): The client wants to
d
establish a connection with a server,
SYN
SYN so it sends a SYN (synchronize)
Receiv packet to the server. This packet
ed includes:
Send
SYN + • A sequence number (SEQ) to
ACK start counting the bytes that will
be sent.
• The SYN flag set to 1 to indicate
Sen the connection request.
d • The ACK flag is 0 because it’s the
ACK first message, and no
ACK acknowledgment is needed yet.
Receiv
ed
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept
 • If there is a process listening, it
2. Connection Acknowledgment (SYN- acknowledges the client’s
ACK) connection request by sending a SYN-
• Server: When the server receives the ACK packet, which includes:
SYN packet, it: • A new sequence number (SEQ)
• Checks if a process is listening on from the server.
the requested port (the destination • An acknowledgment number
port in the packet). (ACK) set to the client’s initial
• If there is no process, it sends back SEQ number + 1, to acknowledge
an RST (reset) packet to reject it received the client’s SYN.
the connection. • The SYN and ACK flags are set
to 1 to indicate both connection
request and acknowledgment.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 3. Connection Established (ACK)
• Client: When the client receives the
SYN-ACK from the server, it:
• Sends an ACK packet back to the
server, which includes:
• The client’s acknowledgment In summary, here’s what happens in a typical
number (ACK), confirming three-way handshake:
receipt of the server’s SEQ. • Client sends SYN (with SEQ=x)
• The ACK flag set to 1 to • Server responds with SYN-ACK (SEQ=y,
finalize the acknowledgment. ACK=x+1)
• Once the server receives this final • Client sends ACK (ACK=y+1)
ACK, the connection is established
between the client and server.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 • Simultaneous Connection: If both sides
send a SYN at the same time, they exchange
SYN and SYN-ACK packets simultaneously
but end up with only one connection.

• SYN Flood Attack: Attackers can exploit

the handshake by sending multiple SYN
requests without completing the handshake,
causing the server to consume resources.

• SYN Cookies Defense: To mitigate this, the

server generates a special sequence
number (SYN cookie) to avoid saving
connection information until the handshake
is complete, reducing resource consumption.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 1. Connection Release Request (FIN)
TCP Connection Release • Either side (client or server) can
decide to close the connection.
Serve
Client r • To signal that it has no more data to
send, it sends a FIN (finish) packet,
Close setting the FIN flag to 1.
FIN • This FIN packet closes one direction of
FIN the connection, meaning it stops data
Receiv flow from the sender of the FIN to the
ed
ACK receiver.
Close
FIN 2. Acknowledgment of FIN (ACK)
• The other side (receiver of the FIN
packet) responds with an ACK packet,
Sen acknowledging the FIN.
d ACK • At this point, data can still be sent in
ACK the opposite direction (from the
ACK receiver of the FIN back to the
Receiv
sender).
ed
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept
 3. Closing the Other Direction
• When the other side also has no more
data to send, it sends its own FIN
packet. 5. Timeouts and Timers
• The original side (who first sent the FIN) • If either side does not receive an
acknowledges this second FIN with an acknowledgment for its FIN within a set
ACK. period (usually two maximum packet
• Once both sides have sent a FIN and lifetimes), it assumes the other side has
received an ACK for it, both directions also shut down and releases the
of data flow are shut down, and the connection.
connection is completely closed. • This is a failsafe to avoid indefinite
waiting (called the "two-army problem").
4. Simultaneous FINs
• It’s possible for both sides to send a FIN In most cases, four packets (FIN, ACK, FIN,
at the same time if they both want to ACK) are needed for a graceful shutdown,
close the connection. but if one FIN and ACK are combined, the
• When this happens, each side will still process can complete in three packets.
acknowledge the other’s FIN as usual, This mechanism ensures a clean and
and the connection will be closed after organized shutdown of the connection.
both FINs are acknowledged.
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept
 TCP Connection Management States

1. CLOSED: No connection is active or

pending. This is the starting state for both
the client and server.
2. LISTEN: The server is waiting for incoming
connection requests from clients.
3. SYN SENT: The client has initiated a
connection by sending a SYN (synchronize)
packet to the server.
TCP Connection 4. SYN RCVD: The server has received the
client's SYN packet and sent back a SYN-
Management ACK
packet.
(synchronize-acknowledgment)

5. ESTABLISHED: A connection has been

successfully established, allowing data
transfer between the client and server.
6. FIN WAIT 1: The client has finished
sending data and is initiating connection
termination by sending a FIN (finish)
packet.
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept
 Step-by-Step Process of TCP Connection
7. FIN WAIT 2: The server acknowledges Management
the client's FIN packet and agrees to close
the connection. • CONNECT/SYN: Client sends SYN,
8. TIME-WAIT: The client waits to ensure transitioning to SYN SENT.
all packets have been acknowledged • LISTEN/SYN: Server receives SYN,
before fully closing the connection. transitions to SYN RCVD and sends
SYN-ACK.
9. CLOSING: Both sides are trying to
• SYN+ACK/ACK: Client sends ACK,
close the connection simultaneously.
transitioning to ESTABLISHED.
10. CLOSE WAIT: The server has
• CLOSE/FIN: Client sends FIN,
received a FIN packet from the client and
transitioning to FIN WAIT 1.
is waiting for the application to close the • FIN/ACK: Server acknowledges FIN,
connection.
transitioning to CLOSE WAIT.
11. LAST ACK: The server sends its final • FIN/ACK: Server sends FIN,
acknowledgment after receiving the transitioning to LAST ACK.
client's FIN. • ACK/–: Client acknowledges FIN,
transitioning to TIME WAIT.

Prepared by [Link], [Link], CSE (AI&ML,DS) Dept

 The TCP sliding window mechanism is designed
to manage how much data can be sent over a
TCP connection before receiving an
acknowledgment.

1. Initial Setup
• Receiver Buffer: The receiver has a buffer
size of 4096 bytes.
• Sender Transmits Data: The sender
begins by transmitting data in segments.
TCP Sliding Window
2. Data Transmission and Acknowledgment
• Sending Data: The sender sends a 2048-
byte segment.
• Acknowledgement: The receiver
successfully receives the segment and
acknowledges it. At this point, the receiver's
buffer is half-full (2048 bytes remain).
• Window Size Update: The receiver
informs the sender that it can still accept
2048 bytes more.
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept
 • Further Sending: The sender can send
another 2048 bytes, but the receiver now
has limited buffer space.
• Window Size Becomes Zero: If the
sender tries to send more data than the
buffer can handle, the receiver sets the
window size to 0, indicating it cannot
accept more data until some is read by
the application.

4. Handling Zero Window Size

• Sender Stops Sending: When the
window size is 0, the sender must pause
transmission until the receiver’s buffer
has space.
• Exceptions:
• Urgent Data: The sender can still
send urgent data (like a command to
terminate a process).
• Window Probe: The sender can
send a 1-byte segment to prompt the
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept receiver to provide an updated
 7. Silly Window Syndrome
5. Delayed Acknowledgments • Issue: If the receiving application only
• Optimization: To improve performance, reads data one byte at a time, it can lead
TCP implementations may delay to inefficiencies where the sender is
acknowledgments for a short period forced to send tiny segments.
(e.g., 500 ms) in hopes of combining • Solution: The receiver should wait to
multiple responses into one acknowledge more data instead of just
acknowledgment. This reduces the one byte. It should only send a window
number of packets sent. update when it can handle a significant
amount of data, preventing the sender
6. Nagle's Algorithm from sending too many small segments.
• Efficiency: When the sender has small
pieces of data, it sends the first piece 8. Buffering and Reading
and buffers the rest until the first piece is • Receiver Buffers Data: The receiver
acknowledged. This reduces the number can buffer incoming data until it has a
of small packets sent and optimizes large enough chunk to pass up to the
bandwidth usage. application. This reduces the overhead of
• Exceptions: In interactive applications frequent calls to TCP.
(like games), it may be beneficial to • Out-of-Order Segments: If segments
disable Nagle’s algorithm to allow for a arrive out of order, the receiver buffers
rapid stream of updates. them until all segments can be delivered
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept
correctly.
 9. Cumulative Acknowledgment
• Acknowledging Received Data: The
receiver uses cumulative
acknowledgment, meaning it
acknowledges the highest byte received
in sequence. For example, if segments 0,
1, 2, and 4-7 are received, the
acknowledgment would be for segment
2, indicating all bytes up to segment 2
are received.

The TCP sliding window mechanism helps

manage how data is sent and acknowledged,
ensuring efficient use of network resources
while allowing for error recovery and flow
control.

By controlling the amount of data in transit

and optimizing acknowledgment strategies,
TCP ensures reliable communication over the
Prepared by [Link], [Link], CSE (AI&ML,DS) Dept network.