# The Transport Layer

## What to Focus On

- **Learn how transport layer protocols enable communication between processes**
    - Spend some time building a mental model for what multiplexing and demultiplexing are. 
    - Be clear about how ports work, along with IP addresses, to provide this functionality.
- **Learn that network reliability is engineered**
    - The internet and the web are actually the combination of multiple technologies that have been designed and engineered. Network reliability is one aspect of that.
- **Understand the trade-off**
    - Spend some time learning what TCP and UDP each provide, and what the trade-offs of each are.

## Communication Between Processes

- If we want to create modern networked applications however, there's a number of things that we need beyond what IP can provide. 
- Two of the most important things are 
    - a direct connection between applications
    - reliable network communication. 
- An important thing to understand about the Internet Protocol, and its system of addressing, is that it is intended to provide communication between hosts, or devices, but not any more than that.

### Multiplexing and Demultiplexing

-  There might be many networked applications or processes running on a device at one time. These applications all want to be able to send and receive data simultaneously.
- We can perhaps think of these different applications or processes as distinct **channels** for communication on a host machine.
- In IP packets, the source and destination IP addresses are contained in the packet header and can be used to identify the host machines. This effectively creates a communication channel between hosts.
- What we need is a way to transmit these multiple data inputs over this single host-to-host channel and then somehow separate them out at the other end.

<img src="transport-comms-between-processes-multi-demulti.png" width=750>

- In the context of a communication network, this idea of transmitting multiple signals over a single channel is known as **multiplexing**
- With **demultiplexing** being the reverse process.
- Our focus in this assignment is the application of this concept at the Transport layer of our network communication model. This takes place through the use of **network ports**.

### Ports

- In simple terms a **port** is an identifier for a specific process running on a host. 
- This identifier is an integer in the range 0-65535. Sections of this range are reserved for specific purposes:
    - **0-1023** are well-known ports. These are assigned to processes that provide commonly used network services. For example HTTP is port 80, FTP is port 20 and 21, SMTP is port 25, and so on.
    - **1024-49151** are registered ports. They are assigned as requested by private entities. For example, companies such as Microsoft, IBM, and Cisco have ports assigned that they use to provide specific services. On some operating systems, ports in this range are also used for allocation as ephemeral ports on the client side.
    - **49152-65535** are dynamic ports (sometimes known as private ports). Ports in this range cannot be registered for a specific use. They can be used for customized services or for allocation as ephemeral ports.<br><br>
- The source and destination port numbers are included in the Protocol Data Units (PDU) for the transport layer. 
- The name, and exact structure, of these PDUs varies according to the Transport Protocol used, but what they have in common is that they include these two pieces of information.

<img src="transport-comms-between-processes-simple-pdu.png" width=500>

1. Data from the application layer is encapsulated as the data payload in this PDU, and the source and destination port numbers within the PDU can be used to direct that data to specific processes on a host.
2. The entire PDU is then encapsulated as the data payload in an IP packet. 
3. The IP addresses in the packet header can be used to direct data from one host to another.<br><br>
- **The IP address and the port number together are what enables end-to-end communication between specific applications on different machines.**
- The combination of IP address and port number information can be thought of as defining a **communication end-point**.
- This communication end-point is generally referred to as a **socket**.

<img src="transport-comms-between-processes-multi-demulti-detailed.png" width=750>

- Postal service example:
    - An apartment building. It has numerous apartments, but the building itself has a single street address.
    - The postal worker delivers a bunch of mail to the building. 
    - The concierge of the building then sorts the mail and posts the individual letters to the appropriate mailbox in the foyer, each mailbox being identified by a specific apartment number.
    - We can think of the **street address** of the apartment building address as the **IP address**
    - and the **individual apartment numbers** as **port numbers**.
    - The **postal service** can be thought of as the **Internet Protocol** (IP)
    - The **building concierge** as a **Transport layer protocol** (e.g. TCP or UDP).
    
#### Nestsat

- `netstat -ntup`
- The netstat utility should return a list of active network connections that looks something like this:

```
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 172.16.0.66:38880       172.217.169.36:443      ESTABLISHED 4180/chrome --type=
tcp        1      0 172.16.0.66:53458       3.81.154.63:443         CLOSE_WAIT  3118/dropbox
tcp        0      0 172.16.0.66:52638       216.58.208.170:443      ESTABLISHED 4180/chrome --type=
...
```

- The important thing to notice here is that the Local Address and Foreign Address are combinations of IP address and port number. 
- As stated earlier, **these combinations act as communication end-points or sockets for the transfer of data between applications running on hosts**.

### Sockets

-  A socket is an abstraction for an endpoint used for inter-process communication
- At an implementation level it can be used to refer to different specific things:
    - UNIX socket: a mechanism for communication between local processes running on the same machine.
    - Internet sockets (such as a TCP/IP socket): a mechanism for inter-process communication between networked processes (usually on different machines).
- **One important thing to be clear on though is that there is a distinction between the concept of a network socket and its implementation in code.**
    - At a conceptual level it can mean the combination of IP address and port number that provides a communication end-point == this is sometimes called a network socket. 
    - At an implementation level it can refer to a socket object that is used to create connections between applications.<br><br>
- At a conceptual level a socket is a communication end-point defined by an address-port pair. 

#### Sockets and Connections

<img src="transport-comms-between-processes-connectionless.png" width=750>

- In a **connectionless system** we could have one socket object defined by the IP address of the host machine and the port assigned to a particular process running on that machine.
-  That object could call a `listen()` method which would allow it to wait for incoming messages directed to that particular IP/port pair.
- It would simply process any incoming messages as they arrived and send any responses as necessary.<br><br>
- A **connection-oriented system** would work differently. You could have a socket object defined by the host IP and process port, just as in the connectionless system, also using a listen() method to wait for incoming messages
- **The difference in implementation would be in what happens when a message arrives.**
- **At this point we could instantiate a new socket object; this new socket object wouldn't just be defined by the local IP and port number, but also by the IP and port of the process/host which sent the message.**
- This new socket object would then listen specifically for messages where all four pieces of information matched (source port, source IP, destination port, destination IP). The combination of these four pieces of information is commonly referred to as a **four-tuple**.

<img src="transport-comms-between-processes-connection-oriented.png" width=750>

- Any messages not matching this four-tuple would still be picked up by the original socket, which would then instantiate another socket object for the new connection.
- The advantage of having a dedicated connection like this is that it more easily allows you to put in place rules for managing the communication such as the order of messages, acknowledgements that messages had been received, retransmission of messages that weren't received, and so on.
- The purpose of these types of additional communication rules is to **add more reliability to the communication**.

## Network Reliability

- We've seen that protocols such as Ethernet and the Internet Protocol include checksum data as part of their header or trailer so that the data transported as frames and packets can be tested to ensure it hasn't become corrupt during its journey. 
- If the data is corrupt however, these protocols simply discard it (dropping the frame or packet); there is no provision within these protocols for enabling the replacement of lost data.
-  The possibility of losing data and it not being replaced means that the network up to and including the Internet Protocol is effectively an **unreliable communication channel.**

### Building a Reliable Protocol

#### Version 1

- **Problem**: Messages can become corrupt or lost, how do you ensure the message has been successfully received?
- **Solution**: Use an acknowledgement message
- **Rules**:
    - Sender sends one message at a time
    - If message received, receiver sends an acknowledgement
    - When acknowledgement is received, sender sends next message
    
<img src="transport-reliability-acknowledgement.png" width=500>

- **Flaw**: There are certain situations in which the sender will never receive an acknowledgement:
    - The recipient never receives the message and so doesn't send an acknowledgement
    - The recipient receives the message and sends an acknowledgement, but the acknowledgement becomes corrupt or lost

#### Version 2

- **Problem**: what if the acknowledgement is not received?
- **Solution**: re-send the message if acknowledgement not received within a certain time-frame.
- **Rules**:
    - Sender sends one message at a time, and sets a timeout
    - If message received, receiver sends an acknowledgement
    - When acknowledgement is received, sender sends next message
    - If acknowledgement not received before the timeout expires, sender assumes either the message or the acknowledgement went missing and sends the same message again

<img src="transport-reliability-acknowledgement-timeout-retransmission.png" width=500>

- **Flaw**: duplication.
    - The receiver receives the message and sends an acknowledgement, but the acknowledgement becomes corrupt or lost
    - The receiver receives the message and sends an acknowledgement, but the acknowledgement is delayed and the sender doesn't receive it before the timeout expires


#### Version 3

- **Problem**: the message is received but acknowledgement is not received (or not in time), resulting in a duplicate message.
- **Solution**: add sequence numbers to the messages.
- **Rules**:
    - Sender sends one message at a time, with a sequence number, and sets a timeout
    - If message received, receiver sends an acknowledgement which uses the sequence number of the message to indicate which message was received
    - When acknowledgement is received, sender sends next message in the sequence
    - If acknowledgement is not received before the timeout expires, sender assumes either the message or the acknowledgement went missing and sends the same message again with the same sequence number
    - If the recipient receives a message with a duplicate sequence number it assumes the sender never received the acknowledgement and so sends another acknowledgement for that sequence number and discards the duplicate

<img src="transport-reliability-acknowledgement-sequence-number.png" width=500>

- Version 3 of our protocol covers the fundamental elements required for reliable data transfer:
    - **In-order delivery**: data is received in the order that it was sent
    - **Error detection**: corrupt data is identified using a checksum
    - **Handling data loss**: missing data is retransmitted based on acknowledgements and timeouts
    - **Handling duplication**: duplicate data is eliminated through the use of sequence numbers<br><br>
- Our protocol as it stands is reliable. Unfortunately, it's not very efficient. 
- One of the main features of our protocol is that each message is sent one at a time, and an acknowledgement is received before the next message is sent. 
- This type of protocol is known as a **Stop-and-Wait** protocol. 
- This is not an efficient use of bandwidth.

### Pipelining for Performance

- To improve the throughput of our protocol, we could send multiple messages one after the other without waiting for acknowledgements. 
- This kind of approach is referred to as **'pipelining'**.
- With both systems (**Go-back-N** and **Selective Repeat**), the sender will implement a **'window'** representing the maximum number of messages that can be in the 'pipeline' at any one time, once it has received the appropriate acknowledgements for the messages in the window, it moves the window on.
- **The advantage of this pipelined approach is its more efficient use of available bandwidth**. 
- Instead of wasting lots of time just waiting for acknowledgements, more time is spent actually transmitting data.

## Transmission Control Protocol (TCP)

- One of the key characteristics of this protocol is the fact that it provides reliable data transfer. 
- What TCP essentially provides is the **abstraction of reliable network communication** on top of an unreliable channel. 
- What this abstraction does is to **hide much of the complexity of reliable network communication from the application layer**: data integrity, de-duplication, in-order delivery, and retransmission of lost data.
- **The flip-side of the benefits that TCP provides are the performance challenges that come with its complexity**. 

### TCP Segments

- **Segments** are the Protocol Data Unit (PDU) of TCP.
- Like the PDUs of protocols we've looked at for other network layers, it uses a combination of headers and payload to provide encapsulation of data from the layer above.

<img src="transport-layer-tcp-segment.png" width=500>

- A TCP Segment header contains a number of different fields. Two of these fields -- **Source Port and Destination Port -- provide the multiplexing capability of the protocol**.

<img src="transport-tcp-segment-header.png" width=500>

- Some of the more important fields in the header in terms of implementing reliability are:
    - CHECKSUM: The Checksum provides the Error Detection aspect of TCP reliability. It is an error checking value generated by the sender using an algorithm. The receiver generates a value using the same algorithm and if it doesn't match, it drops the Segment.
    - SEQUENCE NUMBER and ACKNOWLEDGEMENT NUMBER: these two fields are used together to provide for the other elements of TCP reliability such as In-order Delivery, Handling Data Loss, and Handling Duplication.

### TCP Connections

- TCP is a **connection-oriented** protocol. **It doesn't start sending application data until a connection has been established between application processes**.
- In order to establish a connection, TCP uses what is known as a **Three-way Handshake**
    - This is where the `SYN` and `ACK` flags come into play.
    -  The `FIN` flag is used in a different process, the **Four-way Handshake**, used for terminating connections.

<img src="transport-tcp-thre-way-handshake.png" width=500>

- In the above process, the following happens:
    - The sender sends a SYN message (a TCP Segment with the SYN flag set to 1)
    - Upon receiving this SYN message, the receiver sends back a SYN ACK message (a TCP Segment with the SYN and ACK flags set to 1)
    - Upon receiving the SYN ACK, the sender then sends an ACK (a TCP Segment with the ACK flag set to 1)
- Upon sending the ACK, the sender can immediately start sending application data. 
- The receiver must wait until it has received the ACK before it can send any data back to the sender. 
- One of the main reasons for this process is to synchronise (SYN) the sequence numbers that will be used during the connection.<br><br>
- Part of the purpose of these flags was to manage the connection state
- **Three-way Handshake to Establish a Connection, with Connection States**

<img src="three-way-handshake.png" width=750>

- **A key characteristic of the process is that the sender cannot send any application data until after it has sent the ACK Segment.**
- What this means in practical terms, is that **there is an entire round-trip of latency before any application data can be exchanged**. 

### Flow Control

- **Flow control** is a mechanism to prevent the sender from overwhelming the receiver with too much data at once. 
- The receiver will only be able to process a certain amount of data in a particular time-frame. 
- Data awaiting processing is stored in a **'buffer'**. The buffer size will depend on the amount of memory allocated according to the configuration of the OS and the physical resources available.
- Each side of a connection can let the other side know the amount of data that it is willing to accept via the WINDOW field of the TCP header. 
- Although flow control prevents the sender from overwhelming the receiver, it doesn't prevent either the sender or receiver from overwhelming the underlying network. For that task we need a different mechanism: **Congestion Avoidance**.

### Congestion Avoidance

- **Network Congestion** is a situation that occurs when there is more data being transmitted on the network than there is network capacity to process and transmit the data. 
- Routers use a 'buffer' to store data that is awaiting processing, but if there is more data to be processed than can fit in the buffer, the buffer over-flows and those data packets are dropped.
- TCP retransmits lost data. If lots of data is lost that means lots of retransmitted data, which is inefficient. 
- TCP actually uses data loss as a feedback mechanism to detect, and avoid, network congestion; if lots of retransmissions are occurring, TCP takes this as a sign that the network is congested and reduces the size of the transmission window.

### Disadvantages of TCP

- In addition to a latency overhead, another potential issue with using TCP is Head-of-Line (HOL) blocking.
- **Head-of-Line (HOL) blocking** relates to how issues in delivering or processing one message in a sequence of messages can delay or 'block' the delivery or processing of the subsequent messages in the sequence.
- HOL blocking can occur as a result of the fact that TCP provides for in-order delivery of segments. If one of the segments goes missing and needs to be retransmitted, the segments that come after it in the sequence can't be processed, and need to be buffered until the retransmission has occurred. 
- This can lead to increased queuing delay which is one of the elements of latency.

## User Datagram Protocol (UDP)

- The Protocol Data Unit (PDU) of UDP is known as a **Datagram**. 
- Like all the PDUs we've looked at so far it encapsulates data from the layer above into a payload and then adds header information. 

<img src="transport-udp-datagram-header.png" width=750>

- Through the use of the Source and Destination Port numbers, UDP provides multiplexing in the same way that TCP does. Unlike TCP however, **it doesn't do anything to resolve the inherent unreliability of the layers below it**.
- Define UDP by what it doesn't do (particularly in comparison with TCP):
    - It provides no guarantee of message delivery
    - It provides no guarantee of message delivery order
    - It provides no built-in congestion avoidance or flow-control mechanisms
    - It provides no connection state tracking, since it is a connectionless protocol
- UDP does provide error detection via a checksum, though this is optional if using IPv4.
    
### The Case for UDP

- The advantage that UDP has over TCP is its simplicity. 
- This simplicity provides two things to a software engineer: **speed** and **flexibility**.
    - UDP is a **connectionless protocol**. Applications using UDP at the Transport layer can just start sending data without having to wait for a connection to be established with the application process of the receiver.
    - The lack of acknowledgements and retransmissions means that the actual data delivery itself is **faster**
- An example of such an application would be a voice or video calling application. The occasional piece of dropped data leading to a slightly glitchy call or a few pixels of video not rendering properly is worth the trade off of the speed provided by the protocol which allows the application to work even over long distances where there is high latency.