DOCSLIB.ORG

DE-CIX Academy Handout

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
DE-CIX Academy Handout Networking Basics 04 - User Datagram Protocol (UDP) Wolfgang Tremmel [email protected] DE-CIX Management GmbH | Lindleystr. 12 | 60314 Frankfurt | Germany Phone + 49 69 1730 902 0 | [email protected] | www.de-cix.net Networking Basics DE-CIX Academy 01 - Networks, Packets, and Protocols 02 - Ethernet 02a - VLANs 03 - the Internet Protocol (IP) 03a - IP Addresses, Prefixes, and Routing 03b - Global IP routing 04 - User Datagram Protocol (UDP) 05 - TCP ... Layer Name Internet Model 5 Application IP / Internet Layer 4 Transport • Data units are called "Packets" 3 Internet 2 Link Provides source to destination transport • 1 Physical • For this we need addresses • Examples: • IPv4 • IPv6 Layer Name Internet Model 5 Application Transport Layer 4 Transport 3 Internet 2 Link 1 Physical Layer Name Internet Model 5 Application Transport Layer 4 Transport • May provide flow control, reliability, congestion 3 Internet avoidance 2 Link 1 Physical Layer Name Internet Model 5 Application Transport Layer 4 Transport • May provide flow control, reliability, congestion 3 Internet avoidance 2 Link • Examples: 1 Physical • TCP (flow control, reliability, congestion avoidance) • UDP (none of the above) Layer Name Internet Model 5 Application Transport Layer 4 Transport • May provide flow control, reliability, congestion 3 Internet avoidance 2 Link • Examples: 1 Physical • TCP (flow control, reliability, congestion avoidance) • UDP (none of the above) • Also may contain information about the next layer up Encapsulation Packets inside packets • Encapsulation is like Russian dolls Attribution: Fanghong. derivative work: Greyhood https://commons.wikimedia.org/wiki/File:Matryoshka_transparent.png Encapsulation Packets inside packets • Encapsulation is like Russian dolls • IP Packets have a payload Attribution: Fanghong. derivative work: Greyhood https://commons.wikimedia.org/wiki/File:Matryoshka_transparent.png Encapsulation Packets inside packets • Encapsulation is like Russian dolls • IP Packets have a payload • This payload is usually UDP or TCP (there are others as well) Attribution: Fanghong. derivative work: Greyhood https://commons.wikimedia.org/wiki/File:Matryoshka_transparent.png Encapsulation Packets inside packets • Encapsulation is like Russian dolls • IP Packets have a payload • This payload is usually UDP or TCP (there are others as well) • So we have an UDP packet inside an IP packet Attribution: Fanghong. derivative work: Greyhood https://commons.wikimedia.org/wiki/File:Matryoshka_transparent.png IPv4 Header "Legacy" IP Byte 0 1 2 3 • Starts with version and length Version | Header Length Total Length 0 DSCP / ECN • Total length of packet 20..65535 always 4 | 5..15 • Important: Time to live (TTL) 4 Identification Flags / Fragment Offset 8 Time To Live Protocol Header Checksum • Protocol: Type of payload 12 Source IPv4 Address Destination IPv4 Address TCP = 6, UDP = 17 16 • 20 24 Optional (if HeaderLength > 5) • Source / Destination address 32 bits 28 32 • Options (optional) IPv4 Header "Legacy" IP Byte 0 1 2 3 • Starts with version and length Version | Header Length Total Length 0 DSCP / ECN • Total length of packet 20..65535 always 4 | 5..15 • Important: Time to live (TTL) 4 Identification Flags / Fragment Offset 8 Time To Live Protocol Header Checksum • Protocol: Type of payload 12 Source IPv4 Address Destination IPv4 Address TCP = 6, UDP = 17 16 • 20 24 Optional (if HeaderLength > 5) • Source / Destination address 32 bits 28 32 • Options (optional) IPv6 Header Looks simpler, yes? Byte 0 1 2 3 • Starts with version and some labels 0 Version = 6 / Traffic Class / Flow Label Payload Length Next Payload length in bytes (0-65535) 4 Hop Limit • in bytes Header 8 • Next Header - you can chain more 12 Source IPv6 Address headers 16 20 • replaces protocol field, same 24 values 28 Destination IPv6 Address 32 • Hop Limit replaces TTL 36 • Addresses are now 128bits Next header: Transport layer header TCP, UDP, and more Byte 0 1 2 3 0 Version = 6 / Traffic Class / Flow Label Payload Length Next 4 Hop Limit in bytes Header 8 12 Source IPv6 Address 16 20 24 28 Destination IPv6 Address 32 36 Next header: Transport layer header TCP, UDP, and more Byte 0 1 2 3 • We start with the "easiest" 0 Version = 6 / Traffic Class / Flow Label protocol Payload Length Next 4 Hop Limit in bytes Header 8 12 Source IPv6 Address 16 20 24 28 Destination IPv6 Address 32 36 Next header: Transport layer header TCP, UDP, and more Byte 0 1 2 3 • We start with the "easiest" 0 Version = 6 / Traffic Class / Flow Label protocol Payload Length Next 4 Hop Limit in bytes Header • UDP 8 12 Source IPv6 Address 16 20 24 28 Destination IPv6 Address 32 36 Next header: Transport layer header TCP, UDP, and more Byte 0 1 2 3 • We start with the "easiest" 0 Version = 6 / Traffic Class / Flow Label protocol Payload Length Next 4 Hop Limit in bytes Header • UDP 8 12 Source IPv6 Address • User Datagram Protocol 16 20 24 28 Destination IPv6 Address 32 36 Next header: Transport layer header TCP, UDP, and more Byte 0 1 2 3 • We start with the "easiest" 0 Version = 6 / Traffic Class / Flow Label protocol Payload Length Next 4 Hop Limit in bytes Header • UDP 8 12 Source IPv6 Address • User Datagram Protocol 16 20 • Protocol ID is 17 24 28 Destination IPv6 Address 32 36 Next header: Transport layer header TCP, UDP, and more Byte 0 1 2 3 • We start with the "easiest" 0 Version = 6 / Traffic Class / Flow Label protocol Payload Length Next 4 Hop Limit in bytes Header • UDP 8 12 Source IPv6 Address • User Datagram Protocol 16 20 • Protocol ID is 17 24 28 Destination IPv6 Address • Introduced in 1980 32 36 Next header: Transport layer header TCP, UDP, and more Byte 0 1 2 3 • We start with the "easiest" 0 Source Port Destination Port protocol • UDP 4 Length Checksum • User Datagram Protocol • Protocol ID is 17 • Introduced in 1980 • Lets have a look at the header UDP Header Byte 0 1 2 3 0 Source Port Destination Port 4 Length Checksum UDP Header • 4 fields, each of them 16 bits Byte 0 1 2 3 0 Source Port Destination Port 4 Length Checksum UDP Header • 4 fields, each of them 16 bits Byte 0 1 2 3 • Length: UDP header + UDP payload 0 Source Port Destination Port 4 Length Checksum UDP Header • 4 fields, each of them 16 bits Byte 0 1 2 3 • Length: UDP header + UDP payload 0 Source Port Destination Port • Checksum • Optional for IPv4, required for IPv6 4 Length Checksum • IP header + UDP header are covered UDP Header • 4 fields, each of them 16 bits Byte 0 1 2 3 • Length: UDP header + UDP payload 0 Source Port Destination Port • Checksum • Optional for IPv4, required for IPv6 4 Length Checksum • IP header + UDP header are covered • Source Port • Optional, zero if not used UDP Header • 4 fields, each of them 16 bits Byte 0 1 2 3 • Length: UDP header + UDP payload 0 Source Port Destination Port • Checksum • Optional for IPv4, required for IPv6 4 Length Checksum • IP header + UDP header are covered • Source Port • Optional, zero if not used • Destination Port number • required Port number Port number Port number UDP Destination port: 7 Port number UDP Destination port: 7 ? Port number 1 2 3 4 5 UDP 6 7 8 9 10 Destination port: 7 ? 11 12 13 14 Port number 1 2 3 4 5 UDP 6 7 8 9 10 Destination port: 7 11 12 13 14 Port number 1 2 3 4 5 6 7 8 9 10 11 12 13 14 Port numbers In reality... Port numbers In reality... • Of course we have not a building Port numbers root@linux:/tmp# netstat -an -u In reality... Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State udp 0 0 0.0.0.0:514 0.0.0.0:* udp 0 0 0.0.0.0:631 0.0.0.0:* udp 0 0 127.0.0.1:690 0.0.0.0:* • Of course we have not a building udp 0 0 0.0.0.0:45769 0.0.0.0:* udp 0 0 0.0.0.0:50191 0.0.0.0:* udp 0 0 0.0.0.0:5353 0.0.0.0:* udp 0 0 0.0.0.0:46721 0.0.0.0:* • We have a computer system udp 0 0 0.0.0.0:2049 0.0.0.0:* udp 0 0 127.0.0.1:39032 127.0.0.1:53 ESTABLISHED udp 0 0 0.0.0.0:43291 0.0.0.0:* udp 0 0 0.0.0.0:47544 0.0.0.0:* udp 0 0 127.0.0.1:52197 127.0.0.1:53 ESTABLISHED udp 0 0 0.0.0.0:36005 0.0.0.0:* udp 0 0 0.0.0.0:56663 0.0.0.0:* udp 0 0 0.0.0.0:60949 0.0.0.0:* udp 0 0 0.0.0.0:53 0.0.0.0:* udp 0 0 0.0.0.0:53 0.0.0.0:* udp 0 0 0.0.0.0:111 0.0.0.0:* udp 0 0 192.168.5.3:123 0.0.0.0:* udp 0 0 192.168.1.45:123 0.0.0.0:* Port numbers root@linux:/tmp# netstat -an -u In reality... Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State udp 0 0 0.0.0.0:514 0.0.0.0:* udp 0 0 0.0.0.0:631 0.0.0.0:* udp 0 0 127.0.0.1:690 0.0.0.0:* • Of course we have not a building udp 0 0 0.0.0.0:45769 0.0.0.0:* udp 0 0 0.0.0.0:50191 0.0.0.0:* udp 0 0 0.0.0.0:5353 0.0.0.0:* udp 0 0 0.0.0.0:46721 0.0.0.0:* • We have a computer system udp 0 0 0.0.0.0:2049 0.0.0.0:* udp 0 0 127.0.0.1:39032 127.0.0.1:53 ESTABLISHED udp 0 0 0.0.0.0:43291 0.0.0.0:* • But we have port numbers udp 0 0 0.0.0.0:47544 0.0.0.0:* udp 0 0 127.0.0.1:52197 127.0.0.1:53 ESTABLISHED udp 0 0 0.0.0.0:36005 0.0.0.0:* udp 0 0 0.0.0.0:56663 0.0.0.0:* udp 0 0 0.0.0.0:60949 0.0.0.0:* udp 0 0 0.0.0.0:53 0.0.0.0:* udp 0 0 0.0.0.0:53 0.0.0.0:* udp 0 0 0.0.0.0:111 0.0.0.0:* udp 0 0 192.168.5.3:123 0.0.0.0:* udp 0 0 192.168.1.45:123 0.0.0.0:* Port numbers root@linux:/tmp# netstat -an -u In reality..
Load more

Recommended publications
  • User Datagram Protocol - Wikipedia, the Free Encyclopedia Página 1 De 6
    User Datagram Protocol - Wikipedia, the free encyclopedia Página 1 de 6 User Datagram Protocol From Wikipedia, the free encyclopedia The five-layer TCP/IP model User Datagram Protocol (UDP) is one of the core 5. Application layer protocols of the Internet protocol suite. Using UDP, programs on networked computers can send short DHCP · DNS · FTP · Gopher · HTTP · messages sometimes known as datagrams (using IMAP4 · IRC · NNTP · XMPP · POP3 · Datagram Sockets) to one another. UDP is sometimes SIP · SMTP · SNMP · SSH · TELNET · called the Universal Datagram Protocol. RPC · RTCP · RTSP · TLS · SDP · UDP does not guarantee reliability or ordering in the SOAP · GTP · STUN · NTP · (more) way that TCP does. Datagrams may arrive out of order, 4. Transport layer appear duplicated, or go missing without notice. TCP · UDP · DCCP · SCTP · RTP · Avoiding the overhead of checking whether every RSVP · IGMP · (more) packet actually arrived makes UDP faster and more 3. Network/Internet layer efficient, at least for applications that do not need IP (IPv4 · IPv6) · OSPF · IS-IS · BGP · guaranteed delivery. Time-sensitive applications often IPsec · ARP · RARP · RIP · ICMP · use UDP because dropped packets are preferable to ICMPv6 · (more) delayed packets. UDP's stateless nature is also useful 2. Data link layer for servers that answer small queries from huge 802.11 · 802.16 · Wi-Fi · WiMAX · numbers of clients. Unlike TCP, UDP supports packet ATM · DTM · Token ring · Ethernet · broadcast (sending to all on local network) and FDDI · Frame Relay · GPRS · EVDO · multicasting (send to all subscribers). HSPA · HDLC · PPP · PPTP · L2TP · ISDN · (more) Common network applications that use UDP include 1.
    [Show full text]
  • Network Connectivity and Transport – Transport
    Idaho Technology Authority (ITA) ENTERPRISE STANDARDS – S3000 NETWORK AND TELECOMMUNICATIONS Category: S3510 – NETWORK CONNECTIVITY AND TRANSPORT – TRANSPORT CONTENTS: I. Definition II. Rationale III. Approved Standard(s) IV. Approved Product(s) V. Justification VI. Technical and Implementation Considerations VII. Emerging Trends and Architectural Directions VIII. Procedure Reference IX. Review Cycle X. Contact Information Revision History I. DEFINITION Transport provides for the transparent transfer of data between different hosts and systems. The two (2) primary transport protocols in the Transmission Control Protocol/Internet Protocol (TCP/IP) suite are the Transmission Control Protocol (TCP) and the User Datagram Protocol (UDP). II. RATIONALE Idaho State government must be able to easily, reliably, and economically communicate data and information to conduct State business. TCP/IP is the protocol standard used throughout the global Internet and endorsed by ITA Policy 3020 – Connectivity and Transport Protocols, for use in State government networks (LAN and WAN). III. APPROVED STANDARD(S) TCP/IP Transport: 1. Transmission Control Protocol (TCP); and 2. User Datagram Protocol (UDP). IV. APPROVED PRODUCT(S) Standards-based products and architecture S3510 – Network Connectivity and Transport – Transport Page 1 of 2 V. JUSTIFICATION TCP and UDP are the transport standards for critical State applications like electronic mail and World Wide Web services. VI. TECHNICAL AND IMPLEMENTATION CONSIDERATIONS It is also important to carefully consider the security implications of the deployment, administration, and operation of a TCP/IP network. VII. EMERGING TRENDS AND ARCHITECTURAL DIRECTIONS The use of TCP/IP (Internet) protocols and applications continues to increase. Agencies purchasing new systems may want to consider compatibility with the emerging Internet Protocol Version 6 (IPv6), which was designed by the Internet Engineering Task Force to replace IPv4 and will dramatically expand available IP addresses.
    [Show full text]
  • Application Protocol Data Unit Meaning
    Application Protocol Data Unit Meaning Oracular and self Walter ponces her prunelle amity enshrined and clubbings jauntily. Uniformed and flattering Wait often uniting some instinct up-country or allows injuriously. Pixilated and trichitic Stanleigh always strum hurtlessly and unstepping his extensity. NXP SE05x T1 Over I2C Specification NXP Semiconductors. The session layer provides the mechanism for opening closing and managing a session between end-user application processes ie a semi-permanent dialogue. Uses MAC addresses to connect devices and define permissions to leather and commit data 1. What are Layer 7 in networking? What eating the application protocols? Application Level Protocols Department of Computer Science. The present invention pertains to the convert of Protocol Data Unit PDU session. Network protocols often stay to transport large chunks of physician which are layer in. The term packet denotes an information unit whose box and tranquil is remote network-layer entity. What is application level security? What does APDU stand or Hop sound to rot the meaning of APDU The Acronym AbbreviationSlang APDU means application-layer protocol data system by. In the context of smart cards an application protocol data unit APDU is the communication unit or a bin card reader and a smart all The structure of the APDU is defined by ISOIEC 716-4 Organization. Application level security is also known target end-to-end security or message level security. PDU Protocol Data Unit Definition TechTerms. TCPIP vs OSI What's the Difference Between his Two Models. The OSI Model Cengage. As an APDU Application Protocol Data Unit which omit the communication unit advance a.
    [Show full text]
  • Is QUIC a Better Choice Than TCP in the 5G Core Network Service Based Architecture?
    DEGREE PROJECT IN INFORMATION AND COMMUNICATION TECHNOLOGY, SECOND CYCLE, 30 CREDITS STOCKHOLM, SWEDEN 2020 Is QUIC a Better Choice than TCP in the 5G Core Network Service Based Architecture? PETHRUS GÄRDBORN KTH ROYAL INSTITUTE OF TECHNOLOGY SCHOOL OF ELECTRICAL ENGINEERING AND COMPUTER SCIENCE Is QUIC a Better Choice than TCP in the 5G Core Network Service Based Architecture? PETHRUS GÄRDBORN Master in Communication Systems Date: November 22, 2020 Supervisor at KTH: Marco Chiesa Supervisor at Ericsson: Zaheduzzaman Sarker Examiner: Peter Sjödin School of Electrical Engineering and Computer Science Host company: Ericsson AB Swedish title: Är QUIC ett bättre val än TCP i 5G Core Network Service Based Architecture? iii Abstract The development of the 5G Cellular Network required a new 5G Core Network and has put higher requirements on its protocol stack. For decades, TCP has been the transport protocol of choice on the Internet. In recent years, major Internet players such as Google, Facebook and CloudFlare have opted to use the new QUIC transport protocol. The design assumptions of the Internet (best-effort delivery) differs from those of the Core Network. The aim of this study is to investigate whether QUIC’s benefits on the Internet will translate to the 5G Core Network Service Based Architecture. A testbed was set up to emulate traffic patterns between Network Functions. The results show that QUIC reduces average request latency to half of that of TCP, for a majority of cases, and doubles the throughput even under optimal network conditions with no packet loss and low (20 ms) RTT. Additionally, by measuring request start and end times “on the wire”, without taking into account QUIC’s shorter connection establishment, we believe the results indicate QUIC’s suitability also under the long-lived (standing) connection model.
    [Show full text]
  • RFC 5405 Unicast UDP Usage Guidelines November 2008
    Network Working Group L. Eggert Request for Comments: 5405 Nokia BCP: 145 G. Fairhurst Category: Best Current Practice University of Aberdeen November 2008 Unicast UDP Usage Guidelines for Application Designers Status of This Memo This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. Distribution of this memo is unlimited. Copyright Notice Copyright (c) 2008 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust’s Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Abstract The User Datagram Protocol (UDP) provides a minimal message-passing transport that has no inherent congestion control mechanisms. Because congestion control is critical to the stable operation of the Internet, applications and upper-layer protocols that choose to use UDP as an Internet transport must employ mechanisms to prevent congestion collapse and to establish some degree of fairness with concurrent traffic. This document provides guidelines on the use of UDP for the designers of unicast applications and upper-layer protocols. Congestion control guidelines are a primary focus, but the document also provides guidance on other topics, including message sizes, reliability, checksums, and middlebox traversal. Eggert & Fairhurst Best Current Practice [Page 1] RFC 5405 Unicast UDP Usage Guidelines November 2008 Table of Contents 1. Introduction . 3 2. Terminology . 5 3. UDP Usage Guidelines .
    [Show full text]
  • Connecting to the Internet Date
    Connecting to the Internet Dial-up Connection: Computers that are serving only as clients need not be connected to the internet permanently. Computers connected to the internet via a dial- up connection usually are assigned a dynamic IP address by their ISP (Internet Service Provider). Leased Line Connection: Servers must always be connected to the internet. No dial- up connection via modem is used, but a leased line. Costs vary depending on bandwidth, distance and supplementary services. Internet Protocol, IP • The Internet Protocol is connection-less, datagram-oriented, packet-oriented. Packets in IP may be sent several times, lost, and reordered. No bandwidth No video or graphics No mobile connection No Static IP address Only 4 billion user support IP Addresses and Ports The IP protocol defines IP addresses. An IP address specifies a single computer. A computer can have several IP addresses, depending on its network connection (modem, network card, multiple network cards, …). • An IP address is 32 bit long and usually written as 4 8 bit numbers separated by periods. (Example: 134.28.70.1). A port is an endpoint to a logical connection on a computer. Ports are used by applications to transfer information through the logical connection. Every computer has 65536 (216) ports. Some well-known port numbers are associated with well-known services (such as FTP, HTTP) that use specific higher-level protocols. Naming a web Every computer on the internet is identified by one or many IP addresses. Computers can be identified using their IP address, e.g., 134.28.70.1. Easier and more convenient are domain names.
    [Show full text]
  • Internet Protocol Suite
    InternetInternet ProtocolProtocol SuiteSuite Srinidhi Varadarajan InternetInternet ProtocolProtocol Suite:Suite: TransportTransport • TCP: Transmission Control Protocol • Byte stream transfer • Reliable, connection-oriented service • Point-to-point (one-to-one) service only • UDP: User Datagram Protocol • Unreliable (“best effort”) datagram service • Point-to-point, multicast (one-to-many), and • broadcast (one-to-all) InternetInternet ProtocolProtocol Suite:Suite: NetworkNetwork z IP: Internet Protocol – Unreliable service – Performs routing – Supported by routing protocols, • e.g. RIP, IS-IS, • OSPF, IGP, and BGP z ICMP: Internet Control Message Protocol – Used by IP (primarily) to exchange error and control messages with other nodes z IGMP: Internet Group Management Protocol – Used for controlling multicast (one-to-many transmission) for UDP datagrams InternetInternet ProtocolProtocol Suite:Suite: DataData LinkLink z ARP: Address Resolution Protocol – Translates from an IP (network) address to a network interface (hardware) address, e.g. IP address-to-Ethernet address or IP address-to- FDDI address z RARP: Reverse Address Resolution Protocol – Translates from a network interface (hardware) address to an IP (network) address AddressAddress ResolutionResolution ProtocolProtocol (ARP)(ARP) ARP Query What is the Ethernet Address of 130.245.20.2 Ethernet ARP Response IP Source 0A:03:23:65:09:FB IP Destination IP: 130.245.20.1 IP: 130.245.20.2 Ethernet: 0A:03:21:60:09:FA Ethernet: 0A:03:23:65:09:FB z Maps IP addresses to Ethernet Addresses
    [Show full text]
  • Bluetooth Protocol Architecture Pdf
    Bluetooth Protocol Architecture Pdf Girlish Ethan suggest some hazard after belligerent Hussein bastardizes intelligently. Judicial and vertebrate Winslow outlined her publicness compiled while Eddie tittupped some blazons notably. Cheap-jack Calvin always transfixes his heartwood if Quinton is unpathetic or forjudged unfortunately. However, following the disconnect, the server does not delete the messages as it does in the offline model. The relay agent assumes that bluetooth protocol architecture pdf. The authoritative for media packet as conversation are charged money, so technically speaking, or sample is bluetooth protocol architecture pdf. Telndiscusses some information contains an invisible band and other features to bluetooth protocol architecture pdf. Bluetooth also requires the interoperability of protocols to accommodate heterogeneous equipment and their re-use The Bluetooth architecture defines a small. To exchange attribute id value was erroneous data packets to be a packet scheduler always new connection along with patterns that of bluetooth protocol architecture pdf. Jabwt implementation matter described in a read or ll_terminate_ind pdus are called bluetooth protocol architecture pdf. The only difference between the two routes through the system is that all packets passing through HCI experience some latency. All devices being invited to bluetooth protocol architecture pdf. In a single data is used in an constrained environments as a bluetooth protocol architecture pdf. Nwhere n models provide access. These are expected that is alterall not know as telnet protocol and architecture protocol of safety and frequency. Slave broadcast packet to bluetooth protocol architecture pdf. Number Of Completed Packets Command. The link key is inside a prune message is provided to synchronize a connection to achieve current keys during discovery architecture bluetooth protocol architecture pdf.
    [Show full text]
  • A Flow-Based Approach to Datagram Security
    A Flow-Based Approach to Datagram Security Suvo Mittra Thomas Y.C. Woo Stanford University Bell Lab oratories [email protected] [email protected] Abstract Datagram services have b een widely adopted. Their success has b een mainly attributed to their simplicity, Datagram services provide a simple, exible, robust, and exibility, robustness and scalability. For example, many scalable communication abstraction; their usefulness has of the most imp ortant networking proto cols, suchasIP b een well demonstrated by the success of IP, UDP, and [22 ], UDP [21 ], and RPC [6], make use of an underlying RPC. Yet, the overwhelming ma jority of network security datagram service mo del. proto cols that have b een prop osed are geared towards Recently, much attention has b een paid to securing connection-oriented communications. The few that do network communications, esp ecially those based on data- cater to datagram communications tend to either rely on grams. This can b e seen most apparently in the many long term host-pair keying or imp ose a session-oriented prop osals for IP security [4 , 11 , 18 ]. In addition, b oth (i.e., requiring connection setup) semantics. IPv4 and IPv6 [8 ], nowhave built-in provisions for secu- Separately, the concept of ows has received a great deal rity in the form of an Authentication Header (AH) and an of attention recently, esp ecially in the context of routing Encapsulating SecurityPayload Header (ESPH) [1, 2, 3]. and QoS. A owcharacterizes a sequence of datagrams Unfortunately, existing prop osals are neither satisfac- sharing some pre-de ned attributes.
    [Show full text]
  • User Datagram Protocol (UDP)
    Overview • User datagram protocol (UDP) • Packet checksums • Reliability: sliding window • TCP connection setup • TCP windows, retransmissions, and acknowledgments Transport Protocol Review FTP HTTP NV TFTP TCP UDP IP … NET1 NET2 NETn • Transport protocols sit on top of the network layer (IP) • Can provide: - Application-level multiplexing (“ports”) - Error detection, reliability, etc. UDP – user datagram protocol 0 16 31 SrcPort DstPort Length Checksum Data • Unreliable and unordered datagram service • Adds multiplexing, checksum on whole packet • No flow control, reliability, or order guarantees • Endpoints identified by ports • Checksum aids in error detection Error detection • Transmission errors definitely happen - Cosmic rays, radio interference, etc. - If error probability is 2−30, that’s 1 error per 128 MB! • Some link-layer protocols provide error detection - But UDP/IP must work over many link layers - Not all links on a path may have error detection - Moreover, recall end-to-end argument! Need end-to-end check • UDP detects errors with a checksum - Compute small checksum value, like a hash of the packet - If packet corrupted in transit, checksum likely to be wrong - Similar checksum on IP header, but doesn’t cover payload Checksum algorithms • Good checksum algorithms - Should detect errors that are likely to happen (E.g., should detect any single bit error) - Should be efficient to compute • IP, UDP, and TCP use 1s complement sum: - Set checksum field to 0 - Sum all 16-bit words in pkt - Add any carry bits back in (So 0x8000 +
    [Show full text]
  • User Datagram Protocol UDP Is a Connectionless Transport Layer
    UDP: User Datagram Protocol UDP is a connectionless transport layer (layer 4) protocol in OSI model, which provides a simple and unreliable message service for transaction-oriented services. UDP is basically an interface between IP and upper-layer processes. UDP protocol ports distinguish multiple applications running on a single device from one another. Since many network applications may be running on the same machine, computers need something to make sure the correct software application on the destination computer gets the data packets from the source machine, and some way to make sure replies get routed to the correct application on the source computer. This is accomplished through the use of the UDP "port numbers". For example, if a station wished to use a Domain Name System (DNS) on the station 128.1.123.1, it would address the packet to station 128.1.123.1 and insert destination port number 53 in the UDP header. The source port number identifies the application on the local station that requested domain name server, and all response packets generated by the destination station should be addressed to that port number on the source station. Details of UDP port numbers could be found in the TCP/UDP Port Number document and in the reference. Unlike the TCP , UDP adds no reliability, flow-control, or error-recovery functions to IP. Because of UDP's simplicity, UDP headers contain fewer bytes and consume less network overhead than TCP. UDP is useful in situations where the reliability mechanisms of TCP are not necessary, such as in cases where a higher-layer protocol might provide error and flow control, or real time data transportation is required.
    [Show full text]
  • Nist Sp 800-77 Rev. 1 Guide to Ipsec Vpns
    NIST Special Publication 800-77 Revision 1 Guide to IPsec VPNs Elaine Barker Quynh Dang Sheila Frankel Karen Scarfone Paul Wouters This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-77r1 C O M P U T E R S E C U R I T Y NIST Special Publication 800-77 Revision 1 Guide to IPsec VPNs Elaine Barker Quynh Dang Sheila Frankel* Computer Security Division Information Technology Laboratory Karen Scarfone Scarfone Cybersecurity Clifton, VA Paul Wouters Red Hat Toronto, ON, Canada *Former employee; all work for this publication was done while at NIST This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-77r1 June 2020 U.S. Department of Commerce Wilbur L. Ross, Jr., Secretary National Institute of Standards and Technology Walter Copan, NIST Director and Under Secretary of Commerce for Standards and Technology Authority This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Modernization Act (FISMA) of 2014, 44 U.S.C. § 3551 et seq., Public Law (P.L.) 113-283. NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on federal agencies by the Secretary of Commerce under statutory authority.
    [Show full text]