Computer Communications

Selective Repeat ARQ

Selective Repeat ARQ is a specific instance of the Automatic Repeat-reQuest (ARQ) Protocol, in which the sending process continues to send a number of frames specified by a window size even after a frame loss. Unlike Go-Back-N ARQ, the receiving process will continue to accept and acknowledge frames sent after an initial error.

Features required for Selective Repeat ARQ

* To support Go-Back-N ARQ, a protocol must number each PDU which is sent. (PDUs are normally numbered using modulo arithmetic, which allows the same number to be re-used after a suitably long period of time. The time period is selected to ensure the same PDU number is never used again for a different PDU, until the first PDU has “left the network” (e.g. it may have been acknowledged)).
* The local node must also keep a buffer of all PDUs which have been sent, but have not yet been acknowledged.
* The receiver at the remote node keeps a record of the highest numbered PDU which has been correctly received. This number corresponds to the last acknowledgement PDU which it may have sent.

The above features are also required for Go-Back-N, however for selective repeat, the receiver must also maintain a buffer of frames which have been received, but not acknowledged.
Recovery of lost PDUs using Selective Repeat ARQ

The recovery of a corrupted PDU proceeds in four stages:

* First, the corrupted PDU is discarded at the remote node’s receiver.
* Second, the remote node requests retransmission of the missing PDU using a control PDU (sometimes called a Selective Reject). The receiver then stores all out-of-sequence PDUs in the receive buffer until the requested PDU has been retransmitted.
* The sender receives the retransmission request and then transmits the lost PDU(s).
* The receiver forwards the retransmitted PDU, and all subsequent in-sequence PDUs which are held in the receive buffer.

Retransmission using Selective Repeat

A remote node may request retransmission of corrupted PDUs by initiating Selective Repeat error recovery by sending a control PDU indicating the missing PDU. This allows the remote node to instruct the sending node where to retransmit the PDU which has not been received. The remote stores any out-of-sequence PDUs (i.e. which do not have the expected sequence number) until the retransmission is complete.

Upon receipt of a Selective Repeat control PDU (by the local node), the transmitter sends a single PDU from its buffer of unacknowledged PDUs. The transmitter then continues normal transmission of new PDUs until the PDUs are acknowledged or another selective repeat request is received.

Operation of Selective Repeat. The sender transmits four PDUs (1-4). The first PDU (1) is corrupted and not received. The receiver detects this when it receives PDU(2), which it stores in the receive buffer and requests a selective repeat of PDU(1). The sender responds to the request by sending PDU(1), and then continues sending PDUs (5-7). The receiver stores all subsequent out-of-sequence PDUs (3-4), until it receives PDU(1) correctly. The received PDU (1) and all stored PDUs (2-4) are then forwarded, followed by (5-7) as each of these is received in turn.

If the retransmission is not successful, the protocol relies upon a protocol timer in the local node to detect that no acknowledgment was received. The lost PDUs may then be recovered by Polling.

Comparison of ARQ Methods

The table below provides a comparison of the various ARQ methods described. (W is the window size, or number of PDUs which may be in transit at any one time).

ARQ Method Sender Buffer Receiver Buffer Control PDUs
Stop-and-Wait 1 PDU 1 PDU ACK
Polling W PDUs 1 PDU ACK, Poll, Response
Go-Back-N W PDUs 1 PDU ACK, Go-Back-N
Selective Repeat W PDUs W PDUs ACK, Selective Repeat

Protocol Output Formats

The output of the tcpdump command is protocol-dependent. The following are brief descriptions and examples of most output formats.

TCP Packets

The general format of a TCP protocol line is:

src > dst: flags data-seqno ack win urg options

In the following list of fields, src, dst and flags are always present. The other fields depend on the contents of the packet’s TCP protocol header and are output only if appropriate.
src Indicates the source (host) address and port. The src field is always specified.
dst Indicates the destination address and port. The dst field is always specified.
flags Specifies some combination of the flags S (SYN), F (FIN), P (PUSH) or R (RST) or a single . (period) to indicate no flags. The flags field is always specified.
data-seqno Describes the portion of sequence space covered by the data in this packet (see example below).
ack Specifies (by acknowledgement) the sequence number of the next data expected from the other direction on this connection.
win Specifies the number of bytes of receive buffer space available from the other direction on this connection.
urg Indicates there is urgent data in the packet.
options Specifies TCP options enclosed in angle brackets (for example, ).

Here is the opening portion of the rlogin command from host gil to host devo:

gil.1023 > devo.login:S 768512:768512(0) win 4096
devo.login > gil.1023:S 947648:947648(0) ack 768513 win 4096
gil.1023 > devo.login: . ack 1 win 4096
gil.1023 > devo.login: P 1:2(1) ack 1 win 4096
devo.login > gil.1023: ack 2 win 4096
gil.1023 > devo.login: P 2:21(19) ack 1 win 4096
devo.login > gil.1023: P 1:2(1) ack 21 win 4077
devo.login > gil.1023: P 2:3(1) ack 21 win 4077 urg 1
devo.login > gil.1023: P 3:4(1) ack 21 win 4077 urg 1

The first line says that TCP port 1023 on host gil sent a packet to the login port on host devo. The S indicates that the SYN flag was set. The packet sequence number was 768512 and it contained no data. (The notion is `first:last(nbytes)’ which means `sequence numbers first up to but not including last which is nbytes bytes of user data’.) There was no piggy-backed ack field, the available receive field win was 4096 bytes and there was a max-segment-size(mss) option requesting an mss of 1024 bytes.

Host Devo replies with a similar packet except it includes a piggy-backed ack field for host gil’s SYN. Host gil then acknowledges host devo’s SYN. The . (period) means no flags were set. The packet contains no data so there is no data sequence number.

Note: The ack field sequence number is a small integer (1).

The first time a tcpdump sees a TCP conversation, it prints the sequence number from the packet. On subsequent packets of conversation, the difference between the current packet’s sequence number and this initial sequence number is printed. This means that sequence numbers after the first can be interpreted as relative byte positions in the conversation’s data stream (with the first data byte each direction being 1). The -S flag overrides this feature, causing the original sequence numbers to be output.

On the sixth line, host gil sends host devo 19 bytes of data (bytes 2 through 20 in the gil-devo side of the conversation). The PUSH flag is set in the packet. On the seventh line, host devo says it received data sent by host gil up to but not including byte 21. Most of this data is apparently sitting in the socket buffer since host devo’s receive window has gotten 19 bytes smaller. Host devo also sends one byte of data to host gil in its packet. On the eighth and ninth lines, host devo sends two bytes of urgent PUSH data to host gil.

UDP Packets

UDP format is illustrated by this rwho command packet:

devo.who > bevo.who: udp 84

This command sequence says that port who on host devo sent a udp datagram to port who on host bevo. The packet contained 84 bytes of user data.

Some UDP services are recognized (from the source or destination port number) and the higher level protocol information is printed. In particular, Domain Name service requests (RFC-1034/1035) and Sun RPC calls (RFC-1050) to NFS.

UDP Name Server Requests

Name server requests are formatted as:

src > dst: id op? flags qtype qclass name (len)

In addition to those fields previously explained, UDP name server requests have the following:
id Specifies the identification number of the query.
op Specifies the type of operation. The default is the query operation.

qclass

name

(len)

An example of a name server rquest is:

tnegev.1538 > tnubia.domain: 3+ A? austin.ibm.com. (37)

Host tnegev asked the domain server on tnubia for an address record (qtype=A) associated with the name austin.ibm.com. The query id was 3. The + (plus sign) indicates the recursion desired flag was set. The query length was 37 bytes, not including the UDP and IP protocol headers. The query operation was the normal one, Query, so the op field was omitted. If the op had been anything else, it would have been printed between the 3 and the + . Similarly, the qclass was the normal one (C_IN), and it was omitted. Any other qclass would have been printed immediately after the A.

A few anomalies are checked and may result in extra fields enclosed in square brackets. If a query contains an answer, name server, or authority section, then ancount, nscount, or arcount are printed as [na], [nn] or [nau] where n is the appropriate count. If any of the response bits are set (AA, RA, or rcode) or any of the `must be zero’ bits are set in bytes two and three [b2&3=x] is printed, where x is the hex value of header bytes two and three.

UDP Name Server Responses

Name server responses are formatted as:

src > dst: id op rcode flags a/n/au type class data (len)

In addition to those fields previously explained, UDP name server responses have the following:

rcode

data

An example of a name server response is:

tnubia.domain > tnegev.1538: 3 3/3/7 A 129.100.3
tnubia.domain > tnegev.1537: 2 NXDomain* 0/1/0 (97)

In the first example, tnubia responds to query 3 from tnegev with 3 answer records, 3 name server records, and 7 authority records. The first answer record is type A (address) and its data is internet address 129.100.100.3. The total size of the response was 273 bytes, excluding UDP and IP headers. The op (Query) and response code (NoError) were omitted, as was the class (C_IN) of the A record.

In the second example, tnubia responds to query 2 with a response code of non-existent domain (NXDomain) and with 0 answer records, 1 name server record, and 0 authority records. The * (asterisk) indicates that the authoritative answer bit was set. Since there were no answers, no type, class, or data were printed.

Other flag characters that might appear are – (recursion available, RA, not set) and | (truncated message, TC, set).

Note: Name server requests and responses tend to be large and the default snaplen of 80 bytes may not capture enough of the packet to print. Use the -s flag to increase the snaplen if you need to investigate large quantities of name server traffic.

NFS Requests

Sun NFS (Network FIle System) requests and replies are formatted as:

src.xid > dst.nfs: len op args
src.nfs > dst.xid: reply stat len

In addition to fields previously explained, NFS requests and responses include these fields:
args Specifies the directory file$file handle$.
reply stat Indicates the response status of the operation.

An example of an NFS request and response is:

L1.e2766 > L2.nfs: 136 readdir fh 6.5197 8192 bytes @ 0
L2.nfs > L1.e2766: reply ok 384
L1.e2767 > L2.nfs: 136 lookup fh 6.5197 `RCS’

In the first line, host L1 sends a transaction with id e2766 to L2 (note that the number following the src host is a transaction id, not the source port). The request was 136 bytes, excluding the UDP and IP headers. The operation was a readir (read directory) on file handle (fh) 6.5197. Starting at offset 0, 8192 bytes are read. L2 replies ok with 384 bytes of data.

In the third line, L1 asks L2 to lookup the name `RCS’ in directory file 6.5197. Note that the data printed depends on the operation type.

Note: NFS requests are very large and the above won’t be printed unless snaplen is increased. Use the flag -s 192 to watch NFS traffic.

The best place to start looking at TCP/IP is probably the name itself. TCP/IP in fact consists of dozens of different protocols, but only a few are the “main” protocols that define the core operation of the suite. Of these key protocols, two are usually considered the most important. The Internet Protocol (IP) is the primary OSI network layer (layer three) protocol that provides addressing, datagram routing and other functions in an internetwork. The Transmission Control Protocol (TCP) is the primary transport layer (layer four) protocol, and is responsible for connection establishment and management and reliable data transport between software processes on devices.

Due to the importance of these two protocols, their abbreviations have come to represent the entire suite: “TCP/IP”. (In a moment we’ll discover exactly the history of that name.) IP and TCP are important because many of TCP/IP’s most critical functions are implemented at layers three and four. However, there is much more to TCP/IP than just TCP and IP. The protocol suite as a whole requires the work of many different protocols and technologies to make a functional network that can properly provide users with the applications they need.

TCP/IP uses its own four-layer architecture that corresponds roughly to the OSI Reference Model and provides a framework for the various protocols that comprise the suite. It also includes numerous high-level applications, some of which are well-known by Internet users who may not realize they are part of TCP/IP, such as HTTP (which runs the World Wide Web) and FTP. In the topics on TCP/IP architecture and protocols I provide an overview of most of the important TCP/IP protocols and how they fit together.

Early TCP/IP History

As I said earlier, the Internet is a primary reason why TCP/IP is what it is today. In fact, the Internet and TCP/IP are so closely related in their history that it is difficult to discuss one without also talking about the other. They were developed together, with TCP/IP providing the mechanism for implementing the Internet. TCP/IP has over the years continued to evolve to meet the needs of the Internet and also smaller, private networks that use the technology. I will provide a brief summary of the history of TCP/IP here; of course, whole books have been written on TCP/IP and Internet history, and this is a technical Guide and not a history book, so remember that this is just a quick look for sake of interest.

The TCP/IP protocols were initially developed as part of the research network developed by the United States Defense Advanced Research Projects Agency (DARPA or ARPA). Initially, this fledgling network, called the ARPAnet, was designed to use a number of protocols that had been adapted from existing technologies. However, they all had flaws or limitations, either in concept or in practical matters such as capacity, when used on the ARPAnet. The developers of the new network recognized that trying to use these existing protocols might eventually lead to problems as the ARPAnet scaled to a larger size and was adapted for newer uses and applications.

In 1973, development of a full-fledged system of internetworking protocols for the ARPAnet began. What many people don’t realize is that in early versions of this technology, there was only one core protocol: TCP. And in fact, these letters didn’t even stand for what they do today; they were for the Transmission Control Program. The first version of this predecessor of modern TCP was written in 1973, then revised and formally documented in RFC 675, Specification of Internet Transmission Control Program, December 1974.

Modern TCP/IP Development and the Creation of TCP/IP Architecture

Testing and development of TCP continued for several years. In March 1977, version 2 of TCP was documented. In August 1977, a significant turning point came in TCP/IP’s development. Jon Postel, one of the most important pioneers of the Internet and TCP/IP, published a set of comments on the state of TCP. In that document (known as Internet Engineering Note number 2, or IEN 2), he provided what I consider superb evidence that reference models and layers aren’t just for textbooks, and really are important to understand

We are screwing up in our design of internet protocols by violating the principle of layering. Specifically we are trying to use TCP to do two things: serve as a host level end to end protocol, and to serve as an internet packaging and routing protocol. These two things should be provided in a layered and modular way. I suggest that a new distinct internetwork protocol is needed, and that TCP be used strictly as a host level end to end protocol.

What Postel was essentially saying was that the version of TCP created in the mid-1970s was trying to do too much. Specifically, it was encompassing both layer three and layer four activities (in terms of OSI Reference Model layer numbers). His vision was prophetic, because we now know that having TCP handle all of these activities would have indeed led to problems down the road.

Postel’s observation led to the creation of TCP/IP architecture, and the splitting of TCP into TCP at the transport layer and IP at the network layer; thus the name “TCP/IP”. (As an aside, it’s interesting, given this history, that sometimes the entire TCP/IP suite is called just “IP”, even though TCP came first.) The process of dividing TCP into two portions began in version 3 of TCP, written in 1978. The first formal standard for the versions of IP and TCP used in modern networks (version 4) were created in 1980. This is why the first “real” version of IP is version 4 and not version 1. TCP/IP quickly became the standard protocol set for running the ARPAnet. In the 1980s, more and more machines and networks were connected to the evolving ARPAnet using TCP/IP protocols, and the TCP/IP Internet was born.

IMPORTANT FEATURES IN THE SUCCESS OF TCP/IP

TCP/IP was at one time just “one of many” different sets of protocols that could be used to provide network-layer and transport-layer functionality. Today there are still other options for internetworking protocol suites, but TCP/IP is the universally-accepted world-wide standard. Its growth in popularity has been due to a number of important factors. Some of these are historical, such as the fact that it is tied to the Internet as described above, while others are related to the characteristics of the protocol suite itself. Chief among these are the following:

Integrated Addressing System: TCP/IP includes within it (as part of the Internet Protocol, primarily) a system for identifying and addressing devices on both small and large networks. The addressing system is designed to allow devices to be addressed regardless of the lower-level details of how each constituent network is constructed. Over time, the mechanisms for addressing in TCP/IP have improved, to meet the needs of growing networks, especially the Internet. The addressing system also includes a centralized administration capability for the Internet, to ensure that each device has a unique address.

Design For Routing: Unlike some network-layer protocols, TCP/IP is specifically designed to facilitate the routing of information over a network of arbitrary complexity. In fact, TCP/IP is conceptually concerned more with the connection of networks, than with the connection of devices. TCP/IP routers enable data to be delivered between devices on different networks by moving it one step at a time from one network to the next. A number of support protocols are also included in TCP/IP to allow routers to exchange critical information and manage the efficient flow of information from one network to another.

Underlying Network Independence: TCP/IP operates primarily at layers three and above, and includes provisions to allow it to function on almost any lower-layer technology, including LANs, wireless LANs and WANs of various sorts. This flexibility means that one can mix and match a variety of different underlying networks and connect them all using TCP/IP.

Scalability: One of the most amazing characteristics of TCP/IP is how scalable its protocols have proven to be. Over the decades it has proven its mettle as the Internet has grown from a small network with just a few machines to a huge internetwork with millions of hosts. While some changes have been required periodically to support this growth, these changes have taken place as part of the TCP/IP development process, and the core of TCP/IP is basically the same as it was 25 years ago.

Open Standards and Development Process: The TCP/IP standards are not proprietary, but open standards freely available to the public. Furthermore, the process used to develop TCP/IP standards is also completely open. TCP/IP standards and protocols are developed and modified using the unique, democratic “RFC” process, with all interested parties invited to participate. This ensures that anyone with an interest in the TCP/IP protocols is given a chance to provide input into their development, and also ensures the world-wide acceptance of the protocol suite.

Universality: Everyone uses TCP/IP because everyone uses it!

“A South African information technology company on Wednesday proved it was faster for them to transmit data with a carrier pigeon than to send it using Telkom, the country’s leading internet service provider. Internet speed and connectivity in Africa’s largest economy are poor because of a bandwidth shortage. It is also expensive. Local news agency SAPA reported the 11-month-old pigeon, Winston, took one hour and eight minutes to fly the 80 km (50 miles) from Unlimited IT’s offices near Pietermaritzburg to the coastal city of Durban with a data card was strapped to his leg. Including downloading, the transfer took two hours, six minutes and 57 seconds the time it took for only four percent of the data to be transferred using a Telkom line.”

well guys in today’s lecture we heard mam teaching us about the chocking & bandwidth shortage using a tranparent pipe she explained this is one of the practical example of it

Team name: Vintage BOYS
Team Members:
1. Amar N H 1MS07IS002
2. Harsh Singh 1MS07IS033
3. Mohammad Tabrej 1MS07IS052
4. Pavan Rao T K 1MS07IS063

Group A Project: TCPdump, IP utilities
Group B Project: Selective Repeat Arq
Presentation of group A project – 14/10/09(doubtful since first internals are reportedly starting on that day) Not Completed
Presentation of group B project -
Group A ppt not uploaded
Group B ppt not uploaded
Group A project report not made
Group B project report not made
Group A Problems faced – Date not yet confirmed

USES:

We use tcpdump to measure the response time and the packet loss percentages. It can also tell us about lack of reachability for some distant server.

Using tcpdump we have a view on any TCP/UDP connection Establishment and Termination. TCP uses a special mechanism to set and close connections (we will discuss this later on); we measure the time lapse between the packets involved with this mechanism in order to know how fast some connections operate.

To install tcmdump

#apt-get install tcpdump

LAN: Local area network.
A local area network (LAN) supplies networking capability to a group of computers in close proximity to each other such as in an office building, a school, or a home.
LAN allows certain computers on the network to offer their resources such as printers, Hard disks, floppy, printers etc..for use by other computers on the network as if hey were their own.
The computer which provides resources are called as “SERVER” and the computer which uses is called as “WORKSTATIONS”. If a computer works as a server and a workstation simultaneously it is called as peer and the network without dedicated server is called as peer-to-peer networks and in a dedicated server environment, its called a Client-Server based network.

How it works:
A LAN consists of two or more computers each equipped with a communication device called network interface or network adapter. Network interfaces are connected to one another by some type of communications medium, which provide pathway for electrical signals that connect all of the computers on the LAN. The most widely used, cost-effective and highest performance network medium in use today is twisted pair ETHERNET CABLE. The transfer of data, file access are controlled by an administrator
Relatively new technology called wireless ethernet uses radio signal instead of copper cables.

For ex: Assume two computers, say COMPUTER A and COMPUTER B are connected by a LAN newtork, Computer A contains a CD ROM and Computer B doesn’t have CD ROM, B wil be able to access A’s CD ROM through LAN.

TCPDUMP is a network protocol analyser which works on command line.it is the pre version of network protocol analysers like ethereal and wireshark

TCP Dump allows you to examine the header or content of each packet flowing over an interface or data link. To begin monitoring, select the desired interface from the “Monitor interface” popup and press “Start”.

TCP Dump in IPNetMonitorX is a simple User Interface to the underlying unix “tcpdump” facility. Unix tcpdump has many options allowing you to specify in detail what packets you want to capture including protocols, interfaces, and link layer headers. The Options field accepts standard tcpdump options (“-n -p -t” for example to show numeric addresses, do not set promiscuous mode, and no time stamps).

Naturally you can run tcpdump directly from a terminal window if desired. The reason to incorporate TCP Dump in IPNetMonitorX is simple user convenience.

While TCP Dump is well suited to capturing packet headers and protocol information, it is less ideal for viewing the actual TCP data flow between a client and server. For this purpose, you can “Use TCP Flow” instead of TCP Dump. tcpflow is an open source utility distributed under GNU .

picture source-

http://sustworks.com/site/prod_ipmx_help/html/TCPDumpHelp.html

The grab of TCPDUMP from ethereal

tcpdump is used on platforms like ethereal by network professionals for troubleshooting, analysis, software and protocol development. It has all of the standard features you would expect in a protocol analyzer, and several features not seen in any other product. Its open source licence allows people in the networking community to add enhancements. It runs on all popular computing platforms, including Unix, Linux, and Windows.although the windows version is enhanced with ethereal modern day network analyzers like wireshark are more popular and have made it redundant.

abridged from-http://www.ethereal.com/
parisparfait.typepad.com

As said previously, tcp dump is an analyser tool which displays the packets which flow in a network or an interface in a computer or a server(which analyses the packets which the server is using) and displays them. It allows us to view entire ethernet frame or other link layer and if required print the frame header. By default, tcp dump prints the packets at the IP layer. TCPdump generally helps in solving a variety of problems and analysts say that the number of server based problems that could be solved by using TCPdump is limitless since it prints detailed information about network traffic, helps in debug denial and during service attacks. If a network is flooded and all other attempts to determine the source or destination of the traffic fail, tcpdump will show you the source address, destination address, and type of traffic involved.