4.0.

Layer 4 - Transport

4.1 Introduction
4.2 Transmission Control Protocol (TCP)
4.2.1 TCP ports
4.2.2 TCP segment header
4.2.3 Checksum computation
4.2.4 TCP 3-Way Handshake
4.2.5 Sliding window protocol
4.3 User Datagram Protocol (UDP)
4.3.1 UDP ports
4.3.2 UDP datagram header
4.3.3 Checksum computation
4.4 Comparison of UDP and TCP
4.5 References

4.1 Introduction
Layer 4 is the Transport layer. The transport layer creates virtual Transfer Control Protocol (TCP) or User Datagram Protocol (UDP)
connections between network hosts. This layer sends and receives data to and from the applications running on its host. The Transport
layer assigns port numbers to the processes running in applications on the host and adds a TCP or UDP header to the messages received
from the applications detailing the source and destination port numbers.

4.2 Transmission Control Protocol (TCP)

The Transmission Control Protocol (TCP) is one of the main protocols of the Internet protocol suite. TCP is connection-oriented and a
connection between client and server is established before data can be sent. The server must be listening (passive open) for connection
requests from clients before a connection is established.

4.2.1 TCP ports

A TCP connection is identified by a four-tuple of the source address, source port, destination address, and destination port. Port numbers
are used to identify different services, and to allow multiple connections between hosts to be multiplexed. TCP uses 16-bit port numbers,
providing a space of 65,536 possible values for each of the source and destination ports.

4.2.2 TCP segment header

Figure 4.2.1 TCP segment header format

Name Length Mean Note

Source port 16 bits Identifies the sending port.

 Destination port 16 bits Identifies the receiving port.

Sequence 32 bits If the SYN flag is set (1), then this is the initial sequence number. The sequence number of the actual
number first data byte is this sequence number plus 1.
If the SYN flag is unset (0), then this is the accumulated sequence number of the first data byte of this
segment for the current session.

Acknowledgment 32 bits If the ACK flag is set then this field value is the next sequence number that the sender of the ACK is
number expecting.

Data offset 4 bits Specifies the size of the TCP header in 32-bit words. The minimum size header is 5 words and the
maximum is 15 words thus giving the minimum size of 20 bytes and maximum of 60 bytes, allowing for up
to 40 bytes of options in the header.

Reserved 4 bits For future use and should be set to zero.

Flags 8 bits Contains 8 1-bit flags (control bits) as follows:

CWR (1 bit): Congestion window reduced (CWR) flag is set by the sending host to indicate that it
received a TCP segment with the ECE flag set and had responded in congestion control mechanism.
ECE (1 bit): ECN-Echo has a dual role, depending on the value of the SYN flag. It indicates:
If the SYN flag is set (1), the TCP peer is ECN capable.
If the SYN flag is unset (0), a packet with the Congestion Experienced flag set (ECN=11) in its IP
header was received during normal transmission. This serves as an indication of network
congestion (or impending congestion) to the TCP sender.
URG (1 bit): Indicates that the Urgent pointer field is significant.
ACK (1 bit): Indicates that the Acknowledgment field is significant. All packets after the initial SYN
packet sent by the client should have this flag set.
PSH (1 bit): Push function. Asks to push the buffered data to the receiving application.
RST (1 bit): Reset the connection.
SYN (1 bit): Synchronize sequence numbers. Only the first packet sent from each end should have this
flag set. Some other flags and fields change meaning based on this flag, and some are only valid when
it is set, and others when it is clear.
FIN (1 bit): Last packet from sender

Window size 16 bits The size of the receive window.

Checksum 16 bits The 16-bit checksum field is used for error-checking of the TCP header, the payload and an IP pseudo-
header. The pseudo-header consists of the source IP address, the destination IP address, the protocol
number for the TCP protocol (6) and the length of the TCP headers and payload (in bytes)

Urgent pointer 16 bits If the URG flag is set, then this 16-bit field is an offset from the sequence number indicating the last urgent
data byte.

Options Variable 0– The length of this field is determined by the data offset field.
320 bits, in
units of 32
bits

Padding The TCP header padding is used to ensure that the TCP header ends, and data begins, on a 32-bit
boundary. The padding is composed of zeros.

4.2.3 Checksum computation

The checksum field is the 16-bit ones' complement of the ones' complement sum of all 16-bit words in the header and data.

TCP prepends the pseudo header to TCP datagram, and computes the checksum for pseudo header, TCP header and data. Then the
checksum value is inserted to the Checksum field of TCP header. Pseudo header is used only for calculating the checksum value. It is not a
part of actual TCP packet and it is never sent over network.

The pseudo header is not the real IP header and used to send an IP packet. It is used only for the checksum calculation.

Example calculate checksum value:

checksum = source_addresses + destination_addresses + protocol + tcp_length

if checksum > 0xFFFF, checksum = checksum - 0xFFFF

 TCP checksum for IPv4

Figure 4.2.2 TCP checksum for IPv4

TCP checksum for IPv6

Figure 4.2.3 TCP checksum for IPv6

Name Mean Note

Source addresses The source address of IPv4/IPv6

Destination addresses The destination address of IPv4/IPv6

Protocol/ Next Header The protocol value for TCP 6 (0x06) with TCP

TCP Length The length of the TCP header and data Measured in octets (byte)

4.2.4 TCP 3-Way Handshake

Before a client attempts to connect with a server, the server must first bind to and listen at a port to open it up for connections: this is
called a passive open. Once the passive open is established, a client may establish a connection by initiating an active open using the three-
way (or 3-step) handshake.
 Figure 4.2.4 TCP 3-Way Handshake

SYN: The active open is performed by the client sending a SYN to the server. The client sets the segment's sequence number to a
random value A.
SYN-ACK: In response, the server replies with a SYN-ACK. The acknowledgment number is set to one more than the received
sequence number i.e. A+1, and the sequence number that the server chooses for the packet is another random number, B.
ACK: Finally, the client sends an ACK back to the server. The sequence number is set to the received acknowledgment value i.e.
A+1, and the acknowledgment number is set to one more than the received sequence number i.e., B+1.

4.2.5 Sliding window protocol

The sliding window protocol is a method designed in the network model that allows data exchange more efficiently and within the scope of
clearly defined steps in the channel.

In the sliding window protocol, some of the most important features that are applied in a network model are as mentioned:

This protocol allows sharing multiple data frames from the sender before receiving any acknowledgment from the receiver side.
The data frames shared in the channel are defined by the window size mentioned in the network model, which defines the
maximum number of frames that can be transmitted at a time from the sender to the receiver side before expecting any
acknowledgment.
Each of the frames in the network model is assigned a sequence number to increase the transmission efficiency.
The data frames shared from the sender to the receiver side are enclosed within a virtual sliding window, which represents that
these are awaiting acknowledgment from the receiver side.

Working of the Sliding Window Protocol

Figure 4.2.5 Working of the sliding window protocol.

The working of the sliding window protocol can be divided into two steps sender steps, and the receiver steps.

Steps for the Sender Side:

The sender side will share data frames with the receiver side per the window size assigned to the model.
The sliding window will appear on the frames transmitted over to the receiver side.
Then the sender will wait for an acknowledgment from the receiver side for the shared frames.
When the receiver transmits the acknowledgment of the first transmitted frame, the sliding window will shift from the
acknowledged frame.

Steps for the Receiver Side:

On receiving the data frames from the sender side, the receiver will use the frames in the network model.
After the receiver uses the frame, it will transmit the acknowledgement to the sender side for that data frame.
Then, the receiver side will receive the next data frame from the sender side.

This process continues until all the frames are transmitted from the sender side to the receiver side, and the receiver side transmits the
acknowledgment of all the received frames.

Advantages:

In this protocol, a sender can share multiple frames and then wait for the acknowledgment.
This protocol has much better efficiency in comparison, with low time delay.
This protocol requires sorting for increased efficiency and applies full-duplex transmission.

Disadvantages:

In case the sender does not receive acknowledgement from the receiver side, the network model becomes inefficient.
Loss and wastage of bandwidth due to sharing multiple frames simultaneously.

4.3 User Datagram Protocol (UDP)

The User Datagram Protocol (UDP) is one of the core communication protocols of the Internet protocol suite used to send messages
(transported as datagrams in packets) to other hosts on an Internet Protocol (IP) network. Within an IP network, UDP does not require prior
communication to set up communication channels or data paths.

4.3.1 UDP ports

Applications can use datagram sockets to establish host-to-host communications. An application binds a socket to its endpoint of data
transmission, which is a combination of an IP address and a port. In this way, UDP provides application multiplexing. A port is a software
structure that is identified by the port number, a 16-bit integer value, allowing for port numbers between 0 and 65535. Port 0 is reserved
but is a permissible source port value if the sending process does not expect messages in response.

4.3.2 UDP datagram header

Figure 4.3.1 UDP segment header format

Name Mean Note

Source Port Identifies the sending port. Option

Destination Port Identifies the receiving port. Require

Length The length in bytes of the UDP header and UDP data 8 - 65535 bytes

Header and Data Checksum (Chapter 4.3.3) Use for error-checking of the header and data Optional in IPv4

Mandatory in most cases in IPv6

4.3.3 Checksum computation

Checksum is the 16-bit one's complement of the one's complement sum of a pseudo header of information from the IP header, the UDP
header, and the data, padded with zero octets at the end (if necessary) to make a multiple of two octets.

UDP prepends the pseudo header to UDP datagram, and computes the checksum for pseudo header, UDP header and data. Then the
checksum value is inserted to the Checksum field of UDP header. Pseudo header is used only for calculating the checksum value. It is not a
part of actual UDP packet and it is never sent over network.

The pseudo header is not the real IP header and used to send an IP packet. It is used only for the checksum calculation.

Example calculate checksum value:

checksum = source_addresses + destination_addresses + protocol + udp_length

if checksum > 0xFFFF, checksum = checksum - 0xFFFF

IPv4 pseudo header

Figure 4.3.2 UDP checksum for IPv4

IPv6 pseudo header

 Figure 4.3.3 UDP checksum for IPv6

Name Mean Note

Source addresses The source address of IPv4/IPv6

Destination addresses The destination address of IPv4/IPv6

Protocol/ Next Header The protocol value for UDP 17 (0x11) with UDP

UDP Length The length of the UDP header and data measured in octets (byte)

4.4 Comparison of UDP and TCP

Feature TCP UDP

Connection Requires an established connection to transmit data Connectionless protocol with no requirements
status (connection should be closed once transmission is for opening, maintaining, or terminating a
completed). connection.

Data Able to sequence. Unable to sequence.

sequencing

Reliability Can guarantee delivery of data to the destination Cannot guarantee delivery of data to the
router. destination.

Retransmission Retransmission of lost packets is possible No retransmission of lost packets.

of data

Error checking Extensive error checking and acknowledgment of data Basic error checking mechanism using
checksums.

Method of Data is read as a byte stream; messages are UDP packets with defined boundaries; sent
transfer transmitted to segment boundaries. individually and checked for integrity on arrival.

Speed Slower than UDP Faster than TCP

Broadcasting Does not support Broadcasting. Does support Broadcasting.

Optimal use Used by HTTPS, HTTP, SMTP, POP, FTP, etc. Video conferencing, streaming, DNS, VoIP, etc.

4.5 References
Sliding Window Protocol: Complete Step-by-Step Guide | Simplilearn