null | Skim’s Blog

Chapter 3: Transport Layer

🔹 1. Transport Layer Overview: Core Goals

✅ What Does the Transport Layer Do?

Provides logical communication between application processes on different hosts.

Builds on network layer (IP) — adds port-number-based demultiplexing and reliability/service controls.

Two protocols:

TCP: Connection-oriented, reliable, flow/congestion controlled
UDP: Connectionless, unreliable, lightweight

✅ Analogy:
IP = Postal Service → delivers letter (datagram) from house to house
TCP/UDP = Ann & Bill → deliver letter to specific kid in the house (via port)

🔹 2. Multiplexing & Demultiplexing (CRITICAL!)

✅ Defining Terms

Term	Meaning
Multiplexing	Sender combines data from multiple processes into one transport stream. Adds headers.
Demultiplexing	Receiver delivers incoming segment to the correct process using header info.

✅ How Demultiplexing Works

➤ UDP: 1-Tuple Demultiplexing

Uses only destination port number

All segments to same (host:port) go to same socket

Multiple clients → same server port = one server socket

Example: Client A (IP: 1.1.1.1, port 5000) → Server (10.10.10.10:53)Client B (IP: 1.1.1.2, port 5001) → Server (10.10.10.10:53) ✅ Both go to same DNS server socket!

✅ UDP is connectionless → no connection state → simple demux

➤ TCP: 4-Tuple Demultiplexing

Uses four values to identify a unique connection:

Allows multiple concurrent TCP connections to same server port.

Example: Three browsers open TCP to gaia.cs.umass.edu:80 → three different sockets on server!

Connection 1	192.168.1.2 : 5000 → 128.119.245.12 : 80
Connection 2	192.168.1.5 : 5001 → 128.119.245.12 : 80
Connection 3	192.168.1.2 : 5002 → 128.119.245.12 : 80

✅ Server has three separate sockets (one per connection).

🧠 Exam Tip:
UDP demux = destination port only
TCP demux = 4-tuple → allows multiple persistent connections

🔹 3. UDP: User Datagram Protocol

✅ UDP Features Table

Feature	UDP
Reliability	❌ No retransmissions, no ACKs
Order	❌ Packets may arrive out-of-order
Connection	❌ No handshaking
Congestion Control	❌ No flow or rate control → can flood network
Header Size	8 bytes (tiny!)
Checksum	✅ Optional (but usually used)
Use Cases	DNS, VoIP, live video, online games, DHCP, SNMP, HTTP/3

✅ Why Use UDP?

Low overhead → no connection setup delay (0-RTT)

No head-of-line blocking

Ideal for delay-sensitive apps (e.g., Zoom, Twitch)

Apps add their own reliability if needed → e.g., QUIC (HTTP/3)

✅ UDP Header (8 bytes)

✅ Checksum includes:
UDP header + payload
96-bit pseudo-header: Source IP, Dest IP, Protocol (17), UDP Length → End-to-end integrity — not just link-level

✅ Internet Checksum: 1's Complement Sum

Treats data as 16-bit integers → sum → take 1’s complement

Receiver recomputes — must equal 0 if no error

Weak protection: Can detect single-bit and some multi-bit errors ❌ Fails on two flipped bits that cancel out → not cryptographically secure

💡 Example: 0000 1111 + 1111 0000 = 1 0000 0000 → wraparound → 0000 0000 → checksum = 1111 1111

🔹 4. Reliable Data Transfer: Principles (The Foundation)

We design rdt protocols to provide reliable transport over unreliable channel (loss, corruption, reordering).

✅ Four Core Abstractions

Function	Description
`rdt_send(data)`	App calls this to send data
`udt_send(packet)`	Transport sends packet over unreliable channel
`rdt_rcv(packet)`	Transport receives packet from channel
`deliver_data(data)`	Transport delivers data to app

→ We model sender and receiver as Finite State Machines (FSMs).

✅ Progression of rdt Protocols

Protocol	Channel Assumption	Key Innovation
rdt1.0	Perfect channel	Just send and receive
rdt2.0	Bit errors (corruption)	ACKs and NAKs
rdt2.1	Bit errors + garbled ACK/NAK	Sequence numbers (0,1)
rdt2.2	Bit errors	NAK-free → ACKs with seq#
rdt3.0	Bit errors + packet loss	Timers + timeout

✅ Stop-and-Wait: One packet sent → wait for ACK → then next → Terrible efficiency

✅ rdt3.0 Performance: STOP-AND-WAIT IS SLOW!

💡 Pipelining → allows multiple in-flight packets → fixes this!

🔹 5. Pipelined Protocols: Go-Back-N & Selective Repeat

✅ Basic Idea: Pipelining

Send N packets before waiting for ACK → improves utilization

Use sequence numbers to track packets

Window size = N → max unACKed packets allowed

✅ Go-Back-N (GBN) — Simpler, Less Efficient

Feature	GBN
ACK Type	Cumulative ACK → ACK(n) means 0–n received
Receiver	Discards out-of-order packets → only buffers in-order
Sender	On timeout → retransmit all packets from the lost one onward
Window Size	Max N = `2^k – 1` (for k-bit sequence numbers)

Why? Simpler receiver logic → no buffer needed Drawback: Wastes bandwidth if only one packet lost

✅ Example: Window size=4. Packet 2 lost → sender retransmits 2,3,4,5 (even if 3,4,5 arrived OK)

✅ Selective Repeat (SR) — Efficient, Complex

Feature	SR
ACK Type	Individual ACKs for each correctly received packet
Receiver	Buffers out-of-order packets, delivers only in-order
Sender	Retransmits only timeout packet, not whole window
Window Size	Max N = `2^{k-1}` — must be ≤ half sequence number space

💡 Critical Rule: Window size ≤ half sequence number space → to avoid “duplicate ACK” ambiguity ❌ Example: 2-bit seq nums (0,1,2,3), window=3 → ambiguity if 0 lost & retransmitted

✅ Use Case: High-bandwidth, high-delay networks (e.g., satellite)

✅ Comparison: GBN vs SR

Scenario	Go-Back-N	Selective Repeat
Packet 3 lost	Retransmit 3,4,5,6	Retransmit 3 only
ACK 4 lost	Retransmit 4,5,6	Retransmit 4 only
Receives out-of-order	Discards	Buffers
Receiver Buffer	Small	Large
Complexity	Low	High
Efficiency	Low	High

✅ TCP uses GBN-style (cumulative ACK) + fast retransmit to simulate SR

🔹 6. TCP: Connection-Oriented Reliability

✅ TCP Features (Must Memorize!)

✅ Connection-oriented → 3-way handshake

✅ Reliable, in-order byte stream → no message boundaries

✅ Flow control: via rwnd field

✅ Congestion control: congestion avoidance, slow start

✅ Full-duplex: both sides send/receive simultaneously

✅ ACKs: Cumulative, delayed, duplicate

✅ Retransmissions: timeout + fast retransmit (3 dup ACKs)

✅ TCP Segment Header (20+ bytes)

Field	Purpose	Size
Source Port	Sender port	16 bits
Destination Port	Receiver port	16 bits
Sequence Number	Byte # of first byte of data	32 bits
Acknowledgement Number	Next byte expected	32 bits
Header Len	TCP header size (in 32-bit words)	4 bits
Flags: URG, ACK, PSH, RST, SYN, FIN	Connection control	6 bits
Receive Window (rwnd)	How many bytes receiver can accept	16 bits
Checksum	Covers pseudo-header + header + data	16 bits
Urgent Pointer	Used with URG flag (rare)	16 bits
Options	e.g., MSS, Window Scaling	variable

🔑 Key Insight: Sequence numbers = bytes (not packets)! This enables reassembly in order → stream abstraction

✅ TCP Sequence & ACK Numbers

Case	Example
A sends: “C” (seq=42, 1 byte) → B gets it	B ACKs: ACK=43 (next expected byte)
B replies: “C” (seq=79, 1 byte) → A gets it	A ACKs: ACK=80

✅ ACK=80 means: “I received up to byte 79. Next I expect byte 80.”

✅ TCP Round-Trip Time (RTT) Estimation

Used to set timeout values

Formula	Description
`EstimatedRTT = (1-α) * EstimatedRTT + α * SampleRTT`	Exponential Weighted Moving Avg (EWMA) — α = 0.125
`DevRTT = (1-β) * DevRTT + β *	SampleRTT – EstimatedRTT
`TimeoutInterval = EstimatedRTT + 4 * DevRTT`	Safety margin = 4× stddev

✅ More variation → higher timeout → avoids premature retransmits

🔹 7. TCP Reliable Data Transfer: Fast Retransmit & Delayed ACK

✅ TCP ACK Generation Rules [RFC 5681]

Event	Action
In-order segment received → no pending ACK	Delayed ACK: wait ≤500ms for next segment
In-order segment received → pending ACK	Send single cumulative ACK
Out-of-order segment	Send duplicate ACK (ACK of last in-order byte)
Segment fills gap	Send 立即 ACK

✅ Fast Retransmit (Crucial!)

Sender receives 3 duplicate ACKs → assume loss → retransmit immediately

Avoids timeout → improves performance

Works because 3 dup ACKs = 3 packets received after a gap → probable lost segment in between

❗ TCP Reno uses 3 dup ACKs → fast retransmit ❗ TCP Tahoe waits for timeout → slower

🔹 8. TCP Flow Control

✅ Purpose

Prevent sender from overwhelming receiver’s buffer

✅ How It Works

Receiver advertises available buffer space in rwnd field of TCP header

Sender only sends up to min(cwnd, rwnd) bytes

rwnd = RcvBuffer – (LastByteReceived – LastByteRead)

💡 Example: Receiver buffer = 4KB Bytes received = 5000 Bytes read by app = 3000 → rwnd = 4096 – (5000 - 3000) = 4096 – 2000 = 2096 → Sender can only send 2096 bytes more.

✅ rwnd can shrink → receiver tells sender “slow down”

🔁 Always observe: TCP is receiver-driven → Pearl of orchestration

🔹 9. TCP Connection Management: 3-Way Handshake

✅ Steps

Step	Message	Meaning
1	SYN (seq=x)	Client → server: “I want to connect, my seq=x”
2	SYN-ACK (seq=y, ack=x+1)	Server → client: “I accept, my seq=y, I expect your next byte=x+1”
3	ACK (ack=y+1)	Client → server: “Got it, I expect your next byte=y+1”

🔐 States:
Client: CLOSED → SYN_SENT → ESTABLISHED
Server: LISTEN → SYN_RCVD → ESTABLISHED

✅ Why 3-Way? (Not 2-Way!)

To prevent half-open connections

Example: Stale SYN gets retransmitted → server accepts → client gone → dangling connection

✅ Human analogy:
“On belay?”
“Belay on.”
“Climbing.” → mutual confirmation

✅ Connection Termination: 4-Way FIN Handshake

Step	Message	Meaning
1	FIN (seq=x)	Client: “I’m done sending” → `FIN_WAIT_1`
2	ACK (ack=x+1)	Server: “Got your FIN” → `CLOSE_WAIT`
3	FIN (seq=y)	Server: “I’m done too” → `LAST_ACK`
4	ACK (ack=y+1)	Client: “Got it” → `TIME_WAIT` → `CLOSED`

💡 TIME_WAIT: Client waits 2× MSL (max segment lifetime) to ensure last ACK arrives → prevents old packets from reappearing

🔹 10. TCP Congestion Control

✅ Congestion vs Flow Control

Flow Control	Congestion Control
Prevent sender from overwhelming ONE receiver	Prevent sender from overwhelming NETWORK
Managed by receiver via rwnd	Managed by sender via cwnd
Always active	Activated when network gets busy

✅ Congestion Signs

Packet loss (buffer overflow)

Increase in RTT (queueing delay)

❗ TCP treats any loss as congestion — even wireless or noise-induced → suboptimal

✅ TCP Congestion Control Phases

Stage	Behavior	Algorithm
Slow Start	aggresively increase	cwnd doubles every RTT → exponential
Congestion Avoidance	linear increase	cwnd += 1 MSS per RTT
Fast Retransmit	react to 3 dup ACKs	cwnd = cwnd/2, ssthresh = cwnd/2, enter recovery
Fast Recovery	after fast retransmit	cwnd = ssthresh + 3 → additive increase
Timeout	slow start restart	cwnd = 1 MSS, ssthresh = cwnd/2

✅ Algorithm State Diagram (Must Know!)

🔁 ssthresh = “slow start threshold” — set to cwnd/2 on loss

✅ Actions:
On 3 dup ACKs: ssthresh = cwnd/2, cwnd = ssthresh + 3, enter fast recovery
On timeout: ssthresh = cwnd/2, cwnd = 1, restart slow start

✅ TCP Throughput Formula

Average throughput ≈ 1.22 × MSS / (RTT × √L) — Mathis Formula —

Scenario	L (loss rate)	Throughput
1 Gbps, 100ms RTT	10⁻¹⁰	~10 Gbps! ✅
100 Mbps, 20ms RTT	10⁻⁴	~200 Mbps

💡 High-speed long pipes need extremely low loss → TCP Reno struggles

🔹 11. Advanced TCP: CUBIC & BBR

✅ TCP CUBIC (Linux default until ~2024)

Uses cubic function to scale cwnd → faster recovery after loss

Smooth, predictable window growth

Avoids aggressive ramp-down → better network utilization

Key Idea:

After packet loss → cwnd = W_max / 2

Modern delay → W_max hasn’t changed much

So, ramp back to W_max faster, then slow down

✅ Result: Better for high-BDP (bandwidth-delay product) networks

✅ BBR (Bottleneck Bandwidth and Round-Trip time)

Sending rate based on measured bandwidth + min RTT — no loss!

Doesn’t wait for loss → probes to find max capacity

Sends just enough to fill pipe → avoid queuing

Phases:

Startup: Increase rate fast until throughput plateaus

Drain/BTL: Reduce rate → drain queue → find true min RTT

Probe BW: Adjust rate up/down based on recent throughput

✅ Used by Google, YouTube, Cloudflare → higher throughput, lower latency ✅ Newer standard → replacing CUBIC in many modern systems

🔹 12. QUIC & HTTP/3: Transport Layer in Application Layer

Aspect	TCP	QUIC (Over UDP)
Transport Protocol	TCP	UDP
Encryption	TLS (separate handshake)	QUIC built-in → TLS 1.3
Handshake	3-way + TLS handshake (2 RTTs)	1-RTT or 0-RTT
Multiplexing	Single stream per connection → HOL blocking	Multiple independent streams → No HOL blocking
Congestion Control	TCP Reno/CUBIC	QUIC’s own (TCP-like)
Connection Migration	Hard (depends on IP:port)	✅ Easy — based on connection ID

✅ QUIC = UDP + TLS + TCP-like reliability + multiplexing

🔹 13. Evolution & Trends in Transport Layer

Challenge	Traditional TCP	Modern Solutions
High-speed, long pipes (fat pipes)	Slow recovery after loss	TCP CUBIC / BBR
Wireless loss	Treats bit errors as congestion	TCP Westwood, TCP for WiFi
Long RTT (satellite)	Slow start takes too long	TCP Window Scaling, SACK, BBR
Data centers	High sensitivity to latency	BBR, DCTCP
Background flows	All flows treat equally	Fair queuing, ECN
Security	TLS + TCP separate	QUIC (crypto built-in)

✅ Trend: Move transport logic to application layer → take control from infrastructure

🚨 Chapter 3: Exam Checklist (Must Know!)

Topic	Must Know?
Multiplexing vs Demultiplexing (UDP vs TCP)	✔️✔️✔️
UDP header, checksum, use cases	✔️✔️
rdt1.0 to rdt3.0 progression	✔️✔️
Stop-and-Wait utilization formula	✔️✔️
GBN vs SR — window size, ACK types, retransmission	✔️✔️✔️
TCP segment structure — seq #, ack #, rwnd, flags	✔️✔️✔️
3-way handshake steps & states	✔️✔️✔️
4-way FIN handshake	✔️✔️
Delayed ACKs, Fast Retransmit (3 dup ACKs)	✔️✔️✔️
TCP flow control — rwnd	✔️✔️
Congestion control phases — Slow Start, CA, Fast Recovery, Timeout	✔️✔️✔️
ssthresh, cwnd behavior on events	✔️✔️
Mathis formula → high-speed TCP	✔️ (Can be asked to calculate)
CUBIC vs BBR — intuition	✔️
QUIC → built-in encryption, 0-RTT, no HOL blocking	✔️✔️
TCP over wireless – limitation	✔️

🧠 Key Takeaways (Quote These in Exams!)

• “Transport layer enables process-to-process communication — IP only does host-to-host.” • “TCP is reliable, ordered, flow- and congestion-controlled — UDP is ‘fire and forget.’” • “Sequence numbers count bytes, not packets — making TCP a byte stream!” • “3 duplicate ACKs mean a packet is lost — don’t wait for timeout!” • “Congestion control is not about bandwidth — it’s about queueing delay and loss. “ • “CUBIC is for high-speed networks, BBR is for low-latency, and QUIC is the future.” • “The Internet is moving transport functions to the application layer — TCP is no longer the only option.”

📚 Practice Suggestions for Exam Prep

✅ Simulate TCP handshake with 3 states on paper

✅ Practice drawing GBN/SR timelines with lost packets

✅ Calculate stop-and-wait utilization given L, R, RTT

✅ Trace TCP fast retransmit with 3 dup ACKs

✅ Write down TCP header fields (seq, ACK, rwnd, flags, checksum)

✅ Use Wireshark to capture TCP 3-way handshake → identify SYN, ACK, flags

✅ Review cwnd growth on diagram: slow start → CA → loss → recovery → CA

✅ You now command the Transport Layer: from UDP sockets to BBR congestion. You’re ready for Chapter 4 (Network Layer: Data Plane) — the core of the Internet!

Good luck, future network engineer! 🌐💾🔧