0 1 00:00:01,060 --> 00:00:04,420 ... 1 2 00:00:07,160 --> 00:00:15,380 OSI Layer-4 provides host-to-host communication services such as connection 2 3 00:00:15,380 --> 00:00:21,900 connection-oriented data stream support, reliability, flow control, and multiplexing 3 4 00:00:21,900 --> 00:00:30,190 for applications. TCP and UDP most common protocols used in this layer 4 5 00:00:31,430 --> 00:00:41,540 Let's take a look to the TCP versus UDP. TCP is suited for applications that require high reliability 5 6 00:00:41,600 --> 00:00:46,180 and transmission time is relatively less critical. 6 7 00:00:46,250 --> 00:00:54,200 UDP is suitable for applications that need fast, efficient transmission, such as games. 7 8 00:00:54,310 --> 00:01:02,540 UDP's stateless nature is also useful for servers that answer small queries from huge numbers 8 9 00:01:02,540 --> 00:01:12,710 of clients. Another difference is TCP rearranges data packets in the order specified.UDP has no inherent 9 10 00:01:12,710 --> 00:01:16,920 order as all packets are independent of each other. 10 11 00:01:16,940 --> 00:01:26,790 If ordering is required, it has to be managed by the application layer.The speed for TCP is slower 11 12 00:01:26,830 --> 00:01:34,590 than UDP.UDP is faster because error recovery is not attempted 12 13 00:01:34,790 --> 00:01:46,040 It is a "best effort" protocol. TCP does Flow Control. TCP requires three packets to set up a socket connection, 13 14 00:01:46,310 --> 00:01:50,660 before any user data can be can be sent. 14 15 00:01:50,810 --> 00:01:55,590 TCP handles reliability and congestion control. 15 16 00:01:55,670 --> 00:02:00,600 UDP does not have an option for flow control 16 17 00:02:00,710 --> 00:02:04,910 And lastly TCP is connection oriented – 17 18 00:02:05,060 --> 00:02:16,430 once a connection is established, data can be sent bidirectional. UDP is a simpler, connectionless 18 19 00:02:16,700 --> 00:02:18,010 protocol. 19 20 00:02:18,680 --> 00:02:25,940 So in computer networking, port numbers are part of the addressing 20 21 00:02:25,970 --> 00:02:32,430 information used to identify the senders and receivers of messages. 21 22 00:02:32,570 --> 00:02:41,260 Port numbers allow different applications on the same computer to share network resources simultaneously. 22 23 00:02:41,480 --> 00:02:49,280 Let's say that we have a client in here and let's say that this client want to use different applications 23 24 00:02:49,280 --> 00:02:58,350 such as electronic mail html page like surfing on the web and by using the internet chat. 24 25 00:02:58,350 --> 00:03:08,130 Maybe. if this guy wants to use this different application it should use different port numbers to reach 25 26 00:03:08,250 --> 00:03:12,070 to these different applications. 26 27 00:03:12,360 --> 00:03:21,150 So we have a comment that we can use on our laptops our PCs our Windows machines or something like that 27 28 00:03:21,510 --> 00:03:22,940 on the command line. 28 29 00:03:22,950 --> 00:03:32,550 If we type "netstat" we can see some statistics.netstat (network statistics) is a command-line network utility tool that 29 30 00:03:32,550 --> 00:03:42,150 displays network connections for the Transmission Control Protocol (both incoming and outgoing), 30 31 00:03:42,420 --> 00:03:46,140 routing tables, and a number of network interface. 31 32 00:03:46,140 --> 00:03:57,360 As you can see here, here are the source IP addresses these are the source ports and these are the destination 32 33 00:03:57,360 --> 00:04:01,470 ports that the user wants to reach. 33 34 00:04:01,470 --> 00:04:10,740 For example in here this guy wants to reach the 80 port and the communication is established. 34 35 00:04:10,740 --> 00:04:22,770 So The port numbers in the range from 0 to 1023 are the well-known ports or system ports. 35 36 00:04:22,940 --> 00:04:23,950 ... 36 37 00:04:23,970 --> 00:04:30,730 They are used by system processes that provide widely used types of network services. 37 38 00:04:30,750 --> 00:04:43,140 For example a well-known port is FTP, and FTP uses TCP protocol and port number of FTP 38 39 00:04:43,230 --> 00:04:44,850 is 20. 39 40 00:04:44,880 --> 00:04:46,820 For example :Telnet. 40 41 00:04:46,890 --> 00:04:55,830 This is a remote access protocol and telnet uses TCP protocol and protocol number is twenty three 41 42 00:04:56,160 --> 00:04:59,630 and DNS 42 43 00:04:59,640 --> 00:05:09,530 That can use UDP or TCP and the port number is fifty three. In data communications networks, packet 43 44 00:05:09,530 --> 00:05:10,500 segmentation 44 45 00:05:10,540 --> 00:05:19,210 is the process of dividing a data packet into smaller units for transmission over the network. Packet 45 46 00:05:19,220 --> 00:05:26,360 segmentation happens at layer four of the OSI model or the transport layer. 46 47 00:05:26,510 --> 00:05:28,550 Segmentation may be required 47 48 00:05:28,550 --> 00:05:36,920 When The data packet is larger than the maximum transmission unit supported by the network and when 48 49 00:05:36,920 --> 00:05:39,010 the network is unreliable. 49 50 00:05:39,020 --> 00:05:47,600 and it is desirable to divide the information into smaller segments to maximize the probability 50 51 00:05:47,900 --> 00:05:55,130 that each one of them can be delivered correctly to the destination 51 52 00:05:55,130 --> 00:06:01,290 So let's talk about the TCP And UDP details. 52 53 00:06:01,330 --> 00:06:12,330 The client–server model is a distributed application structure that partitions tasks or workloads between 53 54 00:06:12,500 --> 00:06:21,050 the providers of a resource or service, called servers, and service requesters, called clients. 54 55 00:06:21,250 --> 00:06:29,740 For example if you try to open the networkel.comweb page your computer's web browser is the client 55 56 00:06:29,740 --> 00:06:34,270 client program that requested services from the networkel.com server 56 57 00:06:34,360 --> 00:06:39,330 which technically is called an HTTP server 57 58 00:06:39,430 --> 00:06:43,450 So you could read the web page of networkel. 58 59 00:06:43,750 --> 00:06:46,180 So in here you have. 59 60 00:06:46,320 --> 00:06:59,080 we have some protocols that are using TCP protocol and they are FTP,file transfer protocol and telnet 60 61 00:07:00,100 --> 00:07:02,040 and HTTP. 61 62 00:07:02,050 --> 00:07:06,130 This is the protocol we use when we are surfing on the web. 62 63 00:07:06,130 --> 00:07:14,640 As you know so, these clients are using some port numbers in this range. 63 64 00:07:14,680 --> 00:07:25,300 As you can see and they're interacting with the server to get these services from them for example this 64 65 00:07:25,450 --> 00:07:31,610 PC one wants to take an FTP service from the server. 65 66 00:07:31,660 --> 00:07:38,210 So it's using the destination port of 20 of the server. 66 67 00:07:38,530 --> 00:07:45,660 For example this PC, PC two wants to take an HTTP service from the server. 67 68 00:07:45,910 --> 00:07:52,590 So it's using the destination port 80 while it's connecting the server. 68 69 00:07:55,100 --> 00:08:03,470 A three-way handshake is a method used in a TCP/IP network to 69 70 00:08:03,470 --> 00:08:07,060 create a connection between a local host and server. 70 71 00:08:07,070 --> 00:08:17,390 It is a three-step method that requires both the client and server to exchange SYN and ACK (acknowledgment) 71 72 00:08:17,480 --> 00:08:21,480 packets before actual data communication begins. 72 73 00:08:23,360 --> 00:08:26,260 To establish a TCP session 73 74 00:08:26,340 --> 00:08:33,380 we have SYN , SYN-ACK and ACK steps. 74 75 00:08:33,450 --> 00:08:42,780 In the SYN step Client sends session request to server. In response, the server replies with a SYN-ACK. 75 76 00:08:43,000 --> 00:08:47,920 Then Finally, the client sends an ACK back to the server 76 77 00:08:47,970 --> 00:08:52,000 For example let's say that the client wants to 77 78 00:08:52,020 --> 00:09:00,270 establish a TCP session with server. what client is doing first, it's sending a SYN packet 78 79 00:09:00,310 --> 00:09:06,470 with a sequence number of 1000. 79 80 00:09:06,750 --> 00:09:17,590 The server gets the syn packet and replies back with the syn and acknowledgement message and saying 80 81 00:09:17,590 --> 00:09:31,180 that my sequence number of this message is 2000 and I'm acknowledging that you'll send me the sequence 81 82 00:09:31,180 --> 00:09:33,350 number 1000 packet. 82 83 00:09:33,430 --> 00:09:34,080 All right. 83 84 00:09:34,390 --> 00:09:39,520 And increasing the number of the sequence by 1 as you can see. 84 85 00:09:39,910 --> 00:09:53,990 Then this third step is the client is responding back with an ACK again and saying that this ACK has 85 86 00:09:54,000 --> 00:10:01,610 a sequence number of one thousand one because my syn's sq. number was 1000. 86 87 00:10:01,650 --> 00:10:04,880 And this is my next packet that I'm sending to you. 87 88 00:10:04,890 --> 00:10:14,610 And this has a sequence number of 1001 and I am ACKing the packet that you sent me 88 89 00:10:14,610 --> 00:10:23,420 with the sequence number of 2000 and the acknowledgement number is 2001. 89 90 00:10:23,670 --> 00:10:29,870 All right , when we try to terminate a TCPsession 90 91 00:10:29,980 --> 00:10:39,170 The steps we are using is the first fin then ack 91 92 00:10:42,070 --> 00:10:44,960 plus fin after this. 92 93 00:10:45,160 --> 00:10:51,460 The first is fin then ack then fin the receivers side. 93 94 00:10:51,460 --> 00:10:56,840 Then this guy is sending and ack again. 94 95 00:10:57,250 --> 00:11:03,050 The steps are fin - ack -fin -ack 95 96 00:11:03,150 --> 00:11:04,520 This is by B. 96 97 00:11:04,540 --> 00:11:15,830 These are by a. let's talk about the TCP re-order process right now . if you want to send a packet 97 98 00:11:15,830 --> 00:11:21,100 from site a to site B 98 99 00:11:21,200 --> 00:11:30,230 you have two different networks and they are IP Network 1 and IP Network 2. When packets are being 99 100 00:11:30,230 --> 00:11:34,700 sent, Segments may split to different paths , 100 101 00:11:34,700 --> 00:11:45,860 some of them may prefer IP Network 1 and some of them may go over IP Network 2. TCP reorders these 101 102 00:11:46,010 --> 00:11:48,050 packets at the destination. 102 103 00:11:48,050 --> 00:11:54,000 And this process is known as TCP reorder process. 103 104 00:11:54,050 --> 00:11:58,750 This process is not available for UDP guys. 104 105 00:11:58,760 --> 00:12:08,150 Please pay attention that. The TCP windowing is an option to increase the receive window size 105 106 00:12:08,240 --> 00:12:14,390 allowed in Transmission Control Protocol above its maximum value. 106 107 00:12:14,450 --> 00:12:22,920 The TCP window size, is simply an advertisement of how much data (in bytes) the receiving device 107 108 00:12:23,170 --> 00:12:32,240 is willing to receive at any point in time. The receiving device can use this value to control 108 109 00:12:32,240 --> 00:12:39,320 the flow of data, or as a flow control mechanism. as you can see in here. 109 110 00:12:40,680 --> 00:12:50,270 There is a TCP session between PCand server , PCis sending a packet to this guy. 110 111 00:12:51,120 --> 00:12:56,160 And this guy ACKs the first guy. 111 112 00:12:56,220 --> 00:12:57,000 All right. 112 113 00:12:57,170 --> 00:13:07,460 Then PC is sending the packet two and packet three and Server is responding back with acknowledgment 113 114 00:13:07,470 --> 00:13:09,350 message again. 114 115 00:13:10,380 --> 00:13:24,040 But in here this guy is sending four five and six to server but this time what is going on in here is the 115 116 00:13:24,120 --> 00:13:35,160 acknowledgement number is seven, which means I couldn't get the sequence number seven because in here 116 117 00:13:35,160 --> 00:13:36,330 please pay attention. 117 118 00:13:36,360 --> 00:13:43,860 I am sending the sequence number one and the acknowledgement is two in here 118 119 00:13:43,890 --> 00:13:54,090 I'm getting the sequence number three and ack is four but in here I am sending an 119 120 00:13:54,090 --> 00:14:00,910 acknowledgement of seven which means I got the sequence number six. 120 121 00:14:01,110 --> 00:14:14,280 Lastly . then the PC is sending the 7 8 9 again, again the seven and plus eight and nine. 121 122 00:14:14,310 --> 00:14:22,660 Then the server is acknowledging with the 10 and that means everything is OK. 122 123 00:14:22,680 --> 00:14:28,210 So let's take a look to the UDP protocol some now. UDP provides 123 124 00:14:28,230 --> 00:14:31,900 As I told you you unreliable data transfer. 124 125 00:14:31,920 --> 00:14:40,650 And as I told you again we don't have a reorder process .that's a connectionless protocol and loss of data may occur 125 126 00:14:40,660 --> 00:14:52,980 and used for application that requires fast delivery and no delay. and UDP has a client server 126 127 00:14:52,980 --> 00:15:05,940 model as well as TCP too. Protocols such as DNS, TFTP or SNMP are using the UDP protocol. 127 128 00:15:05,940 --> 00:15:16,410 So for example if PC one wants to get the DNS server from this guy that sends the UDP packets and saying 128 129 00:15:16,560 --> 00:15:24,610 that hey guy destination port is 53 that means I need that DNS service from you. 129 130 00:15:24,750 --> 00:15:31,910 For example let's take a look to the this client which is PC 2 , this is as an SNMP client and SNMP 130 131 00:15:31,910 --> 00:15:34,360 uses UDP also. 131 132 00:15:34,350 --> 00:15:43,620 So this is sending UDP messages and with the destination port of one hundred and sixty one to get the 132 133 00:15:44,010 --> 00:15:47,480 SNMP service from this server.