Layer 4: the Transport Layer

At the very middle of the OSI model, you would find the transport layer. When first looking at it, it might sound a little mis-leading. Why is it called the ‘transport’ layer? Shouldn’t layer 1, the ‘physical’ layer, be called the transport layer instead? Layer 1 is responsible for actually transporting the bits from one device to another. However, when going down the OSI model, layer 4 is the first layer that is responsible for preparing the data to be transported. For example, let’s pretend that you plan to send your home entertainment center to a family member because you just bought a new one, and your family member does not have one. The home entertainment center includes the furniture that holds everything, a TV, surround sound w/ speakers, DVD player and a VCR player. How would you begin to send something like that? You would do it in these steps:

1. Take it apart. You would disconnect the equipment, role up all the cables and dismantle the furniture. Hopefully, you would include instructions so that your family member would be able to put everything back together.
2. Place everything in boxes. On the boxes, you would put your return address and the destination address to the family member so a parcel service knows where to send the package.
3. You would schedule a pickup from a parcel service such as UPS, Fedex or USPS. (In reality, this will be very expensive, but this is not reality, it is fantasy land ) The parcel service might use route numbers and truck numbers. These numbers are only relevant internally to that particular company.
4. Your package will be moved from your house to your family member’s house via road, railroad, air or water.

These are the simple steps followed in order to send something physical, such as an entertainment center. Believe it or not, the model to send something digital follows a similar concept:

1. Layer 4 divides the information into ‘segments.’ The segments maybe numbered so the receiving machine can arrange them back in order.
2. Layer 3 takes the segments and makes ‘packets.’ The source IP address and destination IP address are added so networking devices know where to send the packets.
3. Data is sent to a layer 2 device (NIC card.) The packets are converted into ‘frames’ so layer 2 devices can communicate with each other.
4. The frames are sent over a layer 1 device and medium such as air, glass or copper.

As you can see, there is a good reason why layer 4 is called the ‘transport’ layer. Layer 4 is responsible for dividing data into chunks on the transmitting end, and putting the chunks back together at the receiving end. These chunks are called segments, which is the Layer 4 PDU.

Just as you would expect from my posts about lower layers, there are protocols that work on Layer 4:
Transport Control Protocol (TCP) – TCP is the dominant layer 4 protocol. It is one of two choices that can be used over the Internet. It uses ‘windowing’ in order to provide reliability for the transmission between source and destination. This is a connection-oriented protocol.
User Datagram Protocol (UDP) – UDP is the second popular layer 4 protocol. TCP and UDP are the two choices that can be used over the Internet. Unlike TCP, UDP uses ‘best-effort’ to transmit the information. It does not have reliability, but has less overhead than TCP. It is used frequently, especially in scenarios where the requirement of performance is more important than reliability.
Sequence Packet Exchange (SPX) – The protocol used in legacy Novell networks. It is similar to TCP in that it provides reliability.
AppleTalk Transaction Protocol (ATP) – The protocol used in legacy AppleTalk networks.

The protocols that are mostly used today are TCP and UDP, which will be the focus of this posting.

TCP

TCP is a protocol that is part of the TCP/IP protocol stack.  IP is on layer 3, while TCP is part of layer 4.  The job of TCP is to break up data into segments, pass them down to the next layer so that the data can be transmitted, receive the data packets, and put the data packets back in order at the receiving side.  In order for this to happen, devices using TCP must first establish a connection with each other.  The process of setting up the connection is called a three-way handshake.  The purpose of the hand shake is to do the following:
-Inform the destination device that the source device wants to send data
-Inform the source device that the destination is ready to receive information (also known as an acknowledge)
-Negotiate the rules for the transmission

TCP is a great automated self-reliable protocol.  The basis of all of its greatness is the fact that it numbers its segments, by using sequence numbers.  If there are 10 segments to send, it would number them 1, 2, 3, 4, 5, 6, 7, 8, 9, and 10.  Using sequence numbers, TCP is able to accomplish the following:
Ordering – the destination can receive the segments out of order and put them back in order based on the sequence number. This is great considering the Internet is also known as the World Wide Web; segments might take different routes to the destination with each route varying in time it takes.
Reliability – if the destination does not receive a segment, it can request the source to retransmit.
Flow Control – The source and destination can negotiate how many segments should be transmitted at a time. That way, TCP can take advantage of faster and more reliable networks (such as a LAN) by sending more segments at once while sending fewer segments over slower networks (such as a WAN).

Let’s assume we want to transmit 100 segments.  In order for this to happen, both devices must decide how many segments needs to be sent at once.  This is called windowing.  If they negotiated a window of ’10′, the source device would send 10 segments at a time to the destination device.  So, in our example, segments 1 through 10 would be sent to the destination.  The source will then wait for an acknowledgment from the destination before sending the next segments (11 through 20.)  If the destination received all segments, it will acknowledge the source by requesting the 11th segment.  However, what if it received all segments except for segment 4?  The destination would send an acknowledgment ’4′ back to the source.  This tells the source ‘based in our window, send the next segments starting with number 4.)  The source would then transmit segments 4 through 13, even though the transmission of 5 through 10 was a success.

On a faster, more reliable network, it would make sense to have a big window.  That way, the destination would have to send less acknowledgments back to the source.  However, if it is common for segments not to make it to the destination, a smaller window size would be more practical.  That way, the source does not have to retransmit a lot of segments.  In our example, if the window size was ’5′ instead of ’10′ and the destination did not receive segment ’4′, the source would only have to retransmit segments 4 and 5 while sending segments 6 and 7 for the first time instead of resending 4 through 10 with 11 through 13 being sent for the first time.  This is automatically adjusted based on reliability and time.  This process is called variable flow control.  Not only is the window size controlled automatically, but also the size of the segments themselves.  Faster networks would use bigger segment sizes (more of the actual data inside the segments) than slower networks.

UDP

UDP is much less complicated than TCP.  The original idea behind UDP is to allow computer systems to send ‘messages’ or ‘datagrams’ over a network.  In UDP, there is no hand-shaking to establish a connection.  There are no ‘sequence-numbers.’  The destination can receive segments out-of-order, and not know how to put them back in order.  There can also be missing segments and the destination will not request for a retransmission or notice if one is missing.  However, UDP is a practical alternative to TCP if data reliability does not matter or if the data reliability is handled by a higher-level protocol/application.  With no hand-shakes or acknowledgments, less bandwidth is used.

Examples of where data reliability is not important:
Online gaming – Characters might freeze every once in a while, but games use a lot of bandwidth and need the advantage of using less overhead.
VoIP – Talking to someone over the Internet? If a segment is loss, you might here a crackle, but it is more important to have that constant stream in real time.
Video Streaming – A few missing segments might cause some missing frames, creating a few glitches to your movie. However, you want that movie streamed to your computer as fast as possible.

UDP and VPN

VPN is a great example where you would also want to use UDP. VPN (Virtual Private Network) is a way to connect LAN segments together over the Internet. If you have site A and site B, with each having their own LAN, but you want sites A and B to act as though they are on the same network (following the same IP addressing scheme and subnet,) you would use VPN. How VPN works in a nutshell is the data gets encapsulated through layer 4 and layer 3. In order for the packets to be sent sent over the Internet, the packets get re-encapsulated through layers 4 and 3 a second time. Think of the first encapsulation is like putting on your shirt. The shirt you are wearing is suitable for your house and your work. However, it is cold outside. So, in order to travel from work to your house, you have to put on a coat. You put it on before leaving work, and you take it off when you arrive home. The first encapsulation using VPN is suitable for inside both local area networks (it has a private IP address.) However, the packets need to be encapsulated for a second time so that when it is sent over the Internet, it has a public IP address. The second encapsulation is stripped once the packet reaches to the other LAN, thus the packet can be released as though it was not sent over the Internet at all. When encapsulating the data the first time, it is best to use TCP. However, the second encapsulation should use UDP. That way, you are not doing ‘TCP over TCP,’ which would cause double the workload.

Resources