Transmission control protocol TCP

Posted by google_man2000 on Fri, 26 Nov 2021 04:32:22 +0100

Transmission control protocol TCP

The ultimate purpose of transport layer protocol is to provide reliable end-to-end transmission of data

TCP is a connection oriented protocol, because it will initiate a formal connection before transmitting data to track the delivery of data packets. When the transmission is about to end, he will officially close the pipeline of the session

TCP header

0-78-1516-2324-31
Source portSource portTarget portTarget port
Serial numberSerial numberSerial numberSerial number
Confirmation numberConfirmation numberConfirmation numberConfirmation number
(0-3 data offset) (4-7 reserved bits)signWindow sizeWindow size
ChecksumChecksumEmergency pointerEmergency pointer
optionoptionoptionoption
  • Source port: the port used to transmit packets

  • Destination port: the port to which the packet is sent

  • Serial number: this number is used to represent a TCP fragment. This field is used to ensure that there is no missing part in the data stream

  • Confirmation number: this number is the next confirmation number expected from another device in communication

  • Flags: URG ACK PSH PST SYN FIN flags are used to indicate the type of TCP packets transmitted

  • Window size: the byte size of the TCP receiver buffer

  • Checksum: used to ensure the integrity of TCP header and data content before reaching the destination

  • Emergency pointer: if the URG bit is set, this field will be checked as an additional instruction to tell the CPU where to start reading data from the packet

  • Options: various options, which can be specified in TCP packets

Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1
Transmission Control Protocol, Src Port: 59175, Dst Port: 56025, Seq: 0, Len: 0
 Source port
    Source Port: 59175
 Destination port
    Destination Port: 56025
 Serial number
    [Stream index: 0]
    [TCP Segment Len: 0]
    Sequence number: 0    (relative sequence number)
    Sequence number (raw): 3357358121
    [Next sequence number: 1    (relative sequence number)]
 Confirmation number
    Acknowledgment number: 0
    Acknowledgment number (raw): 0
    1000 .... = Header Length: 32 bytes (8)
 sign
    Flags: 0x002 (SYN)
 Window size
    Window size value: 65535
    [Calculated window size: 65535]
 Checksum
    Checksum: 0xb4a1 [unverified]
    [Checksum Status: Unverified]
 Emergency pointer
    Urgent pointer: 0
 option
    Options: (12 bytes), Maximum segment size, No-Operation (NOP), Window scale, No-Operation (NOP), No-Operation (NOP), SACK permitted
    [Timestamps]

TCP window

  • Port: find the corresponding application. 1-1023 are standard port groups. Specific services will use these standard ports usually located in the standard port group. 1024-65535 is the temporary port number. When a service wants to communicate, the operating system will randomly select a source port here and let the communication use a unique source port.

TCP triple handshake

All TCP communication starts with three handshakes, and the purpose of three handshakes is

  • Ensure that the transmission host can determine that the destination host is online and communicate
  • Let the transport host determine that the target host is listening for the port that the transport host is trying to connect to
  • The transmission host is allowed to send its starting serial number to the target host, so that the two hosts can keep the session in order

Three steps

① Client A sends A TCP packet to server B. This initial packet does not contain any data except the underlying protocol. This packet sets the SYN flag and contains the initial serial number and the maximum segment size MSS that will be used in the communication process.

② Host B replied a packet with SYN and ACK flags set and its initial serial number

③ Host A sends the last packet with only ACK flag set to host B

After the above three steps are completed, they all know the serial number that the other party starts to send, and they can start communication

The first TCP packet of three handshakes, source port number 59299, destination port number 80, sequence number 0, confirmation number 0, flag syn packet, window size: 64240

Transmission Control Protocol, Src Port: 59299, Dst Port: 80, Seq: 0, Len: 0
    Source Port: 59299
    Destination Port: 80
    [Stream index: 2]
    [TCP Segment Len: 0]
    Sequence number: 0    (relative sequence number)
    Sequence number (raw): 750933292
    [Next sequence number: 1    (relative sequence number)]
    Acknowledgment number: 0
    Acknowledgment number (raw): 0
    1000 .... = Header Length: 32 bytes (8)
    Flags: 0x002 (SYN)
    Window size value: 64240
    [Calculated window size: 64240]
    Checksum: 0xd036 [unverified]
    [Checksum Status: Unverified]
    Urgent pointer: 0
    Options: (12 bytes), Maximum segment size, No-Operation (NOP), Window scale, No-Operation (NOP), No-Operation (NOP), SACK permitted
    [Timestamps]

The second TCP packet of the third handshake, source port number 80, destination port number 59299, serial number 0, confirmation number 1, flag syn, ack packet, window size: 42340 (indicating that the buffer of the client is 42340)

Transmission Control Protocol, Src Port: 80, Dst Port: 59299, Seq: 0, Ack: 1, Len: 0
    Source Port: 80
    Destination Port: 59299
    [Stream index: 2]
    [TCP Segment Len: 0]
    Sequence number: 0    (relative sequence number)
    Sequence number (raw): 3885647778
    [Next sequence number: 1    (relative sequence number)]
    Acknowledgment number: 1    (relative ack number)
    Acknowledgment number (raw): 750933293
    1000 .... = Header Length: 32 bytes (8)
    Flags: 0x012 (SYN, ACK)
    Window size value: 42340
    [Calculated window size: 42340]
    Checksum: 0x6108 [unverified]
    [Checksum Status: Unverified]
    Urgent pointer: 0
    Options: (12 bytes), Maximum segment size, No-Operation (NOP), No-Operation (NOP), SACK permitted, No-Operation (NOP), Window scale
    [SEQ/ACK analysis]
    [Timestamps]

Third TCP packet

The source port number is 59299, the destination port number is 80, the sequence number is 0, the confirmation number is 0, the flag is ack packet, and the window size is 258, indicating that the previous packet is a difference

Transmission Control Protocol, Src Port: 59299, Dst Port: 80, Seq: 1, Ack: 1, Len: 0
    Source Port: 59299
    Destination Port: 80
    [Stream index: 2]
    [TCP Segment Len: 0]
    Sequence number: 1    (relative sequence number)
    Sequence number (raw): 750933293
    [Next sequence number: 1    (relative sequence number)]
    Acknowledgment number: 1    (relative ack number)
    Acknowledgment number (raw): 3885647779
    0101 .... = Header Length: 20 bytes (5)
    Flags: 0x010 (ACK)
    Window size value: 258
    [Calculated window size: 66048]
    [Window size scaling factor: 256]
    Checksum: 0xd02a [unverified]
    [Checksum Status: Unverified]
    Urgent pointer: 0
    [SEQ/ACK analysis]
    [Timestamps]

Packets sent during tcp connection

Transmission Control Protocol, Src Port: 80, Dst Port: 59299, Seq: 1, Ack: 288, Len: 0
    Source Port: 80
    Destination Port: 59299
    [Stream index: 2]
    [TCP Segment Len: 0]
    Sequence number: 1    (relative sequence number)
    Sequence number (raw): 3885647779
    [Next sequence number: 1    (relative sequence number)]
    Acknowledgment number: 288    (relative ack number)
    Acknowledgment number (raw): 750933580
    0101 .... = Header Length: 20 bytes (5)
    Flags: 0x010 (ACK)
    Window size value: 22
    [Calculated window size: 45056]
    [Window size scaling factor: 2048]
    Checksum: 0x456e [unverified]
    [Checksum Status: Unverified]
    Urgent pointer: 0
    [SEQ/ACK analysis]
    [Timestamps]

TCP connection packet 2

Transmission Control Protocol, Src Port: 59299, Dst Port: 80, Seq: 288, Ack: 539, Len: 0
    Source Port: 59299
    Destination Port: 80
    [Stream index: 2]
    [TCP Segment Len: 0]
    Sequence number: 288    (relative sequence number)
    Sequence number (raw): 750933580
    [Next sequence number: 288    (relative sequence number)]
    Acknowledgment number: 539    (relative ack number)
    Acknowledgment number (raw): 3885648317
    0101 .... = Header Length: 20 bytes (5)
    Flags: 0x010 (ACK)
    Window size value: 256
    [Calculated window size: 65536]
    [Window size scaling factor: 256]
    Checksum: 0xd02a [unverified]
    [Checksum Status: Unverified]
    Urgent pointer: 0
    [SEQ/ACK analysis]
    [Timestamps]

TCP connection disconnected

TCP termination is used to normally end the connection after two devices complete communication. The connection contains four packets, and FIN is used to represent the end of the connection

① Port 80 sends a disconnect request to port 59229 and sends a FIN and ACK packet to tell 59299 that the communication is completed

Transmission Control Protocol, Src Port: 80, Dst Port: 59229, Seq: 1, Ack: 1, Len: 0
    Source Port: 80
    Destination Port: 59229
    [Stream index: 5]
    [TCP Segment Len: 0]
    Sequence number: 1    (relative sequence number)
    Sequence number (raw): 2334451419
    [Next sequence number: 2    (relative sequence number)]
    Acknowledgment number: 1    (relative ack number)
    Acknowledgment number (raw): 1585190028
    0101 .... = Header Length: 20 bytes (5)
    Flags: 0x011 (FIN, ACK)
    Window size value: 296
    [Calculated window size: 296]
    [Window size scaling factor: -1 (unknown)]
    Checksum: 0x73fb [unverified]
    [Checksum Status: Unverified]
    Urgent pointer: 0
    [Timestamps]

② Port 59229 responds to port 80's acknowledgement of receiving the disconnect request and sends an ACK packet to port 80

Transmission Control Protocol, Src Port: 59229, Dst Port: 80, Seq: 1, Ack: 2, Len: 0
    Source Port: 59229
    Destination Port: 80
    [Stream index: 5]
    [TCP Segment Len: 0]
    Sequence number: 1    (relative sequence number)
    Sequence number (raw): 1585190028
    [Next sequence number: 1    (relative sequence number)]
    Acknowledgment number: 2    (relative ack number)
    Acknowledgment number (raw): 2334451420
    0101 .... = Header Length: 20 bytes (5)
    Flags: 0x010 (ACK)
    Window size value: 2082
    [Calculated window size: 2082]
    [Window size scaling factor: -1 (unknown)]
    Checksum: 0x6e14 [unverified]
    [Checksum Status: Unverified]
    Urgent pointer: 0
    [SEQ/ACK analysis]
    [Timestamps]

③ Port 59229 requests disconnection from port 80 and transmits its own FIN and ACK packets to port 80

Transmission Control Protocol, Src Port: 59229, Dst Port: 80, Seq: 1, Ack: 2, Len: 0
    Source Port: 59229
    Destination Port: 80
    [Stream index: 5]
    [TCP Segment Len: 0]
    Sequence number: 1    (relative sequence number)
    Sequence number (raw): 1585190028
    [Next sequence number: 2    (relative sequence number)]
    Acknowledgment number: 2    (relative ack number)
    Acknowledgment number (raw): 2334451420
    0101 .... = Header Length: 20 bytes (5)
    Flags: 0x011 (FIN, ACK)
    Window size value: 2082
    [Calculated window size: 2082]
    [Window size scaling factor: -1 (unknown)]
    Checksum: 0x6e14 [unverified]
    [Checksum Status: Unverified]
    Urgent pointer: 0
    [Timestamps]

④ Port 80 acknowledges receipt of the disconnect request and responds to an ACK packet

Transmission Control Protocol, Src Port: 80, Dst Port: 59229, Seq: 2, Ack: 2, Len: 0
    Source Port: 80
    Destination Port: 59229
    [Stream index: 5]
    [TCP Segment Len: 0]
    Sequence number: 2    (relative sequence number)
    Sequence number (raw): 2334451420
    [Next sequence number: 2    (relative sequence number)]
    Acknowledgment number: 2    (relative ack number)
    Acknowledgment number (raw): 1585190029
    0101 .... = Header Length: 20 bytes (5)
    Flags: 0x010 (ACK)
    Window size value: 296
    [Calculated window size: 296]
    [Window size scaling factor: -1 (unknown)]
    Checksum: 0x73fa [unverified]
    [Checksum Status: Unverified]
    Urgent pointer: 0
    [SEQ/ACK analysis]
    [Timestamps]

TCP reset

If the connection is suddenly broken, the RST packet is used to indicate that the connection is aborted abnormally, or the connection request is rejected

Topics: network computer networks Network Protocol