Transmission control protocol TCP
The ultimate purpose of transport layer protocol is to provide reliable end-to-end transmission of data
TCP is a connection oriented protocol, because it will initiate a formal connection before transmitting data to track the delivery of data packets. When the transmission is about to end, he will officially close the pipeline of the session
TCP header
| 0-7 | 8-15 | 16-23 | 24-31 |
|---|---|---|---|
| Source port | Source port | Target port | Target port |
| Serial number | Serial number | Serial number | Serial number |
| Confirmation number | Confirmation number | Confirmation number | Confirmation number |
| (0-3 data offset) (4-7 reserved bits) | sign | Window size | Window size |
| Checksum | Checksum | Emergency pointer | Emergency pointer |
| option | option | option | option |
-
Source port: the port used to transmit packets
-
Destination port: the port to which the packet is sent
-
Serial number: this number is used to represent a TCP fragment. This field is used to ensure that there is no missing part in the data stream
-
Confirmation number: this number is the next confirmation number expected from another device in communication
-
Flags: URG ACK PSH PST SYN FIN flags are used to indicate the type of TCP packets transmitted
-
Window size: the byte size of the TCP receiver buffer
-
Checksum: used to ensure the integrity of TCP header and data content before reaching the destination
-
Emergency pointer: if the URG bit is set, this field will be checked as an additional instruction to tell the CPU where to start reading data from the packet
-
Options: various options, which can be specified in TCP packets
Internet Protocol Version 4, Src: 127.0.0.1, Dst: 127.0.0.1
Transmission Control Protocol, Src Port: 59175, Dst Port: 56025, Seq: 0, Len: 0
Source port
Source Port: 59175
Destination port
Destination Port: 56025
Serial number
[Stream index: 0]
[TCP Segment Len: 0]
Sequence number: 0 (relative sequence number)
Sequence number (raw): 3357358121
[Next sequence number: 1 (relative sequence number)]
Confirmation number
Acknowledgment number: 0
Acknowledgment number (raw): 0
1000 .... = Header Length: 32 bytes (8)
sign
Flags: 0x002 (SYN)
Window size
Window size value: 65535
[Calculated window size: 65535]
Checksum
Checksum: 0xb4a1 [unverified]
[Checksum Status: Unverified]
Emergency pointer
Urgent pointer: 0
option
Options: (12 bytes), Maximum segment size, No-Operation (NOP), Window scale, No-Operation (NOP), No-Operation (NOP), SACK permitted
[Timestamps]
TCP window
- Port: find the corresponding application. 1-1023 are standard port groups. Specific services will use these standard ports usually located in the standard port group. 1024-65535 is the temporary port number. When a service wants to communicate, the operating system will randomly select a source port here and let the communication use a unique source port.
TCP triple handshake
All TCP communication starts with three handshakes, and the purpose of three handshakes is
- Ensure that the transmission host can determine that the destination host is online and communicate
- Let the transport host determine that the target host is listening for the port that the transport host is trying to connect to
- The transmission host is allowed to send its starting serial number to the target host, so that the two hosts can keep the session in order
Three steps
① Client A sends A TCP packet to server B. This initial packet does not contain any data except the underlying protocol. This packet sets the SYN flag and contains the initial serial number and the maximum segment size MSS that will be used in the communication process.
② Host B replied a packet with SYN and ACK flags set and its initial serial number
③ Host A sends the last packet with only ACK flag set to host B
After the above three steps are completed, they all know the serial number that the other party starts to send, and they can start communication
The first TCP packet of three handshakes, source port number 59299, destination port number 80, sequence number 0, confirmation number 0, flag syn packet, window size: 64240
Transmission Control Protocol, Src Port: 59299, Dst Port: 80, Seq: 0, Len: 0
Source Port: 59299
Destination Port: 80
[Stream index: 2]
[TCP Segment Len: 0]
Sequence number: 0 (relative sequence number)
Sequence number (raw): 750933292
[Next sequence number: 1 (relative sequence number)]
Acknowledgment number: 0
Acknowledgment number (raw): 0
1000 .... = Header Length: 32 bytes (8)
Flags: 0x002 (SYN)
Window size value: 64240
[Calculated window size: 64240]
Checksum: 0xd036 [unverified]
[Checksum Status: Unverified]
Urgent pointer: 0
Options: (12 bytes), Maximum segment size, No-Operation (NOP), Window scale, No-Operation (NOP), No-Operation (NOP), SACK permitted
[Timestamps]
The second TCP packet of the third handshake, source port number 80, destination port number 59299, serial number 0, confirmation number 1, flag syn, ack packet, window size: 42340 (indicating that the buffer of the client is 42340)
Transmission Control Protocol, Src Port: 80, Dst Port: 59299, Seq: 0, Ack: 1, Len: 0
Source Port: 80
Destination Port: 59299
[Stream index: 2]
[TCP Segment Len: 0]
Sequence number: 0 (relative sequence number)
Sequence number (raw): 3885647778
[Next sequence number: 1 (relative sequence number)]
Acknowledgment number: 1 (relative ack number)
Acknowledgment number (raw): 750933293
1000 .... = Header Length: 32 bytes (8)
Flags: 0x012 (SYN, ACK)
Window size value: 42340
[Calculated window size: 42340]
Checksum: 0x6108 [unverified]
[Checksum Status: Unverified]
Urgent pointer: 0
Options: (12 bytes), Maximum segment size, No-Operation (NOP), No-Operation (NOP), SACK permitted, No-Operation (NOP), Window scale
[SEQ/ACK analysis]
[Timestamps]
Third TCP packet
The source port number is 59299, the destination port number is 80, the sequence number is 0, the confirmation number is 0, the flag is ack packet, and the window size is 258, indicating that the previous packet is a difference
Transmission Control Protocol, Src Port: 59299, Dst Port: 80, Seq: 1, Ack: 1, Len: 0
Source Port: 59299
Destination Port: 80
[Stream index: 2]
[TCP Segment Len: 0]
Sequence number: 1 (relative sequence number)
Sequence number (raw): 750933293
[Next sequence number: 1 (relative sequence number)]
Acknowledgment number: 1 (relative ack number)
Acknowledgment number (raw): 3885647779
0101 .... = Header Length: 20 bytes (5)
Flags: 0x010 (ACK)
Window size value: 258
[Calculated window size: 66048]
[Window size scaling factor: 256]
Checksum: 0xd02a [unverified]
[Checksum Status: Unverified]
Urgent pointer: 0
[SEQ/ACK analysis]
[Timestamps]
Packets sent during tcp connection
Transmission Control Protocol, Src Port: 80, Dst Port: 59299, Seq: 1, Ack: 288, Len: 0
Source Port: 80
Destination Port: 59299
[Stream index: 2]
[TCP Segment Len: 0]
Sequence number: 1 (relative sequence number)
Sequence number (raw): 3885647779
[Next sequence number: 1 (relative sequence number)]
Acknowledgment number: 288 (relative ack number)
Acknowledgment number (raw): 750933580
0101 .... = Header Length: 20 bytes (5)
Flags: 0x010 (ACK)
Window size value: 22
[Calculated window size: 45056]
[Window size scaling factor: 2048]
Checksum: 0x456e [unverified]
[Checksum Status: Unverified]
Urgent pointer: 0
[SEQ/ACK analysis]
[Timestamps]
TCP connection packet 2
Transmission Control Protocol, Src Port: 59299, Dst Port: 80, Seq: 288, Ack: 539, Len: 0
Source Port: 59299
Destination Port: 80
[Stream index: 2]
[TCP Segment Len: 0]
Sequence number: 288 (relative sequence number)
Sequence number (raw): 750933580
[Next sequence number: 288 (relative sequence number)]
Acknowledgment number: 539 (relative ack number)
Acknowledgment number (raw): 3885648317
0101 .... = Header Length: 20 bytes (5)
Flags: 0x010 (ACK)
Window size value: 256
[Calculated window size: 65536]
[Window size scaling factor: 256]
Checksum: 0xd02a [unverified]
[Checksum Status: Unverified]
Urgent pointer: 0
[SEQ/ACK analysis]
[Timestamps]
TCP connection disconnected
TCP termination is used to normally end the connection after two devices complete communication. The connection contains four packets, and FIN is used to represent the end of the connection
① Port 80 sends a disconnect request to port 59229 and sends a FIN and ACK packet to tell 59299 that the communication is completed
Transmission Control Protocol, Src Port: 80, Dst Port: 59229, Seq: 1, Ack: 1, Len: 0
Source Port: 80
Destination Port: 59229
[Stream index: 5]
[TCP Segment Len: 0]
Sequence number: 1 (relative sequence number)
Sequence number (raw): 2334451419
[Next sequence number: 2 (relative sequence number)]
Acknowledgment number: 1 (relative ack number)
Acknowledgment number (raw): 1585190028
0101 .... = Header Length: 20 bytes (5)
Flags: 0x011 (FIN, ACK)
Window size value: 296
[Calculated window size: 296]
[Window size scaling factor: -1 (unknown)]
Checksum: 0x73fb [unverified]
[Checksum Status: Unverified]
Urgent pointer: 0
[Timestamps]
② Port 59229 responds to port 80's acknowledgement of receiving the disconnect request and sends an ACK packet to port 80
Transmission Control Protocol, Src Port: 59229, Dst Port: 80, Seq: 1, Ack: 2, Len: 0
Source Port: 59229
Destination Port: 80
[Stream index: 5]
[TCP Segment Len: 0]
Sequence number: 1 (relative sequence number)
Sequence number (raw): 1585190028
[Next sequence number: 1 (relative sequence number)]
Acknowledgment number: 2 (relative ack number)
Acknowledgment number (raw): 2334451420
0101 .... = Header Length: 20 bytes (5)
Flags: 0x010 (ACK)
Window size value: 2082
[Calculated window size: 2082]
[Window size scaling factor: -1 (unknown)]
Checksum: 0x6e14 [unverified]
[Checksum Status: Unverified]
Urgent pointer: 0
[SEQ/ACK analysis]
[Timestamps]
③ Port 59229 requests disconnection from port 80 and transmits its own FIN and ACK packets to port 80
Transmission Control Protocol, Src Port: 59229, Dst Port: 80, Seq: 1, Ack: 2, Len: 0
Source Port: 59229
Destination Port: 80
[Stream index: 5]
[TCP Segment Len: 0]
Sequence number: 1 (relative sequence number)
Sequence number (raw): 1585190028
[Next sequence number: 2 (relative sequence number)]
Acknowledgment number: 2 (relative ack number)
Acknowledgment number (raw): 2334451420
0101 .... = Header Length: 20 bytes (5)
Flags: 0x011 (FIN, ACK)
Window size value: 2082
[Calculated window size: 2082]
[Window size scaling factor: -1 (unknown)]
Checksum: 0x6e14 [unverified]
[Checksum Status: Unverified]
Urgent pointer: 0
[Timestamps]
④ Port 80 acknowledges receipt of the disconnect request and responds to an ACK packet
Transmission Control Protocol, Src Port: 80, Dst Port: 59229, Seq: 2, Ack: 2, Len: 0
Source Port: 80
Destination Port: 59229
[Stream index: 5]
[TCP Segment Len: 0]
Sequence number: 2 (relative sequence number)
Sequence number (raw): 2334451420
[Next sequence number: 2 (relative sequence number)]
Acknowledgment number: 2 (relative ack number)
Acknowledgment number (raw): 1585190029
0101 .... = Header Length: 20 bytes (5)
Flags: 0x010 (ACK)
Window size value: 296
[Calculated window size: 296]
[Window size scaling factor: -1 (unknown)]
Checksum: 0x73fa [unverified]
[Checksum Status: Unverified]
Urgent pointer: 0
[SEQ/ACK analysis]
[Timestamps]
TCP reset
If the connection is suddenly broken, the RST packet is used to indicate that the connection is aborted abnormally, or the connection request is rejected