Lecture ‐ TCP - Dleifnesor/NET-215 GitHub Wiki

Quick explanation:

TCP has a 3-way handshake

first, the client that wants to connect to a server sends a [SYN] packet

Next, the server sends a [SYN, ACK] packet to acknowledge the synchronization

Then the Client sends a final [ACK] to start the session

if an application attempts to start a new session after a computer reboots, the 3-way handshake starts over again.

Overview

Transmission Control Protocol (TCP) is a core Layer 4 protocol in the TCP/IP suite that provides reliable, ordered, and error-checked data transmission between applications. Unlike IP, which operates on a "best-effort" delivery model, TCP ensures data is received completely, in order, and without duplication or loss.

TCP Features

  • Connection-Oriented: Establishes a connection before data transfer using a three-way handshake.
  • Reliable Data Delivery: Ensures all data is received and acknowledges receipt.
  • Error Checking & Correction: Uses sequence numbers and acknowledgments to detect missing data and retransmit.
  • Flow Control: Adjusts transmission rates using buffer sizes to prevent overwhelming the receiver.
  • Congestion Control: Modifies sending rates to prevent network congestion.

TCP Communication Process

End-to-End Communication & Virtual Connections

TCP establishes a virtual connection between two applications before transferring data. IP handles the actual delivery, while TCP manages:

  1. Connection Establishment – Using the three-way handshake.
  2. Data Transfer – Ensuring complete and ordered delivery.
  3. Connection Termination – Graceful session shutdown using FIN and ACK messages.

Understanding the TCP Header

Key TCP Header Fields

Field Size (bits) Description
Source Port 16 Identifies the sending application
Destination Port 16 Identifies the receiving application
Sequence Number 32 Tracks order of transmitted data
Acknowledgment Number 32 Confirms received data
Flags 6 Controls TCP behavior (SYN, ACK, FIN, etc.)

TCP Flags

TCP uses flags in the header to manage connection states.

Flag Bit Position Description
URG 106 Urgent data pointer is valid
ACK 107 Acknowledgment field is valid
PSH 108 Push function (deliver immediately)
RST 109 Reset the connection
SYN 110 Synchronize sequence numbers (handshake)
FIN 111 Terminate the connection

TCP Three-Way Handshake

The handshake ensures both sender and receiver establish a reliable connection.

  1. SYN (Synchronization) – The client requests a connection, sending an initial sequence number.
  2. SYN-ACK (Synchronization + Acknowledgment) – The server acknowledges receipt and sends its own sequence number.
  3. ACK (Acknowledgment) – The client confirms receipt, establishing the connection.

Example of Handshake:

Step SEQ # ACK # Description
SYN 0 0 Client requests connection
SYN-ACK 0 1 Server acknowledges and requests connection
ACK 1 1 Client confirms connection

TCP Sequence and Acknowledgment Numbers

TCP assigns a 32-bit random sequence number for each new connection. These numbers track data transmission and ensure proper ordering.

How Sequence Numbers Work

  • Each byte sent over TCP has a unique sequence number.
  • When data is transmitted, the sequence number increments by the number of bytes sent.
  • The receiver uses the acknowledgment number to inform the sender of received data.

Example:

  1. Client sends data with SEQ = 1000 and 100 bytes of data.
  2. Server receives data and responds with ACK = 1100 (indicating it received bytes 1000-1099 and expects byte 1100 next).
  3. If the client sends another 200 bytes, the next SEQ = 1100, and the server will respond with ACK = 1300.

How Acknowledgment Numbers Work

  • The ACK number represents the next byte the receiver expects.
  • If a packet is lost, the receiver does not increment the ACK number, signaling the sender to retransmit missing data.
  • TCP does not require an ACK for every packet—it can acknowledge multiple packets at once.

Sequence Number and Acknowledgment Example in a Data Transfer

Step Sender SEQ # Receiver ACK # Data Sent
Client → Server 1000 Sends 500 bytes
Server → Client 1500 ACKs receipt, expects byte 1500 next
Client → Server 1500 Sends 300 bytes
Server → Client 1800 ACKs receipt, expects byte 1800 next

TCP Retransmission and Recovery

TCP ensures reliability through retransmission mechanisms:

  • If the sender does not receive an ACK within a timeout period, it retransmits the data.
  • If an out-of-order packet is received, TCP buffers it and requests retransmission of missing packets.
  • Duplicate ACKs signal that a packet is missing, prompting fast retransmission.

Retransmission Example

  1. Client sends SEQ = 1000 (500 bytes).
  2. Server does not receive packet 1000-1499 due to network loss.
  3. Server sends duplicate ACK (ACK = 1000) to indicate missing data.
  4. Client retransmits SEQ = 1000 (500 bytes).
  5. Server receives it, processes it, and sends ACK = 1500.

TCP in Wireshark

  • Wireshark captures TCP sequences but displays Relative Sequence Numbers (SEQ starts at 0 for readability).
  • Example:
    • Packet 57: Client sends SYN, SEQ = 4084793652
    • Packet 58: Server replies with SYN-ACK, SEQ = 3363835525, ACK = 4084793653

TCP Features

  • Connection Orientation
    • An application must first request a connection to a destination.
  • Point-to-Point Communication
    • Each TCP connection has exactly two endpoints.
  • Complete Reliability
    • TCP guarantees that the data sent across a connection will be delivered completely and in order.
  • Full Duplex Communication
    • Allows data to flow in either direction at the same time.

TCP Reliability

  • Rather than just sending data in a message and saying "off you go," TCP carefully keeps track of the data it sends.
  • Key Requirements:
    • Reliability: Ensuring that data sent actually arrives at its destination, detecting missing data, and resending it.
    • Data Flow Control: Managing the rate at which data is sent so the receiver is not overwhelmed.

TCP: Sliding Window Acknowledgment System

  • Assigns a unique consecutive sequence number based on bytes sent.
  • The receiver uses sequence numbers to reorder data.
  • Helps discard duplicate packets and identify missing ones.

Positive Acknowledgment with Retransmission (PAR)

  • Message 4 is lost in transit.
  • Using message IDs (SEQ# in TCP), the receiver sets a limit on messages it can receive with each ACK.
  • The sender uses a timer.

TCP: Sliding Windows

  • Sequence numbers alone are not enough.
  • Challenges:
    • What if Device B cannot handle all packets at once?
    • What if B needs time to reorder packets or detect missing ones?
    • Should B acknowledge every packet or acknowledge multiple at once?

TCP Window Size

  • The receiver informs the sender of the number of bytes it can receive (TCP Receive Window).
  • The sender cannot send more than the window size before receiving an ACK.
  • If the receiver cannot process data fast enough:
    • The receive buffer fills.
    • The receiver reduces TCP window size in ACKs.
    • Alerts sender to reduce the amount of data sent.

TCP Sliding Windows: General Principles

  • Improve efficiency and reliability by:
    • Receiver indicating how many bytes it can handle at a time.
    • Sender adjusting how many bytes it sends before waiting for an ACK.

TCP Sliding Windows: Handshake

  • Client and Server set initial Window Size during the handshake.
  • Server often has a smaller window size (sends data), e.g., 5,840.
  • Client has a larger window size (receives data), e.g., 65,535.

TCP Sliding Window: Data Transfer

  • The client adjusts its receive window dynamically.
  • Example:
    • Window size set to 62,215, then reduced to 59,965 in ACKs.
    • There is still space in the buffer.
    • If the client catches up, it increases the window size.

TCP Zero Window

  • A zero window size indicates that the receive buffer is full.
  • Possible causes:
    • Stuck processor.
    • Busy with another task.
  • Once the client is ready, it sends a TCP Window Update packet to resume flow.
  • Zero Window signals network performance issues.

TCP Window Size Scaling

  • On high-performance networks, 65,535 bytes between ACKs may be too low.
  • TCP Option: Window Scale Factor allows exponential increase.
  • Formula: Window Scale = 2^X * 65,535 (X = scale factor, 1-14).
  • Example:
    • SYN Packet with Window Scale = 7.
    • 2^7 = 128 → Window Size multiplied by 128.
    • Later packet: Window size = 229 → 229 * 128 = 29312.

Retransmission Timer

  • Determines how long the sender waits for an ACK before resending.

Flow Control Challenges: Congestion

  • Congestion results in delay.
  • If congestion persists:
    • The device runs out of memory and discards packets.
    • Retransmissions add more packets, worsening congestion.
  • TCP mitigates congestion collapse by monitoring the network and adjusting.

Adaptive Retransmission

  • TCP does not use a fixed timeout.
  • It estimates round-trip time (RTT) adaptively.
  • Example RTT measurements:
    • RTT1 = 45ms, RTT2 = 50ms, RTT3 = 47ms, RTT4 = 48ms
    • Average RTT = 47.5ms
  • If RTTs increase, TCP detects a slowdown.

TCP Estimated RTT

  • TCP continuously estimates RTT using an exponential weighted moving average.
  • Helps adjust the retransmission timer dynamically.

How TCP Monitors Delays

  • TCP measures RTT for each connection by recording when a message is sent and when a response arrives.
  • Subtracting the send time from the receive time gives the RTT estimate.

TCP Adaptive Retransmission in Action

  • Constant Delay:
    • TCP sets retransmission timeout slightly longer than the mean RTT.
  • Varying Delay:
    • TCP increases timeout beyond the mean to accommodate spikes.

Takeaways

  • TCP is designed for reliable, connection-oriented communication.
  • Uses unique sequence numbers and acknowledgments.
  • Sliding Windows regulate data flow.
  • Retransmission Timers help detect lost packets and adjust to network conditions.