Describing TCP

TCP is a connection-oriented protocol that has end-to-end reliability. Connection-oriented means that both endpoints must setup a connection before any data is transferred. To begin a session, TCP starts with a (three-way) handshake.

In many cases, there are TCP header options that outline and further define the parameters of the conversation. 

The TCP options are in the first two packets of the three-way handshake and are as follows:

  • Window scaling: A value that expands the actual Window size by providing a multiplier that more accurately reflects the true Window size
  • Selective Acknowledgements or SACK: When these are enabled, the receiver will notify the sender if there are any missing packets

Once you have a connection, your operating system creates a socket, which is an IP address and a port. To see all your active TCP connections on a Window machine, open a command-line prompt and run netstat -anp tcp, as shown in the following screenshot:

Netstat showing TCP connection status

During the conversation, TCP monitors the communication and acknowledges all the data that's received to ensure complete delivery of the data. Every time TCP receives data, the receiving host sends an acknowledgment (ACK) packet back to the sender, notifying the sender of what data was received. That is why, in the image, you will see a local IP address and port, along with a sender (or foreign) IP address and port.

Once the conversation is over, TCP ends the session with an exchange of FIN packets.

This powerful protocol also has methods to assist in flow control and congestion control:

  • Flow control is an end-to-end control method using window size, so the sender doesn't overwhelm the host
  • Congestion control prevents a node from sending too much data and overwhelming the network

There are two state variables involved in congestion control:

  • Congestion Window (Cwnd): The sender-side limit that defines the amount of data a host can send before receiving an acknowledgement
  • Receiver Window (Rwnd): The receiver-side limit defines the amount of data a host can receive

The two variables work together in a TCP connection to regulate the flow of data, minimize congestion, and improve network performance.

It's hard to believe, but there is a great deal of detail in one single frame. Depending on the protocol and the purpose, there are many components, such as the various headers, field values within the headers, along with optional data. In the next section, we'll look at all the information that's found in a single TCP frame.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.117.72.224