& Lt; TCP/IP details volume 1 & gt; Reading Notes (4) -- tcp

Finally, we finally came to the large header TCP protocol. In order to provide reliable transmission services for the application layer, various mechanisms are designed for tcp to achieve possible errors during transmission, such as packet loss, retransmission, disordered order, and link transmission errors.

 

1. TCP Overview

First, let's take a look at the header of the TCP protocol. What information does it provide to the receiving and receiving ends:

Like UDP, the first eight bytes of the TCP Header are also the source and destination port numbers. <Source IP address, source port number, destination IP address, destination port number> (that is, a socket pair) determines a tcp connection.

The serial number is used to identify the Data byte stream sent from the TCP initiator to the TCP receiving end. It indicates the First Data byte in the packet segment. In turn, the serial number indicates the next byte that the TCP initiator expects to receive from the TCP receiving end (it seems that it is not very clear and will be discussed later ).

The header length is the number of 32-bit characters in the header. Like the IP header, TCP has a maximum of 60 bytes of header.

Next there are 6 flag bits. Multiple of them can be set to 1 at the same time:

URG: The URG pointer is valid and can be used together with the URG pointer.

ACK: confirm that the serial number is valid

PSH: the receiver sends the packet segment to the application layer as soon as possible.

RST: rebuild the connection

SYN: the synchronization sequence number is used to initiate a connection.

FIN: the sender completes the sending task and will close the connection.

The calculation method of the test is the same as that of the test in UDP. The pseudo header must also be added and the odd bytes must be filled. What is different from UDP is that TCP requires the calculation test and, the UDP test is optional.

The window size indicates the current receiving capacity of the receiver, in bytes. The maximum value of a 16-bit window is 65535 bytes. In the option field, there is a window scale option, this value can be scaled in proportion.

The emergency pointer is a positive offset, and the sum of values in the sequence number indicates the sequence number of the last byte of the emergency pointer.

The option field can include the maximum Message Size (MSS), which is the most common optional field. Each connection usually specifies this option in the first packet segment of the communication, indicating the maximum length of the packet segment that the local end can receive; in addition, the window expansion options and TIMESTAMP options we mentioned above will be shown later.

Here we extract a paragraph to describe the TCP protocol: "TCP can be expressed as a sliding window protocol without confirmation or rejection. We say that TCP lacks selection confirmation because the confirmation serial number in the TCP header indicates that the sender has successfully received the byte, but does not include the byte indicated by the confirmation serial number. Currently, the selected parts of the data stream cannot be confirmed. For example, if ~ 1024 bytes have been received successfully, and the next packet segment contains the serial number from 2049 ~ 3072 bytes. The receiver cannot confirm the new packet segment. All it can do is send back an ACK with the confirmation serial number 1025. It cannot deny a message. For example ~ The 2048-byte packet segment, but its test and error, what the TCP receiver can do is to send back an ACK with a confirmation serial number of 1025 ." This section also explains the problem of confirming the serial number mentioned above.

 

2. Connection establishment and Termination

The next step is the three-way handshake of the famous tcp connection. The time sequence diagram is the clearest:

One of the tcp connections initiates an active connection. It fills in the destination port and source port number, initializes the serial number, sets the SYN bit, sets the mss option, and sends the TCP segment to the other side of the connection. After receiving the tcp segment, the other party does the same thing with the active connection party and carries ACK. It adds 1 to the initial serial number of the active connection party and confirms the serial number field, send to the active connection. The active connection sends an ack to the passive connection, and the connection is established accordingly.

The figure also demonstrates the process of closing the connection. It takes four handshakes to terminate a connection. Either party sets the FIN bit in the final data segment to terminate the connection in this direction. When one end receives a FIN, it must notify the other end of the application layer that the data transmission in that direction has been terminated. That is to say, there will no longer be data transmitted from that direction, but it can still send data, the FIN side replies with an ack.

As shown in the figure, SYN and FIN each occupy a sequence number.

The ports A and B in the figure also remind us of A problem. If there is no user process listening to port B (that is, port B is not enabled), what will host A receive? In UDP, the sender will receive an ICMP port inaccessible packet. What about TCP connection? TCP uses reset, that is, the RST bit is set in the TCP segment of the response sender, carrying the confirmation serial number of the ack active sender, and its own serial number is 0. after receiving such a tcp segment, the sender knows that the connection is rejected.

What if host B does not exist at all? In this case, host A will send another SYN to host B to request A connection. Generally, the maximum time for establishing A connection is 75 seconds.

If either party has been closed or the Director has terminated, but the other party does not know, we call this TCP connection semi-open. For example, if you run the telnet program on host A (client) and connect it to host B (server), host A does not send a fin message to the telnet port of host B due to A sudden power failure, as A result, host B Assumes that the connection to host A is still in progress. After host A restarts, it will start A new server program to connect to host B again, which will lead to many semi-open TCP connections on host B. If server host B suddenly crashes, but Client A does not know, it continues to send data to host B. If host B recovers quickly, however, all previous connection information is lost. When receiving A message from host A, it replies with an RST message (equivalent to listening without A port ).

TCP supports both opening and simultaneous link, but opening at the same time will experience 4 handshakes.

The following figure shows the status change of TCP (which is difficult to draw and thus determined ):

In the status chart, the more important thing is that after receiving the ACK from the other side and the other side's FIN, the active shutdown enters a status called TIME_WAIT, which is also called the 2MSL waiting state. For each TCP implementation, You must select a Maximum message Segment life time MSL (Maximum Segment life time), which is the longest time in the network before any message Segment is discarded. For a specific implementation of the given MSL value, the processing principle is: when TCP executes an active close, concurrent back to the last ACK, the connection must be in the TIME_WAIT status for two times of MSL. in case this ACK is lost, you can resend an ACK (the other end cannot receive the ACK and resend the final FIN message ). Another result of 2MSL wait is that the plug-in defining the connection (customer's IP address and port number, service IP address and port number) cannot be used during 2MSL wait, this connection can only be used after 2MSL is completed. (The book says that many TCP implementations are more strict than this requirement. During the 2MSL wait period, the local port used in the plug-in cannot be used by default .)

The TCP options mentioned above are in the format of these options:

The nop option is used to fill in other options to make them 4 bytes aligned, as shown in the following option:

<Mss 512, nop, wscale 0, nop, nop, timestamp 146647 0>

The first nop fill window is expanded, and the second three nop fill TIMESTAMP options.

 

3. TCP interactive data streams (validated by latency, nagle algorithm) and block data streams (slow start)

After the connection is established, the two hosts start to transmit data. The data transmitted can be divided into two types: interactive data transmission, such as sending commands through telnet; large data transmission, such as file transmission through ftp. TCP obviously needs to be able to process both types of data at the same time, but the algorithms used are different.

When we type a character in the telnet client, the character is transmitted to the server, and the server sends a confirmation of the byte; then the server sends back the byte to display it back to the client screen, the client has to reply with a confirmation request. That is to say, when we send a character on a remote terminal, four message segments are generated for interaction.

Latency-tolerant confirmation is a mechanism in which one end of the received data does not immediately reply to a confirmation after receiving the data, but sets a timer, so that the data to be transmitted before the timer reset will be sent together with this confirmation; of course, if there is no data to be transmitted when the timer is reset, an ack will be sent separately. This is the so-called "Confirmation by latency ". This method affects the process mentioned above. The server sends the echo data back to the client together with the confirmation, and the four packet segments are changed to three packet segments.

To send a byte, we have produced a 41-byte long group, which may increase the possibility of congestion on the wide area network. The Nagle algorithm requires only one unconfirmed uncompleted group on a TCP connection. Other small groups cannot be sent before the Group's confirmation arrives. Instead, TCP collects these small groups, and send it in a group when the confirmation arrives. However, this algorithm is not suitable for highly interactive applications and has obvious latency.

For block-based data streams, TCP should focus more on traffic control. The sending end has a sending buffer (from the application to tcp), and the receiving end has a receiving buffer, which is not immediately processed by the application, if the sender continuously sends data and the receiver's buffer is full, it must notify the sender not to send data again before there is a gap in the buffer. In TCP, the buffer zone is visually equivalent to a sliding window. TCP uses some algorithms to send data based on the window size. This is end-to-end. Another situation is that when there are multiple routers and slow links between the sender and receiver, some problems may occur. Some intermediate routers must buffer partitions, it also has space for energy-consuming storage. Therefore, when establishing a connection, the two sides should gradually learn the road condition to the other side, and then send block data at a suitable rate. TCP supports an algorithm called "slow start". It observes that the rate at which the new group enters the network speed should be the same as the rate at which the other end returns confirmation. Slow Start adds another window for the sender's TCP: congestion window. When a TCP connection is established with another network, the congestion window is initialized to one packet segment (that is, the size of the packet segment advertised by the other end ). Each time an ack is received, a packet segment is added to the congestion window. The sender takes the minimum value in the congestion window and the notification window as the maximum value for sending. The congestion window is the traffic control used by the sender, and the notice window is the traffic control used by the receiver.

 

4. Four timers of TCP

For each connection, TCP manages four different Timers:

(1) The retransmission timer is used to wait for confirmation from the other end. That is, when the sender sends the data, after a period of time, if it still does not receive the confirmation from the receiver, it re-transmits the data block. The timer design time is dynamic and increases exponentially as the number of retransmission times increases. "Dynamic" means that the value of the retransmission timer changes with the network status (using RTT for mathematics. I don't know how to calculate a formula in the middle, which is quite frustrating. I didn't understand it after reading it several times. In the end, I just knew that there was such a thing.

(2) stick to the timer to keep the window size information flowing, even if the other end closes its receiving window. We know that when the receiver's window size is 0, the sender will no longer be able to send data to it until the receiver uses a message whose window size is not 0 to notify the sender. But what if the message is lost? The receiver has been waiting for the sender to send data, and the sender has been waiting for the receiver to send messages with a window greater than 0, and both parties are stuck there. In order to avoid this situation, a persistence timer is available. The sender uses a persistence timer to periodically query the receiver to check whether the window has increased. The timer time is also Exponential Backoff.

Confused window syndrome refers to the situation where the recipient notifies the sender of a non-zero window size, resulting in sending a small amount of data to the sender. Either party can take measures to avoid this situation:

A. in the receiver, the receiver does not advertise A small window. Generally, unless the window can increase the size of A packet segment or increase the buffer space of the receiver, the size of the notification window is 0.

B. if the sender receives a relatively large window (for example, a small packet segment, half the size of the packet segment advertised by the receiver) or no unconfirmed data, to send data.

The receiver and the sender make decisions at the same time because the receiver cannot advertise an unreasonable window size (for example, the original window size is 1500, and the packet segment length is 1024, after the sender sends 1024 bytes of data, the receiver's window size is 476 at this time, which is smaller than the size of one message. However, if the advertised window size is 0, isn't it unreasonable ?), Therefore, after receiving the notification message in this window, it is the sending Party's turn to use its policy. The sender sets a persistence timer, unless the notification window is large enough within the timer time, otherwise, no data is sent. Of course, if the timer times out, the sender still needs to send packets with a small amount of data.

(3) The timer can detect when the other end of an idle connection will crash or restart. As we mentioned above, the "semi-open" connection may occupy many ports on the server. Therefore, the server generally uses the "Keep Alive" option. If a given connection does not take any action within two hours, the server sends a probe packet segment to the customer. The customer host must be in one of the following four States:

A. The client host still runs normally and is accessible from the server. The customer's TCP response is normal, and the server knows that the other party is working normally. The server resets the active timer in two hours. If the application traffic passes through this connection before the two-hour timer to the time, the timer will reset in the next two hours after data exchange.

B. The client host has crashed and is being shut down or restarted. In any case, the customer's TCP does not respond, the server will not be able to receive a response to the probe, and timeout in 75 seconds. The server sends 10 probes at a total interval of 75. If the server does not receive a response, it determines that the client host has been closed and the connection is terminated.

C. The client host crashes and has been restarted. In this case, the server will receive a response to the probe, but the response is a reset, causing the server to terminate the connection.

D. The client host runs normally, but the slave server is inaccessible. This is the same as case B.

(4) The last timer is the 2MSL time calculator.

 

Well, basically we have summarized how TCP establishes connections, transmits data, determines retransmission, and controls traffic. I want to start working in the lab again. Hey, I haven't read this paper for a long time ~. ~