Computer network reading notes-----UDP vs TCP

• Udp:

UDP User Datagram Protocol only adds the function of multiplexing and error detection on the IP datagram service.
UDP is a datagram protocol that does not have reliability.

• Features of UDP:

UDP is non-connected;
UDP does not guarantee reliable delivery, which is the best effort to deliver
UDP is message-oriented:

　　发送方的UDP对应用程序交下来的报文，在添加首部后就直接交付给IP层。对应用层交下来的报文，既不拆分也不合并，而是保留这些报文的边界。　　对IP层交上来的UDP数据报，在去除首部后就直接交给上层的应用进程，所以说UDP数据报一次交付一个完整的报文。：

UDP has no congestion control.
So the network congestion is not affected by the rate of the sender, so for some real-time applications is very important, but because of this, many source host to the network to send high-speed real-time data flow, the network is likely to block, the result is that we are not receiving data, more blocking.
UDP supports one-to-one, one-to-many , many-to-many interactive communications
UDP has a low header overhead , only 8 bytes, and TCP header has 20 bytes

• UDP datagram Format:
  

We can see that the UDP header has only four fields, 2 bytes per field, and a total of 8 bytes.

Source Ports : Source port number.
Destination Ports : Destination port number.
length : The length of the UDP user datagram, minimum 8 bytes (header only)
Inspection and : Used to verify that UDP is in transit error, if wrong, directly discarded.

Notice that there is also a dashed pseudo-header in front of the UDP datagram.

UDP在计算检验和的时候，要在UDP的数据报前面增加12个字节的伪首部。伪首部，就不是真正的首部，只是在计算检验和的时候，加到用户数据报的前面组成的一个临时的UDP数据报，检验和就是根据这个临时的数据报进行检验的。

UDP inspection and IP similar, just IP inspection and only check the IP header, and UDP test and to test the header and data section.

首先是将检验和字段全部置0，将UDP数据报的二进制看成许多的16位拼接起来，不够的加0填充，然后按照二进制反码计算和，将此和写入检验和；在接收方，将UDP的数据报（伪首部+首部+数据）的二进制16位进行求和，若全为1，则表示无差错。具体流程见：

On the sending side:

The receiver is similar to the binary inverse code operation sum is 1111 1111 1111 1111

• Tcp

TCP is the most complex protocol in the TCP/IP system, providing full-duplex and reliable protocols.
The biggest difference between TCP and UDP is that TCP is connection-oriented, and UDP is non-connected.
TCP is a connection-oriented, reliable stream protocol.

• TCP Features:

connection-oriented Transport layer protocol:
The connection must be established before the data is transferred, and the connection is released after the transfer is complete.
Each TCP connection can have only two endpoints, which means that the TCP connection is one-to-one
Reliable: TCP provides reliable delivery of services, which means that the data can be made error-free, not lost, not duplicated, and arrived in order in the process of transmission.

provides full-duplex communication:
TCP allows both sides of the communication to send data at any time, and both sides of the TCP connection have send caches and receive caches. At the time of sending, the application process sends the data to the TCP send cache to do its own thing, TCP sends the data at the appropriate time, TCP receives the data in the cache, and the upper application process takes out the cached data at the appropriate time.
byte stream oriented:
UDP is a datagram-oriented one, which is easy to understand, but is a bit more complex for byte-stream.
The flow here refers to the sequence of bytes flowing in or out of the process.

所谓的面向字节流是说：虽然应用程序和TCP交互时，传输的都是大小不等的数据块，但是TCP把应用进程交下来的数据看成是一连串的无结构字节流，TCP并不知道字节流的含义。接收方的应用程序必须可以识别所传送的字节流，可以将其还原成应用层有意义的数据。

Plot TCP byte-oriented throttling:

It can be seen that the TCP and UDP send messages are completely different, TCP does not care about how many bytes the application process puts into the TCP cache at a time, TCP determines how many bytes are contained in a message segment based on the window value and the degree of congestion, and the length of packets sent by UDP is given by the application process.

• TCP Datagram Format:

TCP is a byte-stream-oriented, but the TCP transmission unit is a message segment, a TCP message segment is divided into the header and data parts, and the full function of TCP is reflected in the first field of the role.

First look at the format of the TCP datagram:

The first 20 bytes of a TCP packet header are fixed, so the minimum TCP header is 20 bytes.

Source port and destination port :
Similar to UDP for the source port number and destination port number, TCP is also used for the distribution through the port.

Serial number :
The sequence number accounts for 4 bytes, so the range is [0,2^32-1], a total of 2^32 sequence numbers, when added to the last one will start from 0 (that is, mod2^32). TCP is byte-stream oriented, and each of the bytes transmitted in TCP is numbered sequentially. The initial sequence number of the entire data is set when TCP establishes a connection, and the value of the ordinal field in the header refers to the ordinal of the first byte of the data sent by this section. For example: The ordinal field of a message 301, carries 100 bytes of data, so the last byte of the ordinal is 400, that is, the next segment of the data sequence should start from 401.

Confirmation Number :
The ordinal of the first byte of the data that is expected to receive the next message segment of the other party, which is 4 bytes. For example, Host B received a message sent by host a segment, the ordinal field is 501, the data length is 200, indicating that Host B received a sent to the ordinal 700 of the data, expected to receive the next data sequence is 701, so the confirmation number is changed to 701. So: the confirmation number is n, which means that the data is correctly received until the ordinal N-1.

Since the confirmation ordinal length is 32 bits, the 4G data can be numbered, so when reused, the old data already reached the end of the network.

The reliability of TCP transmission is due to the use of serial number and confirmation, when TCP sends a piece of message, it also in its own retransmission queue to hold a copy, if received to confirm the deletion of the secondary copy, if the timer time to not receive data before, then retransmission data. The acknowledgement of TCP does not guarantee that the data has been delivered to the end user by the application layer, but only that TCP at the receiving end receives the other party's sent to the message segment.

Data offset :
4-bit refers to the distance from the starting position of the TCP packet to the beginning of the TCP segment, which is the length of the TCP header.

reserved : 6-bit, for later use, currently should be placed 0.

6 Control bits:
emergency bit Urg:
When Urg=1, indicates that the emergency pointer field is valid. Tell the system that there are urgent data in this message section and should be transmitted as soon as possible rather than in the order of queuing.
For example, the execution of a long list of programs, and then want to cancel, with the keyboard to send the interrupt command CTRL + C, if not emergency data, the two words inode at the end of the TCP cache. The preceding data is not interrupted until it is processed. When the emergency bit location 1 o'clock, TCP inserts these two characters at the front of the message segment, and the data behind it is normal data. This needs to be used in conjunction with the Emergency pointer field in the header.

confirm the bit ACK:
When ack=1, the table name confirmation Number field is valid and ack=0 the confirmation number field is invalid. TCP Specifies that all packets transmitted after the connection is established should have the ACK set to 1.

Push bit PSH:
When two application processes interact interactively, one side wants to receive a response immediately after typing a command, at which point TCP can use push operations. Sender TCP resets PSH to 1 and immediately creates a message segment to send out, and the receiver TCP discovers that PSH is 1, delivering the message to the application as soon as possible, rather than waiting until the entire cache is filled up for delivery.

Reset bit rst:
When rst=1 indicates a serious error in the TCP connection (host crash or other cause), the connection must be freed and then re-established. Rst=1 can also be used to reject an illegal message segment or deny a connection.

synchronous bit syn:
When the connection is established to synchronize the sequence number, when syn=1,ack=0, indicating that this is a connection request message segment, if the other party agrees to establish a connection, in the Response message section should be said Syn=1,ack=1.

terminating bit fin:
Used to release a connection. When Fin=1, it indicates that the data of the sending point of this segment has been transmitted and the connection is required to be released.

window:
Occupies two bytes, the range is [0,2^16-1]. The receiving window for the party that sent the article is a description of the maximum number of data that can be received from the confirmation number of this section. Because the receiver's data cache is limited, the window value describes the amount of data that is allowed to be sent by the sender. The receiving window is also the basis for the sender to set the Send window.

Inspection and:
Method similar to UDP test and, in the calculation of the test and should be accompanied by pseudo-header, pseudo-header format root UDP, but note that UDP and TCP protocol number is not the same (fourth bit).

Emergency Pointers:
The Emergency pointer field is only valid at Urg=1, and the emergency pointer points to the position of the last byte of the message segment of the emergency data. After the emergency data processing is complete, the TCP notification application resumes to normal operation. Note that when the window value is 0, you can also send emergency data.

options : variable length, up to 40 bytes.
TCP initially specifies only one option:
Maximum segment length MSS: Refers to the maximum length of the data field in each TCP message segment, so it is the length of the TCP segment minus the first ministerial degree of TCP.
With the development of the Internet, there are many additional options: window enlargement, timestamp, selection confirmation , etc.

time stamp:
The timestamp option is used to manage serial numbers in high-speed communications, and to forward several g of data to the network at a fast rate, the 32-bit serial number may run out quickly. The network is not stable environment, it is likely to send the serial number very late but received, so the receiving end of the new and old serial number is easy to confuse, and thus can not be reliably transmitted, in order to avoid this problem, the introduction of time stamp, you can distinguish between the new and old serial number.

Select confirmation:
If the received message section is error-free, only the middle of a small number of serial numbers, received the serial number discontinuous, discontinuous. You can then select the Confirm option so that the sender transmits only the missing data without re-transmitting the data that has correctly reached the receiving party. Avoid unwanted re-hair, while increasing speed. However, a maximum of four acknowledgment responses for this state are allowed.

window Enlargement:
is an option to improve TCP throughput, the TCP Header window field is only 16 bits, that is, in the round-trip time, can only transfer up to 64K of data, but if this option, the maximum can be extended to 1G bytes, so in the case of long round-trip time, you can also maintain high throughput.

• Reliable basis for TCP:

We describe the stop-wait protocol and the continuous ARQ protocol in the chapter on the reliability of the data link layer
At the beginning of the network, communication was unreliable, both of which were reliable foundations.

• How TCP achieves reliability:

  There are many mechanisms for TCP to achieve reliability, and here are a few:

  Sliding window in bytes:

On the concept of sliding window, we have done a lot of data link layer, now look at the TCP sliding window, TCP sliding window is in bytes, in the receipt of a packet from B, get its receive window field (20 bytes), the confirmation number is 31, Indicates that B expects to receive the next ordinal number is 31, so a constructs its own send window

This send window means: In the case of not receiving the confirmation of B, you can continuously send all the data in the window, and any data that has not received the confirmation, should be preserved for the subsequent retransmission of the timeout to prepare.
Obviously, the larger the window, the more it can be sent in a row before the confirmation of B is received.

The location of the Send window is determined by the position of the front and back edges. There are two possible ways to change the post window:
does not move (no new acknowledgement is received) and forward (a new acknowledgment is received), but the trailing edge cannot be moved backwards because the acknowledgement that has been received cannot be undone.
The forefront is usually moved forward, but may not move, corresponding to not receive a new confirmation, the window size of the other party notification is not changed, received a new confirmation, but the other side of the notification window narrowed.
The TCP standard does not allow the front edge to shrink backwards, because it is likely that the data in the window has been sent before the window is zoomed out, and there are some errors that are now not sent.

Now suppose that a sends the ordinal 31~41 data, at this time because did not receive the confirmation, the position of the sending window has not changed, the 31~41 ordinal data (dark red) has been sent not received the confirmation, the back pink data is the usable window, indicates allows sends, but did not send.

We found that there are three pointers in determining the state of the sliding window.

P3 - P1 = A的发送窗口P3 - P2 = A的可用窗口，即允许发送但未发送的字节数P2 - P1 = 已经发送但未收到确认的字节数

Then a is sent, then it's always time to take a look at the receiving window of B.
We just said that. The Receive window for B is 20, because the Send window of a is constructed according to the size of the receive window of B.

B received a sequence number of 32,33 data, but did not receive 31 serial Number data (lost or stranded in the network),
So at this point, B can only be received in order to receive the highest sequence number in the data is confirmed, so B sent confirmation message section of the confirmation number is still 31.

Suppose B receives the data with the ordinal 31 at this time, delivers the data of the serial number to the host, and then B deletes the data. Then the receiving window to move forward three sequence numbers, while giving a confirmation, the confirmation number is 34, we found that B also received a sequence number of 37, 38, 40 data, but not in order to arrive, can only temporarily exist in the receiving window.

At this point a received a confirmation of B, the confirmation number is 34, indicating that the data before the 34 sequence number has been correctly received, expect the next received sequence number is the 34,a send window forward 3 serial number, note that the pointer P2, the available window increases.

A will now send all the data between 42~53, when the pointer P2 and pointer P3 coincident, the available window is 0 Send window is full, so must stop sending,

b receives the data sent by a, and sends a confirmation to a, but these confirmations are stuck in the network, in order to ensure reliable transmission, a can only think that B has not received the data, a after a period of time (timeout Timer control) to retransmit this part of the data, and reset the timeout timer, until the confirmation of B, A's window continues to slide forward to send new data.

Caching and Windows

Before we mentioned the cache, the send sends the byte stream in the application process into the TCP cache, and the receiver reads the byte stream in the cache. Further describes the relationship between the cache and the window.

Note: Both the cache space and the ordinal window are finite, so they are all recycled.

The send cache is used for temporary storage: the sending application transmits data to the sender TCP ready to send and TCP has sent but not received the confirmed data.

You can see in the diagram that the Send window is just a send cache
The confirmed data should be removed from the send cache, so the back edge of the sending window and the back edge of the send cache are coincident.
The last bytes written by the sending application minus the last confirmed byte, which is the number of bytes left in the send cache.

The receive cache is used for temporary storage:
The data that arrives sequentially, but is not yet read by the receiving application.
Data that is not sequentially reached.

The figure shows that if the application is too late to process the data in the receive cache, the accept cache will be filled.

How do I deal with the order of non-sequential arrivals?
Of course, can not be discarded, network resources will be wasted a lot of, TCP usually to the non-sequential arrival of data, is staged into the receive window, wait until the byte stream is missing bytes received, and then sequentially delivered to the application process.

Time-out retransmission:

We often mention that the TCP sender re-transmits the sent message segment without receiving confirmation within the specified time, but how is this retransmission time chosen?

Ideally, find a minimum time and confirm that the response will return within this time.
But the length of time will vary depending on the network environment of the packet path, such as the short loudness in a high-speed LAN, and longer in long-distance communications.

TCP calculates the round trip time and its deviations each time the contract is contracted, adds the round trip time and the deviation, and the re-send timeout is a slightly larger value than the sum.
The two values are counted because the network environment is different, and the round-trip time may have a large swing, because sometimes the fragments of the packet are reached by different lines.

In the window system, timeouts are controlled in 0.5 seconds, so the re-send timeout is an integer multiple of 0.5. Since the initial packet does not yet know the round-trip time, its re-send timeout is typically set to about 6 seconds.

• TCP Traffic Control

If the sender sends too fast data, the receiver may be too late to receive it, which can result in loss of data.
The so-called flow control is to let the sender do not send too fast, to let the receiving party in time to receive.

Flow control is based on the implementation of the window, the receiving end to the sending side of the host to notify the size of the data can be accepted, that is, the window size, the sender sends the data will not exceed the limit of the window.

The larger the window value, the higher the network throughput
However, once the buffer of the receiver is faced with a data overflow, the window size value will be set to a smaller value to notify the sending side, thus controlling the data traffic.
Instance:
A sends data to B. When the connection is established, b high speed A, a and a receive window is 4000 bytes

It can be seen that b after receiving the first 4,000 bytes, the window is 0, the buffer is full, so you need to temporarily stop receiving data, the sender must wait until the window update notification before the communication can continue.
However, if the update notification for this window is lost in transit, it may result in no communication.
So TCP has a continuous timer for each connection. The continuous timer is started whenever a party in the connection receives a 0 window notification. If the time of the continuous timer is up, send a 0-window to explore the text segment (only 1 bytes of data), the other side in the confirmation of the detection segment is given the current window value, if the window value is still 0, then received this segment of the party to refer to the timer, if not 0, you can communicate.

• Increase network transfer rate:

different mechanisms can be used to control the timing of sending TCP packets.
The first: TCP maintains a variable whose value is equal to the MSS maximum message length, as long as the data in the cache reaches the MSS byte, it is assembled into a TCP message segment to send out.
The second type: The application process of the sender indicates that a delivery segment is to be sent, that is, a push operation supported by TCP.
Third: The sender of a timer expires, this time the current existing cache data loaded into the message segment (length can not exceed MSS) sent out

You can postpone the answer and the piggyback answer.

When the connection is a TCP connection, set the user to send only one character. Adding a 20-byte header to a 21-byte TCP segment, plus a 20-byte IP header to form a 41-byte long IP datagram, these groupings usually do not cause trouble on the LAN, but small packets on the WAN increase the likelihood of congestion. The Nagle algorithm can be used:
Nagle algorithm:

    若发送应用进程把要发送的数据逐个字节的送到TCP的发送缓存，则发送方就把第一个数据字节先发送出去，把后面到达的数据字节缓存起来。当发送方收到对第一个数据字节的确认后，再把发送缓存中的所有数据组装成一个报文段发送出去，同时继续对随后到达的数据进行缓存。只有在收到对前一个报文段的确认后才继续发送下一个报文段。

At the same time Nagle the provision, when the arrival of the data has reached the size of the sending window half or has reached the maximum length of the message segment, a message segment is sent immediately.

Confused window syndrome:

    TCP的缓存已满，而接收方的应用程序一次只从接收缓存中读取一个字节，然后向发送方发送确认，因为接受窗口是1，所以发送方只能发送一个字节的数据，这样持续下去，网络的效率会很低。

To avoid this problem: we can allow the receiver to wait for a period of time so that the receiving cache has enough space to hold the longest segment of the packet, or wait until the receiving cache has half the idle time . As long as one of these two cases, the receiver will send a confirmation message, and the sender also do not send too small messages, you can accumulate data into a large enough segment, or reach the general size of the receiving cache space.

• TCP Congestion Control:

What is congestion, the demand for a resource in the network exceeds the available parts that the resource can provide , the performance of the network will become bad, this situation is called congestion. When congestion occurs, the resource supply in the network is insufficient, and the throughput of the whole network decreases with the increase of the input load.

The strategy provided for this is congestion control:
Congestion control prevents too much data from being injected into the network, which makes routers or links in the network not overloaded.
The premise of congestion control is that the network can withstand the existing network load.

the difference between congestion control and flow control:
Congestion control is a global process that involves all hosts, all routers, and all the factors that are associated with reducing network transmission performance.
And the flow control is often the point-to-point traffic control, is an end-to-end problem.

Several methods of congestion control:
Slow start, congestion avoidance, fast retransmission, and fast recovery.

Here's how slow start and congestion avoidance works:

When the host begins to send data, if a large amount of data bytes are injected into the network immediately, it is possible to cause network congestion because the network load is unclear.
The so-called slow start, is from small to large gradually increase the sending window, that is, from small to large increase congestion window value.

At slow start, this congestion is set to the value of the maximum segment MSS, and each time a new message segment is received, the value of the congestion window is added 1. As shown in the following:

Here we first set the congestion window CWnd to 1, send a message segment M1, and received the acknowledgment sent by the receiver, the CWnd increased to 2, and then send M2,m3, once again received confirmation, the CWnd increased to 4. As a result, the congestion window doubles for each transmission pass.

Ps：传输轮次：把拥塞窗口cwnd所允许发送的数据全部发送出去，并且收到了对最后一个字节的确认。可以看出就是整个报文段的往返时间。

To prevent congested windows from growing too large and causing network congestion, a slow-start threshold is also required Ssthresh

当cwnd < ssthresh时，使用上述的慢开始算法当cwnd > ssthresh时，停止使用慢开始算法而改用拥塞避免算法当cwnd = ssthresh时，既可以使用慢开始算法，也可使用拥塞避免算法。

The idea of the congestion avoidance algorithm is to make CWnd grow slowly, that is, each time it passes a RTT round trip, it adds 1 to the sender's congestion window, rather than doubling it. In this way, the congestion window CWnd grows slowly by linear law, which is much slower than the slow start rate of growth.

At any stage, as long as the sender determines that there is congestion in the network (no acknowledgement is received on time), it is necessary to set the slow-start threshold ssthresh to half of the sending window when congestion occurs, then set the CWnd to 1 and re-execute the slow-start algorithm.
(This will allow the congested routers to process the backlog of packets in the cache)

Example:

The units in the figure are the number of message segments, not bytes. The horizontal axis is the transmission round.

1、在开始的时候将拥塞窗口置为1，慢开始门限的初始值ssthresh设置为162、在执行慢开始算法时（流程见上文），拥塞窗口cwnd随着传输轮次按指数增长，超过慢开始门限值时（cwnd=16），开始执行拥塞避免算法，拥塞窗口按照线性规律增长。3、假设拥塞窗口增长到24时，网路出现超时，很可能拥塞，所以慢开始门限值变为原来的一般（12），拥塞窗口置为1，并执行慢开始算法，当拥塞窗口再次达到门限值时，改为拥塞避免算法。

addition increase multiplication decrease (AIMD algorithm)
The so-called multiplication reduction (multiplicative decrease) is when network congestion occurs, the threshold value of the slow start is Ssthresh halved, and then the slow start algorithm is executed.
The addition increase (Additive increase) is a congestion avoidance algorithm that causes congestion windows to increase slowly to prevent premature congestion in the network
Together, these two are called AIMD algorithms.

The method here does not completely avoid congestion, when it is impossible, it is just that the network is not prone to congestion.

• TCP Transport Connection management:

There are three phases of the TCP Transport connection: connection establishment, data transfer, connection release.

TCP resolves three issues during connection setup:

双方都知道另一方的存在；允许双方协商一些参数（最大窗口值、时间戳选项、服务质量等）；能够对运输实体资源（缓存大小，连接表中的项目）进行分配。

TCP establishes a connection:
Probably have heard the handshake three times, but three times the handshake is how to hold it, the following to analyze:

TCP connection is established by the client server approach, the initiative to initiate the request to establish a connection is the customer, passively waiting to establish a connection is the server.

The server process runs on Host B, and the client process runs on host a.

The server process first issues a passive open command that tells it that TCP is ready to accept connection requests from the client process, where the server process is listening, detects the client process that sent the connection request, and responds if there is one.
Client process Host A's TCP sends an active open command, which means that a connection to a port of an IP address is now being established.

At this point, host a TCP sends a connection request packet to Host B TCP, this time the first synchronous bit syn is set to 1, and select an initial sequence number seq=x, after completion of host A in the synchronous sent state.
Host B received a message sent by host A, found that the synchronous bit SYN bit is 1, know that host a requirements to establish a connection, Host B agreed to establish a connection, return a response message segment, the first synchronous bit SYN and confirm bits are set to 1, while the confirmation number for host a initial sequence number +1 ( ack=x+1), Host B also chooses an initial sequence number for itself as the ordinal field (Seq=y), at which point Host B is synchronously received.
Host a received a message section of Host B, but also to send a confirmation to B, the confirmation number for the server's initial sequence number +1 (ack=y+1), the sequence number is the first sent sequence number +1, because the SYN 1 message segment can not carry data, but to consume a sequence number, The message segment of the ACK 1 does not consume the serial number, then a TCP notifies its upper application process, the TCP connection has been established, a is in the established connection state.
b After receiving the confirmation of a, it also enters the established connection state.

Why is host a finally sending a confirmation?

    防止已失效的连接请求报文段。

If it's a two-time handshake:
If host A is sent to Host B for the first time in the request message Segment 1 blocked in the network, so that the delay to the connection after the release of a certain time before the arrival of B, Host B is not aware of the failure, so mistakenly assume that host A is to re-establish a new connection, so a confirmation message to a section, to agree to establish a But because at this time host A and did not request to establish a connection, so will not ignore the B sent over the confirmation, B but thought that the new connection has been established, has been in a waiting state, wasting the resources of the network.

If it is a three-time handshake, a does not send confirmation to B, B does not receive the acknowledgement sent by a, knowing that a does not request to establish a connection.

第一次握手：服务端知道客户端能发信息第二次握手：客户端知道服务端能收数据，也能发数据第三次握手：服务端知道客户端能收数据

What if the third time a segment is missing?
Answers found on the Web:

    如果客户机到服务器的ACK报文段丢失（相应于三次握手的第三次），链接仍能正常工作这是因为客户端已经处于ESTABLISHED状态，所以应用进程可以向另一方发送数据每个报文段都有ACK标志置位，而且为正确数据，所以第一个报文段到达服务器时，服务器也也转移到ESTABLISHED状态这就是在说三次握手协议的第三次只是保证正确用的，意义不像前两次一样大，可以丢失。

• TCP Release Connection:

Because TCP is a full-duplex communication, both sides of the communication need to release the connection, which is four times back and forth. Also known as waving four times.

After the data transfer is complete, both sides can release the connection, and now both A and B are in the established connection state.
A's application process first sends a connection release segment to its TCP, stops sending data, and then proactively shuts down the TCP connection. In the message segment, the terminating bit fin position is 1, the sequence number is the last byte of the previous transmitted data sequence number +1 (Seq=u), when a enters the terminating wait-1 state, waiting for the confirmation of B.

b After receiving the connection release packet, give a to return to the response segment, the first ack=1,seq equal to the last byte of the data transmitted in front of +1 (SEQ=V), ack=u+1,b into the shutdown wait state, at this time the TCP server process notifies the application, The connection from A to B is freed, and the TCP connection is in a semi-closed state.

A after receiving the confirmation of B, enter the termination wait-2 status, waiting for B to send the connection release message segment.

b There is no data to send to a, B's application process to notify the TCP release connection, at this time B issued a connection release message segment will be the fin 1, the sequence number is seq=w (in the semi-connected state may send the data), but the ACK should also be the last sent confirmation number (ack=u+1), At this point B enters the final confirmation stage and waits for a confirmation.

A confirmation must be issued after receiving the release of the connection request from B. The ACK is 1,seq to u+1 in the confirmation message segment (because Fin is like a syn that consumes an ordinal number) and the confirmation number is ack=w+1. Then enter the time wait state, now TCP is not released, must go through the time to wait for the timer set time of 2MSL (MSL known as the longest segment life), a before entering the shutdown state.

Why is a time to wait for a 2MSL after sending a confirmation?

1, in order to ensure that a send the last acknowledgment message segment can reach B.

如果最后一次的报文丢失，B长时间接收不到对自己FIN+ACK报文的确认，就会重发FIN+ACK报文，这样A就可以在2MSL接收到B重传的这个报文，A对此重新发送一次确认，重新启动2MSL计时器，最后A、B都进入关闭状态。如果不等待，那么B收不到确认，无法按照正常步骤使B进入关闭状态。

2, a waiting for 2MSL, you can make all the packets generated in this connection disappear from the network, which also prevents the above failed connection request message segment appears in the next new connection

KeepAlive Timer:

When host A and Host B to establish a good connection, host a suddenly failure, crash and so on, so can not let the Host B has been waiting, this time to use the keepalive timer, Host B did not receive a host a sent to the data, will be reset a keepalive timer, generally two hours, if more than two hours, Host B has not received a message sent by host A, Host B will send a probe packet to host A, every 75 minutes, when sent to 10 times, host A does not respond, it is considered a failure and automatically disconnect.

Copyright NOTICE: This article for Bo Master original article, without Bo Master permission not reproduced.

Computer network reading notes-----UDP vs TCP