TCP details (1): Introduction and data packets, tcp details

TCP details (1): Introduction and data packets, tcp details

Introduction:
Transport Control Protocol (TCP) is a connection-oriented, reliable, byte-stream-based transport layer communication Protocol defined by ietf rfc 793. In the simplified computer network OSI model, it completes the functions specified by the layer-4 transmission layer. User Datagram Protocol (UDP) is another important transmission protocol in the same layer.
　　
　　
　　
In Internet protocol suite, the TCP layer is located above the IP layer and under the application layer. The application layer of different hosts often requires reliable connections like channels, but the IP layer does not provide such a stream mechanism, but provides unreliable packet switching.

The Application Layer sends an eight-byte data stream for inter-network transmission to the TCP layer, TCP then partitions the data stream into a packet segment of the appropriate length (usually restricted by the maximum transmission unit (MTU) at the data link layer of the network connected to the computer ). Then, TCP sends the result packet to the IP layer, which transmits the packet to the TCP layer of the receiver entity through the network. To ensure that no packet loss occurs, TCP sends an serial number to each packet, and the serial number also ensures the packets sent to the receiving end in sequence. Then, the receiving end entity sends back a corresponding ACK to the packet that has been successfully received. If the sending end entity does not receive confirmation within the reasonable round-trip delay (RTT, the corresponding data packet is assumed to have been lost and will be re-transmitted. TCP uses a checksum function to check whether there is any data error. The Checksum is calculated during sending and receiving.

A TCP connection does not mean that an actual or virtual link exists at both ends of the data exchange, but that both sides of the connection maintain some resources (such as the input/output buffer and multiple timers) and link status information, and through the control message interaction management status of both parties, provide the user with an interface to modify the allocation of these resources.

TCP provides reliable data transmission services. The measures adopted are to confirm control packets and data packets and re-transmit them after timeout; the sliding window protocol is used to solve the disordered data transmission and control traffic between the sending and receiving sides. Specifically, for the sender, TCP sends data packets according to the desired length, and starts a timer after the message is sent, waiting for the confirmation message of the data, if the message is still not received after the timer times out, the message is re-transmitted. After receiving the data, the receiver checks the message checksum first. If the packet is incorrect, the message is directly discarded, unconfirmed (the sender notices this fact and re-transmits it); receives the duplicate message, discards it, and does not confirm it; through the sliding window maintained by both parties, TCP will sort out the out-of-order messages before submitting them to the upper-layer application.
It should be noted that traffic control and congestion control are not the same. The purpose of traffic control is to prevent the sender from sending a large amount of data, exceeding the processing capability of the receiver, resulting in packet loss; congestion Control is to prevent network congestion and discard packets from intermediate routers or switches.

TCP provides the data stream service. The data transmitted by upper-layer applications to TCP is not differentiated. TCP only combines and splits data according to its own needs and then transmits the data to the peer end, the peer TCP protocol stack then delivers the data to the upper-layer application in the sent order. TCP data transmission is still sent to the peer end in the form of IP packets. Every time we try our best to send MSS packets, the Nagle algorithm and TCP_CORK all aim to control the streaming packets.

TCP itself does not provide message boundaries and other things, but it provides emergency data, PUSH flag (and does not provide external interfaces) and other methods to simulate packets. Generally, the division of TCP data streams is an application. The application defines the format and parses it by itself.

Data Packet structure:
In the diagram of the TCP Header, we mainly focus on the following fields: sequence number, header length, 6 flag bits, options, window size, and emergency pointer are in bytes.

The TCP Header without the option is 20 bytes. In the header option, it specifies the number of 4 bytes in the header. Because it occupies 4 bits, the header is up to 60 bytes.

The serial number field is used to identify the Data byte stream in the TCP Data Stream. When a connection is established, it is initialized with an ISN. Each SYN or FIN consumes a serial number. We don't need to care too much about this field. We just need to know that the serial number is 32 bits. In the long fat pipeline (in a large network), the serial number may be rewound, and TCP needs to be identified. TCP also expands the field (with options added ).
　　
　　

Note four important things:
Sequence Number: the Number of packets, used to solve the problem of network packet unordered (reordering.
Acknowledgement Number: ACK No. -- used to confirm receipt and solve the problem of no packet loss.
Window: Advertised-Window, also known as the Sliding Window, used for traffic control.
Control Bits: the type of the packet. It is mainly used to Control the state machine of TCP.

The TCP Header defines six fields. Generally, only one flag appears in one packet, but multiple flag can appear at the same time.
URG: Specifies the URG flag.
ACK: confirm the serial number flag. Note the following about ACK: a) ACK is cumulative, indicating that the receiver has correctly received all the bytes until the serial number is reduced by one; B) TCP usually does not confirm each data packet, but uses the latency validation and delay validation technology. The latency validation refers to the combination of ACK packets into the datagram, the delay confirmation is that TCP maintains a Ms timer. Before the timer expires, if multiple data needs to be confirmed, one piece is confirmed. Generally, two packets are confirmed once, if no new data needs to be confirmed after ms, the system will not wait. The message will be confirmed directly. c) the ACK packet itself will not be confirmed. When ACK is lost, the discovery depends on the peer timeout mechanism (detailed later ).
PSH: this flag is automatically set by TCP (it was allowed to be set through the interface, but is not provided by most implementations currently). Most implementations set this flag when the sender clears the sending buffer, that is, the sender sends the data in the current sending buffer at one time.
RST: the flag of the Connection reset.
SYN: the synchronization flag used to initiate a new connection.
FIN: the sender has completed all data transmission and no longer sends new data. The sender is disabled. If the sender also sends this flag, the connection is completely closed.

Others:

　　

Refer:
Https://zh.wikipedia.org/wiki/%E4%BC%A0%E8%BE%93%E6%8E%A7%E5%88%B6%E5%8D%8F%E8% AE % AE
Technet.microsoft.com
Http://www.tcpipguide.com/free/t_TCPConnectionTermination-4.htm
Http://www.kuqin.com/shuoit/20141018/342719.html
Http://nmap.org/book/tcpip-ref.html

Copyright Disclaimer: This article is an original article by the blogger and cannot be reproduced without the permission of the blogger.