First Entry Network series notes (2) TCP and UDP

Source: Internet
Author: User
Tags ack snmp

First, the reference note, this blog post for reference to the following

1.BLUETZAR,TCP/IP Four-layer model,

2. Ye Jianfeng, random talk about TCP,

3.bizhu,tcp and UDP differences (RPM),

4. Ninzhikan, the difference between TCP/IP, HTTP,

Two, TCP and UDP

    • Basic knowledge

1. tcp

  TCP is a reliable, connection-oriented byte-stream service. The source host needs to establish a connection with the target host before transmitting the data. Then, on this connection, the numbered data segments are sent and received sequentially. At the same time, it is required to confirm each data segment to ensure the reliability. The source host sends the data segment again if the destination host does not receive a confirmation of the data segment that was sent within the specified time. , is the datagram format for TCP.

Source, Destination port number field: 16 bits. The TCP protocol identifies the application process on the source and target side by using "port". The port number can use any number from 0 to 65535. When a service request is received, the operating system dynamically assigns a port number to the client's application. On the server side, each service serves the user on a "well known port" (Well-know).

Serial Number field: 32 bits. Used to identify a stream of data bytes sent from the TCP source to the TCP destination, which represents the first data byte in the message segment.

Confirmation Number field: occupies 32 bits. The confirmation Number field is valid only if the ACK flag is 1 o'clock. It contains the next byte of data that the target side expects to receive from the source.

Header Length field: 4 bits. Give the number of heads to 32 bits. A TCP header with no option field is 20 bytes long and can have up to 60 bytes of TCP headers.

Flag bit fields (U, A, P, R, S, F): 6 bits. The meanings of each bit are as follows:

URG: Emergency pointer (urgent pointer) valid.

ACK: Confirm the serial number is valid.

PSH: The receiver should hand over this segment to the application layer as soon as possible.

RST: Rebuilding the connection.

SYN: Initiates a connection.

FIN: Releases a connection.

Window Size segment: 16 bits. This field is used for flow control. The unit is the number of bytes, which is the number of bytes that the native expects to receive at one time.

TCP checksum field: 16 bits. The entire TCP message segment, TCP header and TCP data, is verified and evaluated by the target side.

Emergency pointer field: occupies 16 bits. It is an offset, and the sum of the values in the Ordinal field represents the ordinal of the last byte of the emergency data.

Option field: occupies 32 bits. This may include options such as window enlargement factor, timestamp, and so on.

Sliding window

  The sliding window is the receiving end that tells the sender how many packets can be sent the next time. Well, here are a few questions to face:

Avoid misunderstanding: the sender and receiver of the request-response is not one by one corresponding.

Not only the sender sends a request on the network, the receiver replies with an ACK in this mode. The mode of their interaction is more likely: the sender sends multiple request packets at one time, the receiver replies with an ACK and replies to the request packets. This can be done using the previous acknowledgment number.

But basically, at the receiver's point of view, the ACK packet must be received after a packet, only to return an ACK, that is, there is no reason to send a duplicate ACK, no request, multiple ACK in this case. But there are multiple requests, multiple repeated ACK cases, and this time, it often indicates that a request for a package is missing.

Why do I need a sliding window to exist?

A sliding window exists to control the number of packets on the network. If there is no sliding window, then it is a very ideal situation, the sender of the data, plus the packet header to reach the MTU size, directly sent, and submachine guns, Dodo Dodo. But what? This, in fact, does not take into account whether the receiver can be completed. The receiver is like a fat man who has been eating, his meal speed is fixed, it can eat up to 10 bowls of rice, some time may have eaten two bowls of rice, but not digested. So this time, it can only eat 8 bowls of rice, if this time you give it 80 bowls, will inevitably lead to it blocked, eat not eat. This sliding window is the receiver that tells the sender that I can still eat a few bowls of rice. Slide the window to limit the number of packets that the sender sends at a time.

Why is it called sliding window?

Sliding window I would prefer to understand the co-maintenance of both the sender and the receiver. There are differences between the Send window and the Receive window, respectively.

Sender data has several states: The data has been sent without receiving an ACK, the data has been sent to receive an ACK

Receiver data has several statuses: data has been received not consumed by the application tier, data received has been consumed by the application tier

Send the data in a long row, the sender once the data received an ACK, then the left side of the sliding window to move left. Similarly, once the receiver has data to be consumed by the application layer, the right side of the sliding window moves right. The whole process is like an earthworm struggling to crawl, the tail moving an inch forward, the head and then walk an inch, until the entire data are moved from beginning to end.

Back to the TCP sliding window field, this field is the receiving end of the reply to the sending side, telling the sender the window size of the receiving side. In fact, we also call this window size a sliding window size by default.

About the concept of sliding window, my feeling is a variety of online description of the sliding window, do not fall into the word, the mind image has this sliding window sliding process, you can, a lot of articles may be inconsistent with the description. For example, the following two descriptions of the Send window:

    • The sending window is determined by both the sliding window and the congestion window.
    • The Send window is determined by the receive window.

Establish connections and release connections

TCP's famous three-time handshake and four-time wave

The client and server in this diagram should be understood as the sender and receiver. The following string of descriptions please practice to like serial crosstalk: The sender sends a SYN to the receiver request to establish a connection, the receiver returns an ACK acknowledgement to receive the request, and carries a SYN to the sender to request a two-way connection, the sender then returns an ACK to the receiver to confirm, this time the connection is established.

Let's wave four times. The sender sends a fin to the receiver to initiate a disconnection, the receiver returns an ACK acknowledgement, and then the receiver sends a FIN request to disconnect from the other direction, and the sender returns an ACK acknowledgement after it receives the connection. At this point, the connection is interrupted.

2. udp

  UDP is an unreliable, non-connected datagram service. The source host does not need to establish a connection with the destination host before transmitting the data. The data is sent directly to the destination host after the UDP header fields such as source, destination port number, etc. At this point, the reliability of each data segment is guaranteed by the upper layer protocol. UDP is more efficient than TCP in cases where data is transmitted less and less. , is the datagram structure of UDP.


Source, Destination port number field: 16 bits. The function is the same as the port number field in the TCP data segment and is used to identify the application process on the source and target side.

Length field: occupies 16 bits. Indicates the total length byte of UDP header and UDP data.

Checksum field: occupies 16 bits. Used to verify UDP headers and UDP data. Unlike TCP, this field is optional for UDP, and the checksum field in the TCP data segment is mandatory.

    • Related knowledge: sockets

  The source and destination port fields are included in each TCP, UDP data segment. Sometimes, we collectively name an IP address and a port number as a socket (socket), and a socket pair (socket pair) can uniquely determine the sides of each TCP connection in the connected network (client IP address, client number, server IP address, server port number). , which is a socket.

It is important to note that different application layer protocols may be based on a reliable TCP protocol depending on the transport layer protocol, such as FTP, TELNET, and SMTP protocols. TFTP, SNMP, and RIP are based on unreliable UDP protocols.

At the same time, some application layer protocols occupy two different port numbers, such as FTP 20, 21 ports, SNMP 161, 162 ports. These application-layer protocols provide different capabilities on different ports. such as FTP port 21 is used to listen to the user's connection request, and 20 port is used to transfer the user's file data. As another example, the SNMP 161 port is used for SNMP management process to obtain the data of the SNMP agent, while 162 port is used by SNMP agent to send data to SNMP management process actively.

There are also protocols that use the services provided by different protocols of the transport layer. For example, the DNS protocol uses both TCP 53 ports and UDP 53 ports. The DNS protocol provides the DNS zone file transfer service on port 53 of UDP, providing domain name resolution services on TCP port 53.

First Entry Network series notes (2) TCP and UDP

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.