Transmission Control Protocol (TCP)

TCP/IP Protocol Suite 1

Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
 15-1 TCP SERVICES

TCP lies between the application layer and the network

layer, and serves as the intermediary between the
application programs and the network operations.

TCP/IP Protocol Suite 2

 Figure 15.1 TCP/IP protocol suite

TCP/IP Protocol Suite 3

  Process-to-Process Communication
 Stream Delivery Service
 Full-Duplex Communication
 Multiplexing and Demultiplexing
 Connection-Oriented Service
 Reliable Service

TCP/IP Protocol Suite 4

 Process-to-Process Communication
TCP provides process-to-process communication using port numbers.

Some well-known port numbers used by TCP.

TCP/IP Protocol Suite 5

 Figure 15.2 Stream delivery

Stream Delivery Service

TCP is a stream-oriented protocol.

Allows the sending process to deliver data as a stream of bytes and allows the
receiving process to obtain data as a stream of bytes.

TCP creates an environment in which the two processes seem to be connected by

an imaginary “tube”.

Sending process produces (writes to) the stream of bytes and the receiving
process consumes (reads from) them.

TCP/IP Protocol Suite 6

 Figure 15.3 Sending and receiving buffers

Sending and Receiving Buffers

Because the sending and the receiving processes may not necessarily write or
read data at the same rate, TCP needs buffers for storage.

There are two buffers, the sending buffer and the receiving buffer, one for each
direction.

Buffers are also necessary for flow- and error-control mechanisms used by TCP.

TCP/IP Protocol Suite 7

 Figure 15.3 Sending and receiving buffers

One way to implement a buffer is to use a circular array of 1-byte locations .

Shows two buffers of 20 bytes each; normally the buffers are hundreds or
thousands of bytes.

Also show the buffers as the same size, which is not always the case.

Stream of bytes

TCP/IP Protocol Suite 8

 Figure 15.3 Sending and receiving buffers

At the sender, the buffer has three types of chambers.

white section : contains empty chambers that can be filled by the sending process.

colored area : holds bytes that have been sent but not yet acknowledged.

Shaded area : contains bytes to be sent by the sending TCP.

TCP may be able to send only part of this shaded section. This could be due to
the slowness of the receiving process, or congestion in the network.

At the receiver buffer is divided into two areas.

white area : contains empty chambers to be filled by bytes received from the
network.

colored sections : contain received bytes that can be read by the receiving
process.

TCP/IP Protocol Suite 9

 Figure 15.4 TCP segments

Segments
TCP groups a number of bytes together into a packet called a segment.

Segments are not necessarily all the same size.

Figure shows one segment carrying 3 bytes and the other carrying 5 bytes.

In reality, segments carry hundreds, if not thousands, of bytes.

Segment N Segment 1
H H
TCP/IP Protocol Suite 10
 Full-Duplex Communication

TCP offers full-duplex service, where data can flow in both directions at the
same time.

Each TCP endpoint then has its own sending and receiving buffer, and
segments move in both directions.

TCP/IP Protocol Suite 11

 Multiplexing and Demultiplexing

TCP performs multiplexing at the sender and demultiplexing at the receiver.

Since TCP is a connection-oriented protocol, a connection needs to be established

for each pair of processes.

TCP/IP Protocol Suite 12

 Connection-Oriented Service

TCP is a connection-oriented protocol.

When a process at site A wants to send to and receive data from another
process at site B, the following three phases occur:

1. The two TCPs establish a virtual connection between them.

2. Data are exchanged in both directions.
3. The connection is terminated.

Note that this is a virtual connection, not a physical connection.

• TCP segment is encapsulated in an IP datagram and can be sent out of order, or lost, or
corrupted, and then resent.
• Each may be routed over a different path to reach the destination.
• TCP creates a stream-oriented environment in which it accepts the responsibility of
delivering the bytes in order to the other site.

TCP/IP Protocol Suite 13

 Figure 15.4 TCP segments

Reliable Service

TCP is a reliable transport protocol.

It uses an acknowledgment mechanism to check the safe and sound arrival of

data.

TCP/IP Protocol Suite 14

 15-2 TCP FEATURES

TCP/IP Protocol Suite 15

  Numbering System
 Flow Control
 Error Control
 Congestion Control

TCP/IP Protocol Suite 16

 Numbering System

TCP software keeps track of the segments being transmitted or received.

There is no field for a segment number value in the segment header.

Instead, there are 2 fields called sequence number and acknowledgment number.

These two fields refer to a byte number and not a segment number.

TCP/IP Protocol Suite 17

 Byte Number

TCP numbers all data bytes (octets) that are transmitted in a connection.

Numbering is independent in each direction.

When TCP receives bytes of data from a process, TCP stores them in the
sending buffer and numbers them.

TCP chooses an arbitrary number between 0 and 232− 1 for the number
of the first byte.

If the number happens to be 1,057 and the total data to be sent is 6,000
bytes, the bytes are numbered from 1,057 to 7,056.

TCP/IP Protocol Suite 18

 Note

The bytes of data being transferred in

each connection are numbered by TCP.

The numbering starts with an arbitrarily

generated number.

TCP/IP Protocol Suite 19

 Sequence Number

After the bytes have been numbered, TCP assigns a sequence number to
each segment that is being sent.

Sequence number for each segment is the number of the first byte of
data carried in that segment.

TCP/IP Protocol Suite 20

 Note

The value in the sequence number

field of a segment defines the number
assigned to the first data byte
contained in that segment.

TCP/IP Protocol Suite 21

Example 15.1
Suppose a TCP connection is transferring a file of 5,000 bytes. The first byte
is numbered 10,001. What are the sequence numbers for each segment if
data are sent in five segments, each carrying 1,000 bytes?

TCP/IP Protocol Suite 22

Example 15.1
Suppose a TCP connection is transferring a file of 5,000 bytes. The first byte
is numbered 10,001. What are the sequence numbers for each segment if
data are sent in five segments, each carrying 1,000 bytes?

Solution
The following shows the sequence number for each segment:

TCP/IP Protocol Suite 23

 When a segment carries a combination of data and control information
(piggybacking), it uses a sequence number.

If a segment does not carry user data, it does not logically define a
sequence number. The field is there, but the value is not valid.

However, some segments, when carrying only control information, need

a sequence number to allow an acknowledgment from the receiver.

These segments are used for connection establishment, termination, or

abortion.

Each of these segments consume one sequence number as though it

carries one byte, but there are no actual data.

TCP/IP Protocol Suite 24

 Acknowledgment Number
When a connection is established, both parties can send and receive data at the
same time.

Each party numbers the bytes, usually with a different starting byte number.

Each party also uses an acknowledgment number to confirm the bytes it has
received.

The acknowledgment number defines the number of the next byte that the party
expects to receive.

In addition, the acknowledgment number is cumulative.

The term cumulative here means if a party uses 5,643 as an acknowledgment

number, it has received all bytes from the beginning up to 5,642.

TCP/IP Protocol Suite 25

 Note

The value of the acknowledgment field

in a segment defines the number of the
next byte a party expects to receive.

The acknowledgment number is

cumulative.

TCP/IP Protocol Suite 26

 Flow Control
• The sending TCP controls how much data can be accepted from the sending process;
the receiving TCP controls how much data can to be sent by the sending TCP.
• This is done to prevent the receiver from being overwhelmed with data.

Error Control
• To provide reliable service, TCP implements an error control mechanism.
• Although error control considers a segment as the unit of data for error detection (loss
or corrupted segments), error control is byte-oriented

Congestion Control
• TCP, takes into account congestion in the network.
• The amount of data sent by a sender is not only controlled by the receiver (flow control),
but is also determined by the level of congestion, if any, in the network.

TCP/IP Protocol Suite 27

 15-3 SEGMENT

A packet in TCP is called a segment.

The segment consists of a header of 20 to 60 bytes, followed by data

from the application program.

The header is 20 bytes if there are no options and up to 60 bytes if it

contains options.

TCP/IP Protocol Suite 28

 Figure 15.5 TCP segment format

Sequence number.
• Defines the number assigned to the first byte of data contained in this segment.
• During connection establishment each party uses a random number generator to
create an initial sequence number (ISN), which is usually different in each
direction.

TCP/IP Protocol Suite 29

 Figure 15.5 TCP segment format

Acknowledgment number.
• This 32-bit field defines the byte number that the receiver of the segment is
expecting to receive from the other party.
• If the receiver of the segment has successfully received byte number x from the
other party, it returns x + 1 as the acknowledgment number.
• Acknowledgment and data can be piggybacked together.

Header length. Same as IP header length

Reserved. This is a 6-bit field reserved for future use.

TCP/IP Protocol Suite 30

 Figure 15.6 Control field

Control.
• Defines 6 different control bits or flags.
• One or more of these bits can be set at a time. These bits enable flow control,
connection establishment and termination, connection abortion, and the mode
of data transfer in TCP.

TCP/IP Protocol Suite 31

 Window size.
• Defines the window size of the sending TCP in bytes.
• Length of this field is 16 bits, which means that the maximum size of the window is
65,535 bytes. This value is normally referred to as the receiving window (rwnd) and is
determined by the receiver.
• The sender must obey the dictation of the receiver in this case.

Checksum.
• This 16-bit field contains the checksum.
• The use of the checksum in the UDP datagram is optional, whereas the use of the
checksum for TCP is mandatory.
• The same pseudoheader, serving the same purpose, is added to the segment.
• For the TCP pseudoheader, the value for the protocol field is 6.

TCP/IP Protocol Suite 32

 Figure 15.7 Pseudoheader added to the TCP segment

TCP/IP Protocol Suite 33

 Urgent pointer.
• This 16-bit field, which is valid only if the urgent flag is set, is used when the
segment contains urgent data.
• It defines a value that must be added to the sequence number to obtain the
number of the last urgent byte in the data section of the segment.

Options. There can be up to 40 bytes of optional information in the TCP header.

TCP/IP Protocol Suite 34

 Encapsulation

A TCP segment encapsulates the data received from the application layer.

The TCP segment is encapsulated in an IP datagram, which in turn is encapsulated

in a frame at the data-link layer.

TCP/IP Protocol Suite 35

 Figure 15.8 Encapsulation

TCP Application-layer data

header

IP
header

Frame
header

TCP payload
IP payload
Data-link layer payload

TCP/IP Protocol Suite 36

 15-4 A TCP CONNECTION
TCP is connection-oriented. It establishes a virtual path between the source and
destination.

TCP uses the services of IP to deliver individual segments to the receiver, but it
controls the connection itself.

If a segment is lost or corrupted, it is retransmitted.

If a segment arrives out of order, TCP holds it until the missing segments arrive; IP
is unaware of this reordering.

three phases of TCP connection:

connection establishment,
data transfer, and
connection termination.

TCP/IP Protocol Suite 37

 Connection Establishment

When two TCPs in two machines are connected, they are able to send
segments to each other simultaneously.

Each party must initialize communication and get approval from the other party
before any data are transferred.

TCP/IP Protocol Suite 38

 Three-Way Handshaking

Connection establishment in TCP is called three-way handshaking.

An application program (called client), wants to make a connection with another

application program (called server) using TCP .

The process starts with the server.

The server program tells its TCP that it is ready to accept a connection. This
request is called a passive open. It cannot make the connection itself.

The client program issues a request for an active open. A client that wishes to
connect to an open server tells its TCP to connect to a particular server.

TCP can now start the three-way handshaking process.

TCP/IP Protocol Suite 39

 Three-Way Handshaking

To show the process we use time lines.

Each segment has values for all its header fields. Here shows only the few fields
necessary to understand each phase.

ie : sequence number, acknowledgment number, control flags and window size if

relevant.

The three steps in this phase are as follows.

TCP/IP Protocol Suite 40

 Three-Way Handshaking

1. The client sends the first segment, a SYN segment, in which only the SYN flag
is set. This segment is for synchronization of sequence numbers.

Client chooses a random number as the first sequence number and sends this
number to the server. This is called the initial sequence number (ISN).

This segment does not contain an acknowledgment number. It does not define
the window size either; a window size definition makes sense only when a
segment includes an acknowledgment.

SYN segment is a control segment and carries no data. However, it consumes

one sequence number. When the data transfer starts, ISN is incremented by 1.

TCP/IP Protocol Suite 41

 Note

A SYN segment cannot carry data, but it

consumes one sequence number.

TCP/IP Protocol Suite 42

 Three-Way Handshaking

2. The server sends the second segment, a SYN + ACK segment with two flag
bits set: SYN and ACK. This segment has a dual purpose.

First, it is a SYN segment for communication in the other direction. The server
uses this segment to initialize a sequence number for numbering the bytes sent
from the server to the client.

The server also acknowledges the receipt of the SYN segment from the client by
setting the ACK flag and displaying the next sequence number it expects to
receive from the client.

Because it contains an acknowledgment, it also needs to define the receive

window size, rwnd (to be used by the client).

TCP/IP Protocol Suite 43

 Note

A SYN + ACK segment cannot carry

data, but does consume one
sequence number.

TCP/IP Protocol Suite 44

 Three-Way Handshaking

3. The client sends the third segment. This is just an ACK segment. It
acknowledges the receipt of the second segment with the ACK flag and
acknowledgment number field.

Sequence number in this segment is the same as the one in the SYN segment;
the ACK segment does not consume any sequence numbers.

The client must also define the server window size.

Some implementations allow this third segment in the connection phase to carry the first chunk of data from the client.
In this case, the third segment must have a new sequence number showing the byte number of the first byte in the
data.

The third segment usually does not carry data and consumes no sequence numbers.
TCP/IP Protocol Suite 45
 Note

An ACK segment, if carrying no data,

consumes no sequence number.

TCP/IP Protocol Suite 46

 Figure 15.9 Connection establishment using three-way handshake

seq: 8000

UAPRS F
SYN
seq: 15000
ack: 8001
nd: 5000
U A P R S F rw
SYN + ACK
seq: 8000
ack: 15001
UAPRS F
rwnd: 10000
ACK
Means “no data” !
seq: 8001 if piggybacking
TCP/IP Protocol Suite 47
 SYN Flooding Attack
The connection establishment procedure in TCP is susceptible to a serious
security problem called SYN flooding attack.

This happens when one or more malicious attackers send a large number of SYN
segments to a server pretending that each of them is coming from a different
client by faking the source IP addresses in the datagrams.

The server, assuming that the clients are issuing an active open, allocates the
necessary resources. The TCP server then sends the SYN + ACK segments to the
fake clients, which are lost.

During this short period of time, the number of SYN segments is large, the server
eventually runs out of resources and may be unable to accept connection
requests from valid clients.

SYN flooding attack belongs to a group of security attacks known as a denial of

service attack.

TCP/IP Protocol Suite 48

 SYN Flooding Attack

Some implementations of TCP have strategies to alleviate the effect of a SYN

attack.
Some have imposed a limit of connection requests during a specified period of
time.
Others try to filter out datagrams coming from unwanted source addresses.

One recent strategy is to postpone resource allocation until the server can verify
that the connection request is coming from a valid IP address, by using what is
called a cookie.

TCP/IP Protocol Suite 49

 Data Transfer
After connection is established, bidirectional data transfer can take place.

The client and server can send data and acknowledgments in both directions.

The acknowledgment is piggybacked with the data.

TCP/IP Protocol Suite 50

 Data Transfer
Example : after a connection is established, the client sends 2,000 bytes of data
in two segments.

server then sends 2,000 bytes in one segment. The client sends one more
segment.

First three segments carry both data and acknowledgment.

Last segment carries only an acknowledgment because there is no more data to
be sent.

The data segments sent by the client have the PSH (push) flag set so that the
server TCP tries to deliver data to the server process as soon as they are
received.

The segment from the server, does not set the push flag.

TCP/IP Protocol Suite 51

 Figure 15.10 Data Transfer

Pushing data
Urgent data

Connection Termination

TCP/IP Protocol Suite 52

 Pushing Data

Sending TCP uses a buffer to store the stream of data coming from the sending
process. The sending TCP can select the segment size.

Receiving TCP also buffers the data when they arrive and delivers them to the
receiving process when receiving process is ready or when it is convenient for the
receiving TCP.

This type of flexibility increases the efficiency of TCP.

There are occasions in which the application program has no need for this
flexibility.
Example : consider an application program that communicates interactively with
another application program on the other end.
The application program on one site wants to send a keystroke to the application
at the other site and receive an immediate response.
Delayed transmission and delayed delivery of data may not be acceptable by the
application program.

TCP/IP Protocol Suite 53

 Pushing Data (cont)

TCP can handle such a situation. The application program at the sender can
request a push operation.

• This means that the sending TCP must not wait for the window to be filled. It
must create a segment and send it immediately.

• Sending TCP must also set the push bit (PSH) to let the receiving TCP know
that the segment includes data that must be delivered to the receiving
application program as soon as possible.

Although the push operation can be requested by the application program, most
current TCP implementations ignore such requests.

TCP/IP Protocol Suite 54

 Urgent Data

There are occasions in which an application program needs to send urgent bytes.

The solution is to send a segment with the URG bit set.

The sending application program tells the sending TCP that the piece of data is
urgent. The sending TCP creates a segment and inserts the urgent data at the
beginning of the segment. The rest of the segment can contain normal data from
the buffer. The urgent pointer field in the header defines the end of the urgent
data (the last byte of urgent data).

When the receiving TCP receives a segment with the URG bit set, it informs the
receiving application of the situation.

It is then to the discretion of the receiving program to take an action.

TCP/IP Protocol Suite 55

 Connection Termination

Any of the two parties involved in exchanging data (client or server) can close the
connection, although it is usually initiated by the client.

Most implementations today allow two options for connection termination:

• Three-way handshaking and
• Four-way handshaking with a half-close option.

TCP/IP Protocol Suite 56

 Three-Way Handshaking

three-way handshaking for connection termination.

1. In a common situation, the client TCP, after receiving a close command from
the client process, sends the first segment, a FIN segment in which the FIN flag is
set.
• FIN segment can include the last chunk of data sent by the client or it can be
just a control segment.

TCP/IP Protocol Suite 57

 Note

The FIN segment consumes one

sequence number if it does
not carry data.

TCP/IP Protocol Suite 58

 Three-Way Handshaking

2. The server TCP, after receiving the FIN segment, informs its process of the
situation and sends the second segment, a FIN+ACK segment and at the same
time to announce the closing of the connection in the other direction.
• This segment can also contain the last chunk of data from the server.

TCP/IP Protocol Suite 59

 Three-Way Handshaking

3. The client TCP sends the last segment, an ACK segment, to confirm the receipt
of the FIN segment from the TCP server.
• This segment contains the acknowledgment number, which is one plus the
sequence number received in the FIN segment from the server.
• This segment cannot carry data and consumes no sequence numbers.

TCP/IP Protocol Suite 60

 Figure 15.11 Connection termination using three-way handshake

TCP/IP Protocol Suite 61

 Half-Close

In TCP, one end can stop sending data while still receiving data. This is called a
half close.

Either the server or the client can issue a half-close request.

It can occur when the server needs all the data before processing can begin.

A good example is sorting.

• When the client sends data to the server to be sorted, the server needs to receive all
the data before sorting can start.
• This means the client, after sending all data, can close the connection in the client-to-
server direction.
• However, the server-to-client direction must remain open to return the sorted data.
• The server, after receiving the data, still needs time for sorting; its outbound direction
must remain open.

TCP/IP Protocol Suite 62

 Half-Close
Figure shows an example of a half-close. The data transfer from the client to the
server stops.

The client half-closes the connection by sending a FIN segment. The server
accepts the half-close by sending the ACK segment.

The server, can still send data. When the server has sent all of the processed data,
it sends a FIN segment, which is acknowledged by an ACK from the client.

After half closing the connection, data can travel from the server to the client and
acknowledgments can travel from the client to the server.

The second segment (ACK) consumes no sequence number. Although the client has received
sequence number y − 1 and is expecting y, the server sequence number is still y − 1.
When the connection finally closes, the sequence number of the last ACK segment is still x,
because no sequence numbers are consumed during data transfer in that direction.

TCP/IP Protocol Suite 63

 Figure 15.12 Half-Close

TCP/IP Protocol Suite 64

 Connection Reset
• TCP at one end may deny a connection request, may abort an existing
connection, or may terminate an idle connection.
• All of these are done with the RST (reset) flag.

Denying a Connection
• Suppose the TCP on one side has requested a connection to a nonexistent port.
• TCP on the other side may send a segment with its RST bit set to deny the request.

Aborting a Connection
• One TCP may want to abort an existing connection due to an abnormal situation.
• It can send an RST segment to close the connection.

TCP/IP Protocol Suite 65

 15-5 STATE TRANSITION DIAGRAM

To keep track of all the different events happening during connection

establishment, connection termination, and data transfer, TCP is specified
as the finite state machine.

TCP/IP Protocol Suite 66

 Figure 15.13 State transition diagram

(half-close) 67
TCP/IP Protocol Suite
 Figure 15.13 State transition diagram

Figure shows 2 FSMs used by the TCP client and server combined in one diagram.

dotted black lines : represent the transition that a server normally goes through;
solid black lines : show the transitions that a client normally goes through.

In some situations, a server transitions through a solid line or a client transitions

through a dotted line.

Colored lines show special situations.

Oval marked ESTABLISHED is in fact two sets of states, a set for the client and
another for the server.

TCP/IP Protocol Suite 68

TCP/IP Protocol Suite 69