TCPV1
TCPV1
Allows the sending process to deliver data as a stream of bytes and allows the
receiving process to obtain data as a stream of bytes.
Sending process produces (writes to) the stream of bytes and the receiving
process consumes (reads from) them.
Because the sending and the receiving processes may not necessarily write or
read data at the same rate, TCP needs buffers for storage.
There are two buffers, the sending buffer and the receiving buffer, one for each
direction.
Buffers are also necessary for flow- and error-control mechanisms used by TCP.
Shows two buffers of 20 bytes each; normally the buffers are hundreds or
thousands of bytes.
Also show the buffers as the same size, which is not always the case.
Stream of bytes
white section : contains empty chambers that can be filled by the sending process.
colored area : holds bytes that have been sent but not yet acknowledged.
TCP may be able to send only part of this shaded section. This could be due to
the slowness of the receiving process, or congestion in the network.
white area : contains empty chambers to be filled by bytes received from the
network.
colored sections : contain received bytes that can be read by the receiving
process.
Segments
TCP groups a number of bytes together into a packet called a segment.
Figure shows one segment carrying 3 bytes and the other carrying 5 bytes.
Segment N Segment 1
H H
TCP/IP Protocol Suite 10
Full-Duplex Communication
TCP offers full-duplex service, where data can flow in both directions at the
same time.
Each TCP endpoint then has its own sending and receiving buffer, and
segments move in both directions.
When a process at site A wants to send to and receive data from another
process at site B, the following three phases occur:
Reliable Service
Instead, there are 2 fields called sequence number and acknowledgment number.
These two fields refer to a byte number and not a segment number.
TCP numbers all data bytes (octets) that are transmitted in a connection.
When TCP receives bytes of data from a process, TCP stores them in the
sending buffer and numbers them.
TCP chooses an arbitrary number between 0 and 232− 1 for the number
of the first byte.
If the number happens to be 1,057 and the total data to be sent is 6,000
bytes, the bytes are numbered from 1,057 to 7,056.
After the bytes have been numbered, TCP assigns a sequence number to
each segment that is being sent.
Sequence number for each segment is the number of the first byte of
data carried in that segment.
Solution
The following shows the sequence number for each segment:
If a segment does not carry user data, it does not logically define a
sequence number. The field is there, but the value is not valid.
Each party numbers the bytes, usually with a different starting byte number.
Each party also uses an acknowledgment number to confirm the bytes it has
received.
The acknowledgment number defines the number of the next byte that the party
expects to receive.
Error Control
• To provide reliable service, TCP implements an error control mechanism.
• Although error control considers a segment as the unit of data for error detection (loss
or corrupted segments), error control is byte-oriented
Congestion Control
• TCP, takes into account congestion in the network.
• The amount of data sent by a sender is not only controlled by the receiver (flow control),
but is also determined by the level of congestion, if any, in the network.
Sequence number.
• Defines the number assigned to the first byte of data contained in this segment.
• During connection establishment each party uses a random number generator to
create an initial sequence number (ISN), which is usually different in each
direction.
Acknowledgment number.
• This 32-bit field defines the byte number that the receiver of the segment is
expecting to receive from the other party.
• If the receiver of the segment has successfully received byte number x from the
other party, it returns x + 1 as the acknowledgment number.
• Acknowledgment and data can be piggybacked together.
Control.
• Defines 6 different control bits or flags.
• One or more of these bits can be set at a time. These bits enable flow control,
connection establishment and termination, connection abortion, and the mode
of data transfer in TCP.
Checksum.
• This 16-bit field contains the checksum.
• The use of the checksum in the UDP datagram is optional, whereas the use of the
checksum for TCP is mandatory.
• The same pseudoheader, serving the same purpose, is added to the segment.
• For the TCP pseudoheader, the value for the protocol field is 6.
A TCP segment encapsulates the data received from the application layer.
IP
header
Frame
header
TCP payload
IP payload
Data-link layer payload
TCP uses the services of IP to deliver individual segments to the receiver, but it
controls the connection itself.
When two TCPs in two machines are connected, they are able to send
segments to each other simultaneously.
Each party must initialize communication and get approval from the other party
before any data are transferred.
The server program tells its TCP that it is ready to accept a connection. This
request is called a passive open. It cannot make the connection itself.
The client program issues a request for an active open. A client that wishes to
connect to an open server tells its TCP to connect to a particular server.
Each segment has values for all its header fields. Here shows only the few fields
necessary to understand each phase.
1. The client sends the first segment, a SYN segment, in which only the SYN flag
is set. This segment is for synchronization of sequence numbers.
Client chooses a random number as the first sequence number and sends this
number to the server. This is called the initial sequence number (ISN).
This segment does not contain an acknowledgment number. It does not define
the window size either; a window size definition makes sense only when a
segment includes an acknowledgment.
2. The server sends the second segment, a SYN + ACK segment with two flag
bits set: SYN and ACK. This segment has a dual purpose.
First, it is a SYN segment for communication in the other direction. The server
uses this segment to initialize a sequence number for numbering the bytes sent
from the server to the client.
The server also acknowledges the receipt of the SYN segment from the client by
setting the ACK flag and displaying the next sequence number it expects to
receive from the client.
3. The client sends the third segment. This is just an ACK segment. It
acknowledges the receipt of the second segment with the ACK flag and
acknowledgment number field.
Sequence number in this segment is the same as the one in the SYN segment;
the ACK segment does not consume any sequence numbers.
Some implementations allow this third segment in the connection phase to carry the first chunk of data from the client.
In this case, the third segment must have a new sequence number showing the byte number of the first byte in the
data.
The third segment usually does not carry data and consumes no sequence numbers.
TCP/IP Protocol Suite 45
Note
seq: 8000
UAPRS F
SYN
seq: 15000
ack: 8001
nd: 5000
U A P R S F rw
SYN + ACK
seq: 8000
ack: 15001
UAPRS F
rwnd: 10000
ACK
Means “no data” !
seq: 8001 if piggybacking
TCP/IP Protocol Suite 47
SYN Flooding Attack
The connection establishment procedure in TCP is susceptible to a serious
security problem called SYN flooding attack.
This happens when one or more malicious attackers send a large number of SYN
segments to a server pretending that each of them is coming from a different
client by faking the source IP addresses in the datagrams.
The server, assuming that the clients are issuing an active open, allocates the
necessary resources. The TCP server then sends the SYN + ACK segments to the
fake clients, which are lost.
During this short period of time, the number of SYN segments is large, the server
eventually runs out of resources and may be unable to accept connection
requests from valid clients.
One recent strategy is to postpone resource allocation until the server can verify
that the connection request is coming from a valid IP address, by using what is
called a cookie.
The client and server can send data and acknowledgments in both directions.
server then sends 2,000 bytes in one segment. The client sends one more
segment.
The data segments sent by the client have the PSH (push) flag set so that the
server TCP tries to deliver data to the server process as soon as they are
received.
The segment from the server, does not set the push flag.
Pushing data
Urgent data
Connection Termination
Sending TCP uses a buffer to store the stream of data coming from the sending
process. The sending TCP can select the segment size.
Receiving TCP also buffers the data when they arrive and delivers them to the
receiving process when receiving process is ready or when it is convenient for the
receiving TCP.
There are occasions in which the application program has no need for this
flexibility.
Example : consider an application program that communicates interactively with
another application program on the other end.
The application program on one site wants to send a keystroke to the application
at the other site and receive an immediate response.
Delayed transmission and delayed delivery of data may not be acceptable by the
application program.
TCP can handle such a situation. The application program at the sender can
request a push operation.
• This means that the sending TCP must not wait for the window to be filled. It
must create a segment and send it immediately.
• Sending TCP must also set the push bit (PSH) to let the receiving TCP know
that the segment includes data that must be delivered to the receiving
application program as soon as possible.
Although the push operation can be requested by the application program, most
current TCP implementations ignore such requests.
There are occasions in which an application program needs to send urgent bytes.
The sending application program tells the sending TCP that the piece of data is
urgent. The sending TCP creates a segment and inserts the urgent data at the
beginning of the segment. The rest of the segment can contain normal data from
the buffer. The urgent pointer field in the header defines the end of the urgent
data (the last byte of urgent data).
When the receiving TCP receives a segment with the URG bit set, it informs the
receiving application of the situation.
Any of the two parties involved in exchanging data (client or server) can close the
connection, although it is usually initiated by the client.
1. In a common situation, the client TCP, after receiving a close command from
the client process, sends the first segment, a FIN segment in which the FIN flag is
set.
• FIN segment can include the last chunk of data sent by the client or it can be
just a control segment.
2. The server TCP, after receiving the FIN segment, informs its process of the
situation and sends the second segment, a FIN+ACK segment and at the same
time to announce the closing of the connection in the other direction.
• This segment can also contain the last chunk of data from the server.
3. The client TCP sends the last segment, an ACK segment, to confirm the receipt
of the FIN segment from the TCP server.
• This segment contains the acknowledgment number, which is one plus the
sequence number received in the FIN segment from the server.
• This segment cannot carry data and consumes no sequence numbers.
In TCP, one end can stop sending data while still receiving data. This is called a
half close.
It can occur when the server needs all the data before processing can begin.
The client half-closes the connection by sending a FIN segment. The server
accepts the half-close by sending the ACK segment.
The server, can still send data. When the server has sent all of the processed data,
it sends a FIN segment, which is acknowledged by an ACK from the client.
After half closing the connection, data can travel from the server to the client and
acknowledgments can travel from the client to the server.
The second segment (ACK) consumes no sequence number. Although the client has received
sequence number y − 1 and is expecting y, the server sequence number is still y − 1.
When the connection finally closes, the sequence number of the last ACK segment is still x,
because no sequence numbers are consumed during data transfer in that direction.
Denying a Connection
• Suppose the TCP on one side has requested a connection to a nonexistent port.
• TCP on the other side may send a segment with its RST bit set to deny the request.
Aborting a Connection
• One TCP may want to abort an existing connection due to an abnormal situation.
• It can send an RST segment to close the connection.
(half-close) 67
TCP/IP Protocol Suite
Figure 15.13 State transition diagram
Figure shows 2 FSMs used by the TCP client and server combined in one diagram.
dotted black lines : represent the transition that a server normally goes through;
solid black lines : show the transitions that a client normally goes through.
Oval marked ESTABLISHED is in fact two sets of states, a set for the client and
another for the server.