TCP - Part I

Relates to Lab 5. First module on TCP which covers packet format, data transfer, and connection management.

Overview
TCP = Transmission Control Protocol Connection-oriented protocol Provides a reliable unicast end-to-end byte stream over an unreliable internetwork.
Byte Stream Byte Stream

TCP

TCP

IP Internetwork

Connection-Oriented
Before any data transfer, TCP establishes a connection: One TCP entity is waiting for a connection (server) The other TCP entity (client) contacts the server The actual procedure for setting up connections is more complex. SERVER Each connection is CLIENT Request a co nnection full duplex
Accept a c onnection

waiting for connection request

Data Transer

Disconnect

Reliable
Byte stream is broken up into chunks which are called segments Receiver sends acknowledgements (ACKs) for segments TCP maintains a timer. If an ACK is not received in time, the segment is retransmitted Detecting errors: TCP has checksums for header and data. Segments with invalid checksums are discarded Each byte that is transmitted has a sequence number
4

Byte Stream Service

To the lower layers, TCP handles data in blocks called segments. To the higher layers TCP handles data as a sequence of bytes and does not identify boundaries between bytes So: Higher layers do not know about the beginning and end of segments !
Application
1. write 100 bytes 2. write 20 bytes

Application
1. read 40 bytes 2. read 40 bytes 3. read 40 bytes

TCP

queue of bytes to be transmitted

Segments

TCP

queue of bytes that have been received

TCP Format
TCP segments have a minimum 20 byte header with >= 0 bytes of data.
IP header
20 bytes 0 Source Port Number

TCP header
20 bytes 15 16

TCP data

31

Destination Port Number

Sequence number (32 bits)

20 bytes

Acknowledgement number (32 bits)

header length 0

Flags

window size urgent pointer

TCP checksum

Options (if any) DATA

TCP header fields

Port Number: A port number identifies the endpoint of a connection. A pair <IP address, port number> identifies one endpoint of a connection. Two pairs <client IP address, server port number> and <server IP address, server port number> identify a TCP connection.
Applications Applications

Ports:

23 80 104 TCP IP

80 16 TCP IP

Ports:

TCP header fields

Sequence Number (SeqNo): Sequence number is 32 bits long. So the range of SeqNo is
0 <= SeqNo <= 232 -1 4.3 Gbyte

Each sequence number identifies a byte in the byte stream Initial Sequence Number (ISN) of a connection is set during connection establishment

TCP header fields

Acknowledgement Number (AckNo): Acknowledgements are piggybacked, I.e a segment from A -> B can contain an acknowledgement for a segment sent in the B -> A direction. A hosts uses the AckNo field to send acknowledgements.
(If a host sends an AckNo in a segment it sets the ACK flag)

The AckNo contains the next SeqNo that a hosts wants to receive Example: The acknowledgement for a segment with sequence number 0 and 1500 data bytes is AckNo=1500+1
9

TCP header fields

Acknowledge Number (contd) TCP uses the sliding window flow protocol to regulate the flow of traffic from sender to receiver TCP uses the following variation of sliding window:
no NACKs (Negative ACKnowledgement) only cumulative ACKs

Example: Assume: Sender sends two segments with 0..1500 and 1501..3000, but receiver only gets the second segment. In this case, the receiver cannot acknowledge the second packet. It can only send AckNo=0+1

10

TCP header fields

Header Length ( 4bits): Length of header in 32-bit words Note that TCP header has variable length (with minimum 20 bytes)

11

TCP header fields

Flag bits: URG: Urgent pointer is valid
If the bit is set, the following bytes contain an urgent message in the range:
SeqNo <= urgent message <= SeqNo+urgent pointer

ACK: Acknowledgement Number is valid PSH: PUSH Flag

Notification from sender to the receiver that the receiver should pass all data that it has to the application. Normally set by sender when the senders buffer is empty

12

TCP header fields

Flag bits: RST: Reset the connection
The flag causes the receiver to reset the connection Receiver of a RST terminates the connection and indicates higher layer application about the reset

SYN: Synchronize sequence numbers

Sent in the first packet when initiating a connection

FIN: Sender is finished with sending

Used for closing a connection Both sides of a connection must send a FIN

13

TCP header fields

Window Size: Each side of the connection advertises the window size Window size is the maximum number of bytes that a receiver can accept. Maximum window size is 216-1= 65535 bytes TCP Checksum: TCP checksum covers TCP segment and IP pseudo header (see discussion on UDP). Urgent Pointer: Only valid if URG flag is set

14

TCP header fields

Options:
End of Options

kind=0
1 byte

NOP (no operation)

kind=1
1 byte

Maximum Segment Size

kind=2
1 byte

len=4
1 byte

maximum segment size

2 bytes

Window Scale Factor

kind=3
1 byte

len=3
1 byte

shift count
1 byte

Timestamp

kind=8
1 byte

len=10
1 byte

timestamp value
4 bytes

timestamp echo reply

4 bytes

15

TCP header fields

Options: NOP is used to pad TCP header to multiples of 4 bytes Maximum Segment Size Window Scale Options
Increases the TCP window from 16 to 32 bits This option can only be used in the SYN segment (first segment) during connection establishment time

Timestamp Option
Can be used for roundtrip measurements

16

Connection Management in TCP

Opening a TCP Connection Closing a TCP Connection Special Scenarios State Diagram

17

TCP Connection Establishment

TCP uses a three-way handshake to open a connection: (1) ACTIVE OPEN: Client sends a segment with
SYN bit set port number of client initial sequence number (ISN) of client

(2) PASSIVE OPEN: Server responds with a segment with

SYN bit set initial sequence number of server ACK for ISN of client

(3) Client acknowledges by sending a segment with:

ACK ISN of server

18

Three-Way Handshake

aida.poly.edu

mng.poly.edu

SYN (Seq

No = x)

o=x+1) N k c A , y = o N SYN (Seq

(SeqNo = x

+1, AckNo =

y+1)

19

A Closer Look with tcpdump

aida issues an "telnet mng"
aida.poly.edu mng.poly.edu
1 aida.poly.edu.1121 > mng.poly.edu.telnet: S 1031880193:1031880193(0) win 16384 <mss 1460,nop,wscale 0,nop,nop,timestamp> 2 mng.poly.edu.telnet > aida.poly.edu.1121: S 172488586:172488586(0) ack 1031880194 win 8760 <mss 1460> 3 aida.poly.edu.1121 > mng.poly.edu.telnet: . ack 172488587 win 17520 4 aida.poly.edu.1121 > mng.poly.edu.telnet: P 1031880194:1031880218(24) ack 172488587 win 17520 5 mng.poly.edu.telnet > aida.poly.edu.1121: P 172488587:172488590(3) ack 1031880218 win 8736 6 aida.poly.edu.1121 > mng.poly.edu.telnet: P 1031880218:1031880221(3) ack 172488590 win 17520

20

Three-Way Handshake

aida.poly.edu
S 103188 0193:1031 880193(0) win 16384 <mss 146 0 , .. .> 8586(0) 8 4 2 7 :1 6 8 5 8 8 S 1724 <mss 1460> 0 6 7 8 in w 4 9 1 ack 1031880

mng.poly.edu

ack 172488

587 win 175

20

21

Why is a Two-Way Handshake not enough?

aida.poly.edu S 1031 880193 :10318 win 16 384 <m 80193(0) ss 146 0, ...> S 1532 211235 win 163 4:1532211235 4 84 < ms s 1460, (0) ...> 86(0) 5 8 8 4 :172 6 8 5 8 48 460> 2 1 7 s 1 s S 0 <m 6 7 8 w in

mng.poly.edu The red line is a delayed duplicate packet.

Will be discarded as a duplicate SYN

When aida initiates the data transfer (starting with SeqNo=15322112355), mng will reject all data.
22

TCP Connection Termination

Each end of the data flow must be shut down independently (half-close) If one end is done it sends a FIN segment. This means that no more data will be sent

Four steps involved: (1) X sends a FIN to Y (active close) (2) Y ACKs the FIN,
(at this time: Y can still send data to X)

(3) and Y sends a FIN to X (passive close) (4) X ACKs the FIN.
23

Connection termination with tcpdump

aida issues an "telnet mng"
aida.poly.edu mng.poly.edu

1 mng.poly.edu.telnet > aida.poly.edu.1121: F 172488734:172488734(0) ack 1031880221 win 8733 2 aida.poly.edu.1121 > mng.poly.edu.telnet: . ack 172488735 win 17484 3 aida.poly.edu.1121 > mng.poly.edu.telnet: F 1031880221:1031880221(0) ack 172488735 win 17520 4 mng.poly.edu.telnet > aida.poly.edu.1121: . ack 1031880222 win 8733

24

TCP Connection Termination

aida.poly.edu
F 172488734:172488734(0) ack 1031880221 win 8733 . ack 1 7 2488735 win 174 84

mng.poly.edu

F 10318 80221:1 0318802 ack 1 72 21(0) 488735 win 175 20

in 8733 w 2 2 2 0 8 8 1 3 0 . ack 1

25

TCP States
State CLOSED LISTEN SYN RCVD SYN SENT ESTABLISHED FIN WAIT 1 FIN WAIT 2 TIMED WAIT CLOSING CLOSE WAIT LAST ACK Description No connection is active or pending The server is waiting for an incoming call A connection request has arrived; wait for Ack The client ha s started to open a connection Normal data transfer state Client has said it is finished Server has agreed to release Wait for pending packets ( 2MSL wait state ) Both Sides have tried to close simultaneously Server has initiated a release Wait for pending packets

26

TCP States in Normal Connection Lifetime

SYN_SENT
(active open)

SYN (SeqNo = x)

LISTEN
(passive open)

y, AckN = o N q e (S N Y S

o=x+1)

SYN_RCVD

(AckNo = y + 1 )
ESTABLISHED ESTABLISHED FIN_WAIT_1 (active close) FIN_WAIT_2

FIN (SeqNo = m)

(AckNo = m+ 1 )
CLOSE_WAIT (passive close)

FIN (SeqNo = n )

TIME_WAIT

(AckNo =

LAST_ACK

n+1)
CLOSED

27

TCP State Transition Diagram Opening A Connection

CLOSED
passive open send: . / . close or timeout active open send: SYN

LISTEN
recv: RST recv: SYN send: SYN, ACK

Application sends data send: SYN

SYN RCVD
recvd: ACK send: . / . send: FIN recvd: FIN

simultaneous open recv: SYN send: SYN, ACK

SYN SENT
recv: SYN, ACK send: ACK

ESTABLISHED
send: FIN

28

TCP State Transition Diagram Closing A Connection

active close send: FIN

ESTABLISHED
recv: FIN send: ACK

passive close recv: FIN send: ACK

FIN_WAIT_1
recv: ACK send: . / .

CLOSING
recvd: ACK send: . / .

CLOSE_WAIT
application closes send: FIN

recv: FIN, ACK send: ACK

LAST_ACK

FIN_WAIT_2

recv: FIN send: ACK

TIME_WAIT
Timeout (2 MSL) recv: ACK send: . / .

CLOSED
29

2MSL Wait State

2MSL Wait State = TIME_WAIT When TCP does an active close, and sends the final ACK, the connection must stay in in the TIME_WAIT state for twice the maximum segment lifetime. 2MSL= 2 * Maximum Segment Lifetime Why? TCP is given a chance to resend the final ACK. (Server will timeout after sending the FIN segment and resend the FIN) The MSL is set to 2 minutes or 1 minute or 30 seconds.

30

Resetting Connections
Resetting connections is done by setting the RST flag When is the RST flag set? Connection request arrives and no server process is waiting on the destination port Abort (Terminate) a connection Causes the receiver to throw away buffered data. Receiver does not acknowledge the RST segment

31