Chapter 7 - Transmission Control Protocol

(TCP)

ITT420
Network & System Administration

Adapted from : TCP/IP Protocol Suite 3 rd Edition by Behrouz A. Forouzan

Summarized by: Nor Adora Endut, FSKM, UiTM
Chapter Outline
 TCP Features
 TCP Header Fields
 TCP Connections
 Flow Control
 Error Recovery
 TCP and UDP Functional Comparison
 Popular TCP/IP Applications
Position of TCP in TCP/IP Protocol Suite
TCP Service
 Full-Duplex Communication
 TCP offers full-duplex service, where data can flow in both
directions at the same time
 Connection-Oriented Service
 The two TCPs establish a connection between them
 Data are exchanged in both directions
 The connection is terminated
TCP Service
 Reliable Service
 TCP is a reliable transport protocol
 It uses an acknowledgment mechanism to check the safe arrival
of data
 Lost segments are resent so the data is received complete
TCP Features
 Numbering System
 Flow Control
 Error Control
 Congestion Control
TCP Features
 Numbering System
 In the TCP segment, the sequence number and the
acknowledgment number fields keeps track of the segments
being transmitted or received
 They refer to the byte number
TCP Features
 Numbering System
 Byte Number
 TCP numbers all data bytes that are transmitted in connection
 Numbering is independent in each direction
 When TCP receives bytes of data from a process it stores them in the
sending buffer and numbers them
 TCP generates a random number between 0 and 232 - 1 for the number
of the first byte

The bytes of data being transferred in each connection are numbered by TCP.
The numbering starts with a randomly generated number.
TCP Features
 Numbering System
 Sequence Number
 After the bytes have been numbered, TCP assigns a sequence number
to each segment that is being sent
 The sequence number for each segment is the number of the first
byte carried in that segment
 Example
Suppose a TCP connection is transferring a file of 5000 bytes. The
first byte is numbered 10001. What are the sequence numbers for each
segment if data is sent in five segments, each carrying 1000 bytes?

The value in the sequence number field of a segment defines the

number of the first data byte
contained in that segment.
TCP Features
 Numbering System
 Sequence Number
 Solution
Segment 1 → Sequence Number: 10,001 (range: 10,001 to 11,000)
Segment 2 → Sequence Number: 11,001 (range: 11,001 to 12,000)
Segment 3 → Sequence Number: 12,001 (range: 12,001 to 13,000)
Segment 4 → Sequence Number: 13,001 (range: 13,001 to 14,000)
Segment 5 → Sequence Number: 14,001 (range: 14,001 to 15,000)
TCP Features
 Numbering System
 Acknowledgment Number
 Acknowledgment number is used to confirm that the bytes has been
received
 The number also defines the number of the next byte that the receiving
party expects to receive
 The acknowledgment number is cumulative

The value of the acknowledgment field in a segment defines

the number of the next byte a party expects to receive.
The acknowledgment number is cumulative.
TCP Features
 Flow Control
 TCP provides flow control
 The receiver of the data controls how much data are to be sent
by the sender
 This is done to prevent the receiver from being overwhelmed
with data
TCP Features
 Error Control
 TCP implements an error control mechanism to provide reliable
service
 Error control in TCP is achieved through use of three simple
techniques:
 Checksum
 Acknowledgement
 Retransmission
 Congestion Control
 TCP takes into account congestion in the network
 The amount of data sent by the sender is not only controlled by
the receiver but also by the level of congestion in the network
TCP Segment
 A packet in TCP is called a segment
TCP Segment
 The segment consists of a 20 to 60 byte header
 Source port address
 16 bits
 Defines the port number of the application program in the source host
 Destination port address
 16 bits
 Defines the port number of the application program in the destination
host
TCP Segment
 Sequence number
 32 bits
 Defines the number assigned to the first byte of data contained in this
segment
 During connection establishment each party uses a random number
generator to create an initial sequence number (ISN) which is
usually different in each direction
TCP Segment
 Acknowledgment Number
 32 bits
 Defines the number that the receiver of the segment is expecting to
receive from the other party
 If the receiver of the segment has successfully received byte number x
from the other party, it defines x+1 as the acknowledgment number
 Header length
 4 bits
 Indicates the number of 4-byte words in the TCP header
TCP Segment
 Reserved
 Control
 Defines 6 different control bits or flags
TCP Segment
 Control
 The Control field enables flow control, connection establishment and
termination, connection abortion and the mode of data transfer in TCP
TCP Segment
 Window size
 16 bits
 Defines the size of the window (in bytes) that the other party must
maintain (rwnd)
 Checksum
 16 bits
 Calculation of checksum is the same as UDP and inclusion is
mandatory
 Urgent pointer
 16 bits
 Is used when the segment contains urgent data
TCP Segment
TCP Segment
 Encapsulation
TCP Connection
 TCP is connection-oriented
 It establishes a virtual path between the source and
destination
 All of the segments belonging to a message are then sent
over this virtual path
 In TCP, connection-oriented transmission requires three
phases
 Connection establishment
 Data transfer
 Connection termination
TCP Connection
 Connection establishment – 3-way handshaking
TCP Connection
 Connection establishment
 The server program tells its TCP that it is ready to accept a
connection (passive open)
 Although the server TCP is ready to accept any connection
from any machine it cannot make the connection itself
 The client program issues a request for an active open
TCP Connection
 Steps for 3-way handshaking
 The client sends the first segment, a SYN segment
 SYN segment is for synchronization of sequence numbers
 The SYN segment does not carry any data but it consumes 1
sequence number
 When data transfer starts, the sequence number is incremented by 1

A SYN segment cannot carry data, but it consumes one sequence number.
TCP Connection
 Steps for 3-way handshaking (cont)
 The server sends the second segment, a SYN + ACK segment
with 2 flag bits set – SYN and ACK
 The server needs to define the receiver window size

A SYN + ACK segment cannot

carry data, but does consume one
sequence number.

 The client sends the third segment, an ACK segment

 It acknowledges the receipt of the second segment
 The sequence no in this segment is the same as the SYN segment
 The client also needs to define the receiver window size

An ACK segment, if carrying no data, consumes no sequence number.

TCP Connection
 SYN Flooding Attack
 The connection establishment is vulnerable to SYN flooding
attack
 This happens when a malicious attacker sends a large number
of SYN segments to a server pretending that each of them is
coming from a different client by faking the source IP
addresses in the datagrams
TCP Connection
 Data Transfer
 After connection is established, bidirectional data transfer can
take place
 The client and server can send data and acknowledgments in
both directions
TCP Connection
 Data Transfer
TCP Connection
 Data Transfer
 Pushing Data
 There are occasions when the application program cannot wait for
delayed transmission
 The application program can request a push operation
 Urgent Data
 Sometimes an application program wants a piece of data to be read out
of order
 The application program can send a segment with the URG bit set
TCP Connection
 Connection Termination
 Connection termination can be done by 3-way handshaking or
4-way handshaking with a half-close option
 Any of the two parties involved can close the connection
TCP Connection
 3-way handshaking
 The client TCP sends the first segment, a FIN segment in which
the FIN flag is set
The FIN segment consumes one sequence number if it does
not carry data.

 The server TCP sends the second segment, a FIN + ACK

segment to confirm the receipt of the FIN segment
The FIN + ACK segment consumes one sequence number if it
does not carry data.

 The client TCP sends the last segment, an ACK segment to

confirm the receipt of the FIN segment from the server. This
segment contains the acknowledgment number
TCP Connection
 Connection Termination – 3-way handshaking
TCP Connection
 Half-close
 One end can stop sending data while still receiving data
 The client half-closes the connection by sending a FIN segment
 The server accepts it by sending the ACK segment
TCP Connection
 Connection Termination – half close
Flow Control
 Flow control regulates the amount of data a source can
send before receiving an acknowledgment from the
destination
 TCP defines a window that is imposed on the buffer of
data delivered from the application program and ready to
be sent
 The amount of data sent is defined by the sliding window
protocol
Flow Control
 Sliding Window Protocol
 A host uses a window for outbound communication
 The imaginary window has two walls: one left and one right
 The window is called a sliding window because the left and
right walls can slide
Flow Control
 Sliding Window Protocol
Flow Control
 Sliding Window Protocol
 The window is opened, closed or shrunk
 These activities are in the control of the receiver
 The size of the window at one end, is determined by the lesser
of two values: receiver window (rwnd) or congestion window
(cwnd)
 Receiver window – the number of bytes the other end can
accept before its buffer overflows
 Congestion window – value determined by the network to
avoid congestion
Flow Control
 Sliding Window Protocol
 Example
What is the value of the receiver window (rwnd) for Host
A if the receiver, Host B has a buffer of size 5000 bytes
and 1000 bytes of received and uncompressed data?
Flow Control
 Solution
The value of rwnd = 5000 – 1000 = 4000
Therefore, Host B can only receive 4000 bytes of data
before overflowing its buffer. Host B advertises this value
in its next segment.
Flow Control
 Example
What is the size of the window for Host A if the value of
the rwnd is 3000 bytes and the value of cwnd is 3500
bytes
 Solution
The size of the window is the smaller of rwnd and cwnd
Sliding Window Protocol
The server receives a packet with an acknowledgment
value of 202 and an rwnd of 9. The host has already sent
bytes 203, 204, and 205. The value of cwnd is still 20.
Show the new window.
Sliding Window Protocol
Sliding Window Protocol
Some points about TCP’s sliding windows:
❏ The size of the window is the lesser of rwnd and cwnd.
❏ The source does not have to send a full window’s
worth of data.
❏ The window can be opened or closed by the receiver,
but should not be shrunk.
❏ The destination can send an acknowledgment at any
time as long as it does not result in a shrinking window.
❏ The receiver can temporarily shut down the window;
the sender, however, can always send a segment of one
byte after the window is shut down.
Error Control
 Mechanism for detecting corrupted segments, lost
segments, out-of-order segments and duplicated segments
 Use 3 tools
 Checksum
 Acknowledgment
 Time-out
Error Control
 Checksum
 Each segment includes a checksum field which is used to check
for a corrupted segment
 If the segment is corrupted, it is discarded by the destination
TCP and is considered lost
 Acknowledgment
 Acknowledgment is used to confirm the receipt of data
segments
 Control segments that carry no data but consume a sequence no
are also acknowledge
Error Control
 Time-out
 When a retransmission timer expires (time-out) retransmission
of the segment is carried out
 The source TCP starts one retransmission time-out (RTO) time
for each segment sent
 When the time matures, the corresponding segment is
considered to be either corrupted or lost and the segment is
retransmitted
 Retransmission is also done after three duplicate ACK
segments
Congestion Control
 A congestion in a network may occur if the load on the
network is greater than the capacity of the network
 Congestion control refers to the mechanisms and
techniques to control the congestion and keep the load
below the capacity
 Open loop
 Closed loop
Congestion Control
 Open-Loop Congestion Control
 Prevent congestion before it happens
 Closed-Loop Congestion Control
 Alleviate congestion after it happens
 Congestion Window
 The network’s ability to send data
 Congestion Policy
 Slow start
 Congestion avoidance
 Congestion detection
Congestion Control
 Slow start
 Exponential increase
 The sender starts with a very slow rate of transmission
 It increases rapidly until it reaches a limit and then the data rate
is reduced to avoid congestion
 The size of the congestion window increases exponentially
Congestion Control
Congestion Control
 Slow start
Start  cwnd = 1
After 1 RTT  cwnd = 1 x 2 = 2  21
After 2 RTT  cwnd = 2 x 2 = 4  22
After 3 RTT  cwnd = 4 x 2 = 4  23
Congestion Control
 Congestion avoidance
 Additive increase
 Instead of increasing exponentially, it increases additively

Start  cwnd = 1
After 1 RTT  cwnd = 1+1=2
After 2 RTT  cwnd = 2+1=3
After 3 RTT  cwnd = 3+1=4
Congestion Control
Congestion Control
 Congestion avoidance
 When the limit of the slow start is reached, the additive phase
starts
 Each time a window of segments is acknowledged, the size of
the congestion window is increased by one
Congestion Control
 Congestion Detection
 Multiplicative decrease
 When congestion occurs, the congestion window size must be
decrease
 The size of the threshold (limit) is dropped to half
 If detection is by time-out, a new slow start phase starts
 If detection is by three ACKs, a new congestion avoidance
phase starts