This is my study and summary of RFC 793 - Transmission Control Protocol. This reflects my understanding, which might not be completely accurate. For a more reliable source, consult the RFC itself.
Introduction
Purpose
TCP (Transmission Control Protocol) is meant to provide reliable host to host network communication in packet switched environments.
Packet switching
Packet switching basically means that data is communicated in discrete units with clear boundaries. Packet is a generic name for these units, but each protocol may define a specific term for what it deems a packet. TCP often calls them segments.
Reliability
The TCP specification assumes that its operating in an unreliable medium. This medium could use any protocol for which an interface is provided, but the RFC assumes that TCP will be encapsulated by IP (RFC 791) in most cases. The rest of this document will also assume encapsulation by IP for simplicity.
To provide reliability, TCP must be able to recover from data that is damaged, lost, duplicated, or received out-of-order. Reliability amidst these factors is achieved through the use of checksums, acknowledgements, timeouts and sequence numbers. How these mechanisms work will be explained later in this document.
Abstraction
Think of TCP as some core logic sandwiched between two interfaces. There is an interface to some lower level protocol (usually IP) and an interface to a higher level abstraction. This higher level abstraction will almost always be an operating system process. The core logic between these interfaces is what ensures reliability by managing the acknowledgement of data receipt and data re-transmission.
Multiplexing
TCP uses ports as an adressing mechanism. This port is concatenated with the address of the lower protocol. In the case of IP, this could look like 10.0.0.2:443, where 443 is the TCP port. The full concatenation of these two is called a socket. Each connection requires two sockets. A socket may be used in multiple connections.
Each process can therefore use its one socket to connect to multiple other sockets. Each resulting socket pair is then a connection.
Connections
A connection does not just consist of a pair of sockets. Those are used to ID the connection, but there is more: It also needs certain status information for each data stream. This includes the sequence numbers, windows sizes, etc.
Philosophy
TCP receives buffers from OS processes. It packages these buffers into segments and passes those segments on to IP for further packaging and transmission. In the opposite direction, TCP can receive segments from the IP stack. It puts these segments into its receive buffer and notifies the OS process.
TCP communicates with an OS process using the TCP/User interface, which consists of these calls:
- OPEN
- CLOSE
- SEND
- RECEIVE
- STATUS
Communication with IP protocol uses the TCP/IP interface, which has these calls:
- SEND
- RECEIVE
Reliable Communication
Transmission is made reliable via the use of sequence numbers and acknowledgments. Each octet is assigned a sequence number. The sequence number of the first octet in a segment is transmitted with the segment.
Segments also carry an acknowledgement number. The acknowledgement number is the next expected sequence number in the opposite direction.
When a segment is sent, it gets put on the retransmission queue and a timer is started for the segment. If it times out, the segment is resent.
If a received segment contains an ack number greater than the last octet on the retransmission queue, then that segment on the retransmission queue is deleted.
ACK doesn’t mean that the user has seen the data. Only that the TCP on the other end has taken the responsibility to do so. This could mean by putting that segment on its buffer and notifying the user.
Connection Establishment and Clearing
TCP provides a port identifier to identify separate streams. They might not be unique. Alongside an IP address or other address from the lower protocol, they form a socket, which must be unique.
Every connection can be uniquely identified by its two socket pairs. One for each party in the communication.
The OPEN call takes local port and foreign socket arguments. TCP provides a short connection name in return. Each connection has a Transmission Control Block data structure to track control information about the connection. The open call also has an option to specify whether the connection should be actively pursued or whether the process should wait for an incoming connection request.
If a server would like to wait for connections from any address, they can use a foreign socket of all zeroes.
Two processes which issue active OPENs to each other at the same time will be correctly connected.
A socket may have several passive OPEN calls as long as their sockets are different. If an active open comes from a socket, then an OPEN with that specific socket will match before the unspecified OPEN matches.
Establishing a connection utilise the TCP three-way handshake. The connection is established when sequence numbers have been synchronized in both directions on both sides.
Data Communication
Data on a connection is thought of as simply a stream of octets. Sender can specify a PUSH flag on the SEND call to specify that it must be immediately pushed through.
Without the PUSH flag, the sending TCP may wait and collect data to send at its own discretion. The PUSH flag is also sent to the receiver as a flag in the segment. It must respond by immediately buffering and notifying without waiting for more data.
push calls do not necessarily relate to segment boundaries. data in a segment may be from multiple collated send calls.
If the receiving TCP sees a push flag, it notifies the user regardless of whether the buffer is full.
TCP can also communicate that urgent data is coming further down the stream. TCP does not define what is done in response to this urgent flag, but the assumption is that the receiving TCP would do what it can to process the urgent data ASAP.
Header Format
TCP Header Format
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Port | Destination Port |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sequence Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Acknowledgment Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data | |U|A|P|R|S|F| |
| Offset| Reserved |R|C|S|S|Y|I| Window |
| | |G|K|H|T|N|N| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Checksum | Urgent Pointer |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Options | Padding |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| data |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Source Port: 16 bits
Destination Port: 16 bits
Sequence Number: 32 bits
Sequence number of the first data octet. If SYN is present the sequence number is equal to the initial sequence number (ISN) and then the first octet is ISN+1
Ack number: 32 bits
Only if the ACK control bit is set. Contains the next expected sequence number from the other socket.
Data Offset 4 bits
Number of 32 bit words in the tcp header. The header is always padded to make sure its exactly some multiple of 32 bits long.
Reserved: 6 bits
There is a reserved section for future use
Control Bits: 6 bits
URG
The urgent flag.
ACK
The acknowledgement flag.
SYN
The synchronise flag.
PSH
The push flag.
RST
The reset flag.
FIN
The finish flag.
Window: 16 bits
The number of octets from the ack field which the sender of this segment is willing to accept.
Checksum: 16 bit
The checksum is the 16 bit one’s complement of the one’s complement sum of all 16 bit words in the header and text. The text will be padded such that the checksum input is a 16 bit word. This padding is not part of the segment. While computing the checksum, the checksum field itself is kept filled with zeroes.
The checksum input is prefixed by a pseudo header that contains the source address, the destination address.