[rank_math_breadcrumb]

tcp ip deep dive

Posted by

What is Transmission Control Protocol (TCP)

TCP allows for the transmission of information in both directions like server and client communicate or server – server.

TCP work on three-way handshake –

1- SYC 

First, the requesting client sends the server a SYN packet or segment (SYN stands for synchronize) with a unique, random number. This number ensures full transmission in the correct order (without duplicates)

2- SYN-ACK 

If the server has received the segment, it agrees to the connection by returning a SYN-ACK packet (ACK stands for acknowledgment) including the client’s sequence number plus 1

3- ACK 

Finally, the client acknowledges the receipt of the SYN-ACK segment by sending its own ACK packet, which in this case contains the server’s sequence number plus 1. At the same time, the client can already begin transferring data to the server

Note – You can note one thing in this process that SYN-ACK ACK used Random number +1 

SEQ = Sequence number

Note – If the server port is closed or access is blocked, the client receives a TCP RST packet (reset) instead of an acknowledgment packet.

How TCP Termination work –

Both sides TCP connect terminate even single side termination also possible, this called Half open

in this case, one side connection disconnected and another side connection open to send DATA

There are some steps of termination –

1- Client send FIN Segment notification to a server that, its no longer to send data

2- Server acknowledge that Segment with ACK and add random number +1 in sequence 

3- When the server has finished the data transfer, it also sends a FIN packet

4- Now it is the client’s turn to send an ACK packet including the sequence number plus 1, which officially terminates the TCP connection for the server

TCP header —




Source port (16 bits): Identifies the port number of the sender

Destination port (16 bits): Identifies the port number of receiver

Sequence number (32 bits): The sequence number specifies the first byte of attached payload data or is sent when the connection is established or terminated

Acknowledgment number (32 bits): This field contains the next sequence number that the sender is expecting, i.e reciver always use plus 1

Offset (4 bits): The “Offset” field specifies the length of the TCP header in 32-bit words to highlight the starting point of the payload data

Reserved (6 bits): Reserved for future use according


Now are are taking about Flag- there are 6 Flag in TCP , we can discuss one by one-


Flag –

URG – The “Urgent” flag signals to the TCP application that the payload data must be processed immediately up to the set Urgent pointer

ACK – the client acknowledges the receipt of the SYN-ACK segment

PSH – The “Push” flag ensures that a TCP segment is immediately pushed through without first being sent to the buffer of the sender and receiver

RST: If there is an error during transmission, a TCP packet with the RST flag set can be used to reset the connection

SYN: Messages that have SYN flag set represent the first step of the three-way handshake

FIN: The “Finish” flag signals to to finish the transmission.


—————————————————————————————————————————-

Window size (16 bits): This field specifies the number of bytes that the sender is willing to receive

Checksum (16 bits): TCP can reliably detect transmission errors. The checksum calculated from the header, the payload data and the pseudo-header is used for this purpose

urgent pointer (16 bits): The urgent pointer indicates the position of the first byte after the payload data that is to be processed urgently. this is only valid when we used URG flag

Options (0 – 320 bits): Use the Options field if you want to include TCP functions that don’t belong in the general header


 


[the-post-grid id=”9538″ title=””]

Visit Our Store and Buy All document (F5, Zscaler, ASA, Paloalto, Checkpoint,Forescout, Cisco ISE etc) only in  1600RS, click here on store - Store

X
error: Content is protected !!