What the tcp protocol provides. TCP transport protocol provides

Internet tips

At the data link and network level of protocols TCP / IP packet, which relate to the main mechanism for the transfer of data blocks between countries and between networks, are the basis TCP / IP... They use the protocol stack, but they are not used directly in applications that run the protocol TCP / IP... In this article, we will look at two protocols that are used by applications: User Datagram Protocol (UDP) and Transmission Control Protocol (TCP).

User Datagram Protocol
The User Datagram Protocol is a very simple protocol. Like IP, it is a reliable, connectionless protocol. You don't need to establish a connection to the host to communicate with it using UDP, and there is no mechanism to ensure the transmitted data.
Block of data transmitted using UDP called a datagram. UDP adds four 16-bit header fields (8 bytes) to the transmitted data. These fields are field length, checksum field, and source and destination port number. "Port", in this context, is the software of the port, not the hardware port.
The concept of a port number is common to both UDP and TCP... The port numbers determine which protocol module is sending (or receiving) data. Most of the protocols have standard ports that are commonly used for this. For example, Telnet usually uses port 23. Simple Mail Transfer Protocol (SMTP) uses port 25. Using standard port numbers allows clients to communicate with the server without first setting which port to use.
Port and protocol number in the header field IP duplicate each other to some extent, although the protocol fields are not available for higher-level protocols. IP uses a protocol field to determine where data should be transferred to UDP or TCP modules. UDP or TCP use the port number to determine which application layer protocol should receive data.
Despite, UDP is not reliable, it is still an appropriate choice for many applications. It is used by real-time applications such as streaming audio and video, where if data is lost it is better to do without it than send it again in order. It is also used by protocols such as Simple Network Management Protocol (SNMP).
Broadcast
UDP suitable for information broadcasting, since it does not require connection to an open connection. The targets of the broadcast message are determined by the sender, to the specified destination IP address. UDP datagrams with destination IP address are all binary 255.255.255.255) and will be received by every host on the local network. Pay attention to the word local: datagrams with this address will not be accepted by the router to the Internet.
Broadcasts can be directed to specific networks. UDP datagrams from the host and subnet, the portions of the IP address set as binary are broadcast to all hosts on all subnets of the network that corresponds to the clean portion of the IP address. If only the receiving side (in other words, all the bits that are zero in the subnet mask) are set to binary, then the broadcast is limited to all hosts on the subnet that matches the rest of the address.
Multicast is used to transmit data in a group of hosts that have expressed a desire to receive it. Multicast UDP the datagram has a destination address in which the first four bits are 1110, provided addresses are in the range 224.xxx to 239.xxx The remaining bits of the address are used to designate the multicast group. It's more like a radio or TV channel. So, for example, 224.0.1.1 is used for NTP. If TCP / IP applications want to receive a multicast message, they must join the corresponding multicast group, which it does by passing the address of the group onto the protocol stack.
Broadcasting essentially filters the transmission. Multicaster does not consider individual messages for each host that joins the group. Instead, messages are broadcast, and the drivers on each host decide whether to ignore them or pass the content to the protocol stack.
This means that multicast messages must be broadcast all over the Internet, since the multicaster does not know which hosts want to receive messages. Fortunately, this is not necessary. IP uses a protocol called Internet Group Management Protocol (IGMP) to tell routers which hosts want to receive multicast messages so that messages are sent only to where they are needed.
Transmission control protocol
Transmission Control Protocol is a transport layer protocol and is used by most Internet applications such as Telnet, FTP, and HTTP. It is a connection-oriented protocol. This means that the two computers are one client, the other is a server and a connection must be established between them before data can be transferred between them.
TCP provides reliability. Application that uses TCP knows that he is sending data received on the other end, and that he received it correctly. TCP uses checksums on both headers and data. When receiving data, TCP sends confirmation back to the sender. If the sender does not receive confirmation within a certain period of time, the data is re-sent.
TCP includes mechanisms to ensure data arrives in reverse order in the order in which it was sent. It also implements flow control so that the sender cannot overwhelm the receiver of the data.
TCP transmits data using IP in blocks called segments. The length of the segment is determined by the protocol. In addition to the IP header, each segment consists of 20 bytes of header. Heading TCP starts with a 16-bit source and port number destination field. Like UDP, these fields define the level of the application, which is also aimed at receiving data. The IP address and port number, taken together, uniquely identify the services running on the host and the pair known as the socket.
Next in the header is a 32-bit sequence number. This number determines the position in the data stream that should occupy the first byte of data in the segment. Serial number TCP keeps the data flow in the correct order, although segments can be derived from sequence.
The next field is a 32-bit field that is used to convey back to the sender that the data was received correctly. If ACK is the flag, which it usually is, then this field contains the position of the next data byte that the sender of the segment expects to receive.
IN TCP there is no need for each data segment to be recognized. The value in the confirmation field is interpreted as "all data so far received by OK". This saves bandwidth when all data is routed one way, reducing the need for segment recognition. If data is sent in both directions at the same time, as in full duplex communication, then stamps are not associated with costs, since the one-way data segment may contain acknowledgment for data sent in another way.
Further in the header is a 16-bit field containing the header length and flags. TCP headers can contain additional fields, so the length can vary from 20 to 60 bytes. Flags: URG, ACK (which we already mentioned), PSH, RST, SYN and FIN. We'll look at some of the other flags later.
The header contains a field called window size, which gives the number of bytes that the receiver can accept. There is also a 16-bit checksum covering both the header and data. Finally (before additional data) there is a field called the urgency indicator. When the URG flag is set, this value is interpreted as a sequence number offset. It defines the beginning of data in the stream that must be processed urgently. This data is often referred to as out-of-band data. An example of its use is when the user presses the break key to abort the exit from the program during a Telnet session.

Transport protocols TCP and UDP of the TCP / IP protocol stack provide data transfer between any pair applied processesrunning on the network and provide an interface to IP by demultiplexing multiple processes using ports as transport addresses. For each application process (AP) (application) running on the computer, a multiple entry pointsserving as transport addressescalled ports (fig. 4.60).

There are two ways to assign a port to an application:

· centralized(assigned or assigned numbers from 0 to 1023) using standard numbers assigned to public services (applications), for example: FTP - 21, telnet - 23, SMTP - 25, DNS - 53, HTTP - 80.

· local(dynamic numbers from 1024 to 65535), which provides an arbitrary number from the free list when a request comes from a user application.

Application dynamic port numbers are unique within each computer, but can be the same as port numbers on other computers. The difference between them is determined only by the difference in the interfaces of each of the computers specified by IP addresses.

Thus, the pair " IP address; port number"Called socket (socket), uniquely identifies an application process on the network.

UDP and TCP port numbers within the same computer can be the same, although they identify different applications. Therefore, when recording the port number, the type of transport layer protocol must be indicated, for example, 2345 / TCP and 2345 / UDP. In some cases, when an application can choose to access the UDP or TCP protocol, it can be assigned the same UDP and TCP port numbers, for example, the DNS application is assigned the number 53 - 53 / UDP and 53 / TCP.

UDP transport protocol

UDP is a transport protocol that provides data transmission in the form datagramsbetween any pair applied processesrunning on the network, connectionless... Segments consist of an 8-byte header followed by a data field. The UDP segment header is shown in Figure 4.61.

UDP is most widely used when running client-server applications (request-response type).

However, UDP does not:

Flow control,

Error control,

· Retransmission after receiving a bad segment.

Examplesapplications using UDP for data transfer are DHCP, DNS, SNMP.

In some cases, multiple copies of the same application may be running on the same end node. The question arises: how are these applications different?

To do this, consider, using a simple example, the process of forming a request and the procedure for contacting a DNS client to a DNS server, when two DNS servers are running on one computer, and both use the UDP transport protocol to transfer their data (Figure 4.62). In order to distinguish DNS servers, they are assigned different IP addresses - IP1 and IP2, which together with the port number form two different sockets: "UDP port 53, IP1" and "UDP port 53, IP2".

Fig. 4.62, a) illustrates the process of forming a request by a DNS client to a DNS server.

The DNS request for the transport layer of the TCP / IP protocol stack is passed to the UDP protocol, which embeds the request in a UDP datagram and specifies the destination port 53 / UDP in the header. The UDP datagram is then sent to the Internet layer, where it is embedded in an IP packet, the header of which contains "IP address: IP2". The IP packet, in turn, is forwarded to the "gateway" layer, where it is placed in a link-layer frame with a corresponding link-layer header (DCH). This frame is transmitted over the network to a computer containing two DNS servers (Fig. 4.62, b).

In this computer, the Link Layer Protocol (LCP) strips the CCP header and transmits the content of the frame to the Internet layer to the IP protocol, which in turn extracts the content (UDP datagram) from the IP packet. Further manipulations with the transmitted data differ from the principles laid down in the multi-level model of the protocol hierarchy. Instead of simply passing the UDP datagram in the data field of the IP packet to the transport layer, IP protocol attaches to UDP datagramso-called pseudo-titlecontaining, among other things, the IP addresses of the sender and recipient. Thus, the UDP protocol, having an IP address and a destination port, unambiguously determines that the content of the data field (ie, a DNS query) should be passed to the DNS Server 2 application.

TCP transport protocol

TCP provides reliable data transfer between application processes by establishing logical connections between communicating processes.

Logical connectionbetween two application processes is identified by a pair of sockets (IP address, port number), each of which describes one of the communicating processes.

Information coming to the TCP protocol within a logical connection from higher-level protocols is considered by the TCP protocol as unstructured byte streamand buffered. For transmission to the network layer, the segmentnot exceeding 64 KB (maximum IP packet size). In practice, the segment length is usually limited to 1460 bytes, which allows it to fit into an Ethernet frame with TCP and IP headers.

TCP connection is focused on full duplex transmission.

Data flow control in the TCP protocol is carried out using the mechanism variable sliding window... When sending a segment, the sending node starts a timer and waits for an acknowledgment. Negative receipts are not sent but used timeout mechanism... The destination node that received the segment generates and sends back the segment (with data, if any, or without data) with an acknowledgment number equal to the next ordinal expected byte number... Unlike many other protocols, TCP acknowledges receipt not packets, but bytesflow. If the acknowledgment timeout expires, the sender resends the segment.

Despite the apparent simplicity of the protocol, it has a number of nuances that can lead to some problems.

First, since segments can become fragmented during transmission over the network, a situation is possible in which part of the transmitted segment will be received, and the rest will be lost.

Second, segments can arrive at the destination in no particular order, which can lead to a situation in which bytes 2345 through 3456 have already arrived, but an acknowledgment for them cannot be sent because bytes 1234 through 2344 have not yet been received.

Third, segments can be delayed on the network for so long that the sender will time out and send them again. A retransmitted segment may follow a different route and be otherwise fragmented, or the segment may accidentally enter a congested network along the way. As a result, some complex processing is required to restore the original segment. Figure 4.63 shows the format of the TCP segment header. The first 20 bytes of the header are in a strictly fixed format, followed by additional fields. The additional header fields are followed by a data field containing no more than 65 495 bytes, which together with the TCP and IP headers of 20 bytes each will give the maximum allowable IP packet size of 65 535 bytes.

Without going into details, let's briefly consider the purpose of the fixed header fields of the TCP segment.

The fields "Sender port" (2 bytes) and "Recipient port" (2 bytes) identify processesbetween which a logical connection is established.

The "Sequence number" field (4 bytes) contains first byte numberdata in a segment, which defines the offset of the segment relative to the transmitted data stream

Field "Confirmation number" (4 bytes) contains next expected byte number, which is used as a receipt confirming the correct receipt of all previous bytes.

The TCP Header Length field (4 bits) specifies the TCP segment header length, measured in 32-bit words.

The 6-bit Reserved field is reserved for future use.

One bit flagscarry service information about the type of segment and are interpreted as follows:

URG \u003d 1 indicates the presence urgent data, which means using the field "Pointer to urgent data » ;

ACK \u003d 1 means the segment is receipton the received segment and the "Confirmation number" field contains meaningful data. Otherwise, this segment does not contain an acknowledgment and the “Confirmation number” field is simply ignored.

PSH \u003d 1 (PUSH flag) means request to send datawithout waiting for the buffer to fill;

RST \u003d 1 is used for reset connection statewhen problems are detected, as well as to reject the wrong segment or try to create a connection;

SYN \u003d 1 is used for establishing a connection, moreover, if ACK \u003d 0, it means that the confirmation field is not used;

FIN \u003d 1 is used for disconnect.

The "Window size" field (2 bytes) determines how many bytes can be sent after the byte received confirmation.

The "Checksum" field (2 bytes) contains a checksum that covers the header, data and pseudo-title.

Checksum calculation algorithmas follows.

Before starting the checksum calculation, the value of this field is set to zero. If the data field contains an odd number of bytes, then it is padded with a zero byte, which is used when calculating the checksum, but is not inserted into the segment for transmission on the network. The need for such an addition is due to the fact that the TCP segment, including header, data and pseudo-header, is considered as a collection of 16-bit binary numbers that are added in a two's complement code, and then the complement for the resulting sum is calculated, which is entered in the "Checksum" field.

The recipient of the segment similarly calculates the checksum for the entire segment, including the Checksum field. Obviously, the result obtained in this way should be equal to 0. Note that the additional zero byte The "Pointer to urgent data" field (2 bytes) contains an offset in bytes from the current byte sequence number to the location of urgent data that must be urgently received, despite for a buffer overflow. Thus, TCP implements interrupt messages. The content of the urgent data is handled by the application layer. The TCP protocol only ensures their delivery and is not interested in the cause of the interruption.

The Parameters field is variable in length and can be absent.

Examplesapplications using TCP for data transfer are FTP, TFTP, DNS, POP3, IMAP, TELNET.

Transport layer

The task of the transport layer is to transfer data between different applications running on all nodes of the network. After the packet is delivered using IP to the receiving computer, the data must be sent to a special receiving process. Each computer can run multiple processes, and an application can have multiple entry points, acting as the destination for data packets.

Packages arriving at the transport layer of the operating system are organized in multiple queues at the entry points of various applications. These entry points are called ports in TCP / IP terminology.

Transmission Control Protocol

Transmission Control Protocol(TCP) (Transmission Control Protocol) is a mandatory protocol standard TCP / IP, defined in RFC 793, "Transmission Control Protocol (TCP)".

TCP is a transport layer protocol that provides the transport (transmission) of a data stream, with the need to first establish a connection, thereby guaranteeing confidence in the integrity of the received data, and also performs a repeated request for data in case of data loss or corruption. In addition, TCP monitors duplicate packets and, if detected, kills duplicate packets.

Unlike UDP, it guarantees the integrity of the transmitted data and the sender's confirmation of the transmission results. Used when transferring files, where the loss of one packet can lead to corruption of the entire file.

TCP provides its reliability due to the following:

  • The data from the application is split into blocks of a certain size, which will be sent.
  • When TCP sends a segment, it sets a timer, expecting an ACK for that segment from the remote end. If no acknowledgment is received after the time has elapsed, the segment is retransmitted.
  • When TCP receives data from the remote side of the connection, it sends an acknowledgment. This confirmation is not sent immediately, but is usually delayed by a split second.
  • TCP calculates a checksum for its header and data. This is a checksum calculated at the ends of the connection, the purpose of which is to detect any change in data during transmission. If a segment arrives with an invalid checksum, TCP drops it and no acknowledgment is generated. (The sender is expected to time out and retransmit.)
  • Since TCP segments are sent as IP datagrams, and IP datagrams can arrive randomly, TCP segments can also arrive randomly. After receiving data, TCP can change the sequence as needed, so that the application receives the data in the correct order.
  • Since the IP datagram can be duplicated, the receiving TCP MUST discard the duplicated data.
  • TCP controls the flow of data. Each side of a TCP connection has a specific buffer space. Receiving TCP allows the remote side to send data only if the receiver can buffer it. This prevents fast hosts from overflowing the buffers of slow hosts.

  • The sequence number serves two purposes:
    • If the SYN flag is set, then this initial value of the sequence number is ISN (Initial Sequence Number), and the first byte of data that will be transmitted in the next packet will have a sequence number equal to ISN + 1.
    • Otherwise, if SYN is not set, the first byte of data transmitted in this packet has this sequence number.
  • Acknowledgment number - if the ACK flag is set, this field contains the sequence number expected by the recipient next time. Marks this segment as acknowledgment of receipt.
  • Header length - set in 32-bit words.
  • Window size is the number of bytes that the receiver is ready to accept without confirmation.
  • Checksum - includes pseudo header, header and data.
  • Urgent Pointer - indicates the last byte of urgent data that must be responded to immediately.
  • URG - urgency flag, includes the "Urgency pointer" field, if \u003d 0 then the field is ignored.
  • ACK - confirmation flag, includes the field "Acknowledgment number, if \u003d 0 then the field is ignored.
  • PSH - the flag requires a push operation, the TCP module must urgently send the packet to the program.
  • RST - connection interruption flag, used to refuse a connection
  • SYN - flag of synchronization of sequence numbers, used when establishing a connection.
  • FIN - the end of transmission flag from the sender

Consider the header structure TCPusing a Wireshark network analyzer:


TCP ports

Since several programs can be running on the same computer, the unique identifier of each program or port number is used to deliver a TCP packet to a specific program.

Port number is a conditional 16-bit number from 1 to 65535 indicating which program the package is intended for.

TCP ports use a specific program port to deliver data transmitted using the Transmission Control Protocol (TCP). TCP ports are more complex and work differently than UDP ports. While a UDP port acts as a single message queue and as an entry point for a UDP connection, the ultimate entry point for all TCP connections is a unique connection. Each TCP connection is uniquely identified by two entry points.

Each individual TCP server port can offer multiple connections to be shared because all TCP connections are identified by two values: an IP address and a TCP port (socket).

All TCP port numbers less than 1024 are reserved and registered with the Internet Assigned Numbers Authority (IANA).

UDP and TCP port numbers do not overlap.

TCP programs use reserved or well-known port numbers, as shown in the following figure.

Establishing a TCP connection

Let's now take a look at how TCP connections are established. Suppose a process running on one host wants to establish a connection with another process on another host. Recall that the host that initiates the connection is called the "client", while the other node is called the "server".

Before starting to transfer any data, according to the TCP protocol, the parties must establish a connection. The connection is established in three stages (the TCP "three handshake" process).

  • The requester (usually called the client) sends a SYN segment indicating the port number of the server to which the client wants to connect and the original client sequence number (ISN).
  • The server replies with its SYN segment containing the original server sequence number. The server also confirms the arrival of the client's SYN using an ACK (ISN + 1). One sequence number is used per SYN.
  • The client must acknowledge the arrival of a SYN from the server with its SYNs containing the client's original sequence number (ISN + 1) and using an ACK (ISN + 1). The SYN bit is set to 0 because the connection is established.

After establishing a TCP connection, these two hosts can transmit data to each other, since the TCP connection is full duplex, they can transmit data at the same time.

TCP / IP protocols are the basis of the global Internet. To be more precise, TCP / IP is a list or stack of protocols, and in fact, a set of rules by which information is exchanged (the packet switching model is implemented).

In this article, we will analyze the principles of the TCP / IP protocol stack and try to understand how they work.

Note: Oftentimes, TCP / IP is used to refer to an entire network based on these two protocols, TCP and IP.

In the model of such a network, in addition to the main protocols TCP (transport layer) and IP (network layer protocol) includes protocols of application and network levels (see photo). But let's return directly to the TCP and IP protocols.

What are TCP / IP protocols

TCP - Transfer Control Protocol... Transmission control protocol. It serves to ensure and establish a reliable connection between two devices and reliable data transmission. In this case, the TCP protocol controls the optimal size of the transmitted data packet, carrying out a new message if the transmission fails.

IP - Internet Protocol. The Internet Protocol or Address Protocol is the backbone of the entire data transmission architecture. The IP protocol is used to deliver a network data packet to the desired address. In this case, the information is divided into packets, which independently move through the network to the desired destination.

TCP / IP protocol formats

IP protocol format

There are two formats for IP addresses of the IP protocol.

IPv4 format. It is a 32-bit binary number. A convenient form of notation for an IP address (IPv4) is a notation in the form of four groups of decimal numbers (from 0 to 255), separated by periods. For example: 193.178.0.1.

IPv6 format. It is a 128-bit binary number. Typically, IPv6 addresses are already written in the form of eight groups. Each group contains four hexadecimal digits separated by colons. Example IPv6 address 2001: 0db8: 85a3: 08d3: 1319: 8a2e: 0370: 7889.

How TCP / IP Protocols Work

If it is convenient, imagine transferring data packets on the network as sending a letter by mail.

If inconvenient, imagine two computers connected by a network. Moreover, the connection network can be any local or global. There is no difference in the principle of data transmission. A computer on a network can also be thought of as a host or node.

IP protocol

Each computer on the network has its own unique address. On the global Internet, a computer has this address, which is called an IP address (Internet Protocol Address).

Similar to mail, an IP address is a house number. But the house number is not enough to receive the letter.

The information transmitted over the network is not transmitted by the computer, as such, but by the applications installed on it. Such applications are mail server, web server, FTP, etc. To identify the packet of transmitted information, each application attaches to a specific port. For example: a web server listens on port 80, FTP listens on port 21, an SMTP mail server listens on port 25, a POP3 server reads mailboxes on port 110.

Thus, in the address packet in the TCP / IP protocol, another line appears in the addressees: port. Analogue with mail - the port is the apartment number of the sender and the addressee.

Example:

Source address:

IP: 82.146.47.66

Destination address:

IP: 195.34.31.236

It is worth remembering: IP address + port number - called "socket". In the example above: from socket 82.146.47.66:2049 a packet is sent to socket 195.34.31.236: 53.

TCP protocol

TCP is the next layer after IP. This protocol is intended to control the transfer of information and its integrity.

For example, the Transmitted information is split into separate packets. The packages will be delivered to the recipient independently. During transmission, one of the packets was not transmitted. TCP provides retransmissions until the recipient receives this packet.

The TCP transport protocol hides all problems and details of data transmission from higher-level protocols (physical, channel, network IP).

TCP is a transport mechanism that provides a data stream, with a pre-connection, due to this, it gives confidence in the reliability of the received data, re-requests data in case of data loss and eliminates duplication when receiving two copies of the same packet. Unlike UDP, it ensures that the application receives data in exactly the same sequence as it was sent, and without loss.

TCP is used when reliable message delivery is required. It frees application processes from the need to use timeouts and retransmissions for reliability. The most common TCP applications are FTP (File Transfer Protocol) and TELNET. In addition, TCP is used by the X-Window System, rcp (remote copy), and other "r commands". The great features of TCP are not free. The TCP implementation requires high processor performance and high network bandwidth. The internal structure of the TCP module is much more complex than the structure of the UDP module.

The TCP implementation is usually built into the kernel, although there are TCP implementations in the application context.

When there is a computer-to-computer transmission over the Internet, TCP works at the top level between two end systems, such as an Internet browser and an Internet server. TCP also reliably transfers a stream of bytes from one program on some computer to another program on another computer. Email and file sharing programs use TCP. TCP controls message length, messaging rate, network traffic.

When an application process starts using TCP, the TCP module on the client machine and the TCP module on the server machine start talking. These two TCP terminators maintain information about the state of a connection called a virtual link. This virtual circuit consumes the resources of both TCP terminators. The channel is full duplex; data can be transmitted simultaneously in both directions. One application process writes data to a TCP port, it travels over the network, and another application process reads it from its TCP port.

TCP breaks up a stream of bytes into packets; it does not preserve boundaries between entries. For example, if one application process makes 5 writes to a TCP port, then the application process on the other end of the virtual channel can perform 10 reads in order to get all the data. But the same process can get all the data at once by doing only one read operation. There is no relationship between the number and size of messages written on one side and the number and size of messages read on the other side.

TCP requires all data sent to be acknowledged by the receiving end. It uses timeouts and retransmissions to ensure reliable delivery. The sender is allowed to transmit a certain amount of data without waiting for an acknowledgment of the previously sent data. Thus, between the sent and confirmed data there is a window of already sent but not yet confirmed data. The number of bytes that can be transmitted without acknowledgment is called the window size. Typically, the window size is set in the startup files of the networking software. Since the TCP channel is full duplex, acknowledgments for data going in one direction can be sent along with data going in the opposite direction. The receivers on both sides of the virtual channel perform flow control to prevent buffer overflows.

In general terms, a user application works with TCP as follows. To transfer data to the user process, you need to call the appropriate TCP function, indicating the buffer of the transferred data. TCP packs this data into segments of its stack and invokes a lower layer protocol transfer function such as IP.

At the other end, the TCP receiver groups the data received from the lower layer protocol into the receive segments of its buffer, checks the data integrity, transfers the data to the user process, and notifies the sender of its receipt.

The TCP user interface can execute commands such as OPEN or CLOSE, SEND or RECEIVE, and receive STATUS.

In the interconnection model, the interaction of TCP and lower-layer protocols is usually not specified, except that there must be a mechanism that would ensure the asynchronous transfer of information from one layer to another. The result of this mechanism is the encapsulation of the higher layer protocol in the body of the lower layer protocol. This mechanism is implemented through the call interface between TCP and IP.

As a result of this mechanism, each TCP packet is embedded in a lower layer protocol "envelope", for example, IP. The resulting datagram contains a TCP packet in the same way that a TCP packet contains user data.

Brief description of the protocols of the TCP / IP family with the decoding of abbreviations

  • ARP (Address Resolution Protocol): Converts 32-bit IP addresses to physical network addresses, such as 48-bit Ethernet addresses.
  • FTP (File Transfer Protocol): Allows you to transfer files from one computer to another using TCP connections. A related but less common file transfer protocol, Trivial File Transfer Protocol (TFTP), uses UDP rather than TCP to transfer files.
  • ICMP (Internet Control Message Protocol): Allows IP routers to send error messages and control information to other IP routers and hosts on the network. ICMP messages travel as data fields in IP datagrams and must be implemented in all IP variants.
  • IGMP (Internet Group Management Protocol): Allows IP datagrams to be multicast to computers that belong to their respective groups.
  • IP (Internet Protocol, Internet Protocol): A low-level protocol that routes packets of data over separate networks that are linked together using routers to form the Internet or intranet. Data travels in the form of packets called IP datagrams.
  • RARP (Reverse Address Resolution Protocol): Converts physical network addresses to IP addresses.
  • SMTP (Simple Mail Transfer Protocol)- Specifies the format of messages that an SMTP client running on one computer can use to send e-mail to an SMTP server running on another computer.
  • TCP (Transmission Control Protocol): The protocol is connection oriented and transfers data as streams of bytes. Data is sent in packets — TCP segments — that are made up of TCP headers and data. TCP is a "reliable" protocol because it uses checksums to verify the integrity of the data and send acknowledgments to ensure that the transmitted data is received without corruption.
  • UDP (User Datagram Protocol): A connection-independent protocol that transmits data in packets called UDP datagrams. UDP is an "unreliable" protocol because the sender does not receive information indicating whether a datagram was actually received.

Composition and purpose of header fields

TCP segments are sent as IP datagrams. The TCP header following the IP header contains TCP protocol information.

Source Port (16 bit). Sender port.

Destination Port (16 bit). Recipient port.

Sequence Number (32 bits). Frame number. The frame number of the first data octet in this segment (except for a packet where the SYN flag is present). If the SYN flag is present in a packet, then the packet number becomes the start of sequence number (ISN) and the number of the first data octet becomes ISN + 1.

Acknowledgment Number (32 bits). Acknowledged receipt frame number field. If the packet contains the ACK control bit set, then this field contains the number of the next data packet from the sender that the receiver expects. When a connection is established, a confirmation packet is always sent.

Data Offset (4 bits). Data offset value field. It contains the number of 32-bit words of the TCP packet header. This number defines the offset of the location of the data in the package.

Reserved (6 bits). Reserve field. The field is reserved.

Control flags (from left to right):

  • URG: Urgent Flag
  • ACK: Flag of the packet containing acknowledgment of receipt
  • PSH: Forced Send Flag
  • RST: Re-establish connection
  • SYN: Synchronize sequence numbers
  • FIN: Sender end of transmission flag

Window (16 bit). Window. This field contains the number of bytes of data that the sender of this segment can receive, counted from the byte number specified in the Acknowledgment Number field.

Checksum (16 bit). Checksum field. This field contains the 16-bit complement sum of the 16-bit header and data words. If the segment contains an odd number of header and data bytes, the last byte is right-padded with zeros. When calculating the checksum, the checksum field is assumed to be zero.

Urgent Pointer (16 bit). Urgent pointer field. This field contains the value of the packet count, from which the urgent packets follow. This field is taken into account only in segments with the URG flag set.

Options. Additional parameters field: can be of variable length.

Padding. Padding: variable length. Padding (zeros) of the TCP header is used to align it on a 32-bit word.

This link is for a visual video. Unfortunately, it is in English, but understandable as it is.
Did you like the article? To share with friends:
You may also be interested in