TCP - Transmission Control Protocol

TL;DR: The Transmission Control Protocol is a core protocol of the Internet protocol suite, which provides reliable and error-checked delivery of data between applications running on hosts on an IP network.

Utility

TCP is designed to provide a reliable, ordered, and error-checked delivery of data between applications running on hosts communicating over an IP network. Its mechanisms ensure data integrity, efficient flow control, and the effective management of network resources. Core features of the protocol:

• Connection Establishment: It uses a three-way handshake to establish a reliable connection between client and server.

• Reliable Data Transmission: Ensures data integrity through error-checking mechanisms like checksums and retransmission of lost data units (so called packets).

• Flow & Congestion Control: Manages data flow between the sender and receiver to prevent congestion and ensure efficient data transfer.Uses algorithms like TCP Reno and TCP CUBIC to control data transmission rates and prevent network congestion.

• Ordered Data Transfer: Ensures that data packets are delivered to the application in the correct order.

• Ordered Data Delivery

• Error Detection and Correction

• Congestion Control

• Flow Control

• Multiplexing

• Duplex Data Transmission

• Byte Stream Delivery

• Data Segmentation

• Session Management

Let's see how these feature become available by breaking them down:

Anatomy

The TCP header anatomy:

0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |          Source Port          |       Destination Port        |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                        Sequence Number                        |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                    Acknowledgment Number                      |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |  Data |       |C|E|U|A|P|R|S|F|                               |
   | Offset| Rsrvd |W|C|R|C|S|S|Y|I|            Window             |
   |       |       |R|E|G|K|H|T|N|N|                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |           Checksum            |         Urgent Pointer        |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                           [Options]                           |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                                                               :
   :                             Data                              :
   :                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Let's walk through all these fields:

• Source port: this is a 16 bit field that specifies the port number of the sender.
• Destination port: this is a 16 bit field that specifies the port number of the receiver.
• Sequence number: the sequence number is a 32 bit field that indicates how much data is sent during the TCP session. When you establish a new TCP connection (3 way handshake) then the initial sequence number is a random 32 bit value. The receiver will use this sequence number and sends back an acknowledgment. Protocol analyzers like wireshark will often use a'relative sequence number of 0'since it's easier to read than some high random number.
• Acknowledgment number: this 32 bit field is used by the receiver to request the next TCP segment. This value will be the sequence number incremented by 1.
• DO: this is the 4 bit data offset field, also known as the header length. It indicates the length of the TCP header so that we know where the actual data begins.
• RSV: these are 3 bits for the reserved field. They are unused and are always set to 0.
• Flags: there are 9 bits for flags, we also call them control bits. We use them to establish connections, send data and terminate connections:
  • URG: urgent pointer. When this bit is set, the data should be treated as priority over other data.
  • ACK: used for the acknowledgment.
  • PSH: this is the push function. This tells an application that the data should be transmitted immediately and that we don't want to wait to fill the entire TCP segment.
  • RST: this resets the connection, when you receive this you have to terminate the connection right away. This is only used when there are unrecoverable errors and it's not a normal way to finish the TCP connection.
  • SYN: we use this for the initial three way handshake and it's used to set the initial sequence number.
  • FIN: this finish bit is used to end the TCP connection. TCP is full duplex so both parties will have to use the FIN bit to end the connection. This is the normal method how we end an connection.
• Window: the 16 bit window field specifies how many bytes the receiver is willing to receive. It is used so the receiver can tell the sender that it would like to receive more data than what it is currently receiving. It does so by specifying the number of bytes beyond the sequence number in the acknowledgment field.
• Checksum: 16 bits are used for a checksum to check if the TCP header is OK or not.
• Urgent pointer: these 16 bits are used when the URG bit has been set, the urgent pointer is used to indicate where the urgent data ends.
• Options: this field is optional and can be anywhere between 0 and 320 bits.

The Protocol Sequence

Reliable Data Transmission: Ensures that data sent from one point on a network arrives at its destination accurately and reliably.

1. Connection Establishment (Three-Way Handshake):

   • Process:
     • TCP establishes a connection before data transmission begins using a process called the three-way handshake.
     • This involves the exchange of SYN (synchronize) and ACK (acknowledge) packets between the sender and receiver.
   • Purpose:
     • Confirms that both the sender and receiver are ready to communicate and can keep track of data sent and received.

2. Sequence Numbers and Acknowledgments:

   • Process:
     • Each byte of data sent over a TCP connection is assigned a sequence number.
     • The receiver sends back an acknowledgment (ACK) for the received sequence numbers.
   • Purpose:
     • Ensures that data is delivered in order and tracks which data has been successfully received.

3. Error Detection:

   • Process:
     • TCP headers include a checksum field used to detect errors in the header and data parts of a TCP segment.
   • Purpose:
     • Allows the detection of corrupted segments, which can then be retransmitted.

4. Retransmission of Lost Packets:

   • Process:
     • If the sender does not receive an acknowledgment for a segment within a certain time, it retransmits the segment.
   • Purpose:
     • Ensures that lost or unacknowledged data is sent again, guaranteeing data delivery.

5. Flow Control:

   • Process:
     • TCP uses a window mechanism where the receiver advertises the amount of data it can accept.
   • Purpose:
     • Prevents the sender from overwhelming the receiver by sending more data than it can process.

6. Congestion Control:

   • Process:
     • TCP employs several algorithms (like slow start, congestion avoidance, fast recovery) to control data transmission rate based on network conditions.
   • Purpose:
     • Reduces the amount of data sent when network congestion is detected, minimizing packet loss.

7. Data Buffering:

   • Process:
     • Both sender and receiver maintain buffers to store sent and received data.
   • Purpose:
     • Allows for the reordering of out-of-sequence data and smooths out network irregularities.

8. Graceful Connection Termination:

   • Process:
     • Connections are terminated using a process where both sides of the connection signal the end of data transmission (FIN packets).
   • Purpose:

Ordered Data Delivery: Maintains the order of data packets sent over the network, ensuring that data is reassembled in the correct sequence at the destination. How ?

• Process:
  • Each byte of data sent over a TCP connection is assigned a sequence number.
  • The receiver sends back an acknowledgment (ACK) for the received sequence numbers.
  • Purpose:
    • Ensures that data is delivered in order and tracks which data has been successfully received.

Sequence Number Assignment:

• Process:
  • Each byte of data in a TCP segment is assigned a unique sequence number.
  • The sequence number for the first byte of data in a TCP segment is included in the segment's header.
• Purpose:
  • This numbering enables the receiver to reorder segments that arrive out of sequence and to identify missing segments.

2. Orderly Data Transmission:

   • Process:
     • When the sender creates TCP segments, it places them in the correct order based on their sequence numbers.
   • Purpose:
     • Ensures that data is sent in an ordered sequence.

3. Acknowledgment of Received Data:

   • Process:
     • The receiver sends back an acknowledgment (ACK) to the sender, which includes the sequence number of the next expected byte.
   • Purpose:
     • Lets the sender know that the data has been received correctly and in order, and which byte is expected next.

4. Handling Out-of-Order Segments:

   • Process:
     • If segments arrive out of order, the receiver holds these segments and waits for the missing segments to fill the gap.
   • Purpose:
     • Ensures that data is processed in the correct sequence, even if it arrives out of order.

5. Reassembly at Destination:

   • Process:
     • The TCP layer at the receiving end reassembles the segments in the correct order based on their sequence numbers before passing the data to the application layer.
   • Purpose:
     • Guarantees that the application receives the entire data stream in the exact order it was sent.

6. Retransmission for Missing Data:

   • Process:
     • If the sender does not receive an ACK for a segment, it will retransmit that segment. This also applies if segments are received out of order.
   • Purpose:
     • Ensures that lost or missing data is retransmitted, aiding in maintaining the correct data sequence.

Error Detection and Correction: Detects errors in transmitted data and requests retransmission to correct these errors.

• Process:
  • TCP headers include a checksum field used to detect errors in the header and data parts of a TCP segment.
  • Purpose:
    • Allows the detection of corrupted segments, which can then be retransmitted.

1. Checksum for Error Detection:

   • Process:
     • Each TCP segment includes a checksum in its header.
     • The checksum is calculated by the sender over the entire TCP segment, including both header and data.
   • Purpose:
     • This checksum allows the receiver to detect errors in the received TCP segment. If the calculated checksum at the receiver end doesn't match the checksum in the segment header, the segment is considered corrupted.

2. Acknowledgment of Received Data:

   • Process:
     • The receiver sends back an acknowledgment (ACK) for segments that it receives without errors (as determined by the checksum).
   • Purpose:
     • This informs the sender that the segment has been received correctly and processed.

3. Retransmission of Erroneous Segments:

   • Process:
     • If the sender doesn't receive an ACK for a segment within a certain timeout period, or if it receives a negative acknowledgment (indicating an error), it retransmits the segment.
   • Purpose:
     • Ensures that corrupted or lost segments are resent, thereby correcting errors in transmission.

4. Sequenced Delivery for Correction:

   • Process:
     • TCP maintains the order of segments. If segments arrive out of order or are missing, the receiver can request retransmission.
   • Purpose:
     • Helps in correcting errors related to lost or out-of-sequence segments.

5. Duplex Communication:

   • Process:
     • TCP supports bi-directional communication, which means error reporting and corrections can happen in both directions during a session.
   • Purpose:
     • Allows both the sender and receiver to report and correct transmission errors.

Congestion Control:

• Regulates the amount of data sent to prevent overwhelming network resources, thus managing network congestion.
• Congestion Control:* - Process: - TCP employs several algorithms (like slow start, congestion avoidance, fast recovery) to control data transmission rate based on network conditions. - Purpose: - Reduces the amount of data sent when network congestion is detected, minimizing packet loss.

1. Slow Start Algorithm:

   • Process:
     • TCP initiates data transmission with a small congestion window size, increasing it exponentially with each successful acknowledgment until it reaches a threshold.
   • Purpose:
     • To cautiously gauge the capacity of the network and avoid flooding it with too much data too quickly.

2. Congestion Avoidance:

   • Process:
     • Once the threshold is reached, TCP increases the window size more linearly to avoid congesting the network.
   • Purpose:
     • To carefully increase data flow until it detects packet loss, which indicates network congestion.

3. Fast Retransmit and Fast Recovery:

   • Process:
     • On detecting packet loss (through duplicate ACKs), TCP retransmits the lost packet without waiting for a timeout.
     • The congestion window size is then reduced, and TCP transitions into congestion avoidance.
   • Purpose:
     • To quickly recover from packet loss without reducing the flow too drastically.

4. Timeout-Induced Congestion Control:

   • Process:
     • If a timeout occurs (no ACKs are received for an extended period), TCP assumes severe network congestion.
     • The congestion window is reset to a small size, and slow start is initiated again.
   • Purpose:
     • To recover from potential heavy congestion situations by drastically reducing the data sent.

5. TCP Tahoe and Reno:

   • Variants:
     • TCP Tahoe and Reno are two versions that implement different congestion control algorithms.
     • TCP Reno improves on Tahoe by adding fast recovery on top of fast retransmit.
   • Purpose:
     • To enhance TCP's ability to handle different congestion scenarios.

6. Selective Acknowledgment (SACK):

   • Process:
     • SACK allows the receiver to inform the sender about all segments that have been received successfully, which helps in efficient retransmission of lost data.
   • Purpose:
     • To improve performance in networks with high latency or packet loss.

Flow Control: Manages the data transmission rate between sender and receiver, adapting to the speed at which the receiver can process incoming data.

Flow Control:

• Process:
  • TCP uses a window mechanism where the receiver advertises the amount of data it can accept.
• Purpose:
  • Prevents the sender from overwhelming the receiver by sending more data than it can process.

1. Window-Based Flow Control:

   • Process:
     • TCP uses a flow control mechanism based on a "window size" that is communicated between the sender and receiver.
     • The window size specifies the amount of data that can be sent and unacknowledged at any given time.
   • Purpose:
     • To control the rate of data transmission based on the receiver's ability to process and acknowledge the received data.

2. Dynamic Adjustment of Window Size:

   • Process:
     • The receiver advertises its window size to the sender, indicating how much data it can receive and buffer before needing to acknowledge.
     • This window size can be adjusted dynamically during the session, depending on the receiver's capacity.
   • Purpose:
     • To adapt to changing conditions on the receiver’s side, such as varying buffer availability and processing speed.

3. Preventing Sender Overwhelm:

   • Process:
     • The sender must respect the receiver's window size and can only send the amount of data that fits in the window.
   • Purpose:
     • To ensure that the sender does not overwhelm the receiver’s buffer, preventing data loss due to overflow.

4. Zero Window Size and Probing:

   • Process:
     • If the receiver's window size is zero (indicating it cannot currently handle more data), the sender must stop sending data and periodically send window probe messages.
   • Purpose:
     • To check if the receiver is ready to accept more data and to resume transmission once the receiver indicates it has more buffer space.

5. Ensuring Data Integrity:

   • Process:
     • Flow control works in conjunction with TCP’s reliability mechanisms to ensure that data integrity is maintained, even when the flow of data is slowed or paused.
   • Purpose:
     • To ensure that even when data transmission rates are adjusted, all data sent is reliably received and acknowledged.

Multiplexing: Supports the transmission of data from multiple applications over a single network connection using port numbers.

1. Use of Port Numbers:

   • Process:
     • TCP uses port numbers to distinguish between different applications or services running on the same host.
     • Each TCP segment header includes a source port and a destination port number.
   • Purpose:
     • To allow multiple applications to use the network simultaneously without their data streams getting mixed up.

2. Establishing Unique Connections:

   • Process:
     • A unique combination of source IP address, source port, destination IP address, and destination port defines a unique TCP connection.
   • Purpose:
     • This allows for distinct communication channels (sockets) for each application or service using TCP.

3. Handling Incoming Data:

   • Process:
     • When data arrives at a host, the TCP layer examines the destination port number and forwards the data to the corresponding application.
   • Purpose:
     • Ensures that data meant for different applications is correctly routed internally within the host.

4. Support for Server Applications:

   • Process:
     • Server applications often listen on well-known ports (e.g., HTTP on port 80) for incoming connections.
     • Client applications use ephemeral ports for the source port and the well-known port as the destination port when initiating connections.
   • Purpose:
     • To facilitate easy and standardized communication between clients and servers.

5. Simultaneous Connections:

   • Process:
     • Multiple connections between the same two hosts (even with the same destination port) can coexist because each connection is distinguished by its unique source port.
   • Purpose:
     • Allows a single server to handle many client connections simultaneously, each in its separate "conversation."

Duplex Data Transmission:

1. Full-Duplex Communication:

   • Process:
     • TCP establishes a full-duplex communication channel between two endpoints. This means that each TCP connection supports two-way data flow.
   • Purpose:
     • Enables simultaneous data transmission and reception between a client and a server, or between any two endpoints.

2. Independent Sequence Numbers:

   • Process:
     • In a TCP connection, each direction of data flow has its own independent sequence numbers.
   • Purpose:
     • Allows for the independent tracking and management of data sent and received, supporting simultaneous two-way data transfer.

3. Simultaneous Send and Receive:

   • Process:
     • Both endpoints in a TCP connection can send and receive data at the same time without waiting for the other side to finish sending or receiving data.
   • Purpose:
     • Facilitates efficient and dynamic communication, especially in interactive applications.

4. Acknowledgment Mechanism:

   • Process:
     • TCP uses acknowledgments (ACKs) to confirm receipt of data. ACKs for received data can be sent along with new data being transmitted in the opposite direction.
   • Purpose:
     • Enhances efficiency by combining acknowledgments with outgoing data, reducing the need for separate acknowledgment packets.

5. Flow and Congestion Control:

   • Process:
     • TCP's flow and congestion control mechanisms operate independently in each direction, ensuring smooth data transfer and avoiding network congestion.
   • Purpose:
     • Maintains reliable and efficient data flow in both directions, even under varying network conditions.

6. Buffer Management:

   • Process:
     • Both the sender and receiver maintain separate buffers for sent and received data, facilitating the simultaneous processing of incoming and outgoing data streams.
   • Purpose:
     • Allows each side to manage its data transmission and reception independently, supporting full-duplex communication.

Byte Stream Delivery: Treats data as a continuous stream of bytes, which is useful for applications that require consistent data streams. treats data as a continuous stream of bytes, a feature known as byte stream delivery.

Continuous Data Stream:

• Process:
  • TCP views data as a sequence of bytes, not as separate packets or messages.
  • When data is sent over a TCP connection, it is treated as a stream without explicit message boundaries.
• Purpose:
  • This abstraction allows applications to write and read data as continuous streams, simplifying the process of data transmission.

2. Segmentation and Reassembly:

   • Process:
     • TCP divides this continuous stream of data into segments for transmission over the network.
     • At the receiving end, TCP reassembles these segments back into the original order to reconstruct the data stream.
   • Purpose:
     • Ensures that data is transmitted efficiently over the network and reconstructed correctly at the destination.

3. Sequence Numbers:

   • Process:
     • Each byte in the TCP stream is numbered with a sequence number.
     • These sequence numbers help in reordering segments that might arrive out of sequence at the destination.
   • Purpose:
     • Maintains the integrity of the byte stream, ensuring data is delivered in the order it was sent.

4. Buffering:

   • Process:
     • Both the sender and receiver use buffers to manage the byte stream.
     • The sender can store bytes ready to be sent or resent, while the receiver can store incoming bytes until they are read by the application.
   • Purpose:
     • Buffers accommodate differences in sending and receiving speeds and ensure smooth data transmission.

5. Flow Control:

   • Process:
     • TCP uses flow control mechanisms like the sliding window protocol to manage the rate of data transmission, adapting to the available buffer space at the receiver.
   • Purpose:
     • Prevents the sender from overwhelming the receiver and ensures data integrity.

6. Stream-Oriented Transmission:

   • Process:
     • Applications can send data as a stream without worrying about segment sizes, boundaries, or network-layer packets.
   • Purpose:
     • Provides a simple interface for applications to send and receive data, abstracting away the complexities of network communication.

Data Segmentation: Divides larger data blocks into smaller segments for easier and more efficient transmission over the network.

Continuous Data Stream:

• Process:
  • TCP views data as a sequence of bytes, not as separate packets or messages.
  • When data is sent over a TCP connection, it is treated as a stream without explicit message boundaries.
• Purpose:
  • This abstraction allows applications to write and read data as continuous streams, simplifying the process of data transmission.

2. Segmentation and Reassembly:

   • Process:
     • TCP divides this continuous stream of data into segments for transmission over the network.
     • At the receiving end, TCP reassembles these segments back into the original order to reconstruct the data stream.
   • Purpose:
     • Ensures that data is transmitted efficiently over the network and reconstructed correctly at the destination.

3. Sequence Numbers:

   • Process:
     • Each byte in the TCP stream is numbered with a sequence number.
     • These sequence numbers help in reordering segments that might arrive out of sequence at the destination.
   • Purpose:
     • Maintains the integrity of the byte stream, ensuring data is delivered in the order it was sent.

4. Buffering:

   • Process:
     • Both the sender and receiver use buffers to manage the byte stream.
     • The sender can store bytes ready to be sent or resent, while the receiver can store incoming bytes until they are read by the application.
   • Purpose:
     • Buffers accommodate differences in sending and receiving speeds and ensure smooth data transmission.

5. Flow Control:

   • Process:
     • TCP uses flow control mechanisms like the sliding window protocol to manage the rate of data transmission, adapting to the available buffer space at the receiver.
   • Purpose:
     • Prevents the sender from overwhelming the receiver and ensures data integrity.

6. Stream-Oriented Transmission:

   • Process:
     • Applications can send data as a stream without worrying about segment sizes, boundaries, or network-layer packets.
   • Purpose:
     • Provides a simple interface for applications to send and receive data, abstracting away the complexities of network communication.

Session Management: Manages the establishment, maintenance, and termination of a network communication session.

1. Session Establishment (Three-Way Handshake):

   • Process:
     • TCP uses a three-way handshake process to establish a session. This involves the exchange of SYN (synchronize) and ACK (acknowledge) packets.
     • The process starts when one end (the client) sends a SYN packet to initiate a connection, the other end (the server) responds with a SYN-ACK packet, and the client responds back with an ACK packet.
   • Purpose:
     • To set up a reliable connection between two endpoints, synchronizing sequence numbers and confirming the readiness of both sides to communicate.

2. Data Transfer Phase:

   • Process:
     • Once the session is established, data can be exchanged between the client and server.
   • Purpose:
     • Allows for the reliable and ordered exchange of information.

3. Session Maintenance:

   • Process:
     • During the session, TCP manages data flow using mechanisms like flow control, congestion control, and error handling.
   • Purpose:
     • Ensures smooth and efficient communication, adapting to network conditions and managing any transmission errors.

4. Session Termination (Four-Way Handshake):

   • Process:
     • To close a TCP session, a four-way handshake is used. This involves the exchange of FIN (finish) and ACK packets.
     • One side initiates termination with a FIN packet, the other side responds with an ACK, then sends its own FIN packet, and the original sender completes the process with a final ACK.
   • Purpose:
     • To gracefully close the session, ensuring that all pending data is transmitted and acknowledged before disconnection.

5. Connection State Management:

   • Process:
     • TCP maintains connection states at both ends, including LISTEN, SYN-SENT, SYN-RECEIVED, ESTABLISHED, FIN-WAIT-1, FIN-WAIT-2, CLOSE-WAIT, CLOSING, LAST-ACK, TIME-WAIT, and CLOSED.
   • Purpose:
     • To manage the lifecycle of a TCP connection, handling various phases like establishment, data transfer, and termination.

6. Error Handling During Session:

   • Process:
     • If errors or issues occur during the session, TCP handles them with retransmissions, adjusting flow control, or terminating the connection if necessary.
   • Purpose:
     • To maintain a reliable communication channel and address any issues that arise during the session.

Protocol Sequence

1. Connection Establishment (Three-Way Handshake)

   Step 1: SYN

   TLDR: The client sends a SYN (synchronize) packet to the server to initiate a connection. Explanation: The client begins by sending a TCP segment with the SYN flag set to the server. This segment includes an initial sequence number (ISN), which will be used to track the data packets.

   SYN Packet
       Flags: SYN
       Sequence Number: <client's ISN>
       Source Port: <client's port>
       Destination Port: <server's port>
       Options: <optional TCP options, such as maximum segment size (MSS)>
   

   Step 2: SYN-ACK

   TLDR: The server responds with a SYN-ACK (synchronize-acknowledge) packet to acknowledge the connection request. Explanation: The server receives the SYN packet and responds with a TCP segment that has both the SYN and ACK flags set. This segment includes the server's initial sequence number and acknowledges the client's ISN by setting the acknowledgment number to the client's ISN + 1.

   SYN-ACK Packet
       Flags: SYN, ACK
       Sequence Number: <server's ISN>
       Acknowledgment Number: <client's ISN + 1>
       Source Port: <server's port>
       Destination Port: <client's port>
       Options: <optional TCP options>
   

   Step 3: ACK

   TLDR: The client sends an ACK (acknowledge) packet to finalize the connection establishment. Explanation: The client acknowledges the server's SYN-ACK by sending an ACK packet. This packet has the ACK flag set and the acknowledgment number set to the server's ISN + 1, completing the three-way handshake.

   
   ACK Packet
       Flags: ACK
       Sequence Number: <client's ISN + 1>
       Acknowledgment Number: <server's ISN + 1>
       Source Port: <client's port>
       Destination Port: <server's port>
       Options: <optional TCP options>
   

2. Data Transfer

   Step 1: Data Segments TLDR: Data is transmitted in segments with sequence numbers for ordering. Explanation: Once the connection is established, data transfer can begin. Data is sent in segments, each with a sequence number to ensure the correct order. The receiver acknowledges received segments, allowing for reliable data transmission.

   Data Segment
       Flags: PSH, ACK (usually)
       Sequence Number: <current sequence number>
       Acknowledgment Number: <expected sequence number>
       Data: <payload>
       Options: <optional TCP options>
   

   Step 2: Acknowledgments

   TLDR: The receiver sends ACKs to acknowledge received data segments. Explanation: The receiver sends ACK packets to confirm receipt of data segments. The acknowledgment number indicates the next expected sequence number, confirming receipt of all prior data.

   ACK Packet
       Flags: ACK
       Sequence Number: <receiver's current sequence number>
       Acknowledgment Number: <next expected sequence number>
       Options: <optional TCP options>
   

3. Flow Control

Step 1: Window Size Advertisement TLDR: The receiver advertises its buffer size to control the flow of data. Explanation: TCP uses a sliding window mechanism for flow control. The receiver advertises its available buffer space (window size) in each ACK packet, informing the sender how much data it can send before waiting for an acknowledgment.

ACK Packet
    Flags: ACK
    Sequence Number: <receiver's current sequence number>
    Acknowledgment Number: <next expected sequence number>
    Window Size: <available buffer space>
    Options: <optional TCP options>

4. Congestion Control

Step 1: Congestion Avoidance Algorithms TLDR: TCP uses algorithms to prevent network congestion. Explanation: TCP implements congestion control algorithms like TCP Reno or TCP CUBIC to manage the rate of data transmission and avoid network congestion. These algorithms adjust the congestion window (cwnd) size based on network conditions.

Congestion Control
    Algorithm: <e.g., TCP Reno, TCP CUBIC>
    Parameters: <congestion window size, slow start threshold>

5. Connection Termination (Four-Way Handshake)

Step 1: FIN

TLDR: The client or server sends a FIN (finish) packet to terminate the connection. Explanation: Either the client or server can initiate connection termination by sending a FIN packet, indicating no more data will be sent from this side.

FIN Packet
    Flags: FIN, ACK
    Sequence Number: <current sequence number>
    Acknowledgment Number: <expected sequence number>
    Options: <optional TCP options>

Step 2: ACK TLDR: The receiver acknowledges the FIN packet. Explanation: The receiver of the FIN packet sends an ACK to acknowledge the receipt of the FIN, indicating that it is aware the sender wants to terminate the connection.

ACK Packet
    Flags: ACK
    Sequence Number: <current sequence number>
    Acknowledgment Number: <next sequence number after FIN>
    Options: <optional TCP options>

Step 3: FIN TLDR: The receiver sends a FIN packet to complete the termination. Explanation: The receiver of the first FIN packet sends its own FIN packet when it is ready to close the connection.

FIN Packet
    Flags: FIN, ACK
    Sequence Number: <current sequence number>
    Acknowledgment Number: <expected sequence number>
    Options: <optional TCP options>

Step 4: ACK TLDR: The original sender acknowledges the receiver's FIN packet. Explanation: The original sender acknowledges the receiver's FIN packet by sending an ACK packet, completing the four-way handshake and terminating the connection.

ACK Packet
    Flags: ACK
    Sequence Number: <current sequence number>
    Acknowledgment Number: <next sequence number after FIN>
    Options: <optional TCP options>

Technical Specifications

The behavior and specifications of TCP are defined in a series of documents called RFCs, which are published by the Internet Engineering Task Force (IETF). These standards are language-agnostic, meaning they outline how TCP should work conceptually, focusing on the rules, algorithms, and behaviors that any TCP implementation should follow. The RFCs provide the complete and authoritative specifications for how TCP should operate. These standards are implemented in various languages by operating system providers (Operating system vendors typically provide their own implementation of TCP). Each implementation adheres to the standards and specifications outlined in the RFCs (Request for Comments), ensuring interoperability across different systems, but the actual code and internal handling can vary. While adhering to the standards, operating system developers may optimize TCP implementation for performance, security, or specific use cases. Despite these variations, all implementations are designed to be interoperable, adhering to the core protocols and standards. To ensure that devices running different operating systems can communicate over TCP/IP networks without compatibility issues.

• RFC 793: Transmission Control Protocol -The original specification for TCP, published in 1981. This document defines the TCP protocol, detailing the structure and operations of TCP segments, connection management, data transfer, and error handling.

• RFC 1122: Requirements for Internet Hosts - Communication Layers - This document specifies the requirements for internet hosts, including detailed explanations of TCP/IP protocols.

• RFC 1323: TCP Extensions for High Performance - This document specifies extensions to TCP to improve performance, including window scaling and timestamps.

• RFC 2018: TCP Selective Acknowledgment Options - This document describes the selective acknowledgment (SACK) option for TCP, which allows for more efficient retransmissions.

• RFC 2581: TCP Congestion Control - This document outlines the algorithms and strategies for managing congestion in TCP, including slow start, congestion avoidance, fast retransmit, and fast recovery.

• RFC 5681: TCP Congestion Control (Updated) - This document updates and obsoletes RFC 2581, providing detailed descriptions of the TCP congestion control algorithms.

• RFC 7414: A Roadmap for TCP Specification Documents - This document provides a comprehensive overview and roadmap for TCP specifications, listing and summarizing relevant RFCs.

• IETF TCPM Working Group: This page provides information about the TCP Maintenance and Minor Extensions (TCPM) working group, which is responsible for maintaining and extending the TCP protocol. It includes links to relevant RFCs and other technical documents.

Privacy, Anonymity, and Hacking Concerns Regarding the TCP Protocol

A protocol is a structured set of rules and procedures designed to facilitate standardized interactions and operations within technological systems. When implemented in the technological landscape, protocols inherently display an attack surface, mostly due to the underlying technology used, predictable and repeatable nature of protocols — characteristics upon which some level of vulnerabilities can be exploited to whatever endeavours. The below list some of the TPC protocol exploitations witnessed over the years.

Congratulation is you read this to the en! We hope this article brings a little clarity over the protocol anatomy and its various use cases.

Done!

Thanks and Congratulations for reading this to the end. We hope this article brings a little clarity over TCP protocol.