TCP & UDP - Protocol Details Yen-Cheng Chen

Port Number Divided into three ranges: Well Known Ports: 0 ~ 1023 Registered Ports: 1024 ~ Dynamic and/or Private Ports: ~

Source PortDestination Port LengthChecksum Data 16 bits UDP Header RFC 768

Checksum pseudo header UDP headerdata Checksum is the 16-bit one's complement of the one's complement sum of a pseudo header of information from the IP header, the UDP header, and the data.

Source Address Destination Address bits Protocol (17) UDP Length Pseudo Header

Protocol Number

How to Ensure the Delivery of UDP Messages Time Out Retry

TCP Segment (TCP PDU) Source port (16 bits) Destination port (16 bits) Sequence number (32 bits) Acknowledgment number (32 bits) Data Offset (4 bits) Reserved (6 bits) Flags (6 bits) : URG, ACK, PSH, RST, SYN, FIN Window (16 bits) Checksum (16 bits) Urgent Pointer (16 bits) Options (variable) RFC 793

TCP Header

Sequence / Acknowledgment Number Sequence Number: 32 bits The sequence number of the first data octet in this segment (except when SYN is present). If SYN is present the sequence number is the initial sequence number (ISN) and the first data octet is ISN+1. Acknowledgment Number: 32 bits If the ACK control bit is set this field contains the value of the next sequence number the sender of the segment is expecting to receive. Once a connection is established this is always sent.

(Seq:X, Ack:Y, Data: a bytes) (Seq:Y, Ack:X+a) (Seq:X+a, Ack:Y, Data: b bytes) (Seq:Y, Ack:X+a+b) Sender Receiver Unidirectional Transmission

(Seq:20000, Ack:100, Data: 1000 bytes) (Seq:100, Ack:21000) (Seq:21000, Ack:100, Data: 750 bytes) (Seq:100, Ack:21750) Sender Receiver Example - Unidirectional

(Seq:X, Ack:Y, Data: a bytes) (Seq:Y, Ack:X+a, Data: m bytes) (Seq:X+a, Ack:Y+m, Data: b bytes) (Seq:Y+m, Ack:X+a+b, Data: n bytes) Sender Receiver Bi-directional Transmission (Seq:X+a+b, Ack:Y+m+n, Data: c bytes)

(Seq:25000, Ack:1000, Data:800 bytes) (Seq:1000, Ack:25800, Data:500 bytes) (Seq:25800, Ack:1500, Data: 1000 bytes) (Seq:1500, Ack:26800, Data: 700 bytes) Sender Receiver (Seq:26800, Ack:2200, Data: 600 bytes) Example – Bi-directional

Window (AdvertisedWindow) Window: 16 bits The number of data octets beginning with the one indicated in the acknowledgment field which the sender of this segment is willing to accept. AdvertisedWindow The sender is limited to having no more than a value of AdvertisedWindow bytes of unacknowledged data in any given time. Sliding Window

Flow/Congestion Control Slow Start Fast Retransmit – Duplicate ACK Fast Recovery Implementation Tahoe, Reno, Vegas

SourceDestination … Slow Start

Fast Retransmit Packet 1 Packet 2 Packet 3 Packet 4 Packet 5 Packet 6 Retransmit packet 3 ACK 1 ACK 2 ACK 6 ACK 2 SenderReceiver

Data Offset (Header Length) Data Offset: 4 bits 32 bit The number of 32 bit words in the TCP Header. This indicates where the data begins. The TCP header (even one including options) is an integral number of 32 bits long.

Flags Control Bits: 6 bits (from left to right): URG: Urgent Pointer field significant ACK: Acknowledgment field significant PSH: Push Function RST: Reset the connection SYN: Synchronize sequence numbers FIN: No more data from sender

Urgent Pointer Urgent Pointer: 16 bits This field communicates the current value of the urgent pointer as a positive offset from the sequence number in this segment. The urgent pointer points to the sequence number of the octet following the urgent data. This field is only be interpreted in segments with the URG control bit set.

Options / Paddings Options Maximum Segment Size Padding to ensure that the TCP header ends and data begins on a 32 bit boundary.

Connection Progresses 11 States: LISTEN, SYN-SENT, SYN-RECEIVED, ESTABLISHED, FIN-WAIT-1, FIN-WAIT-2, CLOSE-WAIT, CLOSING, LAST-ACK, TIME-WAIT, and CLOSED.

CLOSED LISTEN SYN_RCVDSYN_SENT ESTABLISHED CLOSE_WAIT LAST_ACKCLOSING TIME_WAIT FIN_WAIT_2 FIN_WAIT_1 Passive open Close Send/SYN SYN/SYN + ACK SYN + ACK/ACK SYN/SYN + ACK ACK Close/FIN FIN/ACKClose/FIN FIN/ACK ACK + FIN/ACK Timeout after two segment lifetimes FIN/ACK ACK ACK ACK Close/FIN Close CLOSED Active open /SYN

TCP Connection States (1) LISTEN - waiting for a connection request SYN-SENT - waiting for a matching connection request after having sent a connection request. SYN-RECEIVED - waiting for a confirming connection request acknowledgment after having both received and sent a connection request. ESTABLISHED - an open connection, data received can be delivered to the user. The normal state for the data transfer phase of the connection.

TCP Connection States (2) FIN-WAIT-1 - waiting for a connection termination request from the remote TCP, or an acknowledgment of the connection termination request previously sent. FIN-WAIT-2 - waiting for a connection termination request from the remote TCP. CLOSE-WAIT - waiting for a connection termination request from the local user. CLOSING - represents waiting for a connection termination request acknowledgment from the remote TCP.

TCP Connection States (3) LAST-ACK - waiting for an acknowledgment of the connection termination request previously sent to the remote TCP (which includes an acknowledgment of its connection termination request). TIME-WAIT - waiting for enough time to pass to be sure the remote TCP received the acknowledgment of its connection termination request. CLOSED - no connection state at all.

Basic 3-Way Handshake for Connection Synchronization (Seq:X, Syn.) (Seq:Y, Ack:X+1, Ack.,Syn.) (Seq:X+1, Ack:Y+1, Ack.) Sender Receiver Data Transmission

Example - Connection Synchronization

Closing a Connection (Seq:X, Ack:Y. Ack.,Fin.) (Seq:Y, Ack:X+1, Ack..) Requester Responder (Seq:Y, Ack:X+1, Ack.,Fin.) (Seq:X+1, Ack:Y+1. Ack.)

Example – Closing a Connection MSL: Maximum Segment Lifetime

TCP Pseudo Header