Transmission Control Protocol (TCP) Recall, UDP is a connectionless unreliable datagram transport service IP, the Network Layer, also only provides a connectionless unreliable delivery Some applications still have a need a more reliable service A different protocol is included in the TCP/IP suite to provide applications with a reliable connection oriented transport

Position of TCP in TCP/IP protocol suite

Properties of TCP Stream Oriented Virtual Circuit Connection Data from the source process is passed to destination process as a sequenced stream Bytes arrive to the application in the order send by the source process Virtual Circuit Connection Provides the application with the appearance of a dedicated connection between the two processes There is a call setup Data transfer phase Call disconnect Reliable Stream TCP performs all error detection and recovery Applications not concerned with error recovery

Stream delivery Reliable Stream

Properties of TCP Buffered transfer Unstructured Stream Application process generates octets in any size Transport (TCP) collects bytes to create (possibly) larger datagrams for transport Bytes collected (buffered) at destination for delivery to destination process Unstructured Stream Appears like a continuous stream of bytes No record boundaries Full duplex connection Data may flow in both directions concurrently Provides for one side to terminate flow in one direction and reduce to half duplex

TCP Stream Identification TCP uses port numbers like UDP TCP connections are identified by (host, port) pairs or (IP address, port) Like with UDP, some applications are assigned to well known ports

Some Well Known TCP Ports

Port numbers Web Browser Web Server 80 53,125

Reliable Transport Recall Data Link reliable service like HDLC Received data accepted with a positive acknowledgement A timer is associated with every datagram If timer expires before acknowledgement arrives, datagram is retransmitted To improve performance, multiple datagrams can be sent before receiving an acknowledgement Sliding Window Protocols Maximum number of unacked datagrams allowed is window size

TCP Stream Flow TCP stream is a continuous stream of bytes Stream is broken down in chunks called segments which vary in size by application TCP user a timer for each segment sent Acks are sent for received data, but only after a short delay Checksum is included in TCP header and covers TCP header, pseudo header, and all data TCP segments are carried over IP and can arrive out of order and can have duplicates

TCP Stream Flow Like HDLC TCP uses a sliding window Sliding window is measured in bytes, not frames or buffers TCP references the byte number relative to the beginning of a stream Acknowledgements reference byte numbers being acknowledged Acknowledgments do not refer to segments

TCP Windows 1 2 3 ……. n-1 n ……………. n + w-1 ….. Bytes acknowledged Sending Window Sender may send from byte n for up to w bytes before receiving an ack Window size is w bytes Sender may break up w bytes into any number of segments The byte number of the first byte in each segment is included with each segment The acknowledgment field references the next byte number expected in sequence

Sending and receiving buffers

TCP segments

Sender buffer

Receiver window

Sender buffer and sender window

Sliding the Sender Window ACK (203)

Flow Control When TCP acks data, it indicates the next byte expected In order to increase or decrease the flow of data TCP also sends a window size Window size represents the number of bytes the receiver is prepared to receive before any acknowledgement is sent To slow things down, the receiver can decrease window size Window size change dynamically during a connection Receiver must always maintain a buffer of window size

Expanding the sender window ACK (205) Window 10

Shrinking the sender window ACK (210) Window 6

TCP Flow Control The TCP sender window is totally controlled by the receiver Sender does not have to send a full window’s worth of data Size of sending window can increase or decrease dynamically Receiver can send an acknowledgment and new window size at any time Window size can be reduced to zero

TCP segment format IP Header TCP Header Data

Sequence Numbers Acknowledgement Numbers When a connection is established, an initial starting sequence number is agreed upon, usually not 1. Subsequent segments reference data bytes relative to this starting sequence number Acknowledgments are always the next bytes expected in the sequence

Control field

CHECKSUM Calculations Pseudoheader added to the TCP datagram CHECKSUM Calculations

Making a TCP Connection Three steps are required to set up a connection This is called three-way handshake A segment is sent from A to B SYN bit is set Sequence number set to some initial value X A segment is sent from B to A ACK bit is set (ack = X +1) Sequence number set to some value Y ACK bit is set (ack = Y+1) Connection is now established

Making a TCP Connections Host A Host B SYN seq X SYN ack(X + 1) seq Y ack( Y + 1) Connection Established

Closing a Connection Remember a TCP connection is full duplex A connection must be closed in both directions If A has no more data to send A finishes sending data if any A sends a last segment FIN bit set Seq number set to Z B send segment to A ACK bit set (ack = Z + 1) B sends end of file indication to application Connection now closed in one direction Data can continue flowing in the other direction

Closing a Connection When it is time to close the connection in the other direction B sends a segment to A FIN bit is set Seq number set to V A sends a segment to B ACK bit set (ack = V +1) A send end of file indication to application Connection is now closed in both directions

Closing a TCP Connection Host A Host B FIN seq Z ack( Z + 1) FIN seq V ack( V + 1) Connection Closed

Resetting a Connection Closing a connection with a four-way handshake is the normal way of closing TCP connections There are situations where it is necessary to close connections abnormally or RESET A sends a segment to B RST bit is set B acks the RST segment immediately and closes the connection B informs application program of termination

Examples of Resets First datagram of the three-way handshake (SYN) to a non existing port Abnormal condition encountered Extensively long idle time

SYN Flooding Attacks The three way handshake requires that the server side buffer the initial SYN while waiting for final ACK segment to be received Servers can handle some fixed number of such pending connections One common denial of service attack is for to send many initial SYN segments but never send the final ACK segment This results in many pending connections filling up all possible buffers Additional legitimate request are denied Most modern TCPs have mechanisms to protect from this situation

Encapsulation and decapsulation

Multiplexing and demultiplexing

Comparison of UDP/TCP TCP UDP Byte oriented protocol Message oriented No message boundaries One stream of data Reliable protocol Retransmission of lost data Flow control Congestion control UDP Message oriented Message boundaries preserved Each message independent Unreliable protocol No error recovery No flow control No congestion control