I persisted in studying TCP and finally understood the TCP protocol.

TCP is a connection-oriented, reliable stream protocol. A stream is equivalent to an uninterrupted data structure.

The reason why TCP can provide reliable transmission is that it is achieved through mechanisms such as checksum, sequence number, confirmation response, retransmission control, connection management and window control.

The following will start by introducing the TCP header format, and explain the TCP three-way handshake, four-way handshake, sliding window, congestion control, flow control and UDP protocol one by one.

TCP header format

• Source port number: indicates the port number of the sender, the field length is 16 bits.
• Destination port number: indicates the receiving port number, the field length is 16 bits.
• Sequence number: The field length is 32 bits. The sequence number refers to the location of the sent data. Each time data is sent, the size of the data bytes is accumulated. The sequence number does not start from 0. It is a number randomly generated by the computer as the initial value when the connection is established and transmitted to the receiving host through the SYN packet.
• Confirmation response number: Length is 32 bits. It refers to the sequence number of the data that should be received next time. After receiving this confirmation response, the sender can determine that the data before this sequence number has been received normally.
• Data offset: Indicates how far the data starts from the TCP start point. In fact, it indicates the length of the TCP header.
• Reserved: This field is for future expansion and is 4 bits long.
• Control bit: 8 bits in length. Each bit from left to right is CWR, ECE, URG, ACK, PSH, RST, SYN, FIN. I will explain the details in the TCP three-way handshake and four-way handshake.
• Window size: This field is used to notify the size of data that can be accepted starting from the position indicated by the acknowledgment response of the same TCP header. TCP does not allow data exceeding this size to be sent.
• Checksum: Filled by the sender, the receiver performs a CRC algorithm on the TCP segment to check whether the TCP segment is damaged during transmission. Note that this check includes not only the TCP header, but also the data part. This is also an important guarantee for TCP reliable transmission.
• Urgent Pointer: This field indicates the pointer of the urgent data in this message. The urgent data is from the first position of the data part to the position pointed by the urgent pointer.
• Option: used to improve the transmission performance of TCP, it is optional information of variable length and contains up to 40 bytes.

TCP three-way handshake

Three-way handshake

Three-way handshake description:

1. The client sends a request message to establish a TCP connection. The message contains a seq sequence number, which is randomly generated by the sender, and sets the SYN field in the message to 1, indicating that a TCP connection needs to be established. The client enters the SYN_SEND state. (SYN=1.seq=x, where x represents a randomly generated value)
2. The server replies to the TCP connection request message sent by the client, which contains the seq sequence number, which is randomly generated by the replying end, and sets SYN to 1, and also generates an ACK field. The field value is based on the sequence number seq sent by the client plus 1, so that when the client receives the information, it knows that its TCP establishment request has been verified, and the server enters the SYN_SEND state. (SYN = 1, ACK = x+1, seq=y, y is a randomly generated value)
3. After the client receives the TCP establishment verification request sent by the server, it will increase its sequence number by 1, and reply to the ACK verification request again, adding 1 to the seq sent by the server to reply. The client enters the ESTABLISHED state. When the server receives the request, it also enters the ESTABLISHED state, and the TCP handshake ends. (SYN = 1, ACK = y+1, seq = x+1)

Why three-way handshake?

1. Check whether both parties have the ability to send and receive data

TCP is a full-duplex trusted transmission protocol, which means that data can be transmitted in both directions at the same time. The process of establishing a three-way handshake is to verify whether both parties have the ability to send and receive data.

The first handshake , at this time the client knows that it has the ability to send data, but does not know whether the server has the ability to receive and send data.

In the second handshake , after the server receives the message, it replies with a confirmation message. At this time, the server knows that the client has the ability to send messages, and knows that it has the ability to receive and send data, but does not know whether the client has the ability to receive data.

In the third handshake , when the client receives the confirmation message from the server, it knows that the server has the ability to receive and send data. Because the server does not know that the client has the ability to receive data, it needs to send a confirmation message to inform the server that it has the ability to receive data.

2. Prevent duplicate connections

When the network conditions are complex or poor, the sender may send multiple connection establishment requests in succession. If the TCP handshake is only twice, the receiver can only choose to accept the request or reject the connection request, but it is not clear whether this request is a normal request.

If it is a three-way handshake, after receiving the seq+1 message from the server, the client can determine whether the current connection is a historical connection by comparison. If it is, it will send a termination message to the server to terminate the connection. If it is not a historical connection, it will send a confirmation message to establish the connection.

Four waves

Establishing a TCP connection requires three handshakes, while terminating a TCP connection requires four handshakes. This is due to the half-close feature of TCP. TCP provides the ability for one end of the connection to receive data from the other end after it finishes sending data.

Four waves

First wave : The client sends a FIN message (requesting connection termination: FIN = 1), in which a sequence number seq = u is specified. It stops sending data, but can still receive data, and actively closes the TCP connection. At this time, the client is in the FIN_WAIT-1 state, waiting for confirmation from the server.

Second wave : After receiving FIN, the server will send an ACK message and use the client's sequence number value + 1 as the sequence number value of the ACK message, indicating that the client's message has been received. At this time, the server is in the CLOSE_WAIT state. After receiving the confirmation from the server, the client enters the FIN-WAIT-2 state and waits for the connection release message segment sent by the server.

The first two waves let the server know that the client wants to release the connection, and also let the client know that the server understands its request to release the connection. Therefore, it can be confirmed that the connection from the client to the server is closed.

The third wave : If the server also wants to disconnect, it will send a FIN message and specify a sequence number. At this time, the server is in the LAST_ACK state, waiting for the client's confirmation, and stops sending data to the client, but the server can still receive data transmitted from the client.

Fourth wave : After receiving FIN, the client also sends an ACK message as a response (ack = w+1), and uses the server's sequence value + 1 as the sequence number value of its own ACK message (seq=u+1). At this time, the client is in the TIME_WAIT state and waits for 2MSL in this state. After the server receives the TCP message sent from the client, the LAST-ACK phase ends and enters the CLOSED phase.

After the client waits for 2MSL, the TIME-WAIT phase ends and enters the CLOSED phase, thus completing four waves.

Why does the client have to wait for 2MSL in the TIME-WAIT phase?

This is to confirm whether the server has received the ACK confirmation message sent by the client.

After the client sends the last ACK confirmation message, it cannot be sure that the server can receive it, so after sending it, it waits for 2MSL. If the server does not receive the ACK confirmation message sent by the client within 1MSL, it will send a FIN message to the client again.

Window Sliding

TCP uses 1 segment as a unit, and each time a segment is sent, a confirmation response must be processed. This transmission method has a disadvantage: the longer the packet round trip time, the lower the communication performance.

To solve this problem, the concept of window is introduced. The confirmation response is no longer a segment, but a larger unit. After sending a segment, the sender does not need to wait for the confirmation response, but can continue to send.

The window size refers to the maximum value of data that can be sent without waiting for confirmation. The window size is divided into four segments.

As shown in the figure above, the white part is the window. The data in the window can be sent out even if no confirmation response is received.

The part outside the sliding window includes data that has not been sent and data that has been confirmed to be received by the other end. After receiving the confirmation response, the window will slide to the part in the confirmation response.

The position of the sequence number. In this way, multiple segments can be sent simultaneously in sequence to improve communication performance. This mechanism is called the window sliding mechanism.

Retransmission processing under the window sliding mechanism

When using window control, you may encounter segment loss. When not using window control, data that has not received an acknowledgment will be resent. When using window sliding, the acknowledgment does not need to be resent even if it is lost.

As shown in the figure below, when a certain segment of the message is lost, the sender will continue to receive confirmation responses with sequence number 1001. This confirmation response is like reminding the sender "I want to receive data starting from 1001".

In the event of message loss, the confirmation response of the same sequence number will be sent repeatedly. When the sender receives the same response three times in a row, it will resend the corresponding data. This retransmission mechanism is called a high-speed retransmission mechanism.

Flow Control

TCP provides a mechanism that allows the sender to control the amount of data sent based on the actual receiving capacity of the receiver.

The receiving host informs the sending host of the size of data it can receive, and the sending host will send data that does not exceed this limit. In fact, this size is the window size, and the value of the window size is determined by the receiving end.

Congestion Control

Because computers are a shared environment, there is also the possibility of network congestion due to communication between other hosts. When the network is congested, suddenly sending a large amount of data may cause the network to crash. If a large amount of data is sent at the beginning of the communication, it will also cause some problems.

To prevent this problem, TCP uses a slow start algorithm to control the amount of data sent.

In order to regulate the amount of transmission, a concept called congestion window is defined.

During slow start, the congestion window size is set to 1 data segment (1 MSS). After that, the window value is increased by 1 for each acknowledgment received.

When sending a data packet, the congestion window size is compared with the window size notified by the receiving host, and a smaller amount of data is sent based on the smaller value.

The difference between TCP and UDP

UDP is a connectionless protocol and an unreliable datagram protocol. It does not guarantee that the message will arrive.

UDP is mainly used for communication or broadcast communication that has high requirements for high-speed transmission and real-time performance. For example, when making a phone call, if TCP is used, if the data is lost during the transmission process, it will be resent, but this will not be able to smoothly transmit human voices, which will cause a significant delay in the voice.

UDP is applicable to:

• Communication with less total packets
• Multimedia communications such as video and audio
• Application communication limited to a specific network such as a LAN
• Broadcast Communications