TCP

TCP/IP Original Model

TCP/IP Updated Model

Application

Application

Transport
Internet

Transport
Network
Data Link
Physical

Link

Maximum and Minimum Frame Size

Frame Type

IPG
Preamble

Standard

12 Bytes

8 Bytes

Layer 1
Start of Frame
Delimiter
1 Byte

Layer2
Layer2 Frame Size with
802.1 Q
64 - 1522 Bytes

Layer2 Frame Size Without

802.1 Q
64 - 1518 Bytes

Layer4
Layer4 TCP Segment
Size
Variable

Layer4 TCP OverHead

TCP Header
20 - 60 Bytes

Layer4 UDP Segment Size

Variable

Layer4 UDP OverHead

UDP Header
8 Bytes

Layer4 TCP Segment PDU Structure

Layer4 TCP Segment

Size
Variable

Layer4 OverHead
Layer4 TCP OverHead
TCP Header
20 - 60 Bytes

Layer4 Payload
Payload
Variable

What is TCP?

Transport Control Protocol (TCP) is a Transport Layer Connection Oriented Protocol that is used for services that require ordered data transfer and data segmentation, error recovery, f
How does TCP work?

TCP encapsulates the Layer5 PDU, adding a Layer4 UDP header to it, thus, turning it into a Layer4 PDU, called segment. The Multiplexing over ports feature, offers the posibilities to
The Multiplexing over ports feature, offers the posibilities to provide multiple services to run over different ports at the same time with a port number ranging between 0 and 65535. O
1024 to 49151 are register available ports (ports that become assigned to an application once a requirement is made to IANA), 49152 to 65535 are dynamic or private ports that cannot
Ordered data transfer and data segmentation feature, permits continous streaming of bytes from an upper-layer process that is "segmented" for transmission and delivered to upper-laye
Error recovery feature, offers numberig and acknowledging of data with sequence and acknowledgement header fields.
Flow control feature, offers the use of window sizes to protect buffer space and routing devices from being overloaded with traffic.
Connection management feature, offers connection establishment and termination capacity through the use of port initialization, sequencing and acknowledgement fields.
Layer4 TCP Header Structure?
0

15

16

Source Port
Window Size

23

24

31

32

39
Layer4 OverHead
Layer4 TCP Header

Destination Port
Acknowledgement Number
Checksum

Offset & Reserved

Urgent Pointer

40

47

Sequence Number
TCP Flags
Options and Padding (0 to 4

Source Port: 00:00 to FF:FF (TCP Source Port Value);

Destination Port: 00:00 to FF:FF (TCP Destination Port Value);
Sequence No.: 00:00:00:00 to FF:FF:FF:FF (TCP Sequence No. Value);
Acknowledgment No.: 00:00:00:00 to FF:FF:FF:FF (TCP Acknowledgement No. Value);
Flag, bit 7 Acknowledgement: 0 is Not Set, 1 is Set (TCP Acknowledgement Bit);
Flag, bit 10 Syn: 0 is Not Set, 1 is Set (TCP Synchronization Bit);
Flag, bit 11 Fin: 0 is Not Set, 1 is Set (TCP Finished Bit);
Window Size: 00:00:00:00 to FF:FF:FF:FF (TCP Window Size Value);

Connection Oriented Protocol? 3-Way Handshake Procedure?

TCP is a connection oriented protocol, as of such, a connection must first be established between the 2 communication endpoints before the actual data transfer can begin.
The process to create the connection is called 3-Way HandShake.
3-Way Handshake consists in exchanging 3 TCP Segments with the Syn, Syn/Ack, Ack Bits Set between the 2 communication end points.
A Connection Termination consists in exchanging 3 TCP Segments with the Ack/Fin, Ack/Fin, Ack Bits Set between the 2 communication end points.
If the Connection Termination cannot be realised immediately an intermediary TCP Segment with the Ack Bit Set can be sent before the reply with Ack/Fin.

3-Way HandShake Establishment Procedure

EndPoint1
Syn=0

EndPoint2
|---------------------------------------->
<----------------------------------------|

Ack=1, Seq=1

Connection Maintenance

|---------------------------------------->

EndPoint1
Seq=1, Ack

Syn=0, Ack=1
Seq=461, Ack=1449
* He confirms receiving 1448 Bytes.

* The connection is estabished with a certain window size. If the transmission is consistent and no unreceived bits have been resent, then the original window transmission s
What is the TCP Sliding Window?

TCP communication uses windowing, meaning that one or more segments are sent at one time, and a receiver can acknowledge the receipt of all the segments in a window with a sing
In some cases, TCP uses a sliding window, where the window size begins with one segment. If there is a successful acknowledgment of that one segment (that is, the receiver sends an
the window size doubles to two segments. Upon successful receipt of those two segments, the next window contains four segments.
This exponential increase in window size continues until the receiver does not acknowledge successful receipt of all segments within a certain time period (known as the round - trip ti
What is the TCP Maximum Segment Size?

The TCP Maximum Segment Size (MSS) is the amount of data that can be contained in a single TCP segment. The value is dependent on the current TCP window size. MSS only refe
If a single TCP flow drops a packet, that flow might experience TCP slow start , meaning that the window size is reduced to one segment.
The window size then grows exponentially until it reaches one-half of its congestion window size (that is, the window size when congestion was previously experienced). At that point
If a router interfaces output queue fills to capacity, all TCP flows can simultaneously start to drop packets, causing all TCP flows to experience slow start.
This condition, called global synchronization or TCP synchronization , results in a very inefficient use of bandwidth, because of all TCP flows having reduced window sizes and theref
What is Out-of-Order Delivery?

In many routed environments, a router has more than one egress interface that can reach a destination IP address.
If load balancing is enabled in such a scenario, some packets in a traffic flow might go out one interface, while other packets go out of another interface.
With traffic flowing out of multiple interfaces, there is a chance that the packets will arrive out of order. Fortunately, TCP can help prevent out-of-order packets by either sequencing th
Well-Known TCP Ports?

Application Type

Source Port No.

Destination Port No.

Telnet
SMTP
DNS
HTTP
POP3
SSL

1024+

23
25
53
80
110
443

1024+
1024+

Maximum Throughput Calculation

Protocol Overhead= (Segment Size - Payload Size)/ Segment Size
Protocol Efficiency= Payload Size/ Segment Size
Throughput= Efficiency * Net Bit Rate

Layer2
Layer2 MAC OverHead
Frame Header
14 bytes / 18 Bytes

Layer4 UDP OverHead

UDP Header
8 Bytes

Layer2 Payload
Payload
42/46 - 1500 Bytes

Layer2 MAC OverHead

Frame Trailer
4 Bytes

Layer3 IPv4 Packet Size

0 - 1500 Bytes

Layer4 Payload
Payload
Variable

er and data segmentation, error recovery, flow control, connection management and port multiplexing. TCP header size is of 20-60 Bytes.

Layer3 IPv4 OverHead

IPv4 Header
20 - 60 Bytes

Layer3
Layer3 IPv6 Packet
Size
0 - 1500 Bytes

over ports feature, offers the posibilities to provide multiple services to run over different ports at the same time with a port number ranging between 0 and 65535.
t number ranging between 0 and 65535. Out of those 65536 usable ports 0 to 1023 are known as well defined, reserved communication ports,
35 are dynamic or private ports that cannot be registered with IANA, they are used for private, or customized services or temporary purposes.
r transmission and delivered to upper-layer processes at the receiving device, with the bytes in the same order.

and acknowledgement fields.

48

55

Sequence Number
TCP Flags
Options and Padding (0 to 40)

56

63

Window Size

Sequence No.: a 32-bit field indicting the amount of data sent during a TCP session. The sending party can be assured that the receiving party really received the data,
because the receiving party uses the sequence number as the basis for the acknowledgment number in the next segment it sends back to the sender;
Acknowledgment No: used by the recipient of a segment to request the next segment in the TCP session. The value of this field is calculated by adding 1 to the previously received sequence number
Offset field: The Offset field is a 4-bit leftmost field that specifies the offset between the data in a TCP segment and the start of the segment, in units of 4-byte words;
Reserved field: The 3-bit Reserved field is not used, and each of the 3 bits are set to a value of 0;
TCP Flags field: The TCP Flags field is comprised of 9 flag bits (also known as control bits ), which indicate a variety of segment parameters;
Window field: The 16-bit Window field specifies the number of bytes a sender is willing to transmit before receiving an acknowledgment from the receiver;
Checksum field: The Checksum field is a 16-bit field that performs error checking for a segment;
Urgent Pointer field: The 16-bit Urgent Pointer field indicates that last byte of a segments data that was considered urgent.
The field specifies the number of bytes between the current sequence number and that urgent data byte;
TCP Options field: The optional TCP Options field can range in size from 0 to 320 bits (as long as the number of bits is evenly divisible by 32), and the field can contain a variety of TCP segment pa

actual data transfer can begin.

y with Ack/Fin.

Connection Maintenance

3-Way HandShake Termination Procedure

EndPoint2

|----------------------------------->
<----------------------------------|

EndPoint1
Ack, Fin

Seq=1,Ack=461

|----------------------------------->

|-------------------------------------------------------->
<--------------------------------------------------------|

Ack

|--------------------------------------------------------->

ceiving 1448 Bytes.

hen the original window transmission size can be extended.

f all the segments in a window with a single acknowledgment.

one segment (that is, the receiver sends an ACK asking for the next segment),

n time period (known as the round - trip time [RTT] , which is sometimes called real transfer time ), or until a configured maximum window size is reached.

current TCP window size. MSS only refers to the amount of data in a segment.

was previously experienced). At that point, the window size begins to grow linearly instead of exponentially.
ce slow start.
s having reduced window sizes and therefore spending more time waiting for acknowledgments.

ut-of-order packets by either sequencing them in the correct order or by requesting the retransmission of out-of-order packets.

er3
Layer3 IPv6 OverHead
IPv6 Header
40 Bytes

Layer3 Payload
Payload
Variable

received sequence number;

a variety of TCP segment parameters;

Procedure
EndPoint2

Ack, Fin