Short introduction to TCP protocol
The TCP protocol is used by a large majority of client/server applications like the millions of Internet Web servers.
TCP stands for Transmission Control Protocol and works on the transport network IP (Internet Protocol).
TCP is used to exchange data reliably through mechanisms of sequence and acknowledgment, error detection, error recovery. The performance and memory management of reception are controlled by a system of workflow management.
TCP is a connection-oriented protocol, a formal relationship (handshake) is established before exchanging data. The system that initiates the connection is considered as the client in the TCP terminology while the system that accepts this connection is considered as the server.
Two systems can establish connections to one another and simultaneously, in this case they are both server and client. The client and server exchange units of information called “TCP segments, the segments being composed of a header and a data area.
TCP is a connection-oriented, end-to-end reliable protocol designed to fit into a layered hierarchy of protocols which support multi-network applications.
The TCP provides for reliable inter-process communication between pairs of processes in host computers attached to distinct but interconnected computer communication networks
TCP assumes it can obtain a simple, potentially unreliable datagram service from the lower level protocols. In principle, the TCP should be able to operate above a wide spectrum of communication systems ranging from hard-wired connections to packet-switched or circuit-switched networks.
- Some computer systems will be connected to networks via front-end computers which house the TCP and internet protocol layers, as well as network specific software. The TCP specification describes an interface to the higher level protocols which appears to be implementable even for the front-end case, as long as a suitable host-to-front end protocol is implemented.
Interfaces
The TCP interfaces on one side to user or application processes and on the other side to a lower level protocol such as Internet Protocol.
The interface between an application process and the TCP consists of a set of calls much like the calls an operating system provides to an application process for manipulating files. For example, there are calls to open and close connections and to send and receive data on established connections. It is also expected that the TCP can asynchronously communicate with application programs.
TCP is designed to work in a very general environment of interconnected networks. The lower level protocol which is assumed throughout this document is the Internet Protocol
To provide this service on top of a less reliable internet communication system requires facilities in the following areas:
Basic Data Transfer
Reliability
Flow Control
Multiplexing
Connections
Precedence and Security
Basic Data Transfer:
The TCP is able to transfer a continuous stream of octets in each direction between its users by packaging some number of octets into segments for transmission through the internet system. In general, the TCPs decide when to block and forward data at their own convenience.
Reliability:
The TCP must recover from data that is damaged, lost, duplicated, or delivered out of order by the internet communication system. This is achieved by assigning a sequence number to each octet transmitted, and requiring a positive acknowledgment (ACK) from the
receiving TCP. If the ACK is not received within a timeout interval, the data is retransmitted. At the receiver, the sequence numbers are used to correctly order segments that may be received out of order and to eliminate duplicates. Damage is handled by adding a checksum to each segment transmitted, checking it at the receiver, and discarding damaged segments.
Flow Control:
TCP provides a means for the receiver to govern the amount of data sent by the sender. This is achieved by returning a “window” with every ACK indicating a range of acceptable sequence numbers beyond the last segment successfully received. The window indicates an allowed number of octets that the sender may transmit before receiving further permission.
Multiplexing:
To allow for many processes within a single Host to use TCP communication facilities simultaneously, the TCP provides a set of addresses or ports within each host. Concatenated with the network and host addresses from the internet communication layer, this forms a socket. A pair of sockets uniquely identifies each connection. That is, a socket may be simultaneously used in multiple connections.
The binding of ports to processes is handled independently by each Host. However, it proves useful to attach frequently used processes (e.g., a “logger” or timesharing service) to fixed sockets which are made known to the public.
Connections:
The reliability and flow control mechanisms described above require that TCPs initialize and maintain certain status information for each data stream. The combination of this information, including sockets, sequence numbers, and window sizes, is called a connection.
Each connection is uniquely specified by a pair of sockets
identifying its two sides. When two processes wish to communicate, their TCP’s must first
establish a connection (initialize the status information on each side). When their communication is complete, the connection is terminated or closed to free the resources for other uses. Since connections must be established between unreliable hosts and
over the unreliable internet communication system, a handshake mechanism with clock-based sequence numbers is used to avoid erroneous initialization of connections.
The term packet is used generically here to mean the data of one transaction between a host and its network. The format of data blocks exchanged within the a network will generally not be of concern to us.
Hosts are computers attached to a network, and from the communication network’s point of view, are the sources and destinations of packets. Processes are viewed as the active elements in host computers (in accordance with the fairly common definition of a process as a programin execution). Even terminals and files or other I/O devices are viewed as communicating with each other through the use of processes. Thus, all communication is viewed as inter-process communication.
Model of Operation :
Refer PDF
Reliable Communication : Refer PDF
A stream of data sent on a TCP connection is delivered reliably and in order at the destination.The matching of local and foreign sockets determines when a connection has been initiated. The connection becomes “established” when sequence numbers have been synchronized in both directions. The clearing of a connection also involves the exchange of segments, in this case carrying the FIN control flag.
Data Communication
The data that flows on a connection may be thought of as a stream of
octets. The sending user indicates in each SEND call whether the data in that call (and any preceeding calls) should be immediately pushed through to the receiving user by the setting of the PUSH flag. A sending TCP is allowed to collect data from the sending user and to send that data in segments at its own convenience, until the push function is signaled, then it must send all unsent data. When a receiving TCP sees the PUSH flag, it must not wait for more data from the sending TCP before passing the data to the receiving process.
There is no necessary relationship between push functions and segment boundaries. The data in any particular segment may be the result of a single SEND call, in whole or part, or of multiple SEND calls.The purpose of push function and the PUSH flag is to push data through from the sending user to the receiving user. It does not provide a record service.
- The TCP makes use of the internet protocol type of service field and security option to provide precedence and security on a per connection basis to TCP users
- TCP implementations will follow a general principle of robustness: be conservative in what you do, be liberal in what you accept from others.
Sequence Number: 32 bits
The sequence number of the first data octet in this segment (except when SYN is present). If SYN is present the sequence number is the initial sequence number (ISN) and the first data octet is ISN+1.
Acknowledgment Number: 32 bits
If the ACK control bit is set this field contains the value of the next sequence number the sender of the segment is expecting to receive. Once a connection is established this is always sent.
Window: 16 bits
The number of data octets beginning with the one indicated in the acknowledgment field which the sender of this segment is willing to accept.
TCP :
- A connection progresses through a series of states during its lifetime. The states are:
- LISTEN,
- SYN-SENT,
- SYN-RECEIVED,
- ESTABLISHED,
- FIN-WAIT-1,
- FIN-WAIT-2,
- CLOSE-WAIT,
- CLOSING,
- LAST-ACK,
- TIME-WAIT,
- CLOSED
LISTEN – represents waiting for a connection request from any remote TCP and port.
SYN-SENT – represents waiting for a matching connection request after having sent a connection request. Waiting for an acknowledgment from the remote endpoint after having sent a connection request. Results after step 1 of the three-way TCP handshake.
SYN-RECEIVED
This endpoint has received a connection request and sent an acknowledgment. This endpoint is waiting for final acknowledgment that the other endpoint did receive this endpoint’s acknowledgment of the original connection request. Results after step 2 of the three-way TCP handshake
Established :
Represents a fully established connection; this is the normal state for the data transfer phase of the connection.
The client application opens a connection to the server by sending a TCP segment which only the header is present (no data). This header contains a flag SYN stands for “Synchronize” and the TCP port number the server (application). The client is in SYN_SENT state (SYN sent).
If a connection is in the LISTEN state and a SYN segment arrives, the connection makes a transition to the SYN_RCVD state and takes the action of replying with an ACK+SYN segment. The client does an active open which causes its end of the connection to send a SYN segment to the server and to move to the SYN_SENT state. The arrival of the SYN+ACK segment causes the client to mo ve to the ESTABLISHED state and to send an ack back to the server. When this ACK arrives the server finally moves to the ESTABLISHED state. In other words, we have just traced the THREE-WAY HANDSHAKE.
The server (application) is listening (listen) and on receipt of the SYN from the client, it changes of state and responds with a SYN and ACK flag. The server is then able SYN_RCVD (SYN received).
The client receives the server’s TCP segment with SYN ACK indicators and move in status ESTABLISHED. He also sent a response ACK to the server that also passes in status ESTABLISHED. This exchange in three phases (three-way handshake) complete the establishment of the TCP connection can now be used to exchange data between the client and server
In the event that a connection request arrives on the server and that no application is listening on the requested port, a segment with flag RST (reset) is sent to the client by the server, the connection attempt is immediately terminated.
FIN-WAIT-1 – represents waiting for a connection termination request from the remote TCP, or an acknowledgment of the connection termination request previously sent.
- Waiting for a connection termination request from the remote TCP after this endpoint has sent its connection termination request. This state is normally of short duration, but if the remote socket endpoint does not close its socket shortly after it has received information that this socket endpoint closed the connection, then it might last for some time. Excessive FIN-WAIT-2 states can indicate an error in the coding of the remote application.
FIN-WAIT-2 : Waiting for a connection termination request from the remote TCP after this endpoint has sent its connection termination request. This state is normally of short duration, but if the remote socket endpoint does not close its socket shortly after it has received information that this socket endpoint closed the connection, then it might last for some time. Excessive FIN-WAIT-2 states can indicate an error in the coding of the remote application.
CLOSE-WAIT – represents waiting for a connection termination request from the local user. This endpoint has received a close request from the remote endpoint and this TCP is now waiting for a connection termination request from the local application.
CLOSING – Waiting for a connection termination request acknowledgment from the remote TCP. This state is entered when this endpoint receives a close request from the local application, sends a termination request to the remote endpoint, and receives a termination request before it receives the acknowledgment from the remote endpoint.
LAST-ACK – represents waiting for an acknowledgment of the connection termination request previously sent to the remote TCP (which includes an acknowledgment of its connection termination request).
Time wait : Waiting for enough time to pass to be sure the remote TCP received the acknowledgment of its connection termination request.
In the process of terminating a connection, the important thing to keep in mind is that the application process on both sides of the connection must independently close its half of the connection. Thus, on any one side there are three combinations of transition that get a connection from the ESTABLISHED state to the CLOSED state:
- This side closes first:
ESTABLISHED -> FIN_WAIT_1-> FIN_WAIT_2 -> TIME_WAIT -> CLOSED.
- The other side closes first:
ESTABLISHED -> CLOSE_WAIT -> LAST_ACK -> CLOSED.
- Both sides close at the same time:
ESTABLISHED -> FIN_WAIT_1-> CLOSING ->TIME_WAIT -> CLOSED.
Automotive Diagnostics 