TCP Protocol
TCP Protocol¶
Overview¶
This document covers the core concepts of TCP (Transmission Control Protocol). You'll learn the operating principles of TCP, which ensures connection-oriented and reliable data transmission, including header structure, flow control, and congestion control mechanisms.
Difficulty: βββ Estimated Learning Time: 3-4 hours Prerequisites: 09_Routing_Protocols.md
Table of Contents¶
- TCP Characteristics
- TCP Header Structure
- 3-Way Handshake
- 4-Way Handshake
- Sequence Numbers and ACK
- Flow Control
- Congestion Control
- Practice Problems
- Next Steps
- References
1. TCP Characteristics¶
1.1 Basic TCP Features¶
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β TCP Features β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β 1. Connection-Oriented β
β - Requires connection establishment before data transfer β
β (3-way handshake) β
β - Connection termination after transmission (4-way handshake)β
β β
β 2. Reliability β
β - Guaranteed data delivery β
β - Order preservation β
β - Error detection and retransmission β
β β
β 3. Flow Control β
β - Transmission rate matched to receiver's processing speed β
β - Uses sliding window β
β β
β 4. Congestion Control β
β - Responds to network congestion β
β - Slow Start, Congestion Avoidance, etc. β
β β
β 5. Full-Duplex Communication β
β - Simultaneous bidirectional data transmission β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
1.2 TCP vs UDP Brief Comparison¶
| Feature | TCP | UDP |
|---|---|---|
| Connection | Connection-oriented | Connectionless |
| Reliability | Reliable | Unreliable |
| Ordering | Ordered | Unordered |
| Speed | Relatively slow | Fast |
| Header Size | 20-60 bytes | 8 bytes |
| Use Cases | Web, email, file transfer | Streaming, DNS, gaming |
1.3 TCP Segment¶
TCP Data Encapsulation
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Application Layer β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
β β Data β β
β βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ β
ββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Transport Layer (TCP) β
β ββββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββ β
β β TCP Header β Data β β
β β (20-60B) β (Segment) β β
β ββββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββ β
β TCP Segment β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β
βΌ
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Network Layer (IP) β
β ββββββββββββββββ¬βββββββββββββββββββββββββββββββββββββββββββββββ β
β β IP Header β TCP Segment β β
β β (20-60B) β β β
β ββββββββββββββββ΄βββββββββββββββββββββββββββββββββββββββββββββββ β
β IP Packet β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
2. TCP Header Structure¶
2.1 TCP Header Format¶
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Source Port | Destination Port |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Sequence Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Acknowledgment Number |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data | |C|E|U|A|P|R|S|F| |
| Offset| Rsrvd |W|C|R|C|S|S|Y|I| Window |
| | |R|E|G|K|H|T|N|N| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Checksum | Urgent Pointer |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Options (if any) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Data |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
2.2 Header Field Descriptions¶
| Field | Size | Description |
|---|---|---|
| Source Port | 16 bits | Source port number (0-65535) |
| Destination Port | 16 bits | Destination port number (0-65535) |
| Sequence Number | 32 bits | Byte number of first byte in segment data |
| Acknowledgment Number | 32 bits | Next expected byte number |
| Data Offset | 4 bits | TCP header length (in 4-byte units) |
| Reserved | 4 bits | Reserved (set to 0) |
| Flags | 8 bits | Control flags (CWR, ECE, URG, ACK, PSH, RST, SYN, FIN) |
| Window | 16 bits | Receive window size (flow control) |
| Checksum | 16 bits | Error detection checksum |
| Urgent Pointer | 16 bits | Urgent data location (when URG flag set) |
| Options | 0-40 bytes | Additional options (MSS, Window Scale, etc.) |
2.3 TCP Flags¶
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β TCP Flags β
βββββββββββ¬ββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β CWR β Congestion Window Reduced - congestion window reduced β
β ECE β ECN-Echo - explicit congestion notification β
β URG β Urgent - urgent data present β
β ACK β Acknowledgment - acknowledgment valid β
β PSH β Push - deliver immediately without buffering β
β RST β Reset - force connection termination β
β SYN β Synchronize - connection request (seq number sync) β
β FIN β Finish - connection termination request β
βββββββββββ΄ββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
2.4 Key TCP Options¶
| Option | Kind | Description |
|---|---|---|
| MSS | 2 | Maximum Segment Size (typically 1460 bytes) |
| Window Scale | 3 | Window size expansion (up to 1GB) |
| SACK Permitted | 4 | Selective ACK support |
| SACK | 5 | Received segment ranges |
| Timestamps | 8 | RTT measurement and PAWS |
| NOP | 1 | Padding (No Operation) |
3. 3-Way Handshake¶
3.1 Connection Establishment Process¶
TCP connections are established through a 3-way handshake.
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β 3-Way Handshake β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β Client Server β
β β β β
β β Step 1: SYN β β
β β ββββββββββββββββββββββββββββββΊ β β
β β SYN=1, Seq=100 β β
β CLOSED β β LISTEN β
β β β β β β
β SYN_SENTβ Step 2: SYN-ACK β SYN_RECEIVED β
β β ββββββββββββββββββββββββββββββ β β
β β SYN=1, ACK=1, Seq=300, Ack=101 β β
β β β β β
β ESTABLISHED Step 3: ACK β β
β β ββββββββββββββββββββββββββββββΊ β β
β β ACK=1, Seq=101, Ack=301 β β
β β β ESTABLISHED β
β β β β
β β Connection Established β β
β β βββββββββββββββββββββββββββββββΊ β β
β β Data Transfer β β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
3.2 Detailed Steps¶
Step 1: SYN (Synchronize)
Client β Server
TCP Header:
Source Port: 50000 (ephemeral)
Destination Port: 80 (HTTP)
Sequence Number: 100 (ISN - Initial Sequence Number)
Acknowledgment: 0
Flags: SYN=1
Window: 65535
Options: MSS=1460, Window Scale=7
Meaning: "I want to connect. My sequence number starts at 100."
Step 2: SYN-ACK
Server β Client
TCP Header:
Source Port: 80
Destination Port: 50000
Sequence Number: 300 (Server's ISN)
Acknowledgment: 101 (Client Seq + 1)
Flags: SYN=1, ACK=1
Window: 65535
Options: MSS=1460, Window Scale=7
Meaning: "Connection request received. Expecting byte 101.
My sequence number starts at 300."
Step 3: ACK
Client β Server
TCP Header:
Source Port: 50000
Destination Port: 80
Sequence Number: 101
Acknowledgment: 301 (Server Seq + 1)
Flags: ACK=1
Window: 65535
Meaning: "Received server's response. Expecting byte 301.
Now we can exchange data."
3.3 ISN (Initial Sequence Number)¶
Why ISN is Random:
1. Security
- Predictable ISN vulnerable to TCP session hijacking
- Random ISN increases attack difficulty
2. Distinguish from Previous Connections
- Prevents confusion with packets from previous connection
on same socket (IP:Port pair)
- Related to TIME_WAIT state
ISN Generation Example:
Modern OS: Uses secure random number generator (CSPRNG)
Legacy: Time-based counter (increment by 1 every 4 microseconds)
3.4 TCP State Transition (Connection Establishment)¶
Client state transition:
CLOSED β SYN_SENT β ESTABLISHED
Server state transition:
CLOSED β LISTEN β SYN_RECEIVED β ESTABLISHED
4. 4-Way Handshake¶
4.1 Connection Termination Process¶
TCP connections are gracefully terminated through a 4-way handshake.
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β 4-Way Handshake β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β Client (Active Close) Server (Passive Close) β
β β β β
β ESTABLISHED ESTABLISHED β
β β β β
β β Step 1: FIN β β
β β ββββββββββββββββββββββββββββββΊ β β
β β FIN=1, Seq=100 β β
β FIN_WAIT_1 β β
β β β CLOSE_WAIT β
β β Step 2: ACK β β
β β ββββββββββββββββββββββββββββββ β β
β β ACK=1, Ack=101 β β
β FIN_WAIT_2 β β
β β β (Send remaining data)β
β β β β
β β Step 3: FIN β β
β β ββββββββββββββββββββββββββββββ β β
β β FIN=1, Seq=300 β LAST_ACK β
β TIME_WAIT β β
β β Step 4: ACK β β
β β ββββββββββββββββββββββββββββββΊ β β
β β ACK=1, Ack=301 β β
β β β CLOSED β
β (Wait 2MSL) β β
β CLOSED β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
4.2 Detailed Steps¶
| Step | Sender | Flags | Description |
|---|---|---|---|
| 1 | Client | FIN | "No more data to send. Request connection termination" |
| 2 | Server | ACK | "FIN acknowledged. May still have data to send" |
| 3 | Server | FIN | "I'm done sending too. Agree to terminate" |
| 4 | Client | ACK | "FIN acknowledged. Connection terminated" |
4.3 Half-Close¶
TCP supports half-close. Even after one side sends FIN, the other can continue sending data.
Half-Close Scenario
Client Server
β β
βββ FIN ββββββββββΊβ Client: "No more data to send"
β β
ββββββ ACK ββββββββ Server: "OK"
β β
ββββββ Data βββββββ Server: Continue sending remaining data
ββββββ Data βββββββ
β β
βββ ACK ββββββββββΊβ
β β
ββββββ FIN ββββββββ Server: "I'm done too"
β β
βββ ACK ββββββββββΊβ Connection closed
β β
4.4 TIME_WAIT State¶
Purpose of TIME_WAIT:
1. Handle Delayed Packets
- Wait for old connection packets in network to expire
- Prevent confusion with new connection
2. Handle Lost Final ACK
- If server doesn't receive final ACK, it will resend FIN
- Client in TIME_WAIT can respond again
TIME_WAIT Duration: 2 Γ MSL (Maximum Segment Lifetime)
- MSL: Typically 30 seconds or 2 minutes
- TIME_WAIT: 1 minute ~ 4 minutes
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β TIME_WAIT Problem β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β - Can cause port exhaustion with many short-lived connections β
β - Solutions: β
β 1. Use SO_REUSEADDR socket option β
β 2. tcp_tw_reuse kernel parameter (Linux) β
β 3. Use connection pooling β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
4.5 TCP State Diagram¶
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β TCP State Diagram (Simplified) β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
CLOSED
β
βββββββββββββββββββΌββββββββββββββββββ
β Active open β Passive open β
βΌ βΌ β
SYN_SENT βββββββΊ LISTEN β
β β β
β Receive SYN β Receive SYN β
βΌ βΌ β
βββββββββββββ SYN_RCVD ββββββββββΊ β
β β
Receive β β
ACK βΌ β
ESTABLISHED β
β β
βββββββββββββββββ΄ββββββββββββββββ β
β Active close Passive close β β
βΌ βΌ β
FIN_WAIT_1 CLOSE_WAIT β
β β β
βΌ βΌ β
FIN_WAIT_2 LAST_ACK β
β β β
βΌ β β
TIME_WAIT ββββββββββββββββββββββββββΊβ β
β β
ββββ 2MSL βββββββββββββββββββββββββββ
β
βΌ
CLOSED
5. Sequence Numbers and ACK¶
5.1 Role of Sequence Numbers¶
Sequence Number Operation
Client Server
β β
βββ Seq=1000, 1000 bytes βββββββββββββΊβ
β (1000-1999) β
β β
βββββββββββββββββββββ ACK=2000 ββββββββ
β "Please send from byte 2000" β
β β
βββ Seq=2000, 1000 bytes βββββββββββββΊβ
β (2000-2999) β
β β
βββββββββββββββββββββ ACK=3000 ββββββββ
β β
Sequence number = Byte number of first data byte in segment
ACK number = Next expected byte number
5.2 Cumulative ACK¶
Cumulative ACK Operation
Sender Receiver
β β
βββ Seq=1000, 500 bytes ββββββββββββββΊβ
βββ Seq=1500, 500 bytes ββββββββββββββΊβ
βββ Seq=2000, 500 bytes ββββββββββββββΊβ
β β
ββββββββββββββββββββββββ ACK=2500 βββββ
β β
β Single ACK acknowledges all 3 segments β
β β
Advantage:
- Reduces ACK packet count
- Improves network efficiency
Disadvantage:
- Lost middle packet requires retransmission of subsequent packets
(Solved by SACK)
5.3 SACK (Selective Acknowledgment)¶
SACK Operation
Sender Receiver
β β
βββ Seq=1000, 500B ββββββββββββββββββΊβ β
βββ Seq=1500, 500B ββββββββββββX β (lost)
βββ Seq=2000, 500B ββββββββββββββββββΊβ β
βββ Seq=2500, 500B ββββββββββββββββββΊβ β
β β
ββββββ ACK=1500, SACK=2000-3000 ββββββ
β "1500 missing, but received 2000-3000"
β β
βββ Seq=1500, 500B ββββββββββββββββββΊβ (retransmit)
β β
ββββββββββββββββββββββββ ACK=3000 βββββ
β β
SACK Advantages:
- Selective retransmission of lost segments only
- Prevents unnecessary retransmissions
- Efficient on high-speed networks
5.4 Retransmission Timer (RTO)¶
RTO (Retransmission Timeout) Calculation
1. Measure RTT (Round Trip Time)
- Time from segment transmission to ACK reception
2. Calculate SRTT (Smoothed RTT)
SRTT = (1 - Ξ±) Γ SRTT + Ξ± Γ RTT
(Ξ± = 1/8, typically)
3. Calculate RTTVAR (RTT Variance)
RTTVAR = (1 - Ξ²) Γ RTTVAR + Ξ² Γ |SRTT - RTT|
(Ξ² = 1/4, typically)
4. Calculate RTO
RTO = SRTT + max(G, 4 Γ RTTVAR)
(G = clock granularity)
Example:
Measured RTT: 100ms, 120ms, 90ms, 110ms
SRTT β 105ms
RTTVAR β 10ms
RTO = 105 + 4 Γ 10 = 145ms
6. Flow Control¶
6.1 Sliding Window¶
Sliding Window Concept
Send Buffer:
βββββ¬ββββ¬ββββ¬ββββ¬ββββ¬ββββ¬ββββ¬ββββ¬ββββ¬ββββ¬ββββ¬ββββ
β 1 β 2 β 3 β 4 β 5 β 6 β 7 β 8 β 9 β10 β11 β12 β
βββββ΄ββββ΄ββββ΄ββββ΄ββββ΄ββββ΄ββββ΄ββββ΄ββββ΄ββββ΄ββββ΄ββββ
βACKedβ Window (can send) β Cannot send yetβ
β ββββββββ Window=5 ββββββββΊβ β
Control transmission volume based on receive window size:
Window = 5000:
ββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Can send up to 5000 bytes without ACK β
ββββββββββββββββββββββββββββββββββββββββββββββββββββ
Window = 0 (Zero Window):
ββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Stop transmission! Receiver buffer full β
β Periodic check with Window Probe β
ββββββββββββββββββββββββββββββββββββββββββββββββββββ
6.2 Window Size Adjustment¶
Window Size Changes
Sender Receiver
β β rcvbuf=4000
βββ 1000B βββββββββββββββββββββββββΊβ Window=3000
βββ 1000B βββββββββββββββββββββββββΊβ Window=2000
βββ 1000B βββββββββββββββββββββββββΊβ Window=1000
β β
βββββ ACK, Window=0 (buffer full) ββ
β β
β (Application reads data) β
β β
βββββ ACK, Window=4000 βββββββββββββ
β β
βββ 1000B βββββββββββββββββββββββββΊβ
βββ 1000B βββββββββββββββββββββββββΊβ
6.3 Window Scale Option¶
Default window size: 16 bits = max 65,535 bytes
Insufficient for high-speed networks:
- 100Mbps, RTT 100ms β BDP = 100 Γ 0.1 / 8 = 1.25MB needed
- 1Gbps, RTT 100ms β BDP = 12.5MB needed
Window Scale Option:
- Negotiated during 3-way handshake
- Left-shifts window value
- Maximum scale: 14 (window max ~1GB)
Example:
Window = 65535, Scale = 7
Actual window = 65535 Γ 2^7 = 65535 Γ 128 = 8,388,480 bytes (~8MB)
6.4 Silly Window Syndrome Prevention¶
Problem: Transmitting many small segments (inefficient)
Sender Solution: Nagle's Algorithm
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β When there's small data: β
β 1. If no outstanding data, send immediately β
β 2. If outstanding data exists, wait until MSS accumulated β
β or ACK received β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
Receiver Solution: Delayed ACK + Clark's Solution
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β 1. Don't send ACK immediately, wait 200ms β
β 2. Window update only when MSS or 50% of buffer available β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
7. Congestion Control¶
7.1 Congestion Control Overview¶
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β TCP Congestion Control β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ€
β β
β Purpose: Detect network congestion and adjust transmission rateβ
β β
β Key Variables: β
β - cwnd (Congestion Window): Sender-determined window β
β - rwnd (Receive Window): Receiver-advertised window β
β - Actual transmission = min(cwnd, rwnd) β
β β
β ssthresh (Slow Start Threshold): β
β - Boundary between Slow Start and Congestion Avoidance β
β - Adjusted on congestion β
β β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
7.2 Slow Start¶
Slow Start Operation
cwnd Change
β
64 MSS β€ * (congestion)
β *
32 MSS β€ *
β *
16 MSS β€ *
β *
8 MSS β€ *
β *
4 MSS β€ *
β *
2 MSS β€ *
β *
1 MSS β€ *
β
βββββββββββββββββββββββββββββββββββββ RTT
1 2 3 4 5 6
Rules:
- Initial cwnd = 1 MSS (or IW=10 MSS, modern implementations)
- For each ACK, cwnd += 1 MSS
- Result: cwnd doubles every RTT (exponential growth)
- Switch to Congestion Avoidance when ssthresh reached
7.3 Congestion Avoidance¶
Congestion Avoidance Operation
cwnd Change
β
β ssthresh * (congestion)
16 MSS βΌβββββββββββββ*ββββββββββ*ββ*
β * * *
β * * *
β * *
β * Linear increase (AIMD)
β *
β * Slow Start (exponential)
β*
β
βββββββββββββββββββββββββββββββββββββ RTT
Rules:
- Operates when cwnd >= ssthresh
- For each RTT, cwnd += 1 MSS (or cwnd += MSS/cwnd per ACK)
- Linear increase (Additive Increase)
7.4 Congestion Detection and Response¶
Congestion Detection Methods:
1. Timeout (RTO expiration)
- Judged as severe congestion
- ssthresh = cwnd / 2
- cwnd = 1 MSS
- Restart Slow Start
2. 3 Duplicate ACKs (Fast Retransmit)
- Judged as mild congestion
- ssthresh = cwnd / 2
- cwnd = ssthresh + 3 MSS
- Enter Fast Recovery
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
β Congestion Control State Transition β
β β
β Slow Start ββ(cwnd >= ssthresh)βββΊ Congestion Avoidance β
β β β β
β β β β
β (timeout) (3 dup ACKs) β
β β β β
β βΌ βΌ β
β Slow Start βββββββββββββββββββββββββ Fast Recovery β
β (recovery complete) β
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
7.5 Fast Retransmit and Fast Recovery¶
Fast Retransmit Scenario
Sender Receiver
β β
βββ Seq=1000 ββββββββββββββββββββββΊβ
βββ Seq=2000 ββββββX β (lost)
βββ Seq=3000 ββββββββββββββββββββββΊβ
β β
βββββββββββββββββββ ACK=2000 (dup1)β
β β
βββ Seq=4000 ββββββββββββββββββββββΊβ
βββββββββββββββββββ ACK=2000 (dup2)β
β β
βββ Seq=5000 ββββββββββββββββββββββΊβ
βββββββββββββββββββ ACK=2000 (dup3)β
β β
β Received 3 duplicate ACKs! β
β β Retransmit immediately β
β without waiting for RTO β
β β
βββ Seq=2000 (retransmit) βββββββββΊβ
β β
βββββββββββββββββββββββββ ACK=6000 β
Fast Recovery:
- After 3 dup ACKs, ssthresh = cwnd/2
- cwnd = ssthresh + 3 (account for received segments)
- On new ACK, cwnd = ssthresh
- Switch to Congestion Avoidance
7.6 Modern Congestion Control Algorithms¶
| Algorithm | Features | Environment |
|---|---|---|
| Reno | Basic AIMD, Fast Recovery | Standard |
| NewReno | Improved partial ACK handling | Reno improvement |
| CUBIC | BIC improvement, Linux default | High-speed networks |
| BBR | Bandwidth/RTT based | Google, high latency networks |
| Vegas | RTT change based | Low latency environments |
CUBIC cwnd Growth
cwnd
β
β *
β * *
β * *
β * *
β * *
β * *
β * cubic function *
β * *
β *
β *
β *
β*
βββββββββββββββββββββββββββββββββββββββββββββββββββββ time
Features:
- Remembers W_max (window at last congestion)
- Fast approach to W_max, then slow growth
- Excellent fairness and scalability
8. Practice Problems¶
Problem 1: 3-Way Handshake Analysis¶
Analyze the following packet capture.
Packet 1: 192.168.1.10:50000 β 10.0.0.5:443
SYN, Seq=1000000000
Packet 2: 10.0.0.5:443 β 192.168.1.10:50000
SYN, ACK, Seq=2000000000, Ack=?
Packet 3: 192.168.1.10:50000 β 10.0.0.5:443
ACK, Seq=?, Ack=?
a) What is the Ack value in Packet 2? b) What is the Seq value in Packet 3? c) What is the Ack value in Packet 3?
Problem 2: Sequence Number Calculation¶
Client sends 5000 bytes to server. MSS=1000 bytes.
Calculate Seq number and expected ACK for each segment when initial sequence number is 10000.
| Segment | Data Size | Seq | Expected ACK |
|---|---|---|---|
| 1 | 1000 | ||
| 2 | 1000 | ||
| 3 | 1000 | ||
| 4 | 1000 | ||
| 5 | 1000 |
Problem 3: Flow Control¶
Receiver's receive buffer is 10000 bytes. Currently 2000 bytes in buffer.
a) What is the advertised window size? b) If sender transmits 4000 bytes, what's the new window size? c) If application reads 3000 bytes, what's the new window size?
Problem 4: Congestion Control¶
Starting with ssthresh = 16 MSS, cwnd = 1 MSS.
a) What is cwnd size after 4 RTTs? (no loss) b) When cwnd = 32 MSS, timeout occurs. What are new ssthresh and cwnd? c) When cwnd = 24 MSS, 3 duplicate ACKs occur. What are new ssthresh and cwnd?
Answers¶
Problem 1 Answers¶
a) Packet 2 Ack = 1000000001 (Client Seq + 1) b) Packet 3 Seq = 1000000001 (SYN counts as 1 byte) c) Packet 3 Ack = 2000000001 (Server Seq + 1)
Problem 2 Answers¶
| Segment | Data Size | Seq | Expected ACK |
|---|---|---|---|
| 1 | 1000 | 10000 | 11000 |
| 2 | 1000 | 11000 | 12000 |
| 3 | 1000 | 12000 | 13000 |
| 4 | 1000 | 13000 | 14000 |
| 5 | 1000 | 14000 | 15000 |
Problem 3 Answers¶
a) Advertised window = 10000 - 2000 = 8000 bytes b) New window = 10000 - 2000 - 4000 = 4000 bytes c) New window = 10000 - (2000 + 4000 - 3000) = 7000 bytes
Problem 4 Answers¶
a) Slow Start phase (cwnd < ssthresh) - RTT 1: cwnd = 2 MSS - RTT 2: cwnd = 4 MSS - RTT 3: cwnd = 8 MSS - RTT 4: cwnd = 16 MSS
b) Timeout occurs: - New ssthresh = 32 / 2 = 16 MSS - New cwnd = 1 MSS
c) 3 dup ACKs (Fast Retransmit): - New ssthresh = 24 / 2 = 12 MSS - New cwnd = 12 + 3 = 15 MSS (Fast Recovery)
9. Next Steps¶
Once you understand TCP core concepts, learn about UDP and ports.
Next Lesson¶
- 11_UDP_and_Ports.md - UDP features, port numbers
Related Lessons¶
- 09_Routing_Protocols.md - Network layer
- 12_DNS.md - DNS operation principles
Recommended Practice¶
- Capture TCP 3-way handshake with Wireshark
- Check TCP statistics with
ss -iornetstat -s - Analyze TCP flags with
tcpdump
10. References¶
RFC Documents¶
- RFC 793 - TCP Basic Specification
- RFC 5681 - TCP Congestion Control
- RFC 7323 - TCP Extensions (Window Scaling, Timestamps)
- RFC 2018 - TCP Selective Acknowledgment Options
Command Reference¶
# Check TCP connections (Linux)
ss -tan
netstat -an | grep tcp
# TCP statistics
netstat -s | grep -i tcp
cat /proc/net/snmp | grep Tcp
# Check TCP tuning parameters
sysctl net.ipv4.tcp_congestion_control
sysctl net.core.rmem_max
sysctl net.ipv4.tcp_window_scaling
# Wireshark filters
tcp.flags.syn == 1 && tcp.flags.ack == 0 # SYN packets
tcp.analysis.retransmission # Retransmissions
tcp.analysis.duplicate_ack # Duplicate ACKs
Learning Resources¶
- TCP/IP Illustrated, Vol. 1 - W. Richard Stevens
- High Performance Browser Networking
- Cloudflare Blog - TCP
Document Information - Last Updated: 2024 - Difficulty: βββ - Estimated Learning Time: 3-4 hours