The Transmission Control Protocol, or TCP, described in RFC 793, provides applications with a reliable,
connection-oriented service. In other words, TCP provides the appearance of a point-to-point connection.
Point-to-point connections have two characteristics:
They have only one path to the destination. A packet entering one end of the connection cannot
become lost, because the only place to go is the other end.
Packets arrive in the same order in which they are sent.
TCP provides the appearance of a point-to-point connection, although in reality there is no such
connection. The internet layer TCP is utilizing is a connectionless, best-effort packet delivery service. The
analog of this is the postal service. If a stack of letters is given to the mail carrier for delivery, there is no
guarantee that the letters will arrive stacked in the same order, that they will all arrive on the same day, or
indeed that they will arrive at all. The postal service merely commits to making its best effort to deliver
the letters.
Likewise, the internet layer does not guarantee that all packets will take the same route, and therefore
there is no guarantee that they will arrive in the same sequence and time intervals as they were sent, or
that they will arrive at all.
On the other hand, a telephone call is connection-oriented service. Data must arrive sequentially and
reliably, or it is useless. Like a telephone call, TCP must first establish a connection, then transfer data,
and then perform a disconnect when the data transfer is complete.
TCP uses three fundamental mechanisms to accomplish a connection-oriented service on top of a
connectionless service:
Packets are labeled with sequence numbers so that the receiving TCP service can put out-ofsequence
packets into the correct sequence before delivering them to the destination application.
TCP uses a system of acknowledgments, checksums, and timers to provide reliability. A receiver
may notify a sender when it recognizes that a packet in a sequence has failed to arrive or has
errors, or a sender may assume that a packet has not arrived if the receiver does not send an
acknowledgment within a certain amount of time after transmission. In both cases, the sender will
resend the packet in question.
TCP uses a mechanism called windowing to regulate the flow of packets; windowing decreases
the chances of packets being dropped because of full buffers in the receiver.
TCP attaches a header to the application layer data; the header contains fields for the sequence numbers
and other information necessary for these mechanisms as well as fields for addresses called port numbers,
which identify the source and destination applications of the data. The application data with its attached
TCP header is then encapsulated within an IP packet for delivery. Figure 2.32 shows the fields of the TCP
header, and Figure 2.33 shows an analyzer capture of a TCP header.
Source and Destination Port are 16-bit fields that specify the source and destination applications for the
encapsulated data. Like other numbers used by TCP/IP, RFC 1700 describes all port numbers in common
and not-so-common use. A port number for an application, when coupled with the IP address of the host
the application resides on, is called a socket. A socket uniquely identifies every application in an
internetwork.
Sequence Number is a 32-bit number that identifies where the encapsulated data fits within a data stream
from the sender. For example, if the sequence number of a segment is 1343 and the segment contains 512
octets of data, the next segment should have a sequence number of 1343 + 512 + 1 = 1856.
Acknowledgment Number is a 32-bit field that identifies the sequence number the source next expects to
receive from the destination. If a host receives an acknowledgment number that does not match the next
sequence number it intends to send (or has sent), it knows not only that packets have been lost but also
which packets have been lost.
Header Length, sometimes called Data Offset, is a four-bit field indicating the length of the header in 32-
bit words. This field is necessary to identify the beginning of the data because the length of the Options
field is variable.
The Reserved field is six bits, which are always set to zero.
Flags are six 1-bit flags that are used for data flow and connection control. The flags are Urgent (URG),
Acknowledgment (ACK), Push (PSH), Reset (RST), Synchronize (SYN), and Final (FIN).
Window Size is a 16-bit field used for flow control. It specifies the number of octets, starting with the
octet indicated by the Acknowledgment Number, that the sender of the segment will accept from its peer
at the other end of the connection before the peer must stop transmitting and wait for an acknowledgment.
Checksum is 16 bits, covering both the header and the encapsulated data, allowing error detection.
Urgent Pointer is used only when the URG flag is set. The 16-bit number is added to the Sequence
Number to indicate the end of the urgent data.
Options, as the name implies, specifies options required by the sender's TCP process. The most
commonly used option is Maximum Segment Size, which informs the receiver of the largest segment the
sender is willing to accept. The remainder of the field is padded with zeros to ensure that the header
length is a multiple of 32 octets.