1. Features of TCP protocol
2. TCP segment
The data unit transmitted by TCP is called a message segment. A TCP message segment is divided into two parts: TCP header and TCP data. The entire TCP message segment is encapsulated in the IP datagram as the data part of the IP datagram, as shown in the figure:
The meaning of each field is as follows:
-
Serial number
Each byte in the byte stream transmitted in a TCP connection is numbered in sequence. This field represents the sequence number of the first byte of the data sent in this segment
-
Confirmation Number
Expect to receive the sequence number of the first data byte of the next message segment from the other party. If the confirmation number is N, it proves that all the data up to the serial number N-1 has been received correctly
-
Data offset ( header length )
How far is the data of the TCP segment from the beginning of the TCP segment, in units of 4 B
-
reserved text
Occupy 6 bits, reserved for future use, but should be set to 0 at present, this field can be ignored
-
Urgent bit URG
When URG = 1, it indicates that there is urgent data in this segment, which is high-priority data and should be transmitted as soon as possible, without queuing in the buffer, and used in conjunction with the urgent pointer field
-
ACK
The acknowledgment number is valid when ACK = 1, and the message segment requested to be transmitted after the link is established must set ACK to 1
-
Push bit PSH
When PSH = 1, the receiver delivers the receiving application process as soon as possible, and does not wait until the cache is full before delivering upwards
-
Reset bit RST
When RST = 1, it indicates that a serious error has occurred in the TCP connection, the connection must be released, and then the transmission connection must be re-established
-
Sync bit SYN
When SYN = 1, it indicates a connection request/connection acceptance message
-
Stop bit FIN
When FIN = 1, it indicates that the data of the sender of this segment has been sent, and the connection is required to be released
-
Window field
Refers to the receiving window of the party sending this segment, that is, the amount of data that the other party is now allowed to send
-
Checksum
Check header + data, add 12 B pseudo header when checking, the fourth field is 6
-
Emergency pointer
It is meaningful only when URG = 1, indicating the number of bytes of urgent data in this segment
-
Options
Maximum segment length MSS, window expansion, time stamp, selection confirmation...
3. TCP connection management
TCP is a connection-oriented protocol, so every TCP connection has three stages: connection establishment, data transmission, and connection release. The management of the TCP connection is to make the establishment and release of the transport connection proceed normally.
In the process of TCP connection establishment, the following three problems should be solved:
- So that each party can be sure of the other's existence
- To allow both parties to negotiate some parameters (such as the maximum window value, whether to use window expansion items, timestamp options, quality of service, etc.)
- Ability to allocate transportation entity resources (such as cache size, items in the connection table, etc.)
TCP regards the connection as the most basic abstraction. Each TCP connection has two endpoints. The endpoint of the TCP connection is not the host, not the IP address of the host, not the application process, or the protocol port of the transport layer. The port of the TCP connection is called a socket, and the port is spliced to the IP address to form a socket.
Each TCP connection is uniquely determined by the two endpoints at both ends of the communication
The establishment of TCP connection adopts the client/server method. The application that actively initiates the connection establishment is called the client, and the application that passively waits for the connection establishment is called the server
3.1 TCP connection establishment
The first paragraph means
SYN = 1: A is about to establish a connection!
seq = x (random): Because there is no data yet, it doesn't matter what you write
The second paragraph means
SYN = 1: I agree with you A to establish a connection!
ACK = 1: The connection is established, and all subsequent ACKs must be set to 1
seq = y (random): Because there is no data yet, it doesn’t matter what you write.
ack = x + 1: The sender A said that it was sending the xth bit. Data (although the sender is nonsense), so what I want is x + 1 bit data
The third paragraph means
SYN = 0: SYN is only 1 when the connection is established, and it is set to 0 at other times.
ACK = 1: After the connection is established, all subsequent ACKs must be set to 1
seq = x + 1: I A The first byte of the sent message segment is x + 1
ack = y + 1: Before the receiver B said that it was sending the y-th data (although the receiver was talking nonsense), so what I wanted was y + 1-bit data
Note that TCP is two-way, so there is no absolutely constant sender and receiver. The two hosts here are both the sender and the receiver at the same time.
There will be a problem here, the SYN flooding attack:
The SYN flooding attack occurs on the fourth layer of OSI. This method uses the characteristics of the TCP protocol, which is the three-way handshake. The attacker sends TCP SYN, SYN is the first packet in the TCP three-way handshake, and when the server returns ACK, the attacker does not reconfirm it, then the TCP connection is in a suspended state, which is the so-called In the semi-connected state, if the server cannot receive the reconfirmation, it will repeatedly send an ACK to the attacker, which will waste server resources. The attacker sends a very large number of these TCP connections to the server. Since each of them cannot complete the three-way handshake, on the server, these TCP connections will consume CPU and memory due to the suspended state. In the end, the server may crash and fail. Provide services for normal users.
3.2 Release of TCP connection
The first paragraph means
FIN = 1: A is about to release the connection!
seq = u: A lot of data has been sent, here just use u to refer to it, here u has a certain value
The second paragraph means
ACK = 1: the connection is established, and all subsequent ACKs must be set to 1.
seq = v: a lot of data has been sent, here just use v to refer to it, where v is a definite value of
ack = u + 1: Before the sender A said that it was sending the u-th bit data, so my B wanted u + 1 bit data (although A has decided to release the connection at this time)
The third paragraph means
FIN = 1: B is about to release the connection!
ACK = 1: The connection is established, and all subsequent ACKs must be set to 1.
seq = w: A lot of data has been sent, here just use w to refer to it, where w is a definite value of
ack = u + 1: the sender A before It is said that the u-th data is sent, so what I want is u + 1 bit data (because A does not send data directly, so the ack in the second paragraph and the third paragraph is u + 1)
The fourth paragraph means
ACK = 1: The connection is established, and the subsequent ACKs must be set to 1.
seq = u + 1: The data sent before is the u-th data, and B also needs the u + 1 data, so I Send u + 1 bit data
ack = w + 1: Before the sender B said that it was sending the w bit data, so what I want A is w + 1 bit data
Why do I need to wait for 2 MSL?
Because this can ensure that B can receive the termination message segment of A and enter the closed state.
For example, if the fourth message of A is lost, then B will retransmit the third message after waiting for one MSL, and the cost is less than 1 MSL After that, A will receive the third message again, and then can send the fourth message to B again to prompt B to close the connection