TCP (Transmission Control Protocol)
- Connection-oriented transport layer protocol that provides reliable, ordered delivery of data between applications
- Operates at Layer 4 (Transport) and uses a three-way handshake to establish connections before data transmission
- Guarantees delivery through acknowledgments, sequence numbers, and retransmission of lost packets
- Implements flow control (prevents sender from overwhelming receiver) and congestion control (adapts to network conditions)
TCP Header Structure
- Source/Destination Port (16 bits each): Identifies sending and receiving applications (0-65535)
- Sequence Number (32 bits): Tracks position of data in the stream for ordering
- Acknowledgment Number (32 bits): Next expected sequence number from sender
- Window Size (16 bits): Flow control mechanism - advertises receive buffer space available
- Flags (6 bits): Control connection state (SYN, ACK, FIN, RST, PSH, URG)
Three-Way Handshake Process
| Step | Client → Server | Description |
|---|---|---|
| 1 | SYN (seq=x) | Client initiates connection with random sequence number |
| 2 | SYN-ACK (seq=y, ack=x+1) | Server responds with its sequence number and acknowledges client |
| 3 | ACK (seq=x+1, ack=y+1) | Client acknowledges server’s response - connection established |
Connection Termination
- Uses four-way handshake for graceful connection closure
- Either side can initiate with FIN flag
- Each direction of data flow must be closed separately (full-duplex nature)
- RST flag provides immediate connection reset without graceful closure
TCP vs UDP Comparison
| Feature | TCP | UDP |
|---|---|---|
| Connection Type | Connection-oriented | Connectionless |
| Reliability | Guaranteed delivery | Best effort |
| Overhead | High (20+ byte header) | Low (8 byte header) |
| Speed | Slower due to reliability mechanisms | Faster |
| Use Cases | Web browsing, email, file transfer | Video streaming, DNS, DHCP |
Flow Control and Congestion Control
- Sliding Window: Receiver advertises available buffer space to control sender rate
- Slow Start: Begins with small congestion window, doubles until threshold reached
- Congestion Avoidance: Linear increase in window size after slow start threshold
- Fast Retransmit: Retransmits lost segment after receiving 3 duplicate ACKs (without waiting for timeout)
Common TCP Port Numbers
- HTTP: 80 (web traffic)
- HTTPS: 443 (secure web traffic)
- FTP: 20 (data), 21 (control)
- SSH: 22 (secure shell)
- Telnet: 23 (unsecure remote access)
- SMTP: 25 (email sending)
- DNS: 53 (zone transfers - UDP for queries)
- POP3: 110, IMAP: 143 (email retrieval)
Vocabulary
- MSS (Maximum Segment Size): Largest amount of data TCP can send in single segment (typically 1460 bytes on Ethernet)
- RTT (Round Trip Time): Time for packet to travel to destination and acknowledgment to return
- CWND (Congestion Window): Sender-side limit on unacknowledged data to prevent network congestion
- RWND (Receive Window): Receiver-advertised window size for flow control
- Nagle’s Algorithm: Combines small packets to improve efficiency (can add latency for interactive applications)
Notes
- TCP’s reliability comes at cost of higher overhead and latency compared to UDP
- Window scaling option (RFC 1323) allows window sizes larger than 65,535 bytes for high-bandwidth networks
- TCP is stateful - routers and firewalls can track connection state for security policies
- Maximum theoretical throughput limited by: min(CWND, RWND) / RTT
- For exam: Remember TCP uses acknowledgment numbers to indicate next expected sequence number (not last received)
- Connection timeouts vary by implementation but typically 75-120 seconds for establishment
- Half-open connections occur when one side believes connection is closed while other side doesn’t - detected through keepalive or data transmission attempts