Hi Friends,

Welcome to the 102nd issue of the Polymathic Engineer. This week we talk about the Transmission Control Protocol.

TCP is the protocol that lets two processes communicate reliably on the internet, and every software engineer should know how it works. You may think this information is not critical. but I tell you, it will come in handy at some point.

Here is the outline:

• What is TCP?

• Segments

• Connections

• Opening a connection: the 3-way handshake

• Closing a connection: the 4-way handshake

• Connections and Failure Scenarios

• SYN Flood Attacks

• Flow Control

• Congestion Control

• TCP alternatives

What is TCP?

The communication between two nodes on the internet happens by routing packets to their destination from one router to the next. To make this work, it is necessary a way to address nodes and a mechanism to route packets across routers.

The IP protocol handles this task. A router looks at a local routing table to determine where to send a packet. This table maps a destination address to the address of the next router on the way to that destination.

However, the IP protocol doesn't ensure that the sent data arrives at its destination: if a router gets overloaded, it might start dropping packets.

This is where TCP comes in. TCP is a transport-layer protocol that lets two processes reliably talk to each other over the IP protocol. Its job is to ensure that data sent over a network arrives at its destination intact, in order, and without gaps or duplications.

But how does TCP build a reliable communication channel?

TCP takes data from the application layer as a continuous stream of bytes and breaks it into discrete packets known as segments. Such segments are sequentially numbered which lets the receiver find gaps and duplicates.

Besides that, the receiver needs to acknowledge every segment. The sender transmits the segment again if the acknowledgment doesn't arrive within a certain timeframe.

The receiver also uses a checksum to verify the integrity of a delivered segment and detect any corruption that might have occurred during transmission.

Segments

As with most network protocols, TCP splits segments into two parts: a header with all protocol-related information and a payload with a chunk of the application data.

The maximum segment size (MSS) limits the payload size and is set to avoid packet fragmentation in the lower-layer protocols.

A common way to calculate the MSS is to determine the length of the largest link-layer packet the local host can send and set the MSS to ensure that a TCP segment plus the IP header length fits into a single link-layer packet. This avoid further data fragmentation.

The size of the header is instead 20 bytes divided into the following fields:

• Source and Destination Ports: These 16-bit fields are used to identify the sending and receiving processes on their respective machines. They're critical to direct the data to the correct application on each end.

• Sequence Number: This 32-bit field is the core of the TCP's ordering mechanism. When a new TCP connection is established, it's set to a random initial value. This number is then incremented for each segment, allowing the receiver to reconstruct the original application data byte stream.

• Acknowledgment Number: Also a 32-bit field, this is used to inform the sender which byte it expects next. It's the way the receiver says it has successfully got everything up to this point.

  

• Flags: These are a set of bits that control various aspects of the TCP connection. The SYN flag initiates a connection, the FIN flag terminates a connection, ACK indicates that the Acknowledgment Number is valid, and RST abruptly terminates a connection, usually due to an error.

• Window Size: This 16-bit field allows the receiver to tell the sender how much data it can accept at once. We will come back to this field when discussing how TCP implements flow control to prevent overwhelming the receiver.

• Checksum: This is a 16-bit field used for error-checking. It ensures the integrity of the TCP header and data.

Connections

A connection needs to be established before any data can be transmitted over a TCP channel. The operating system manages the connection state using endpoints known as sockets.

Each socket is uniquely identified by an IP address and a port number, while a pair of sockets identifies a connection between two processes running on different machines.

At a high level, a connection can be in one of three states: the opening state, in which it is being created; the established state, in which it is open and data is transferred; and the closing state, in which it is being closed.