Socket Tcp Read a Line Instead of a Byte

Principal protocol used to stream data across an IP network

The Manual Control Protocol (TCP) is one of the principal protocols of the Cyberspace protocol suite. Information technology originated in the initial network implementation in which it complemented the Net Protocol (IP). Therefore, the entire suite is commonly referred to as TCP/IP. TCP provides reliable, ordered, and error-checked delivery of a stream of octets (bytes) between applications running on hosts communicating via an IP network. Major internet applications such as the World Wide Web, email, remote administration, and file transfer rely on TCP, which is part of the Transport Layer of the TCP/IP suite. SSL/TLS often runs on top of TCP.

TCP is connection-oriented, and a connection betwixt client and server is established earlier data tin exist sent. The server must be listening (passive open up) for connectedness requests from clients before a connexion is established. Three-way handshake (active open), retransmission, and error detection adds to reliability but lengthens latency. Applications that do not crave reliable data stream service may use the User Datagram Protocol (UDP), which provides a connectionless datagram service that prioritizes time over reliability. TCP employs network congestion avoidance. Yet, there are vulnerabilities to TCP, including denial of service, connectedness hijacking, TCP veto, and reset attack.

Historical origin [edit]

In May 1974, Vint Cerf and Bob Kahn described an internetworking protocol for sharing resources using packet switching among network nodes.^[ane] The authors had been working with Gérard Le Lann to incorporate concepts from the French CYCLADES project into the new network.^[2] The specification of the resulting protocol, RFC 675 (Specification of Internet Transmission Control Program), was written by Vint Cerf, Yogen Dalal, and Carl Sunshine, and published in Dec 1974. Information technology contains the first attested use of the term internet, as a shorthand for internetwork.^[3]

A central control component of this model was the Transmission Control Program that incorporated both connection-oriented links and datagram services betwixt hosts. The monolithic Transmission Command Program was later divided into a modular architecture consisting of the Manual Control Protocol and the Cyberspace Protocol. This resulted in a networking model that became known informally every bit TCP/IP, although formally it was variously referred to as the Department of Defence force (DOD) model, and ARPANET model, and somewhen also as the Cyberspace Protocol Suite.

In 2004, Vint Cerf and Bob Kahn received the Turing Award for their foundational work on TCP/IP.^{[4] [5]}

Network function [edit]

The Manual Control Protocol provides a communication service at an intermediate level between an application plan and the Internet Protocol. It provides host-to-host connectivity at the transport layer of the Internet model. An application does not demand to know the detail mechanisms for sending data via a link to another host, such as the required IP fragmentation to accommodate the maximum transmission unit of the transmission medium. At the ship layer, TCP handles all handshaking and transmission details and presents an abstraction of the network connection to the application typically through a network socket interface.

At the lower levels of the protocol stack, due to network congestion, traffic load balancing, or unpredictable network behaviour, IP packets may be lost, duplicated, or delivered out of order. TCP detects these problems, requests re-transmission of lost data, rearranges out-of-order data and even helps minimize network congestion to reduce the occurrence of the other bug. If the data nevertheless remains undelivered, the source is notified of this failure. Once the TCP receiver has reassembled the sequence of octets originally transmitted, information technology passes them to the receiving application. Thus, TCP abstracts the awarding'due south communication from the underlying networking details.

TCP is used extensively by many cyberspace applications, including the Www (World wide web), email, File Transfer Protocol, Secure Shell, peer-to-peer file sharing, and streaming media.

TCP is optimized for accurate delivery rather than timely delivery and tin can incur relatively long delays (on the social club of seconds) while waiting for out-of-lodge messages or re-transmissions of lost messages. Therefore, it is not peculiarly suitable for existent-fourth dimension applications such equally voice over IP. For such applications, protocols like the Existent-time Transport Protocol (RTP) operating over the User Datagram Protocol (UDP) are usually recommended instead.^[vi]

TCP is a reliable stream delivery service which guarantees that all bytes received will be identical and in the same club as those sent. Since packet transfer past many networks is not reliable, TCP achieves this using a technique known every bit positive acknowledgement with re-transmission. This requires the receiver to respond with an acknowledgement message as it receives the information. The sender keeps a record of each packet it sends and maintains a timer from when the parcel was sent. The sender re-transmits a package if the timer expires before receiving the acknowledgement. The timer is needed in case a bundle gets lost or corrupted.^[6]

While IP handles actual delivery of the information, TCP keeps rails of segments - the individual units of data manual that a message is divided into for efficient routing through the network. For example, when an HTML file is sent from a web server, the TCP software layer of that server divides the file into segments and forwards them individually to the internet layer in the network stack. The internet layer software encapsulates each TCP segment into an IP parcel by calculation a header that includes (among other information) the destination IP address. When the client program on the destination computer receives them, the TCP software in the ship layer re-assembles the segments and ensures they are correctly ordered and error-free as it streams the file contents to the receiving awarding.

TCP segment structure [edit]

Transmission Control Protocol accepts data from a data stream, divides it into chunks, and adds a TCP header creating a TCP segment. The TCP segment is and so encapsulated into an Internet Protocol (IP) datagram, and exchanged with peers.^[vii]

The term TCP packet appears in both breezy and formal usage, whereas in more precise terminology segment refers to the TCP protocol data unit of measurement (PDU), datagram ^[eight] to the IP PDU, and frame to the data link layer PDU:

Processes transmit data by calling on the TCP and passing buffers of data as arguments. The TCP packages the data from these buffers into segments and calls on the internet module [e.grand. IP] to transmit each segment to the destination TCP.^[nine]

A TCP segment consists of a segment header and a information department. The segment header contains 10 mandatory fields, and an optional extension field (Options, pink background in tabular array). The data section follows the header and is the payload information carried for the application. The length of the data department is not specified in the segment header; It can be calculated by subtracting the combined length of the segment header and IP header from the total IP datagram length specified in the IP header.

TCP segment header

Offsets	Octet	0								1								2								iii
Octet	Bit	vii	6	5	4	3	2	one	0	7	6	five	four	iii	2	1	0	7	6	5	iv	iii	2	i	0	7	six	five	4	three	two	1	0
0	0	Source port																Destination port
4	32	Sequence number
8	64	Acknowledgment number (if ACK set)
12	96	Data first				Reserved 0 0 0			NS	CWR	ECE	URG	ACK	PSH	RST	SYN	FIN	Window Size
16	128	Checksum																Urgent arrow (if URG set)
20	160	Options (if data get-go > 5. Padded at the end with "0" bits if necessary.)
⋮	⋮
60	480

Source port (16 bits)

Identifies the sending port.

Destination port (16 bits)

Identifies the receiving port.

Sequence number (32 bits)

Has a dual role:

• If the SYN flag is set (1), and then this is the initial sequence number. The sequence number of the bodily first data byte and the acknowledged number in the corresponding ACK are then this sequence number plus 1.
• If the SYN flag is articulate (0), then this is the accumulated sequence number of the start data byte of this segment for the current session.

Acknowledgment number (32 bits)

If the ACK flag is ready and then the value of this field is the adjacent sequence number that the sender of the ACK is expecting. This acknowledges receipt of all prior bytes (if any). The commencement ACK sent past each end acknowledges the other finish'southward initial sequence number itself, but no data.

Data offset (four bits)

Specifies the size of the TCP header in 32-bit words. The minimum size header is 5 words and the maximum is xv words thus giving the minimum size of 20 bytes and maximum of 60 bytes, allowing for up to 40 bytes of options in the header. This field gets its name from the fact that information technology is also the offset from the start of the TCP segment to the bodily information.

Reserved (3 bits)

For future utilise and should be prepare to cypher.

Flags (9 bits)

Contains 9 ane-fleck flags (control bits) as follows:

• NS (one bit): ECN-nonce - darkening protection^[a]
• CWR (ane scrap): Congestion window reduced (CWR) flag is ready by the sending host to indicate that information technology received a TCP segment with the ECE flag gear up and had responded in congestion control mechanism.^[b]
• ECE (one scrap): ECN-Echo has a dual role, depending on the value of the SYN flag. It indicates:

• If the SYN flag is set up (1), that the TCP peer is ECN capable.
• If the SYN flag is clear (0), that a packet with Congestion Experienced flag set (ECN=11) in the IP header was received during normal manual.^[b] This serves as an indication of network congestion (or impending congestion) to the TCP sender.

• URG (1 bit): Indicates that the Urgent pointer field is pregnant
• ACK (1 flake): Indicates that the Acknowledgment field is meaning. All packets afterwards the initial SYN bundle sent by the client should take this flag prepare.
• PSH (1 bit): Push button function. Asks to button the buffered data to the receiving application.
• RST (1 fleck): Reset the connection
• SYN (1 flake): Synchronize sequence numbers. Only the first packet sent from each end should accept this flag set. Some other flags and fields change significant based on this flag, and some are simply valid when information technology is set, and others when it is clear.
• FIN (1 flake): Last bundle from sender

Window size (16 bits)

The size of the receive window, which specifies the number of window size units^[c] that the sender of this segment is currently willing to receive.^[d] (See § Flow command and § Window scaling.)

Checksum (16 bits)

The 16-bit checksum field is used for fault-checking of the TCP header, the payload and an IP pseudo-header. The pseudo-header consists of the source IP address, the destination IP address, the protocol number for the TCP protocol (6) and the length of the TCP headers and payload (in bytes).

Urgent arrow (xvi bits)

If the URG flag is set, then this 16-flake field is an first from the sequence number indicating the last urgent data byte.

Options (Variable 0–320 bits, in units of 32 $.25)

The length of this field is determined by the data offset field. Options accept up to three fields: Option-Kind (one byte), Option-Length (1 byte), Option-Data (variable). The Selection-Kind field indicates the blazon of selection and is the just field that is not optional. Depending on Option-Kind value, the next two fields may be set. Option-Length indicates the total length of the option, and Option-Data contains data associated with the option, if applicable. For example, an Option-Kind byte of 1 indicates that this is a no functioning choice used but for padding, and does not have an Option-Length or Option-Data fields post-obit it. An Option-Kind byte of 0 marks the end of options, and is as well simply ane byte. An Selection-Kind byte of 2 is used to indicate Maximum Segment Size option, and will be followed past an Option-Length byte specifying the length of the MSS field. Option-Length is the total length of the given options field, including Option-Kind and Option-Length fields. Then while the MSS value is typically expressed in two bytes, Choice-Length volition be 4. As an example, an MSS option field with a value of 0x05B4 is coded as (0x02 0x04 0x05B4) in the TCP options section.

Some options may only be sent when SYN is set up; they are indicated below as ^[SYN] . Option-Kind and standard lengths given as (Option-Kind, Pick-Length).

Option-Kind	Option-Length	Option-Data	Purpose	Notes
0	North/A	N/A	Terminate of options list
one	N/A	Northward/A	No operation	This may be used to align selection fields on 32-bit boundaries for ameliorate operation.
two	4	SS	Maximum segment size	Run across § Maximum segment size [SYN]
3	iii	South	Window scale	Encounter § Window scaling for details[x] [SYN]
iv	2	North/A	Selective Acknowledgement permitted	Run across § Selective acknowledgments for details[11] [SYN]
5	Northward (ten, 18, 26, or 34)	BBBB, EEEE, ...	Selective ACKnowledgement (SACK)[12]	These offset two bytes are followed by a list of 1–four blocks being selectively acknowledged, specified as 32-bit begin/end pointers.
8	x	TTTT, EEEE	Timestamp and echo of previous timestamp	Come across § TCP timestamps for details[13]

The remaining Option-Kind values are historical, obsolete, experimental, not nonetheless standardized, or unassigned. Option number assignments are maintained by the IANA.^[xiv]

Padding

The TCP header padding is used to ensure that the TCP header ends, and data begins, on a 32-fleck boundary. The padding is composed of zeros.^[15]

Protocol operation [edit]

A Simplified TCP Land Diagram. Run across TCP EFSM diagram for a more than detailed state diagram including the states inside the ESTABLISHED land.

TCP protocol operations may be divided into three phases. Connection establishment is a multi-step handshake process that establishes a connexion before entering the data transfer phase. Later information transfer is completed, the connection termination closes the connection and releases all allocated resources.

A TCP connection is managed by an operating system through a resource that represents the local end-point for communications, the Internet socket. During the lifetime of a TCP connexion, the local stop-point undergoes a series of state changes:^[16]

TCP socket states

Land	Endpoint	Description
LISTEN	Server	Waiting for a connection request from whatever remote TCP end-point.
SYN-SENT	Client	Waiting for a matching connectedness request after having sent a connection request.
SYN-RECEIVED	Server	Waiting for a confirming connection request acknowledgment after having both received and sent a connection request.
ESTABLISHED	Server and client	An open connection, information received can be delivered to the user. The normal country for the data transfer phase of the connection.
FIN-Await-1	Server and client	Waiting for a connectedness termination request from the remote TCP, or an acknowledgment of the connection termination asking previously sent.
FIN-Wait-ii	Server and customer	Waiting for a connection termination request from the remote TCP.
CLOSE-WAIT	Server and client	Waiting for a connection termination asking from the local user.
CLOSING	Server and client	Waiting for a connectedness termination request acknowledgment from the remote TCP.
Concluding-ACK	Server and customer	Waiting for an acknowledgment of the connectedness termination asking previously sent to the remote TCP (which includes an acknowledgment of its connection termination request).
TIME-Expect	Server or client	Waiting for plenty time to laissez passer to be sure the remote TCP received the acknowledgment of its connection termination request.[eastward]
CLOSED	Server and client	No connection state at all.

Connection establishment [edit]

Before a client attempts to connect with a server, the server must first demark to and listen at a port to open up information technology up for connections: this is called a passive open. One time the passive open is established, a client may found a connection by initiating an active open up using the three-mode (or iii-pace) handshake:

1. SYN: The active open is performed by the client sending a SYN to the server. The client sets the segment's sequence number to a random value A.
2. SYN-ACK: In response, the server replies with a SYN-ACK. The acknowledgment number is ready to i more than the received sequence number i.e. A+one, and the sequence number that the server chooses for the packet is some other random number, B.
3. ACK: Finally, the customer sends an ACK back to the server. The sequence number is set to the received acquittance value i.e. A+1, and the acknowledgment number is set to 1 more than the received sequence number i.e. B+1.

Steps 1 and 2 establish and admit the sequence number for i direction. Steps two and 3 establish and acknowledge the sequence number for the other direction. Following the completion of these steps, both the client and server take received acknowledgments and a total-duplex advice is established.

Connection termination [edit]

The connection termination phase uses a four-manner handshake, with each side of the connection terminating independently. When an endpoint wishes to stop its half of the connectedness, information technology transmits a FIN packet, which the other terminate acknowledges with an ACK. Therefore, a typical tear-down requires a pair of FIN and ACK segments from each TCP endpoint. After the side that sent the first FIN has responded with the final ACK, it waits for a timeout before finally closing the connectedness, during which time the local port is unavailable for new connections; this prevents possible confusion that can occur if delayed packets associated with a previous connection are delivered during a subsequent connection.

Information technology is also possible to terminate the connection by a 3-way handshake, when host A sends a FIN and host B replies with a FIN & ACK (combining ii steps into one) and host A replies with an ACK.^[17]

Some operating systems, such equally Linux and HP-UX,^{[ citation needed ]} implement a one-half-duplex close sequence. If the host actively closes a connection, while still having unread incoming data available, the host sends the signal RST (losing any received data) instead of FIN. This assures that a TCP application is aware there was a data loss.^[18]

A connection tin can be in a one-half-open up state, in which example one side has terminated the connectedness, but the other has not. The side that has terminated tin no longer send any data into the connection, but the other side can. The terminating side should keep reading the data until the other side terminates also.^{[ commendation needed ]}

Resources usage [edit]

Well-nigh implementations allocate an entry in a table that maps a session to a running operating system process. Because TCP packets do not include a session identifier, both endpoints identify the session using the client's address and port. Whenever a packet is received, the TCP implementation must perform a lookup on this table to observe the destination process. Each entry in the table is known equally a Transmission Control Block or TCB. It contains data almost the endpoints (IP and port), status of the connection, running data about the packets that are being exchanged and buffers for sending and receiving information.

The number of sessions in the server side is limited merely past memory and can grow as new connections arrive, but the client must classify an ephemeral port earlier sending the first SYN to the server. This port remains allocated during the whole chat and effectively limits the number of outgoing connections from each of the client's IP addresses. If an awarding fails to properly close unrequired connections, a customer can run out of resources and become unable to constitute new TCP connections, fifty-fifty from other applications.

Both endpoints must also allocate space for unacknowledged packets and received (but unread) data.

Data transfer [edit]

The Transmission Control Protocol differs in several key features compared to the User Datagram Protocol:

• Ordered information transfer: the destination host rearranges segments co-ordinate to a sequence number^[6]
• Retransmission of lost packets: any cumulative stream not acknowledged is retransmitted^[6]
• Error-free data transfer: corrupted packets are treated as lost and are retransmitted^[nineteen]
• Flow control: limits the charge per unit a sender transfers data to guarantee reliable delivery. The receiver continually hints the sender on how much data can be received. When the receiving host's buffer fills, the side by side acknowledgment suspends the transfer and allows the information in the buffer to exist candy.^[6]
• Congestion control: lost packets (presumed due to congestion) trigger a reduction in data delivery charge per unit^[6]

Reliable manual [edit]

TCP uses a sequence number to identify each byte of data. The sequence number identifies the order of the bytes sent from each estimator so that the data can be reconstructed in gild, regardless of whatsoever out-of-order delivery that may occur. The sequence number of the first byte is chosen by the transmitter for the first packet, which is flagged SYN. This number can exist arbitrary, and should, in fact, be unpredictable to defend against TCP sequence prediction attacks.

Acknowledgements (ACKs) are sent with a sequence number by the receiver of data to tell the sender that information has been received to the specified byte. ACKs do non imply that the information has been delivered to the application, they merely signify that it is now the receiver'due south responsibleness to evangelize the data.

Reliability is accomplished by the sender detecting lost data and retransmitting it. TCP uses two master techniques to identify loss. Retransmission timeout (RTO) and duplicate cumulative acknowledgements (DupAcks).

Dupack-based retransmission [edit]

If a unmarried segment (say segment number 100) in a stream is lost, then the receiver cannot admit packets above that segment number (100) because information technology uses cumulative ACKs. Hence the receiver acknowledges package 99 once more on the receipt of some other data packet. This indistinguishable acknowledgement is used every bit a bespeak for packet loss. That is, if the sender receives three duplicate acknowledgements, it retransmits the terminal unacknowledged packet. A threshold of iii is used because the network may reorder segments causing duplicate acknowledgements. This threshold has been demonstrated to avoid spurious retransmissions due to reordering.^[20] Some TCP implementation use selective acknowledgements (SACKs) to provide explicit feedback virtually the segments that have been received. This greatly improves TCP's ability to retransmit the correct segments.

Timeout-based retransmission [edit]

When a sender transmits a segment, it initializes a timer with a conservative judge of the arrival time of the acknowledgement. The segment is retransmitted if the timer expires, with a new timeout threshold of twice the previous value, resulting in exponential backoff beliefs. Typically, the initial timer value is ${\displaystyle {\text{smoothed RTT}}+\max(G,4\times {\text{RTT variation}})}$ , where ${\displaystyle G}$ is the clock granularity.^[21] This guards confronting excessive transmission traffic due to faulty or malicious actors, such every bit man-in-the-middle denial of service attackers.

Fault detection [edit]

Sequence numbers let receivers to discard indistinguishable packets and properly sequence out-of-society packets. Acknowledgments let senders to determine when to retransmit lost packets.

To assure correctness a checksum field is included; meet § Checksum computation for details. The TCP checksum is a weak check by modern standards and is normally paired with a CRC integrity cheque at layer 2, below both TCP and IP, such as is used in PPP or the Ethernet frame. However, introduction of errors in packets between CRC-protected hops is mutual and the 16-bit TCP checksum catches most of these.^[22]

Flow control [edit]

TCP uses an end-to-end menstruation control protocol to avoid having the sender transport data too fast for the TCP receiver to receive and process it reliably. Having a mechanism for flow command is essential in an environment where machines of diverse network speeds communicate. For example, if a PC sends data to a smartphone that is slowly processing received information, the smartphone must exist able to regulate the data period so every bit not to be overwhelmed.^[six]

TCP uses a sliding window period command protocol. In each TCP segment, the receiver specifies in the receive window field the amount of additionally received data (in bytes) that it is willing to buffer for the connection. The sending host can send only up to that corporeality of data before it must expect for an acknowledgement and receive window update from the receiving host.

TCP sequence numbers and receive windows conduct very much like a clock. The receive window shifts each fourth dimension the receiver receives and acknowledges a new segment of information. One time it runs out of sequence numbers, the sequence number loops back to 0.

When a receiver advertises a window size of 0, the sender stops sending information and starts the persist timer. The persist timer is used to protect TCP from a deadlock situation that could ascend if a subsequent window size update from the receiver is lost, and the sender cannot ship more than information until receiving a new window size update from the receiver. When the persist timer expires, the TCP sender attempts recovery by sending a small-scale package so that the receiver responds past sending another acknowledgement containing the new window size.

If a receiver is processing incoming data in small increments, information technology may repeatedly advertise a small-scale receive window. This is referred to equally the light-headed window syndrome, since it is inefficient to ship only a few bytes of information in a TCP segment, given the relatively large overhead of the TCP header.

Congestion command [edit]

The concluding main aspect of TCP is congestion control. TCP uses a number of mechanisms to accomplish high performance and avoid congestion collapse, where network performance can fall by several orders of magnitude. These mechanisms control the charge per unit of information inbound the network, keeping the data catamenia below a charge per unit that would trigger collapse. They also yield an approximately max-min off-white allotment between flows.

Acknowledgments for information sent, or lack of acknowledgments, are used by senders to infer network weather between the TCP sender and receiver. Coupled with timers, TCP senders and receivers tin can modify the behavior of the catamenia of data. This is more than generally referred to as congestion command and/or network congestion avoidance.

Modern implementations of TCP incorporate 4 intertwined algorithms: slow-start, congestion avoidance, fast retransmit, and fast recovery (RFC 5681).

In addition, senders utilize a retransmission timeout (RTO) that is based on the estimated round-trip time (or RTT) betwixt the sender and receiver, as well as the variance in this round trip time. The beliefs of this timer is specified in RFC 6298. There are subtleties in the estimation of RTT. For example, senders must be careful when calculating RTT samples for retransmitted packets; typically they use Karn'southward Algorithm or TCP timestamps (run into RFC 1323). These individual RTT samples are and so averaged over time to create a Smoothed Round Trip Time (SRTT) using Jacobson'due south algorithm. This SRTT value is what is finally used as the round-trip fourth dimension judge.

Enhancing TCP to reliably handle loss, minimize errors, manage congestion and go fast in very high-speed environments are ongoing areas of research and standards development. Every bit a result, at that place are a number of TCP congestion avoidance algorithm variations.

Maximum segment size [edit]

The maximum segment size (MSS) is the largest corporeality of data, specified in bytes, that TCP is willing to receive in a single segment. For all-time performance, the MSS should be set small plenty to avoid IP fragmentation, which can lead to packet loss and excessive retransmissions. To try to accomplish this, typically the MSS is announced by each side using the MSS selection when the TCP connection is established, in which case it is derived from the maximum transmission unit (MTU) size of the data link layer of the networks to which the sender and receiver are directly attached. Furthermore, TCP senders can use path MTU discovery to infer the minimum MTU forth the network path between the sender and receiver, and employ this to dynamically adjust the MSS to avoid IP fragmentation within the network.

MSS proclamation is as well often called "MSS negotiation". Strictly speaking, the MSS is non "negotiated" between the originator and the receiver, because that would imply that both originator and receiver volition negotiate and agree upon a unmarried, unified MSS that applies to all communication in both directions of the connexion. In fact, 2 completely independent values of MSS are permitted for the ii directions of information flow in a TCP connection.^[23] This situation may arise, for example, if 1 of the devices participating in a connection has an extremely limited amount of memory reserved (mayhap even smaller than the overall discovered Path MTU) for processing incoming TCP segments.

Selective acknowledgments [edit]

Relying purely on the cumulative acquittance scheme employed past the original TCP protocol can lead to inefficiencies when packets are lost. For example, suppose bytes with sequence number 1,000 to 10,999 are sent in x different TCP segments of equal size, and the 2d segment (sequence numbers 2,000 to two,999) is lost during manual. In a pure cumulative acknowledgment protocol, the receiver tin but ship a cumulative ACK value of 2,000 (the sequence number immediately following the final sequence number of the received data) and cannot say that it received bytes three,000 to 10,999 successfully. Thus the sender may then take to resend all data starting with sequence number 2,000.

To alleviate this issue TCP employs the selective acquittance (SACK) option, defined in 1996 in RFC 2018, which allows the receiver to acknowledge discontinuous blocks of packets which were received correctly, in addition to the sequence number immediately post-obit the final sequence number of the concluding contiguous byte received successively, every bit in the bones TCP acknowledgment. The acknowledgement can specify a number of SACK blocks, where each SACK block is conveyed past the Left Edge of Cake (the first sequence number of the cake) and the Right Edge of Cake (the sequence number immediately following the terminal sequence number of the block), with a Block existence a contiguous range that the receiver correctly received. In the example higher up, the receiver would send an ACK segment with a cumulative ACK value of 2,000 and a SACK option header with sequence numbers 3,000 and eleven,000. The sender would appropriately retransmit only the second segment with sequence numbers two,000 to two,999.

A TCP sender tin interpret an out-of-society segment delivery equally a lost segment. If it does and then, the TCP sender volition retransmit the segment previous to the out-of-order bundle and ho-hum its data delivery rate for that connectedness. The indistinguishable-SACK option, an extension to the SACK option that was defined in May 2000 in RFC 2883, solves this problem. The TCP receiver sends a D-ACK to indicate that no segments were lost, and the TCP sender can then reinstate the college manual-charge per unit.

The SACK option is not mandatory, and comes into operation merely if both parties back up information technology. This is negotiated when a connection is established. SACK uses a TCP header choice (see TCP segment structure for details). The use of SACK has become widespread—all popular TCP stacks support information technology. Selective acquittance is also used in Stream Command Transmission Protocol (SCTP).

Window scaling [edit]

For more efficient use of high-bandwidth networks, a larger TCP window size may be used. The TCP window size field controls the flow of data and its value is limited to between 2 and 65,535 bytes.

Since the size field cannot be expanded, a scaling factor is used. The TCP window scale option, as divers in RFC 1323, is an option used to increase the maximum window size from 65,535 bytes to 1 gigabyte. Scaling up to larger window sizes is a part of what is necessary for TCP tuning.

The window scale option is used only during the TCP 3-manner handshake. The window scale value represents the number of $.25 to left-shift the 16-bit window size field. The window scale value can exist set from 0 (no shift) to fourteen for each management independently. Both sides must send the pick in their SYN segments to enable window scaling in either direction.

Some routers and package firewalls rewrite the window scaling factor during a transmission. This causes sending and receiving sides to assume different TCP window sizes. The result is non-stable traffic that may be very boring. The problem is visible on some sites behind a defective router.^[24]

TCP timestamps [edit]

TCP timestamps, divers in RFC 1323 in 1992, tin help TCP determine in which order packets were sent. TCP timestamps are not normally aligned to the system clock and start at some random value. Many operating systems volition increment the timestamp for every elapsed millisecond; however the RFC just states that the ticks should exist proportional.

There are ii timestamp fields:

a 4-byte sender timestamp value (my timestamp)

a four-byte echo reply timestamp value (the most contempo timestamp received from you).

TCP timestamps are used in an algorithm known equally Protection Against Wrapped Sequence numbers, or PAWS (come across RFC 1323 for details). PAWS is used when the receive window crosses the sequence number wraparound boundary. In the case where a parcel was potentially retransmitted it answers the question: "Is this sequence number in the offset 4 GB or the second?" And the timestamp is used to intermission the tie.

Also, the Eifel detection algorithm (RFC 3522) uses TCP timestamps to determine if retransmissions are occurring because packets are lost or merely out of order.

Contempo Statistics show that the level of Timestamp adoption has stagnated, at ~xl%, owing to Windows server dropping support since Windows Server 2008.^[25]

TCP timestamps are enabled by default In Linux kernel.,^[26] and disabled by default in Windows Server 2008, 2012 and 2016.^[27]

Out-of-band data [edit]

It is possible to interrupt or abort the queued stream instead of waiting for the stream to finish. This is done past specifying the data every bit urgent. This tells the receiving program to process it immediately, along with the residual of the urgent information. When finished, TCP informs the awarding and resumes dorsum to the stream queue. An example is when TCP is used for a remote login session, the user tin can ship a keyboard sequence that interrupts or aborts the program at the other end. These signals are most often needed when a program on the remote machine fails to operate correctly. The signals must be sent without waiting for the program to finish its current transfer.^[6]

TCP out-of-band data was not designed for the modern Internet. The urgent arrow but alters the processing on the remote host and doesn't expedite whatever processing on the network itself. When it gets to the remote host at that place are two slightly dissimilar interpretations of the protocol, which means only unmarried bytes of OOB information are reliable. This is assuming it is reliable at all every bit it is one of the least commonly used protocol elements and tends to be poorly implemented.^{[28] [29]}

Forcing data delivery [edit]

Unremarkably, TCP waits for 200 ms for a full bundle of data to send (Nagle's Algorithm tries to group small messages into a single packet). This await creates small, simply potentially serious delays if repeated constantly during a file transfer. For example, a typical send block would be four KB, a typical MSS is 1460, so 2 packets leave on a ten Mbit/s ethernet taking ~1.two ms each followed past a third carrying the remaining 1176 later on a 197 ms pause considering TCP is waiting for a full buffer.

In the case of telnet, each user keystroke is echoed dorsum past the server earlier the user can see information technology on the screen. This delay would go very annoying.

Setting the socket option TCP_NODELAY overrides the default 200 ms send filibuster. Application programs apply this socket choice to force output to be sent after writing a character or line of characters.

The RFC defines the PSH push scrap as "a message to the receiving TCP stack to send this data immediately upward to the receiving application".^[6] There is no manner to bespeak or command it in user infinite using Berkeley sockets and it is controlled by protocol stack but.^[30]

Vulnerabilities [edit]

TCP may exist attacked in a variety of ways. The results of a thorough security cess of TCP, along with possible mitigations for the identified issues, were published in 2009,^[31] and is currently^{[ when? ]} beingness pursued within the IETF.^[32]

Denial of service [edit]

Past using a spoofed IP address and repeatedly sending purposely assembled SYN packets, followed by many ACK packets, attackers can crusade the server to consume big amounts of resources keeping runway of the bogus connections. This is known as a SYN flood attack. Proposed solutions to this problem include SYN cookies and cryptographic puzzles, though SYN cookies come with their own set of vulnerabilities.^[33] Sockstress is a similar attack, that might be mitigated with system resource management.^[34] An advanced DoS assail involving the exploitation of the TCP Persist Timer was analyzed in Phrack #66.^[35] Push button and ACK floods are other variants.^[36]

Connection hijacking [edit]

An attacker who is able to eavesdrop a TCP session and redirect packets can hijack a TCP connection. To do so, the assaulter learns the sequence number from the ongoing communication and forges a false segment that looks like the adjacent segment in the stream. Such a simple hijack can effect in one parcel existence erroneously accepted at ane end. When the receiving host acknowledges the extra segment to the other side of the connexion, synchronization is lost. Hijacking might be combined with Address Resolution Protocol (ARP) or routing attacks that permit taking control of the packet menstruation, and then as to go permanent control of the hijacked TCP connection.^[37]

Impersonating a different IP accost was not difficult prior to RFC 1948, when the initial sequence number was easily guessable. That allowed an attacker to blindly send a sequence of packets that the receiver would believe to come up from a unlike IP address, without the demand to deploy ARP or routing attacks: it is enough to ensure that the legitimate host of the impersonated IP address is down, or bring it to that condition using deprival-of-service attacks. This is why the initial sequence number is now chosen at random.

TCP veto [edit]

An attacker who tin eavesdrop and predict the size of the next packet to be sent can crusade the receiver to accept a malicious payload without disrupting the existing connection. The assaulter injects a malicious bundle with the sequence number and a payload size of the next expected bundle. When the legitimate packet is ultimately received, it is found to have the same sequence number and length equally a packet already received and is silently dropped equally a normal duplicate packet—the legitimate bundle is "vetoed" past the malicious packet. Unlike in connexion hijacking, the connection is never desynchronized and communication continues as normal after the malicious payload is accustomed. TCP veto gives the attacker less control over the communication, merely makes the assault particularly resistant to detection. The large increase in network traffic from the ACK storm is avoided. The simply show to the receiver that something is amiss is a single duplicate packet, a normal occurrence in an IP network. The sender of the vetoed packet never sees whatsoever evidence of an attack.^[38]

Another vulnerability is the TCP reset attack.

TCP ports [edit]

TCP and UDP use port numbers to identify sending and receiving application end-points on a host, often called Internet sockets. Each side of a TCP connexion has an associated 16-scrap unsigned port number (0-65535) reserved by the sending or receiving application. Arriving TCP packets are identified as belonging to a specific TCP connection by its sockets, that is, the combination of source host address, source port, destination host address, and destination port. This means that a server computer tin provide several clients with several services simultaneously, as long every bit a client takes care of initiating whatsoever simultaneous connections to one destination port from unlike source ports.

Port numbers are categorized into 3 basic categories: well-known, registered, and dynamic/private. The well-known ports are assigned by the Internet Assigned Numbers Authorisation (IANA) and are typically used past system-level or root processes. Well-known applications running every bit servers and passively listening for connections typically apply these ports. Some examples include: FTP (xx and 21), SSH (22), TELNET (23), SMTP (25), HTTP over SSL/TLS (443), and HTTP (lxxx). Note, equally of the latest standard, HTTP/3, QUIC is used as a transport instead of TCP. Registered ports are typically used by end user applications as imperceptible source ports when contacting servers, but they can besides identify named services that accept been registered past a tertiary political party. Dynamic/private ports tin can also be used by end user applications, just are less usually so. Dynamic/private ports practice not contain whatever pregnant outside of any particular TCP connection.

Network Address Translation (NAT), typically uses dynamic port numbers, on the ("Net-facing") public side, to disambiguate the flow of traffic that is passing betwixt a public network and a private subnetwork, thereby allowing many IP addresses (and their ports) on the subnet to be serviced by a single public-facing address.

Development [edit]

TCP is a complex protocol. However, while significant enhancements accept been made and proposed over the years, its most bones functioning has not changed significantly since its first specification RFC 675 in 1974, and the v4 specification RFC 793, published in September 1981. RFC 1122, Host Requirements for Internet Hosts, clarified a number of TCP protocol implementation requirements. A listing of the 8 required specifications and over 20 strongly encouraged enhancements is available in RFC 7414. Among this list is RFC 2581, TCP Congestion Command, one of the most important TCP-related RFCs in recent years, describes updated algorithms that avoid undue congestion. In 2001, RFC 3168 was written to describe Explicit Congestion Notification (ECN), a congestion avoidance signaling mechanism.

The original TCP congestion abstention algorithm was known as "TCP Tahoe", but many alternative algorithms have since been proposed (including TCP Reno, TCP Vegas, FAST TCP, TCP New Reno, and TCP Hybla).

TCP Interactive (iTCP) ^[39] is a research effort into TCP extensions that allows applications to subscribe to TCP events and register handler components that can launch applications for various purposes, including application-assisted congestion control.

Multipath TCP (MPTCP) ^{[40] [41]} is an ongoing endeavor within the IETF that aims at allowing a TCP connexion to apply multiple paths to maximize resource usage and increase redundancy. The redundancy offered past Multipath TCP in the context of wireless networks enables the simultaneous utilization of different networks, which brings college throughput and better handover capabilities. Multipath TCP likewise brings operation benefits in datacenter environments.^[42] The reference implementation^[43] of Multipath TCP is being adult in the Linux kernel.^[44] Multipath TCP is used to support the Siri voice recognition awarding on iPhones, iPads and Macs ^[45]

tcpcrypt is an extension proposed in July 2010 to provide transport-level encryption direct in TCP itself. It is designed to piece of work transparently and not require any configuration. Unlike TLS (SSL), tcpcrypt itself does not provide authentication, but provides uncomplicated primitives down to the application to do that. As of 2010^[update], the showtime tcpcrypt IETF draft has been published and implementations exist for several major platforms.

TCP Fast Open is an extension to speed upwardly the opening of successive TCP connections between ii endpoints. It works by skipping the iii-manner handshake using a cryptographic "cookie". Information technology is like to an earlier proposal called T/TCP, which was not widely adopted due to security bug.^[46] TCP Fast Open was published equally RFC 7413 in 2014.^[47]

Proposed in May 2013, Proportional Rate Reduction (PRR) is a TCP extension adult by Google engineers. PRR ensures that the TCP window size after recovery is equally close to the Slow-start threshold equally possible.^[48] The algorithm is designed to improve the speed of recovery and is the default congestion control algorithm in Linux 3.2+ kernels.^[49]

Deprecated proposals [edit]

TCP Cookie Transactions (TCPCT) is an extension proposed in December 2009 to secure servers against deprival-of-service attacks. Unlike SYN cookies, TCPCT does not disharmonize with other TCP extensions such as window scaling. TCPCT was designed due to necessities of DNSSEC, where servers have to handle large numbers of short-lived TCP connections. In 2016, TCPCT was deprecated in favor of TCP Fast Open. Condition of the original RFC was changed to "historic".^[50]

TCP over wireless networks [edit]

TCP was originally designed for wired networks. Packet loss is considered to be the result of network congestion and the congestion window size is reduced dramatically every bit a precaution. However, wireless links are known to experience sporadic and unremarkably temporary losses due to fading, shadowing, hand off, interference, and other radio effects, that are non strictly congestion. After the (erroneous) back-off of the congestion window size, due to wireless bundle loss, at that place may be a congestion avoidance phase with a conservative decrease in window size. This causes the radio link to be underutilized. All-encompassing enquiry on combating these harmful effects has been conducted. Suggested solutions tin be categorized as end-to-end solutions, which crave modifications at the customer or server,^[51] link layer solutions, such every bit Radio Link Protocol (RLP) in cellular networks, or proxy-based solutions which crave some changes in the network without modifying end nodes.^{[51] [52]}

A number of alternative congestion control algorithms, such as Vegas, Westwood, Veno, and Santa Cruz, have been proposed to assistance solve the wireless problem.^{[ citation needed ]}

Hardware implementations [edit]

One way to overcome the processing ability requirements of TCP is to build hardware implementations of it, widely known every bit TCP offload engines (TOE). The main trouble of TOEs is that they are hard to integrate into computing systems, requiring all-encompassing changes in the operating system of the computer or device. I company to develop such a device was Alacritech.

Debugging [edit]

A packet sniffer, which intercepts TCP traffic on a network link, tin can be useful in debugging networks, network stacks, and applications that use TCP by showing the user what packets are passing through a link. Some networking stacks support the SO_DEBUG socket choice, which tin can be enabled on the socket using setsockopt. That option dumps all the packets, TCP states, and events on that socket, which is helpful in debugging. Netstat is another utility that can be used for debugging.

Alternatives [edit]

For many applications TCP is non appropriate. One problem (at least with normal implementations) is that the awarding cannot admission the packets coming subsequently a lost packet until the retransmitted re-create of the lost parcel is received. This causes problems for real-time applications such every bit streaming media, real-time multiplayer games and vox over IP (VoIP) where it is generally more useful to get nigh of the data in a timely fashion than it is to get all of the data in order.

For historical and functioning reasons, most storage area networks (SANs) use Fibre Channel Protocol (FCP) over Fibre Channel connections.

Also, for embedded systems, network booting, and servers that serve uncomplicated requests from huge numbers of clients (e.g. DNS servers) the complexity of TCP tin be a problem. Finally, some tricks such equally transmitting data between two hosts that are both behind NAT (using STUN or similar systems) are far simpler without a relatively complex protocol similar TCP in the way.

Mostly, where TCP is unsuitable, the User Datagram Protocol (UDP) is used. This provides the application multiplexing and checksums that TCP does, merely does not handle streams or retransmission, giving the application developer the ability to code them in a mode suitable for the situation, or to replace them with other methods similar forward mistake correction or interpolation.

Stream Control Transmission Protocol (SCTP) is another protocol that provides reliable stream oriented services similar to TCP. It is newer and considerably more than complex than TCP, and has not nevertheless seen widespread deployment. However, it is especially designed to exist used in situations where reliability and near-existent-fourth dimension considerations are important.

Venturi Send Protocol (VTP) is a patented proprietary protocol that is designed to supplant TCP transparently to overcome perceived inefficiencies related to wireless information transport.

TCP also has issues in high-bandwidth environments. The TCP congestion abstention algorithm works very well for advertising-hoc environments where the data sender is non known in accelerate. If the surroundings is predictable, a timing based protocol such as Asynchronous Transfer Way (ATM) can avert TCP's retransmits overhead.

UDP-based Information Transfer Protocol (UDT) has better efficiency and fairness than TCP in networks that have high bandwidth-delay production.^[53]

Multipurpose Transaction Protocol (MTP/IP) is patented proprietary software that is designed to adaptively achieve high throughput and transaction performance in a wide variety of network weather, peculiarly those where TCP is perceived to be inefficient.

Checksum ciphering [edit]

TCP checksum for IPv4 [edit]

When TCP runs over IPv4, the method used to compute the checksum is defined in RFC 793:

The checksum field is the 16 chip one's complement of the ane's complement sum of all xvi-bit words in the header and text. If a segment contains an odd number of header and text octets to be checksummed, the last octet is padded on the right with zeros to class a 16-bit word for checksum purposes. The pad is not transmitted as part of the segment. While computing the checksum, the checksum field itself is replaced with zeros.

In other words, afterward appropriate padding, all sixteen-fleck words are added using i'due south complement arithmetic. The sum is then bitwise complemented and inserted as the checksum field. A pseudo-header that mimics the IPv4 packet header used in the checksum ciphering is shown in the table below.

TCP pseudo-header for checksum computation (IPv4)

Bit offset	0–3				4–vii				8–15								16–31
0	Source address
32	Destination accost
64	Zeros								Protocol								TCP length
96	Source port																Destination port
128	Sequence number
160	Acknowledgement number
192	Information offset				Reserved			Flags									Window
224	Checksum																Urgent arrow
256	Options (optional)
256/288+	Information

The source and destination addresses are those of the IPv4 header. The protocol value is 6 for TCP (cf. Listing of IP protocol numbers). The TCP length field is the length of the TCP header and information (measured in octets).

TCP checksum for IPv6 [edit]

When TCP runs over IPv6, the method used to compute the checksum is changed, as per RFC 2460:

Any send or other upper-layer protocol that includes the addresses from the IP header in its checksum ciphering must be modified for use over IPv6, to include the 128-chip IPv6 addresses instead of 32-bit IPv4 addresses.

A pseudo-header that mimics the IPv6 header for computation of the checksum is shown below.

TCP pseudo-header for checksum computation (IPv6)

Bit offset	0–7								8–fifteen								16–23								24–31
0	Source address
32
64
96
128	Destination accost
160
192
224
256	TCP length
288	Zeros																								Next header = Protocol
320	Source port																Destination port
352	Sequence number
384	Acknowledgement number
416	Data offset				Reserved				Flags								Window
448	Checksum																Urgent pointer
480	Options (optional)
480/512+	Data

• Source address: the one in the IPv6 header
• Destination address: the final destination; if the IPv6 packet doesn't contain a Routing header, TCP uses the destination address in the IPv6 header, otherwise, at the originating node, it uses the accost in the last element of the Routing header, and, at the receiving node, it uses the destination address in the IPv6 header.
• TCP length: the length of the TCP header and data
• Next Header: the protocol value for TCP

Checksum offload [edit]

Many TCP/IP software stack implementations provide options to use hardware assistance to automatically compute the checksum in the network adapter prior to transmission onto the network or upon reception from the network for validation. This may relieve the Bone from using precious CPU cycles calculating the checksum. Hence, overall network functioning is increased.

This characteristic may cause packet analyzers that are unaware or uncertain almost the use of checksum offload to report invalid checksums in outbound packets that have not yet reached the network adapter.^[54] This will only occur for packets that are intercepted before being transmitted past the network adapter; all packets transmitted past the network adaptor on the wire will have valid checksums.^[55] This issue tin also occur when monitoring packets being transmitted between virtual machines on the aforementioned host, where a virtual device driver may omit the checksum calculation (every bit an optimization), knowing that the checksum volition be calculated later past the VM host kernel or its physical hardware.

RFC documents [edit]

• RFC 675 – Specification of Internet Transmission Command Program, December 1974 Version
• RFC 793 – TCP v4
• STD seven – Transmission Control Protocol, Protocol specification
• RFC 1122 – includes some error corrections for TCP
• RFC 1323 – TCP Extensions for Loftier Performance [Obsoleted by RFC 7323]
• RFC 1379 – Extending TCP for Transactions—Concepts [Obsoleted by RFC 6247]
• RFC 1948 – Defending Against Sequence Number Attacks
• RFC 2018 – TCP Selective Acknowledgment Options
• RFC 5681 – TCP Congestion Control
• RFC 6247 – Moving the Undeployed TCP Extensions RFC 1072, RFC 1106, RFC 1110, RFC 1145, RFC 1146, RFC 1379, RFC 1644, and RFC 1693 to Historic Condition
• RFC 6298 – Computing TCP's Retransmission Timer
• RFC 6824 – TCP Extensions for Multipath Functioning with Multiple Addresses
• RFC 7323 – TCP Extensions for High Performance
• RFC 7414 – A Roadmap for TCP Specification Documents

See besides [edit]

• Connection-oriented communication
• List of TCP and UDP port numbers (a long list of ports and services)
• Micro-bursting (networking)
• T/TCP variant of TCP
• TCP global synchronization
• TCP pacing
• Transport layer § Comparison of send layer protocols
• WTCP a proxy-based modification of TCP for wireless networks

Notes [edit]

1. ^ Experimental: see RFC 3540
2. ^ ^{a b} Added to header past RFC 3168
3. ^ Windows size units are, past default, bytes.
4. ^ Window size is relative to the segment identified by the sequence number in the acknowledgment field.
5. ^ According to RFC 793 a connection can stay in TIME-WAIT for a maximum of four minutes known as ii maximum segment lifetime (MSL).

References [edit]

1. ^ Vinton Chiliad. Cerf; Robert E. Kahn (May 1974). "A Protocol for Packet Network Intercommunication" (PDF). IEEE Transactions on Communications. 22 (5): 637–648. doi:10.1109/tcom.1974.1092259. Archived from the original (PDF) on March four, 2016.
2. ^ Bennett, Richard (September 2009). "Designed for Change: End-to-Stop Arguments, Cyberspace Innovation, and the Net Neutrality Contend" (PDF). Information technology and Innovation Foundation. p. xi. Retrieved 11 September 2017.
3. ^ Cerf, Vinton; Dalal, Yogen; Sunshine, Carl (December 1974), RFC 675, Specification of Internet Transmission Command Protocol
4. ^ "Robert Due east Kahn - A.M. Turing Award Laureate". amturing.acm.org.
5. ^ "Vinton Cerf - A.M. Turing Award Laureate". amturing.acm.org.
6. ^ ^{a b c d due east f g h i} Comer, Douglas E. (2006). Internetworking with TCP/IP: Principles, Protocols, and Compages. Vol. 1 (5th ed.). Prentice Hall. ISBN978-0-13-187671-two.
7. ^ "TCP (Manual Command Protocol)". Retrieved 2019-06-26 .
8. ^ "RFC 791 – department 2.2".
9. ^ Transmission Control Protocol. IETF. September 1981. doi:10.17487/RFC0793. RFC 793.
10. ^ TCP Extensions for High Performance. sec. two.2. RFC1323.
11. ^ "RFC 2018, TCP Selective Acknowledgement Options, Section two".
12. ^ "RFC 2018, TCP Selective Acknowledgement Options, Department three".
13. ^ "RFC 1323, TCP Extensions for High Operation, Section 3.2".
14. ^ "Transmission Control Protocol (TCP) Parameters: TCP Option Kind Numbers". IANA.
15. ^ RFC 793 section 3.1
16. ^ RFC 793 Section 3.2
17. ^ Tanenbaum, Andrew S. (2003-03-17). Computer Networks (Fourth ed.). Prentice Hall. ISBN978-0-13-066102-9.
18. ^ RFC 1122, Section 4.2.2.13
19. ^ "TCP Definition". Retrieved 2011-03-12 .
20. ^ Mathis; Mathew; Semke; Mahdavi; Ott (1997). "The macroscopic beliefs of the TCP congestion abstention algorithm". ACM SIGCOMM Calculator Advice Review. 27 (three): 67–82. CiteSeerX10.1.1.twoscore.7002. doi:10.1145/263932.264023. S2CID 1894993.
21. ^ Paxson, V.; Allman, Thousand.; Chu, J.; Sargent, 1000. (June 2011). "The Bones Algorithm". Computing TCP's Retransmission Timer. IETF. p. two. sec. 2. doi:10.17487/RFC6298. RFC 6298. Retrieved October 24, 2015.
22. ^ Stone; Partridge (2000). "When The CRC and TCP Checksum Disagree". ACM SIGCOMM Reckoner Communication Review: 309–319. CiteSeerX10.1.one.27.7611. doi:x.1145/347059.347561. ISBN978-1581132236. S2CID 9547018.
23. ^ "RFC 879".
24. ^ "TCP window scaling and broken routers [LWN.net]".
25. ^ David Murray; Terry Koziniec; Sebastian Zander; Michael Dixon; Polychronis Koutsakis (2017). "An Analysis of Irresolute Enterprise Network Traffic Characteristics" (PDF). The 23rd Asia-Pacific Conference on Communications (APCC 2017). Retrieved 3 October 2017.
26. ^ "IP sysctl". Linux Kernel Documentation . Retrieved 15 December 2018.
27. ^ Wang, Eve. "TCP timestamp is disabled". Technet - Windows Server 2012 Essentials. Microsoft. Archived from the original on 2018-12-fifteen. Retrieved 2018-12-fifteen .
28. ^ Gont, Fernando (Nov 2008). "On the implementation of TCP urgent information". 73rd IETF meeting. Retrieved 2009-01-04 .
29. ^ Peterson, Larry (2003). Computer Networks . Morgan Kaufmann. p. 401. ISBN978-one-55860-832-0.
30. ^ Richard W. Stevens (Nov 2011). TCP/IP Illustrated. Vol. 1, The protocols . Addison-Wesley. pp. Affiliate xx. ISBN978-0-201-63346-vii.
31. ^ "Security Assessment of the Manual Control Protocol (TCP)" (PDF). Archived from the original on March half dozen, 2009. Retrieved 2010-12-23 . {{cite spider web}}: CS1 maint: bot: original URL status unknown (link)
32. ^ Security Assessment of the Transmission Control Protocol (TCP)
33. ^ Jakob Lell. "Quick Blind TCP Connection Spoofing with SYN Cookies". Retrieved 2014-02-05 .
34. ^ "Some insights about the recent TCP DoS (Denial of Service) vulnerabilities" (PDF).
35. ^ "Exploiting TCP and the Persist Timer Infiniteness".
36. ^ "Push button and ACK Flood". f5.com.
37. ^ "Laurent Joncheray, Elementary Active Set on Against TCP, 1995".
38. ^ John T. Hagen; Barry E. Mullins (2013). TCP veto: A novel network attack and its application to SCADA protocols. Innovative Smart Grid Technologies (ISGT), 2013 IEEE PES. pp. 1–half-dozen. doi:10.1109/ISGT.2013.6497785. ISBN978-1-4673-4896-6. S2CID 25353177.
39. ^ "TCP Interactive". www.medianet.kent.edu.
40. ^ RFC 6182
41. ^ RFC 6824
42. ^ Raiciu; Barre; Pluntke; Greenhalgh; Wischik; Handley (2011). "Improving datacenter performance and robustness with multipath TCP". ACM SIGCOMM Reckoner Communication Review. 41 (iv): 266. CiteSeerXten.1.ane.306.3863. doi:10.1145/2043164.2018467. Archived from the original on 2020-04-04. Retrieved 2011-06-29 .
43. ^ "MultiPath TCP - Linux Kernel implementation".
44. ^ Raiciu; Paasch; Barre; Ford; Honda; Duchene; Bonaventure; Handley (2012). "How Hard Tin Information technology Exist? Designing and Implementing a Deployable Multipath TCP". Usenix NSDI: 399–412.
45. ^ Bonaventure; Seo (2016). "Multipath TCP Deployments". IETF Journal.
46. ^ Michael Kerrisk (2012-08-01). "TCP Fast Open: expediting web services". LWN.net.
47. ^ Yuchung Cheng; Jerry Chu; Sivasankar Radhakrishnan & Arvind Jain (Dec 2014). "TCP Fast Open". IETF. Retrieved 10 January 2015.
48. ^ Mathis, Matt; Dukkipati, Nandita; Cheng, Yuchung (May 2013). "RFC 6937 - Proportional Rate Reduction for TCP". Retrieved vi June 2014.
49. ^ Grigorik, Ilya (2013). High-functioning browser networking (1. ed.). Beijing: O'Reilly. ISBN978-1449344764.
50. ^ "Moving to "Historic" Condition". Moving Outdated TCP Extensions and TCP-Related Documents to Historic or Informational Status. IETF. 2016. p. iv. sec. 2.1. doi:10.17487/RFC7805. RFC 7805.
51. ^ ^{a b} "TCP performance over CDMA2000 RLP". Archived from the original on 2011-05-03. Retrieved 2010-08-xxx .
52. ^ Muhammad Adeel & Ahmad Ali Iqbal (2004). TCP Congestion Window Optimization for CDMA2000 Parcel Information Networks. International Conference on Information technology (ITNG'07). pp. 31–35. doi:x.1109/ITNG.2007.190. ISBN978-0-7695-2776-5. S2CID 8717768.
53. ^ Yunhong Gu, Xinwei Hong, and Robert L. Grossman. "An Analysis of AIMD Algorithm with Decreasing Increases". 2004.
54. ^ "Wireshark: Offloading". Wireshark captures packets before they are sent to the network adapter. It won't see the correct checksum because it has not been calculated notwithstanding. Even worse, almost OSes don't bother initialize this data so you're probably seeing trivial chunks of memory that you shouldn't. New installations of Wireshark 1.2 and to a higher place disable IP, TCP, and UDP checksum validation past default. Y'all can disable checksum validation in each of those dissectors by hand if needed.
55. ^ "Wireshark: Checksums". Checksum offloading often causes confusion as the network packets to be transmitted are handed over to Wireshark before the checksums are actually calculated. Wireshark gets these "empty" checksums and displays them equally invalid, even though the packets will contain valid checksums when they leave the network hardware subsequently.

Further reading [edit]

• Stevens, W. Richard (1994-01-10). TCP/IP Illustrated, Volume 1: The Protocols. Addison-Wesley Pub. Co. ISBN978-0-201-63346-seven.
• Stevens, W. Richard; Wright, Gary R (1994). TCP/IP Illustrated, Volume 2: The Implementation. ISBN978-0-201-63354-two.
• Stevens, W. Richard (1996). TCP/IP Illustrated, Volume 3: TCP for Transactions, HTTP, NNTP, and the UNIX Domain Protocols. ISBN978-0-201-63495-two. **

External links [edit]

• Oral history interview with Robert E. Kahn
• IANA Port Assignments
• IANA TCP Parameters
• John Kristoff's Overview of TCP (Central concepts behind TCP and how it is used to send data betwixt two endpoints)
• Checksum example
• TCP tutorial

diazmashe1968.blogspot.com

Source: https://en.wikipedia.org/wiki/Transmission_Control_Protocol

Share this post