Computer Networks

TCP: reliable delivery

Цели урока

Understand the TCP model: connection-oriented byte stream, reliability layered over unreliable IP
Read a TCP header: SYN, ACK, FIN, RST, sequence/ack number, window
Walk through the three-way handshake: SYN, SYN-ACK, ACK and why each step exists
Explain how TCP detects loss: cumulative ACK, retransmit on timeout, fast retransmit
Tell apart sequence number, acknowledgement number, and window size in a real capture

Every time you download a file and it arrives intact - that's TCP's doing. Every web page, every email, every bank transaction - TCP silently ensures that not a single byte is lost. How does it do this over unreliable communication channels?

**Web:** HTTP/1.1 and HTTP/2 run over TCP - pages load completely
**Email:** SMTP, IMAP, POP3 - messages arrive without losing characters
**Files:** FTP, SFTP, rsync - files transfer without corruption

Предварительные знания

Ports: doors into a computer

Transmission Control Protocol

**TCP** (Transmission Control Protocol) is a reliable, connection-oriented transport layer protocol. It guarantees delivery of data in the correct order, without losses or duplicates.

TCP creates the **illusion of a byte stream** between two applications. The application writes data to a socket - TCP cuts it into segments, sends them, monitors delivery, and reassembles them.

**Stream vs Datagram:** TCP is a stream protocol. There are no boundaries between messages. If you send 100 bytes, then 200 - the receiver may get 150 + 150. The application defines its own boundaries (e.g., `\n` at the end of a line).

What is TCP's primary guarantee?

Three-way handshake

Before data transfer, TCP establishes a connection via the **three-way handshake**. Three packets: SYN, SYN-ACK, ACK. After that - the connection is established.

**SYN flood attack:** An attacker sends thousands of SYNs without ACKs. The server wastes memory on half-open connections. Defense: SYN cookies - the server doesn't store state until it receives an ACK.

How many packets are needed to establish a TCP connection?

Sequence and Acknowledgment numbers

**Sequence Number (seq)** - the number of the first byte in a segment. **Acknowledgment Number (ack)** - the number of the next expected byte. Together they ensure ordering and reliability.

**ISN (Initial Sequence Number):** The initial seq is chosen randomly, not from zero. Protection against: 1) confusion with packets from old connections, 2) TCP spoofing attacks (harder to guess seq).

What does ACK with ack=5000 mean?

TCP connection states

A TCP connection goes through several states: from CLOSED through setup (SYN_SENT, ESTABLISHED) to teardown (FIN_WAIT, TIME_WAIT, CLOSED). These states are important for debugging.

**TIME_WAIT (2*MSL):** After closing, a connection stays in TIME_WAIT for 60-120 seconds. Why? To prevent old packets from that connection from entering a new one using the same ports. MSL = Maximum Segment Lifetime.

A TCP connection closes instantly after sending data

Closing requires 4 packets (FIN/ACK in both directions) plus TIME_WAIT for 60-120 seconds

TIME_WAIT ensures that all packets from the closed connection disappear from the network before those ports are reused. Otherwise a new connection could receive old packets.

Which state means "connection is active, data is being transferred"?

Key ideas

**TCP** - reliable, connection-oriented, stream protocol
**Three-way handshake:** SYN → SYN-ACK → ACK to establish
**Seq/Ack:** byte numbering for ordering and acknowledgment
**States:** LISTEN → ESTABLISHED → TIME_WAIT → CLOSED

Вопросы для размышления

Why does the handshake take 1.5 RTT instead of 1 RTT?
What happens if an ACK is lost?
Why does TIME_WAIT last so long, and can it be disabled?

Связанные уроки

net-14-udp — TCP vs UDP are two poles: reliability vs speed
net-16-tcp-flow — Flow control is the next level of TCP
net-17-tcp-congestion — Congestion control builds on top of basic TCP
net-23-https-tls — TLS runs over TCP, adding encryption
net-47-container-networking — Docker networking builds on the TCP/IP stack
alg-21-dp — TCP sliding window is the same idea as DP sliding window
bt-02-osi-tcp
bt-24-connection-pooling

Computer Networks

TCP: reliable delivery

Цели урока

Understand the TCP model: connection-oriented byte stream, reliability layered over unreliable IP
Read a TCP header: SYN, ACK, FIN, RST, sequence/ack number, window
Walk through the three-way handshake: SYN, SYN-ACK, ACK and why each step exists
Explain how TCP detects loss: cumulative ACK, retransmit on timeout, fast retransmit
Tell apart sequence number, acknowledgement number, and window size in a real capture

**Web:** HTTP/1.1 and HTTP/2 run over TCP - pages load completely
**Email:** SMTP, IMAP, POP3 - messages arrive without losing characters
**Files:** FTP, SFTP, rsync - files transfer without corruption

Предварительные знания

Ports: doors into a computer

Transmission Control Protocol

**TCP** (Transmission Control Protocol) is a reliable, connection-oriented transport layer protocol. It guarantees delivery of data in the correct order, without losses or duplicates.

TCP creates the **illusion of a byte stream** between two applications. The application writes data to a socket - TCP cuts it into segments, sends them, monitors delivery, and reassembles them.

What is TCP's primary guarantee?

Three-way handshake

Before data transfer, TCP establishes a connection via the **three-way handshake**. Three packets: SYN, SYN-ACK, ACK. After that - the connection is established.

How many packets are needed to establish a TCP connection?

Sequence and Acknowledgment numbers

**Sequence Number (seq)** - the number of the first byte in a segment. **Acknowledgment Number (ack)** - the number of the next expected byte. Together they ensure ordering and reliability.

What does ACK with ack=5000 mean?

TCP connection states

A TCP connection goes through several states: from CLOSED through setup (SYN_SENT, ESTABLISHED) to teardown (FIN_WAIT, TIME_WAIT, CLOSED). These states are important for debugging.

A TCP connection closes instantly after sending data

Closing requires 4 packets (FIN/ACK in both directions) plus TIME_WAIT for 60-120 seconds

TIME_WAIT ensures that all packets from the closed connection disappear from the network before those ports are reused. Otherwise a new connection could receive old packets.

Which state means "connection is active, data is being transferred"?

Key ideas

**TCP** - reliable, connection-oriented, stream protocol
**Three-way handshake:** SYN → SYN-ACK → ACK to establish
**Seq/Ack:** byte numbering for ordering and acknowledgment
**States:** LISTEN → ESTABLISHED → TIME_WAIT → CLOSED

Вопросы для размышления

Why does the handshake take 1.5 RTT instead of 1 RTT?
What happens if an ACK is lost?
Why does TIME_WAIT last so long, and can it be disabled?

Связанные уроки

net-14-udp — TCP vs UDP are two poles: reliability vs speed
net-16-tcp-flow — Flow control is the next level of TCP
net-17-tcp-congestion — Congestion control builds on top of basic TCP
net-23-https-tls — TLS runs over TCP, adding encryption
net-47-container-networking — Docker networking builds on the TCP/IP stack
alg-21-dp — TCP sliding window is the same idea as DP sliding window
bt-02-osi-tcp
bt-24-connection-pooling

TCP: reliable delivery

Цели урока

Предварительные знания

Transmission Control Protocol

Three-way handshake

Sequence and Acknowledgment numbers

TCP connection states

Key ideas

Related topics

Вопросы для размышления

Связанные уроки

TCP: reliable delivery

Цели урока

Предварительные знания

Transmission Control Protocol

Three-way handshake

Sequence and Acknowledgment numbers

TCP connection states

Key ideas

Related topics

Вопросы для размышления

Связанные уроки