The TCP Segment Header
The below Figure (A) shows the layout of a TCP segment header. Every segment begins with a fixed-
format, 20-byte header. The fixed header may be followed by header options. After the options, if any, up to
65,535 − 20 − 20 = 65,495 data bytes may follow, where the first 20 refer to the IP header and the second to the
TCP header. Segments without any data are legal and are commonly used for acknowledgements and control
messages.
Figure (A): The TCP Header format
The Source port and Destination port fields identify the local end points of the connection. A TCP port
plus its host’s IP address forms a 48-bit unique end point. The source and destination end points together identify
the connection. This connection identifier is called a 5 tuple because it consists of five pieces of information: the
protocol (TCP), source IP and source port, and destination IP and destination port.
The Sequence number specifies the sequence number of TCP segment or TPDU and Acknowledgement
number specifies the next in-order byte expected, not the last byte correctly received. It is a cumulative
acknowledgement because it summarizes the received data with a single number. It does not go beyond lost data.
Both are 32 bits because every byte of data is numbered in a TCP stream.
The TCP header length tells how many 32-bit words are contained in the TCP header. This information is
needed because the Options field is of variable length, so the header is, too.
Next comes a 4-bit field that is not used. The fact that these bits have remained unused for 30 years (as only
2 of the original reserved 6 bits have been reclaimed) is testimony to how well thought out TCP is.
Now come to eight 1-bit flags. CWR and ECE are used to signal congestion when ECN (Explicit Congestion
Notification) is used. ECE is set to signal an ECN-Echo to a TCP sender to tell it to slow down when the TCP
receiver gets a congestion indication from the network. CWR is set to signal Congestion Window Reduced from
the TCP sender to the TCP receiver so that it knows the sender has slowed down and can stop sending the ECN-
Echo.
URG is set to 1 if the Urgent pointer is in use. The Urgent pointer is used to indicate a byte offset from the
current sequence number at which urgent data are to be found. This facility is the way of allowing the sender to
signal the receiver without getting TCP itself involved in the reason for the interrupt.
The ACK bit is set to 1 to indicate that the Acknowledgement number is valid. This is the case for nearly all
packets. If ACK is 0, the segment does not contain an acknowledgement, so the Acknowledgement number field
is ignored. The PSH bit indicates PUSHed data. The receiver is hereby kindly requested to deliver the data to the
application upon arrival and not buffer it until a full buffer has been received.
The RST bit is used to abruptly reset a connection that has become confused due to a host crash or some
other reason. It is also used to reject an invalid segment or refuse an attempt to open a connection. In general, if
you get a segment with the RST bit on, you have a problem on your hands.
The SYN bit is used to establish connections. The connection request has SYN = 1 and ACK = 0 to indicate
that the piggyback acknowledgement field is not in use. The connection reply does bear an acknowledgement,
however, so it has SYN = 1 and ACK = 1. In essence, the SYN bit is used to denote both CONNECTION
REQUEST and CONNECTION ACCEPTED, with the ACK bit used to distinguish between those two
possibilities.
The FIN bit is used to release a connection. It specifies that the sender has no more data to transmit.
However, after closing a connection, the closing process may continue to receive data indefinitely. Both SYN
and FIN segments have sequence numbers and are thus guaranteed to be processed in the correct order.
Flow control in TCP is handled using a variable-sized sliding window. The Window size field tells how
many bytes may be sent starting at the byte acknowledged. A Window size field of 0 is legal and says that the
bytes up to and including Acknowledgement number − 1 have been received. The receiver can later grant
permission to send by transmitting a segment with the same Acknowledgement number and a nonzero Window
size field.
A Checksum is also provided for extra reliability. It checksums the header, the data, and a conceptual
pseudoheader in exactly the same way as UDP, except that the pseudoheader has the protocol number for TCP
(6) and the checksum is mandatory.
The Options field provides a way to add extra facilities not covered by the regular header. Many options
have been defined and several are commonly used. The options are of variable length, fill a multiple of 32 bits
by using padding with zeros, and may extend to 40 bytes to accommodate the longest TCP header that can be
specified. Some options are carried when a connection is established to negotiate or inform the other side of
capabilities.
User Datagram Protocol(UDP):
The Internet has two main protocols in the transport layer, a connectionless protocol and a connection-
oriented one. The protocols complement each other. The connectionless protocol is UDP. It does almost nothing
beyond sending packets between applications, letting applications build their own protocols on top as needed. The
connection-oriented protocol is TCP. It does almost everything. It makes connections and adds reliability with
retransmissions, along with flow control and congestion control, all on behalf of the applications that use it.
Introduction to UDP
The Internet protocol suite supports a connectionless transport protocol called UDP (User Datagram
Protocol). UDP provides a way for applications to send encapsulated IP datagrams without having to establish
a connection.
UDP transmits segments consisting of an 8-byte header followed by the payload. The header is shown in
Figure (B). The two ports serve to identify the endpoints within the source and destination machines. When a
UDP packet arrives, its payload is handed to the process attached to the destination port. This attachment
occurs when the BIND primitive. Think of ports as mailboxes that applications can rent to receive packets.
Without the port fields, the transport layer would not know what to do with each incoming packet. With them,
it delivers the embedded segment to the correct application.
Figure (B): The UDP header
The source port is primarily needed when a reply must be sent back to the source. By copying the Source port
field from the incoming segment into the Destination port field of the outgoing segment, the process sending
the reply can specify which process on the sending machine is to get it.
The UDP length field includes the 8-byte header and the data. The minimum length is 8 bytes, to cover the
header. The maximum length is 65,515 bytes, which is lower than the largest number that will fit in 16 bits
because of the size limit on IP packets.
An optional Checksum is also provided for extra reliability. It checksums the header, the data, and a conceptual
IP pseudoheader. When performing this computation, the Checksum field is set to zero and the data field is
padded out with an additional zero byte if its length is an odd number. The checksum algorithm is simply to
add up all the 16-bit words in one’s complement and to take the one’s complement of the sum. As a
consequence, when the receiver performs the calculation on the entire segment, including the Checksum field,
the result should be 0.
Figure (C): The IPv4 pseudoheader included in the UDP checksum.
The pseudoheader for the case of IPv4 is shown in Figure (c). It contains the 32-bit IPv4 addresses of the
source and destination machines, the protocol number for UDP (17), and the byte count for the UDP segment
(including the header). Including the pseudoheader in the UDP checksum computation helps detect misdelivered
packets. TCP uses the same pseudoheader for its checksum.
Some of the things that UDP does not do. It does not do flow control, congestion control, or retransmission
upon receipt of a bad segment. All of that is up to the user processes. What it does do is provide an
interface to the IP protocol with the added feature of demultiplexing multiple processes using the ports
and optional end-to-end error detection. That is all it does.
An application that uses UDP this way is DNS (Domain Name System). In brief, DNS is a program that
needs to look up the IP address of some host name, for example, www.cs.berkeley.edu, can send a UDP
packet containing the host name to a DNS server. The server replies with a UDP packet containing the
host’s IP address. No setup is needed in advance and no release is needed afterward.