TCP Connection Management

Yuli Aria Winata
Introduction TCP Connection Establishment TCP Options Path MTU Discovery with TCP TCP State Transitions Reset Segments
Problem of communication environment is medium may lost or not correctly received Some way to avoid this are
Handling Errors Try sending again
Approach to try sending packets until it is received correctly called Automatic Repeat Request.
ARQ requires way to determine the packet has been arrived and not duplicated. The receiver might receive duplicate copies of the packet. This problem is addressed using a sequence number. The method for a receiver to signal to a sender that it has received a packet is called an acknowledgment, or ACK.
TCP is more complicated protocol than UDP TCP must established a connection TCP connection is defined to be a 4-tuple, which is Client_IP, Client_port, Server_ip, Server_port
Algorithms to prevent that the sender overruns the receiver with information TCP implements sliding window flow control Some parameters returned to to the sender are :
AckNo
32 bits
window size (win)

16 bits
The interpretation is:

I am ready to receive new data with SeqNo= AckNo, AckNo+1, ., AckNo+Win-1
Algorithms to prevent that the sender overloads the network Congestion window is adjusted based on feedback from the network
Often called three way handshake. The purpose are to let each other know that connection is starting.
SYN : Synchronization ACK : Acknowledgement ISN : Initial Sequence Number
(c) : Client (s) : Server (options) : TCP Options
Traditionally, it was most common for the client to initiate a close. However, other servers (e.g., Web servers) initiate a close after they have completed a request.
FIN : Finish ACK : Acknowledgement Seq : Sequence Number
(c) : Client (s) : Server (options) : TCP Options K = Current Seq number L = Last data sent
TCP Half-Close
Passive opener can still send a data even after
Active Opener have sent FIN Segments
Simultaneous Open and Close

Requires each end to have an IP address and port
number. Both ends act as client and server.
Before establish connection, a device chooses an ISN. Sequence number also represents vulnerability of TCP. In modern System, ISN selected in semi-random way. Linux use clock based scheme, but starts the clock at random offset for each connection. The offset chosen as secret input for a hash function and changed every 5 minutes. This produces ISN that is difficult to guess, but also increases overtime
Client : 192.168.35.130 : 3323 Server : 10.0.0.2 : 80 Protocol : TCP Row 1-3 Connection setup Row 4-7 Connection close
FIN : Finish SYN : Synchronization ACK : Acknowledgement ISN : Initial Sequence (Seq) Number
(c) : Client (s) : Server K = Current Seq number L = Last data sent
1. SYN | Seq : 685506836 (ISN(c)) -> 2. <- SYN+ACK | Seq : 1479690171 (ISN(s)), Ack : 685506837 (ISN(c) + 1) 3. ACK | Seq : 685506837 (K = ISN(c)) , Ack : 1479690172 (L = ISN(s) + 1) -> 4. FIN+ACK | Seq : 685506837 (K) , Ack : 1479690172 (L) -> 5. <- ACK | Seq : 1479690172 (L) , Ack : 685506838 (K + 1) 6. <- FIN+ACK | Seq : 1479690172 (L) , Ack : 685506838 (K + 1) 7. ACK | Seq : 685506838 (K) , Ack : 1479690173 (L + 1) ->
Timeout of Connection Establishment

If connection is timeout, the request will be sent
again using exponential back-off behavior
Connection and Translators (NAT with TCP)

NAT know from SYN bit field in a segment Determine fully established by looking for SYN +
ACK and AC segments
No. Time 1
3 (a) 6 (a x 2) 12 (b x 2) 24 (c x 2) 48 (d x 2)
Source
Destination
Protoc ol TCP TCP TCP TCP
0.000000 2.997928 8.997962 20.997942 44.997936
192.168.10.144 192.168.10.180 TCP 192.168.10.144 192.168.10.144 192.168.10.144 192.168.10.144 192.168.10.180 192.168.10.180 192.168.10.180 192.168.10.180
2 3 4 5 6
92.997937 192.168.10.144 192.168.10.180 TCP
Let the sender place two 4-byte timestamp. Sender place Timestamp value (TSV or TSval) Receiver echoes back using Timestamp Echo Retry field (TSER orTSerc) Provide a way for the receiver to avoid receiving old segment and considering it as valid.
User Timeout (UTO)

Specify amount of time a TCP sender is willing to
wait for ACK before concluding that the remote end has failed.
TCP-AO
Used to enhance the security of TCP Connection
TCP regular PMTUD process operates as follows.

Connection Established Use Minimum MTU or MSS announced by the
other end. If Packet Too Big (PTB) received retransmits signal, it will use different segment size
If PTB contains next hop MTU, segment size use next hop MTU (minus the TCP header) If not, sender may try variety of values
Linux(GW)# ifconfig ppp0 mtu 288 Linux(C)# sysctl -w net.ipv4.route.min_pmtu=68
Open 1. Server Listening 2. Client Open, Send SYN 3. Server Recv SYN, Server send SYN + ACK 4. Client Recv SYN + ACK, Send ACK 5. Server Recv ACK Close 1. Client Close, Send FIN 2. Server Recv FIN, Send ACK 3. Client Recv ACK 4. Server Close, Send FIN 5. Client Receive FIN, Send ACK
4 5 4 1 2 3 5
Server and client above is only to make this diagram easier to understand. In real world both server and client can be Active/ Pasive opener/closer
State where TCP wait for a time equal to twice the Maximum Segment Lifetime (MSL). Since if the last ACK is lost, the other side will need to retransmit the FIN segment. The connection (IP, port) cannot be reused until the 2MSL wait is over. Normally client does the active close and go to TIME_WAIT state.
What if the connection crash and reboot with the same IP, Port? Can be misinterpreted as the new connection. To protect against this scenario, TCP should wait an amount of time equal MSL before creating any new connection.
What if FIN segment lost? FIN_WAIT_2 can be in this state forever. There is a timeout variable that can be adjusted to prevent this.
Reset is sent by TCP whenever a segment arrives does not correct. Type of causes that make a reset segment
Connection request to non-existent port. Aborting a connection Half-Open Connections TIME-WAIT Assassinations (TWA)
TCP Bigger header Connection Based (3 way handshake) If packet get dropped, It will be sent again. TCP will re-oder the packets Delay transmission when the network is congested.
UDP Smaller Header Connectionless No Compensation for lost packet. Packet can arrive out of order No congestion control
http://www.itcertnotes.com/2011/04/dissectin g-tcp-and-ip-header-fields.html UDP and TCP: Comparison of Transport Protocols [Video]. (2013). Retrieved April, 2014, from http://www.youtube.com/watch?v=Vdc8TCE SIg8 http://www.tcpipguide.com/free/t_TCPSlidin gWindowDataTransferandAcknowledgement Mech-2.htm

TCP Connection Management

Uploaded by

Copyright:

Available Formats

TCP Connection Management

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

TCP Connection Management

Uploaded by

Copyright:

Available Formats

Yuli Aria Winata

window size (win)

The interpretation is:

SYN : Synchronization ACK : Acknowledgement ISN : Initial Sequence Number

(c) : Client (s) : Server (options) : TCP Options

FIN : Finish ACK : Acknowledgement Seq : Sequence Number

Active Opener have sent FIN Segments

Simultaneous Open and Close

number. Both ends act as client and server.

Timeout of Connection Establishment

again using exponential back-off behavior

Connection and Translators (NAT with TCP)

ACK and AC segments

Protoc ol TCP TCP TCP TCP

0.000000 2.997928 8.997962 20.997942 44.997936

92.997937 192.168.10.144 192.168.10.180 TCP

User Timeout (UTO)

TCP regular PMTUD process operates as follows.

Linux(GW)# ifconfig ppp0 mtu 288 Linux(C)# sysctl -w net.ipv4.route.min_pmtu=68

You might also like