The TCP Datagram
I wanted to know and now you can too (part 2).
rfc 791 (IP),
rfc 792 (ICMP),
rfc 793 (TCP),
rfc 768 (UDP),
rfc 826 (ARP),
rfc 903 (RARP)
- source port number &
- destination port number (16 bits each)
The source and destination port numbers that identify the tcp connection.
- sequence number (32 bits)
The sequence number of the first data byte in the packet. Unless the syn flag is set
in which case the sequence number is the isn (initial sequence number) and the first
data byte has a sequence number of isn + 1.
- acknowledgement number (32 bits)
If the ack bit is set, this number is the next sequence number the sender of the packet
expects to receive. After a connection is established, the ack bit will always be set
and this number will always be used.
- data offset (4 bits)
The number of 32 bit words in the tcp header which will probably be five (5) unless
you use options. You can also think of it as the
offset of the data in the tcp packet.
- (reserved) (6 bits)
Reserved for future use. Must be zero. Whatever.
- urgent flag (1 bits)
If the urgent flag is set, it indicates that the urgent pointer is valid and points
to urgent data. Simple enough, eh? Urgent data is data that should be acted upon
as soon as possible, even before "normal" data that may be waiting should be processed.
- ack (acknowledgement) flag (1 bits)
The ack flag says that the ack number is valid. The packet is at least an acknowledgement
of data that has been received.
- push flag (1 bits)
The push flag tells the receiving end of the tcp connection to "push" all buffered data
to the receiving application. It basically says "done for now".
- reset flag (1 bits)
Resets the receiving end of the tcp connection. Erroneous packets are responded to with
this flag set, for example, an ack to a packet you never sent.
- syn (synchronize) flag (1 bits)
The syn flag is set for the opening packets of a tcp connection where both ends have
to "synchronize" their tcp buffers and set up whatever.
- fin (finished) flag (1 bits)
This flag signifies that the sending end will not be sending any more data.
- receive window size (16 bits)
An advertisement of the amount of open space in the receive buffer for the given
- checksum (16 bits)
A sixteen bit checksum on the tcp header (including, of course, any tcp options
that are present), data, and a 96 bit pseudo header made up of:
"The checksum field is the 16 bit one's complement of the one's
complement sum of all 16 bit words in the header. For purposes of
computing the checksum, the value of the checksum field is zero."
(At least, according to rfc 791). My interpretation: one's complement
each sixteen bit word in the header, add all these quantities (drop
carries) and then one's complement that sum. In both instances of the
tcp length (one in the tcp header and one in the pseudo header) the
twelve bytes of pseudo header are not counted. If the length of the
tcp data is odd, it is padded with a zero octet for checksum purposes
but the octet is not counted in the length.
|source ip address|
|destination ip address|
- urgent pointer (16 bits)
The presence of urgent data is signified by setting the urgent flag.
This pointer is then used as an offset from the acknowledgement number of the current
packet to point to the octet following the urgent data.
- options (variable)
Simpler than ip options, tcp options are a single byte
for the option type, and then a length byte and data bytes, if the type requires it.
Currently implemented options are
End of option list is used to signify the end of the options, in case the end
of the option bytes does not coincide with the end of the tcp headers.
|0||-||end of option list|
|2||4||maximum segment size|
No operation is to be used as padding between options perhaps to align subsequent
options for greater ease of use.
Maximum segment size sepcifies the maximum receive segment size the sending tcp
would like to receive. This option (if desired) must be sent in the initial syn
packet. If not used, any segment size is allowed.
- padding (variable, fills out the 32 bit words)
Again, zeroes to fill up the tcp header and make it an even multiple of 32 bits.
- data (variable)
Data from whatever you're doing (telnet, ftp, http, and so on) goes here. Since
tcp provides a reliable end-to-end stream of data to whatever your application is,
it's up to you to implement your own protocol inside it, just like telnet and ftp