Tcp header format explanation
Tcp protocol transfer message from one machine to other over underlying IP network. The unit is named as tcp segment. Each segment have two parts , one is tcp header and other is user or application data. In this tutorial we will explain tcp header format and details of each parameter present in header. Before any explanation of tcp header , we should know what is a header in computer network?
Each message have two parts over computer network, one is actual user or application data and another is the information in protocol defined format. Later conveys the purpose,size and the handling of message on the receiver, the control information. Which is called tcp header for tcp protocol messages. Header Should reached fist to the receiver ,than user data to process message as per protocol. In TCP, the header is added before to the tcp user data.
TCP header explanation:
For example, a web request uses TCP/IP protocol. Upon a web request from web browser, TCP adds header to the HTTP data and sends to the IP layer. On web server , TCP reads the header and finds the application address. On TCP layer an application address is the TCP port number. If finds an application for a port in tcp header , sends the contents to the serving HTTP module over that port.
Tcp header format:
Header conveys the purpose of a segment. For example, there are multiple types of segments, few are for connection management and other for carry user data. Following section shows the header and detail explanation about the header parameters.
Tcp Source Port :
First parameter in TCP header , which is a two bytes long numeric value. Over TCP an application is identified by a port number. Example, ssh port is 23, http port is 80 etc. This is the address of sender application over TCP. When an application sends the message to TCP, it specify the source port and destination port. Source port is optional , if TCP user do not set the source port, layer itself choose a port . In this case port is an ephemeral port number. Generally the value is from 1024 to 65535 is used for a ephemeral port number.
Tcp Destination Port:
Port number of the destination user of receiving TCP. It is set in TCP header by the user. The parameter is mandatory. Over a public internet, the port numbers also called well know ports. Example, a website runs over always a default port 80. Technically it can use any other port also (e.g 8080) . In that case, tcp client which is using web browser should also know the port number along with the website domain name (URL, www.website.com:8080), to browse the website.
TCP Sequence Number:
A 32 bit integer value, preset from 5 to 7 bytes in tcp header. Tcp does the sequence control using sequence number. What is sequence control in TCP and how tcp sequence number does the job ? When sender sends the messages to the receiver, TCP uses IP network to reach the destination. There might be multiple paths to reach from source to destination. This may lead to the situation where the message sent earlier reaches to the destination later. For example, sender sends two messages MSG1 and MSG2 with sequence numbers 100 and 101 respectively. On receiver, MSG2 reaches first. This creates the sequencing issue. Because , for correct processing MSG1 should be sent to the application first than MSG2. To handle message sequencing, TCP waits for the MSG1 . When MSG1 arrives , TCP sends the MSG 1 and then MSG2 to the application.
Acknowledgement Number (TCP Ack):
TCP is a reliable protocol. What does this mean? This mean that tcp , make sure that a message sent to the remote layer has been received. It does this by using tcp ack number. This is a 32 bits numeric value in tcp header. Ack number , is set by the receiver. The value signifies the expecting next sequence number segment from sender. Next example is the detail explanation of the TCP Ack number usage in protocol.
There is client which is sending TCP segments M1, M2, and M3 to tcp server with sequence numbers 100, 101 and 1002 respectively. It sends M1 and M2 then wait for the ack from remote, before sending M3. Receiver sends the ACK to the sender, after receiving both M1 and M2. Value 102 will be as sequence number in tcp header of ACK segment. Now sender will send the M3. Here you might thinking , how tcp decides , how many segment should it sent at a single time. We will cover this in coming section for Window.
TCP Header Size (HLen) :
In beginning , we have mention that , receiver TCP, uses header to read the application data. A tcp message is stream of bytes with header and data.To read user bytes, tcp should know how many bytes are present for header before user data. This is determined by the 4 bits value in header. It is variable in nature and always multiple of 32 bits. The variable in nature because , there may be few values those and optional. Generally TCP header size is 20 bytes. In that case there is no optional parameter is present.
As name suggest , reserved. Can not use , may be tcp header will use in future.
First thing we should know, what is a tcp flag in header ? A Flag is a parameter of length of one bit. So a tcp flag may have value either zero or one. If value is one , the TCP flag is set and corresponding content is present in message. If set to zero means flag is not set. Tcp flags are set of 6 bits. Each bit represent a TCP segment type in tcp header. Following is the possible TCP flags and tcp segments. These are six bits from left to right.
URG – If Urgent Pointer Field is valid and then urgent pointer value is set.
ACK – Acknowledgement segment. Have set acknowledgement sequence number in tcp header.
PSH Flag – Push request. To understand the meaning of this flag , first we will discuss how the network optimization is done in tcp. TCP breaks the application message into bytes. A tcp segment carries the user bytes and a tcp header. How big a segment will be decided by the layer for optimization of network usage. For example, if tcp keep sending a very less number of bytes in a segment. The network will be flooded with the too many messages and there are changes for network congestion too. The destination layer , will keep busy most of the time , processing of message rather than application. To overcome this problem, TCP try to send maximum number of bytes in a single segment. Maximum Transmission Unit (MTU) is the network parameter which decides the size.
This may cause delays in outgoing messages , as layer will buffer the bytes till sufficient bytes are received, Once it gets the sufficient number then transfer to the network.
The buffering is fine , if there are no real time requirements. But there are application requirements , where data should be deliver in real time from one end to another. For example, you are watching a online video , if data is slow due to buffering then user experience will not good. To overcome, TCP provides a mechanism where application can instruct the layer not to buffer user data. Once the no buffering is set tcp sends the segments immediately. The setting results in PSH flag set in TCP header.
How receiver side uses PSH flag ? On sender , there is no wait then question comes in mind, why PSH flag is set in message too? Answer is that, the real time communication is between the applications. So even on sending side there is not wait. The receive should not also wait for more segments for sending bytes to the user application for a real time data. Once receiver see the Push flag in header, it delivers pending bytes immediately to the application.
FIN and RST-Flag: TCP does reset connection when errors can not recover for a connection. We have a detail tutorial for tcp connection termination. For FIN and RST segments.
SYN Flag : Flag is set in tcp header , for the segment which is for tcp connection setup.
It is a 32 bit parameter in tcp header. The usage in flow control. The flow control , we will discuss in another tutorial. Window contains the size of the receiver window.
Tcp Checksum :
Checksum is 16 bit value. Sender tcp computes the checksum and set in header, before sending to receiver. On receiving side, again checksum is computed and matched. If does not match, means segment is corrupted and it is discarded. The purpose of checksum is to make ensure that tcp segment is not altered over network.
As name suggest , it is something which should process immediately. When URG flag is set, parameter tells how many bytes are urgent. Receiver side sends the urgent bytes fist to the application. So you can consider this as out of band data,
These are optional parameters.
User Data :
This the last thing in tcp header. Actual application data from user e.g HTTP .