What is the TCP sequence number? How it is used for reliable and sequence delivery?
No packet loss is defined as reliable, and sequence delivery ensures that the receiver application receives packets in the same order as the sent.
TCP requires a unique identifier for each byte sent/received to achieve both functionalities. The sequence number is the name of the identifier. The TCP sequence number is a four-byte number that uniquely identifies each byte in a TCP stream.
There are two streams in a TCP connection, one in each direction. For outgoing messages, use the outgoing stream, and for incoming messages, use the incoming stream. For outgoing segments/bytes, each end keeps a sequence number counter, and for incoming bytes or segments, an acknowledgment counter.
When a TCP endpoint sends a message on an outgoing stream, the sequence number increases. The number of bytes sent is the increment value. For instance, suppose the initial counter value is N and four bytes are sent one by one. N, N + 1, N+2, and N+3 will be the sequence numbers.
When the TCP endpoint receives messages from the far end, the acknowledgment counter increases in a similar way.
Size of sequence number :
A TCP sequence number is a four bytes value or 32 bits value. Value can be from 0 to 2^32 – 1 (4,294,967,295). After reaching the largest value, TCP will continue with the value of zero. Looks like there can be a problem with having two packets with the same sequence numbers for a long-duration session? But no, the TCP window maximum size is 2^16 – 1. This means if the sequence number has reached the limit of 2^32 – 1, means, sequence numbers from 0 to 2^16, have been already acknowledged.
Initial sequence number(ISN) in TCP :
TCP initializes sequence number counters at the time of TCP connection establishment. The initial values are called initial sequence numbers. As per TCP specification, the initial value needs not to be zero (it may be any random number). SYN is the first TCP segment from the client to the server in a three-way handshake, for the connection setup procedure. SYN segment has an SYN flag set in the TCP header and a sequence number value. SYN uses the first value of a sequence number, which is zero.
If the server is ready to accept the connection, there is a new SYN (from server to connection setup) and ACK (for received SYN from the client) from the server. Header flag bits are set for SYN and ACK in a TCP single segment. SYN has an initial sequence number from the server and the acknowledgment number has the next expected sequence number from the client.
After getting SYN from the server, the client sends ACK, with the acknowledgment number. The value is the next expected sequence number from the server. Now client and server are ready with sequence numbers on each end, for reliable and sequenced delivery of messages.
TCP sequence Number analysis with an example:
Here we will cover TCP sequence numbers in detail with a live capture example. The example has relative sequence numbers, so the sequence number starts from zero. This makes it easy to analyze a capture and a good example to understand.
TCP capture setup:
We have captured traces for a TCP communication with the help of client and server socket programs. Both programs are executed on the same machine in loopback, using loopback address 127.0.0.1. The server listens on port 5000 for TCP connection from the client. The following are the sequence for example capture.
- Clients connect to the server.
- The server Accepts the connection.
- A client sends data of 13 bytes in length.
- The server sends the data of 11 bytes in length.
- The server closes the connection after two seconds.
Sequence Number while connection setup(1 to 3):
During connection setup, each TCP end initializes the sequence and acknowledgment numbers. The first SYN message from the client to the server has a sequence number and acknowledgment number as zero. The client lets know the server that, its own sequence number is zero and expects the next segment from the server with sequence number zero.
The server accepts the connection and sends the SYN and ACK segments. The sequence number is zero and the acknowledgment number is 1 (server received one byte (SYN) from the client and expects the next segment to start from 1).
The client responds with ACK with Sequence number as 1 and acknowledgment number as 1. This means the client’s sequence number is 1 and expecting the next segment from the server with sequence number 1.
Data transfer and sequence number(4 to 7):
After connection setup, the client sends a segment of 13 bytes in length and advances the sequence number to 14. The server acknowledges the segment with an ACK, having a sequence number as 1 and an acknowledgment number as 14 ( 1+ 13), The next expected sequence number from the client is 14 now.
The server sends the data of 11 bytes in length with sequence number 1 and acknowledgment number 14.
Clients accept the data and send the sequence number as 14 and acknowledge the number as 12. Any further segment from the server will have 12 as the sequence number.
TCP Connection termination and sequence number(8 to 10):
While data transfer each side has incremented, its own sequence number and acknowledgment number. The client has sequence number 14 and server 12 for the next segment to send. When the server closes the connection it sends FIN and ACK, with sequence number 12 and acknowledgment number 14. The client has received all bytes till 11 and after FIN, the next expected sequence number from the server is 13. Which is shown in step 9. This step also has a FIN, for closing the connection in another direction. Finally, the server sends the ACK and the connection closes in both directions.
TCP sequence numbers have significance during the whole life cycle of a TCP connection. It starts at the time of connection setup and ends at the time of connection termination. During communication, each byte has a sequence number.