![]() ![]() I highlighted all the fields:Ībove you can see the source and destination port. Here’s an example of the first part of the TCP three way handshake. To see these fields in action, it’s best to play around with wireshark. Options: this field is optional and can be anywhere between 0 and 320 bits.Urgent pointer: these 16 bits are used when the URG bit has been set, the urgent pointer is used to indicate where the urgent data ends.Checksum: 16 bits are used for a checksum to check if the TCP header is OK or not.It does so by specifying the number of bytes beyond the sequence number in the acknowledgment field. It is used so the receiver can tell the sender that it would like to receive more data than what it is currently receiving. Window: the 16 bit window field specifies how many bytes the receiver is willing to receive. ![]() This is the normal method how we end an connection. TCP is full duplex so both parties will have to use the FIN bit to end the connection. FIN: this finish bit is used to end the TCP connection.SYN: we use this for the initial three way handshake and it’s used to set the initial sequence number.This is only used when there are unrecoverable errors and it’s not a normal way to finish the TCP connection. RST: this resets the connection, when you receive this you have to terminate the connection right away.This tells an application that the data should be transmitted immediately and that we don’t want to wait to fill the entire TCP segment. When this bit is set, the data should be treated as priority over other data. We use them to establish connections, send data and terminate connections: Flags: there are 9 bits for flags, we also call them control bits.RSV: these are 3 bits for the reserved field.It indicates the length of the TCP header so that we know where the actual data begins. DO: this is the 4 bit data offset field, also known as the header length.This value will be the sequence number incremented by 1. Acknowledgment number: this 32 bit field is used by the receiver to request the next TCP segment.Protocol analyzers like wireshark will often use a relative sequence number of 0 since it’s easier to read than some high random number. The receiver will use this sequence number and sends back an acknowledgment. When you establish a new TCP connection (3 way handshake) then the initial sequence number is a random 32 bit value. Sequence number: the sequence number is a 32 bit field that indicates how much data is sent during the TCP session.Destination port: this is a 16 bit field that specifies the port number of the receiver.Source port: this is a 16 bit field that specifies the port number of the sender.In this lesson we will take a closer look at the TCP header and its different fields. TCP (Transmission Control Protocol) is a reliable transport protocol as it establishes a connection before sending any data and everything that it sends is acknowledged by the receiver. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |