Computer Network
    TCP Protocol Explained

    TCP Protocol Explained

    Five-Layer Protocol Stack

    The five layers: application, transport, network, data link, and physical.

    The OSI seven-layer model splits the application layer into application, presentation, and session layers.

    Reliable Transmission

    TCP achieves reliable transmission through checksums, sequence numbers, acknowledgment responses, retransmission control, connection management, and window control.

    The ACK acknowledgment response increases reliability. When data goes out, we wait for confirmation.

    No ACK doesn’t always mean the other side didn’t receive the data. The acknowledgment might have been lost on its way back. After a certain time interval, the sender retransmits based on the sender’s sequence number and the next sequence number the receiver expects.

    How Do We Set Retransmission Timeout?

    We find the shortest time for acknowledgment return based on network conditions. Each packet calculates RTT (round-trip time). If no acknowledgment comes back, the waiting time doubles, then quadruples, and so on. After enough retries without response, the connection closes.

    Three-Way Handshake

    Connection establishment takes three packets:

    SYN ->     connect() dials the number
<- SYN, ACK    connect returns, accept() blocks  
ACK ->     confirmation   accept() returns client ID

    Why do we need the third handshake? It prevents expired connection requests from A from reaching B and wasting B’s resources. The third handshake ensures B knows A really wants to connect now, since expired requests won’t get that final ACK from A.

    Four-Way Wave

    Connection termination uses four packets:

    FIN ->      enters wait state, closes pipe A to B
<- ACK      confirms; B might still send data to A
<- FIN, ACK   also waits for final A confirmation, starts timeout retransmit
-> ACK       B to A pipe closes, A waits 2MSL before closing to prevent old connection requests

    TIME_WAIT state serves two purposes:

    1. Reliably terminates full-duplex TCP connections (may need to retransmit final ACK)
    2. Allows old duplicate segments to disappear from the network

    Congestion Control

    Congestion avoidance: exponential increase of congestion window until it reaches or exceeds the slow start threshold, then linear increase.

    Fast retransmit: tells sender about individual packet loss (not network congestion). Receiver sends 3 consecutive ACKs. Congestion window halves and sets to slow start threshold, then uses congestion avoidance for linear increase.

    Flow Control

    TCP always tells the peer how many bytes it can receive at any time. This prevents buffer overflow by ensuring data doesn’t exceed buffer size. When receiving data, the window shrinks. When the receiving application reads from the buffer, the window grows again. Slow receivers must wait.

    TCP sets a persistence timer for each connection. When one side receives zero-window messages from the other, it starts this timer. After expiration, it sends zero-window probe messages. The other side returns current window values. If still zero, it resets the timer and repeats. If not zero, normal sending continues.

    Packet Splitting and Merging

    Splitting and merging happen because TCP is a byte stream protocol with no record boundaries. The application layer must determine complete business packets. This creates the packet segmentation mechanism—we maintain message boundaries in the application layer.

    Two common solutions:

    1. Special character control, like FTP protocol
    2. Add packet length in header, like HTTP protocol

    Nagle Algorithm

    This merges small packets (like buffer caching) to reduce packet count and improve TCP network efficiency, reducing congestion.

    Silly window syndrome: applications may take only a few bytes each time, causing the receiver to send very small window values. The receiver waits a while or until half the space is free before cumulative acknowledgment, returning larger window values and improving network efficiency.

    IPv6 vs IPv4

    IPv6 uses Internet Control Message Protocol version 6 (ICMPv6) to embed these functions into IP itself as part of stateless autoconfiguration and neighbor discovery algorithms. It doesn’t need ARP protocol like IPv4.

    Interview Questions

    What are the five tuples in TCP/IP? Source IP, source port, destination IP, destination port, transport protocol.

    SSL ProtocolUDP Protocol