Here are all of the flash cards for 1.1.e Explain TCP Operations !
If you don’t have or know what Anki is, it is my favorite , free flash card program:
Here is the Anki package you may import and start using the flash cards right away:
If you prefer the plain text flash cards, here they are:
How are TCP and UDP fundamentally different?
TCP is connection oriented while UDP is not.
In the TCP Header, what is the source port?
The source port, from the perspective of the client is the source port for the connection of this TCP IP packet the client has opened to keep track of this TCP connection to the server. From the server’s perspective, when he replies to packets, his source port is the one the service was listening on.
In the TCP Header, what is the destination port?
From the client’s perspective the destination TCP port is the port the destination IP address is listening on. From the server’s perspective the destination port is the port he is sending data to so that the client knows which connection this is.
In the TCP Header, what is the sequence number?
How many bits is it? The sequence number is a 32 bit field which is randomly set for each direciton of the TCP connection. It is exchanged during the SYNCH phase of the connection.
In the TCP Header, what is the acknowledgement number?
How many bits is it? The acknowledgement number field is used for TCP hosts to let the otherside of the connection know how many bytes/sequence they have received from them. It is used to detect packet loss in the middle of a segment.
In the TCP Header, what are 6 most important TCP flags and their purpose?
URG – The urgent pointer flag tells the TCP stack to look at the urgent pointer field for directions to where the urgent sequence is. Hardly ever used.
In the TCP header, what is the window field for?
The window field is used to denote how much data this host can receive before they need to process it and ack you.
In the TCP header, what is the checksum field?
This field is similar to the IPv4 checksum header, except it differs in the fact that the TCP checksum is a checksum of the TCP header AND payload.
What is the total size of the TCP header? 20 bytes
Describe the TCP RECEIVE window and its operations.
Each host in a TCP connection sets their receive window based on how much buffer space their hardware is able to allocate. The receive window is how much data can be received before needing to send an acknowledgement back to the sender.
Describe the TCP CONGESTION/send window and its operations.
The TCP congestion window is how much data this host will send before needing an acknowledgement. This window starts off low but increases exponentially until we reach the slow start threshold. Then it increases linearly. Once congestion is encountered we half this and start over.
What is true about the relationship between the TCP receive and congestion/send window?
The congestion window CANNOT be larger than the receive window of the other host.
In TCP, give a very light description to what options are for. In TCP, options are mainly used for TCP extensions, obsolete methods of data exchange, or extra parameters that we need to exchange.
In the TCP header, what is the Urgent Pointer field?
This field is used when the urgent flag field is set in the TCP flags, this field points to a sequence of data in the payload that is urgent and must be processed first by the receiver (similar to the PSH) except this method should never be used.
In TCP, how many sequence numbers do we need to keep track of?
In TCP we need to keep track of 2 sequence numbers, one for each direction.
What does it mean when TCP sequence numbers are relative in wireshark captures?
Although TCP sequence numbers are random numbers up to 4 bil (32bit) wireshark displays them relative to the first packet (0) so that they can be read easier.
What is the max value for a TCP sequence number?
(estimate) Since the field is 32 bits large, 4 billion is the biggest value (not exact)
How do TCP sequence and Acks work? Describe their relationship.
TCP sequence numbers are used to tell the destination how many BYTES we have sent them thus far. The TCP ack field is used to tell the destination how many BYTES we have received from them thus far. It is a way for us to keep track if we missed anything, and for the destination to keep track if we missed anything, for both directions of the flow.
“Describe the flow , sequence, ack, and legth fields below on a notepad. Then compare the results to confirm you understand how seq and acks work.
Server communication – sequence = 1 , ack = 1, length = 318
In the TCP Tahoe algorithm, what happened to the congestion window when TCP encountered packetloss/timeouts?
What is TCP slow start? Describe the operation.
TCP slow start is the algorithm used to start increasing the TCP congestion window for new connections quickly. The congestion window starts at 1x the TCPMSS of the sender. Then for every ack he gets back, the window is increased by 1x the TCPMSS until the size hits the slow start threshold, or matches the receive window of the receiver.
What did the TCP Reno algorithm do better than Tahoe?
Instead of dropping the congestion window to 1x the TCPMSS value when we experience congestion, we half it. This allows us to start from the slow start threshold rather than from the beginning. Slow start only happens at the begining of the connection and not constantly.
What did TCP New Reno do better than Reno? TCP New Reno solved the problem of of multiple packet losses causing the congestion window to half multiple times to a very small value.
How does TCP selective ack work (SACK)?
This is an option in the TCP options where hosts denote that they support TCP SACK. This congestion avoidance algorithm allows the client to let the sender know which parts of the segments he has and does not have. Thus preventing retransimittion of all segments, just the missing ones.
How do hosts do eachothers TCP MSS?
When two hosts begin a connection they both send each other SYNs , in the SYNs we tell eachother what our supported maximum segment size is. (per direction)
How is MSS calculated? Maximum segment size is the IP MTU – the IP header – The TCP header
What is propogation delay?
Describe it. Propogation delay is the time it takes for the electrical signals to go from one end of the cable to the other.
What is serialization delay?
Serialization delay is the time it takes to put and pull bits on and off the wire. The more bandwidth a link has, the more bits it can serialize and deserialize from the wire.
What is data protocol delay? Data protocol delay is any delay introduced by higher level protocols to verify checksums, set up the connection (tcp 3 way, ip header checksup, ethernet FCS)
What is routing and switching delay?
This is the time it takes for the networking device to do a L2 and L3 lookup, and then process and attach the headers.
What is queueing and buffer delay?
What is the formula for bandwidth delay product? Give an example.
BDP (in bits) = bandwidth (bits) * RTT (sec)
What three solutions are available for fixing the TCP global synchronization problem?
Describe TCP global synchronization and it’s issue. ”
In TCP Options, what is the End of Options list option?
This option denotes the end of TCP options, it always comes last.
In TCP options, what is the NOP option?
This option denotes 1 bit padding, it’s used to align the options to a 32bit value for performance.
In TCP options, what is the maximum segment size?
When is it sent? This option is only when the packet is a SYN, it’s for TCP hosts to let the other side know what it’s biggest TCP payload will be.
In TCP options, what is the window scale? When is it sent? The Window scale is only used on SYNs and is used to get over the 16 bit limitation of the window size, this option is a multipler for the window size.
In TCP options, what is the timestamp?
This option is for TCP hosts to keep track of packets. It is marked on sending of the packet. It helps calculatre RTT and protect against wrapped sequences.
What are all of the fields in the TCP header?