TCP Protocol

TCP/IP is a suite of protocols first established in 1982 by DCA and ARPA and quickly adopted by the Department of Defense. It was created so that different computer networks could have a common language to talk to one another with. The pentagon originally wanted the internet to be a network which would not breakdown in the event of a nuclear attack, and TCP/IP was the first time computer networks were connected to one another to truly form the internet as we view it today. TCP/IP includes not only Transport Control Protocol (TCP) and Internet Protocol (IP), but also other protocols such as User Datagram Format (UDP).

As covered in the previous section, the TCP/IP model differs slightly from the OSI. While discussing TCP/IP, we'll be using that model, which has TCP receiving data from the Application layer and then handing it off to the Network layer (which is IP). TCP creates "segments" or "user datagrams" by taking the information from the Application layer and adding a header to it. Since TCP is responsible for Port to Port addressing, it uses a 16bit process port to identify who it wants to talk to. This means that TCP deals with program to program, not machine to machine. It works by opening up a stream or virtual circuit between the two ports, which begins by alerting the receiver to expect information and ends by an explicit termination signal. Since every segment received is answered with an acknowledge, TCP is a reliable stream delivery service. This just means that the information is "guaranteed" to arrive, or an error will be returned. Note that this differs from UDP and IP, which will be discussed later.

Below is a diagram of a TCP segment, followed by a short explanation of what each element does.

A description of each of the header components of the TCP segment and their size in bits follows:

Source Port Address (16)-

The address of the application that is generating the segment.

Destination Port Address (16)-

The address of the application that will receive the segment.

Sequence Number (32)-

Position of data in the original data stream (if it has been split).

Acknowledge Number (32)-

Acknowledges the acceptance of data from the other device.

H Len (4)-

Header Length. Number of 4 byte words used in header (0-60 bytes).

reserved (6)-

--reserved for future use--


Urgent Bit validates the Urgent Pointer field.


Acknowledge Bit, set if the Acknowledge Number field is being used.


Push Bit tells the sender that a higher throughput is required.


Reset Bit resets the connection when there's conflicting sequence numbers.


Sequence Number Synchronization. Used in 3 types of segments: connection request, connection confirmations (with ACK) and confirmation termination (with FIN) in 3 types of segments: terminal request, terminal confirmation (with ACK) and acknowledgement of terminal confirmation (with ACK).


Used with SYN to confirm termination of connections.

Window Size (16)-

Defines the size of the "sliding window."

Checksum (16)-

Error checking and correction.

Urgent Pointer (16)-

Valid if URG is set, it defines the end of the urgent data.

Options and Padding (variable)-

Additional information for alignment purposes (see below).


A TCP connection loop is initialized in the following manner:

This three-way handshaking allows a connection even if both machines try to start a connection at the same time. In addition, it sets up the initial sequence numbers (x and y) to be used later. Disconnection of the virtual circuit looks similar:

The routine is fairly obvious, one machine informs the other to terminate the connection. It acknowledges, tells the application layer that it's ending the connection and sends a FINish command with its sequence number, and when it receives the ACKnowledge, the virtual circuit is killed.

TCP sees the stream of data as a sequence of octets (8 bytes), which it then divides into segments and hands off to the IP layer. However, TCP also keeps track of the data stream with a sliding window, which tracks the octets. Both the sender and the receiver of the TCP stream keep a sliding window, which would look something like this:

If this were the sender's side, it would represent what octets had been sent and acknowledged by the receiver (in this case 1), which ones had been sent but not acknowledged yet (2-3), the octets it is in the process of sending (6-8) and the octets that it will send when the sliding window has moved (9+). If nothing changes, then 6-8 will be sent and then the sender will halt transmission, having reached the end of the window. More likely, the receiver will have acknowledged some octets by then, and the entire sliding window will move on down the stream. Note that this window size is not constant, it is decided at the initial setup of the connection by the options. Included with every acknowledge that the receiver sends is a window advertisement which specifies how many additional octets the receiver is prepared to accept (the front part of its window). This would cause the sender's window size to increase, and the opposite would occur if the receiver specified a decreased window advertisement.

The sender also keeps something called a congestion window, which is very similar except that it is maintained to compensate for interference between the two ports. It starts as just being the size of one segment, that being agreed to during the initial connection setup. This size is recommended to be at most 536bytes if the endpoints or on different physical networks. Each time the sender receives an acknowledge, it increases the congestion window by one. Upon the loss of a segment, the sender will reduce the window by one half and the retransmission timer will slow down exponentially. In this way, TCP transmits as rapidly as possibly over changing network conditions.


Read about UDP or IP protocols.

return to the index
Send comments to: