The three-way handshake: How a TCP connection is established in detail
Prerequisites for establishing a valid TCP connection: Both endpoints must already have a unique IP address (IPv4 or IPv6) and have assigned and enabled the desiredport for data transfer. The IP address serves as an identifier, whereas the port allows the operating system to assign connections to the specific client and server applications.
What is the structure of the TCP header?
Typically, the header of a TCP packet contains the data required for connection and data transmission with the Transmission Control Protocol. This header data (which contains control information) precedes the payload to be transferred and is typically 20 bytes (160 bits) in size. It is followed by up to 40 bytes (320 bits) of additional information, which is optional and not used in all packets.
The individual components or fields of the header of the TCP protocol have the following meaning:
Source port (16 bits): Identifies the port number of the sender.
Destination port (16 bits): Identifies the port number of receiver.
Sequence number (32 bits): The sequence number specifies the first byte of attached payload data or is sent when the connection is established or terminated. It is also used for validating and sorting the segments after transmission.
Acknowledgment number (32 bits): This field contains the next sequence number that the sender is expecting. An ACK flag (in the “Flags” field) is a precondition for validity.
Offset (4 bits): The “Offset” field specifies the length of the TCP header in 32-bit words to highlight the starting point of the payload data. This starting point varies from segment to segment due to the variable “Options” field.
Reserved (6 bits): Reserved for future use according to RFC 793 and not yet in use. This field must always be set to 0.
Flags (6 bits): The six possible single bits in the “Flags” field enable various TCP actions for organizing communication and data processing. The following flags are either set or not set for these actions:
- URG: The "Urgent" flag signals to the TCP application that the payload data must be processed immediately up to the set Urgent pointer (see above).
- ACK: In combination with the acknowledgment number, the ACK flag acknowledges the receipt of TCP packets. If the flag is not set, the confirmation number is also invalid.
- PSH: The "Push" flag ensures that a TCP segment is immediately pushed through without first being sent to the buffer of the sender and receiver.
- RST: If there is an error during transmission, a TCP packet with the RST flag set can be used to reset the connection.
- SYN: Messages that have SYN flag set represent the first step of the three-way handshake, meaning they initiate the connection.
- FIN: The "Finish" flag signals to the other party that a sender is ending the transmission.
Window size (16 bits): This field specifies the number of bytes that the sender is willing to receive.
Checksum (16 bits): The Transmission Control Protocol can reliably detect transmission errors. The checksum calculated from the header, the payload data and the pseudo-header is used for this purpose.
Urgent pointer (16 bits): The urgent pointer indicates the position of the first byte after the payload data that is to be processed urgently. As a result, this field is only valid and relevant if the URG flag is set.
Options (0 - 320 bits): Use the Options field if you want to include TCP functions that don’t belong in the general header, for example if you want to define the maximum segment size. The length of the options must always be a multiple of 32, otherwise zero-bit padding is required.
How data transmission via TCP protocol works in detail
Even before the first data is transmitted, the sender and receiver typically agree on the maximum size of the TCP segments to be sent (MSS). By default, up to 1,500 bytes per segment are possible, with at least 20 bytes for the TCP header and a further 20 bytes for the IP header, leaving 1,460 bytes for payload data. If you need a custom size, you have to specify it in the Options field as described above, but you’ll have to reduce the payload data accordingly.
With the maximum segment size minus the headers, a TCP packet can only transmit 1.46 kilobytes or 0.00146 megabytes of data. Segmentation is used to exchange web content like images, which are sometimes several hundred kilobytes in size, via the TCP protocol. In this case, the application data is divided into several blocks of data before transport, numbered and then sent in random sequence. Since the receiver must acknowledge the receipt of each segment and can reconstruct the actual sequence based on the sequence numbers, the receiver can easily completely reassemble the received payload data after the TCP transmission.