Established TCP connection:
SYN, SYN/ACK, ACK
tcp window size indicates the receive window buffer space available. When a host advertises a small window size or zero window size, network performance can be impacted.
If a server is not listening on the dest. port, it will respond to SYN with TCP RST.
TCP conn can be terminated in a number of ways. An explicit termination uses TCP RST. An Implicit termination uses TCP FIN. When FIN is used , host send a FIN packet and enter a FIN-WAIT state until FIN is Acknowledged and peer send it own FIN back. (use netstet -a (win/linux) to see current status of connections.)
RFC 793 defines the purpose of FIN bit as indiating there would be no more data from the sender. This does not prevent receiver of FIN packet from sending add'l data which , atypical, is allowed.
sequence/acknowledgement process tracks order of packets and detects and recovers from missing segments.
During handshake, each side selects it's own starting sequence number. Each side increments seq number by amount of data included in each packet.
seq num in + bytes of data received
= acknowledgement num out
Acknowledgement number only increments when data is received.
tcp can identify packet loss (based on missing sequence numbers) and recover by either requesting missing segments of data (receiver side) or timing out and resending unacknowledged segments (sender side).
When a receiver determines a seq number is not in packet, it assume the packet is lost. So receiver adjust th Acknowledgement number field to ACK the next expected seq number from peer.
The receipt of three identical ACKs will trigger a retransmission.
TCP senders have a tcp retransmission timeout (RTO) value to determine when it should retransmit a packet that has not been acknowledged by tcp peer.
If data packet is sent and not ack'd before the RTO timer expires, a tcp sender will retranmit using the seq number of original packet.
If response is icmp destination unreachable packet, it is likely port is firewalled, and icmp is generated by firewall.
|Code 1||Host Unreachable|
|Code 2||Protocol Unreachable|
|Code 3||Port Unreachable|
|Code 9||Communication with Network is Administratively Prohibited|
|Code 10||Communication with Host is Administratively Prohibited|
|Code 11||Destination Unreachable for Type of Service|