33 pictures explain TCP and UDP in detail the middleman between the network and the application

Let’s take a panorama , and quickly understand the content of the entire article in 3 seconds.

initial transport layer

As mentioned earlier, the role of the transport layer is to establish an [end-to-end] connection between applications to provide reliable or unreliable communication services for data transmission. There are two important protocols in the transport layer, namely TCP and UDP. TCP is a connection-oriented reliable transport protocol, and UDP is a connectionless unreliable transport protocol.

An IP address can identify a host, and there is a field in the IP packet header to identify the upper-layer protocol type. According to the protocol number of this field , to identify whether the data transmitted by IP is TCP or [UDP] . IP identifies TCP with protocol number 6 and UDP with protocol number 17. But a host may have multiple programs at the same time, TCP and UDP of the transport layer. In order to identify the application type of the upper layer, the port number is used to identify the specific program, so that these programs can reuse the network channel.

Layer 2 frame communication and layer 3 packet communication are both connectionless and unreliable communication methods, while layer 4 TCP is a reliable communication method . If the frame is lost during transmission, the Layer 2 functional modules of both parties cannot find it; if the packet is lost during transmission, the Layer 3 functional modules of both parties cannot detect it. Burning goose, a TCP segment is lost, the TCP module must be able to find it. The loss of a TCP segment means the loss of an IP packet, because the TCP segment is encapsulated in an IP packet; similarly, the loss of an IP packet means the loss of a frame. Therefore, the unreliability of Layer 2 and Layer 3 communication is compensated here in TCP.

The application program is actually the application protocol of TCP/IP, and the application protocol mostly runs in the form of client/server . The client (Client , the party that uses the service.) is the initiator of the request. The server (Server, the program or host that provides the service.) is the processing end of the request. It is necessary to start the program as a server in advance and be ready to receive requests from clients at any time. Otherwise, even if a client’s request is sent, it cannot be processed.

To confirm which server a request is sent to, it can be easily identified by the destination port number of the received packet . When a TCP connection establishment request is received, if the destination port number is 22, it will be forwarded SSH, and if it is, 80it will forwarded HTTP.

TCP

TCP is a connection-oriented, reliable streaming protocol. Stream is uninterrupted data. When an application uses TCP to send messages, although it is sent in sequence, the receiver receives a data stream without interval. For example, if the application on the sender side sends 100 bytes of data 10 times, then on the receiver side, the application may receive a continuous stream of 1000 bytes of data.

In order to provide reliable transmission, TCP implements sequence control and retransmission control mechanisms. In addition, there are many functions such as flow control, congestion control, and improved network utilization.

UDP

UDP is an unreliable protocol, and the reliability function is left to the upper-layer application to complete. Although UDP can ensure the size of the data to be sent, for example, if the sender application sends a 100-byte message, the receiver application will also receive data in 100-byte lengths. But there is no guarantee that the data will arrive. Therefore, applications sometimes perform retransmission processing as needed.

Difference Between TCP and UDP

TCP is a reliable transport protocol, will it be better than UDP? In fact, TCP is connection-oriented and has mechanisms such as sequence control and retransmission control, which can provide reliable transmission for applications. UDP is mainly used for communications that have higher requirements for high-speed transmission and real-time performance. For example: make a call through an IP phone. If TCP is used, if data is lost, it will be retransmitted, so that the voice of the call cannot be transmitted smoothly, resulting in normal communication. With UDP, it does not retransmit. There will be no problem of a large delay in the arrival of the sound. Even if some data is lost, it will only affect a small number of calls. Therefore, TCP and UDP need to be used according to the purpose of the application .

The port number

The addresses of the data link layer and the network layer are the MAC address and the IP address, respectively. MAC addresses are used to identify different devices in the same network segment, and IP addresses are used to identify hosts or routers in the network. The address of the transport layer is the port number , which is used to identify different applications on the same host, also known as the program address .

A host can run multiple programs at the same time, such as Web browsers, e-mail clients and other programs of the WWWservice can run at the same time. The transport layer protocol uses these port numbers to identify the application program that the host is communicating with and transmit data accurately.

It is inaccurate to identify a communication solely by its destination port. The destination port numbers accessed by the two hosts are the 80same , and the two communications can be distinguished according to the source port numbers.

The destination port number is the same as the source port number, but the source IP addresses of the two hosts are different; the IP address and port number are the same, but the protocol number is different. In these cases, it will be considered as two different communications.

Therefore, five pieces of information are usually used to identify a communication in network communication. They are source IP address , destination IP address , protocol number , source port number , destination port number . As long as one of them is different, it is considered a different communication.

The port number of TCP/UDP is a 16-bit binary number, and the port number range is 0 ~ 65535. When actually communicating, the port number should be determined in advance. There are two ways to determine the port number:

  • Standard port number

    This method is also called a static method. It means that each application has an assigned port number. The port numbers used by common applications such as HTTP, TELNET, and FTP are fixed, and these port numbers are also called well-known port numbers. Well-known port number ranges are 0 ~ 1023.

    In addition to well-known port numbers, some port numbers are also officially registered, called registered ports . They are distributed 1024 ~ 49151between .

  • timing allocation method

    This method is also called dynamic allocation method. It is necessary for the server to determine the port number to listen on, but the client receiving the service does not need to determine the port number.

    The client application does not need to set the port number, it is assigned by the operating system. The operating system can assign non-conflicting port numbers to each application. For example: every time a new port number is needed, add 1 to the previously assigned number. In this way, the operating system can dynamically manage the port number.

    The dynamically allocated range of port numbers is 49152 ~ 65535between .

UDP

UDP , full name User Datagram Protocol. UDP does not provide complex control mechanisms, and uses IP to provide connectionless , unreliable communication services. And it is a mechanism to send the data sent by the application to the network as it is when it is received.

UDP cannot perform flow control even when the network is congested. Packet loss occurs during transmission, and UDP is not responsible for retransmission. There is also no function to correct when packets arrive in an incorrect order. If these detailed controls are required, they need to be handled by the upper-layer application . It can also be said that the reliability of information transmission is lost to improve the efficiency of information transmission.

The characteristics of UDP are as follows:

  • UDP is connectionless: UDP does not establish a connection with the other party before sending data.
  • UDP does not order data: the header of a UDP packet has no information about the order of the data.
  • UDP does not send acknowledgment to the data, the sender does not know whether the data has been received correctly, and will not resend the data.
  • UDP transfers data faster than TCP with less system overhead.
  • UDP lacks a congestion control mechanism and cannot detect network congestion.

Since UDP is connectionless oriented, it can send data at any time. In addition, the processing of UDP itself is simple and efficient, so it is often used in the following aspects:

  • Communication with low packet volume (DNS, SNMP, etc.)
  • Video, audio and other multimedia communication (instant messaging)
  • Application communication only used in local area network
  • Broadcast communication (broadcast, multicast)

TCP

UDP transfers part of the control to the application for processing, and only provides the most basic functions as a transport layer protocol. Unlike UDP, TCP is a protocol that controls transmission, transmission, and communication. The main features are as follows:

  • Three-way handshake to establish connection: to ensure the reliability of connection establishment.
  • Port number: Identify upper-layer protocols and services through port numbers to realize network multiplexing.
  • Integrity check: By calculating the checksum, it is ensured that the receiver can detect possible errors during transmission.
  • Confirmation mechanism: For correctly received data, the receiving end informs the sender through an acknowledgment response. After a certain period of time, the sender will retransmit the segment that has not been confirmed to ensure the reliability of transmission.
  • Sequence number: The data sent has a unique sequence number that identifies each segment. The receiving end can use the serial number to realize functions such as loss detection and out-of-order rearrangement.
  • Windowing mechanism: Through the adjustable window, the TCP receiver can tell the desired sending speed and control the data flow.

TCP implements various control functions during data transmission, can perform retransmission control when packets are lost , and can also perform sequence control on packets that are out of sequence . As a connection -oriented protocol, data is sent only when the peer end is determined to exist, so that the waste of communication traffic can be controlled. Since UDP has no connection control, data packets can still be sent even if the peer does not exist or exits the network halfway.

  • connect

    A connection refers to a dedicated, virtual communication line, also known as a virtual circuit , between two applications that communicate in a network, in order to transmit messages to each other .

    Once the connection is established, the communicating applications only use this virtual wire to send and receive data, which guarantees the transmission of information. Applications can forward data regardless of various problems that may occur on the IP network. TCP is responsible for the management of connection establishment, disconnection, and maintenance.

In order to achieve reliable transmission in unreliable IP communication, many things need to be considered, such as data corruption, packet loss, duplication, and fragmentation sequence disorder. TCP achieves reliable transmission through mechanisms such as checksum, sequence number, acknowledgment, retransmission control, connection management, and window control .

Serial Number and Acknowledgement Reply

In TCP, when the sender’s data arrives at the receiving host, the receiving host returns a received message. This message is called an acknowledgment (ACK).

TCP realizes reliable data transmission through acknowledgment . When the sender sends the data, it will wait for the confirmation response from the peer. If there is an acknowledgment response, it means that the data has successfully reached the peer end. Otherwise, data may have been lost.

If there is no confirmation response within a certain period of time, the sender will consider that the data has been lost and retransmit. In this way, even if there is packet loss, the data can still be guaranteed to reach the opposite end, and reliable transmission can be achieved.

No acknowledgment is received, not necessarily data loss. It is also possible that the peer end has already received the data, and the returned acknowledgment response is lost on the way, which will also cause the sender to retransmit. In addition, it is also possible that the acknowledgment response arrives with a delay, and the sender resends the data before receiving it.

Every time data is transmitted, TCP will mark the starting sequence number of the segment so that the other party can confirm it. In TCP, it does not directly confirm which segments are received, but informs the sender which segment should be sent next, indicating that the previous segment has been received. For example: when the received acknowledgment response sequence number is N + 1, it means that N and the data before N have been received.

Since each segment has a unique number , it is easy to find out when the receiver receives a duplicate segment, and it is easy to locate the data segment after it is lost, and it can also be rearranged after being out of order.

timeout retransmission

Timeout retransmission refers to the interval for waiting for an acknowledgment to arrive before retransmitting data. If the RTT (round-trip time) is exceeded, and the acknowledgment is still not received, the sender will retransmit the data.

After the data is retransmitted, if no confirmation response is received, it will be retransmitted. At this time, the waiting time for the confirmation response will increase exponentially by 2 times and 4 times. The data will not be retransmitted indefinitely. After a certain number of retransmissions is reached, if the confirmation response is not received, it will be considered that the network or the peer host sends an abnormality, the connection will be forcibly closed, and the application will be notified of the abnormal communication and forcibly terminated.

RTT time is a very important parameter. Too large RTT will cause very slow TCP retransmission, reducing the transmission speed; too small RTT will lead to frequent TCP retransmission, reducing the efficiency of resource use. In practical situations, the value of RTT is dynamically adjusted by tracking the round-trip time interval of data in real time.

connection management

TCP provides connection-oriented communication transmission. Connection-oriented means that preparations for both ends of the communication are done before data communication. Before data communication, a SYN packet is sent as a request to establish a connection. If the peer end sends an acknowledgement response, it is considered that data communication can be started. If the acknowledgment response from the peer fails to arrive, no data communication will take place. At the end of communication, the disconnection process is performed using a FIN packet .

SYN packets and FIN packets manage TCP connections through the control field of the TCP header. The establishment and disconnection of a connection requires at least 7 packets to be sent back and forth to complete the normal process. Establishing a TCP connection requires sending 3 packets, a process called a three-way handshake . Disconnecting a TCP connection requires sending 4 packets, a process also known as four hand waves . Creating a TCP connection generates a 32-bit random sequence number, because every new connection uses a new random sequence number.

three-way handshake

Host A wants to send data to host B, and the TCP module establishes a connection TCP session through three-way handshake .

The three-way handshake means that three TCP control segments are exchanged during the establishment of a TCP session, and they are distributed as SYN segment, SYN + ACK segment, and ACK segment. The detailed process is as follows:

  1. The sender host A sends a SYN segment to the receiver host B, indicating that it initiates a connection establishment request, and at the same time informs the host B of its state. Set the sequence number of the segment to a and set SYN to indicate that SYN manages the segment.
  2. After the host B receives the connection request, it responds to the SYN + ACK segment, sets the serial number to b, the confirmation number to a + 1, and sets SYN and ACK at the same time.
  3. After host A receives the connection confirmation from host B, it sends an ACK segment for confirmation again, confirms the establishment of the session, and sets the ACK bit. After receiving the segment with the confirmation number a + 1 and the serial number b, the host A sends the segment with the serial number a + 1 and the confirmation number b + 1 for confirmation.
  4. After host B receives the confirmation message, the connection is established. Both parties can start transferring data.

After three handshakes, two TCP sessions are actually established between A and B , one is a TCP session from A to B, and the other is a TCP session from B to A. The SYN segment sent by A indicates that A requests to establish a TCP session from A to B, in order to control the normal and reliable transmission of data from A to B. After receiving the SYN segment, B will send a SYN + ACK segment in response. The meaning of SYN + ACK is: B agrees to A’s request on the one hand, and requests to establish a TCP session from B to A on the other hand. The purpose of this session is to control the correct and reliable transmission of data from B to A. After A receives the SYN + ACK segment, it responds with an ACK, indicating that it agrees to B’s request.

waved four times

When the transmission of the TCP data segment ends, both parties need to send a FIN segment and an ACK segment to terminate the TCP session. This method is called waving four times , and the detailed process is as follows:

  1. Host A wants to terminate the connection and sends a segment with sequence number p, FIN is set, indicating the FIN management segment.
  2. After host B receives the FIN segment sent by host A, it sends an ACK segment with the confirmation number p + 1, and closes the connection at the same time.
  3. Host B sends a segment with sequence number q, FIN is set, and the connection is closed.
  4. After host A receives the FIN segment sent by host B, it sends an ACK segment with an acknowledgment number of q + 1, and closes the connection at the same time. This ends the TCP connection.

The termination of a TCP session is divided into two parts. First A sends a FIN control segment, requesting to terminate the TCP session from A to B. B responds with an ACK segment, indicating that it agrees to A’s request to terminate the session. After A receives the ACK segment from B, it starts to terminate the session. Similarly, B will also initiate a request to A to terminate the TCP session from B to A.

unit segment

The data encapsulated by the transport layer protocol is called a segment . When establishing a TCP connection, you can determine the size of the data segment, which is the maximum message length (MSS). When TCP transmits a large amount of data, it divides and sends the data according to the size of MSS, and the retransmission is also in MSS.

The MSS is calculated by the hosts at both ends during the three-way handshake. When the hosts at the two ends send the request to establish a connection, they will write the MSS value in the TCP header. Then choose the smaller value between the two to use. The default value of MSS is 536 bytes, the ideal value is 1460 bytes, plus 20 bytes of IP header and 20 bytes of TCP header, just in the IP layer will not be fragmented.

window control

TCP uses 1 segment as a unit, and sends an acknowledgment response for each segment. The longer the round-trip time of the packet, the lower the communication performance.

To solve this problem, TCP introduces the concept of a window . The acknowledgment is no longer for each segment, but is confirmed with the size of the window, and the forwarding time is greatly shortened. The window size refers to the maximum value that can continue to send data without waiting for an acknowledgment. The window size is a 16-bit field, so the maximum window size is 65535 bytes. In the TCP transmission process, the two parties express their remaining buffer (Buffer) space by exchanging the size of the window, as well as the maximum amount of data that can be accepted next time to avoid buffer overflow.

In sending data, the data in the window can be sent even if no acknowledgment is received. Retransmission is also required if the data in the window is lost in transmission. Therefore, the sender host must keep this part of the data in the buffer before receiving the acknowledgment.

After receiving the acknowledgment, slide the window to the position of the serial number in the acknowledgment. This allows multiple segments to be sent simultaneously in sequence, a mechanism also known as sliding window control .

Window Control and Resend Control

When using window control , if the acknowledgment response fails to be returned, the data has already arrived at the peer end, and there is no need to retransmit it. However, when window control is not used, data that has not received an acknowledgment will be retransmitted. With window control, some acknowledgments do not need to be retransmitted even if they are lost.

If a segment is lost, when the receiving host receives data with discontinuous sequence numbers, it will return an acknowledgment response for the received data. Even if the packet sequence numbers received by the receiver are not consecutive, the data will not be discarded, but will be temporarily stored in the buffer. When the message is lost, the acknowledgment response with the same sequence number will be sent repeatedly. If the sender receives the same acknowledgment for 3 consecutive times, it will resend the corresponding data. This mechanism is more efficient than timeout management and is also known as a high-speed retransmission mechanism .

flow control

When the receiving end is in a high load state, it may not be able to process the received data and discard the data, which will trigger the retransmission mechanism, resulting in unwarranted waste of network traffic.

In order to prevent this, TCP provides a mechanism that allows the sender to control the amount of data sent according to the actual receiving capability of the receiver, which is flow control . Its specific operation is that the receiving end host informs the sending end host of the size of the data that it can receive, so the sending end will send data that does not exceed this limit. The size of this limit is the window size.

There is a field in the TCP header that informs the window size. The receiving host puts the buffer size in this field and sends it to the receiving end. When the buffer at the receiving end is insufficient or the processing power is limited, the value of the window size is reduced by half to control the amount of data sent. That is to say, the sender host will control the amount of data sent according to the instructions of the receiver host, which forms a complete TCP flow control.

If the receiving end requires a window size of 0, it means that the receiving end has received all the data, or the receiving end application has no time to read the data, and requests to suspend the transmission.

If the message of the window update is lost, it may lead to the failure to continue the communication. To avoid this problem, the sender host will occasionally send a data segment called window probe , which contains only one byte to get the latest window size information.

congestion control

With TCP’s window control, the sending and receiving hosts no longer send acknowledgments in units of one data segment, and can continuously send a large number of data packets. When the network is congested, if a large amount of data is suddenly sent, the entire network may be paralyzed.

In order to prevent this problem, the amount of data sent is controlled by a value derived from an algorithm called slow start at the beginning of communication.

In order to adjust the amount of data sent on the sender side, a congestion window is needed. In slow start, the size of the congestion window is set to 1 MSS to send data, and each time an acknowledgment (ACK) is received, the value of the congestion window is incremented by 1. When sending data packets, compare the size of the congestion window with the window size notified by the receiving host, and select the smaller value among them to send data. This can effectively reduce the network congestion caused by continuous packet sending at the beginning of communication, and also avoid the occurrence of network congestion.

Comparison of TCP and UDP

UDP format

A UDP segment consists of a UDP header and UDP data. The UDP header consists of source port number, destination port number, length, and checksum. The length of the UDP header is a fixed 8 bytes.

  • Source port number : The field is 16 bits long, indicating the UDP port number of the sender.
  • Destination Port Number : The field is 16 bits long, indicating the UDP port number of the receiver.
  • Length : The field is 16 bits long, indicating the total length of the UDP header and UDP data.
  • Checksum : The field is 16 bits long and is an error checking field. It is calculated from the contents of the UDP header and UDP data, and is used to check errors during transmission.

TCP format

The TCP header is much more complex than the UDP header, consisting of a 20-byte fixed-length plus a variable-length options field.

  • Source Port Number : The field is 16 bits long, indicating the TCP port number of the sender.

  • Destination Port Number : The field is 16 bits long, indicating the TCP port number of the receiving end.

  • Sequence Number : The field is 32 bits long and refers to the position sequence number of the TCP segment data. According to the serial number, it is judged whether there is any re-collection, missed collection, disordered sequence, etc.

  • Confirmation number : The field is 32 bits long, which refers to the serial number of the data that should be received next time. Receiving this confirmation number means that the data before this confirmation number has been received normally.

  • Data offset : The field is 4 bits long, indicating which bit the TCP data starts from, which can also be regarded as the length of the TCP header.

  • Reserved : The field is 6 bits long and is reserved for future expansion.

  • Control bit : The field is 6 bits long, and each flag bit can open a control function, also called control bit. From left to right are URG , ACK , PSH , RST , SYN , FIN .

    • URG : When the flag bit is 1, it indicates that there is data that needs urgent processing.
    • ACK : When the flag bit is 1, it means the acknowledgement is valid.
    • PSH : When the flag bit is 1, it means that the data will be uploaded to the application immediately instead of being queued in the buffer.
    • RST : When the flag bit is 1, it means that the TCP connection is abnormal and the connection must be forcibly disconnected.
    • SYN : When the flag bit is 1, it indicates that a connection is requested and the initial value of the serial number is set.
    • FIN : When the flag bit is 1, it indicates that the data transmission is over, and the TCP connection is requested to be disconnected.
    • Window : The field is 16 bits long, indicating the size of the sliding window, indicating how many bytes of data it can receive.
  • Checksum : The field is 16 bits long and is an error checking field. It is calculated from the contents of the TCP header and TCP data, and is used to check errors during transmission.

  • Urgent pointer : The field is 16 bits long, indicating the length of urgent data. This field is only valid when the URG bit is 1.

  • Option : The length of the field is variable. Implement some extended functions of TCP by adding different options.

  • Padding : If the header of the TCP segment is not an integer multiple of 4 bytes, pad some 0s to ensure that the header length is an integer multiple of 4 bytes.

  • Data : The data part of the TCP segment, not the content of the TCP header, the maximum field is MSS.

The size of the moving window indicates how many bytes of data it can receive.

  • Checksum : The field is 16 bits long and is an error checking field. It is calculated from the contents of the TCP header and TCP data, and is used to check errors during transmission.

  • Urgent pointer : The field is 16 bits long, indicating the length of urgent data. This field is only valid when the URG bit is 1.

  • Option : The length of the field is variable. Implement some extended functions of TCP by adding different options.

  • Padding : If the header of the TCP segment is not an integer multiple of 4 bytes, pad some 0s to ensure that the header length is an integer multiple of 4 bytes.

  • Data : The data part of the TCP segment, not the content of the TCP header, the maximum field is MSS.

Leave a Comment

Your email address will not be published. Required fields are marked *