IP/Network

 

 

 

 

Header : TCP

 

0

1

2

3

0

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

Source Port

Destination Port

Sequence Number

Acknowledgment Number

Data Offset

0

0

0

N

C

E

U

A

P

R

S

F

Window

Checksum

Urgent Pointer

Options (Variable Length)

 

 

Flags

 

Flag

Meaning

Description

(U)URG

Urgent Pointer

Indicate "This packet contains Urgent data pointed by Urgent Ponter". I request the reciever to set high priority for the data

(A)ACK

ACKnowledgement

Acknowledge the successful receipt of the data

(P)PSH

PUSH

Request the receiver to PUSH (Transfer) this data to higher layer as soon as it recieves regardless of the reciever buffer status

(R)RST

RESET Indicate some error (e.g, unexpected packet) occurred and Abort the connection.

(S)SYN

SYNchronisation

Indicate "This is a packet for Synchronization (TCP Establishment) process"

(F)FIN

FINish Indicate "This is a packet for Finish (TCP Release) process"

 

 

Data Offset 

 

This indicate the length of the TCP header in the unit of words, meaning 'TCP Header Length = DataOffset x 4' in Bytes.

 

 

Urgent Pointer

 

The URG pointer indicate how many bytes of the data is urgent in the segment that has arrived. (Example if the data size is 100 bytes and only firs 50 bytes is urgent, the urgent pointer will have a value of 50). If this value is set to be Non-zero value and URG flag is set, the reciever will process the urgent data even before it recieves the whole TCP packet.

 

 

Example 1 > --------------------------------------------------------

 

Transmission Control Protocol, Src Port: 42206 (42206), Dst Port: sip (5060),Seq: 1,Ack: 1,Len: 0

    Source port: 42206 (42206)

    Destination port: sip (5060)

    [Stream index: 0]

    Sequence number: 1    (relative sequence number)

    Acknowledgment number: 1    (relative ack number)

    Header length: 32 bytes

    Flags: 0x010 (ACK)

        000. .... .... = Reserved: Not set

        ...0 .... .... = Nonce: Not set

        .... 0... .... = Congestion Window Reduced (CWR): Not set

        .... .0.. .... = ECN-Echo: Not set

        .... ..0. .... = Urgent: Not set

        .... ...1 .... = Acknowledgment: Set

        .... .... 0... = Push: Not set

        .... .... .0.. = Reset: Not set

        .... .... ..0. = Syn: Not set

        .... .... ...0 = Fin: Not set

    Window size value: 1350

    [Calculated window size: 86400]

    [Window size scaling factor: 64]

    Checksum: 0xdab5 [validation disabled]

        [Good Checksum: False]

        [Bad Checksum: False]

    Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps

        No-Operation (NOP)

            Type: 1

                0... .... = Copy on fragmentation: No

                .00. .... = Class: Control (0)

                ...0 0001 = Number: No-Operation (NOP) (1)

        No-Operation (NOP)

            Type: 1

                0... .... = Copy on fragmentation: No

                .00. .... = Class: Control (0)

                ...0 0001 = Number: No-Operation (NOP) (1)

        Timestamps: TSval 4294945901, TSecr 73513

            Kind: Timestamp (8)

            Length: 10

            Timestamp value: 4294945901

            Timestamp echo reply: 73513

    [SEQ/ACK analysis]

        [This is an ACK to the segment in frame: 120]

        [The RTT to ACK the segment was: 0.016912000 seconds]

 

0000  00 30 64 0b 6c 69 00 00 91 05 fa 92 86 dd 60 00   .0d.li........`.

0010  00 00 00 20 06 40 20 01 00 00 00 00 00 02 00 00   ... .@ .........

0020  00 00 00 00 00 01 20 01 00 00 00 00 00 02 00 00   ...... .........

0030  00 00 00 00 00 02 a4 de 13 c4 0c f3 f8 fb 18 c3   ................

0040  b3 cc 80 10 05 46 da b5 00 00 01 01 08 0a ff ff   .....F..........

0050  ac 6d 00 01 1f 29                                 .m...)

 

 

Reference :

 

[1] TCP Header Format

[2] RFC 6093 : On the Implementation of the TCP Urgent Mechanism