Header : TCP
|
0 |
1 |
2 |
3 |
||||||||||||||||||||||||||||
|
0 |
1 |
2 |
3 |
4 |
5 |
6 |
7 |
8 |
9 |
10 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
31 |
|
Source Port |
Destination Port |
||||||||||||||||||||||||||||||
|
Sequence Number |
|||||||||||||||||||||||||||||||
|
Acknowledgment Number |
|||||||||||||||||||||||||||||||
|
0 |
0 |
0 |
Window |
||||||||||||||||||||||||||||
|
Checksum |
|||||||||||||||||||||||||||||||
|
Options (Variable Length) |
|||||||||||||||||||||||||||||||
|
Flag |
Meaning |
Description |
|
(U)URG |
Urgent Pointer |
Indicate "This packet contains Urgent data pointed by Urgent Ponter". I request the reciever to set high priority for the data |
|
(A)ACK |
ACKnowledgement |
Acknowledge the successful receipt of the data |
|
(P)PSH |
PUSH |
Request the receiver to PUSH (Transfer) this data to higher layer as soon as it recieves regardless of the reciever buffer status |
|
(R)RST |
RESET | Indicate some error (e.g, unexpected packet) occurred and Abort the connection. |
|
(S)SYN |
SYNchronisation |
Indicate "This is a packet for Synchronization (TCP Establishment) process" |
|
(F)FIN |
FINish | Indicate "This is a packet for Finish (TCP Release) process" |
This indicate the length of the TCP header in the unit of words, meaning 'TCP Header Length = DataOffset x 4' in Bytes.
The URG pointer indicate how many bytes of the data is urgent in the segment that has arrived. (Example if the data size is 100 bytes and only firs 50 bytes is urgent, the urgent pointer will have a value of 50). If this value is set to be Non-zero value and URG flag is set, the reciever will process the urgent data even before it recieves the whole TCP packet.
Example 1 > --------------------------------------------------------
Transmission Control Protocol, Src Port: 42206 (42206), Dst Port: sip (5060),Seq: 1,Ack: 1,Len: 0
Source port: 42206 (42206)
Destination port: sip (5060)
[Stream index: 0]
Sequence number: 1 (relative sequence number)
Acknowledgment number: 1 (relative ack number)
Header length: 32 bytes
Flags: 0x010 (ACK)
000. .... .... = Reserved: Not set
...0 .... .... = Nonce: Not set
.... 0... .... = Congestion Window Reduced (CWR): Not set
.... .0.. .... = ECN-Echo: Not set
.... ..0. .... = Urgent: Not set
.... ...1 .... = Acknowledgment: Set
.... .... 0... = Push: Not set
.... .... .0.. = Reset: Not set
.... .... ..0. = Syn: Not set
.... .... ...0 = Fin: Not set
Window size value: 1350
[Calculated window size: 86400]
[Window size scaling factor: 64]
Checksum: 0xdab5 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Options: (12 bytes), No-Operation (NOP), No-Operation (NOP), Timestamps
No-Operation (NOP)
Type: 1
0... .... = Copy on fragmentation: No
.00. .... = Class: Control (0)
...0 0001 = Number: No-Operation (NOP) (1)
No-Operation (NOP)
Type: 1
0... .... = Copy on fragmentation: No
.00. .... = Class: Control (0)
...0 0001 = Number: No-Operation (NOP) (1)
Timestamps: TSval 4294945901, TSecr 73513
Kind: Timestamp (8)
Length: 10
Timestamp value: 4294945901
Timestamp echo reply: 73513
[SEQ/ACK analysis]
[This is an ACK to the segment in frame: 120]
[The RTT to ACK the segment was: 0.016912000 seconds]
0000 00 30 64 0b 6c 69 00 00 91 05 fa 92 86 dd 60 00 .0d.li........`.
0010 00 00 00 20 06 40 20 01 00 00 00 00 00 02 00 00 ... .@ .........
0020 00 00 00 00 00 01 20 01 00 00 00 00 00 02 00 00 ...... .........
0030 00 00 00 00 00 02 a4 de 13 c4 0c f3 f8 fb 18 c3 ................
0040 b3 cc 80 10 05 46 da b5 00 00 01 01 08 0a ff ff .....F..........
0050 ac 6d 00 01 1f 29 .m...)
Reference :
[2] RFC 6093 : On the Implementation of the TCP Urgent Mechanism