The RFC 793 Transmission Control Protocol is about tcp and describes the functions to be performed by the
Transmission Control Protocol, the program that implements it, and its
interface to programs or users that require its services
The RFC explain the motivations :
Computer communication systems are playing an increasingly important
role in military, government, and civilian environments. (We are in 1981 !)
The RFC focuses its attention primarily on military computer
communication requirements, especially robustness in the presence of
communication unreliability and availability in the presence of
congestion, but many of these problems are found in the civilian and
government sector as well.
the TCPs decide when to block and forward data at their own
Sometimes users need to be sure that all the data they have
submitted to the TCP has been transmitted. For this purpose a push
function is defined. To assure that data submitted to a TCP is
actually transmitted the sending user indicates that it should be
pushed through to the receiving user.
The TCP must recover from data that is damaged, lost, duplicated, or
delivered out of order by the internet communication system. This
is achieved by assigning a sequence number to each octet
transmitted, and requiring a positive acknowledgment (ACK) from the
receiving TCP. If the ACK is not received within a timeout
interval, the data is retransmitted.
The sequence number of the first data octet in this segment (except
when SYN is present). If SYN is present the sequence number is the
initial sequence number (ISN) and the first data octet is ISN+1.
Acknowledgment Number: 32 bits
If the ACK control bit is set this field contains the value of the
next sequence number the sender of the segment is expecting to
receive. Once a connection is established this is always sent.
Data Offset: 4 bits
Reserved: 6 bits
Control Bits: 6 bits
URG: Urgent Pointer field significant
ACK: Acknowledgment field significant
PSH: Push Function
RST: Reset the connection
SYN: Synchronize sequence numbers
FIN: No more data from sender
Tcpdump prints out a description of the contents of packets on a network interface with -v option for verbose output.
Example : tcpdump -vvv host caporali.fr
Tcpdump prints out only the packets in relation with caporali.fr in verbose mode.
Exemple de connexion TCP
The requested service is a telnet connexion, on port 80.
Telnet is a very old (and non secure) protocol used on the Internet or local area networks to provide a communication facility using a virtual terminal connection.
The connection is created and is then interrupted by the customer via Ctrl-C
telnet caporali.fr 80
Connected to caporali.fr.
Escape character is '^]'.
^Connection closed by foreign host.
There is connection request. The source machine is the 192.168.1.65, the destination server is : caporali.fr.
We can see (in bold) the flag S.