|
Source Port – A TCP identifier number that when used in conjunction with the Source IP address forms the identifier in the form: w.x.y.z:port. The source and destination identifier pair in the form: + form the connection or the socket of a TCP transaction.
|
|
The target port number on this receiving system. (see the explanation of the source port above)
|
|
32-bit sequence number – specifies which byte the start byte of the data in this packet should be within the entire stream. I.e. If the previous packet had contained 1200 bytes and was the first of the transmission, then this field would hold the value 1200, meaning that the first byte in this packet is byte #1200 of the entire transmission (the first byte in the first packet is byte # 0.)
|
|
32-bit Acknowledgement number – Used by the receiver in the acknowledgement packet for the current packet. So this system would respond to this packet by reversing the port numbers and if this packet had contained 1200 more bytes of data, this field would read 2401 indicating “I have already received 2400 bytes and am expecting the 2401st next.”
|
|
Header Length – A 4-bit number that expresses how many 32-bit double words in size the TCP header is. Since the options field is variable in length, this field is critical to the functionality of the packet. Without it, TCP would not know where the header ends and the data begins. Minimum TCP header = 20 bytes, or 5 dwords.
|
|
The next 6 bits are reserved
|
|
The next 6 bits each have a name and meaning as follows: U = Urgent, consider this packet as more important than any other not marked Urgent (process it first.) A = Acknowledge, this packet is acknowledging successful reception of data (the receivers packets back to the sender of data set this bit and the 32-bit Acknowledgement number above has meaning in this case.) P = Push, The sender indicates to the receiver that the upper level processes have invoked this operation (may indicate a data flow change is imminent.) R = Reset, the upper level processes on the sender have reset the connection, the connection will be lost and have to be reestablished, S = SYN (short for synchronize), used to request the establishment of a connection or socket, F = FIN (short for Finalize) used to tear down an established connection or socket.
|
|
16-bit Advertised Window Size – This number is used by the receiver within the acknowledge packet to adjust how many bytes the sender may have out on the wire unacknowledged and still feel free to continue transmitting. The receiver reviews this field in the packet of the sender and compares it with the current conditions of the receive buffer of this socket. This constitutes the “sliding window” of TCP and is how both sides can adjust the throughput of the connection up or down based on transient conditions in the upper or lower layers of the system.
|
|
16-bit TCP Checksum – The entire header and all data in the packet are used to generate this checksum which is then inserted here. The receiver uses the same math to generate the value again from the header and data of the packet and compares what it calculated with the actual value found here. If they differ, then the packet has been damaged or spuriously modified and an urgent response will be made to retransmit the packet.
|
|
16-bit Urgent Pointer – indicates the location and nature of the problem within the current connection or socket. Works in conjunction with the Options fields.
|
|
Options – There are many possible options. During the establishment of a connection in which a sender is about to transmit a file to the receiver, the receiver can indicate the largest possible stream that it will accept. TCP over DOS in a file transfer might indicate a value slightly smaller than 2GB, a file larger than this will not fit on a FAT16 partition.
|
|
Data – The actual data being sent in this packet. This is an optional field since the receiver will not need to send data back to the sender only acknowledgements.
|