lv7 Embedded Development-Network Programming Development 11 TCP Management and UDP Protocol

Table of Contents

1 TCP management

1.1 Three-way handshake

1.2 Wave four times

1.3 Keep-alive timer

2 wireshark installation and experiment

3.1 icmp protocol packet capture demonstration

3.2 TCP protocol packet capture demonstration

3 UDP protocol

3.1 Main features of UDP:

4 exercises


1 TCP Management

1.1 Three-way handshake

The process of establishing a TCP connection is called a handshake.

Three-package handshake is used: three TCP packet segments are exchanged between the client and the server to prevent the invalid connection request segment from being suddenly transmitted again, resulting in TCP connection establishment errors.

  1. The TCP server process of B first creates the transmission control block TCB and is ready to accept the connection request from the client process.
  2. A’s TCP actively sends a connection request segment to B. The synchronization bit in the header is SYN = 1, and the sequence number seq = x is selected, indicating that the sequence number of the first data byte when transmitting data is x. Note: TCP stipulates that the SYN message segment (that is, the message segment with SYN = 1) cannot carry data, but a sequence number must be consumed.
  3. After B’s TCP receives the connection request segment, if it agrees, it sends back a confirmation. B should set SYN = 1 and ACK = 1 in the confirmation message segment, its confirmation number ack = x + 1, and its chosen sequence number seq = y. Note: This segment cannot carry data, but it also consumes a sequence number.
  4. After receiving this segment, A sends an acknowledgment to B, with ACK = 1 and acknowledgment number ack = y + 1. A’s TCP notifies the upper application process that the connection has been established. Note: The TCP standard stipulates that ACK segments can carry data. But if it does not carry data, the sequence number is not consumed. The sequence number of the next data segment is still seq = x + 1.
  5. After receiving the confirmation from host A, B’s TCP also notifies its upper-layer application process that the TCP connection has been established. Both parties can start data transfer.

1.2 Wave four times

The TCP connection release process is more complicated.

After the data transmission is completed, both parties to the communication can release the connection.

The TCP connection release process is a four-packet handshake.

  1. A’s application process first sends a connection release segment to its TCP, stops sending data, and actively closes the TCP connection. A releases the connection with FIN = 1 in the header of the message segment, its sequence number seq = u, and waits for B’s confirmation. TCP regulations: Even if the FIN segment does not carry data, it consumes a sequence number.
  2. B sends an acknowledgment, ACK=1, acknowledgment number ack = u + 1, and the sequence number of this segment seq = v. The TCP server process notifies higher-level application processes. The connection in the direction from A to B is released, and the TCP connection is in a half-closed state. If B sends data, A still needs to receive it.
  3. If B no longer has data to send to A, its application process notifies TCP to release the connection. FIN=1, ACK=1, confirmation number ack = u + 1, sequence number of this segment seq = w.
  4. After A receives the connection release segment, it must send an acknowledgment. ACK=1, confirmation number ack=w + 1, own sequence number seq = u + 1
  5. Please note: The TCP connection has not been released at this time. The TCP connection must be released after 2MSL set by the TIME-WAIT timer.

1.3 Keep-alive timer

Used to prevent long periods of idle time on TCP connections.

Typically set to 2 hours.

If the server has not received the client’s information after 2 hours, it sends a probe segment.

If 10 probe segments (each 75 seconds apart) are sent without a response, the client is assumed to be faulty and the connection is terminated.

2 wireshark installation and experiment

Windows download:Wireshark · Download

linux download:

sudo apt-get install wireshark

//Add permissions
sudo chmod 777 /usr/bin/dumpcap

3.1 icmp protocol packet capture demonstration

Every ping, send and reply

3.2 tcp protocol packet capture demonstration

The port of http protocol is 443

3 UDP protocol

UDP only adds some functions on top of IP’s datagram service:

  • reuse and deuse
  • error detection

3.1 Main features of UDP:

  • no connection. There is no need to establish a connection before sending data.
  • Use best effort delivery. That is, reliable delivery is not guaranteed.
  • Message-oriented. UDP transmits and delivers one complete message at a time.
  • There is no congestion control. Network congestion does not reduce the source host’s sending rate. Very suitable for multimedia communication requirements.
  • Supports one-to-one, one-to-many, many-to-one, many-to-many and other interactive communications. The header overhead is small, only 8 bytes.
  • Characteristics of UDP communication: simple and convenient, but unreliable.

UDP is message-oriented

The sender UDP neither merges nor splits the packets handed over by the application layer and sends them as they are.

The receiver UDP removes the header from the UDP user datagram handed over by the IP layer and delivers it intact to the upper-layer application process, delivering a complete message at a time.

When UDP calculates the checksum, it needs to use a pseudo header (Pseudo Header) to enhance the accuracy of the checksum. Pseudo headers are usually processed together with the UDP packet header when calculating the checksum to ensure the accuracy of the checksum. The composition of the pseudo header is as follows:

  1. Source IP address: 4 bytes, indicating the IP address of the sender.

  2. Destination IP address: 4 bytes, indicating the IP address of the recipient.

  3. Reserved field: 1 byte, all 0s.

  4. Protocol field: 1 byte, indicating the type of upper layer protocol. For UDP, the value of this field is 17.

  5. UDP packet length: 2 bytes, indicating the length of the entire UDP packet.

The components of the pseudo header are not included in the actual bytes of the UDP packet, but are processed together with the UDP packet header when calculating the checksum. The purpose of the pseudo header is to increase the accuracy of the checksum, ensure that the checksum is calculated correctly, and effectively detect any changes in the data during transmission.

It should be noted that the pseudo header is only used to calculate the checksum and is not transmitted as actual data.

The specific byte composition of the UDP data packet is as follows:

  1. Source port and destination port: Each port number occupies 2 bytes, a total of 4 bytes. Source number. Select when you need to reply to a message. You can reset it to 0 when not needed. Your terminal number. The terminal delivery report must be used?

  2. Length field: 2 bytes, indicating the length of the entire UDP packet. Its maximum value is 8 (only part)

  3. Checksum field: 2 bytes, used to verify the integrity of the data packet. Detect whether there are any errors in UDP user datagram transmission. If there is a mistake, discard it

  4. Data part: Depending on the actual data sent by the application, it can be any length.

The following is an example of a simple UDP packet (expressed in hexadecimal):

Source port number: 0xABCD (2 bytes) Destination port number: 0x1234 (2 bytes) Length field: 0x0012 (2 bytes) Checksum field: 0x5678 (2 bytes) Data part: 0x48656C6C6F20576F726C64 (11 bytes, corresponding to ASCII encoded “Hello World”)

4 Exercises

  • 1. Draw the three-way handshake process
  • 2. Draw the four-way handshake process
  • 3. Implement TCP communication, use wireshark to capture packets, and submit wireshark packet capture screenshots. The screenshots include the three-way handshake process and the four-way handshake process.