Transport Layer: TCP & UDP

Layer 4 handles end-to-end communication, reliability, and flow control. The two dominant protocols are TCP (Connection-Oriented) and UDP (Connectionless).

1. The TCP Header

The Transmission Control Protocol (TCP) guarantees delivery. Its 20-byte header tracks sequence numbers, acknowledgments, and window sizes.

Source Port 16-bit 2B

Dest Port 16-bit 2B

Sequence Number 32-bit 4B

Ack Number 32-bit 4B

Flags Control 2B

Window Size 2B

2. The 3-Way Handshake

Ensures both sides are ready to communicate and agree on initial Sequence Numbers (ISN).

CLIENT (192.168.1.10) SERVER (8.8.8.8)

1. SYN (Seq=100) ------------------------->

2. SYN-ACK (Seq=500, Ack=101)
<-------------------------

3. ACK (Seq=101, Ack=501) ------------->

[ESTABLISHED] [ESTABLISHED]

Engineer's Notebook: Troubleshooting States

SYN_SENT: Client sent SYN, waiting for SYN-ACK. (Firewall drop?).

ESTABLISHED: Connected. Data can flow.

CLOSE_WAIT: Server received FIN, but application hasn't closed the socket yet. (App bug?).

TIME_WAIT: Active closer waits 2*MSL (Max Segment Lifetime) to ensure delayed packets don't corrupt new connections.

3. Reliability & Flow Control

Windowing (Sliding Window)

The Window Size tells the sender how many bytes the receiver can buffer. If the buffer fills, the receiver sends Window Size = 0 (Zero Window), pausing transmission.

Congestion Control (RFC 5681)

Slow Start: Exponentially increase sending rate until packet loss occurs.
Congestion Avoidance: Linearly increase rate.
SACK (Selective ACK): Modern extension (RFC 2018). Allows receiver to say "I got blocks 1-100 and 150-200, but I'm missing 101-149." Prevents retransmitting everything.

4. UDP (User Datagram Protocol)

A "Fire and Forget" protocol. No handshake. No retransmission. No ordering. Header is only 8 bytes.

Src Port 16-bit 2B

Dst Port 16-bit 2B

Length 16-bit 2B

Checksum 16-bit 2B

Ideal For:

Real-time Voice/Video: Dropped packets are better than delayed packets.
DNS/DHCP: Single query/response.
Multicast: One-to-many distribution (IPTV).

References

RFC 793: Transmission Control Protocol (TCP) - The original reliability standard.
RFC 768: User Datagram Protocol (UDP) - The lightweight connectionless alternative.
RFC 7323: TCP Extensions for High Performance - Defines Window Scaling and Timestamps.
RFC 5681: TCP Congestion Control - Slow Start, Congestion Avoidance, and Fast Retransmit.