Back Next 
TCP level.
  Three message protocols.

TCP - Transmission Control Protocol packet
  Generated at session level (by the application or system calls).
 
  Source and destination ports 16-bit  - used to distinguish which application
    or service is being communicated with on a particular machine.

  Sequence number 64-bit - offset from beginning of whole payload. Used to 
    rebuild the whole block of data being transfered. 

  ACK number 64-bit - if ACK flag set, this will be next sequence number 
    to expect. 

  Data offset 4-bit - size of TCP header in 32 bit words (5-15 words)
    Header has variable length options field (so offset needed).

  A variety of control/condition flags.
    See TCP_packet#TCP_segment_structure on wikipedia for details.

    NS, CWR, ECE - helps with Internet traffic congestion.

    URG - Respond to Urgent pointer field. Used to "jump" in line to bypass
      another transaction (possibly to cancel it). Not used often or 
      implemented well.
   
    ACK - Acknowledgement field important.

    PSH - push function.  Might be used for something like a ssh connection 
      where you've typed a key and you don't want the TCP/IP protocol to buffer
      the key in hope of building a larger packet before sending. You want the 
      keystroke to be immediately transmitted to the sshd service.

    SYN - Synchronize sequence number. Set on 1st packet only.

    RST - reset the connection.  

    FIN - no more data to be sent.


  Window size - number of bytes sender is willing to receive back.

  Checksum - header and data.

  Urgent Pointer 16-bit - last urgent byte (don't know)
  
  Options list - Tuple of Option-kind, [length, variable length Option-data]

  Padding to guarantee hat header ends on a 32 bit boundary.

  Data packet.


  * Error checking - has all the data for the session or activity been 
    delivered, is it re-assembled in the right order, and there is no
    duplication of packets. 

  * Source and target systems negotiate a "connection" before actual 
    transmission of data begins.

UDP - User Datagram Protocol packet
  A simpler version of a TCP packet - single unit of communication. Often
    used for communicating control information.

  Source and destination ports, Size, checksum and data.

  Classified as stateless. The packet is simply sent. If the target does not 
    respond, send assumes packet lost.

  May be used where time sensitive communication occurs. Better to loose one 
    of number of sequential packets then to delay data stream attempting to 
    recover a lost packet. 

  Used for DNS (domain name service), DHCP (Dynamic Host Configuration Protocol), 
    SNMP (Simple Network Management Protocol), RIP (Routing Information Protocol), etc.
    Communications where request and response are fairly simple and short.

ICMP - Internet Control Message Protocol.
  Used to send errors or confirm existence of other end of connection (ping).   

  Consists of a set of predefined flags and some additional data.
  
  Also classified as stateless.

  Not sent by application, but used by the OS and routers, i.e  processes handling TCP/IP.