10 TCPTCP

TCPTCPTCPTCP

TCP

TCPTCPIPTCPIPTCPTCPTCP

TCPTCPTCPTCPTCPTCPIPTCPTCPTCPTCP

TCPTCPTCPTCPSocketSocketSocketSocket

TCP TCPTCP(TCP Connection)TCPIPIPC1C2IPTCPC3TCP4TCP

Positive Acknowledgement and RetransmissionPARPAR X.25TCPPARUDPTCP(ADSL)(Cable Modem)

1(1)

Sliding Window 3

Sliding Window

Sliding WindowTCPWindow SizeWindow SizeWindow SizeWindow SizeWindow Sizepacket 3packet 1packet 2packet 3

Sliding Window

Sliding Window-N(go-back-N)(selective repeat) [Sequence Number =100]-N[Sequence Number =100][Sequence Number =200][Sequence Number =300]Window Size[Sequence Number =100] TCP-NSACK-Permitted (Selective Acknowledgement)

Sliding Window

Sequence Number TCPTCP

Sequence Number

TCP(connection-oriented)(connection switches)TCPInitial Sequence NumberWindow SizeTCPTCPThree-way Handshake

-- 1A()SYNB()ABAInitial Sequence Number(ISNA)TCP(MSSSACK-Permitted)2BSYNSYN-ACKBISNBAcknowledge Number ACK(ISNA+1)Window SizeASend Window3ASYN-ACK ACK Sequence Number(ISNA+1)Acknowledge Number ACK(ISNB+1)Window Size A Receive Window

--

(DOS:Denial-of-service attack)ABSYNBSYN-ACKAACKBSYN-ACKSYN Timeout 30-2CPUIPSYN-ACK

(DOS:Denial-of-service attack)TCPSYN FloodSYN FloodSYN Flood()SYN Flood(DDoS:Distributed Denial-of-Service)

TCP TCPMSS(Maximum Segment Size)SACK-PermittedSACKMSSTCP PayloadTCP PayloadIPIP

TCP () 41AFIN-ACK B2FIN-ACK B ACK A3B FIN-ACK A4A ACK B

TCP

TCPSource Port2 BytesTCPDestination Port2 BytesTCPSequence Number4 BytesByte

TCPAcknowledge Number4 BytesByteData Offset4 BitsTCP4 Bytes5TCP20 BytesReserved6 Bits0

TCPFlags6 BitsBitTCPFlag6FlagUrgent1Acknowledge1Push1TCPReset1TCPTCPSynchronize1TCPTCPFinish1TCP

TCPWindow2 BytesChecksum2 BytesUDPUrgent Pointer2 BytesUrgent Flag1TCPUrgentByteOptionsPaddingOptionsTCPPaddingTCPOptions4 Bytes

UDPTCPUDPTCPTCPTCPUDPUDPTCPUDPTCPUDP

--TCP 1.Source port = 38982.Destination port = http (80)3.Sequence Number = 0xd8e24a3604.Acknowledgement Number5.Header Length = 28 Bytes6.Flags = SYN17.Window Size = 655358.Checksum = 0x12ec9.Options:(8 bytes)Maximum Segment Size: 1460 bytes;SACK permitted

--TCP 1.Source port = http (80)2.Destination port = 38983.Sequence Number = 0xbb43468604.Acknowledgement Number = 0xd8e24a3715.Header Length = 28 Bytes6.Flags = SYN, ACK17.Window Size = 58408.Checksum = 0xf5409.Options:(8 bytes)Maximum Segment Size: 1460 bytes;SACK permitted

--TCP 1.Source port = 38982.Destination port = http (80)3.Sequence Number = 0xd8e24a3714.Acknowledgement Number = 0xbb43468715.Header Length = 20 Bytes6.Flags = ACK17.Window Size = 655358.Checksum = 0x38d5

--TCP1.Source port = 38982.Destination port = http (80)3.Sequence Number = 0xd8e24a3714.Acknowledgement Number = 0xbb43468715.Header Length = 20 Bytes6.Flags = ACK17.Window Size = 64328.Checksum = 0xda0e

--TCP TCP

netstat

TCPView

TCPSilly window syndromeTCPwindowTCPRTTTCPwiresharkTCP