Basic Explanation of TCP Header

Acknowledgment (ack) numbers help enable ordered reliable data transfer for TCP stream. The seq number is sent by the TCP client, indicating how much data has been sent for the session (also known as the byte-order number). The ack number is sent by the TCP server, indicating that it has received cumulated data and is ready for the next segment.

The size of the ack is 32-bit.

image

Window Size

When the receiver sends an acknowledgment, it will tell the sender how much data it can transmit before the receiver will send an acknowledgment. We call this the window size. Basically, the window size indicates the size of the receive buffer.

image

The TCP connection will start with a small window size and every time when there is a successful acknowledgment, the window size will increase.

The window size is a 16-bit value so the largest window size would be 65535.

SYN-Flag

Short for synchronizing, SYN is a TCP packet sent to another computer requesting that a connection be established between them. If the SYN is received by the second machine, an SYN/ACK is sent back to the address requested by the SYN. The SYN and FIN control flags are not normally set in the same TCP header. The SYN flag synchronizes sequence numbers to initiate a TCP connection. The FIN flag indicates the end of data transmission to finish a TCP connection. A TCP header with the SYN and FIN flags set is anomalous TCP behavior, causing various responses from the recipient, depending on the OS.