TCP error detection and recovery question?

just to make sure i got it right?

When host A is sending data segments using TCP to host B at the transport layer, and they all go through such as 100, 200, 300, 400 with 200 failing to go thru, how does host B know that 200 didn’t go thru? Is it because the sequence order for them all is embedded in the header of the very first segment 100? I guess it has to because if it was embedded in each of the data segments individually then how would it ever know 200 was supposed to go thru? to sum it up what tells Host B that 200 didn't go thru, how did it even know it was coming?

and how does Host B know that the next sequence its expecting is 500 and not anything else, where is that info embedded?
Cheers

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

pham0329

How do host B know it didn't go through or how does host A know it didn't go through?

Host B knows it didn't go through because it didn't receive it. I believe the ACK formula is something like the initial sequence + the size of the packet. So if the initial sequence is 1, and Host A send a packet 99 byte packet, Host B expects 101 as the next sequence number. Host A knows it didn't go through because Host B would have sent back an ACK for 200, which is what it expects to receive next.

When Host A receives Host's B ACK for sequence 200, it knows it needs to retransmit 200, and I believe (it's been a while), at this point, Host A stops all transmission until Host B it receives the next ACK from Host B. Once Host B receive seq 200, it sends an ACK for 500 because it received 300, and 400.

Once Host A received the ACK for 500, it knows 100-400 was received by Host B, and it proceeds to send 500. Once Host A sent all the data, it sets the FIN flag on the packet, letting Host B knows that the session is finish.

dtakhar

yes thats making sense thats how the instructor described it. i ust want to know where does it assume the incrementals are by 100 hundred and not anything else. does the inisital segment set the tone for the rest?

so if we use a diff example and host a is now sending first data segment using tcp to host b and lets say it sends 33, how does it know whats next?

i understand the concept just not how after the iniital data segment the rest pan out?

docrice

In TCP headers, there's a 4-byte field for the sequence (SEQ) number and another 4-byte field for the acknowledgement (ACK) number. Anytime a host sends x number bytes of data (this doesn't include header length bytes), it will record that in its internal sliding window counter. If the initial SEQ number starting point (after the TCP handshake) is 130 and then it sends 7 bytes of data for a single TCP segment, the receiving host gets the 7 bytes and then sends an acknowledgement of 138 (meaning that it expects the sender to then rubber stamp SEQ number 138 on the next segment sent).

But if the receiving host instead sees something like 152, it sees that there's a gap and lets the sender know that it didn't received anything from 138 onward (perhaps due a dropped packet at an intermediary router, lost packet, kidnapped packet by terrorists, etc.). Usually it has to nag the sender several times until the sender finally realizes that oh-crap-I-need-to-resend-some-earlier-stuff. If the sender had already been just sending all the way up to 170 when it finally realized the receiver has been shouting that it's missing part of the FedEx delivery, it would have to start over from 138 again and repeat everything afterward ... unless the "Selective Acknowledgement" option was negotiated during the TCP handshake at the beginning of the TCP session.

Also, you'll normally see a MSS (Maximum Segment Size) option in the first two packets of a TCP handshake between the two hosts and the value is typically something like 1460. This is the maximum amount of data that can be sent in a single segment on a FastEthernet LAN. So normally for data transfers which span more than one TCP segment, you'll likely see SEQ and ACK numbers increase by more than even 100s (I think your instructor was providing easy-to-visualize examples). It kind of depends though on what the applications between the two hosts are trying to exchange.