TCP - Transmission Control Protocol
What is TCP?
TCP stands for Transmission Control Protocol. It’s one of the core protocols of Internet Protocol(IP) suite. TCP ensures reliable, ordered, and error-checked delivery of data between applications running on devices connected to a network.
Why is TCP useful?
Without TCP, data sent over the internet could arrive out of order, get lost, or be duplicated. So TCP solves this by * Breaking data into Packets. * Ensuring all packets arrive correctly and in order. * Retransmitting lost packets. * This makes it ideal for applications where accuracy and reliability are critical like web browsing, email.
How it works?
Connection setup (3-way handshake) – The client and server exchange messages to establish a connection.
Data transfer – Data is broken into packets, sent, acknowledged, and reassembled in the correct order.
Error checking – TCP checks for errors and requests retransmission if needed.
Connection termination – Once data transfer is complete, the connection is closed gracefully.
Where is TCP used?
Web browsing – HTTP and HTTPS use TCP to load websites reliably.
Email – Protocols like SMTP, IMAP, and POP3 rely on TCP.
File transfers – FTP and other file-sharing tools use TCP for accurate data delivery.
Remote access – SSH and Telnet use TCP to ensure secure and reliable sessions.
Why OSI Layer: Transport Layer (Layer 4)?
It manages end-to-end communication between devices.
It handles segmentation, flow control, error correction, and retransmission.
It provides a reliable communication channel for applications running at the Application Layer (Layer 7).
What are the key features?
Connection-oriented.
Reliable data transfer.
Error detection and recovery.
What is a three-way handshake in TCP?
A process used to establish a TCP connection: * SYN – Client sends a synchronize request. * SYN-ACK – Server acknowledges and synchronizes. * ACK – Client acknowledges server’s response.
What is a TCP segment?
A TCP segment is the unit of data sent over a TCP connection. It consists of: * TCP header (including sequence number, acknowledgment number, flags, etc.). * Data payload.
How is retransmission handled in TCP?
If an ACK is not received within the timeout interval, TCP retransmits the segment. Modern TCP uses: * Timeout-based retransmission. * Fast retransmit (based on duplicate ACKs).
What are some applications that use TCP?
HTTP/HTTPS (Web).
FTP (File Transfer).
SMTP (Email).
Telnet / SSH (Remote Access).
What is the working flow of TCP?
Connection Establishment (3-Way Handshake): * Client sends SYN → Says I want to start a connection. * Server replies with SYN-ACK → Says Okay, I got it. Let’s sync. * Client sends ACK → Says Confirmed. Let’s communicate.
Data Transfer: * Data is broken into segments with sequence numbers. * Each segment is sent from sender to receiver. * Receiver sends ACKs back to confirm receipt. * TCP uses a sliding window to send multiple packets before waiting. * If data is lost or corrupted, TCP retransmits it. * Flow control makes sure the sender doesn’t overload the receiver. * Congestion control adjusts speed based on network traffic.
Connection Termination (4-Way Handshake): * Sender sends FIN → Says I’m done sending data. * Receiver sends ACK → Says Okay, I got it. * Receiver sends FIN → Says I’m done too. * Sender sends ACK → Says Goodbye.
What is the difference between a port and an IP address?
IP address identifies a host in the network.
Port number identifies a specific process/service on that host. Together (IP + Port) = Socket.
Topics in this section,
In this section, you are going to learn
Terminology
Version Info
TCP Version |
RFC |
Year |
Core Ideas/Contribution |
|---|---|---|---|
TCP v1 |
|||
RFC 675 |
1974 |
First specification of TCP,combined with IP; intial handshake |
|
concept introduced . |
|||
TCP v2 |
|||
RFC 761 |
1980 |
Defined TCP separately from IP and updated segment formats. |
|
TCP v3(stable TCP) |
|||
RFC 793 |
1981 |
The foundational TCP specifications; still forms the backbone |
|
of modern TCP implementations. |
|||
TCP Performance Extensions |
|||
RFC 1323 |
1992 |
Intoduction of Window scaling,timestamps and PAWS. |
|
TCP SACK |
|||
RFC 2018 |
1996 |
Selective retransmission based on ACKs of received blocks. |
|
TCP Congestion Control |
|||
Algorithm |
|||
RFC2581 |
1999 |
Defined algorithms like slow start, fast retransmit , congestion |
|
avoidance. |
|||
TCP ECN Support |
|||
RFC3168 |
2001 |
Enabled routers to signal congestion without packet loss. |
|
Modern Congestion Control |
|||
update |
|||
RFC5681 |
2009 |
superseded RFC2581 with more robust congestion recovery |
|
mechanisms. |
|||
TCP Fast open (TFO) |
|||
RFC7413 |
2014 |
Reduced Web Latency; improved Performance for short, |
|
repeated TCP connections |
|||
Updated TCP specification |
|||
RFC9293 (RFC 793bis) |
2021 |
clarified outdated parts of RFC 793; incorporated decades of |
|
extensions and best practices. |
setup
setup
TCP SYN Packet
S.No |
Protocol Packets |
Description |
Size(bytes) |
|---|---|---|---|
1 |
SYN Packet |
Used to initiate a TCP connection. It is part of the |
18 |
three-way handshake process. |
|||
Source Port |
port number of the sender(Client) |
2 |
|
Destination Port |
port number of the receiver |
2 |
|
Sequence Number |
Initial sequence number |
4 |
|
Acknowledgment Number |
0(not set) |
0 |
|
Data Offset |
4-bit field that specifies size of TCP header in |
1 |
|
32-bit words. |
|||
Reserved |
3 bits reserved for future purpose |
1 |
|
Flags |
SYN flag set |
2 |
|
Window Size |
Size of the sender’s receive window. |
2 |
|
Checksum |
Error-checking field. |
2 |
|
Urgent Pointer |
points to the urgent data if the URG flag is set. |
2 |
|
Options |
May include options like Maximum Segment Size,Window scaling,Timestamps. |
variable |
|
Data(Payload) |
does not carry any payload data. |
0 |
TCP SYN-ACK Packet
s.no |
Packet details |
descrption |
size(Bytes) |
|---|---|---|---|
2 |
SYN-ACK Packet |
Sent by the receiver to acknowledge the SYN |
22 |
packet and establish the connection. |
|||
Source Port |
port number of the receiver |
2 |
|
Destination Port |
port number of the sender(Client) |
2 |
|
Sequence Number |
server’s ISN(Initial sequence number) |
4 |
|
Acknowledgment Number |
Client’s ISN+1 |
4 |
|
Data Offset |
4-bit field that specifies size of TCP header in |
1 |
|
32-bit words. |
|||
Reserved |
3 bits reserved for future purpose |
1 |
|
Flags |
SYN=1, ACK=1 |
2 |
|
Window Size |
Size of the receiver’s receive window. |
2 |
|
Checksum |
Error-checking field. |
2 |
|
Urgent Pointer |
points to the urgent data if the URG flag is set. |
2 |
|
Options |
May include options like Maximum Segment Size,Window scaling,Timestamps. |
variable |
|
(MSS). |
|||
Data(Payload) |
does not carry any payload data. |
0 |
TCP ACK Packet
s.no |
Packet details |
descrption |
size(bytes) |
|---|---|---|---|
3 |
ACK Packet |
Used to acknowledge received data or control packets. |
22 |
Source Port |
port number of the sender(Client) |
2 |
|
Destination Port |
port number of the receiver |
2 |
|
Sequence Number |
next byte the sender expects to receive. |
4 |
|
Acknowledgment Number |
Sequence number of the last received byte + 1. |
4 |
|
Data Offset |
4-bit field that specifies size of TCP header in |
1 |
|
32-bit words. |
|||
Reserved |
3 bits reserved for future purpose |
1 |
|
Flags |
ACK=1 |
2 |
|
Window Size |
Size of the Sender’s receive window. |
2 |
|
Checksum |
Error-checking field. |
2 |
|
Urgent Pointer |
points to the urgent data if the URG flag is set. |
2 |
|
Options |
May include options like Maximum Segment Size,Window scaling,Timestamps. |
variable |
|
(MSS). |
|||
Data(Payload) |
can carry payload data if it is piggybacking on data being sent. |
variable |
TCP SUBSCRIBE Packet
TCP PSH-ACK Packet
s.no |
packet details |
descrption |
size(bytes) |
|---|---|---|---|
4 |
PSH-ACK Packet |
Used to push data immediately to the receiving |
22 |
application and acknowledge the receipt of data. |
|||
Source Port |
port number of the sender(Client) |
2 |
|
Destination Port |
port number of the receiver |
2 |
|
Sequence Number |
sequence number of the first byte of data in the current |
4 |
|
message. |
|||
Acknowledgment Number |
sequence number of the next byte that the sender is |
4 |
|
expecting to receive. |
|||
Data Offset |
4-bit field that specifies size of TCP header in |
1 |
|
32-bit words. |
|||
Reserved |
3 bits reserved for future purpose |
1 |
|
Flags |
PSH=1, ACK=1 |
2 |
|
Window Size |
Size of the Sender’s receive window. |
2 |
|
Checksum |
Error-checking field. |
2 |
|
Urgent Pointer |
points to the urgent data if the URG flag is set. |
2 |
|
Options |
May include options like Maximum Segment Size,Window scaling,Timestamps. |
variable |
|
(MSS). |
|||
Data(Payload) |
carries payload data that needs to be processed immediately by the receiving application |
variable(1460) |
TCP FIN Packet
s.no |
packet details |
descrption |
size(Bytes) |
|---|---|---|---|
5 |
FIN Packet |
Used to terminate a TCP connection. |
22 |
Source Port |
port number of the sender(Client) |
2 |
|
Destination Port |
port number of the receiver |
2 |
|
Sequence Number |
Sequence number of the last byte sent. |
4 |
|
Acknowledgment Number |
Acknowledges received data |
4 |
|
Data Offset |
4-bit field that specifies size of TCP header in |
1 |
|
32-bit words. |
|||
Reserved |
3 bits reserved for future purpose |
1 |
|
Flags |
FIN=1 |
2 |
|
Window Size |
Size of the Sender’s receive window. |
2 |
|
Checksum |
Error-checking field. |
2 |
|
Urgent Pointer |
points to the urgent data if the URG flag is set. |
2 |
|
Options |
May include options like Maximum Segment Size,Window scaling,Timestamps. |
variable |
|
(MSS). |
|||
Data(Payload) |
does not carry any payload data. |
0 |
TCP FIN-ACK Packet
S.No |
Packets details |
Description |
Size(bytes) |
|---|---|---|---|
6 |
FIN-ACK Packet |
Sent to acknowledge the receipt of a FIN packet and |
22 |
signal the end of data transmission. |
|||
Source Port |
port number of the sender(Client) |
2 |
|
Destination Port |
port number of the receiver |
2 |
|
Sequence Number |
Sequence number of the last byte sent. |
4 |
|
Acknowledgment Number |
sequence number of the next byte that the sender is expecting to receive |
4 |
|
Data Offset |
4-bit field that specifies size of TCP header in |
1 |
|
32-bit words. |
|||
Reserved |
3 bits reserved for future purpose |
1 |
|
Flags |
FIN=1,ACK=1 |
2 |
|
Window Size |
Size of the Sender’s receive window. |
2 |
|
Checksum |
Error-checking field. |
2 |
|
Urgent Pointer |
points to the urgent data if the URG flag is set. |
2 |
|
Options |
May include options like Maximum Segment Size,Window scaling,Timestamps. |
variable |
|
(MSS). |
|||
Data(Payload) |
does not carry any payload data. |
0 |
TCP RST Packet
s.no |
packet details |
descrption |
size(bytes) |
|---|---|---|---|
7 |
RST Packet |
Used to reset a TCP connection. |
22 |
Source Port |
port number of the sender(Client) |
2 |
|
Destination Port |
port number of the receiver |
2 |
|
Sequence Number |
Sequence number of the last byte sent. |
4 |
|
Acknowledgment Number |
Typically set to 0, as the connection is being reset. |
4 |
|
Data Offset |
4-bit field that specifies size of TCP header in |
1 |
|
32-bit words. |
|||
Reserved |
3 bits reserved for future purpose |
1 |
|
Flags |
RST=1 |
2 |
|
Window Size |
Size of the Sender’s receive window. |
2 |
|
Checksum |
Error-checking field. |
2 |
|
Urgent Pointer |
points to the urgent data if the URG flag is set. |
2 |
|
Options |
May include options like Maximum Segment Size,Window scaling,Timestamps. |
variable |
|
(MSS). |
|||
Data(Payload) |
does not carry any payload data. |
0 |
TCP-Use Cases |
||
|---|---|---|
S.No |
Use Case |
Descrption |
1 |
Web Browsing(HTTP/HTTPS) |
Ensures reliable delivery of web pages & resources over protocols. |
2 |
Email(SMTP, IMAP,POP3) |
Guarantees ordered and complete message delivery for sending |
and retrieving emails. |
||
3 |
File Transfer(FTP,SFTP) |
Reliable and ordered transmission of large files over networks. |
4 |
Data Base Access |
Maintains consistent & reliable connections for updating data base. |
5 |
VoIP with TCP fallback |
Some VoIP appilications use TCP for control/data fall back. |
6 |
IOT Device Control |
Requiring reliable communication between IOT devices . |
S.No |
Feature |
Descrption |
|---|---|---|
1 |
Connection-oriented |
Enables a reliable communication b/w sender & receiver. |
2 |
Reliable Data Transfer |
Ensures data is delivered accurately and in order using ACks and |
retransmissions. |
||
3 |
Error Detection |
Uses checksum to detect corrupted data segments in transmission. |
4 |
Flow Control |
Prevents overwhelming receiver using the sliding Window protocol. |
5 |
Port Addressing |
Uses port numbers to identify sending and receiving appilications on |
hosts. |
||
6 |
Graceful Connection Termination |
Closes connections cleanly using a 4-step termination process. |
7 |
Congestion Control |
Adjusts transmission rate based on network congestion using |
algorithms like slow start and congestion avoidance. |
||
8 |
Stream-Oriented |
Treats data as a continous byte stream rather than discrete packets. |
9 |
Ordered Delivery |
Reassembles segments in the correct order before passing data to |
the appilication layer. |
Connection Oriented - Testcases
S.No |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
TCP 3-Way Handshake |
Initiate connection |
SYN, SYN-ACK, ACK exchanged |
2 |
TCP Connection Establishment |
Client connects to server |
Connection established |
3 |
TCP Connection Termination |
Close connection |
FIN, ACK exchanged |
4 |
TCP Connection Reset |
Send RST |
Connection reset immediately |
5 |
Duplicate SYN Handling |
Send duplicate SYN |
Handshake continues correctly |
6 |
Delayed ACK Handling |
Delay ACK response |
Connection remains stable |
7 |
Retransmission on Timeout |
Drop ACK |
Packet retransmitted |
8 |
Sequence Number Validation |
Check sequence numbers |
Numbers increment correctly |
9 |
Acknowledgment Number Validation |
Check ACK numbers |
ACKs match expected values |
10 |
Window Size Negotiation |
Exchange window size |
Flow control established |
11 |
Congestion Control Start |
Start slow start |
Congestion window increases exponentially |
12 |
Congestion Avoidance |
Enter avoidance phase |
Window increases linearly |
13 |
Fast Retransmit |
Trigger triple duplicate ACKs |
Packet retransmitted |
14 |
Fast Recovery |
Recover after fast retransmit |
Congestion window adjusted |
15 |
TCP Keepalive |
Enable keepalive |
Idle connection maintained |
16 |
TCP Timeout |
Idle beyond timeout |
Connection closed |
17 |
Half-Open Connection |
Client closes, server doesnt |
Server detects and closes |
18 |
Simultaneous Open |
Both sides send SYN |
Connection established |
19 |
Simultaneous Close |
Both sides send FIN |
Connection closed cleanly |
20 |
TCP Port Unreachable |
Connect to closed port |
RST received |
21 |
TCP with NAT |
Use NAT device |
Connection maintained |
22 |
TCP with Firewall |
Block port |
Connection fails |
23 |
TCP with VPN |
Use VPN tunnel |
Connection established |
24 |
TCP with Packet Loss |
Drop packets |
Retransmission occurs |
25 |
TCP with Packet Reordering |
Reorder packets |
Data reassembled correctly |
26 |
TCP with Duplicate Packets |
Send duplicates |
Duplicates discarded |
27 |
TCP with Fragmentation |
Send large data |
Data reassembled correctly |
28 |
TCP with MSS Negotiation |
Negotiate MSS |
Data sent within limits |
29 |
TCP with Window Scaling |
Enable scaling |
Large window supported |
30 |
TCP with Selective ACK |
Enable SACK |
Only missing segments retransmitted |
31 |
TCP with Timestamps |
Enable timestamps |
RTT measured accurately |
32 |
TCP with Delayed ACK |
Enable delayed ACK |
ACKs sent after delay |
33 |
TCP with Nagles Algorithm |
Enable Nagle |
Small packets coalesced |
34 |
TCP with Push Flag |
Set PSH flag |
Data pushed immediately |
35 |
TCP with Urgent Pointer |
Use URG flag |
Urgent data processed |
36 |
TCP with Zero Window |
Set window to 0 |
Sender pauses transmission |
37 |
TCP Window Update |
Increase window size |
Sender resumes transmission |
38 |
TCP with High Latency |
Simulate delay |
Connection remains stable |
39 |
TCP with High Bandwidth |
Send large data |
Connection handles throughput |
40 |
TCP with Multiple Streams |
Open multiple connections |
All connections maintained |
41 |
TCP with TLS |
Wrap in TLS |
Secure connection established |
42 |
TCP with IPv6 |
Use IPv6 |
Connection established |
43 |
TCP with IPv4 |
Use IPv4 |
Connection established |
44 |
TCP with SYN Flood |
Send many SYNs |
Server handles or drops |
45 |
TCP with FIN Flood |
Send many FINs |
Server handles or drops |
46 |
TCP with RST Flood |
Send many RSTs |
Server handles or drops |
47 |
TCP with Checksum Error |
Corrupt checksum |
Packet discarded |
48 |
TCP with Invalid Flags |
Send invalid flags |
Packet dropped or ignored |
49 |
TCP with Connection Migration |
Change IP mid-session |
Connection fails (TCP not mobile) |
50 |
TCP with Application Layer |
Use HTTP over TCP |
Data transmitted reliably |
Reliable Data Transfer - Testcases
S.No |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
Data Delivery Confirmation |
Send data from client to server |
ACK received for each segment |
2 |
Ordered Data Delivery |
Send multiple segments |
Data received in correct order |
3 |
Duplicate Data Handling |
Send duplicate segments |
Duplicates discarded |
4 |
Lost Segment Recovery |
Drop a segment |
Retransmission occurs |
5 |
Timeout-Based Retransmission |
Simulate timeout |
Segment retransmitted |
6 |
Sequence Number Tracking |
Monitor sequence numbers |
Numbers increment correctly |
7 |
Acknowledgment Number Tracking |
Monitor ACK numbers |
ACKs match received data |
8 |
Flow Control with Window Size |
Adjust window size |
Sender adapts transmission rate |
9 |
Congestion Control Activation |
Simulate congestion |
TCP reduces transmission rate |
10 |
Fast Retransmit |
Trigger triple duplicate ACKs |
Lost segment retransmitted quickly |
11 |
Fast Recovery |
Recover after fast retransmit |
Congestion window adjusted |
12 |
Selective Acknowledgment (SACK) |
Enable SACK |
Only missing segments retransmitted |
13 |
Data Integrity Check |
Corrupt data |
TCP checksum detects error |
14 |
Data Reassembly |
Send fragmented data |
Receiver reassembles correctly |
15 |
Zero Window Advertisement |
Set window to 0 |
Sender pauses transmission |
16 |
Window Update |
Increase window size |
Sender resumes transmission |
17 |
Retransmission Limit |
Exceed retry limit |
Connection reset |
18 |
Keepalive Mechanism |
Enable keepalive |
Idle connection maintained |
19 |
Connection Termination |
Send FIN |
All data acknowledged before close |
20 |
Connection Reset |
Send RST |
Connection terminated immediately |
21 |
Data Transfer Over VPN |
Use VPN tunnel |
Data reliably transferred |
22 |
Data Transfer Over NAT |
Use NAT device |
Data reliably transferred |
23 |
Data Transfer Over IPv6 |
Use IPv6 |
Data reliably transferred |
24 |
Data Transfer Over IPv4 |
Use IPv4 |
Data reliably transferred |
25 |
Data Transfer with Packet Loss |
Drop packets |
TCP recovers lost data |
26 |
Data Transfer with Packet Reordering |
Reorder packets |
TCP reorders correctly |
27 |
Data Transfer with Duplicate Packets |
Send duplicates |
TCP discards duplicates |
28 |
Data Transfer with Fragmentation |
Fragment large data |
TCP reassembles correctly |
29 |
Data Transfer with High Latency |
Simulate delay |
TCP maintains reliability |
30 |
Data Transfer with High Bandwidth |
Send large data |
TCP handles throughput |
31 |
Data Transfer with TLS |
Use TLS over TCP |
Secure and reliable transfer |
32 |
Data Transfer with Application Layer |
Use HTTP over TCP |
Data reliably delivered |
33 |
Data Transfer with Nagles Algorithm |
Enable Nagle |
Small packets coalesced |
34 |
Data Transfer with Push Flag |
Set PSH flag |
Data pushed immediately |
35 |
Data Transfer with Urgent Pointer |
Use URG flag |
Urgent data processed |
36 |
Data Transfer with Checksum Error |
Corrupt checksum |
Segment discarded |
37 |
Data Transfer with Invalid Flags |
Send invalid flags |
Segment dropped |
38 |
Data Transfer with SYN Flood |
Simulate attack |
Server handles or drops |
39 |
Data Transfer with FIN Flood |
Simulate attack |
Server handles or drops |
40 |
Data Transfer with RST Flood |
Simulate attack |
Server handles or drops |
41 |
Data Transfer with Multiple Streams |
Open multiple TCP connections |
All streams reliable |
42 |
Data Transfer with Connection Migration |
Change IP mid-session |
TCP connection fails |
43 |
Data Transfer with Firewall |
Block port |
Connection fails |
44 |
Data Transfer with Proxy |
Use proxy server |
Data reliably transferred |
45 |
Data Transfer with Load Balancer |
Use load balancer |
Data reliably routed |
46 |
Data Transfer with Monitoring Tool |
Monitor TCP stream |
Data integrity confirmed |
47 |
Data Transfer with Automation Script |
Automate TCP test |
Reliable delivery verified |
48 |
Data Transfer with Compliance Audit |
Run audit |
TCP meets reliability standards |
49 |
Data Transfer with Simulation |
Simulate TCP session |
Data reliably transferred |
50 |
Data Transfer with Packet Sniffer |
Capture TCP packets |
All segments verified |
Error Detection - Testcases
S.No |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
Null Input |
Submit empty input |
Error detected: Null input |
2 |
Invalid Format |
Input in wrong format |
Error detected: Format mismatch |
3 |
Missing Field |
Required field missing |
Error detected: Missing field |
4 |
Extra Field |
Extra field in input |
Error detected: Unexpected field |
5 |
SQL Injection |
Input contains SQL code |
Error detected: Malicious input |
6 |
XSS Attack |
Input contains script tags |
Error detected: XSS attempt |
7 |
Special Characters |
Input has unsupported characters |
Error detected: Invalid characters |
8 |
Long Input |
Input exceeds max length |
Error detected: Input too long |
9 |
Short Input |
Input below min length |
Error detected: Input too short |
10 |
Incorrect Data Type |
Input type mismatch |
Error detected: Type error |
11 |
Duplicate Entry |
Input already exists |
Error detected: Duplicate data |
12 |
Invalid Email |
Email format incorrect |
Error detected: Invalid email |
13 |
Invalid Date |
Date format incorrect |
Error detected: Invalid date |
14 |
Future Date |
Date is in the future |
Error detected: Invalid date |
15 |
Past Date |
Date is too old |
Error detected: Invalid date |
16 |
Invalid Number |
Non-numeric input in numeric field |
Error detected: Not a number |
17 |
Negative Number |
Negative value in positive-only field |
Error detected: Invalid value |
18 |
Zero Value |
Zero in non-zero field |
Error detected: Invalid value |
19 |
Boundary Value |
Value on boundary |
Error detected: Boundary violation |
20 |
HTML Tags |
Input contains HTML |
Error detected: HTML not allowed |
21 |
JSON Malformed |
JSON structure broken |
Error detected: Invalid JSON |
22 |
XML Malformed |
XML structure broken |
Error detected: Invalid XML |
23 |
File Upload Error |
Corrupt file uploaded |
Error detected: File error |
24 |
Unsupported File Type |
Wrong file format |
Error detected: Unsupported type |
25 |
Large File Upload |
File exceeds size limit |
Error detected: File too large |
26 |
Timeout Error |
Input processing timeout |
Error detected: Timeout |
27 |
Network Error |
Network failure during input |
Error detected: Network issue |
28 |
Unauthorized Access |
Input from unauthorized user |
Error detected: Access denied |
29 |
Session Expired |
Input after session timeout |
Error detected: Session expired |
30 |
Invalid Token |
Wrong auth token |
Error detected: Invalid token |
31 |
Incorrect Password |
Wrong password entered |
Error detected: Authentication failed |
32 |
Invalid Username |
Username not found |
Error detected: User not found |
33 |
Blank Spaces |
Input only has spaces |
Error detected: Empty input |
34 |
Tab Characters |
Input contains tabs |
Error detected: Invalid characters |
35 |
Unicode Characters |
Input has unsupported Unicode |
Error detected: Encoding error |
36 |
Case Sensitivity |
Wrong case used |
Error detected: Case mismatch |
37 |
Logic Error |
Input causes logic failure |
Error detected: Logic error |
38 |
API Error |
API returns error |
Error detected: API failure |
39 |
Dependency Failure |
External service fails |
Error detected: Dependency error |
40 |
Retry Limit Exceeded |
Too many retries |
Error detected: Retry limit reached |
41 |
Invalid URL |
URL format incorrect |
Error detected: Invalid URL |
42 |
Broken Link |
URL leads to 404 |
Error detected: Link not found |
43 |
Invalid Phone Number |
Wrong phone format |
Error detected: Invalid phone |
44 |
Invalid Country Code |
Wrong country code |
Error detected: Invalid code |
45 |
Invalid Currency |
Unsupported currency format |
Error detected: Invalid currency |
46 |
Invalid Timezone |
Timezone not recognized |
Error detected: Invalid timezone |
47 |
Invalid Language Code |
Language code not supported |
Error detected: Invalid language |
48 |
Invalid Boolean |
Non-boolean in boolean field |
Error detected: Type mismatch |
49 |
Invalid Enum |
Value not in enum list |
Error detected: Enum mismatch |
50 |
System Crash |
Input causes crash |
Error detected: System failure |
Flow Control - Testcases
S.No |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
Valid Flow |
Execute normal flow |
Flow proceeds without error |
2 |
Invalid Transition |
Trigger invalid state change |
Error detected: Invalid transition |
3 |
Missing Step |
Skip a required step |
Error detected: Step missing |
4 |
Repeated Step |
Repeat a step unnecessarily |
Error detected: Redundant step |
5 |
Unauthorized Flow |
User tries restricted flow |
Error detected: Access denied |
6 |
Timeout in Flow |
Step takes too long |
Error detected: Timeout |
7 |
Interrupted Flow |
Flow interrupted mid-process |
Error detected: Flow interrupted |
8 |
Loop Detection |
Detect infinite loop |
Error detected: Loop detected |
9 |
Conditional Branching |
Test conditional path |
Correct branch executed |
10 |
Parallel Execution |
Run steps in parallel |
All steps complete successfully |
11 |
Sequential Execution |
Run steps in sequence |
Steps execute in correct order |
12 |
Retry Mechanism |
Retry failed step |
Step retried successfully |
13 |
Max Retry Exceeded |
Retry limit reached |
Error detected: Retry limit exceeded |
14 |
Rollback on Failure |
Rollback after error |
Previous state restored |
15 |
Resume Flow |
Resume after pause |
Flow resumes correctly |
16 |
Pause Flow |
Pause mid-process |
Flow paused successfully |
17 |
Cancel Flow |
Cancel ongoing flow |
Flow cancelled successfully |
18 |
Invalid Input in Flow |
Provide wrong input |
Error detected: Invalid input |
19 |
Flow Completion |
Complete all steps |
Flow ends successfully |
20 |
Flow Abandonment |
User abandons flow |
Flow marked as incomplete |
21 |
Flow Restart |
Restart from beginning |
Flow restarted successfully |
22 |
Flow Status Check |
Query flow status |
Correct status returned |
23 |
Flow History |
View past flow steps |
History displayed correctly |
24 |
Flow Logging |
Log each step |
Logs created successfully |
25 |
Flow Metrics |
Measure flow performance |
Metrics recorded accurately |
26 |
Flow Validation |
Validate flow configuration |
Flow validated successfully |
27 |
Flow Configuration Error |
Misconfigured flow |
Error detected: Configuration issue |
28 |
Flow Trigger |
Trigger flow manually |
Flow triggered successfully |
29 |
Auto Trigger Flow |
Trigger flow automatically |
Flow starts as expected |
30 |
Flow Dependency Check |
Check dependent flows |
Dependencies validated |
31 |
Flow Versioning |
Use different flow versions |
Correct version executed |
32 |
Flow Upgrade |
Upgrade flow version |
Upgrade successful |
33 |
Flow Downgrade |
Downgrade flow version |
Downgrade successful |
34 |
Flow Access Control |
Restrict flow access |
Access control enforced |
35 |
Flow Audit Trail |
Track flow actions |
Audit trail generated |
36 |
Flow Notification |
Notify on flow events |
Notifications sent |
37 |
Flow Alert |
Alert on flow failure |
Alert triggered |
38 |
Flow Escalation |
Escalate on error |
Escalation initiated |
39 |
Flow Integration |
Integrate with external system |
Integration successful |
40 |
Flow API Call |
Trigger flow via API |
API call successful |
41 |
Flow UI Trigger |
Trigger flow via UI |
UI trigger successful |
42 |
Flow Data Mapping |
Map data between steps |
Data mapped correctly |
43 |
Flow Data Loss |
Data lost during flow |
Error detected: Data loss |
44 |
Flow Data Validation |
Validate data at each step |
Data validated successfully |
45 |
Flow Step Skipping |
Skip optional step |
Flow continues correctly |
46 |
Flow Step Reordering |
Change step order |
Flow adapts correctly |
47 |
Flow Step Failure |
Step fails unexpectedly |
Error handled gracefully |
48 |
Flow Step Success |
Step completes successfully |
Step marked as complete |
49 |
Flow Step Timeout |
Step exceeds time limit |
Error detected: Step timeout |
50 |
Flow End Condition |
Check end condition |
Flow ends as expected |
Port Addressing - Testcases
S.No |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
Valid Port Number |
Use a valid port (e.g., 80) |
Port accepted |
2 |
Port Number Too Low |
Use port number < 0 |
Error: Invalid port |
3 |
Port Number Too High |
Use port number > 65535 |
Error: Invalid port |
4 |
Reserved Port |
Use reserved port (e.g., 0) |
Error: Reserved port |
5 |
Duplicate Port |
Assign same port to two services |
Error: Port conflict |
6 |
Port Already in Use |
Try to bind to used port |
Error: Port in use |
7 |
Dynamic Port Range |
Use port in dynamic range (4915265535) |
Port accepted |
8 |
Well-Known Port |
Use port in 01023 range |
Port accepted with admin rights |
9 |
Registered Port |
Use port in 102449151 range |
Port accepted |
10 |
Port Format String |
Input port as string |
Error: Invalid format |
11 |
Port Format Float |
Input port as float |
Error: Invalid format |
12 |
Port Format Hex |
Input port in hex |
Error or convert to decimal |
13 |
Port Format Negative |
Input negative port |
Error: Invalid port |
14 |
Port Format Null |
No port provided |
Error: Port required |
15 |
Port Format Empty |
Empty string as port |
Error: Port required |
16 |
Port Format Special Char |
Port with special characters |
Error: Invalid characters |
17 |
Port Format Alphanumeric |
Port with letters |
Error: Invalid format |
18 |
Port Binding Success |
Bind to available port |
Binding successful |
19 |
Port Binding Failure |
Bind to unavailable port |
Error: Binding failed |
20 |
Port Release |
Release port after use |
Port released successfully |
21 |
Port Reuse |
Reuse released port |
Port reused successfully |
22 |
Port Timeout |
Port not released after timeout |
Error: Port still in use |
23 |
Port Scan Detection |
Detect port scan attempt |
Alert triggered |
24 |
Port Forwarding |
Forward traffic to another port |
Forwarding successful |
25 |
Port Blocking |
Block specific port |
Port blocked successfully |
26 |
Port Filtering |
Allow only specific ports |
Filtering applied |
27 |
Port Range Validation |
Validate port range input |
Range accepted or rejected |
28 |
Port Conflict Resolution |
Resolve port conflict |
Conflict resolved |
29 |
Port Logging |
Log port usage |
Logs generated |
30 |
Port Monitoring |
Monitor port activity |
Activity tracked |
31 |
Port Access Control |
Restrict access to port |
Access denied |
32 |
Port Encryption |
Secure port communication |
Encryption enabled |
33 |
Port Authentication |
Require auth for port access |
Auth enforced |
34 |
Port Mapping |
Map external to internal port |
Mapping successful |
35 |
Port NAT Traversal |
Handle NAT traversal |
Traversal successful |
36 |
Port Load Balancing |
Distribute traffic across ports |
Load balanced |
37 |
Port Failover |
Switch to backup port |
Failover successful |
38 |
Port Health Check |
Check port availability |
Port is healthy |
39 |
Port Throttling |
Limit traffic on port |
Throttling applied |
40 |
Port Flood Protection |
Detect port flooding |
Protection triggered |
41 |
Port Isolation |
Isolate port from network |
Isolation successful |
42 |
Port Redirection |
Redirect traffic to another port |
Redirection successful |
43 |
Port Protocol Match |
Match port with correct protocol |
Protocol matched |
44 |
Port Protocol Mismatch |
Use wrong protocol on port |
Error: Protocol mismatch |
45 |
Port Logging Disabled |
Disable port logging |
Logging disabled |
46 |
Port Access Log |
View access logs |
Logs displayed |
47 |
Port Usage Stats |
View usage statistics |
Stats generated |
48 |
Port Configuration Error |
Misconfigured port |
Error: Configuration issue |
49 |
Port Security Breach |
Simulate breach attempt |
Breach detected |
50 |
Port Recovery |
Recover from port failure |
Recovery successful |
Graceful Connection Termination - Testcases
S.No |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
Normal Termination |
Close connection after data transfer |
Connection closed gracefully |
2 |
FIN-ACK Exchange |
Verify proper FIN and ACK sequence |
FIN and ACK exchanged correctly |
3 |
Double FIN |
Both sides send FIN |
Connection terminated properly |
4 |
FIN Timeout |
FIN not acknowledged |
Error: Timeout detected |
5 |
Abrupt Close |
Close without FIN |
Error: Unclean termination |
6 |
Half-Closed Connection |
One side sends FIN, other continues |
Half-close handled correctly |
7 |
Data After FIN |
Send data after FIN |
Error: Data rejected |
8 |
FIN Retransmission |
FIN packet lost |
FIN retransmitted successfully |
9 |
ACK Lost |
ACK for FIN lost |
ACK retransmitted |
10 |
FIN Delay |
Delay in sending FIN |
Connection remains open until FIN |
11 |
FIN Collision |
Both sides send FIN simultaneously |
Connection closed correctly |
12 |
FIN with Data |
FIN sent with last data packet |
Data and FIN processed correctly |
13 |
FIN on Idle Connection |
FIN sent after idle period |
Connection closed gracefully |
14 |
FIN on Busy Connection |
FIN sent during data transfer |
Data completed before termination |
15 |
FIN with RST |
FIN followed by RST |
Error: Abrupt termination |
16 |
FIN Retry Limit |
Retry FIN multiple times |
FIN sent within retry limit |
17 |
FIN on Secure Channel |
FIN sent over TLS |
Secure termination completed |
18 |
FIN on Encrypted Data |
FIN after encrypted data |
Data decrypted and connection closed |
19 |
FIN on Compressed Data |
FIN after compressed data |
Data decompressed and closed |
20 |
FIN on Fragmented Data |
FIN after fragmented packets |
All fragments reassembled before close |
21 |
FIN with Keep-Alive |
FIN sent after keep-alive |
Keep-alive stopped, connection closed |
22 |
FIN with Heartbeat |
FIN sent after heartbeat |
Heartbeat stopped, connection closed |
23 |
FIN with Authentication |
FIN after auth session |
Session terminated securely |
24 |
FIN with Authorization |
FIN after access control |
Access revoked, connection closed |
25 |
FIN with Logging |
Log termination event |
Termination logged |
26 |
FIN with Audit Trail |
Record termination in audit |
Audit trail updated |
27 |
FIN with Notification |
Notify user on termination |
Notification sent |
28 |
FIN with Alert |
Alert on termination |
Alert triggered |
29 |
FIN with Metrics |
Record termination metrics |
Metrics updated |
30 |
FIN with Monitoring |
Monitor termination process |
Monitoring confirms graceful close |
31 |
FIN with Load Balancer |
Terminate connection via LB |
LB handles termination correctly |
32 |
FIN with Proxy |
Terminate via proxy server |
Proxy forwards FIN correctly |
33 |
FIN with NAT |
Terminate behind NAT |
NAT handles FIN correctly |
34 |
FIN with Firewall |
Terminate through firewall |
Firewall allows FIN packets |
35 |
FIN with VPN |
Terminate over VPN |
VPN tunnel closed gracefully |
36 |
FIN with QoS |
Terminate with QoS rules |
QoS maintained during termination |
37 |
FIN with Throttling |
Throttled connection termination |
Throttling ends, connection closed |
38 |
FIN with Rate Limiting |
Rate-limited termination |
Rate limits respected |
39 |
FIN with Session Expiry |
Terminate on session expiry |
Session expired, connection closed |
40 |
FIN with Idle Timeout |
Terminate after idle timeout |
Timeout triggered, connection closed |
41 |
FIN with Manual Trigger |
User manually closes connection |
Manual termination successful |
42 |
FIN with Scripted Trigger |
Script initiates termination |
Script executes FIN correctly |
43 |
FIN with API Call |
API triggers termination |
API call closes connection |
44 |
FIN with UI Action |
UI button closes connection |
UI action triggers graceful close |
45 |
FIN with Error Recovery |
Recover from error before FIN |
Recovery successful, then FIN |
46 |
FIN with Retry Logic |
Retry failed termination |
Retry successful |
47 |
FIN with Backup Channel |
Switch to backup before FIN |
Backup used, then closed |
48 |
FIN with Redundancy |
Redundant connection closed |
Redundancy handled correctly |
49 |
FIN with Failover |
Failover before termination |
Failover complete, then FIN |
50 |
FIN with Resource Cleanup |
Cleanup resources on termination |
Resources released successfully |
Congestion Control - Testcases
S.No |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
Normal Traffic |
Send data under normal conditions |
No congestion detected |
2 |
High Traffic Volume |
Send large data quickly |
Congestion detected |
3 |
Sudden Traffic Spike |
Abrupt increase in traffic |
Congestion control triggered |
4 |
Packet Loss Detection |
Simulate packet loss |
Congestion control activated |
5 |
Timeout Detection |
Simulate timeout |
Congestion window reduced |
6 |
Duplicate ACKs |
Send duplicate ACKs |
Fast retransmit triggered |
7 |
Triple Duplicate ACKs |
Send 3 duplicate ACKs |
Fast recovery initiated |
8 |
Slow Start Phase |
Begin connection |
Exponential window growth |
9 |
Congestion Avoidance Phase |
After slow start |
Linear window growth |
10 |
Fast Retransmit |
Detect loss via ACKs |
Retransmit lost packet |
11 |
Fast Recovery |
Recover from loss |
Resume transmission smoothly |
12 |
Window Size Increase |
Increase congestion window |
Throughput improves |
13 |
Window Size Decrease |
Decrease window after loss |
Throughput reduced |
14 |
Zero Window Size |
Receiver sets window to 0 |
Sender pauses transmission |
15 |
Window Probe |
Probe zero window |
Receiver responds with window update |
16 |
RTT Measurement |
Measure round-trip time |
RTT calculated accurately |
17 |
Bandwidth Estimation |
Estimate available bandwidth |
Bandwidth used efficiently |
18 |
Buffer Overflow |
Simulate buffer overflow |
Congestion detected |
19 |
Queue Delay |
Increase queue delay |
Congestion signaled |
20 |
ECN Enabled |
Use Explicit Congestion Notification |
ECN flags processed |
21 |
ECN Disabled |
Disable ECN |
No ECN flags used |
22 |
Random Early Detection |
Drop packets early |
Congestion avoided |
23 |
TCP Reno Behavior |
Use Reno algorithm |
Reno phases executed correctly |
24 |
TCP Tahoe Behavior |
Use Tahoe algorithm |
Tahoe phases executed correctly |
25 |
TCP Cubic Behavior |
Use Cubic algorithm |
Cubic growth observed |
26 |
TCP BBR Behavior |
Use BBR algorithm |
Bandwidth-based control applied |
27 |
Congestion Window Saturation |
Max out window size |
No further growth allowed |
28 |
Congestion Window Reset |
Reset window after loss |
Window set to initial value |
29 |
ACK Delay |
Delay ACKs artificially |
RTT increases, window adjusted |
30 |
ACK Burst |
Send burst of ACKs |
Window grows rapidly |
31 |
Retransmission Timeout |
Trigger RTO |
Congestion window reset |
32 |
Multiple Loss Events |
Simulate multiple losses |
Multiple recovery phases triggered |
33 |
No Congestion |
Send small data |
No control triggered |
34 |
Idle Connection |
No data sent for long |
Window remains unchanged |
35 |
Reconnection |
Reconnect after termination |
Slow start initiated again |
36 |
Flow Control Interaction |
Combine with flow control |
Both mechanisms work together |
37 |
Application-Limited Flow |
App sends limited data |
Window growth paused |
38 |
Delayed ACKs |
ACKs delayed intentionally |
RTT increases, window adjusted |
39 |
ACK Loss |
ACKs lost in transit |
Retransmission triggered |
40 |
Mixed Traffic |
Mix of large and small packets |
Adaptive control applied |
41 |
Network Jitter |
Simulate jitter |
RTT variation handled |
42 |
Network Congestion |
Simulate real congestion |
Control mechanisms activated |
43 |
Link Failure |
Simulate link drop |
Connection reset |
44 |
Recovery After Congestion |
Resume normal traffic |
Window grows again |
45 |
Congestion in VPN |
Simulate congestion over VPN |
VPN handles congestion |
46 |
Congestion in NAT |
Simulate congestion behind NAT |
NAT handles control correctly |
47 |
Congestion in Proxy |
Simulate congestion via proxy |
Proxy forwards control signals |
48 |
Congestion in Cloud |
Simulate cloud network congestion |
Cloud handles control efficiently |
49 |
Congestion in Mobile Network |
Simulate mobile congestion |
Mobile TCP adapts |
50 |
Congestion Logging |
Log congestion events |
Logs generated successfully |
Stream Oriented - Testcases
S.No |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
Continuous Data Flow |
Send continuous stream |
Data received in order |
2 |
Byte Order Preservation |
Check byte sequence |
Bytes received in same order |
3 |
No Message Boundaries |
Send multiple messages |
Messages merged as stream |
4 |
Fragmented Transmission |
Send data in fragments |
Reassembled correctly |
5 |
Large Stream |
Send large data stream |
Entire stream received |
6 |
Small Stream |
Send small data stream |
Data received correctly |
7 |
Stream with Delay |
Introduce delay in stream |
Stream resumes correctly |
8 |
Stream with Pause |
Pause and resume stream |
No data loss |
9 |
Stream with Retransmission |
Simulate packet loss |
Retransmission successful |
10 |
Stream with ACK |
Verify ACK for stream |
ACKs received correctly |
11 |
Stream with Windowing |
Use TCP windowing |
Flow controlled properly |
12 |
Stream with Congestion |
Simulate congestion |
Stream slows down |
13 |
Stream with Flow Control |
Receiver limits flow |
Sender adjusts rate |
14 |
Stream with Buffer Overflow |
Overflow receiver buffer |
Error or flow control triggered |
15 |
Stream with Buffer Underflow |
Receiver reads too fast |
Stream handled correctly |
16 |
Stream with Timeout |
Timeout during stream |
Retransmission triggered |
17 |
Stream with Keep-Alive |
Maintain idle stream |
Connection stays alive |
18 |
Stream with Termination |
Gracefully close stream |
FIN-ACK exchanged |
19 |
Stream with RST |
Abruptly close stream |
Connection reset |
20 |
Stream with Multiple Clients |
Multiple streams to server |
Streams handled independently |
21 |
Stream with Multiple Servers |
Client connects to multiple servers |
Streams managed separately |
22 |
Stream with Encryption |
Encrypt stream data |
Data decrypted correctly |
23 |
Stream with Compression |
Compress stream data |
Data decompressed correctly |
24 |
Stream with Authentication |
Authenticate before stream |
Stream starts after auth |
25 |
Stream with NAT |
Stream through NAT |
Data flows correctly |
26 |
Stream with Proxy |
Stream through proxy |
Proxy forwards stream correctly |
27 |
Stream with VPN |
Stream over VPN |
Secure stream maintained |
28 |
Stream with Packet Reordering |
Reorder packets |
Stream reassembled correctly |
29 |
Stream with Packet Duplication |
Duplicate packets |
Duplicates discarded |
30 |
Stream with Packet Loss |
Drop packets |
Retransmission successful |
31 |
Stream with Jitter |
Vary packet timing |
Stream integrity maintained |
32 |
Stream with Latency |
High latency environment |
Stream adapts |
33 |
Stream with Bandwidth Limit |
Limit bandwidth |
Stream throttled |
34 |
Stream with QoS |
Apply QoS rules |
Priority maintained |
35 |
Stream with Logging |
Log stream activity |
Logs generated |
36 |
Stream with Monitoring |
Monitor stream health |
Metrics collected |
37 |
Stream with Metrics |
Measure throughput |
Metrics accurate |
38 |
Stream with Alerts |
Alert on stream failure |
Alert triggered |
39 |
Stream with Recovery |
Recover from failure |
Stream resumes |
40 |
Stream with Retry |
Retry failed stream |
Retry successful |
41 |
Stream with Redundancy |
Use redundant paths |
Stream continues on backup |
42 |
Stream with Load Balancer |
Distribute stream load |
Balanced correctly |
43 |
Stream with Firewall |
Stream through firewall |
Allowed or blocked as configured |
44 |
Stream with IDS |
Intrusion detection on stream |
Malicious stream flagged |
45 |
Stream with Logging Disabled |
Disable logging |
No logs generated |
46 |
Stream with Session Expiry |
Expire session mid-stream |
Stream terminated |
47 |
Stream with Reconnection |
Reconnect after drop |
Stream resumes |
48 |
Stream with Data Integrity |
Verify checksum |
Data integrity confirmed |
49 |
Stream with Header Manipulation |
Modify TCP headers |
Stream still valid |
50 |
Stream with Port Change |
Change port mid-stream |
Connection reset or re-established |
Ordered Delivery - Testcases
S.No |
Test Case |
Description |
Expected Result |
|---|---|---|---|
1 |
Sequential Packets |
Send packets in order |
Packets received in same order |
2 |
Out-of-Order Packets |
Simulate out-of-order delivery |
TCP reorders packets correctly |
3 |
Packet Loss |
Drop a packet mid-sequence |
Retransmission ensures correct order |
4 |
Duplicate Packets |
Send duplicate packets |
Duplicates discarded, order preserved |
5 |
Delayed Packet |
Delay one packet |
TCP waits and reorders correctly |
6 |
Fragmented Data |
Send fragmented data |
Reassembled in correct order |
7 |
Large Data Stream |
Send large stream |
Data received in correct sequence |
8 |
Small Data Stream |
Send small stream |
Order maintained |
9 |
Mixed Packet Sizes |
Vary packet sizes |
Order preserved |
10 |
ACK Delay |
Delay acknowledgments |
TCP maintains order |
11 |
ACK Loss |
Lose ACKs |
Retransmission preserves order |
12 |
Retransmission |
Retransmit lost packet |
Order restored |
13 |
Congestion |
Simulate congestion |
TCP slows down but maintains order |
14 |
Flow Control |
Receiver limits flow |
Order maintained |
15 |
Window Size Change |
Change TCP window size |
Order unaffected |
16 |
Connection Pause |
Pause and resume connection |
Order preserved |
17 |
Connection Reset |
Reset mid-transfer |
Order lost, connection restarted |
18 |
Multiple Connections |
Multiple TCP streams |
Each stream maintains its own order |
19 |
NAT Traversal |
Send through NAT |
Order preserved |
20 |
Proxy Routing |
Send through proxy |
Order preserved |
21 |
VPN Routing |
Send through VPN |
Order preserved |
22 |
Packet Reordering by Network |
Network reorders packets |
TCP reorders them correctly |
23 |
Packet Duplication by Network |
Network duplicates packets |
TCP discards duplicates |
24 |
Packet Delay by Network |
Network delays packets |
TCP buffers and reorders |
25 |
Packet Loss by Network |
Network drops packets |
TCP retransmits and reorders |
26 |
TCP Reno Behavior |
Use Reno algorithm |
Order maintained |
27 |
TCP Cubic Behavior |
Use Cubic algorithm |
Order maintained |
28 |
TCP BBR Behavior |
Use BBR algorithm |
Order maintained |
29 |
TCP Tahoe Behavior |
Use Tahoe algorithm |
Order maintained |
30 |
Application-Level Check |
App verifies order |
Data matches expected sequence |
31 |
Header Manipulation |
Modify TCP headers |
Order preserved if headers valid |
32 |
Sequence Number Wraparound |
Sequence number exceeds max |
TCP handles wraparound correctly |
33 |
Sequence Number Collision |
Simulate collision |
TCP resolves and maintains order |
34 |
Stream Termination |
End stream with FIN |
Final data received in order |
35 |
Stream Restart |
Restart stream |
New stream starts fresh order |
36 |
Keep-Alive Enabled |
Maintain idle connection |
Order preserved after idle |
37 |
Keep-Alive Disabled |
Idle connection closed |
Order lost after termination |
38 |
TLS Encrypted Stream |
Encrypt data |
Decrypted data in correct order |
39 |
Compressed Stream |
Compress data |
Decompressed in correct order |
40 |
Multithreaded Sender |
Send from multiple threads |
TCP serializes and preserves order |
41 |
Multithreaded Receiver |
Receive on multiple threads |
TCP delivers in order |
42 |
Mobile Network |
Send over mobile data |
Order preserved despite jitter |
43 |
Satellite Network |
Send over satellite |
Order preserved despite latency |
44 |
IoT Device Communication |
Send from IoT device |
Order maintained |
45 |
Cloud Server Communication |
Send to cloud server |
Order preserved |
46 |
Firewall Traversal |
Send through firewall |
Order preserved |
47 |
IDS Monitoring |
Monitor for order violations |
No violations detected |
48 |
Logging Enabled |
Log packet sequence |
Logs show correct order |
49 |
Logging Disabled |
No logs |
Order verified manually |
50 |
Stress Test |
High volume, high speed |
TCP maintains ordered delivery |
S.No |
TCP Header |
Description |
Size(Bytes) |
Position(bits) |
|---|---|---|---|---|
1 |
Source Port |
Port number of a sending application |
2 |
0-15 (16- bit) |
2 |
Destination Port |
Port number of a receiving application |
2 |
16-31 (16-bit) |
3 |
Sequence Number |
Byte offset of the first data byte in this segment |
4 |
32-63 (32-bit) |
4 |
Acknowledgment Number |
If ACK flag is set,this is the next expected byte. |
4 |
64-95 (32-bit) |
5 |
Data Offset(Header length) |
Number of 32-bit words in TCP header,used to find start of playload. |
4 bit |
96-99 (4-bit) |
6 |
Reserved |
Reserved for future use, must be zero. |
3 bit |
100-102 (3 bits) |
7 |
Flags(Control bits) |
Includes flags: NS, CWR, ECE, URG, ACK, PSH, RST, SYN, FIN |
9 bit |
103-111 (9 bits) |
8 |
Window Size |
Number of bytes the sender is willing to receive. |
2 |
112-127 (16-bit) |
9 |
Check Sum |
Error-checking value for header + data (with pseudo-header) |
2 |
128-143 (16-bit) |
10 |
Urgent Pointer |
If URG flag is set,points to the last urgent byte in the segment. |
2 |
144-159 (16-bit) |
11 |
Data (Pay Load) |
Actual appilication data being transported |
variable |
after header |
12 |
Padding |
Extra bits to ensure header ends on a 32-bit boundary |
variable |
End of options |
13 |
Options(optional) |
optional settings like MSS, Window Scaling, Timestamps,SACK, etc. |
variable |
160+ |
Kind |
Option |
Description |
Length(Bytes) |
|---|---|---|---|
0 |
End Of Option List(EOL) |
Marks the end of option list and also useful for padding |
1 |
1 |
No-Operation(NOP) |
Used for padding between options for alignment |
1 |
2 |
Maximum Segment Size(MSS) |
specifies maximum amount of data a host is willing to receive in one |
4 |
segment. |
|||
3 |
Window Scale |
Used to increase the TCP receive window size beyond 65,535 bytes |
3 |
4 |
SACK Permitted |
Indicates the sender supports SACK |
2 |
5 |
SACK |
One or more blocks of received data to improve retransmission. |
Variable(10-34) |
6 |
Echo(obsolote) |
Used for RTT measurment ( now replaced by timestamps). |
6 |
7 |
Echo Reply(obsolote) |
pairedd with Echo option;also obsolote |
6 |
8 |
TimeStamps(Tsopt) |
Used for RTT measurment and PAWS |
10 |
9 |
Partial Order Connection Permitted |
Rarely used;experimental;allows out-of-order-delivery |
2 |
10 |
partial Order Service Profile |
Works with POCP to describe how partial order is handled. |
3 |
11 |
CC(Connection Count) |
Part of TCP Control Block Interdependence( for TCP research) |
6 |
12 |
CC.NEW |
Used in expermental congestion control |
6 |
13 |
CC.ECHO |
Echoes CC.NEW value |
6 |
14 |
TCP Alternate checksum Request |
Request alternate checksum algorithm |
3 |
15 |
TCP Alternate checksum Data |
Contains alternate checksum data |
Variable. |
28 |
User Timeout Option(UTO) |
Allows peers to advertise their connection timeout values |
4 |
29 |
TCP Authentication Option |
Provides authentication for TCP segments,replacing TCP MD5 option |
Variable. |
253 |
Experimental(RFC6994) |
Reserved for experimental TCP options. |
Variable. |
254 |
Experimental(RFC6994) |
Reserved for experimental TCP options. |
Variable. |
255 |
Reserved |
Reserved it is not used |
S.No |
Protocol/Application |
Descrption |
|---|---|---|
1 |
HTTP/HTTPS |
|
2 |
FTP(File Transfer Protocol) |
Transfers files between client and server with control and data channels over TCP |
3 |
SMTP |
Sends emails between mail servers using reliable TCP connections. |
4 |
DNS(Zone Transfer Only) |
Zone Transfers(AXFR) use TCP for reliability. |
5 |
IMAP/POP3 |
Retrieves emails from mail servers while ensuring message integrity. |
6 |
SSH |
Provides secure remote login and command execution over encrypted TCP sessions. |
7 |
Telnet |
Allows remote terminal access over TCP. |
8 |
SFTP(SSH File Transfer Protocol) |
Securly transfer files over SSH,which runs over TCP. |
9 |
LDAP over TCP |
Directory services often run over TCP to support reliable data access. |
S.No |
Common TCP-Level Options |
Explanation |
Details |
|---|---|---|---|
1 |
TCP_NODELAY |
It is a socket option used with TCP sockets to |
Header file : <netinet/tcp.h> |
the use of Nagle’s algorithm. |
Level : IPPROTO_TCP. |
||
Purpose |
To reduce the no of small TCP packets sent over |
Disable’s Nagle’s algorithm to reduce latency for |
|
the network,to improve bandwidth effeciency. |
small packets. |
||
Type |
It is type of boolean ,because it rooted in how socket implemented in the os stack. |
Boolean(int). |
|
Values |
These are commonly called as flags where the value 1 disables algorthim to send as small packets fastly,reduce latency; 0 enables it to combine packets, reducing network traffic. |
0 - Diaabled. |
|
1 - Enabled. |
|||
Default value |
Default it is enabled to combine packets and |
Disabled.(TCP_NODELAY=0) but Nagle’s algo is |
|
reduce netwrok traffic at any cost of latency. |
enabled may delay small packets. |
||
Behavior |
|
In wireshark - fewer packets, delayed in PSH flag, |
|
combined send() data. |
|||
|
In wireshark- more packets,small TCP segments, |
||
PSH flag set,each send() data is one packet. |
|||
2 |
TCP_CORK |
It is a Linux-specific TCP socket option that controls how data is sent over a TCP connection |
Header file : <netinet/tcp.h>(linux only) |
Level : IPPROTO_TCP. |
|||
Purpose |
A linux-specific TCP option to control how TCP |
Mainly used to optimize packetization. |
|
segments are transmitted- mainly used to delay |
|||
& group small writes into full TCP segments. |
|||
Type |
It is a boolean inerperted as int |
Boolean(int). |
|
Values |
1- it hold back data until uncorked and |
1-Enable |
|
0-it sends out any buffer data. |
0-Disable |
||
Default value |
it is off,TCP sends data normaly |
0-Diasable(TCP_CORK=0) |
|
Behavior |
|
In wireshark- small packets and each write() |
|
written,may result in small packets |
may be seperate TCP segment. |
||
2.when the tcp_cork is enable ,buffers all the data until |
In wireshark -fewer packets and each write() |
||
explicitly flushed or full. |
on large TCP segment. |
||
3 |
TCP_KEEPALIVE |
To check if an idle connection is still valid and to |
Header file: <netinet/tcp.h> |
prevent it from being drooped due to inactivity. |
Level : SOL_SOCKET |
||
Purpose |
A mechanism that sends keepalive probed to check if the other end of TCP connections is still |
Detect dead TCP connections. |
|
avaliable. |
|||
Type |
It is boolean interperted as int |
Boolean(int). |
|
values |
For 0 the keep-alive is truned off & 1 it turned on. |
0- Disable, 1-Enable. |
|
Default value |
Determines the time connection needs to remain |
7200 seconds(2 hours). |
|
idle before TCP starts sending keepalive probes |
|||
Appiles when |
The connections remain active by sending keepalive |
enabled on the socket. |
|
probes after the connection is idle duration specified |
|||
by TCP_KEEPIDLE. |
|||
Behavior |
Mechanism to check if peer is alive without data |
In Wireshark shows small ACK packets with no payload |
|
4 |
TCP_KEEPIDLE |
set the idle time (in secs) before the first keep-alive |
Header file: <netinet/tcp.h> |
probe is sent. |
Level : IPPROTO_TCP |
||
Purpose |
long-lived TCP connections where detecting dead |
Detects dead Tcp connections early |
|
peers quickly is important. |
|||
Type |
It is interperted as int |
socket option is at TCP level |
|
Default value |
if no data sent or recieve for 2 hrs the kernal will sent |
7200 seconds (2 hours) on linux varies by OS. |
|
the first keep alive if remote peer is still reachable |
|||
option |
Requries keepalive to be enable first |
SO_KEEPALIVE |
|
Behavior |
time of inactivity before first keepalive probe is sent. |
Wireshark shows the time before keepalive seen in trace |
|
5 |
TCP_KEEPINTVL |
The time interval b/w individual keepalive probes sent |
Header file : <netinet/tcp.h> |
to remote peer when no ACK is received for the prevoius keep-alive probes. |
Level : IPPROTO_TCP. |
||
purpose |
Control the frequency of probes when no ACK is recevied. |
Detects dead Tcp connections quickly. |
|
Type |
It is interperted as int |
Socket option is at TCP level. |
|
Default value |
Balance between network traffic & detection speed |
75 seconds in linux. |
|
option |
Requries keepalive to be enable first |
SO_KEEPALIVE |
|
Behavior |
Interval between the keepalive probes after the keepidle. |
In Wireshark if no ACK is send to the respective packet |
|
then only the we can see the intervals for given seconds. |
|||
6 |
TCP_KEEPCNT |
Number of Keep-alive probes sent before declaring the |
Header file : <netinet/tcp.h> |
connection is dead. |
Level : IPPROTO_TCP. |
||
purpose |
Controls the grace period for network issues |
Premature connection termination. |
|
Type |
It is interperted as int |
Socket option is at TCP level. |
|
Default value |
If there is no response ,the OS sends upto 9 more probes, |
9 on linux,varies by OS. |
|
each spaced by the interval defined in keep-interval. |
|||
Option |
Requries keepalive to be enable first |
SO_KEEPALIVE |
|
Behavior |
Number of unachknowledged probes before the |
In wireshark it shows the multiple keepalives before the |
|
connection dead. |
RST/Close. |
||
7 |
TCP_MAXSEG |
The maximum amount of TCP payload data that host is |
Header file : <netinet/tcp.h> |
willing to receive in a single TCP segment. |
Level : IPPROTO_TCP. |
||
Purpose |
Max no of bytes a TCP peer is accepting in single segment. |
It doesnot include TCP headers. |
|
Default value |
Maximum size of TCP payload not the entire packet and |
Typically 1460 bytes(when MTU =1500). |
|
the value determined based on MTU interface. |
|||
Relation to MTU |
It is directly derived from MTU,where its maximum size of |
TCP_MAXSEG=MTU - IP Header - TCP Header. |
|
TCP payload that fits within a single packet without causing fragmentation. |
|||
TCP option kind |
Identifies the MSS option in TCP header |
Kind=2(0x02). |
|
Behavior |
Indicates the largest TCP payload ize the sender can |
In Wireshark - highlights MSS option in handshake packets |
|
receive without fragmentation. |
#NAME? |
||
#NAME? |
|||
8 |
TCP_INFO |
It is a linux socket structure that provides real-time |
Header file : <netinet/tcp.h> |
statistics about active TCP connection |
Level : IPPROTO_TCP. |
||
Purpose |
Monitor TCP connection parameters such as RTT, |
Can retrieve using getsockopt() system call. |
|
retransmissions,congestion,window size and more…. |
|||
Type |
It is a linux specific , low overhead tool to observe and |
Kernal-level TCP socket diagnostic interface. |
|
tune TCP behavior without needing to sniff packets |
|||
Access method |
It is accessed using getsockopt() syscall with IPPROTO_TCP |
Via getsockopt() syscall with IPPROTO_TCP and TCP_INFO |
|
level and TCP_INFO to retrieve real-time TCP connections. |
option. |
||
Behavior |
TCP_INFO gives you kernel-level metrics: RTT, congestion |
Wireshark gives you packet-level visibility: flags, options, |
|
window, retransmissions, etc. |
sequence numbers, timestamps.Together, they provide a complete picture of TCP behavior. |
||
9 |
TCP_CONGESTION |
It is a mechanism used in the TCP to manage how much |
Header file : <netinet/tcp.h> |
data is sent over a network to avoid congestion. |
Level : IPPROTO_TCP. |
||
Purpose |
It is to ensure the efficient,fair, and stable data connection |
Preventing congestion,maximum throughput,ensuring fairness |
|
Working |
TCP uses variable called Congestion Window (cwnd) to |
Three categories: 1) Slow start 2) Congestion Avoidance |
|
control how much data can be sent before waiting for ACK. |
|
||
Kernal Parameters |
Currently active TCP congestion control it sets the default |
/proc/sys/net/ipv4/tcp_congestion _control |
|
algorithms for all new TCP connections |
|||
List and avaliable algorithms compiled on the system |
/proc/sys/net/ipv4/tcp_avaliable_congestion _control |
||
This list can be restrcted by admins to allow only specific |
/proc/sys/net/ipv4/tcp_allowed_congestion _control |
||
algorithms even if others are compiled into the kernal |
|||
Behaviour |
Shows congestion behaviour over time(growth,loss,delay) |
In Wireshark- time sequence graph,RTT graph,Throughput graph |
|
Identify loss,recovery,congestion window chnages |
In Wireshark we can see difference in window size, RT, Time |
||
Congestion Algorithms |
|||
RENO |
It is to detect and react to congestion via packet loss and |
Version: Classic. Introduced : around 1990 by RFC 2001. |
|
duplicate ACKs.uses for Fast Retransmission and Fast |
Type : Loss Based AIMD |
||
Recovery.simple and robust but not optimized for high |
Growth pattern: Linear. |
||
BDP networks. |
Default: Before Kernal 2.6.8, default in Windows 2000/XP |
||
Behavior |
Watch for Fast Retransmits, Dup ACKs, and window size |
In Wireshark on graph it shows classic sawtooth pattern of congestion window and after loss, window drops to half. |
|
drops. |
|||
In Packets we can see frequent duplicate ACKs,retransmission. |
|||
CUBIC |
It is defined as cubic function based congestion window |
Version: Ongoing tuning. Introduced in : 2005 by linux devs. |
|
growth algorithm .It modifies the way the TCP CWND grows |
Type: Loss Baesd with cubic function growth. |
||
after congestion,using a cubic function of time instead of a |
Growth Pattern: Cubic(non-linear). |
||
linear one. |
Default: In modern linux. |
||
Behavior |
|
In Wireshark - sequence numbers increase rapidly ; |
|
network capability,where rapid growth in CWND. |
steep slope in the time sequence graph. |
||
|
In Wireshark we can see a smooth,curved upward growth in |
||
overwhelming the network. |
time sequence graph not a straight line like reno. |
||
3)Congestion Avoidance: It avoids the repating congestion. |
In Wireshark we can see flattering curve in the graph. |
||
|
In Wireshark there is a sudden drop in the curve possibly |
||
reduces sending data. |
followed by retransmissions and duplicate ACK’s. |
||
In Packets it is similar to reno, but with smoother growth. |
|||
BBR |
It is Bottleneck Bandwidth and Round trip Propagation time |
Version: BBR V2(2021) |
|
is a modern based congestion control algorithm created by |
Introduced : 2016 by Google. |
||
google. instead of relying on packet loss like reno or cubic |
Type : Modern based (Bandwidth * RTT). |
||
BBR measures the avaliable bandwidth and minimum RTT |
Growth Pattern: Smooth,Steady |
||
to send data at the most efficient rate. |
Default: Requires Kernal >= 5.4. |
||
Behavior |
BBR doesnot slow down on the minor packets and there it |
In Wireshark we can observe there would be less or no re- |
|
will not trigger loss-based recovery. |
transmissions and very rare duplicate ACK’s. |
||
BBR sends data steadily without reacting to loss. |
In Wireshark - we can see in time sequence graph smooth and |
||
straight line no sawtooth pattern. |
|||
BBR keeps delay low by avoiding queue bulidup |
In Wireshark we can see very flat and stable RTT line graph. |
||
10 |
TCP_DEFER_ACCEPT |
It is a linux-specific socket that tells the kernal to delay passing an incoming TCP connection to the appilication via accept() until data has been received on socket or timeout. |
Header file : <netinet/tcp.h> |
Level : IPPROTO_TCP. |
|||
purpose |
TCP_DEFER_ACCEPT prevents the server from waking up |
Reduce Wakeups for idle TCP connections. |
|
for clients that connect but stay silent,saving resources. |
|||
Time out vaue |
How long the Kernal waits for data before delivering the |
integer(seconds). |
|
connection to accept() |
|||
Behavior |
It happens when TCP_defer_accept delays the server’s |
In Wireshark we can see TCP 3-way handshake completed |
|
accept() call until client sends data. the server remains |
sucessfully,but there will be a delay before the server sends |
||
silent until data arrives,visible pause between handshake |
any response packet back. |
||
and the server’s first reply. |
|||
11 |
TCP_QUICKACK |
A TCP Socket option that disable’s ACKs,causing the kernal |
Header file : <netinet/tcp.h> |
to send ACK immediately for the next received packet. |
Level : IPPROTO_TCP. |
||
Purpose |
To reduce latency by sending ACKs without delay |
Useful for interactive or real-time applications. |
|
default value |
Linux normally uses delayed ACKs for reducing TCP |
0 to restore default behavior. |
|
overhead. |
|||
Type |
TCP_QUICKACK uses an boolean value as input. |
integer. |
|
Value |
It set to 1 makes TCP send ACK immediately for next packet, |
1- Enable QUICKACK |
|
and set 0 restores normal delayed ACK behavior. |
0- Disable QUICKACK / Restore default |
||
Behavior |
The immediate ACK happens because TCP_QUICKACK |
In Wireshark ACK is sent fastly after receiving data,with no delay |
|
temporarily disables delayed ACKs,allowing you to see the |
unlike delayed ACK mode where a small pause is observed |
||
ACK packet appear right after the data. |
before the ACK is transmitted. |
S.no |
General Socket-Level Options |
Explanation |
Details |
|---|---|---|---|
1 |
SO_REUSEADDR |
It is a Socket option used in network programming to allow a |
Header file : <sys/socket.h> |
socket to bind to a local address that is in TIME_WAIT state |
Level : SOL_SOCKET. |
||
or was recently used. |
|||
Purpose |
It is to allow quick rebinding to a recently used port,even if it |
Reuse local address for binding |
|
hasn’t fully timed out yet |
|||
when to call |
It changes how the OS ingterpets address/port avaliability at |
Before Bind() |
|
the moment you bind the socket. |
|||
Socket Types |
It is used for both TCP and UDP sockets. |
TCP(SOCK_STREAM), UDP(SOCK_DGRAM). |
|
Value Type |
Always use int for the value,even though the option affects |
1(non-zero)- Enable SO_REUSEADDR. |
|
low-level behavior |
0- Disable SO_REUSEADDR. |
||
Behavior |
We cant see any behavior directly in wireshark but it reflect |
In wireshark we can observe fast TCP port reuse and also TCP |
|
indirectly effect of the option in captured network traffic. |
port in TIME_WAIT reused. |
||
2 |
SO_REUSEPORT |
It is a socket option that allows multiple sockets to bind to |
Header file : <sys/socket.h> |
the same IP address and port comination. |
Level : SOL_SOCKET. |
||
Purpose |
The core purpose of SO_REUSEPORT is to improve |
Enables Load balancing, Parallel processing, Seamless server |
|
performance and scalability. |
restarts. |
||
Value Type |
Allows multiple processes or threads to bind to the same IP |
Enable - 1 and 0- disable (default value). |
|
combines with |
They are used together to ensure flexibility and correctness. |
Often used with so_reuseaddr. |
|
Socket Types |
It is used for both TCP and UDP sockets. |
TCP(SOCK_STREAM), UDP(SOCK_DGRAM). |
|
Behavior |
Here the behavior in Wireshark is cant be seen directly |
In Wireshark we can see multiple processes bound to the same |
|
because so_reuseport is local socket option . |
port and also fast reconnect after server restart. |
||
3 |
SO_RCVBUF / SO_SNDBUF |
These sockets are used with setsockopt() and getsockopt() |
Header file : <sys/socket.h> |
to control the buffer size used by the OS kernal for sending |
Level : SOL_SOCKET. |
||
and receiving data on a socket. |
|||
Purpose |
Larger buffer can improve throughput, especially on |
By recv() or read() and send() or write(). |
|
high-latency networks. |
|||
Value Type |
Both expect an int value which the size in bytes of the buffer |
Int (Buffer size in bytes). |
|
you want the kernal to allocate. |
|||
When to call |
These options should be set before calling connect or bind |
Before Connect() ( client sockets ) |
|
to ensure the buffer size are properly appiled by the OS |
Bind() ( server sockets). |
||
Units |
It is always taken in the form of Bytes |
Common values: 65536(64 KB) , 1048576(1 MB) etc… |
|
How to pass |
It is passed via pointer type to integer |
&buffersize via setsockopt() or getsockopt(). |
|
default value |
While using these both the socket option it could be system |
usually 128 KB to 256 KB, if needed can check with getsockopt() |
|
dependent |
it is a system dependent. |
||
Max size Limits |
Setting above max may be silently capped and limited by |
we can configure through |
|
Kernal. |
/proc/sys/net/core/rmem_max. |
||
Behavior |
In SO_RCVBUF It controls size of receive queue in kernal, |
In Wireshark we can see Large advertised TCP window size in |
|
If its larger buffer size then more buffer data we get. |
packets and the flow is smoother |
||
If its smaller buffer size then it drops or flow control. |
In Wireshark we get smaller TCP window size,Packet loss signals |
||
and also some times re transmission happens. |
|||
IN SO_SNDBUF It controls the size of send queue in kernal, |
In Wireshark we get Larger TCP segments and also possible |
||
If its larger buffer size then its smoother in sending the data. |
delayed sending if buffer is full. |
||
If its smaller buffer size then the sometimes the send may |
In Wireshark we get smaller TCP segments and also data flow |
||
blocks or slows. |
would be slow. |
||
4 |
SO_RCVLOWAT / SO_SNDLOWAT |
These both options are used in minimum no of byes that must |
Header file : <sys/socket.h> |
be avaliable in the sockets receive or send buffer before |
Level : SOL_SOCKET. |
||
blocking recv() call will return or send() call will proceed. |
|||
Purpose |
The core purpose is to define minimum data threshold for |
prevent returning partial messages and avoid sending tiny |
|
recv() or send(). |
fragments. |
||
Socket Direction |
Directional Control: receive vs send. |
SO_RCVLOWAT- Receive buffer , SO_SNDLOWAT - Send buffer. |
|
Value Type |
must be passed as pointer to int. |
Integer. |
|
Units |
Threshold measured in bytes. |
Bytes. |
|
default value |
recv() returns even if 1 byte is avaliable unless overridden |
Typically 1 byte. |
|
System Support |
On Linux, SO_SNDLOWAT is ignored in most cases and |
SO_RCVLOWAT- supports |
|
also SO_RCVLOWAT is supported |
SO_SNDLOWAT - sometimes ignored (Linux). |
||
Behavior(blocking) |
Only appiles to blocking sockets. |
recv() or send() blocks until threshold is satisfied. |
|
Behavior(unblocking) |
Ignored in the non-blocking mode. |
Both of them has no effect on 0_NONBLOCK sockets. |
|
Behavior |
Because of app waits to read/send large chunks and it waits |
In Wireshark we cant see these output directly but indirectly we |
|
for watermark thershold. |
can see TCP segments carry larger payloads and delays between |
||
request and response. |
|||
5 |
SO_RCVTIMEO / SO_SNDTIMEO |
These sets the maximum amount of time to recv() or read() & |
Header file : <sys/socket.h> / <sys/time.h> |
send() or write() call on a blocking socket will wait for data or |
Level : SOL_SOCKET. |
||
will wait to send data before time out. |
|||
Purpose |
Prevents call from a blocking forever if no data is received or |
set a timeout duration for blocking recv() or send() calls. |
|
send buffer is full |
|||
Value Type |
It is a structure which must include both seconds & micro sec. |
struct timeval |
|
default value |
There is no value until we explicitly set it |
No timeout(i.e blocks indefinitely). |
|
units |
These were passed as struct timeval. |
Time( seconds + microseconds). |
|
Appiles To |
Works only on blocking sockets. |
SO_RCVTIMEO - recv() / read() |
|
SO_SNDTIMEO - send() / write(). |
|||
Behavior |
In SO_RCVTIMEO we can see it waits for data,but timeout |
In Wireshark we can observe no response or delayed from |
|
occured and also it may ignore socket and broken message |
application and also gaps in appilication data flow . |
||
handling. |
|||
In SO_SNDTIMEO we can see send() may blocks due to full |
In Wireshark we can observe like application stop sending |
||
buffer,timed out and also send() may hit timeout if peer |
suddenly and also TCP buffer full(zero Window size from peer) and also outgoing data ends with RST or FIN. |
||
doesn’t open Window. |
|||
6 |
SO_LINGER |
This socket option that specifies whether a close() should |
Header file : <sys/socket.h> |
block to allow unsent data to be transmitted before closing a |
Level : SOL_SOCKET. |
||
TCP socket |
|||
purpose |
Controls whether close() waits to deliver unsent data or |
Manage proper shutdowns,avoid RSTs,or force quick |
|
aborts the connection immediately. |
disconnects. |
||
Value Type |
It is a structure type which is struct linger |
It contains l_onoff and l_linger fields. |
|
Appiles To |
It is mainly for TCP and no menaing for UDP sockets |
TCP sockets(SOCK_STREAM). |
|
default value |
close() returns immediately,TCP tries to flush remaining data |
l_onoff=0 (linger disabled). |
|
in background. |
|||
Behavior |
when l_onoff=0(disabled) |
In Wireshark we can see FIN from the closing side,followed by |
|
FIN-ACK fromm peer-graceful 4-way termination. |
|||
when l_onoff=1, where l_linger>0 |
In Wireshark it send pending data;if timeout hits we can see RST |
||
instead of FIN- indicates the force close. |
|||
when l_onoff=1, where l_linger=0 |
In Wireshark we can see immediately TCP RST instead of a FIN- |
||
where connection is reset ungracefully. |
S.No |
Parameter Name |
File Path |
Description |
Cat Outputs |
|---|---|---|---|---|
1 |
tcp_abort_on_overflow |
/proc/sys/net/ipv4/tcp_abort_on_overflow |
Drop overflowed receive buffers instead of dropping incoming |
0 |
overflow. |
segments. |
|||
2 |
tcp_allowed_congestion_control |
/proc/sys/net/ipv4/tcp_allowed_congestion_control |
Congestion control algorithm allowed by the kernal. |
Reno, cubic |
3 |
tcp_adv_win_scale |
/proc/sys/net/ipv4/tcp_adv_win_scale |
Controls how much of the TCP receive is advertised to the remote |
1 |
peer. |
||||
4 |
tcp_app_win |
/proc/sys/net/ipv4/tcp_app_win |
Flow control window left to the application |
31 |
5 |
tcp_autocorking |
/proc/sys/net/ipv4/tcp_autocorking |
Controls whether the Linux TCP stack automatically corks (delay |
1 |
sending) small packets |
||||
6 |
tcp_avaliable_congestion_control |
/proc/sys/net/ipv4/tcp_avaliable_congestion_control |
currently avaliable congestion control modules. |
reno,cubic. |
7 |
tcp_avaliable_ulp |
/proc/sys/net/ipv4/tcp_avaliable_ulp |
Displays a list of all avaliable ULP modules that can be used with TCP. |
tls |
8 |
tcp_base_mss |
/proc/sys/net/ipv4/tcp_base_mss |
Minimum segment size used by TCP. |
1024 |
9 |
tcp_challenge_ack_limit |
/proc/sys/net/ipv4/tcp_challenge_ack_limit |
maximum challenge Acks per second. |
2147483647 |
10 |
tcp_child_ehash_entries |
/proc/sys/net/ipv4/tcp_child_ehash_entries |
specifies a limit on the number of child entries in the TCP established |
0 |
hash table. |
||||
11 |
tcp_comp_sack_delay_ns |
/proc/sys/net/ipv4/tcp_comp_sack_delay_ns |
sets the delay(in nano seconds) before sending a compressed SACK. |
1000000 |
12 |
tcp_congestion_control |
/proc/sys/net/ipv4/tcp_congestion_control. |
default congestion control algorithm |
cubic |
13 |
tcp_comp_sack_nr |
/proc/sys/net/ipv4/tcp_comp_sack_nr |
number of threshold for delaying SACK |
44 |
14 |
tcp_dsack |
/proc/sys/net/ipv4/tcp_dsack |
Enable duplicate Selective SACK |
1 |
15 |
tcp_early_retrans |
/proc/sys/net/ipv4/tcp_early_retrans |
Number of dup ACKs to trigger early retransmission. |
3 |
16 |
tcp_ecn |
/proc/sys/net/ipv4/tcp_ecn |
Enable Explicit congestion control |
2 |
17 |
tcp_ecn_fallback |
/proc/sys/net/ipv4/tcp_ecn_fallback |
Fallbacks to regular TCP if ECN fails |
1 |
18 |
tcp_fack |
/proc/sys/net/ipv4/tcp_fack |
Enable forward ACK |
0 |
19 |
tcp_fastopen |
/proc/sys/net/ipv4/tcp_fastopen |
Enable tcp fastopen. |
1 |
20 |
tcp_fastopen_blackhole_timeout_sec |
/proc/sys/net/ipv4/tcp_fastopen_blackhole_timeout_sec |
Timeout for blackhole detection. |
0 |
21 |
tcp_fastopen_key |
/proc/sys/net/ipv4/tcp_fastopen_key |
Session tickey key for secure fast open |
|
22 |
tcp_fin_timeout |
/proc/sys/net/ipv4/tcp_fin_timeout |
FIN-WAIT timeout before the socket is closed. |
60 |
23 |
tcp_frto |
/proc/sys/net/ipv4/tcp_frto |
Enable forward RTO recovery |
2 |
24 |
tcp_recovery |
/proc/sys/net/ipv4/tcp_recovery |
Configures TCP recovery methods. |
1 |
25 |
tcp_reordering |
/proc/sys/net/ipv4/tcp_reordering |
Max out-of-order packets before triggering fast transmit |
3 |
26 |
tcp_retrans_collapse |
/proc/sys/net/ipv4/tcp_retrans_collapse |
collapse multiple retransmissions into one |
1 |
27 |
tcp_rmem |
/proc/sys/net/ipv4/tcp_rmem |
receive buffer sizes[min,default,max] |
4096 131072 6291456 |
28 |
tcp_rto_min_us |
/proc/sys/net/ipv4/tcp_rto_min_us |
Minimum retransmission timeout (micro seconds) |
200000 |
29 |
tcp_sack |
/proc/sys/net/ipv4/tcp_sack |
Enable selective ACK |
1 |
30 |
tcp_slow_start_after_idle |
/proc/sys/net/ipv4/tcp_slow_start_after_idle |
Slow start after idle period |
1 |
31 |
tcp_stdurg |
/proc/sys/net/ipv4/tcp_stdrug |
Accept out-of-band urgent data |
0 |
32 |
tcp_syn_retries |
/proc/sys/net/ipv4/tcp_syn_retries |
SYN retries for outgoing connections. |
6 |
33 |
tcp_synack_retries |
/proc/sys/net/ipv4/tcp_synack_retries |
SYN-ACK retries for incoming connections |
5 |
34 |
tcp_syncookies |
/proc/sys/net/ipv4/tcp_syncookies |
Enable SYN cookies |
1 |
35 |
tcp_syn_linear_timeouts |
/proc/sys/net/ipv4/tcp_syn_linear_timeouts |
Linear timeouts for this streams |
4 |
36 |
tcp_timestamps |
/proc/sys/net/ipv4/tcp_timestamps |
Enable TCP timestamps |
1 |
37 |
tcp_thin_dupack |
/proc/sys/net/ipv4/tcp_thin_dupack |
Dedup ACK reduction for thin streams |
0 |
38 |
tcp_thin_linear_timeouts |
/proc/sys/net/ipv4/tcp_thin_linear_timeouts |
Enables linear timeouts for thin streams |
1 |
39 |
tcp_tw_reuse |
/proc/sys/net/ipv4/tcp_tw_reuse |
Allows reuse of TIME-WAIT sockets for new connections |
1 |
40 |
tcp_tw_rfc1337 |
/proc/sys/net/ipv4/tcp_tw_rfc1337 |
Enables RFC1337 fix for TIME-WAIT assassination |
1 |
41 |
tcp_max_syn_backlog |
/proc/sys/net/ipv4/tcp_max_syn_backlog |
Max number of remembered connection requests in SYN_RECV state |
2048 |
42 |
tcp_low_latency |
/proc/sys/net/ipv4/tcp_low_latency |
Enables low latency mode (disables TCP performance features) |
0 |
43 |
tcp_limit_output_bytes |
/proc/sys/net/ipv4/tcp_limit_output_bytes |
Limits number of bytes in output queue |
131072 |
44 |
tcp_no_metrics_save |
/proc/sys/net/ipv4/tcp_no_metrics_save |
Prevents saving TCP metrics on socket close |
0 |
45 |
tcp_mtu_probing |
/proc/sys/net/ipv4/tcp_mtu_probing |
Enables MTU probing to discover path MTU |
1 |
46 |
tcp_keepalive_time |
/proc/sys/net/ipv4/tcp_keepalive_time |
Time before sending keepalive probes |
7200 |
47 |
tcp_keepalive_intvl |
/proc/sys/net/ipv4/tcp_keepalive_intvl |
Interval between keepalive probes |
75 |
48 |
tcp_keepalive_probes |
/proc/sys/net/ipv4/tcp_keepalive_probes |
Number of keepalive probes before dropping connection |
9 |
49 |
tcp_max_orphans |
/proc/sys/net/ipv4/tcp_max_orphans |
Max number of TCP orphaned connections |
4096 |
50 |
tcp_max_tw_buckets |
/proc/sys/net/ipv4/tcp_max_tw_buckets |
Max number of TIME-WAIT sockets |
180000 |
51 |
tcp_wmem |
/proc/sys/net/ipv4/tcp_wmem |
Send buffer sizes [min, default, max] |
4096 16384 4194304 |
52 |
tcp_mem |
/proc/sys/net/ipv4/tcp_mem |
Memory thresholds for TCP: [low, pressure, high] in pages |
181419 241895 362838 |
53 |
tcp_min_tso_segs |
/proc/sys/net/ipv4/tcp_min_tso_segs |
Minimum number of segments for TSO (TCP Segmentation Offload) |
2 |
54 |
tcp_min_rtt_wlen |
/proc/sys/net/ipv4/tcp_min_rtt_wlen |
Window length for minimum RTT estimation |
300 |
55 |
tcp_probe_interval |
/proc/sys/net/ipv4/tcp_probe_interval |
Interval to probe TCP sockets for memory usage |
600 |
56 |
tcp_probe_threshold |
/proc/sys/net/ipv4/tcp_probe_threshold |
Threshold for probing TCP sockets |
8 |
57 |
tcp_tso_win_divisor |
/proc/sys/net/ipv4/tcp_tso_win_divisor |
Divides TCP window for TSO segment size |
3 |
58 |
tcp_workaround_signed_windows |
/proc/sys/net/ipv4/tcp_workaround_signed_windows |
Enables workaround for broken TCP window scaling |
0 |
59 |
tcp_window_scaling |
/proc/sys/net/ipv4/tcp_window_scaling |
Enables TCP window scaling (RFC 1323) |
1 |
60 |
tcp_orphan_retries |
/proc/sys/net/ipv4/tcp_orphan_retries |
Max retries for orphaned sockets |
0 |
61 |
tcp_base_mss |
/proc/sys/net/ipv4/tcp_base_mss |
Minimum TCP segment size |
1024 |
62 |
tcp_cookie_size |
/proc/sys/net/ipv4/tcp_cookie_size |
Size of TCP cookie for TCP Cookie Transactions (TCPCT) |
8 |
63 |
tcp_cts_protect |
/proc/sys/net/ipv4/tcp_cts_protect |
Protects against CTS (Clear to Send) attacks |
0 |
64 |
tcp_dma_copybreak |
/proc/sys/net/ipv4/tcp_dma_copybreak |
Threshold for using DMA for TCP payload copying |
4096 |
65 |
tcp_dsack_disable |
/proc/sys/net/ipv4/tcp_dsack_disable |
Disables DSACK (Duplicate SACK) |
0 |
66 |
tcp_invalid_ratelimit |
/proc/sys/net/ipv4/tcp_invalid_ratelimit |
Rate limit for invalid TCP packets |
500 |
67 |
tcp_l3mdev_accept |
/proc/sys/net/ipv4/tcp_l3mdev_accept |
Accept TCP connections on L3 master devices |
0 |
68 |
tcp_moderate_rcvbuf |
/proc/sys/net/ipv4/tcp_moderate_rcvbuf |
Enables automatic tuning of TCP receive buffer sizes |
1 |
69 |
tcp_notsent_lowat |
/proc/sys/net/ipv4/tcp_notsent_lowat |
Threshold for TCP_NOTSENT_LOWAT socket option |
4294967295 |
70 |
tcp_reflect_tos |
/proc/sys/net/ipv4/tcp_reflect_tos |
Reflects Type of Service (ToS) from incoming to outgoing packets |
0 |
71 |
tcp_autotune |
/proc/sys/net/ipv4/tcp_autotune |
Enables automatic tuning of TCP buffer sizes |
1 |
72 |
tcp_challenge_ack_limit |
/proc/sys/net/ipv4/tcp_challenge_ack_limit |
Max challenge ACKs per second to mitigate spoofing |
100 |
73 |
tcp_cookie_size |
/proc/sys/net/ipv4/tcp_cookie_size |
Size of TCP cookie for TCPCT (TCP Cookie Transactions) |
8 |
74 |
tcp_limit_output_bytes |
/proc/sys/net/ipv4/tcp_limit_output_bytes |
Max bytes queued before TCP output is throttled |
262144 |
75 |
tcp_min_snd_mss |
/proc/sys/net/ipv4/tcp_min_snd_mss |
Minimum send MSS |
48 |
76 |
tcp_mtu_probing |
/proc/sys/net/ipv4/tcp_mtu_probing |
Enables path MTU discovery |
1 |
77 |
tcp_mtu_probe_floor |
/proc/sys/net/ipv4/tcp_mtu_probe_floor |
Minimum floor for MTU probing |
512 |
78 |
tcp_no_ssthresh_metrics_save |
/proc/sys/net/ipv4/tcp_no_ssthresh_metrics_save |
Avoid saving ssthresh in metrics cache |
0 |
79 |
tcp_probe_interval |
/proc/sys/net/ipv4/tcp_probe_interval |
Interval for TCP memory pressure probing |
600 |
80 |
tcp_probe_threshold |
/proc/sys/net/ipv4/tcp_probe_threshold |
Threshold for TCP memory pressure probing |
8 |
Reference links