Each TCP segment has a special purpose and this is determined by TCP flags. Here, we will learn what are tcp flags and study on these 6 important tcp control flags in TCP Header. There are also other options in flag field, but we will focus only six of them. You can check these TCP Protocol flags in the below TCP Header Format.
According to these TCP header, what are tcp flags? TCP Control Flag List is given below:
The most important ones are used in TCP Three Way Handshake. These are SYN and ACK flags. Beside that there is a FIN flag that indicates termination of the connection. Lets check all of these TCP flags in order.
You can also check: TCP versus UDP lesson
Table of Contents
Urgent Pointer flag is used to say that this packet must have a priority. Normally packets goes to the queues on the receiving end. But a packet with urgent pointer flag is set, do not goes to the queue, it goes immediately to the receiver.
Additionaly there is an urgent pointer field in tcp header that we will discuss later. When the urgent pointer set to 1, then te urgent pointer field specifies the position of the urgent data in the segment.
TCP ACK flag is used to acknowledge the sending end that the packet has successfully come. For every packet received by the remote end, remote end send a packet with ACK field set to 1. But with windowing, this is done like one TCP ACK for every 3 received packet.
The third flag is TCP PUSH flag. When sending data, the sender buffers the data and then send. This buffering is used on the receiving end too. It buffers the data and then sent to the application. But this is not efficient for real time TCP applications. Think about telnet. We must send thousand of characters before the first packet send. This is not efficient. So for such real time usage, there is a TCP PUSH flag. With TCP PUSH flag, we say “Send the data immediately not buffer it!“. It is like this at the receiving end. It sends the data immediately to the application instead of waiting.
TCP RST flag shows that there is not a service that can reply at the remote end. When a host sends a SYN packet to the remote end, if a service is available at the remote end, then remote end replies with ACK packet. But if there is not such a service, the it replies with ACK and RST flag set.
This flag helps hackers for port scanning. All port scanners catch the open and listenning ports thanks to RST flag.
TCP SYN flag is used initially when establishing the TCP connection in three way handshake. It is the well-known TCP flag. During establishing the connection in three way handshake, 2 SYN set packet sent. After the connection establishment, during the data session, many SYN set packets sent and received.
TCP FIN flag is used to tear down the TCP connection. This is the last packets sent and received. The name of this process is TCP Four-Way Handshake.
As you know the TCP connection is full duplex. So if one side send FIN flag set, the other side continue to receive data until it send TCP FIN flag set too.
This is all for TCP flags. Let’s go to the next session and check the most important part of the TCP header, windowing with checksum and urgent pointer…
Leave a Reply