Tech tips

TCP Header (Window Size & Checksum) # 2.8

Welcome to tcpipworld.com Blog Post  # 9

Limit your “always” and your “nevers.”- Amy Poehler​​

We will discuss the last TCP Window Size & Checksum.

Key Takeaway :

  • TCP Window Size 
  • TCP Checksum

1. TCP Window Size

TCP uses a concept called Windowing. Windowing is a mechanism to control the flow of data. To prevent too much data so that receiver doesn’t flow behind.

Window, What we mean the maximum amount of data, that can be sent before an ACK received. So remember TCP is a reliable protocol and the receiver sends an ACK to the sender. By the way, the sender knows that the data was delivered.

Here the concept of the Window uses the Acknolegment, to let the sender knows that all the information of the advertised window is received.

Now the sender can continue to send more data.

Lets deep dive into Window Size in depth.

We have two types of Window :

  • Send Window
  • Receive Window

1.1 Receive Window :

Let’s understand from the capture :

Window Size is 2 bytes field in total 65535.

the remote side by advertising its window 65535. This is what my receive window is.

What that means, if the sender sends data back to this receiver, 65535 bytes of data before this host can send an ACK. This means the receiver doesn’t handle more than these bytes. This is what I can handle for unacknowledged bytes.

Let’s look at the 192.168.1.46 client window size is 64240.

Note: Only in SYN packet they send window scale in the option field that values multiple the window size to get the actual window size of this client.

The reason why it does that because more than 65535 number which is not allocated by the TCP header.

1.1.1 Why we need a larger window size?

This will make more throughput, for long connection or with a lot of latency, high bandwidth, and high latency.

1.1.1.1 Example

For satellite communication, we need a larger window size. We want the sender to put more data on it for data transfer. The only way we can do by increasing the window size in breaking the TCP header and for that, we use an Option called Window Scale.

Window Scale value only be seen in the Three-Way Handshake process.

To calculate the window size is not actually part of the TCP header. Wireshark helps us to understand. We get the exact window size that each side is using.

The calculated window size means, TCP received a buffer that all the data sender can send before ACK comes back.

This number isn’t going to be static, it varies with time depends on the receive buffer on the client, fill up a little bit, or maybe busy doing some of the processes.

TCP window size full, the server cant send anything. This informs the client with Window Size set to 0.

1.2 Send Window

How many bytes a sender can send to the receiver?

That depends on how much the receiver advertises the receive window.

Note: Send Window we will discuss in Sliding Window blog.

1.2.1 Example

The receiver window is 5000 Bytes, the sender can send a maximum of up to 5000 Bytes.

2. TCP Checksum

TCP provides a feature called Error Control with the help of checksum it achieves it. Similar to CRC in the frame, the Transport Layer protocol uses checksum.

It calculated over TCP header, data, and pseudoheader.

Pseudoheader you can take the source, destination, protocol field of IP header, and the segment total length.

Notice that there is no such point in the TCP header this total length has to be calculated.

Comment here