.

A few Questions about TCP data flow

<<

JayOni

User avatar

Newbie
Newbie

Posts: 21

Joined: Fri May 27, 2011 7:30 pm

Location: US

Post Mon May 30, 2011 11:46 am

A few Questions about TCP data flow

Hope im not bugging you guys with my questions yet. But I dont got school because its memorial day and I need some questions answered about the flow of data in TCP. I cant really afford to take a day off from studying.

1) TCP takes place in the network layer of the OSI right? So does that mean it starts at the network layer or does the data flow from TCP still have to start at the physical layer? The book isnt very clear on this point.

2) In the line header length, Reserved, flags, sliding window..... what is the reserved area used for all the book says is its for later use and hardly ever used.

3) In the line Options/Padding is it possible for both of these to be 0 bits at the same time? And if so does this line get skipped completely? Are the special options worth knowing about?

4) Under Data what is meant by "The size of the data field depends on how much data needs to be transmitted(this half i understand its the next half which I don't), the constraints of the TCP segment size imposed by the network type, and the limitation that segment must fit within an IP datagram."
<<

eEv63

User avatar

Newbie
Newbie

Posts: 2

Joined: Wed Jan 05, 2011 8:53 am

Location: India

Post Mon May 30, 2011 1:38 pm

Re: A few Questions about TCP data flow

can you tell me which book are you referring??
<<

JayOni

User avatar

Newbie
Newbie

Posts: 21

Joined: Fri May 27, 2011 7:30 pm

Location: US

Post Mon May 30, 2011 2:06 pm

Re: A few Questions about TCP data flow

The name of the book is "Network+ Guide to Networks" 5th edition
<<

JayOni

User avatar

Newbie
Newbie

Posts: 21

Joined: Fri May 27, 2011 7:30 pm

Location: US

Post Mon May 30, 2011 7:29 pm

Re: A few Questions about TCP data flow

since my post hasnt got much attention since its been moved... *bump*
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Mon May 30, 2011 8:32 pm

Re: A few Questions about TCP data flow

Bothering?  No way.  This is what forums are for: to ask  your questions to those who may be able to help :)

1) The OSI model isn't necessarily a road map of how packets travel (directly from top to bottom or vice versa).  To quote the OSI model wikipedia page:

A layer provides services to its upper layer while receiving services from the layer below.


So while TCP "resides" on the transport layer, it doesn't necessarily travel up from the physical layer, but instead provides/receives services from/to the layers above/below it.

2) I couldn't tell you.  Checking the RFC for TCP (RFC 793), it doesn't say what it's going to be used for either.

3) I believe you're correct with this.  If there's no options, then the header is already set to allow the data portion to start in the next 32-bit boundary, therefore no need for any padding.  Somebody else may need to back me up on this though as I'm not 100%.

4a)
...the constraints of the TCP segment size imposed by the network type...


I think refers to the ability to configure TCP segment size limits per network and how the segment is fragmented to fit said limitations.

4b)
...and the limitation that segment must fit within an IP datagram.


I think refers to the size limitations put on by the IP standard (minimum of 20 bytes, maximum of 65,535 bytes).
GSEC, eCPPT, Sec+
<<

JayOni

User avatar

Newbie
Newbie

Posts: 21

Joined: Fri May 27, 2011 7:30 pm

Location: US

Post Mon May 30, 2011 10:06 pm

Re: A few Questions about TCP data flow

ok so the TCP resides on the transport layer but the accual protocol is a network layer?
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Tue May 31, 2011 9:15 am

Re: A few Questions about TCP data flow

I'm not sure what you mean when you say "actual protocol," but the TCP protocol is part of the transport layer.  Let's take a look at it in terms of the world wide web.  Take TCP/IP for example.  IP is part of the network layer.  IP as a protocol though is connectionless; it doesn't do any transporting.  TCP takes care of transporting the data in the IP datagram.

As I said before, the OSI/Internet models aren't maps of how packets travel.  It's a model showing how protocols work together to .  In this example of the world wide web, TCP provides the transport service for IP.
GSEC, eCPPT, Sec+
<<

WCNA

User avatar

Full Member
Full Member

Posts: 187

Joined: Wed Mar 02, 2011 8:05 am

Location: Florida

Post Tue May 31, 2011 9:54 am

Re: A few Questions about TCP data flow

re:"The book isnt very clear on this point."

I'm not sure my answer will be very clear either as I'm not sure exactly what you are asking. You might want to look at some of the OSI tutorials on youtube or securitytube.

Maybe this will help but it may not be what you are looking for. Let's say you open an application like a web browser (layer 7). As it heads down the OSI model on its way to the internet, it will pick up different headers and change names. Layers 7-5 it's called a PDU, layer 4 it becomes a segment, layer 3 a datagram and then at layer 2 when ethernet adds its header it becomes a frame. From there it heads out to the internet. As it hits various routers and switches it will climb the OSI model up to layer 2 or 3 (or higher) and then back down again over and over until it reaches its destination, where it will climb back up to layer 7, the application at the other end.

Take a look here for more info- http://www.tcpipguide.com/free/t_DataEn ... ceDa-2.htm

Is question 4 about window sizes? If so, this should help- http://www.youtube.com/watch?v=XpUNXDkfkQg
As Laura explains, if an application doesn't pick up data from the buffer quick enough, it will let the server know to stop sending so much data as  the client is unable to process it all that quickly. It may even reach a window zero condition where it will stop sending traffic altogether. Other things you will want to understand are fragments and scaling. They change sizes also.
ISC2 Associate, WCNA, CWNA, OSCP, Network+
<<

JayOni

User avatar

Newbie
Newbie

Posts: 21

Joined: Fri May 27, 2011 7:30 pm

Location: US

Post Tue May 31, 2011 6:46 pm

Re: A few Questions about TCP data flow

well i looked back in the book and it clearly DOES  say transport layer for the TCP (even though i could of sworn up an down the book said network layer) I probally just got it mixed up with what it said about the IP or something thats what happens when you only get 5 weeks to learn networking..... so much info so little time. I have it drilled into my mind now after seeing you guys say it so many times so I wont forget. :)
<<

WCNA

User avatar

Full Member
Full Member

Posts: 187

Joined: Wed Mar 02, 2011 8:05 am

Location: Florida

Post Tue May 31, 2011 9:36 pm

Re: A few Questions about TCP data flow

Wikipedia has some good examples and pics

http://en.wikipedia.org/wiki/TCP/IP_model
ISC2 Associate, WCNA, CWNA, OSCP, Network+
<<

lorddicranius

User avatar

Sr. Member
Sr. Member

Posts: 448

Joined: Thu Mar 03, 2011 3:54 am

Post Tue May 31, 2011 10:28 pm

Re: A few Questions about TCP data flow

Good links, WCNA - thanks.

Also, a quick question (for anybody).  While the IP model was acknowledged when I was studying for Network+ etc, the OSI model was mostly taught/referenced.  Is the IP model being taught more these days?
GSEC, eCPPT, Sec+
<<

JayOni

User avatar

Newbie
Newbie

Posts: 21

Joined: Fri May 27, 2011 7:30 pm

Location: US

Post Tue May 31, 2011 10:48 pm

Re: A few Questions about TCP data flow

I didnt get a chance to look at it in detail really im studying like 16-18 hours a day (counting the time im spending at school) but this is one of the certs i want to get actually so i'll be sure take make the time to look it over good. Thanks.
<<

tturner

User avatar

Sr. Member
Sr. Member

Posts: 435

Joined: Thu Jun 26, 2008 4:50 pm

Post Wed Jun 01, 2011 6:13 am

Re: A few Questions about TCP data flow

Question 2 - The reserved area is used for fuzzing :D

Mike Poor calls that the evil bit. If it's set, then the packet is likely Eeeeeeeeeevill!

Some network stacks (and some IDS's) don't know what to do with the packet when the evil bit is set and hilarity can ensue. Or not.
Certifications:
CISSP, CISA, GPEN, GWAPT, GAWN, GCIA, GCIH, GSEC, GSSP-JAVA, OPSE, CSWAE, CSTP, VCP

WIP: Vendor WAF stuff

http://sentinel24.com/blog @tonylturner http://bsidesorlando.org
<<

WCNA

User avatar

Full Member
Full Member

Posts: 187

Joined: Wed Mar 02, 2011 8:05 am

Location: Florida

Post Wed Jun 01, 2011 1:34 pm

Re: A few Questions about TCP data flow

lorddicranius said "Is the IP model being taught more these days?"

Not to my knowledge. It seems like everyone uses the OSI model....although the TCP/IP model is a potential question on the CISSP exam.
ISC2 Associate, WCNA, CWNA, OSCP, Network+
<<

yatz

Full Member
Full Member

Posts: 222

Joined: Tue May 25, 2010 2:58 pm

Post Wed Jun 01, 2011 1:47 pm

Re: A few Questions about TCP data flow

WCNA wrote:lorddicranius said "Is the IP model being taught more these days?"

Not to my knowledge. It seems like everyone uses the OSI model....although the TCP/IP model is a potential question on the CISSP exam.


I got a thorough run through of both TCP/IP and OSI models during my recent Cisco studies, though I can't recall if both were on the exam.  Also, I made it through an associates in Computer Networking without touching on the TCP/IP model at all, but the OSI model was taught at length.  In general, as WCNA said, OSI model is the norm.
"Live as though you would die tomorrow, learn as though you would live forever."

CCNA, MCSA, MCTS, Sec+, Net+, Linux+, CEH

Return to Networking

Who is online

Users browsing this forum: No registered users and 0 guests

cron
.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software