传输控制协议(TCP协议)是因特网协议栈中很重要的一个协议,它是IP协议的补充。TCP协议提供基于IP网络的可靠的、有序的、查错的(error checked)节流传输。主流网络应大多基于TCP协议的。TCP协议格式由RFC793定义,本文是RFC793概述部分的要点摘录,阐述了基础概念和实现原理。




TCP is a connection-oriented, end-to-end reliable protocol designed to fit into a layered hierarchy of protocols which support multi-network applications.


The TCP is intended to provide a reliable process-to-process communication service in a multinetwork environment. The TCP is intended to be a host-to-host protocol in common use in multiple networks.


  • Basic Data Transfer
  • Reliability
  • Flow Control
  • Multiplexing
  • Connections
  • Precedence and Security



Applications that do not require reliable data stream service may use the User Datagram Protocol (UDP), which provides a connectionless datagram service that emphasizes reduced latency over reliability.



  • The internetwork environment consists of hosts connected to networks which are in turn interconnected via gateways. It is assumed that the network is based on packet switching technology.
  • The term packet is used generically here to mean the data of one transaction between a host and its network.
  • Hosts are computers attached to a network, and from the communication network’s point of view, are the sources and destinations of packets.
  • Processes are viewed as the active elements in host computers (in accordance with the fairly common definition of a process as a program in execution).
  • Since a process may need to distinguish among several communication streams between itself and another process (or processes), we imagine that each process may have a number of ports through which it communicates with the ports of other processes.


The TCP is assumed to be a module in an operating system. The users access the TCP much like they would access the file system.

通信可靠性(Reliable Communication)


A stream of data sent on a TCP connection is delivered reliably and in order at the destination.


Transmission is made reliable via the use of sequence numbers and acknowledgments.
An acknowledgment by TCP does not guarantee that the data has been delivered to the end user, but only that the receiving TCP has taken the responsibility to do so.


To govern the flow of data between TCPs, a flow control mechanism is employed. The receiving TCP reports a "window" to the sending TCP. This window specifies the number of octets, starting with the acknowledgment number, that the receiving TCP is currently prepared to receive.

连接的建立和断开(Connection Establishment and Clearing)

通过IP地址和端口号来创建唯一的 socket

To identify the separate data streams that a TCP may handle, the TCP provides a port identifier. Since port identifiers are selected independently by each TCP they might not be unique. To provide for unique addresses within each TCP, we concatenate an internet address identifying the TCP with a port identifier to create a socket which will be unique throughout all networks connected together.

A connection is fully specified by the pair of sockets at the ends. A local socket may participate in many connections to different foreign sockets. A connection can be used to carry data in both directions, that is, it is "full duplex".

A connection is specified in the OPEN call by the local port and foreign socket arguments. In return, the TCP supplies a (short) local connection name by which the user refers to the connection in subsequent calls. To store this information we imagine that there is a data structure called a Transmission Control Block (TCB).

A passive OPEN request means that the process wants to accept incoming connection requests rather than attempting to initiate a connection. A service process that wished to provide services for unknown other processes would issue a passive OPEN request with an unspecified foreign socket. Processes can issue passive OPENs and wait for matching active OPENs from other processes and be informed by the TCP when connections have been established.

The procedures to establish connections utilize the synchronize (SYN) control flag and involves an exchange of three messages. This exchange has been termed a three-way hand shake.

A connection is initiated by the rendezvous of an arriving segment containing a SYN and a waiting TCB entry each created by a user OPEN command. The matching of local and foreign sockets determines when a connection has been initiated. The connection becomes "established" when sequence numbers have been synchronized in both directions.

The clearing of a connection also involves the exchange of segments, in this case carrying the FIN control flag.

数据传输(Data Communication)

The data that flows on a connection may be thought of as a stream of octets. The sending user indicates in each SEND call whether the data in that call (and any preceeding calls) should be immediately pushed through to the receiving user by the setting of the PUSH flag.

A sending TCP is allowed to collect data from the sending user and to send that data in segments at its own convenience, until the push function is signaled, then it must send all unsent data. When a receiving TCP sees the PUSH flag, it must not wait for more data from the sending TCP before passing the data to the receiving process.

There is a coupling between the push function and the use of buffers of data that cross the TCP/user interface. Each time a PUSH flag is associated with data placed into the receiving user’s buffer, the buffer is returned to the user for processing even if the buffer is not filled. If data arrives that fills the user’s buffer before a PUSH is seen, the data is passed to the user in buffer size units.

TCP also provides a means to communicate to the receiver of data that at some point further along in the data stream than the receiver is currently reading there is urgent data. TCP does not attempt to define what the user specifically does upon being notified of pending urgent data, but the general notion is that the receiving process will take action to process the urgent data quickly.

优先性和安全性(Precedence and Security)

The TCP makes use of the internet protocol type of service field and security option to provide precedence and security on a per connection basis to TCP users. Not all TCP modules will necessarily function in a multilevel secure environment; some may be limited to unclassified use only, and others may operate at only one security level and compartment. Consequently, some TCP implementations and services to users may be limited to a subset of the multilevel secure case.

TCP modules which operate in a multilevel secure environment must properly mark outgoing segments with the security, compartment, and precedence. Such TCP modules must also provide to their users or higher level protocols such as Telnet or THP an interface to allow them to specify the desired security level, compartment, and precedence of connections.

鲁棒性原则(Robustness Principle)

TCP implementations will follow a general principle of robustness: be conservative in what you do, be liberal in what you accept from others.


Comments powered by Disqus