network_stuff:tcpnotes
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| network_stuff:tcpnotes [2022/07/20 17:41] – jotasandoku | network_stuff:tcpnotes [2024/10/14 12:44] (current) – jotasandoku | ||
|---|---|---|---|
| Line 8: | Line 8: | ||
| * SACK is like a lookeahead acknowledgement while we wait for slow Bytes to arrive. | * SACK is like a lookeahead acknowledgement while we wait for slow Bytes to arrive. | ||
| * Example: "If I received Bytes 1,2,3 5,6 but not 4, I acknowledge 3 and ' | * Example: "If I received Bytes 1,2,3 5,6 but not 4, I acknowledge 3 and ' | ||
| + | * How it works in practice: by appending to a duplicate acknowledgment packet a TCP option containing a range of noncontiguous data received | ||
| \\ | \\ | ||
| ACK is sent indicating that is has received cumulated data and is ready for the next segment | ACK is sent indicating that is has received cumulated data and is ready for the next segment | ||
| Line 22: | Line 23: | ||
| {{: | {{: | ||
| + | |||
| + | |||
| + | |||
| + | ---- | ||
| + | |||
| + | TCP TIMERS: | ||
| + | \\ | ||
| + | * Time Out Timer: sender waiting for the ack. If ack doesn' | ||
| + | * Time Wait Timer: used for the orderly close and discard or ports at the end of a session. Sender starts the time wait timer after sending the ACK for the second FIN segment. | ||
| + | * Keep Alive Timer: If server stops hearing a customer for 2 hours starts sending 10 probes every 75 seconds. | ||
| + | * Persistent Timer: Used to deal with deal with a zero-widow-size deadlock situation. Keeps sending data for a while even when the receiver has closed the window. | ||
| + | |||
| ---- | ---- | ||
| Line 30: | Line 43: | ||
| \\ | \\ | ||
| (Reno, Cubic, Tahoe, more recently, BBR + Vegas, , Westwood) | (Reno, Cubic, Tahoe, more recently, BBR + Vegas, , Westwood) | ||
| - | [[https:// | + | \\ |
| + | * BBR (Bottleneck Bandwidth and RTT). Used in QUIC and HTTP/3 protocols. More modern and **doesn' | ||
| + | * CUBIC (cubic function) is default in Linux. It relies on packet loss and a cubic window growth, making it less aggressive than BBR but well-optimized for traditional networks. | ||
| + | * BBR offers more efficient bandwidth usage and lower latency, especially in unpredictable networks, while CUBIC is robust in traditional high-speed environments. | ||
| + | | ||
| * sysctl net.ipv4.tcp_congestion_control | * sysctl net.ipv4.tcp_congestion_control | ||
| * sysctl net.ipv4.tcp_available_congestion_control | * sysctl net.ipv4.tcp_available_congestion_control | ||
| Line 62: | Line 78: | ||
| * An attacker in the middle can disrupt the communication between 2 peers. | * An attacker in the middle can disrupt the communication between 2 peers. | ||
| * PUSH: is a flag that informs the receiver that all data has been sent. When we disable Nagle with TCP_NODELAY it also sends the push flag but is not exactly the same. [[http:// | * PUSH: is a flag that informs the receiver that all data has been sent. When we disable Nagle with TCP_NODELAY it also sends the push flag but is not exactly the same. [[http:// | ||
| + | |||
| + | |||
| + | ---- | ||
| + | |||
| + | QUIC NOTES | ||
| + | |||
| + | * You need decryption keys or won't see much [[https:// | ||
| + | * 1 or 0 handshake modes | ||
| + | * Multiplexes hundreds of flows over single connection | ||
| + | * It has a long connection index (each side chooses its counterpart index). | ||
| + | * ^^ allows reuse connection independently underlying protocol (ie IP changes when moving WiFi to 5G) | ||
network_stuff/tcpnotes.1658338869.txt.gz · Last modified: (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
