Understand TCP, UDP, TLS

Subscribe to my newsletter and never miss my upcoming articles

Understanding a little bit of the underlying network communication principles is of great help to daily work, reducing "daily communication friction" with back-end engineers, and enhancing resonance and mutual trust and understanding. In the interview process, many companies will examine the breadth of knowledge of front-end engineers. TCP/IP, TCP, UDP, and TLS are frequently asked.

The TCP/IP protocol is a set of protocols, which includes many protocols, and TCP, UDP, TLS, etc. are just among them.

The TCP/IP protocol set includes the application layer, the transport layer, the network layer, and the network access layer.

The application layer includes:

  • Hypertext Transfer Protocol (HTTP): the basic protocol of the World Wide Web;
  • File transfer (TFTP Simple File Transfer Protocol);
  • Telnet, which provides remote access to other hosts, allows users to log in;
  • Internet host, and execute commands on this host;
  • Network management (SNMP Simple Network Management Protocol), which provides methods for monitoring network equipment, as well as configuration management, statistical information collection, performance management and security management, etc.;
  • Domain Name System (DNS), which is used to convert domain names and their public broadcast network nodes into IP addresses in the internet

The transport layer includes:

  • TLS, also known as the SSL (Secure Sockets Layer) protocol, was later renamed Transport Layer Security (TLS) when the IETF standardized the SSL protocol.

The network layer includes:

  • Internet Protocol (IP)
  • Internet Control Message Protocol (ICMP)
  • Address Resolution Protocol (ARP)
  • Reverse Address Resolution Protocol (RARP)

Network access layer:

  • The network access layer is also called the host-to-network layer. The functions of the network access layer include the mapping of IP addresses to physical address hardware, and the encapsulation of IP into frames. Based on the network interfaces of different hardware types, the network access layer defines the connection with the physical medium.


SYN Request to establish a connection, and set the initial value of the serial number in its serial number field. To establish a connection, set to 1.

ACK The confirmation number is valid, generally set to 1. FIN Hope to disconnect. URG Whether the emergency pointer is valid. As 1, it means that a certain bit needs to be processed first. PSH Prompt the receiving end application to immediately read the data from the TCP buffer RST The other party requests to re-establish the connection and reset.

The three handshake are:

  1. SYN The client chooses a random sequence number x and sends a SYN packet, which may also include other TCP flags and options.

2.SYN ACK The server adds 1 to x, chooses its own random serial number y, adds its own logo and options, and then returns a response.

  1. ACK The client adds 1 to x and y and sends the last ACK packet during the handshake.

The impact of handshake on delay

After the three-way handshake is completed, the client and server can communicate. The client can send data immediately after sending the ACK packet, and the server must wait until the ACK packet is received before sending the data. This process of initiating communication is applicable to all TCP connections, and therefore has a very large performance impact on all applications that use TCP, because each time application data is transmitted, a complete round trip must be experienced. For example, if the client is in New York and the server is in London, it takes at least 56 ms for the optical handshake to initiate a new TCP connection via optical fiber: it takes 28 ms to send a packet to London, and 28 ms to send a response back to New York. Here, the bandwidth of the connection has no effect on time, and the delay depends entirely on the round-trip time between the client and the server, which is mainly the transmission time between New York and London. The delay caused by the three-way handshake makes it costly to create a new TCP connection. And this also determines the key to improving the performance of TCP applications is to find ways to reuse connections. There is a scheme for reusing TCP connections called "TCP Fast Open" (TFO). Linux 3.7 and later kernels already support TFO in the client and server. For details, please refer to the IETF specifications.

Share this