I'm trying to understand how the sequence numbers of the TCP header are generated.
In some places I read that it is the "index of the first byte in the packet" (link here), on some other sites it is a random 32bit generated number that is then incremented.
I don't really know which is which, so here are some questions:
I read some of the RFCs like RFC 6528, RFC 793, and RFC 1948 but I can't seem to understand which one is actually implemented.
I read about the "std" status but still...
Thank you in advance!
TCP is a stream transport protocol. To ensure connectivity, each byte to be transmitted is numbered. During connection establishment, each party uses a Random number generator to create an initial sequence number (ISN), which is usually different in each direction.
TCP Sequence Number is a 4-byte field in the TCP header that indicates the first byte of the outgoing segment. It helps to keep track of how much data has been transferred and received. The TCP Sequence Number field is always set, even when there is no data in the segment.
When a host initiates a TCP session, its initial sequence number is effectively random; it may be any value between 0 and 4,294,967,295, inclusive. However, protocol analyzers like Wireshark will typically display relative sequence and acknowledgement numbers in place of the actual values.
Each byte to be transmitted is numbered to assure connectivity. Each party generates an initial sequence number (ISN) during connection establishment using a random number generator, which is usually different in each direction. A TCP sequence number is 32 bits long, as we know.
Each endpoint of a TCP connection establishes a starting sequence number for packets it sends, and sends this number in the SYN packet that it sends as part of establishing a connection.
There is no requirement for either end to follow a particular procedure in choosing the starting sequence number. The operating system is free to use any mechanism it likes, but generally it's best if it chooses a random number, as this is more secure.
From that starting point, each packet sent by either end contains two sequence numbers - one to specify where in the stream the packet is, and an ACK sequence number which signifies the number of bytes received. Both numbers are offset by the starting sequence number.
Read all about it in Wikipedia of course - look for "sequence number" in that page to get all the gory details.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With