Tags: ,

Forum Replies

  1. Hi Rene,

    The flag field has 9 bit size and you explain only six bit flags, what about the remaining 3 bit flags, can you please explain them to me ?

    Best Regard
    Hussein Samir

  2. Hi Hussein,

    Originally we only had 16 bits for the window size so the maximum window size was 65,535 bytes.

    Thanks to window scaling (http://tools.ietf.org/html/rfc1323), the highest (theoretical) window size that we can use is 1073725440 bytes (~ 1 gigabyte). Two bits are used for scaling, 2^14 remains for the window size which equals 1073725440.

    The space for the sequence numbers is pretty large: 32 bit. When we hit the final sequence number then it will wrap around and we start with 0 again, it works like a clock. In other words...you can keep sending data in a single TCP connection.

    The first three TCP flags (NS, CWR and ECE) are for Explicit Congestion Notification (ECN) which is an extension to the TCP packet. The idea behind ECN is that routers in between the sender/receiver that detect congestion can "mark" TCP packets instead of dropping them. The receiver can then inform the source, telling it to slow down. As of today, ECN hasn't been used much.

    You can read more about it here:


    Hope this helps!


  3. Hello Manami

    To understand the function of the PSH flag, it is important to first understand how TCP buffers data. TCP operates at layer four of the OSI model. To allow applications to read from and write to a TCP session, buffers are implemented on both sides of a TCP connection in both directions.

    Buffers allow for more efficient transfer of data when sending multiple segments of maximum size, such as when sending a large file. TCP will wait until a segment reaches its maximum size before sending it on its way. There are however some applications where this would be inappropriate. A Telnet connection for example, requires that a character be sent immediately once it is typed, even though it fills only a tiny fraction of the maximum segment size. Consider what would happen to your Telnet session if TCP waited until there was enough data to fill a segment before it would send one. You would have to type over a thousand characters before the first packet would make it to the remote device. Not very useful.

    This is where the PSH flag is used. When the PSH flag is set, the segment is sent or "pushed" immediately to the remote device. Additionally, when the segment reaches the destination, TCP immediately forward the segment up to the application without waiting for its buffer to fill.

    Essentially, TCP's push capability accomplishes two things:

    1) The sending application informs TCP that data should be sent immediately.
    2) The PSH flag in the TCP header informs the receiving host that the data should be pushed up to the receiving application immediately.

    The Urgent Flag has a different function. It is used to indicate that certain data within a segment is urgent and should be prioritised. If the URG flag is set, the receiving station evaluates the value of the Urgent Pointer, a 16-bit field in the TCP header. This pointer indicates what part of the data in the segment, counting from the first byte, is urgent. This is not used very often in modern networks.

    I hope this has been helpful!


  4. Hello Mohammad

    I'm not quite sure what you mean when you say "how many flags in TCP." The header contains 9 different flags which are used to establish and terminate connections and to control data flow.

    If this hasn't answered your question, please clarify.

    I hope this has been helpful!


  5. Many Thanks Andrew ....

10 more replies! Ask a question or join the discussion by visiting our Community Forum