Now let's finally look at the TCP header. You don't need to memorise this or even study it in detail. In fact, let me give you a pro-tip here: I've never referred to this diagram or this information during my professional career, even during my brief one year as a network administrator.
Let's break down the important things you'll work with the most when configuring firewalls, software, and the likes.
We've looked at ports already. There are two ports mentioned in the header:
From the client's perspective, the
destination port is usually the port number of the remote service you're accessing like
source port is going to be a random port number in a very large range. This is used so that the remote end of the TCP connection can reply to the client, citing the
source port as being the port to reply to.
From the server's perspective, the
source port is the port the application is
LISTEN-ing on via a TCP connection, like
destination port is like the "reply to" port of the client connection, so when the server sends back information it "replies" to that
These two port numbers are going to be the primary thing you'll be concerned with and even then you're not really going to be too concerned with the
source port much.
Sequence and ACK Numbers#
These are used by the TCP connection to check that packets are delivered as expected. When a packet is sent the sending party expects to see an
ACK packet sent back to say, "I got that!" If it doesn't then the packet may be sent again.
You won't work with these values or parts of the header at all.
All the other parts of the header have their place and function, of course, but you simply don't need to concern yourself with them at all. I don't believe I've ever had to be concerned with anything more than ports, perhaps the
Windows Size and the state of the connection.
I'd recommend you leave studying the rest of the protocol's details until you need to know more.