DEV Community

Cover image for Demystifying TCP: How the Internet Actually Sends Your Data (Without Losing It)
Tahsin Abrar
Tahsin Abrar

Posted on

Demystifying TCP: How the Internet Actually Sends Your Data (Without Losing It)

#networking #tcp #webdev #programming

Let’s be honest for a second. When we write code to fetch data from a server, we usually don't think twice about how it gets there. We write a simple JavaScript fetch() call, hit save, and boom our frontend talks to our backend.

fetch('https://api.example.com/data', {
  method: 'POST',
  body: JSON.stringify({ message: "Hello World" })
});
Enter fullscreen mode Exit fullscreen mode

To us, it feels like magic. We just say "send this," and it arrives. But the Application Layer (where our code lives) is blissfully unaware of the chaotic, noisy, and unpredictable journey that data takes across the internet.

The real unsung hero making sure your "Hello World" doesn't turn into a corrupted mess of random bytes is the Transport Layer specifically, the TCP (Transmission Control Protocol).

Today, we are going to look under the hood. No dry, boring textbook definitions. Just a practical, developer-friendly look at how TCP actually works, how it keeps our data safe, and why understanding it will make you a much better software engineer.

What is TCP, Really?

Imagine you are mailing a 1,000-page manuscript to a publisher, but the post office only allows you to send one page per envelope.

If you just dump 1,000 envelopes into the mailbox, what happens? Some might get lost. Some might arrive out of order. The publisher would be hopelessly confused.

TCP is the ultimate postal manager. It chops your big data into smaller pieces called segments, numbers them, sends them, and waits for a receipt. If a piece goes missing or gets corrupted, TCP demands that it be sent again.

That’s why the "C" in TCP stands for Control. It controls the transmission so you don't have to.

To do this, TCP breaks communication down into three distinct phases:

  1. The Setup (Three-way Handshake)
  2. The Data Transfer
  3. The Teardown (Four-way Finishing)

Let’s walk through them.

Phase 1: The Three-Way Handshake 🤝

Before TCP sends a single byte of your actual data, it needs to make sure the server is awake, willing, and ready to talk. It does this using a process called the Three-Way Handshake.

Imagine calling a friend on the phone:

You: "Hey, are you there? Can you hear me?" (SYN)
Friend: "Yeah, I hear you! Can you hear me?" (SYN-ACK)
You: "Loud and clear. Let's talk." (ACK)

In TCP terms, it looks like this:

  • SYN (Synchronize): The Client sends a packet with the SYN flag turned on. It says, "I want to connect, and I'm starting my sequence at number 1000."
  • SYN-ACK (Synchronize-Acknowledge): The Server replies. "I got your request (ACK 1001), and I also want to connect. My sequence starts at 2000" (SYN).
  • ACK (Acknowledge): The Client sends one final confirmation. "Got it. I'm ready for your data starting at 2001."

Boom. The connection is established. Now, they can safely send data.

What’s Inside a TCP Segment? (The Anatomy of a Header)

When TCP chops up your data, it doesn't just send raw text. It wraps your data in a Header a block of metadata that contains all the instructions for delivery.

A TCP header is usually between 20 and 60 bytes. Let's break down the coolest parts of this header.

1. The Ports (Source & Destination)

You probably know that an HTTP server runs on port 80, HTTPS on 443, and your local React app maybe on 3000. But have you ever wondered what port the client (your browser) uses to make the request?

The TCP header reserves 16 bits each for the Source Port and the Destination Port. 16 bits means $2^{16} - 1$, which gives us a maximum of 65,535 possible ports.

  • Well-known ports (0 - 1023): Reserved for big stuff. (80 for HTTP, 443 for HTTPS, 22 for SSH).
  • Registered ports (1024 - 49151): Used by specific apps (like MySQL on 3306).
  • Ephemeral / Dynamic ports (49152 - 65535): This is the secret sauce!

When your browser makes a request to Facebook (port 443), your Operating System randomly grabs an unused Ephemeral port (let's say 50153) and assigns it to your browser. So the request goes from Your_IP:50153 to Facebook_IP:443. When Facebook replies, it knows exactly to send the data back to port 50153, so it reaches your exact browser tab!

2. Sequence & Acknowledgment Numbers

These are the page numbers of our manuscript analogy.

  • Sequence Number: "This is byte number 1001 of my data."
  • ACK Number: "I successfully received up to byte 1005. Please send byte 1006 next."

3. Window Size (Flow Control)

Imagine trying to drink from a firehose. You'd drown. Servers can experience the same thing if a client sends data too fast.

The Window Size is the server politely saying: "Listen, I can only handle 10,000 bytes at a time right now. Don't send me more than that until I acknowledge receipt, or I'll crash." This prevents overwhelming the receiver.

4. The Checksum (Error Detection)

As data travels across the ocean through fiber optic cables, routers, and Wi-Fi signals, electrical interference can flip a bit (turn a 0 into a 1). Your "I love you" might suddenly turn into "I hate you".

To fix this, TCP uses a Checksum. Before sending, the sender takes all the data, adds it up in a specific binary way, flips the bits (One's Complement), and puts that value in the Checksum field.

When the receiver gets it, they do the exact same math. If their result doesn't perfectly match, they know the data got corrupted in transit. They silently drop the corrupted segment, forcing the sender to re-transmit it.

5. Flags

These are tiny 1-bit switches that tell the receiver what kind of segment this is. Is it a setup request (SYN)? Is it an acknowledgment (ACK)? Or is it time to close the connection (FIN)?

Phase 2: Sending the Data

Once the handshake is done, the actual data transfer begins.

Let's say we are sending the string "Hello World". Based on the Maximum Segment Size (MSS) agreed upon during the handshake, TCP might split this into multiple segments.

The client sends "Hell", the server ACKs it. The client sends "o Wo", the server ACKs it.

Because of the Window Size, the client doesn't actually have to wait for an ACK after every single segment. If the window is large enough, it can blast 10 segments at once, and the server can send a single ACK saying, "Yep, got all 10!"

If an ACK never arrives, the sender's internal timer runs out, and it assumes the data was lost in the void. It then resends the data. That's the beauty of it it guarantees delivery.

Phase 3: The Four-Way Teardown 👋

When the client is done sending data, it doesn't just hang up the phone. It's polite. It initiates a Four-Way Teardown.

  • Client: Sends a FIN (Finish) flag. "I'm done sending data."
  • Server: Sends an ACK. "Understood, you're done." (At this point, the server might still have a little bit of its own data left to send back to the client. The client will wait and listen).
  • Server: Sends its own FIN. "Okay, I'm done sending data too."
  • Client: Sends a final ACK. "Got it. Goodbye forever."

The connection is closed, and the OS frees up the ephemeral port to be used by another application later.

Why Should You Care as a Developer?

You might be thinking, "This is cool, but my framework handles this. Why do I need to know it?"

Because things break.

  • When your API requests start timing out, understanding the Three-way Handshake helps you debug if a firewall is blocking your SYN packets.
  • When you wonder why you can't run two node servers on port 3000, you now understand how Ports bind to processes.
  • When you design high-traffic systems, understanding Window Size helps you realize why servers get overwhelmed and drop connections.

Understanding TCP is like moving from driving an automatic car to a manual transmission. You don't have to think about the gears every day, but when you're stuck in the mud, knowing exactly how the engine connects to the wheels is what gets you out.

Top comments (0)