What are TCP/IP communication flags?

TCP transmission control protocols have communication flags in their header for controlling and managing the communication between two internet devices.

The communication flags are embedded in the TCP headers for control and indication of a specific condition or action that is related to the transmission of the data.

Here six flags manage the connection between the internet devices and give instructions to the system. the main four flags in the TCP header (SYN, ACK, FIN, and RST) are responsible for the establishment, maintenance, and termination of the connection over the network.

The two other flags which are (PSH and URG) give the proper instruction to the system. The size of each flag is 1 bit. so there are 6 flags in the TCP flag section then the total size will be 6 bits.

For turning on any flag we need to set the value of that flag to 1 which will automatically trigger that flag in active state.

Different communication flags in the TCP header

There are a total of 8 main communication flags available in the TCP header. here is a basic flag list you can go through:-

1. Synchronize or SYN flag: It will generate the notification of any new sequence number transmission. This flag often denotes the three-way handshake that establishes a connection between two hosts.
2. Acknowledgment or ACK flag: This flag is used to confirm the receipt of transmission and identifies the next expected sequence number. after the device successfully receives an SYC packet then the acknowledgment flag will set the value of its flag to 1 implying that the receiver should pay attention to it.
3. Push or PSH flag: when the ACK flag will set the flag value to 1, then it indicates that the sender raised both operations to the receiver. This indicates that the remote system needs to inform the receiving application about the buffer data that is coming from the sender side. the system raises the push flag at the start and the end of the data transfer and sets it on the last segment of a file to prevent buffer deadlock. 
4. Urgent or URG flag: the urgent flag is used in instructing the system for processing the data contained in the packet as soon as possible. it is used when the data in the segment requires immediate attention from the receiving application. when the system sets the flag to 1, then the priority will be given to that flag for the processing of the data at first by stopping all other data processing.
5. Finish or FIN flag: this flag is used for the termination of the connection established by the SYN flag. when the value is set to 1 then it will announce that there is no more transmission will be sent to the remote system and then the transmission will be terminated.
6. Reset or RST flag: this flag is used when there is any error that occurs in the transmission then this flag will reset the connection and allows the system to start over. most of the time attackers use this flag for scanning active hosts and for identifying open ports in the system. In simple terms, we can say that the reset flag is used for resetting or aborting the current transmission between the devices. 

Note:- The SYN scanning techniques mainly use these three flags:- SYN, ACK, and RST. we can gather very legitimate information from the server during the enumeration phase with these three flags.

How TCP/IP communication works

We know that TCP is a connection-oriented protocol because TCP will first establish the connection before transferring any data between the application. The connection established with this protocol is possible with the help of the three-way handshake technique. 

Let’s understand the mechanism behind the Three-way handshake technique :

1. For establishing the connection using TCP protocol the source system (10.0.0.1:21) needs to send the SYN packet to the destination system (10.0.0.2:21)
2. After receiving the SYN packet, the destination system (10.0.0.2:21) will send the response with the SYN/ACK packet to the source system (10.0.0.1:21).
3. Now the ACK packet will confirm to the source system (10.0.0.1:21) that the sync packet is received by the destination system (10.0.0.2:21).
4. Now the source system (10.0.0.1:21) will send an ACK packet in the response of ACK/SYN packet transmitted by the destination system (10.0.0.2:21)
5.  This will establish a successful connection between the two devices now they will be able to communicate between the source and destination for transferring data between them, this connection will last long until one of them will send FIN or RST packet for terminating the connection.

this is the overview of the three-way handshake mechanism for initiating a TCP session between the devices over the network. 

How to terminate a TCP connection

After completing all the data transfers between the devices over the network with the help of the TCP connection protocol one of the system needs to send FIN or RST packet for terminating the connection. 

so a sender needs to send the termination request to the opposite party by sending a FIN or RST packet. after receiving the FIN or RST packet the receiver will acknowledge the termination request by sending an acknowledgment packet to the sender, and then he will finally send its own FIN packet, then after the system terminates the established TCP connection between the devices.

If you have any queries regarding the above content, or you want to update anything in the content, then contact us with your queries. You can directly post your question in the group.

Connect with us on these platforms