Tech Notes

Layer 4 – The Transport Layer

4 min read

While Layer 3 gets packets to the right house, Layer 4 ensures the “conversation” is reliable, ordered, and error-free.

🏗️ 1. TCP State: Tracking the Data Stream

TCP doesn’t just send packets; it keeps a “ledger” of every byte moved.

A. Byte-Level Sequencing

TCP does not number packets. It numbers bytes.

  • Example: Sending the message HELLO WORLD (11 bytes).
  • TCP assigns a position to each: H=1, E=2, L=3... D=11.
  • Sequence Number: The position of the first byte in a packet.

B. What each side remembers

  • Sender: “I’ve sent up to byte 100, but only byte 80 was acknowledged. I might need to resend 81–100.”
  • Receiver: “I have everything up to byte 80. I am expecting byte 81 next.”
    • If byte 82 arrives before 81: Out of order (Hold in buffer).
    • If byte 80 arrives again: Duplicate (Discard).

C. The Truth about ACKs

An ACK (Acknowledgement) doesn’t say “I got packet X.” It says: “I have received everything up to byte N. Send me N+1 next.”

  • This is “cumulative”—one ACK can confirm hundreds of previously sent packets.

🛝 2. The Sliding Window: Speed + Reliability

If TCP waited for an ACK after every single packet, the internet would be painfully slow. The Sliding Window allows multiple packets to be “in flight” at once.

A. How it “Slides”

  1. Window Size: Suppose it’s 5 bytes. Sender sends bytes 1, 2, 3, 4, 5.
  2. Wait: Sender stops and waits for an ACK.
  3. The Slide: Receiver sends ACK 3 (I have up to 3).
  4. Movement: The window “slides” forward. The sender can now send bytes 6, 7, and 8.

B. Who Controls the Window?

  • Flow Control (Receiver): The receiver says, “I’m slow, don’t send more than X.”
  • Congestion Control (Network): If packets are being dropped, TCP assumes the “pipes” are full and shrinks the window.

🛠️ 3. Loss Detection: The Safety Nets

TCP has two ways to realize a packet didn’t make it.

A. Re-transmission Timeout (RTO) - The Safety Net

  • Logic: Sender starts a timer. If no ACK arrives before the timer hits zero, it assumes the packet is lost and re-sends.
  • Downside: It’s slow. You have to wait for the timer to expire.

B. Fast Re-transmit (Duplicate ACKs) - The Smart Way

  • Scenario: Sender sends 1, 2, 3, 4, 5. Packet 3 is lost.
  • Receiver’s Reaction:
    • Gets 1 → ACK 2
    • Gets 2 → ACK 3
    • Gets 4 → ACK 3 (Still missing 3!)
    • Gets 5 → ACK 3 (STILL missing 3!)
  • Fast Re-transmit: After receiving 3 duplicate ACKs for the same byte, the sender doesn’t wait for a timer; it re-sends the missing byte immediately.

👋 4. The 4-Way Handshake: Closing the Connection

Because TCP is Full-Duplex (both sides talk at once), each side must close its direction of the conversation independently.

The Steps:

  1. FIN (Client → Server): “I’m done sending data.”
  2. ACK (Server → Client): “Got it. I’ll stop expecting data from you.” (State: Half-Closed).
  3. FIN (Server → Client): “I’m also done sending data.”
  4. ACK (Client → Server): “Understood. Goodbye.”

🚀 5. UDP: User Datagram Protocol (The “Fast” One)

If TCP is a Registered Letter (signed for, tracked), UDP is a Postcard.

A. What makes UDP different?

  • No State: UDP doesn’t track sequence numbers, ACKs, or windows.
  • Connectionless: No handshake. It just starts sending.
  • No Reliability: If a packet is lost, it’s gone forever. UDP doesn’t care.
  • No Ordering: Packets can arrive in any order, and UDP will just hand them to the app as they appear.

B. Why would anyone use UDP?

Speed and Low Latency. TCP’s “state” adds a lot of data overhead and waiting time.

  • Real-time Video/Voice: If one frame of a Zoom call is lost, you don’t want the whole video to freeze while TCP “retries.” You’d rather just skip to the next frame.
  • Gaming: You need the player’s current position now, not where they were 2 seconds ago.
  • DNS: A single request/response is faster without a 3-way handshake.

C. UDP Header (Only 8 bytes!)

Because it does so little, the header is tiny compared to TCP’s 20+ bytes:

  • Source Port
  • Destination Port
  • Length
  • Checksum (Optional)

⚡ 6. Comparison: TCP vs. UDP

FeatureTCPUDP
ConnectionHandshake requiredFire and forget
ReliabilityGuaranteed deliveryBest effort (Loss happens)
OrderingPerfect orderJumbled order
Flow ControlYes (Sliding Window)No (Will overwhelm receiver)
Header Size20–60 bytes8 bytes
Use CaseWeb (HTTP), Email, FilesStreaming, VoIP, Gaming, DNS

🔥 Summary

  • TCP is for Accuracy: It remembers every byte and fixes errors.
  • UDP is for Speed: It sends data as fast as possible and ignores errors.
  • Ports: Both use Port numbers (Layer 4) to make sure data reaches the right app (e.g., Port 80 for Web, Port 53 for DNS).

Graph View