tech-invite   World Map     

IETF     RFCs     Groups     SIP     ABNFs    |    3GPP     Specs     Gloss.     Arch.     IMS     UICC    |    Misc.    |    search     info

RFC 1122


Requirements for Internet Hosts - Communication Layers

Part 4 of 5, p. 72 to 95
Prev RFC Part       Next RFC Part


prevText      Top      Up      ToC       Page 72 

                                                 |        | | | |S| |
                                                 |        | | | |H| |F
                                                 |        | | | |O|M|o
                                                 |        | |S| |U|U|o
                                                 |        | |H| |L|S|t
                                                 |        |M|O| |D|T|n
                                                 |        |U|U|M| | |o
                                                 |        |S|L|A|N|N|t
                                                 |        |T|D|Y|O|O|t
FEATURE                                          |SECTION | | | |T|T|e
                                                 |        | | | | | |
Implement IP and ICMP                            |3.1     |x| | | | |
Handle remote multihoming in application layer   |3.1     |x| | | | |
Support local multihoming                        |3.1     | | |x| | |
Meet gateway specs if forward datagrams          |3.1     |x| | | | |
Configuration switch for embedded gateway        |3.1     |x| | | | |1
   Config switch default to non-gateway          |3.1     |x| | | | |1
   Auto-config based on number of interfaces     |3.1     | | | | |x|1
Able to log discarded datagrams                  |3.1     | |x| | | |
   Record in counter                             |3.1     | |x| | | |
                                                 |        | | | | | |
Silently discard Version != 4                    | |x| | | | |
Verify IP checksum, silently discard bad dgram   | |x| | | | |
Addressing:                                      |        | | | | | |
  Subnet addressing (RFC-950)                    | |x| | | | |
  Src address must be host's own IP address      | |x| | | | |
  Silently discard datagram with bad dest addr   | |x| | | | |
  Silently discard datagram with bad src addr    | |x| | | | |
Support reassembly                               | |x| | | | |
Retain same Id field in identical datagram       | | | |x| | |
                                                 |        | | | | | |
TOS:                                             |        | | | | | |
  Allow transport layer to set TOS               | |x| | | | |
  Pass received TOS up to transport layer        | | |x| | | |
  Use RFC-795 link-layer mappings for TOS        | | | | |x| |
TTL:                                             |        | | | | | |
  Send packet with TTL of 0                      | | | | | |x|
  Discard received packets with TTL < 2          | | | | | |x|
  Allow transport layer to set TTL               | |x| | | | |
  Fixed TTL is configurable                      | |x| | | | |
                                                 |        | | | | | |
IP Options:                                      |        | | | | | |
  Allow transport layer to send IP options       | |x| | | | |
  Pass all IP options rcvd to higher layer       | |x| | | | |

Top      Up      ToC       Page 73 
  IP layer silently ignore unknown options       | |x| | | | |
  Security option                                || | |x| | |
  Send Stream Identifier option                  || | | |x| |
  Silently ignore Stream Identifer option        ||x| | | | |
  Record Route option                            || | |x| | |
  Timestamp option                               || | |x| | |
Source Route Option:                             |        | | | | | |
  Originate & terminate Source Route options     ||x| | | | |
  Datagram with completed SR passed up to TL     ||x| | | | |
  Build correct (non-redundant) return route     ||x| | | | |
  Send multiple SR options in one header         || | | | |x|
                                                 |        | | | | | |
ICMP:                                            |        | | | | | |
  Silently discard ICMP msg with unknown type    |3.2.2   |x| | | | |
  Include more than 8 octets of orig datagram    |3.2.2   | | |x| | |
      Included octets same as received           |3.2.2   |x| | | | |
  Demux ICMP Error to transport protocol         |3.2.2   |x| | | | |
  Send ICMP error message with TOS=0             |3.2.2   | |x| | | |
  Send ICMP error message for:                   |        | | | | | |
   - ICMP error msg                              |3.2.2   | | | | |x|
   - IP b'cast or IP m'cast                      |3.2.2   | | | | |x|
   - Link-layer b'cast                           |3.2.2   | | | | |x|
   - Non-initial fragment                        |3.2.2   | | | | |x|
   - Datagram with non-unique src address        |3.2.2   | | | | |x|
  Return ICMP error msgs (when not prohibited)   |3.3.8   |x| | | | |
                                                 |        | | | | | |
  Dest Unreachable:                              |        | | | | | |
    Generate Dest Unreachable (code 2/3)         | | |x| | | |
    Pass ICMP Dest Unreachable to higher layer   | |x| | | | |
    Higher layer act on Dest Unreach             | | |x| | | |
      Interpret Dest Unreach as only hint        | |x| | | | |
  Redirect:                                      |        | | | | | |
    Host send Redirect                           | | | | |x| |
    Update route cache when recv Redirect        | |x| | | | |
    Handle both Host and Net Redirects           | |x| | | | |
    Discard illegal Redirect                     | | |x| | | |
  Source Quench:                                 |        | | | | | |
    Send Source Quench if buffering exceeded     | | | |x| | |
    Pass Source Quench to higher layer           | |x| | | | |
    Higher layer act on Source Quench            | | |x| | | |
  Time Exceeded: pass to higher layer            | |x| | | | |
  Parameter Problem:                             |        | | | | | |
    Send Parameter Problem messages              | | |x| | | |
    Pass Parameter Problem to higher layer       | |x| | | | |
    Report Parameter Problem to user             | | | |x| | |
                                                 |        | | | | | |
  ICMP Echo Request or Reply:                    |        | | | | | |
    Echo server and Echo client                  | |x| | | | |

Top      Up      ToC       Page 74 
    Echo client                                  | | |x| | | |
    Discard Echo Request to broadcast address    | | | |x| | |
    Discard Echo Request to multicast address    | | | |x| | |
    Use specific-dest addr as Echo Reply src     | |x| | | | |
    Send same data in Echo Reply                 | |x| | | | |
    Pass Echo Reply to higher layer              | |x| | | | |
    Reflect Record Route, Time Stamp options     | | |x| | | |
    Reverse and reflect Source Route option      | |x| | | | |
                                                 |        | | | | | |
  ICMP Information Request or Reply:             | | | | |x| |
  ICMP Timestamp and Timestamp Reply:            | | | |x| | |
    Minimize delay variability                   | | |x| | | |1
    Silently discard b'cast Timestamp            | | | |x| | |1
    Silently discard m'cast Timestamp            | | | |x| | |1
    Use specific-dest addr as TS Reply src       | |x| | | | |1
    Reflect Record Route, Time Stamp options     | | |x| | | |1
    Reverse and reflect Source Route option      | |x| | | | |1
    Pass Timestamp Reply to higher layer         | |x| | | | |1
    Obey rules for "standard value"              | |x| | | | |1
                                                 |        | | | | | |
  ICMP Address Mask Request and Reply:           |        | | | | | |
    Addr Mask source configurable                | |x| | | | |
    Support static configuration of addr mask    | |x| | | | |
    Get addr mask dynamically during booting     | | | |x| | |
    Get addr via ICMP Addr Mask Request/Reply    | | | |x| | |
      Retransmit Addr Mask Req if no Reply       | |x| | | | |3
      Assume default mask if no Reply            | | |x| | | |3
      Update address mask from first Reply only  | |x| | | | |3
    Reasonableness check on Addr Mask            | | |x| | | |
    Send unauthorized Addr Mask Reply msgs       | | | | | |x|
      Explicitly configured to be agent          | |x| | | | |
    Static config=> Addr-Mask-Authoritative flag | | |x| | | |
      Broadcast Addr Mask Reply when init.       | |x| | | | |3
                                                 |        | | | | | |
ROUTING OUTBOUND DATAGRAMS:                      |        | | | | | |
  Use address mask in local/remote decision      | |x| | | | |
  Operate with no gateways on conn network       | |x| | | | |
  Maintain "route cache" of next-hop gateways    | |x| | | | |
  Treat Host and Net Redirect the same           | | |x| | | |
  If no cache entry, use default gateway         | |x| | | | |
    Support multiple default gateways            | |x| | | | |
  Provide table of static routes                 | | | |x| | |
    Flag: route overridable by Redirects         | | | |x| | |
  Key route cache on host, not net address       | | | |x| | |
  Include TOS in route cache                     | | |x| | | |
                                                 |        | | | | | |
  Able to detect failure of next-hop gateway     | |x| | | | |
  Assume route is good forever                   | | | | |x| |

Top      Up      ToC       Page 75 
  Ping gateways continuously                     | | | | | |x|
  Ping only when traffic being sent              | |x| | | | |
  Ping only when no positive indication          | |x| | | | |
  Higher and lower layers give advice            | | |x| | | |
  Switch from failed default g'way to another    | |x| | | | |
  Manual method of entering config info          | |x| | | | |
                                                 |        | | | | | |
REASSEMBLY and FRAGMENTATION:                    |        | | | | | |
  Able to reassemble incoming datagrams          |3.3.2   |x| | | | |
    At least 576 byte datagrams                  |3.3.2   |x| | | | |
    EMTU_R configurable or indefinite            |3.3.2   | |x| | | |
  Transport layer able to learn MMS_R            |3.3.2   |x| | | | |
  Send ICMP Time Exceeded on reassembly timeout  |3.3.2   |x| | | | |
    Fixed reassembly timeout value               |3.3.2   | |x| | | |
                                                 |        | | | | | |
  Pass MMS_S to higher layers                    |3.3.3   |x| | | | |
  Local fragmentation of outgoing packets        |3.3.3   | | |x| | |
     Else don't send bigger than MMS_S           |3.3.3   |x| | | | |
  Send max 576 to off-net destination            |3.3.3   | |x| | | |
  All-Subnets-MTU configuration flag             |3.3.3   | | |x| | |
                                                 |        | | | | | |
MULTIHOMING:                                     |        | | | | | |
  Reply with same addr as spec-dest addr         | | |x| | | |
  Allow application to choose local IP addr      | |x| | | | |
  Silently discard d'gram in "wrong" interface   | | | |x| | |
  Only send d'gram through "right" interface     | | | |x| | |4
                                                 |        | | | | | |
SOURCE-ROUTE FORWARDING:                         |        | | | | | |
  Forward datagram with Source Route option      |3.3.5   | | |x| | |1
    Obey corresponding gateway rules             |3.3.5   |x| | | | |1
      Update TTL by gateway rules                |3.3.5   |x| | | | |1
      Able to generate ICMP err code 4, 5        |3.3.5   |x| | | | |1
      IP src addr not local host                 |3.3.5   | | |x| | |1
      Update Timestamp, Record Route options     |3.3.5   |x| | | | |1
    Configurable switch for non-local SRing      |3.3.5   |x| | | | |1
      Defaults to OFF                            |3.3.5   |x| | | | |1
    Satisfy gwy access rules for non-local SRing |3.3.5   |x| | | | |1
    If not forward, send Dest Unreach (cd 5)     |3.3.5   | |x| | | |2
                                                 |        | | | | | |
BROADCAST:                                       |        | | | | | |
  Broadcast addr as IP source addr               | | | | | |x|
  Receive 0 or -1 broadcast formats OK           |3.3.6   | |x| | | |
  Config'ble option to send 0 or -1 b'cast       |3.3.6   | | |x| | |
    Default to -1 broadcast                      |3.3.6   | |x| | | |
  Recognize all broadcast address formats        |3.3.6   |x| | | | |
  Use IP b'cast/m'cast addr in link-layer b'cast |3.3.6   |x| | | | |
  Silently discard link-layer-only b'cast dg's   |3.3.6   | |x| | | |
  Use Limited Broadcast addr for connected net   |3.3.6   | |x| | | |

Top      Up      ToC       Page 76 
                                                 |        | | | | | |
MULTICAST:                                       |        | | | | | |
  Support local IP multicasting (RFC-1112)       |3.3.7   | |x| | | |
  Support IGMP (RFC-1112)                        |3.3.7   | | |x| | |
  Join all-hosts group at startup                |3.3.7   | |x| | | |
  Higher layers learn i'face m'cast capability   |3.3.7   | |x| | | |
                                                 |        | | | | | |
INTERFACE:                                       |        | | | | | |
  Allow transport layer to use all IP mechanisms |3.4     |x| | | | |
  Pass interface ident up to transport layer     |3.4     |x| | | | |
  Pass all IP options up to transport layer      |3.4     |x| | | | |
  Transport layer can send certain ICMP messages |3.4     |x| | | | |
  Pass spec'd ICMP messages up to transp. layer  |3.4     |x| | | | |
     Include IP hdr+8 octets or more from orig.  |3.4     |x| | | | |
  Able to leap tall buildings at a single bound  |3.5     | |x| | | |


(1)  Only if feature is implemented.

(2)  This requirement is overruled if datagram is an ICMP error message.

(3)  Only if feature is implemented and is configured "on".

(4)  Unless has embedded gateway functionality or is source routed.

Top      Up      ToC       Page 77 


      4.1.1  INTRODUCTION

         The User Datagram Protocol UDP [UDP:1] offers only a minimal
         transport service -- non-guaranteed datagram delivery -- and
         gives applications direct access to the datagram service of the
         IP layer.  UDP is used by applications that do not require the
         level of service of TCP or that wish to use communications
         services (e.g., multicast or broadcast delivery) not available
         from TCP.

         UDP is almost a null protocol; the only services it provides
         over IP are checksumming of data and multiplexing by port
         number.  Therefore, an application program running over UDP
         must deal directly with end-to-end communication problems that
         a connection-oriented protocol would have handled -- e.g.,
         retransmission for reliable delivery, packetization and
         reassembly, flow control, congestion avoidance, etc., when
         these are required.  The fairly complex coupling between IP and
         TCP will be mirrored in the coupling between UDP and many
         applications using UDP.


         There are no known errors in the specification of UDP.

      4.1.3  SPECIFIC ISSUES

            UDP well-known ports follow the same rules as TCP well-known
            ports; see Section below.

            If a datagram arrives addressed to a UDP port for which
            there is no pending LISTEN call, UDP SHOULD send an ICMP
            Port Unreachable message.
  IP Options

            UDP MUST pass any IP option that it receives from the IP
            layer transparently to the application layer.

            An application MUST be able to specify IP options to be sent
            in its UDP datagrams, and UDP MUST pass these options to the
            IP layer.

Top      Up      ToC       Page 78 
                 At present, the only options that need be passed
                 through UDP are Source Route, Record Route, and Time
                 Stamp.  However, new options may be defined in the
                 future, and UDP need not and should not make any
                 assumptions about the format or content of options it
                 passes to or from the application; an exception to this
                 might be an IP-layer security option.

                 An application based on UDP will need to obtain a
                 source route from a request datagram and supply a
                 reversed route for sending the corresponding reply.
  ICMP Messages

            UDP MUST pass to the application layer all ICMP error
            messages that it receives from the IP layer.  Conceptually
            at least, this may be accomplished with an upcall to the
            ERROR_REPORT routine (see Section

                 Note that ICMP error messages resulting from sending a
                 UDP datagram are received asynchronously.  A UDP-based
                 application that wants to receive ICMP error messages
                 is responsible for maintaining the state necessary to
                 demultiplex these messages when they arrive; for
                 example, the application may keep a pending receive
                 operation for this purpose.  The application is also
                 responsible to avoid confusion from a delayed ICMP
                 error message resulting from an earlier use of the same
  UDP Checksums

            A host MUST implement the facility to generate and validate
            UDP checksums.  An application MAY optionally be able to
            control whether a UDP checksum will be generated, but it
            MUST default to checksumming on.

            If a UDP datagram is received with a checksum that is non-
            zero and invalid, UDP MUST silently discard the datagram.
            An application MAY optionally be able to control whether UDP
            datagrams without checksums should be discarded or passed to
            the application.

                 Some applications that normally run only across local
                 area networks have chosen to turn off UDP checksums for

Top      Up      ToC       Page 79 
                 efficiency.  As a result, numerous cases of undetected
                 errors have been reported.  The advisability of ever
                 turning off UDP checksumming is very controversial.

                 There is a common implementation error in UDP
                 checksums.  Unlike the TCP checksum, the UDP checksum
                 is optional; the value zero is transmitted in the
                 checksum field of a UDP header to indicate the absence
                 of a checksum.  If the transmitter really calculates a
                 UDP checksum of zero, it must transmit the checksum as
                 all 1's (65535).  No special action is required at the
                 receiver, since zero and 65535 are equivalent in 1's
                 complement arithmetic.
  UDP Multihoming

            When a UDP datagram is received, its specific-destination
            address MUST be passed up to the application layer.

            An application program MUST be able to specify the IP source
            address to be used for sending a UDP datagram or to leave it
            unspecified (in which case the networking software will
            choose an appropriate source address).  There SHOULD be a
            way to communicate the chosen source address up to the
            application layer (e.g, so that the application can later
            receive a reply datagram only from the corresponding

                 A request/response application that uses UDP should use
                 a source address for the response that is the same as
                 the specific destination address of the request.  See
                 the "General Issues" section of [INTRO:1].
  Invalid Addresses

            A UDP datagram received with an invalid IP source address
            (e.g., a broadcast or multicast address) must be discarded
            by UDP or by the IP layer (see Section

            When a host sends a UDP datagram, the source address MUST be
            (one of) the IP address(es) of the host.


         The application interface to UDP MUST provide the full services
         of the IP/transport interface described in Section 3.4 of this

Top      Up      ToC       Page 80 
         document.  Thus, an application using UDP needs the functions
         RECV_ICMP() calls described in Section 3.4.  For example,
         GET_MAXSIZES() can be used to learn the effective maximum UDP
         maximum datagram size for a particular {interface,remote
         host,TOS} triplet.

         An application-layer program MUST be able to set the TTL and
         TOS values as well as IP options for sending a UDP datagram,
         and these values must be passed transparently to the IP layer.
         UDP MAY pass the received TOS up to the application layer.


                                                 |        | | | |S| |
                                                 |        | | | |H| |F
                                                 |        | | | |O|M|o
                                                 |        | |S| |U|U|o
                                                 |        | |H| |L|S|t
                                                 |        |M|O| |D|T|n
                                                 |        |U|U|M| | |o
                                                 |        |S|L|A|N|N|t
                                                 |        |T|D|Y|O|O|t
FEATURE                                          |SECTION | | | |T|T|e
                                                 |        | | | | | |
    UDP                                          |        | | | | | |
                                                 |        | | | | | |
UDP send Port Unreachable                        | | |x| | | |
                                                 |        | | | | | |
IP Options in UDP                                |        | | | | | |
 - Pass rcv'd IP options to applic layer         | |x| | | | |
 - Applic layer can specify IP options in Send   | |x| | | | |
 - UDP passes IP options down to IP layer        | |x| | | | |
                                                 |        | | | | | |
Pass ICMP msgs up to applic layer                | |x| | | | |
                                                 |        | | | | | |
UDP checksums:                                   |        | | | | | |
 - Able to generate/check checksum               | |x| | | | |
 - Silently discard bad checksum                 | |x| | | | |
 - Sender Option to not generate checksum        | | | |x| | |
   - Default is to checksum                      | |x| | | | |
 - Receiver Option to require checksum           | | | |x| | |
                                                 |        | | | | | |
UDP Multihoming                                  |        | | | | | |
 - Pass spec-dest addr to application            | |x| | | | |

Top      Up      ToC       Page 81 
 - Applic layer can specify Local IP addr        | |x| | | | |
 - Applic layer specify wild Local IP addr       | |x| | | | |
 - Applic layer notified of Local IP addr used   | | |x| | | |
                                                 |        | | | | | |
Bad IP src addr silently discarded by UDP/IP     | |x| | | | |
Only send valid IP source address                | |x| | | | |
UDP Application Interface Services               |        | | | | | |
Full IP interface of 3.4 for application         |4.1.4   |x| | | | |
 - Able to spec TTL, TOS, IP opts when send dg   |4.1.4   |x| | | | |
 - Pass received TOS up to applic layer          |4.1.4   | | |x| | |

Top      Up      ToC       Page 82 

      4.2.1  INTRODUCTION

         The Transmission Control Protocol TCP [TCP:1] is the primary
         virtual-circuit transport protocol for the Internet suite.  TCP
         provides reliable, in-sequence delivery of a full-duplex stream
         of octets (8-bit bytes).  TCP is used by those applications
         needing reliable, connection-oriented transport service, e.g.,
         mail (SMTP), file transfer (FTP), and virtual terminal service
         (Telnet); requirements for these application-layer protocols
         are described in [INTRO:1].

  Well-Known Ports: RFC-793 Section 2.7

                 TCP reserves port numbers in the range 0-255 for
                 "well-known" ports, used to access services that are
                 standardized across the Internet.  The remainder of the
                 port space can be freely allocated to application
                 processes.  Current well-known port definitions are
                 listed in the RFC entitled "Assigned Numbers"
                 [INTRO:6].  A prerequisite for defining a new well-
                 known port is an RFC documenting the proposed service
                 in enough detail to allow new implementations.

                 Some systems extend this notion by adding a third
                 subdivision of the TCP port space: reserved ports,
                 which are generally used for operating-system-specific
                 services.  For example, reserved ports might fall
                 between 256 and some system-dependent upper limit.
                 Some systems further choose to protect well-known and
                 reserved ports by permitting only privileged users to
                 open TCP connections with those port values.  This is
                 perfectly reasonable as long as the host does not
                 assume that all hosts protect their low-numbered ports
                 in this manner.
  Use of Push: RFC-793 Section 2.8

            When an application issues a series of SEND calls without
            setting the PUSH flag, the TCP MAY aggregate the data
            internally without sending it.  Similarly, when a series of
            segments is received without the PSH bit, a TCP MAY queue
            the data internally without passing it to the receiving

Top      Up      ToC       Page 83 
            The PSH bit is not a record marker and is independent of
            segment boundaries.  The transmitter SHOULD collapse
            successive PSH bits when it packetizes data, to send the
            largest possible segment.

            A TCP MAY implement PUSH flags on SEND calls.  If PUSH flags
            are not implemented, then the sending TCP: (1) must not
            buffer data indefinitely, and (2) MUST set the PSH bit in
            the last buffered segment (i.e., when there is no more
            queued data to be sent).

            The discussion in RFC-793 on pages 48, 50, and 74
            erroneously implies that a received PSH flag must be passed
            to the application layer.  Passing a received PSH flag to
            the application layer is now OPTIONAL.

            An application program is logically required to set the PUSH
            flag in a SEND call whenever it needs to force delivery of
            the data to avoid a communication deadlock.  However, a TCP
            SHOULD send a maximum-sized segment whenever possible, to
            improve performance (see Section

                 When the PUSH flag is not implemented on SEND calls,
                 i.e., when the application/TCP interface uses a pure
                 streaming model, responsibility for aggregating any
                 tiny data fragments to form reasonable sized segments
                 is partially borne by the application layer.

                 Generally, an interactive application protocol must set
                 the PUSH flag at least in the last SEND call in each
                 command or response sequence.  A bulk transfer protocol
                 like FTP should set the PUSH flag on the last segment
                 of a file or when necessary to prevent buffer deadlock.

                 At the receiver, the PSH bit forces buffered data to be
                 delivered to the application (even if less than a full
                 buffer has been received). Conversely, the lack of a
                 PSH bit can be used to avoid unnecessary wakeup calls
                 to the application process; this can be an important
                 performance optimization for large timesharing hosts.
                 Passing the PSH bit to the receiving application allows
                 an analogous optimization within the application.
  Window Size: RFC-793 Section 3.1

            The window size MUST be treated as an unsigned number, or
            else large window sizes will appear like negative windows

Top      Up      ToC       Page 84 
            and TCP will not work.  It is RECOMMENDED that
            implementations reserve 32-bit fields for the send and
            receive window sizes in the connection record and do all
            window computations with 32 bits.

                 It is known that the window field in the TCP header is
                 too small for high-speed, long-delay paths.
                 Experimental TCP options have been defined to extend
                 the window size; see for example [TCP:11].  In
                 anticipation of the adoption of such an extension, TCP
                 implementors should treat windows as 32 bits.
  Urgent Pointer: RFC-793 Section 3.1

            The second sentence is in error: the urgent pointer points
            to the sequence number of the LAST octet (not LAST+1) in a
            sequence of urgent data.  The description on page 56 (last
            sentence) is correct.

            A TCP MUST support a sequence of urgent data of any length.

            A TCP MUST inform the application layer asynchronously
            whenever it receives an Urgent pointer and there was
            previously no pending urgent data, or whenever the Urgent
            pointer advances in the data stream.  There MUST be a way
            for the application to learn how much urgent data remains to
            be read from the connection, or at least to determine
            whether or not more urgent data remains to be read.

                 Although the Urgent mechanism may be used for any
                 application, it is normally used to send "interrupt"-
                 type commands to a Telnet program (see "Using Telnet
                 Synch Sequence" section in [INTRO:1]).

                 The asynchronous or "out-of-band" notification will
                 allow the application to go into "urgent mode", reading
                 data from the TCP connection.  This allows control
                 commands to be sent to an application whose normal
                 input buffers are full of unprocessed data.

                 The generic ERROR-REPORT() upcall described in Section
        is a possible mechanism for informing the
                 application of the arrival of urgent data.

Top      Up      ToC       Page 85   TCP Options: RFC-793 Section 3.1

            A TCP MUST be able to receive a TCP option in any segment.
            A TCP MUST ignore without error any TCP option it does not
            implement, assuming that the option has a length field (all
            TCP options defined in the future will have length fields).
            TCP MUST be prepared to handle an illegal option length
            (e.g., zero) without crashing; a suggested procedure is to
            reset the connection and log the reason.
  Maximum Segment Size Option: RFC-793 Section 3.1

            TCP MUST implement both sending and receiving the Maximum
            Segment Size option [TCP:4].

            TCP SHOULD send an MSS (Maximum Segment Size) option in
            every SYN segment when its receive MSS differs from the
            default 536, and MAY send it always.

            If an MSS option is not received at connection setup, TCP
            MUST assume a default send MSS of 536 (576-40) [TCP:4].

            The maximum size of a segment that TCP really sends, the
            "effective send MSS," MUST be the smaller of the send MSS
            (which reflects the available reassembly buffer size at the
            remote host) and the largest size permitted by the IP layer:

               Eff.snd.MSS =

                  min(SendMSS+20, MMS_S) - TCPhdrsize - IPoptionsize


            *    SendMSS is the MSS value received from the remote host,
                 or the default 536 if no MSS option is received.

            *    MMS_S is the maximum size for a transport-layer message
                 that TCP may send.

            *    TCPhdrsize is the size of the TCP header; this is
                 normally 20, but may be larger if TCP options are to be

            *    IPoptionsize is the size of any IP options that TCP
                 will pass to the IP layer with the current message.

            The MSS value to be sent in an MSS option must be less than

Top      Up      ToC       Page 86 
            or equal to:

               MMS_R - 20

            where MMS_R is the maximum size for a transport-layer
            message that can be received (and reassembled).  TCP obtains
            MMS_R and MMS_S from the IP layer; see the generic call
            GET_MAXSIZES in Section 3.4.

                 The choice of TCP segment size has a strong effect on
                 performance.  Larger segments increase throughput by
                 amortizing header size and per-datagram processing
                 overhead over more data bytes; however, if the packet
                 is so large that it causes IP fragmentation, efficiency
                 drops sharply if any fragments are lost [IP:9].

                 Some TCP implementations send an MSS option only if the
                 destination host is on a non-connected network.
                 However, in general the TCP layer may not have the
                 appropriate information to make this decision, so it is
                 preferable to leave to the IP layer the task of
                 determining a suitable MTU for the Internet path.  We
                 therefore recommend that TCP always send the option (if
                 not 536) and that the IP layer determine MMS_R as
                 specified in 3.3.3 and 3.4.  A proposed IP-layer
                 mechanism to measure the MTU would then modify the IP
                 layer without changing TCP.
  TCP Checksum: RFC-793 Section 3.1

            Unlike the UDP checksum (see Section, the TCP
            checksum is never optional.  The sender MUST generate it and
            the receiver MUST check it.
  TCP Connection State Diagram: RFC-793 Section 3.2,
            page 23

            There are several problems with this diagram:

            (a)  The arrow from SYN-SENT to SYN-RCVD should be labeled
                 with "snd SYN,ACK", to agree with the text on page 68
                 and with Figure 8.

            (b)  There could be an arrow from SYN-RCVD state to LISTEN
                 state, conditioned on receiving a RST after a passive
                 open (see text page 70).

Top      Up      ToC       Page 87 
            (c)  It is possible to go directly from FIN-WAIT-1 to the
                 TIME-WAIT state (see page 75 of the spec).

  Initial Sequence Number Selection: RFC-793 Section
            3.3, page 27

            A TCP MUST use the specified clock-driven selection of
            initial sequence numbers.
  Simultaneous Open Attempts: RFC-793 Section 3.4, page

            There is an error in Figure 8: the packet on line 7 should
            be identical to the packet on line 5.

            A TCP MUST support simultaneous open attempts.

                 It sometimes surprises implementors that if two
                 applications attempt to simultaneously connect to each
                 other, only one connection is generated instead of two.
                 This was an intentional design decision; don't try to
                 "fix" it.
  Recovery from Old Duplicate SYN: RFC-793 Section 3.4,
            page 33

            Note that a TCP implementation MUST keep track of whether a
            connection has reached SYN_RCVD state as the result of a
            passive OPEN or an active OPEN.
  RST Segment: RFC-793 Section 3.4

            A TCP SHOULD allow a received RST segment to include data.

                 It has been suggested that a RST segment could contain
                 ASCII text that encoded and explained the cause of the
                 RST.  No standard has yet been established for such
  Closing a Connection: RFC-793 Section 3.5

            A TCP connection may terminate in two ways: (1) the normal
            TCP close sequence using a FIN handshake, and (2) an "abort"
            in which one or more RST segments are sent and the
            connection state is immediately discarded.  If a TCP

Top      Up      ToC       Page 88 
            connection is closed by the remote site, the local
            application MUST be informed whether it closed normally or
            was aborted.

            The normal TCP close sequence delivers buffered data
            reliably in both directions.  Since the two directions of a
            TCP connection are closed independently, it is possible for
            a connection to be "half closed," i.e., closed in only one
            direction, and a host is permitted to continue sending data
            in the open direction on a half-closed connection.

            A host MAY implement a "half-duplex" TCP close sequence, so
            that an application that has called CLOSE cannot continue to
            read data from the connection.  If such a host issues a
            CLOSE call while received data is still pending in TCP, or
            if new data is received after CLOSE is called, its TCP
            SHOULD send a RST to show that data was lost.

            When a connection is closed actively, it MUST linger in
            TIME-WAIT state for a time 2xMSL (Maximum Segment Lifetime).
            However, it MAY accept a new SYN from the remote TCP to
            reopen the connection directly from TIME-WAIT state, if it:

            (1)  assigns its initial sequence number for the new
                 connection to be larger than the largest sequence
                 number it used on the previous connection incarnation,

            (2)  returns to TIME-WAIT state if the SYN turns out to be
                 an old duplicate.

                 TCP's full-duplex data-preserving close is a feature
                 that is not included in the analogous ISO transport
                 protocol TP4.

                 Some systems have not implemented half-closed
                 connections, presumably because they do not fit into
                 the I/O model of their particular operating system.  On
                 these systems, once an application has called CLOSE, it
                 can no longer read input data from the connection; this
                 is referred to as a "half-duplex" TCP close sequence.

                 The graceful close algorithm of TCP requires that the
                 connection state remain defined on (at least)  one end
                 of the connection, for a timeout period of 2xMSL, i.e.,
                 4 minutes.  During this period, the (remote socket,

Top      Up      ToC       Page 89 
                 local socket) pair that defines the connection is busy
                 and cannot be reused.  To shorten the time that a given
                 port pair is tied up, some TCPs allow a new SYN to be
                 accepted in TIME-WAIT state.
  Data Communication: RFC-793 Section 3.7, page 40

            Since RFC-793 was written, there has been extensive work on
            TCP algorithms to achieve efficient data communication.
            Later sections of the present document describe required and
            recommended TCP algorithms to determine when to send data
            (Section, when to send an acknowledgment (Section
  , and when to update the window (Section

                 One important performance issue is "Silly Window
                 Syndrome" or "SWS" [TCP:5], a stable pattern of small
                 incremental window movements resulting in extremely
                 poor TCP performance.  Algorithms to avoid SWS are
                 described below for both the sending side (Section
        and the receiving side (Section

                 In brief, SWS is caused by the receiver advancing the
                 right window edge whenever it has any new buffer space
                 available to receive data and by the sender using any
                 incremental window, no matter how small, to send more
                 data [TCP:5].  The result can be a stable pattern of
                 sending tiny data segments, even though both sender and
                 receiver have a large total buffer space for the
                 connection.  SWS can only occur during the transmission
                 of a large amount of data; if the connection goes
                 quiescent, the problem will disappear.  It is caused by
                 typical straightforward implementation of window
                 management, but the sender and receiver algorithms
                 given below will avoid it.

                 Another important TCP performance issue is that some
                 applications, especially remote login to character-at-
                 a-time hosts, tend to send streams of one-octet data
                 segments.  To avoid deadlocks, every TCP SEND call from
                 such applications must be "pushed", either explicitly
                 by the application or else implicitly by TCP.  The
                 result may be a stream of TCP segments that contain one
                 data octet each, which makes very inefficient use of
                 the Internet and contributes to Internet congestion.
                 The Nagle Algorithm described in Section
                 provides a simple and effective solution to this
                 problem.  It does have the effect of clumping

Top      Up      ToC       Page 90 
                 characters over Telnet connections; this may initially
                 surprise users accustomed to single-character echo, but
                 user acceptance has not been a problem.

                 Note that the Nagle algorithm and the send SWS
                 avoidance algorithm play complementary roles in
                 improving performance.  The Nagle algorithm discourages
                 sending tiny segments when the data to be sent
                 increases in small increments, while the SWS avoidance
                 algorithm discourages small segments resulting from the
                 right window edge advancing in small increments.

                 A careless implementation can send two or more
                 acknowledgment segments per data segment received.  For
                 example, suppose the receiver acknowledges every data
                 segment immediately.  When the application program
                 subsequently consumes the data and increases the
                 available receive buffer space again, the receiver may
                 send a second acknowledgment segment to update the
                 window at the sender.  The extreme case occurs with
                 single-character segments on TCP connections using the
                 Telnet protocol for remote login service.  Some
                 implementations have been observed in which each
                 incoming 1-character segment generates three return
                 segments: (1) the acknowledgment, (2) a one byte
                 increase in the window, and (3) the echoed character,
  Retransmission Timeout: RFC-793 Section 3.7, page 41

            The algorithm suggested in RFC-793 for calculating the
            retransmission timeout is now known to be inadequate; see
            Section below.

            Recent work by Jacobson [TCP:7] on Internet congestion and
            TCP retransmission stability has produced a transmission
            algorithm combining "slow start" with "congestion
            avoidance".  A TCP MUST implement this algorithm.

            If a retransmitted packet is identical to the original
            packet (which implies not only that the data boundaries have
            not changed, but also that the window and acknowledgment
            fields of the header have not changed), then the same IP
            Identification field MAY be used (see Section

                 Some TCP implementors have chosen to "packetize" the
                 data stream, i.e., to pick segment boundaries when

Top      Up      ToC       Page 91 
                 segments are originally sent and to queue these
                 segments in a "retransmission queue" until they are
                 acknowledged.  Another design (which may be simpler) is
                 to defer packetizing until each time data is
                 transmitted or retransmitted, so there will be no
                 segment retransmission queue.

                 In an implementation with a segment retransmission
                 queue, TCP performance may be enhanced by repacketizing
                 the segments awaiting acknowledgment when the first
                 retransmission timeout occurs.  That is, the
                 outstanding segments that fitted would be combined into
                 one maximum-sized segment, with a new IP Identification
                 value.  The TCP would then retain this combined segment
                 in the retransmit queue until it was acknowledged.
                 However, if the first two segments in the
                 retransmission queue totalled more than one maximum-
                 sized segment, the TCP would retransmit only the first
                 segment using the original IP Identification field.
  Managing the Window: RFC-793 Section 3.7, page 41

            A TCP receiver SHOULD NOT shrink the window, i.e., move the
            right window edge to the left.  However, a sending TCP MUST
            be robust against window shrinking, which may cause the
            "useable window" (see Section to become negative.

            If this happens, the sender SHOULD NOT send new data, but
            SHOULD retransmit normally the old unacknowledged data
            between SND.UNA and SND.UNA+SND.WND.  The sender MAY also
            retransmit old data beyond SND.UNA+SND.WND, but SHOULD NOT
            time out the connection if data beyond the right window edge
            is not acknowledged.  If the window shrinks to zero, the TCP
            MUST probe it in the standard way (see next Section).

                 Many TCP implementations become confused if the window
                 shrinks from the right after data has been sent into a
                 larger window.  Note that TCP has a heuristic to select
                 the latest window update despite possible datagram
                 reordering; as a result, it may ignore a window update
                 with a smaller window than previously offered if
                 neither the sequence number nor the acknowledgment
                 number is increased.

Top      Up      ToC       Page 92   Probing Zero Windows: RFC-793 Section 3.7, page 42

            Probing of zero (offered) windows MUST be supported.

            A TCP MAY keep its offered receive window closed
            indefinitely.  As long as the receiving TCP continues to
            send acknowledgments in response to the probe segments, the
            sending TCP MUST allow the connection to stay open.

                 It is extremely important to remember that ACK
                 (acknowledgment) segments that contain no data are not
                 reliably transmitted by TCP.  If zero window probing is
                 not supported, a connection may hang forever when an
                 ACK segment that re-opens the window is lost.

                 The delay in opening a zero window generally occurs
                 when the receiving application stops taking data from
                 its TCP.  For example, consider a printer daemon
                 application, stopped because the printer ran out of

            The transmitting host SHOULD send the first zero-window
            probe when a zero window has existed for the retransmission
            timeout period (see Section, and SHOULD increase
            exponentially the interval between successive probes.

                 This procedure minimizes delay if the zero-window
                 condition is due to a lost ACK segment containing a
                 window-opening update.  Exponential backoff is
                 recommended, possibly with some maximum interval not
                 specified here.  This procedure is similar to that of
                 the retransmission algorithm, and it may be possible to
                 combine the two procedures in the implementation.
  Passive OPEN Calls:  RFC-793 Section 3.8

            Every passive OPEN call either creates a new connection
            record in LISTEN state, or it returns an error; it MUST NOT
            affect any previously created connection record.

            A TCP that supports multiple concurrent users MUST provide
            an OPEN call that will functionally allow an application to
            LISTEN on a port while a connection block with the same
            local port is in SYN-SENT or SYN-RECEIVED state.


Top      Up      ToC       Page 93 
                 Some applications (e.g., SMTP servers) may need to
                 handle multiple connection attempts at about the same
                 time.  The probability of a connection attempt failing
                 is reduced by giving the application some means of
                 listening for a new connection at the same time that an
                 earlier connection attempt is going through the three-
                 way handshake.

                 Acceptable implementations of concurrent opens may
                 permit multiple passive OPEN calls, or they may allow
                 "cloning" of LISTEN-state connections from a single
                 passive OPEN call.
  Time to Live: RFC-793 Section 3.9, page 52

            RFC-793 specified that TCP was to request the IP layer to
            send TCP segments with TTL = 60.  This is obsolete; the TTL
            value used to send TCP segments MUST be configurable.  See
            Section for discussion.
  Event Processing: RFC-793 Section 3.9

            While it is not strictly required, a TCP SHOULD be capable
            of queueing out-of-order TCP segments.  Change the "may" in
            the last sentence of the first paragraph on page 70 to

                 Some small-host implementations have omitted segment
                 queueing because of limited buffer space.  This
                 omission may be expected to adversely affect TCP
                 throughput, since loss of a single segment causes all
                 later segments to appear to be "out of sequence".

            In general, the processing of received segments MUST be
            implemented to aggregate ACK segments whenever possible.
            For example, if the TCP is processing a series of queued
            segments, it MUST process them all before sending any ACK

            Here are some detailed error corrections and notes on the
            Event Processing section of RFC-793.

            (a)  CLOSE Call, CLOSE-WAIT state, p. 61: enter LAST-ACK
                 state, not CLOSING.

            (b)  LISTEN state, check for SYN (pp. 65, 66): With a SYN

Top      Up      ToC       Page 94 
                 bit, if the security/compartment or the precedence is
                 wrong for the segment, a reset is sent.  The wrong form
                 of reset is shown in the text; it should be:


            (c)  SYN-SENT state, Check for SYN, p. 68: When the
                 connection enters ESTABLISHED state, the following
                 variables must be set:
                    SND.WND <- SEG.WND
                    SND.WL1 <- SEG.SEQ
                    SND.WL2 <- SEG.ACK

            (d)  Check security and precedence, p. 71: The first heading
                 "ESTABLISHED STATE" should really be a list of all
                 states other than SYN-RECEIVED: ESTABLISHED, FIN-WAIT-
                 1, FIN-WAIT-2, CLOSE-WAIT, CLOSING, LAST-ACK, and

            (e)  Check SYN bit, p. 71:  "In SYN-RECEIVED state and if
                 the connection was initiated with a passive OPEN, then
                 return this connection to the LISTEN state and return.

            (f)  Check ACK field, SYN-RECEIVED state, p. 72: When the
                 connection enters ESTABLISHED state, the variables
                 listed in (c) must be set.

            (g)  Check ACK field, ESTABLISHED state, p. 72: The ACK is a
                 duplicate if SEG.ACK =< SND.UNA (the = was omitted).
                 Similarly, the window should be updated if: SND.UNA =<
                 SEG.ACK =< SND.NXT.

            (h)  USER TIMEOUT, p. 77:

                 It would be better to notify the application of the
                 timeout rather than letting TCP force the connection
                 closed.  However, see also Section

  Acknowledging Queued Segments: RFC-793 Section 3.9

            A TCP MAY send an ACK segment acknowledging RCV.NXT when a
            valid segment arrives that is in the window but not at the
            left window edge.

Top      Up      ToC       Page 95 
                 RFC-793 (see page 74) was ambiguous about whether or
                 not an ACK segment should be sent when an out-of-order
                 segment was received, i.e., when SEG.SEQ was unequal to

                 One reason for ACKing out-of-order segments might be to
                 support an experimental algorithm known as "fast
                 retransmit".   With this algorithm, the sender uses the
                 "redundant" ACK's to deduce that a segment has been
                 lost before the retransmission timer has expired.  It
                 counts the number of times an ACK has been received
                 with the same value of SEG.ACK and with the same right
                 window edge.  If more than a threshold number of such
                 ACK's is received, then the segment containing the
                 octets starting at SEG.ACK is assumed to have been lost
                 and is retransmitted, without awaiting a timeout.  The
                 threshold is chosen to compensate for the maximum
                 likely segment reordering in the Internet.  There is
                 not yet enough experience with the fast retransmit
                 algorithm to determine how useful it is.

(page 95 continued on part 5)

Next RFC Part