What info you can get from TCP/IP 5 TUPLES
Tag: tcpip
L1~L4 TCP/IP
I hope you are clear about How works Mac-address, IP-address, TCP/UDP-Port to Control TCP/IP sessions.
1) Mac address is only for devices that are directly physically connected.
All NICs will have different addresses by manufacturing.
Same MAC address on peers is not a problem to connect with other peers out of Physical Connection.
( it’s different with IP address working)
2) destination IP address is for choosing a network interface port(different from TCP/IP port.) in the network device.
All IP addresses must be unique on the internet. ( exp. IP anycasting and ..for controlling traffic tech.)
3) TCP/IP port is for delivering data to a proper application.
well known port: ~1024 (HTTP/80 and SSH/22 so on). you can check it from /etc/services (in a LINUX).
TCP/IP nagle
Do you know ‘Preamble on datagram’ ?
before about 10 years ago. Someone ask a question “Do you know Preamble” ?
But I don’t know about it at that time. even though I thought I know almost about TCP/IP packet.
first. you can check details at wiki page
Anyway I have some insights of it now.
first. Preamble is not on the L3/L4 Layer. It was for L1 layer . so I hadn’t seen it, though I managed Huge TCP/IP packet on Real network . I only checked packet on Ethereal..( now wireshark ).
*Preamble is for synchronization of physical packet to notify the start of Packet. and the Packet is ended by *Interpacket Gap
*Preamble is like “Syn packet on TCP/IP”, “Hello whenever we meet “, “Delimiter”.
at the result… All Conversation is started with The Synchronization Procedure…..
Lechuck Park 