TCP Control Bits and Flow Records

Every TCP packet includes one or more control bits, which are on-off switches that tell the connection participants how to handle a particular packet. Flow records capture the control bits used by each TCP flow. These control bits are not terribly useful when a connection works correctly but are invaluable when identifying problems. If you're not familiar with TCP control bits, read a good TCP/IP primer such as Charles A. Kozierok's The TCP/IP Guide (No Starch Press, 2005).

Control bits are given this name because TCP has six bits set aside just for them. These bits are as follows:

The SYN (synchronize) bit indicates a connection synchronization request. It permits the sender and receiver to synchronize TCP sequence ...

Get Network Flow Analysis now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Network Flow Analysis by Michael W. Lucas

TCP Control Bits and Flow Records

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly