According to RTSP - RTP over TCP
RTP Data
After the setup, RTP data will be sent through the TCP socket that is used for RTSP commands. The RTP data will be encapsulate in the following format
| magic number | channel number | embedded data length | data |
magic number - 1 byte value of hex 0x24
channel number - 1 byte value to denote the channel
embedded data length - 2 bytes to denote the embedded data length
data - data packet, ie RTP packet, with the total length of the embedded data length
Is that mean that the magic number (0x24) can't preset in rtp/h264 data ?
when I see 0x24 I know that it start of rtp packet?
Is that mean that the magic number (0x24) can't preset in rtp/h264 data ?
Since the actual payload is prefixed with its length it is clear where the payload starts and ends. It will not search for the magic number inside the payload, length or channel number but only at the position where the magic number should be.
when I see 0x24 I know that it start of rtp packet?
No. As explained the 0x24 can be anywhere in the data, not only where the magic number is.
Related
I am sending a payload TESTING. I am trying to calculate the checksum for the UDP header which requires UDP total length. UDP header length is 8 bytes. Can anyone explain me how to calculate the data length with the above given payload. I tried searching the internet but could not find the relevant answer.
The length of the payload is the length of the payload in bytes. So a 7 byte payload could hold the ASCII string "TESTING". You could add a NUL terminator and make it 8 bytes.
The 32-bit acknowledgement field, say x, on the TCP header
tells the other host that "I received all the bytes up until and including x-1,
now expecting
the bytes from x and on". In this case, the receiver may have received some
further bytes, say x+100 through x+180,
but it hasn't yet received x-th byte yet.
Is there a case that, although the receiver hasn't received
x through x+100 bytes but received the bytes say x+100 through x+180,
the receiver is acknowledging that it received x+180?
One resource I read indicates the acknowledgement of bytes received despite a gap in the earlier bytes.
However, every other source tells
"acknowledgement of x tells all bytes up until x-1 are received".
Are there any exceptional cases? I'm looking to verify this.
TIA.
This can be achieved by TCP option called SACK.
Here, client can say through a duplicate ACK that it has only up to particular packet number 2 (sequence number of packet) in order and append SACK(Selective Acknowledgement) option for the range of contiguous packets received like packets numbered 4 to 5 (sequence number). This in turn shall enable the server to retransmit only the packets(3 sequence number) that were not received by the client.
Provided below an extract from RFC 2018 : TCP Selective Acknowledgement Options
The SACK option is to be sent by a data receiver to inform the data
sender of non-contiguous blocks of data that have been received and
queued. The data receiver awaits the receipt of data (perhaps by
means of retransmissions) to fill the gaps in sequence space between
received blocks. When missing segments are received, the data
receiver acknowledges the data normally by advancing the left window
edge in the Acknowledgement Number Field of the TCP header. The SACK
option does not change the meaning of the Acknowledgement Number
field.
From the TCP RFC at https://www.rfc-editor.org/rfc/rfc793.txt:
3.3. Sequence Numbers
A fundamental notion in the design is that every octet of data sent
over a TCP connection has a sequence number. Since every octet is
sequenced, each of them can be acknowledged. The acknowledgment
mechanism employed is cumulative so that an acknowledgment of sequence
number X indicates that all octets up to but not including X have been
received.
That seems pretty clear to me, the sequence number stops at the first missing data.
Why do we need the sequence number and the next sequence number field in the TCP header?
Below is a TCP header from a packet captured using wireshark.
First, fields in Wireshark enclosed by [brackets] are computed fields - they're not in the packet. That next sequence number field shown by Wireshark is one such field. Wireshark is computing that by taking the 'sequence number' field and adding it to the payload size of your packet. It's no surprise then that the difference between these two numbers is 1430 - a common TCP payload size.
Sequence numbers in TCP are in units of bytes - they basically say, what byte location in the TCP stream this packet's payload is inserted at.
The 'acknowledged' sequence number shows how many bytes I'm acknowledging as having received.
Since TCP is bidirectional, each end has to declare
Where the bytes its transmitting should go in the stream and
What bytes that you've sent me that I've received.
As such, each TCP packet has two fields that refer to sequence numbers - the 'sequence number' field, and the 'acknowledgment number' field.
Without the 'sequence number' field, the receiving end wouldn't be able to tell if packets were received out of order. Without the 'acknowledgment number' field, the transmitting end wouldn't know if some of his packets had been dropped and the receiver never received them.
Because TCP is a reliable pipe. This means that packets are delivered in sequence (and only once) even though the lower layers don't offer that guarantee. IN order to do this TCP needs housekeeping data, acks, nacks,....
https://en.wikipedia.org/wiki/Transmission_Control_Protocol
The 'next sequence' is an artifact of wireshark, its not actually in the TCP header, ws is just telling you the next packet in its capture file
Every byte (of data send via TCP) has it's own sequence number. This sequence number features in the TCP header (the sequence number field).
I read that this is separate from the sequence number used for the sliding window protocol. This makes me wonder:
Q:
If the sequence number field in the TCP header does not contain the sequence number used for the sliding window protocol - where can the sliding window sequence number be found in the TCP header (or segment)?
The TCP sequence number is used by the protocol to signal the acknowledgement of data acknowledgement.
That is, the sender sends out data with a sequence number in the header of the last byte in the packet.
The receiver returns acknowledgements containing the sequence number of the last byte of data known to have been received. If the transmitter sees the receiver acking data "too long ago" it retransmits the data presumed to have been lost.
If in fact the receiver has received the data retransmitted it knows because of its own highest sequence number that this is so, and can drop part or all of the data received, and send an ack back with the correct sequence so the transmitter can continue.
I think your informant is incorrect BTW. The best book I know of for TCP internals is "TCP/IP Illustrated" by Wright & Stevens, which is well worth getting. See Vol 2 pp 807..812 for all the details...
Why does UDP have the field "UDP Length" twice in its packet? Isn't it redundant? If it is required for some kind of error checking, please provide an example.
Your observation is correct. The length field is redundant because both the IP header and the UDP header has a length field. My only guess about the reason for this redundancy is, that it happened because UDP was designed at a time, where it was not yet clear what the IP protocol suite would look like.
All legitimate UDP packets should have a length field matching exactly what could be derived from the length field in the IP header. If you don't do that, you can't know for sure, what the receiver is going to do with the packet.
UDP packets with inconsistent length fields are seen in the wild on the Internet. I guess they are probing for buffer overflows, which might happen if one length field is used to allocate memory and the other length field is used when copying data to the allocated buffer.
In the newer UDP Lite protocol, the length field has been repurposed. The length field in the UDP Lite header does not indicate how much data there is in the packet, but rather how much of it has been covered by the checksum. The length of the data in a UDP Lite packet is always computed from the length field in the IP header. This is the only difference between the UDP and UDP Lite header formats.
From RFC 768:
Length is the length in octets of this user datagram including
this header and the data. (This means the minimum value of the
length is eight.)
The pseudo header conceptually prefixed to the UDP header contains
the source address, the destination address, the protocol, and
the UDP length. This information gives protection against misrouted
datagrams. This checksum procedure is the same as is used in TCP.
0 7 8 15 16 23 24 31
+--------+--------+--------+--------+
| source address |
+--------+--------+--------+--------+
| destination address |
+--------+--------+--------+--------+
| zero |protocol| UDP length |
+--------+--------+--------+--------+
The REAL answer is that this is a "pseudo header" - that is, it is used for calculating the checksum, but not actually sent. at least that is what I conclude from What is the Significance of Pseudo Header used in UDP/TCP