Master TCP Retransmission, Window Management & Congestion Control – Hands‑On Guide
This tutorial series for newcomers explains TCP timeout retransmission, window management, and congestion control, combining theory with practical experiments using tcpdump, netstat, iptables, and Scapy, and demonstrates how Linux kernel parameters affect retransmission behavior and performance.
Preface
This article is the second part of a TCP introductory series aimed at newcomers and interns, building on the previous tutorial that covered TCP connection establishment and termination.
TCP Timeout Retransmission
TCP reliability relies on sequence numbers and acknowledgments; when a packet is lost, the sender starts a timer and retransmits after a timeout. The retransmission timeout (RTO) is influenced by RTT estimates and the TCP_RTO_MIN constant (typically 200 ms). Linux parameters net.ipv4.tcp_retries1 and net.ipv4.tcp_retries2 control the number of retransmissions, while net.ipv4.tcp_reordering adjusts the duplicate‑ACK threshold.
# vm-1
sudo sysctl net.ipv4.tcp_retries2
net.ipv4.tcp_retries2 = 15Experiments using tcpdump, netstat, and iptables show how packets are retransmitted over a period of minutes, illustrating binary exponential backoff.
Fast Retransmit
Fast Retransmit triggers when three duplicate ACKs are received, allowing the sender to retransmit before the RTO expires. The article demonstrates this using Scapy scripts that craft raw TCP packets and capture the resulting TCP Dup ACK and Fast Retransmit events in Wireshark.
import time
from scapy.all import *
# ... Scapy script omitted for brevity ...Selective Acknowledgment (SACK)
SACK enables the receiver to inform the sender about non‑contiguous data blocks, improving retransmission efficiency. Enabling net.ipv4.tcp_sack activates this feature, and the article shows how SACK packets appear in captures.
# vm-1
sudo sysctl net.ipv4.tcp_sack
net.ipv4.tcp_sack = 1TCP Window Management
Each TCP endpoint maintains a send and receive window. The article explains the sliding‑window mechanism, shows how to observe window sizes with ss -tip, and demonstrates zero‑window probing when the receiver’s window closes.
# vm-1
ss -tip | grep -A 1 9527
cubic wscale:7,7 rto:204 rtt:0.338/0.169 mss:1448 cwnd:10 ... snd_wnd:64256Disabling offloading features (GSO, GRO, TSO) is necessary to capture raw packets without jumbo frames.
# vm-1 and vm-2
sudo ethtool -K enp0s5 gso off
sudo ethtool -K enp0s5 gro off
sudo ethtool -K enp0s5 tso offTCP Congestion Control
Linux uses the CUBIC algorithm by default, but other algorithms such as Reno, BBR, and HSTCP are available. The article shows how to query and change the congestion control algorithm with net.ipv4.tcp_congestion_control and observes cwnd dynamics using ss -i.
# vm-1
sysctl -a | grep congestion
net.ipv4.tcp_congestion_control = cubicInjecting packet loss with tc netem demonstrates how loss reduces cwnd and throughput.
# vm-2
sudo tc qdisc replace dev enp0s5 root netem loss 5%Conclusion
The hands‑on experiments provide a practical foundation for understanding TCP’s retransmission, window management, and congestion control mechanisms, preparing readers to analyze real‑world network issues.
Appendix
A curated list of TCP‑related RFCs and reference links is provided for further study.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Alibaba Cloud Developer
Alibaba's official tech channel, featuring all of its technology innovations.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.