TCP is a connection-oriented, reliable transport protocol that guarantees in-order delivery of bytes and uses sequence numbers, acknowledgments, and retransmission to handle packet loss. TCP's three-way handshake establishes connections, and its flow control and congestion control mechanisms prevent network overload.
Capture TCP handshakes and data transmission using Wireshark; observe sequence numbers, acknowledgments, and retransmissions.
The fundamental problem TCP solves is that the internet is unreliable: IP packets can be dropped by congested routers, duplicated, or arrive out of order. Applications like web browsers and file transfers need a reliable, ordered byte stream. TCP sits at the transport layer and hides all of this unreliability from the application, making the network behave as if it were a perfect pipe.
TCP achieves reliability through three coordinated mechanisms. First, every byte sent is assigned a sequence number, so the receiver knows the correct order and can detect gaps. Second, the receiver sends back acknowledgments (ACKs) confirming how many bytes have been received in order. Third, if the sender does not receive an ACK within a timeout window, it retransmits the missing segment. Together, these ensure every byte eventually arrives in the right position.
Before any data flows, TCP performs a three-way handshake: the client sends a SYN, the server replies with SYN-ACK, and the client confirms with ACK. This exchange synchronizes sequence numbers on both sides and establishes the connection. The handshake is why TCP is described as "connection-oriented" — there is a setup phase before data transfer, unlike UDP which fires packets immediately.
TCP also includes flow control (the receiver advertises how much buffer space it has, preventing the sender from overwhelming it) and congestion control (the sender probes network capacity and backs off when it detects congestion). These mechanisms mean that in a congested network, many TCP senders cooperate to share bandwidth efficiently — which is why TCP often achieves better throughput than UDP in practice, despite UDP's reputation for speed.
The key mental model: TCP presents a simple abstraction (a reliable ordered stream) on top of a complex, lossy reality (IP packets). The application writes bytes; TCP figures out how to deliver them. What TCP does *not* do is guarantee low latency or minimum delay — those are different goals that sometimes require UDP and application-level logic instead.