Networking Deep Dive
by Sergey Okinchuk
AnycastPorts, Sockets, and Multiplexing

Chapter 5

The Transport Layer

Where IP's best-effort packets become a usable transport: ports and sockets, UDP's send-and-forget, and the TCP machinery — handshake, reliability, flow control, congestion control, and the lifecycle tuning that decides real performance.

7 topics

IP delivers addressed packets to a host and stops there. The transport layer is what turns that into something a program can use: it picks the right process out of the thousands on a machine, and — if you ask for it — rebuilds the ordering and reliability the network threw away. Everything above this layer assumes the transport already solved those problems; everything below it assumes nothing.

Two protocols split the work. UDP adds ports and a checksum to IP and otherwise gets out of the way, which is exactly what DNS, VoIP, and QUIC want. TCP does the opposite — a handshake, sequence numbers, acknowledgments, retransmission, a sliding window, and congestion control — to hand the application an ordered, reliable byte stream. The seven topics here trace that machinery from the socket the kernel demultiplexes to the TIME_WAIT pileup that exhausts your ports under load.

The transport layer sits on IP and delivers to one process
L7 · Application — HTTP, DNS
the program that consumes the payload
L4 · Transport — TCP / UDP
port demux, optional reliable stream
L3 · Internet — IP
best-effort delivery to a host

Topics in This Chapter

Topic 24
Ports, Sockets, and Multiplexing
The 16-bit port, the socket bound to (IP, port), and the 5-tuple the kernel uses to demultiplex each packet to exactly one connection — plus how one listening port serves thousands of clients.
Sockets
Topic 25
UDP — The Minimal Transport
Eight bytes of header on top of IP and nothing else — no connection, no ordering, no retransmission. Why DNS, real-time media, and QUIC pick it, and what you must rebuild yourself.
UDP
Topic 26
TCP and the Three-Way Handshake
The SYN / SYN-ACK / ACK exchange that synchronizes sequence numbers, the state machine from LISTEN to ESTABLISHED, and the four-way teardown — and why connecting always costs at least one RTT.
TCP
Topic 27
Reliability — ACKs and Retransmission
Sequence numbers, cumulative ACKs, and retransmission — the RTO timer, fast retransmit on three duplicate ACKs, and SACK. How TCP recovers from loss, and how loss feels as a stall.
TCP
Topic 28
Flow Control and the Sliding Window
The receive window, the sliding window bounded by the smaller of cwnd and rwnd, and window scaling for long-fat networks — protecting the receiver, not the network.
Flow Control
Topic 29
Congestion Control
Slow start, congestion avoidance, and the cwnd — plus loss-based CUBIC versus model-based BBR, why BBR wins on lossy paths, and the fairness debate it started.
Congestion
Topic 30
TCP Tuning and Connection Lifecycle
TIME_WAIT versus CLOSE_WAIT, keepalives, socket-buffer autotuning, and connection reuse — the lifecycle issues that cause port exhaustion and latency long before congestion control does.
Tuning