As we have seen in the previous pages, some TCP segments carry data while others are simple acknowledgements for previously received data. The popular 3-way handshake utilises the SYNs and ACKs available in the TCP to help complete the connection before data is transferred.
Our conclusion is that each TCP segment has a purpose, and this is determined with the help of the TCP flag options, allowing the sender or receiver to specify which flags should be used so the segment is handled correctly by the other end.
Let's take a look at the TCP flags field to begin our analysis:
You can see the 2 flags that are used during the 3-way handshake (SYN, ACK) and data transfers.
As with all flags, a value of '1' means that a particular flag is 'set' or, if you like, is 'on'. In this example, only the "SYN" flag is set, indicating that this is the first segment of a new TCP connection.
In addition to this, each flag is one bit long, and since there are 6 flags, this makes the Flags section 6 bits in total.
You would have to agree that the most popular flags are the "SYN", "ACK" and "FIN", used to establish connections, acknowledge successful segment transfers and, lastly, terminate connections. While the rest of the flags are not as well known, their role and purpose makes them, in some cases, equally important.
We will begin our analysis by examining all six flags, starting from the top, that is, the Urgent Pointer:
1st Flag - Urgent Pointer