Packet Reassembly

Client-side stream reconstruction — from fragments to data

TCP Stream Reassembly RFC 9293

TCP segments may arrive out of order. The client uses sequence numbers to reconstruct the original byte stream.

arriving packets SEQ 301 3rd SEQ 1 1st SEQ 451 4th SEQ 151 2nd reorder reassembled stream 1-150 151-300 301-450 451-600 contiguous bytes
FieldSizePurpose
Sequence Number32 bitsByte position in stream
Acknowledgment32 bitsNext expected byte
Window Size16 bitsReceive buffer space
Checksum16 bitsData integrity

IP Fragment Reassembly RFC 791

Large IP datagrams are fragmented to fit MTU. The receiver reassembles using identification and fragment offset.

original datagram (4500 bytes) ID: 0x1234 fragments (mtu 1500) ID:0x1234 OFF:0 MF:1 ID:0x1234 OFF:185 MF:1 ID:0x1234 OFF:370 MF:0
FieldBitsDescription
Identification16Groups fragments together
DF (Don't Fragment)1Fragmentation forbidden
MF (More Fragments)1More fragments follow
Fragment Offset13Position in 8-byte units

TLS Decryption RFC 8446

After TCP reassembly, encrypted TLS records are decrypted using session keys established during handshake.

tls record (encrypted) 0x17 type 0x0303 version len length encrypted payload + auth tag decrypt with session key plaintext HTTP/2 frames or HTTP/1.1 message
Record TypeValueContent
change_cipher_spec0x14Legacy (TLS 1.2)
alert0x15Error notifications
handshake0x16Key exchange
application_data0x17Encrypted payload

Buffer Management Receive Buffer

The receive buffer holds out-of-order segments until gaps are filled and data can be delivered to the application.

receive buffer 1-100 101-200 gap 301-400 gap 501-600 free deliverable waiting for gaps
Buffer StateAction
Contiguous data at headDeliver to application
Out-of-order segmentStore, wait for missing bytes
Duplicate segmentDiscard
Buffer fullAdvertise zero window

Flow Control Sliding Window

The receiver advertises available buffer space. The sender limits in-flight data to prevent overflow.

sender view sent + acked in flight usable not sendable send window (rwnd) ack + window receiver advertises: window = 16384 bytes available buffer
ParameterTypical ValueNotes
Initial Window65535 bytesWithout window scaling
Window Scale0-14Multiplier: 2^scale
Max Window1 GBWith scale=14
Zero Window0Receiver buffer full

Congestion Control RFC 5681

Slow start probes network capacity by doubling congestion window until loss or threshold.

time (rtts) cwnd slow start ssthresh congestion avoidance loss recovery 1 2 3 4 
Slow Start:     cwnd = cwnd + MSS (per ACK)
Cong. Avoid:    cwnd = cwnd + MSS/cwnd (per ACK)
Fast Recovery:  cwnd = ssthresh + 3*MSS
AlgorithmTriggerAction
Slow Startcwnd < ssthreshDouble cwnd per RTT
Congestion Avoidancecwnd >= ssthreshLinear increase
Fast Retransmit3 duplicate ACKsRetransmit lost segment
Fast RecoveryAfter retransmitHalve ssthresh, inflate cwnd

Reassembly Complete Application Delivery

IP Fragments TCP Stream TLS Decrypt Application Data
LayerReassembly UnitIdentifier
IPDatagramID + Fragment Offset
TCPByte StreamSequence Number
TLSRecordImplicit sequence
HTTP/2StreamStream ID