TCP conversation is an important part of network traffic. So, before discussing ACLs in detail it is important to discuss TCP conversation. The ACLs control traffic into and out of the network. The traffic control can be simple or complex. The simple traffic control only permitting or denying network traffic based on network address and complex network traffic based on TCP port-based.
When a host request data from other host or server, IP address manage the communication between both source and destination host and TCP manages the communication between both the source and destination hosts. When sending an email or downloading a file, TCP is responsible for breaking data into the segment for IP before sending. TCP is also responsible for assembling the data from the segments when data arrived at the destination. The TCP process is just like a conversation in which two hosts on a network agree to pass data between one another.
Transmission Control Protocol provides a connection-oriented and reliable byte stream service where two applications must establish a TCP connection before exchanging data. It is a full-duplex protocol where each TCP connection supports a pair of byte streams, and each stream flowing in one direction. TCP also includes a flow-control mechanism for each byte stream allowing the receiver to limit data sending from another end. It also implements a congestion-control mechanism. The figure1 illustrates how a TCP conversation takes place.
TCP segments marked with flags SYN, ACK and FIN. The SYN starts (synchronizes) the session, an ACK is an acknowledgement for the received segment and a FIN finishes the session. A SYN/ACK acknowledges that the transfer is synchronized. TCP data segments also include the higher-level protocol required to direct the application data to the accurate application. The TCP data segment identifies the port which matches the requested service. Each service has its port number. Some know ports numbers are port 80, port, 25, port 20 and port 21. The figure- 2 illustrates the range of TCP and UDP ports.