Tcp three-way handshake:
or:
As above, the reason why the third handshake is required is that the server does not know whether the other party can receive and whether its own sending function is normal after the second handshake (sending information). But at this time, the one-way channel of data has been established. For the client, it has been confirmed that the server can receive the signal, so it can send data to the server one-way.
Example:
In the spy war movie, our personnel need to transmit enemy information to our site, so they request the site through various methods (such as swiping a finding notice and sticking it to a designated telephone pole) (due to the uncertainty of signal security). , therefore cannot directly transmit information and must first confirm the safety of both parties). The request contains a cryptic character J. This is the first handshake.
After the site receives the request in the specified way, it indicates that the site is safe (can receive intelligence) and that my intelligence personnel can send a message to publish a mysterious missing person notice in the newspaper. The missing person notice contains the mysterious character J+1, and the mysterious character K. At this point the site does not know whether its information can be received by intelligence personnel. This is the second handshake.
Our staff bought the newspaper and saw that J+1 means that the site can receive and send information (you can also send it yourself). However, the site is unaware that intelligence personnel have received its message, so a confirmation message (posted on a telephone pole) is sent again, containing the cryptic character K+1. This is the third handshake. Connection established.
If there are only two handshakes, it only means that the server can receive information, that is, the site can receive information from the intelligence personnel. This can be used for one-way transfer of general intelligence without requesting the site for instructions.
As for why there is no fourth time, because through the three-way handshake, both parties have already ensured that both themselves and the other party can receive and send information normally, and there is no need for a fourth time.
Simple expression:
First time: A sends to B: SYN
Second time: B sends to A: SYN+ACK
Third time: A sends to B: ACK
Another explanation:
1: A sends, B receives, B knows that A can send
2: B sends, A receives, A knows that B can send and receive
3: A sends, B receives, B knows that A can receive
Another accurate explanation:
As a reliable transmission control protocol, the core idea of TCP is to not only ensure reliable data transmission, but also improve the efficiency of transmission, and using three times can meet the needs of the above two aspects!
The essence of TCP reliable transmission: the party A of the TCP connection, the operating system dynamically randomly selects a 32-bit long sequence number (Initial Sequence Number), assuming that the initial sequence number of A is 1000, with the sequence number as the origin The data of each byte sent is numbered, 1001, 1002, 1003..., and tells B its initial serial number ISN, so that B has a mental preparation, what kind of data is legal and what is illegal For example, the number 900 is illegal, and B can also confirm the byte data of each number of A. If A receives B's acknowledgment number 2001, it means that the bytes are numbered 1001-2000, and a total of 1000 bytes have arrived safely.
In the same way, B is also a similar operation. Suppose the initial serial number ISN of B is 2000. With the serial number as the origin, number the data of each byte that it will send, 2001, 2002, 2003..., and put its own The initial sequence number ISN tells A so that A can acknowledge every byte sent by B. If B receives A confirmation number 4001, it means that the byte number is 2001-4000, and a total of 2000 bytes have arrived safely.
In a word, what is the TCP connection handshake? The serial number of the data origin of both communication parties!
4 waves of TCP :
The so-called Four-Way Wavehand terminates the TCP connection, which means that when a TCP connection is disconnected, the client and the server need to send a total of 4 packets to confirm the disconnection of the connection. In socket programming, this process is triggered by either the client or the server executing close. The whole process is shown in the following figure:
Since the TCP connection is full-duplex, each direction must be closed separately. The principle is that when one party completes the data transmission task, it sends a FIN to terminate the connection in this direction. Receiving a FIN only means that There is no data flow in this direction, that is, no more data will be received, but data can still be sent on this TCP connection until FIN is also sent in this direction. The side that shuts down first will perform an active shutdown, while the other side will perform a passive shutdown, as depicted in the diagram above.
(1) Wave for the first time: The client sends a FIN to close the data transfer from the client to the server, and the client enters the FIN_WAIT_1 state.
(2) The second wave: After the server receives the FIN, it sends an ACK to the client, confirming that the serial number is the received serial number + 1 (same as SYN, one FIN occupies one serial number), and the server enters the CLOSE_WAIT state.
(3) The third wave: The server sends a FIN to close the data transfer from the server to the client, and the server enters the LAST_ACK state.
(4) The fourth wave: After the client receives the FIN, the client enters the TIME_WAIT state, and then sends an ACK to the server, confirming that the serial number is the received serial number + 1, and the server enters the CLOSED state, completing the four waveds.
The above is the case where one party actively shuts down and the other party passively shuts down. In practice, there will also be cases where active shutdown is initiated at the same time. The specific process is as follows:
The process and status are very clear in the above figure, so I won't repeat them here. You can refer to the previous four wave analysis steps.
4. Notes
There are usually typical interview questions about the three-way handshake and the four-way wave, which are provided here for reference by XDJMs in need:
(1) What is the three-way handshake or process? What about the four-way handshake? The answer is the previous analysis.
(2) Why is it a three-way handshake to establish a connection, but a four-way wave to close the connection?
This is because the server in the LISTEN state, after receiving the SYN message for the connection establishment request, sends the ACK and SYN in one message to the client. When the connection is closed, when the FIN message from the other party is received, it only means that the other party no longer sends data but can still receive data , and not all data is sent to the other party, so the party can immediately close or send some data. After the data is sent to the other party, the FIN message is sent to the other party to express the agreement to close the connection now. Therefore, the own ACK and FIN are generally sent separately.
UDP protocol:
UDP (User Data Protocol , User Datagram Protocol)
(1) UDP is a non-connection protocol. Before transmitting data, the source and terminal do not establish a connection. When it wants to transmit, it simply grabs the data from the application. And throw it on the web as fast as possible. On the sending end, the speed at which UDP transmits data is only limited by the speed at which the application generates data, the capabilities of the computer, and the transmission bandwidth; on the receiving end, UDP places each message segment in a queue, and the application removes each message from the queue each time. Read a message segment.
(2) Since a connection is not established for data transmission, there is no need to maintain the connection state, including the sending and receiving state, so one server can transmit the same message to multiple clients at the same time.
(3) The header of the UDP packet is very short, only 8 bytes, and the extra overhead is very small compared to the 20-byte packet of TCP.
(4) The throughput is not regulated by the congestion control algorithm, and is only limited by the rate of data generated by the application software, the transmission bandwidth, and the performance of the source and end hosts.
(5) UDP uses best-effort delivery, i.e. reliable delivery is not guaranteed, so the host does not need to maintain a complex link state table (there are many parameters in it).
(6) UDP is message-oriented . The sender's UDP sends the message to the application and delivers it to the IP layer after adding the header. Neither splitting nor merging, but preserving the boundaries of these packets, therefore, the application needs to choose an appropriate packet size.
We often use the "ping" command to test whether the TCP/IP communication between two hosts is normal. In fact , the principle of the "ping" command is to send a UDP packet to the other host, and then the other host confirms the receipt of the packet. If the packet is not When the incoming message is fed back in time, the network is connected.
UDPHeader structure:
source port 16-bit
destination port 16-bit
length 16-bit
checksum 16-bit
Summary Differences between TCP and UDP :
1. Based on connection and no connection;
2. Requirements for system resources (more TCP, less UDP) ;
3. UDP program structure is relatively simple;
4. Stream mode and datagram mode; TCP is a byte stream sent, UDP is a message-oriented mode
5. TCP guarantees data correctness, UDP may lose packets, and TCP guarantees data order, UDP is not guaranteed.
The difference between Socket and TCP , UDP and http :
We often translate socket into socket. Socket is an abstraction layer between the application layer and the transport layer. It abstracts the complex operations of the TCP/IP layer into several simple interfaces for the application layer to call the implemented process in the network. Communication in.
JAVA TCP Socket programming model:
