1. Understanding TCP packets
TCP packet format_What content does a TCP packet contain:
The source port number and destination port number in the TCP header are the same as the source IP and destination IP in the IP datagram to uniquely determine a TCP connection.
TCP must establish a connection with each other before sending data. The connection here means: both parties need to save each other's information (for example: IP, Port...)
Explanation of the main fields of the message | ||
Sequence number | serial number | Represents the data byte stream sent, ensuring that TCP transmission is in order, and numbering each byte. The initial sequence number is random. |
Acknowledge number | Confirm serial number | The sender expects to receive the next serial number, and the serial number of the data byte after successful reception is increased by 1. Only valid when ACK=1. |
acknowledgement | ACK | Confirmation sequence number flag ACK=1 indicates that the confirmation number is valid ACK=0 indicates that the message does not contain confirmation sequence number information |
synchronous | SYN | Connection request sequence number flag, used to establish a connection SYN=1 indicates a connection request |
finish | FIN | End flag, used to release the connection, if it is 1, it means to close the local data stream |
push | PSH | send |
reset | RST | reset |
urgent | URG | urgent |
LISTEN | Wait for connection requests from any remote TCP and port. | |
FIN_WAIT_1 | Wait for a connection termination request from the remote TCP, or for an acknowledgment of a previously sent connection termination request. | |
FIN_WAIT_2 | Wait for the connection termination request from the remote TCP. |
|
CLOSE_WAIT | Waiting for a connection termination request from a local user | |
CLOSING | Wait for the connection termination request confirmation of the remote TCP | |
LAST_ACK | Waiting for the acknowledgment of the connection termination request previously sent to the remote TCP (including the acknowledgment of its byte connection termination request) | |
TIME_WAIT | Wait enough time to elapse to ensure that the remote TCP receives acknowledgment of its connection termination request. | |
CLOSED | No longer connected. |
Two, TCP three-way handshake process analysis
three handshake | client | send Message | Server |
first handshake | Client sends request information to server
|
SYN=1 seq=x |
The server receives the information sent by the client
|
second handshake | The client receives information from the server 1. The client knows that it is sending and receiving normally. client knows everything |
ACK=1 ack=x+1 SYN=1 seq=y |
Server sends information to client |
third handshake | client to server | seq=x+1 ACK=1 ack=y+1 |
The server receives the information sent by the client 1. The server knows that the client sends and receives normally. |
From the above analysis process, it can be seen that two handshakes cannot reach the conclusion that both parties know that their own and the other party's receiving and sending capabilities are normal. From this we know that the purpose of the three-way handshake is to let both the client and the server know that they and the other party have normal receiving and sending capabilities. Therefore, the three-way handshake cannot be less, and more network resources are wasted. |
Three, TCP four waved analysis
waved four times | client | send Message | Server |
first wave | Client sends request FIN-WAIT-1 state 1 |
FIN=1 seq=u |
|
second wave | ACK=1 ack=u+1 seq=v |
服务端收到请求 服务端发送请求 CLOSE-WAIT状态 2 |
|
第三次挥手 | 客户端收到服务器确认结果后进入FIN-WAIT-2状态 客户端发送 3 |
FIN=1 ACK=1 ack=u+1 seq=w |
服务端发送信息 LAST-ACK状态 4 |
第四次挥手 | 客户端收到回复 客户端发送 TIME-WAIT状态 客户端经过2个最长报文段寿命后,客户端CLOSE 5 |
ACK=1 ack=w+1 seq=u+1 |
服务端确认 服务端立刻进入CLOSE状态 6 |
四次挥手需要考虑服务端是否有正在发送的数据 所以客户端发起结束请求,服务端不能立即响应结束。 简单理解: 客户端发起结束请求 服务端收到请求,同时告诉客户端自己收到请求 服务端确认没有正在发送的数据,告诉客户端 客户端收到服务端的确认后结束,服务端结束 |
The first wave: the client sends out release FIN=1, its own serial number seq=u, and enters the FIN-WAIT-1 state The second wave: After receiving the
client’s message, the server sends an ACK=1 confirmation flag and the client’s confirmation number ack=u+1, own serial number seq=v, enter the CLOSE-WAIT state
Third wave: After the client receives the confirmation result from the server, it enters the FIN-WAIT-2 state. At this time, the server sends the release FIN=1 signal, the confirmation flag ACK=1, the confirmation sequence number ack=u+1, its own sequence number seq=w, the server enters the LAST-ACK (final confirmation state) waved for the fourth time: the client receives the
reply After that, send confirmation ACK=1, ack=w+1, own seq=u+1, and the client enters TIME-WAIT (time waiting). After the client has passed the 2 longest message segment lifetimes, the client CLOSE; after the server receives the confirmation, it immediately enters the CLOSE state.
4. It is precisely because of the three-way handshake and four-way handshake of the TCP protocol that TCP is a secure connection, which is different from the UDP protocol.
Five, the relationship between HTTP and TCP
TCP is a transport layer protocol, while HTTP is an application layer protocol.
HTTP is based on TCP connection, so some people say that the three-way handshake is HTTP and some say it is TCP, which is exactly TCP.
TCP simply establishes a connection, does not involve any actual data we need to request, and is simply transmitted.
HTTP is used to send and receive data.
6. Welcome to exchange and correct, follow me, and learn together.
reference link
Brief description of TCP three-way handshake and four-way wave