Detailed explanation of TCP three-way handshake and four-way handshake packet capture

Mobile 2023-07-01 15:05:21 views: null

This is a small experiment I built on ensp, and observed the whole process of TCP handshake through Wireshark packet capture;

server configuration

figure 2

 

client access

image 3

packet capture observation

three handshake

Figure 4

1) First handshake

The TCP protocol stipulates that the segment with SYN set to 1 cannot carry data, but consumes a sequence number

The first handshake: the client sends a syn packet (seq=x) to the server, and enters the SYN_SENT state, waiting for the server to confirm;

Figure 5

2) The second handshake

The second handshake: the server receives the syn packet and must confirm the client's SYN (ack=x+1), and at the same time, it also sends a SYN packet (seq=y), that is, the SYN+ACK packet, and the server enters the SYN_RECV state at this time;

Figure 6

3) The third handshake 

The third handshake: The client receives the SYN+ACK packet from the server and sends the confirmation packet ACK (ack=y+1) to the server. After the packet is sent, the client and server enter the ESTABLISHED state and complete the three-way handshake.

The packet transmitted during the handshake process does not contain data. After the three-way handshake is completed, the upper layer application process is also notified: the TCP connection has been established, and the client and server officially start to transmit data.

waved four times

Similar to the "three-way handshake" for establishing a connection, a "four-way handshake" is required to disconnect a TCP connection.

The TCP standard stipulates that even if the FIN message does not carry data information, it still needs to consume a seq

Figure 7

 Figure 8

1) First wave

 The client sends a TCP packet to the server to close the data transmission from the client to the server, FIN=1, ACK=1, seq=158, ack=308.

Figure 9

2) second wave

 After receiving the FIN segment from the client, the server responds with a response, ACK=1, seq=308, ack=159, and y+1.

Figure 10

3) Third wave

 The client port connection has been released, and the third handshake is to release the connection on the server side, indicating that my data has been transmitted, and send a FIN segment, FIN=1, ACK=1, seq=308, ack=159.

Figure 11

4) Fourth wave

 After receiving the FIN message from the server, the client responds and sends back an ACK confirmation, ACK=1, seq=159, ack=309.

end

Guess you like

Origin blog.csdn.net/weixin_54223979/article/details/124898844
Recommended
Rushing to the GitHub hot list——How can open source programming languages and frameworks be so cute?
Beijing Humanoid Robot Innovation Center launches Tiangong, the world's first full-size humanoid robot with purely electric drive for anthropomorphic running
Ranking
8个无需编写代码即可使用 Python 内置库的方法
Java collections interview knowledge Lite
Machine learning algorithms foundation - Introduction a (watermelon materials for the book)
(Easy) Ransom Note - LeetCode
[Five days] Qt from entry to actual combat: the second day
Remember once extremely pit father can not download Maven Jar package of issues: IDEA question
The minimum cost Shortest
OSPF study map (the most complete version)
Network Takeaways
GnuPG
Daily
More
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)

Code World

© 2018 codetd.com