1. Detailed explanation of tcp waved four times
I just explained the process of tcp waving four times with a picture. Use wireshark to grab a packet and analyze it in detail.
1. The first request to release the connection sent by the client
This is the packet captured and then filtered out. Look at the final stage, it is about to release a link. Here is the first fin ,ack package:
Didn't it mean that there is only fin? Why are fin and ack packages here?
Double click to see:
The tcp message is a reliable protocol, each of its data packets must be confirmed, and each data packet sent has an ack packet. It means that every time a package is sent, it must be confirmed.
So the first fin, ack packet, and ack are marked, which is actually a confirmation of the previous message data.
tcp is a conventional protocol that must be confirmed for each packet.
2. The server responds to the client with a confirmation message
Only the ack bit is marked, the other bits are not marked, because this is an acknowledgment message.
The sequence number of the ack packet is 952. It is because the fin and ack packets sent by the client hope that the sequence number of the next packet is 952 (the confirmation number is 952)
3. The server sends a request to the client to release the connection
Send a fin, ack packet again, indicating that I also want to release the connection.
The sequence number and confirmation number of fin, ack and ack packets are the same.
Because it is still sent by a server, the confirmation number and serial number are the same.
4. The client sends a confirmation message
The client also sent an ack packet. The ack number of this packet is equal to the sequence number (seq=5002) of the previous packet plus 1, which is 5003.
This is a packet captured by someone else, and the meaning is the same.
Here is to use wireshark to capture the packet to show you the process of waving four times in detail. fin, ack package—>ack package---->fin, ack package---->ack package.
There will be no tcp connection later.
2. Completely see the whole process
This is someone else's bag, you can see the whole process. This is the point.
After the three-way handshake, a connection of https is initiated, and normal data packets are sent in the middle, until the client sends the data packets, the client initiates a fin, and the ack packet starts to wave four times until the connection ends.
3. Tips
The above content is captured and sorted out. The content of the two captures is somewhat different, but the technical content written on the picture is accurate. The last picture showing the whole process is the technical focus of this article. When learning, you should use what you have learned flexibly, and don't copy it mechanically.