Table of contents
1. Three-way handshake to establish connection
Wave two or four times to disconnect
4. Message changes in the three-way handshake
5. Changes in messages after four waves
1. Three-way handshake to establish connection
In the TCP/IP protocol, the TCP protocol provides reliable connection services and uses a three-way handshake to establish a connection.
- First handshake: When establishing a connection, the client sends a SYN packet to the server , and the client enters the SYN_SENT state and waits for confirmation from the server ;
- Second handshake: After receiving the SYN packet, the server sends a SYN+ACK packet to the client . At this time, the server enters the SYN_RCVD state;
- The third handshake: After receiving the SYN+ACK packet from the server, the client sends a confirmed ACK packet to the server . After the packet is sent, the client and server enter the ESTABLISHED state and complete the three-way handshake.
Complete the three-way handshake and establish the link.
Wave two or four times to disconnect
-
The first wave: the active closing party sends a FIN packet to the passive closing party . That is, the active closing party tells the passive closing party : I will no longer send you data.
-
The second wave: After receiving the FIN packet, the passive closing party sends an ACK packet to the active closing party . Just tell the active closing party that the notification has been received.
-
The third wave: the passive closing party sends another FIN packet to the active closing party to close the data transmission from the passive closing party to the active closing party . That is to tell the active closing party that my data has been sent and no more data will be sent to you.
-
The fourth wave: After receiving the FIN packet, the active closing party sends an ACK packet to the passive closing party . At this point, four waves are completed.
Note: For the second and third times, the passive shutdown party sends messages to the active shutdown party twice in a row
3. Main fields
1. Flags
| Flag bit | meaning | illustrate |
| SYN | Initiate a connection | When SYN=1 and ACK=0, it indicates a connection request message. If the connection is agreed, the response message should contain SYN=1 and ACK=1. |
| ACK | Confirm logo | When ACK=1, the confirmation flag is only valid. (In order to distinguish it from the confirmation number ack, we must use capital letters) |
| FIN | Release connection | When FIN=1, it indicates that the sender's data of this message has been sent and requires release. |
| PSH | Read data | When PSH=1, the receiving application is prompted to immediately read the data from the TCP cache. |
| RST | Reset connection | When RST=1, a serious error occurs in the TCP connection, and the connection must be released and reconnected later. |
| URG | emergency pointer | When URG=1, it indicates that the emergency pointer field is valid, telling the system that there is urgent data in this segment. |
2. Sequence number
seq sequence number, occupies 32 bits. Used to identify the byte stream sent from the TCP source to the destination. The initiator marks this when sending data.
3. Acknowledgment number
ack serial number, 32 bits. The confirmation sequence number field is valid only when the ACK flag is 1, ack=seq+1.
4. Message changes in the three-way handshake
5. Changes in messages after four waves
6. Interview questions
1. Why is it a three-way handshake to establish a connection, but a four-way handshake to close a connection?
When establishing a connection, ACK and SYN can be sent in one message. When closing the connection, the passive closing party may need to send some data before sending a FIN message to express agreement that the connection can be closed now, so the ACK message and FIN message here are sent separately in most cases.
2. Why is it necessary to use a three-way handshake and not a two-way handshake to connect?
When TCP establishes a connection, the three-way handshake can prevent the establishment of historical connections, reduce unnecessary resource overhead on both sides, and help both parties synchronize initialization sequence numbers. Sequence numbers ensure that data packets are not repeated, discarded, and transmitted in order.
Reasons for not using "two-way handshake" and "four-way handshake":
"Two handshakes": It cannot prevent the establishment of historical connections, which will cause a waste of resources on both sides, and it is also impossible to reliably synchronize the serial numbers of both parties; "Four handshakes":
Three handshakes are the theoretical minimum for reliable connection establishment, so there is no need to use it More communications.
3. The purpose of shaking hands three times and waving four times
Three-way handshake: This is to ensure that both parties have prepared resources.
Wave four times: This is to ensure that both parties have released resources.
4. In the process of TCP three-way handshake, at which stage of the three-way handshake does accept occur?
The client's connect causes 3 handshakes.
The server blocks in accept after socket, bind, and listen. After the three-way handshake is completed, accept returns an fd, so accept occurs after the three-way handshake.
5. After waving four times, why does the TIME_WAIT state still need to wait 2MSL before returning to the CLOSED state?
Two reasons for existence:
1. There is no guarantee that the last ACK message sent will be received by the other party, so it is necessary to resend the ACK message that may be lost.
2. After the link is closed for a period of time, a new connection may be established at the same IP address and port, in order to prevent duplicate groups of old connections from reappearing after the new connection has been terminated. 2MSL is enough to keep the packet alive for at most MSL seconds before being discarded.
If there are any shortcomings in this article, you are welcome to comment below and I will correct it as soon as possible.
