In the interview, the three-way handshake and fourth wave can be said to be asking a knowledge of the most frequent, and I believe we have seen a lot of three-way handshake with the four waving the article, today's article, the focus is around the interview, which we should grasp the more important point, which is more by the interviewer to ask, I think if you put me under some of the points listed remember, understand, I think almost the same.
Three-way handshake
When the interviewer asked why you need to have three-way handshake, the role of three-way handshake, talk time of three three-way handshake, I think many people would reply:
First, many people will talk about the process under way handshake:
1. The first handshake: the client to the server sends a SYN packet.
2, second handshake: After the server receives a SYN packet, it will answer a SYN + ACK packet.
3, third handshake: the client receives the SYN + ACK packet after it sends an ACK packet.
4. After the server receives an ACK packet to complete the three-way handshake to establish.
To confirm the role of both receiving and sending capacity is normal.
这里我顺便解释一下为啥只有三次握手才能确认双方的接受与发送能力是否正常,而两次却不可以:
第一次握手:客户端发送网络包,服务端收到了。这样服务端就能得出结论:客户端的发送能力、服务端的接收能力是正常的。
第二次握手:服务端发包,客户端收到了。这样客户端就能得出结论:服务端的接收、发送能力,客户端的接收、发送能力是正常的。不过此时服务器并不能确认客户端的接收能力是否正常。
第三次握手:客户端发包,服务端收到了。这样服务端就能得出结论:客户端的接收、发送能力正常,服务器自己的发送、接收能力也正常。
Therefore, three-way handshake to confirm both the reception and transmission capacity is normal.
In fact, this answer is possible, but I think a little more detail of this process we should be described as the process of three-way handshake, the two sides is a lot of change in the state, and these states, but also the interviewer might ask point. So I think in answer to the three-way handshake, we should be described in detail, and that means that the detailed description can pull a little longer. Plus I think it should be described like this:
At first client in the closed state, the server is in the listen state . then
1. The first handshake: the client to the server sends a SYN packet, and indicates the client's initialization sequence number ISN (c) . At this time, the client is SYN_Send state.
2, second handshake: After the server receives the client's SYN packet, will own SYN packet as a response, and also specify your own initialization sequence number ISN (s), while the client will ISN + 1 as the value of ACK, said he has received SYN the client, while the server is SYN_REVD state.
3, third handshake: After the client receives the SYN packet, it sends an ACK packet, of course, is the same as the server's ISN + 1 as the value of ACK, it said that it has received the server's SYN packet, this time client is establised state.
4. After the server receives the ACK packet, also in establised state , this time, the two sides to establish a link.
Three-way handshake role
Three-way handshake is also a lot of action, more than a few in mind, to ensure no loss. E.g:
1, the two sides confirmed the acceptance, the ability to send is normal.
2, specify your own initialization sequence number, to prepare for the reliable transfer of the latter.
3, if it is https agreement, the three-way handshake process, will conduct verification and encryption keys to generate digital certificates.
This alone is not enough to cope with the three-way handshake, the interviewer might also ask some other questions, such as:
1, (ISN) it is fixed
An important function of the three-way handshake is the client and server exchange ISN (Initial Sequence Number), in order to let each other know when the next receive data on how the data assembled by serial number.
If the ISN is fixed, it is easy for an attacker to guess the subsequent acknowledgment number, so ISN is dynamically generated.
2, what is the semi-connection queue
After the server first received the client's SYN, will be in SYN_RCVD state, this time the two sides have not yet fully established its connection, the connection request in a queue at the server will this state, we call this queue semi connection queue . Of course there is a full connection queue is already completed three-way handshake to establish a connection will be placed in full connection queue. If the queue is full there is packet loss may occur.
这里在补充一点关于SYN-ACK 重传次数的问题: 服务器发送完SYN-ACK包,如果未收到客户确认包,服务器进行首次重传,等待一段时间仍未收到客户确认包,进行第二次重传,如果重传次数超 过系统规定的最大重传次数,系统将该连接信息从半连接队列中删除。注意,每次重传等待的时间不一定相同,一般会是指数增长,例如间隔时间为 1s, 2s, 4s, 8s, ….
3, three-way handshake process, you can carry data
Many people might think that three-way handshake can not carry data, in fact, the third time to shake hands, it can carry data. In other words, the first, second handshake can not carry data, while the third handshake can carry data.
Why did this happen? We can think of a problem, if the first handshake can carry data, and if someone wants to malicious server, that he always in the first handshake SYN packets into large amounts of data, because the attacker simply reception, the ability to send ignore server is normal, then frantically focus on relapse SYN packet, then it makes the server takes a lot of time and memory space to receive these messages. In other words, the first handshake can put the data, in which a simple reason for this is to make the server more vulnerable to attack.
For the third time, then, when the client is already established in the state, that is, for the client, he has established a connection, and also have been known to receive, transmit power of the server is normal, so can nothing wrong with carrying data page.
About three-way handshake, https authentication process to know what is best, but I will not say, keep writing articles related to the time of the interview http say.
Four waving
Four waved, too, do not each other a FIN message, we an ACK packet, then we a FIN message, we an ACK packet. Then the end, it is best to say little details, such as the following so that you almost think, should every stage of the state of mind is good, the last interview I was asked a few, huh, huh. I was wrong, he thought he got it, was also explained clearly and logically, huh, huh.
At first both in establised state, if the client to initiate a shutdown request, then:
1, the first wave: the client sends a FIN packet, the packet will assign a serial number. At this time, the client is CLOSED_WAIT1 state.
2, second handshake: After the server receives the FIN, ACK message is sent, and the client's sequence number value + 1 as the sequence number of the ACK packet indicating that the packet has been received in the client, then server in CLOSE_WAIT2 state.
3, the third wave: If the server also want to disconnect the connection, and the first wave of the same client, send FIN messages, and specify a serial number. At this time, the server is LAST_ACK state.
4, the fourth wave: After the client receives the FIN, sends an ACK message as a response, and the server sequence number value + 1 as its sequence number value of the ACK packet, then the client is in the TIME_WAIT state. After a while the need to ensure that your server receives ACK packets will enter CLOSED state
5, after the server receives the ACK packet, it is connected to closing, in a CLOSED state.
Here it is the main special needs TIME_WAIT this state, this is the interview of high frequency test sites, is to understand why clients do not turn off after sending ACK, but have to wait a while to close. The reason for this is that if you want to make sure that our server has received ACK packet, if not received, the server will re-send FIN messages to the client, then the client receives FIN message again, you know that before ACK packet is lost, then sends an ACK packet again.
As TIME_WAIT duration of the round-trip time is at least a packet. Usually set a timer, if after this timing does not receive FIN messages again, on behalf of the other party is successful ACK packet, this time in CLOSED state.
Here I give the meaning of each state included, are interested can look at.
LISTEN - 侦听来自远方TCP端口的连接请求;
SYN-SENT -在发送连接请求后等待匹配的连接请求;
SYN-RECEIVED - 在收到和发送一个连接请求后等待对连接请求的确认;
ESTABLISHED- 代表一个打开的连接,数据可以传送给用户;FIN-WAIT-1 - 等待远程TCP的连接中断请求,或先前的连接中断请求的确认;
FIN-WAIT-2 - 从远程TCP等待连接中断请求;
CLOSE-WAIT - 等待从本地用户发来的连接中断请求;
CLOSING -等待远程TCP对连接中断的确认;
LAST-ACK - 等待原来发向远程TCP的连接中断请求的确认;
TIME-WAIT -等待足够的时间以确保远程TCP接收到连接中断请求的确认;
CLOSED - 没有任何连接状态;
Finally, on the three-way handshake with the four waving Figure
Welcome to leave a message to add Oh.
Section of this article Source network, tort deleted.