====================================================||
Welcome to the discussion of technology can add another micro letter: windgs (please note csdn + xx occupation)
====================================================||
table of Contents
A, TCP Connection Management Overview
Second, the three-way handshake
A, TCP Connection Management Overview
As we said before TCP is a connection-oriented communication protocol, so the first data transmission connection is performed typically need to establish (TFO: except TCP Fast Open), we first introduce the TCP connection management.
Typically a complete TCP data transmission generally comprises three stages, namely a connection setup (Setup), data transfer (ESTABLISHED) and the connection release (also referred tearDown cleared or terminated) . The main contents of the connection management section is the process of TCP connection establishment and connection release manner and TCP connection state (connection state) management, in addition to establishing TCP connections, the sending and receiving ends can exchange some options (Option), Some of these options can only be in the process of establishing a connection in the exchange, some of it can be exchanged in a subsequent data transmission, so we will briefly explain each of these common options.
In the TCP connection establishment process generally need to address the following three questions
- For each party can ascertain the presence of each other.
- To allow the two sides negotiated a number of parameters (such as the maximum segment size, maximum window size, quality, service, etc.).
- The transmission can be assigned physical resource (e.g., cache size, etc.)
The most common way to establish TCP connection is through the three-way handshake (Three-Way Handshake) , connection release most common way is four times wave (four-way handshake or-Way wavehang at Four) , here we introduce the two most common connection management mechanism.
Second, the three-way handshake
Three-way handshake of the whole process as shown below, we generally refer to initiate connections (Active Opener) at one end is the client (Client) , passively waits for a connection (Passive Opener) is called the server-side (Server) . And we use the concept of client and server in the WEB development here we are talking about the client and server side slightly different, in general WEB development for the client to call the user side, back to the server, but the server can also be background initiate a TCP connection to the client (although less this scenario), this time it is equivalent to our back-end server in the figure below the client.
d
Below we explain the whole process
- A and B are the initial closed state, B LISTEN enters the state passive open , then B waits to receive a client SYN packet to establish a connection.
- A active open time, A is the TCP connection request sent to the B segment, which bit synchronization header of SYN = 1, selection number seq = x, the first byte indicates that when the number of packets transmitted is x, since the SYN flag occupies a logically serial number, so the actual time of data transmission, TCP transmission data in a first series of numbers corresponding to Byte x + 1. After this SYN packet sent, A proceeds to the SYN_SENT state, waiting for B sending an ACK acknowledgment packet.
- B after receiving a TCP connection request packet segments, then sends back an acknowledgment. In the B segment should confirm that the SYN = 1, so that flag bit ACK = 1, which acknowledgment number ack = x + 1, the number of their choice seq = y. Remember we said before the actual transfer on behalf of the serial number SN how many bits of data payload, in fact, generally do not carry data in a TCP SYN packet, but because of SYN packets and FIN packets accounted for in the above logic in the agreement a Byte Therefore B after receiving the reply to the SYN packet ack = x + 1. We'll come back consume serial number SN means that once the packet loss can retransmit operation, because the SYN consumes one byte serial number, so SYN packet loss when the trigger is retransmitted. A SYN packet after receiving the packet B and sends an ACK confirmation, B proceeds SYN_RCVD state.
- After receiving the packet A confirmation is given to the section B, which ACK = 1, an acknowledgment number ack = y + 1. At this point A enters ESTABLISHED state, TCP A notification upper application process, the connection has been established.
- TCP B after receiving confirmation of the host A, B also enters ESTABLISHED state, at the same time inform the upper application process current TCP connection has been established.
Generally above to establish a connection to an initial serial number value ISN (i.e. x and y) are randomly selected , followed by a brief article will generate the ISN.
Three or four times and waved
After the data transfer, either party can release the communication connection. Now assume that the application process A shown below is sent Xianxiang its TCP connection release segment, and stops sending data, the initiative to close the TCP connection. During the four wave as shown in FIG.
Four waving release the connection process is as follows
- In the initial state A and B are in an ESTABLISHED state, when the application layer has no pending data indicative A close the TCP connection, the FIN flag header is provided A connection release segment = 1, ACK = 1, which sequence number seq = u, confirmation number ack = v, B is waiting for an acknowledgment. A state at this time into the FIN_WAIT_1
- B 收到A的FIN包的时候,发出确认,由于FIN包与SYN包类似都在逻辑上占1byte,因此确认号 ack = u + 1,而这个报文段自己的序号 seq = v。此时B进入CLOSE_WAIT状态,TCP 服务器进程通知高层应用进程。
- 当A收到B的ACK确认包后,A进入FIN_WAIT_2状态,关于这个状态我们后续在进一步介绍。
- 若 B 已经没有要向 A 发送的数据,其应用进程就通知 TCP 释放连接。B 设置连接释放报文首部的FIN=1,ACK=1,报文序列号seq=v,确认号ack=u+1。此时B进入LAST_ACK状态。
- A 收到连接释放报文段后,必须发出确认,在确认报文段中 ACK = 1,确认号 ack = v + 1,自己的序号 seq = u +1。 此时A进入TIME_WAIT状态。在TIME_WAIT状态下,A经过2MSL时间后就进入关闭状态,关于TIME_WAIT状态我们后续进一步介绍。
- 在B接收到A的确认包后,B立即进入关闭状态。A和B都进入关闭状态后整个TCP连接释放。
四、三次挥手
在四次挥手关闭TCP连接的时候,有时会省略第二条ACK消息,只存在第一条FIN消息、第三条FIN+ACK消息以及第四条FIN消息,从上图四次挥手的过程中可以看到其实第二条消息的ACK Number和第三条消息的ACK Number是相同的,省略第二条的时候其实是第三条消息捎带了第二条消息的ACK,后面完整介绍TCP的状态机的时候,会看到这种省略第二条消息的状态消息。
五、wireshark抓包
对于上面讲到的三次握手和四次挥手,通过wireshark抓包来观察一下
其中进行连接的两个socket(还记得我们前面章节说过一个ip地址+一个端口构成一个socket,或者叫做endpoint吧),一个是127.0.0.1:49324,对应我们前面示意图中的active opener和active closer,另外一个socket是127.0.0.1:9877,则对应passive opener和passive closer。注意wireshark中的系列号Seq呈现的是相对值,所以第一条消息会呈现Seq=0,实际值为0xbc069a3b。wireshark图中[SYN, ACK]表示TCP头中SYN标志位和ACK标志位有效,[SYN]、[FIN, ACK]等含义类似。将wireshark中SYN、FIN两个标志位,以及系列号Seq、应答号Ack与前面的示意图对应起来观察一下吧。
对于三次挥手的情况,wireshark抓包如下为了使两端的seq更容易区分,三次握手后我从client端向server端传输了10bytes数据,如下图高亮的条目所示,传输10bytes后进行三次挥手的TCP连接终止的过程
补充说明
1.TCP连接的建立和终止可以参考RFC793协议
2.第二版<TCP/IP Illustrated Volume1>中给出的四次挥手过程中最后一条消息的seq是错误的