I: Overview Summary
A first series of text TCP (a) - TCP acquaintance described TCP is a connection-oriented transport layer protocol, the TCP protocol which is important to ensure the reliability of a ring. The client and server to establish a connection through the three-way handshake is the way, three-way handshake process will exchange large amounts of data. The purpose of this article is to explain in detail the process of TCP three-way handshake, status changes, and initial data exchange of information. Read the article again reiterated that Master Zhang's summary brochure, interested friends can buy, really value for money
Two: sign agreement
| No. | Label categories | Label Meaning | Remark |
|---|---|---|---|
| 1 | SYN | Connection request packet flag | When the three-way handshake |
| 2 | ACK | Acknowledgment packets | After the data receiver receives a packet acknowledgment packet communication |
| 3 | END | Disconnect data packet | When the wave passed four times |
| 4 | RST | Forced off | Disconnected forcibly some illegal operations return packet connection |
| 5 | PA | Do not cache the transport layer, application layer data to the immediately |
3: Connecting process
-
- The client sends a SYN packet to the server, Hello brothers, I want to create a connection
-
- Client server received SYN packet returning SYN + ACK, my brother received a connection request can be connected
-
- Client server replies ACK packet, good, successful connection is established next to send data
Four: Status Changes
As a third example shown in FIG:
- Will start the application is in server listening on a port
LISTENstate - The client initiates the client sends a SYN packet at
SYN-SENTstate - After the server receives a SYN SYN + ACK packet in reply to
SYN-RECVstate - After the client receives the SYN + ACK ACK in reply to
ESTABstate - After the server receives the ACK packet in
ESTABstate
五: Sequence Number
Process connection establishment can be seen there are 0,1 exchange of information, this information is in the end is what? what's the effect?
5.1 Detailed action
TCP protocol is a reliable protocol, so if a packet will be lost retransmission attempts, but there are a lot of data packets, the sender how to identify which piece of data packet loss? Is dependent Sequence Number, the attribute is to be understood that the coded data packet, the TCP protocol to facilitate management data
5.2 The initial value is defined
A lot of information on this article or process map also drawn above are the initial Sequence Number value is defined as 0, the initial value of true reality is 0 Why? This concept is inevitable error, which is counted for convenience of description, so its initial value 0 is defined. WireShark packet capture tool displays 0 because it automatically help us to do a deal, you can set: Edit(编辑E) -- Preferences(首选项P) -- Protocols -- TCPrestore the original values displayed
In fact, the initial value of the Sequence Number is an incremental value over time, has its own generation algorithm. Use tcpdump capture display is as follows:
5.3 a fixed initial value
This time someone will ask why the initial value of the Sequence Numer not be set to a fixed value? There are two reasons worth pondering:
- The quadruple assembly TCP connections: src host / port + dst host / port, which is very easy to obtain connection information, if the third party makes a fixed initial value is very easy to construct a RST packet allows the range of the window to close the connection, which results in a One can imagine the consequences
- SO_REUSEADDR parameters will be mentioned later, in the case of port multiplexing a fixed value if Sequence Number start, it may cause the same packet connection of old and new, will cause the server can not determine the packet in the end is when data packets
Six: ACK confirmation code
Three-way handshake to create a connection each time found each other after sending a SYN ACK packet needs to be confirmed, not only that, including follow-up data transmission, four ACK waving process requires confirmation, so as to ensure that the data receiver receives the data transmission. ACK acknowledgment of the value in the end is how much? In fact relatively simple, value = Sequence Number + ACK packet size, the data representing this range has been received, the next time the data transfer using the value ACK transmitted as your Sequence Numer
Seven: three-way handshake retries
Three-way handshake process is actually the process of client and server interaction of three packet delivery, since it comes to pass packets it would be possible because of network fluctuations caused by packet loss. This time will be the one that sent the packet retry attempts according to the situation
7.1 SYN retry
Accidents will happen, people have once Misfortune blessing. Fluctuations caused by the network server SYN packet sent by the client does not receive so did not respond to SYN + ACK, then this time the client how to deal with? Significantly client retry, that is, when the client is not received within a certain period of time the server will then resend the ACK acknowledgment SYN packet, the following example
tcp_syn_retries
the decision to see if the value of the command is as follows:
[root@bogon ~]# cat /proc/sys/net/ipv4/tcp_syn_retries
复制代码Construction of the SYN_SENT state packetdrill connection using the following script:
+0 socket(..., SOCK_STREAM, IPPROTO_TCP) = 3
+0 connect(3, ..., ...) = -1
复制代码7.2 SYN + ACK Retry
After the server receives a SYN packet transmitted by the client will return SYN + ACK, at this time if the packet loss, then the client will not return ACK, the server needs to resend the SYN + ACK case of a natural limit was reached. Number of retries by the parameter tcp_synack_retriesnull value, see the following numerical order:
[root@bogon ~]# cat /proc/sys/net/ipv4/tcp_synack_retries
复制代码Construction packetdrill SYN_RECV connection state following script:
+0 < S 0:0(0) win 65535 <mss 100>
+0 > S. 0:0(0) ack 1 <...>
复制代码