Talk about your understanding of "three-way handshake" and "four-way wave"
Talk about your understanding of "three-way handshake" and "four-way wave"
Reference answer:
We all know that TCP is connection-oriented, the three-way handshake is used to establish a connection, and the four-way handshake is used to disconnect.
three handshake
First picture:
vernacular comprehension
- Can I take the initiative to call you?
- Of course you can! Then can I call you too?
- Yes, the connection is established successfully!
Let's take a look at the three-way handshake process:
- Initially, both client and server are in CLOSED state. The client actively opens the connection, the server passively opens the connection, ends the CLOSED state, starts listening, and enters the LISTEN state.
a handshake
- The client will randomly initialize the serial number (client_isn), put this serial number in the "serial number" field of the TCP header, and set the SYN flag to 1, indicating a SYN message. Then send the first SYN message to the server , which means to initiate a connection to the server. This message does not contain application layer data, and then the client is in the SYN-SENT state.
Second handshake
- After the server receives the SYN message from the client, the server first randomly initializes its serial number (server_isn), and fills this serial number into the "serial number" field of the TCP header, and then fills in the "confirmation response number" field of the TCP header. Enter client_isn + 1, then set the SYN and ACK flags to 1. Finally, the message is sent to the client, and the message does not contain application layer data, and then the server is in the SYN- RCVD state.
three handshake
- After the client receives the message from the server, it needs to respond to the server with the last response message. First, the ACK flag in the TCP header of the response message is set to 1, and then the "acknowledgment response number" field is filled with server_isn + 1. Finally, the The message is sent to the server, this time the message can carry the data from the client to the server, and then the client is in the ESTABLISHED state.
Well, after the three-way handshake process, the connection between the client and the server is determined to be normal, and then enters the ESTABLISHED state, and the server and client can communicate happily.
Here is an illustration of the dynamic process:
Here is a small detail. The third handshake can carry data, which is a common question in interviews.
So why the three-way handshake? Can't do it twice?
- In order to prevent the server from opening some useless connections and increase server overhead
- Prevent the invalid connection request segment from being sent to the server suddenly, resulting in an error.
Since the network transmission is delayed (through the network fiber and various intermediate proxy servers), during the transmission process, for example, the client initiates the first handshake with SYN=1.
If the server directly creates the connection and returns a data packet containing SYN, ACK, and Seq to the client, the data packet is lost due to network transmission, and the client has not received the data returned by the server after the loss Bag.
If there is no third handshake to tell the server that the client has received the data transmitted by the server, the server does not know whether the client has received the information returned by the server. The server thinks that the connection is available, and the port is always open. When the client re-sends a request due to a timeout, the server will reopen a port connection.
As a result, many invalid connection ports will be opened in vain, resulting in a waste of resources.
This process can be understood as:
Another situation is that the request information sent by the invalid client is transmitted to the server for some reason, and the server thinks it is a valid request sent by the client, and an error occurs after receiving it.
So we need a "third handshake" to confirm the process:
The data of the third handshake tells the server whether the client has received the data sent by the server during the "second handshake" and whether the serial number of this connection is valid. If the data sent is "received and there is no problem" , the server will normally establish a TCP connection after receiving it, otherwise the establishment of a TCP connection fails, and the server closes the connection port. This reduces server overhead and errors from receiving invalid requests.
data transmission
wave four times
vernacular comprehension
- let's break up
- Received a breakup message
- Well, let's divide
- OK, that's it for here
In order to prevent the loss of the final ACK, you need to wait for a while after sending the ACK, because if the packet is lost, the server needs to resend the FIN packet, if
If the client is closed, the server will interpret the result as an error. Therefore, in the scenario of high concurrency and non-long connection, a large number of ports will be occupied
use
Both parties can actively disconnect, and the "resources" in the host will be released after disconnection.
The picture above shows the client actively closing the connection:
one wave
- The client intends to close the connection. At this time, it will send a packet with the FIN flag set to 1 in the TCP header, that is, a FIN packet, and then the client enters the FIN_WAIT_1 state.
second wave
- After receiving the message, the server sends an ACK response message to the client, and then the server enters the CLOSED_WAIT state.
waved three times
- After receiving the ACK response message from the server, the client enters the FIN_WAIT_2 state. After waiting for the server to process the data, it also sends a FIN message to the client, and then the server enters the LAST_ACK state.
waved four times
- After receiving the FIN message from the server, the client returns an ACK response message, and then enters the TIME_WAIT state
- After the server receives the ACK response message, it enters the CLOSED state, and the server has completed the closing of the connection so far.
- After a period of 2MSL, the client automatically enters the CLOSED state, and the client has also completed the closing of the connection.
Each direction requires a FIN and an ACK, so it is often called four waves.
Why wave four times ?
- When the connection is closed, when the client sends FIN to the server, it only means that the client no longer sends data but can still receive data.
- When the server receives the FIN message from the client, it first returns an ACK response message, and the server may still have data to process and send. When the server no longer sends data, it sends a FIN message to the client to express its agreement. Now close the connection.
From the above process, we can see that the server usually needs to wait for the completion of data sending and processing, so the ACK and FIN of the server are generally sent separately, which results in one more handshake than the three-way handshake.
Why does the client have to wait for 2MSL in the TIME-WAIT phase ?
In order to confirm whether the server has received the ACK confirmation message sent by the client, when the client sends the last ACK confirmation message, it is not sure that the server can receive this segment of the message.
Therefore, after sending the ACK confirmation message, the client will set a timer with a duration of 2MSL.
MSL refers to the Maximum Segment Lifetime: the maximum life cycle of a TCP packet during transmission.
2MSL is the maximum duration that the FIN message sent by the server and the ACK confirmation message sent by the client can remain valid.
If the server does not receive the ACK confirmation message sent by the client within 1MSL, it will send a FIN message to the client again:
- If the client receives the FIN message from the server again within 2MSL, it means that the server has not received the ACK confirmation message sent by the client due to various reasons.
The client sends an ACK confirmation message to the server again, the timer is reset, and the timing of 2MSL starts again.
- Otherwise, the client does not receive the FIN message from the server again within 2MSL, indicating that the server has received the ACK confirmation message normally, and the client can enter the CLOSED stage and complete the "four waved".
Therefore, the client has to go through the TIME-WAIT phase with a duration of 2SML; this is why the client enters the CLOSED phase later than the server.