During the interview process, TCP three-way handshake and four-way handshake are also frequently asked questions. This article will quickly and in detail introduce the entire process of TCP three-way handshake and four-way handshake.
TCP three-way handshake and four-way handshake are actually the connection and disconnection of TCP communication:
Three-way handshake: synchronize the initial sequence number (ISN) of both parties to confirm that the sending and receiving capabilities of both parties are normal;
Four-way handshake: both parties independently close the data channel to ensure complete data transmission.
1. TCP header format composition
In order to help you better understand the TCP three-way handshake and four-way wave process, this section first introduces the TCP header format.
(1) Source port number and destination port number: represent the connection initiator and connection receiver
(2) Sequence number: When establishing a connection, a random number generated by the computer is used as the initial value and transmitted to the receiving host through the SYN packet. Each time data is sent, the size of the data byte is accumulated. Used to solve the problem of network packet disorder.
(3) Confirmation sequence number: refers to the sequence number of the next data expected to be received. After the sender receives this confirmation response, it can be considered that the data before this sequence number has been received normally. Used to solve the problem of network packet loss
(4) Flag bits, as shown above, a total of 6
URG
ACK: When the bit is 1, the "acknowledgement" field becomes valid. TCP stipulates that this bit must be set to 1 except for the SYN package when the connection is initially established.
PSH
RST: When this bit is 1, it indicates that an abnormality has occurred in the TCP connection and the connection must be forcibly disconnected.
SYN: When the bit is 1, it indicates that a connection is desired to be established, and the initial value of the sequence number is set in its "sequence number" field.
FIN: When this bit is 1, it means that no more data will be sent in the future and the connection is to be disconnected. When the communication ends and the connection is to be disconnected, the hosts on both sides of the communication can exchange TCP segments with the FIN bit set to 1.
(5) Data: The content that needs to be sent during the connection.
2. Establishing a connection: three-way handshake
The three-way handshake is an important part of the TCP protocol for establishing a connection. During this process, the client and the server need to send three data packets to each other to ensure that the receiving and transmitting capabilities of both parties are normal, and to specify the initialization sequence number for subsequent data transmission, thereby ensuring the reliability of data transmission.
The TCP three-way handshake flow chart is as follows:
Detailed explanation of the characters in the figure:
SYN: represents a connection request or a received packet segment.
seq: refers to the sequence number of the first byte transmitted.
ACK: Acknowledgement packet segment, used to respond to SYN.
ack: Acknowledgement number, indicating the sequence number of the first byte of the next data to be received.
In the TCP protocol, the party that actively initiates the connection request is called the client, and the party that passively waits for the connection is called the server. Regardless of the client or the server, once the TCP connection is successfully established, both parties can transmit and receive data.
At the beginning of the connection, both the server and the client are in the CLOSED state. Before the communication officially starts, both parties need to establish their own transmission control blocks (TCBs). After the server completes the TCB establishment, it will enter the LISTEN state and be ready to receive connection requests sent by the client at any time.
1. First handshake
The client sends a SYN packet (SYN=1) to the server and specifies the client's initialization sequence number ISN(x), which is seq=x in the figure. It represents the sequence number of the first byte of the data transmitted by this packet. After sending the SYN packet, the client enters the SYN_SENT state, indicating that it is waiting for the server's connection confirmation.
SYN_SENT state explanation: After the client sends a connection request, it enters the SYN_SENT state and waits for the server's response. In this state, the client is ready to receive the server's connection confirmation.
The TCP protocol stipulates: The SYN=1 packet is used for connection establishment requests. It does not carry any data, but consumes a sequence number. This is a way for the TCP protocol to ensure orderliness and reliability in the connection establishment process.
2. Second handshake
After receiving the SYN packet from the client, the server will respond with a SYN packet (SYN=1) and assign its own unique initialization sequence number ISN(y), which is seq=y in the figure. At the same time, the server sets the client's ISN+1 as the value of the acknowledgment number ack to confirm that the client's SYN packet has been received and expects the next data packet to be received to have a starting sequence number of x+1. After this, the server will enter the SYN-RCVD state, waiting for further confirmation of the connection request.
SYN-RCVD state analysis: After receiving and sending a connection request, the server enters the SYN-RCVD state, where it is waiting for confirmation of the initial connection request. In this state, the server is ready to accept further communication from the client.
The TCP protocol stipulates that packets with SYN=1 and ACK=1 are used to confirm the connection. They also do not carry any data, but through the use of confirmation numbers, the orderliness and reliability of the connection establishment process are ensured.
3. Third handshake
After receiving the SYN packet sent by the server, the client will respond with an ACK packet. This ACK packet uses the server's ISN+1 as the value of ack, indicating that the client has received the server's SYN packet and expects the starting sequence number of the next data packet to be received to be y+1.
At the same time, the client sets its own sequence number seq to x+1, that is, the initial sequence number seq=x increases by 1. After completing these operations, the client enters the ESTABLISHED state, indicating that the connection has been successfully established. After the server receives this ACK packet, it will also enter the ESTABLISHED state, at which time the establishment of the connection between the two parties has been completed.
Explanation of ESTABLISHED state: When a TCP connection enters the ESTABLISHED state, it means that the connection has been opened and data can be transmitted between the two parties.
3. Disconnection: Four Waves
The termination of a TCP connection requires four packet exchanges, so it is called four waves. In these four exchanges, either the client or the server can actively initiate the release of the connection. It is worth noting that the TCP connection is bidirectional, so in the four waves, the first two are mainly used to disconnect the connection in one direction, and the last two are used to disconnect the connection in the other direction.
1. First wave
The client first sends a FIN packet, which contains a sequence number seq=u, indicating a request for connection termination. After sending, the client stops sending data and actively closes the TCP connection. At this time, the client enters the FIN_WAIT_1 state, waiting for confirmation from the server.
FIN_WAIT_1 status analysis: This status indicates that the client is waiting for the remote TCP connection disconnection request, or waiting for the confirmation of the previous connection disconnection request. FIN=1 indicates that the packet segment is a connection release request. And seq=u represents the sequence number of the last byte sent by the client to the server.
2. Second wave
After receiving the FIN packet from the client, the server sends an ACK packet as a response. In this ACK packet, the sequence number is set to the client sequence number plus 1, intending to confirm that the client's packet has been received. Subsequently, the server enters the CLOSE_WAIT state, waiting for the local user's connection disconnection request.
CLOSE_WAIT state analysis: In this state, the server waits for the connection release request from the local user. ACK=1 in the ACK packet indicates a response, and seq=v indicates the first byte sequence number of the response segment released by the server. At the same time, ack=u+1 indicates that the server hopes to receive the packet segment starting from the u+1th byte and has successfully received the first u bytes.
After the second wave, the connection from the client to the server is released, the server no longer receives data from the client, and the client has no data to send. However, the connection from the server to the client remains open, and if the server sends data during this period, the client still needs to receive it normally. This state will continue for a while until the entire CLOSE-WAIT state ends.
3. The third wave
After the server has finished sending data, it will send a connection release packet to the client. This packet header contains the FIN flag bit as 1 and the ack sequence number value as u+1. Since the server may have sent some more data during the CLOSE_WAIT state, assume that the sequence number at this time is seq=w. After the transmission is completed, the server enters the LAST_ACK state and waits for the connection disconnection confirmation from the client.
4. Fourth wave
After receiving the FIN packet from the server, the client responds with an ACK packet with the ack sequence number value of w+1, and adds 1 to its own sequence number to get the seq sequence number value of the ACK packet, i.e. seq=u+1. After that, the client enters the TIME_WAIT state.
TIME_WAIT: Ensures that the remote TCP will continue to receive the confirmation state of the connection interruption request for 2MSL (maximum packet lifetime). During this period, the TCP connection is not completely released. If the client does not receive a retransmission request from the server during this period, the client will enter the CLOSED state and cancel the TCB.
After receiving the ACK packet from the client, the server will immediately enter the CLOSED state and cancel the TCB, thus ending the TCP connection. It is worth noting that the server usually ends the TCP connection earlier than the client.
