• News
  • Transport layer TCP three-way handshake and four-way wave: Do you really understand it?

Transport layer TCP three-way handshake and four-way wave: Do you really understand it? 

When you call a friend, you can't just chat right away, right? You have to confirm that the other party is online first, otherwise you're just talking to yourself.

The same is true for TCP connections, you have to handshake first, then communicate:

You: Hello, are you there? (SYN)

Friend: Yes, how about you? (SYN+ACK)

You: OK, let's start chatting! (ACK)
When you disconnect, you also have to wave goodbye, otherwise the other party may still be waiting for you to continue talking.

1. TCP three-way handshake
Let's take a look at the complete process of establishing a TCP connection:



(1) First handshake: The client sends a SYN packet, indicating "I want to establish a connection", and carries an initial sequence number seq = x.

(2) Second handshake: After receiving SYN, the server responds with a SYN-ACK, indicating "I received your request and I am ready", and carries its own initial sequence number seq = y, as well as ack = x + 1 to confirm the client's seq = x.

(3) Third handshake: The client receives the server's SYN-ACK, sends an ACK to confirm "OK, we can communicate", and ack = y + 1, and the connection is established.




Why three-way handshake? Can't one or two be enough?

Prevent the influence of historical connections: If a two-way handshake is used, the server will directly establish a connection after receiving SYN, but the client's SYN may be an "old request" that arrives repeatedly after network delays, which will cause the server to mistakenly establish an invalid connection. The three-way handshake can avoid this problem.
Ensure the sending and receiving capabilities of both parties: The third handshake allows the client to confirm the server's receiving and sending capabilities, avoiding the situation of "blind consent".





2. TCP Four-Wave Handshake
If the three-way handshake is the "beginning of love", then the four-way handshake is the "whole process of breaking up" - rational and restrained, ensuring that the other party is ready, and not giving each other the opportunity to drag their feet.

First wave: The client does not want to send data anymore, and sends a FIN (Finish) request to the server, indicating "I am ready to close the connection."
Second wave: After receiving the FIN, the server replies with an ACK, indicating "I know you are going to close, but I may have some data that has not been processed yet."




Third wave: After the server has processed the data, it also sends a FIN, indicating "OK, I won't send any more data."
Fourth wave: After the client receives the server's FIN, it replies with ACK and enters the TIME_WAIT state to ensure that the server receives the ACK before completely closing the connection.

Why four waves?

TCP is full-duplex communication: data sending and receiving are separate, and each party must close its own data stream separately, so two pairs of FIN-ACK are required for confirmation.



TIME_WAIT mechanism: The client enters the TIME_WAIT state at the end to ensure that the server receives the ACK and prevent the "last goodbye" from being lost.