Schematic TCP-IP protocol

Http://network.51cto.com/art/201411/457626.htm

This paper uses two graphs to comb the knowledge of TCP-IP protocol. The TCP communication process consists of three steps: establishing a TCP connection channel, transmitting data, and disconnecting the TCP connection channel. As shown in 1, the TCP communication process is given.

Figure 1 TCP three-time handshake four-time wave

Figure 1 mainly consists of three parts: establishing a connection, transmitting data, disconnecting from a connection.

1) It is simple to establish a TCP connection, and a connection can be established with three handshakes.

2) Once the connection is established, the data transfer begins. There are many concepts involved in TCP data transfer: Time-out retransmission, fast retransmission, traffic control, congestion control, and so on.

3) The process of disconnecting is also simple, through the four-time handshake to complete the disconnection process.

Three-time handshake to establish the connection:

First handshake: The client sends a SYN packet (SEQ=X) to the server and enters the Syn_send state, waiting for the server to confirm;

Second handshake: The server receives the SYN packet, it must confirm the customer's SYN (ACK=X+1), and also send itself a SYN packet (seq=y), that is, the Syn+ack packet, when the server enters the SYN_RECV state;

Third handshake: The client receives the server's Syn+ack packet, sends the acknowledgment packet ack (ACK=Y+1) to the server, the packet is sent, the client and the server enter the established state, and the handshake is completed three times.

The data is not included in the packets that are delivered during the handshake, and the client and server formally begin transmitting the data after the three handshake is complete. Ideally, once a TCP connection is established, the TCP connection is maintained until either side of the communication actively closes the connection.

Transfer data process:

A. Time-out retransmission

The time-out retransmission mechanism is used to guarantee the reliability of TCP transmission. Each time a packet is sent, the datagram is sent with a SEQ number, the receiving end receives the data, it will reply to ACK confirmation, indicating that a SEQ Number data has been received. After sending a SEQ packet, the sender waits for a period of time, and if it does not receive the corresponding ACK, the message is lost and the packet is re-transmitted.

B. Rapid retransmission

The recipient of the data found that the packet was lost. An ACK message is sent to tell the sending end multiplicity to transmit the lost message. A fast retransmission of the client is triggered if the sending side receives successive ACK packets with the same label. Comparing time-out retransmission and fast retransmission, it can be found that time-out retransmission is the sending side in the silly timeout, and then trigger retransmission, and the fast retransmission is the receiving side actively tell the sender to send the data confiscated, and then trigger the transmission end multiplicity.

C. Flow control

The main point here is the TCP sliding window flow control. The TCP header has a field called Window, also called Advertised-window, this field is the receiver tells the sender how many buffers you can receive data. The sender can then send the data based on the processing power of the receiving end, without causing the receiver to process it. Sliding window can be a mechanism to improve the efficiency of TCP transmission.

D. Congestion control

The sliding window is used for flow control. Flow control only focuses on the status of the sender and the receiver itself, without regard to the communication of the entire network. Congestion control is considered based on the entire network. Consider this scenario: a time delay on the network suddenly increased, then, TCP's response to this issue only retransmission data, but the retransmission will lead to a heavier burden on the network, resulting in greater latency and more drops, so this situation will go into a vicious circle is constantly magnified. Imagine that if there are thousands of TCP connections within a network that are acting like this, a "cyber storm" is immediately formed, and the TCP protocol will drag down the entire network. To this end, TCP introduces a congestion control strategy. Congestion strategy algorithm mainly includes: Slow start, congestion avoidance, congestion occurrence, fast recovery.

Four-time handshake disconnect:

First wave: The active shutdown sends a FIN, which is used to close the active side to the passive closed side of the data transfer, that is, the active shutdown to tell the passive shut-off party: I will no longer send you the data (of course, the data sent before the FIN packet, if not received the corresponding ACK acknowledgement message, The active shutdown will still re-send the data), but the active shut-off party can also accept the data.

Second wave: The passive closing party receives the fin packet, sends an ACK to the other, confirms that the serial number is received ordinal +1 (same as SYN, one fin occupies a serial number).

Third wave: The passive shut-off side sends a fin, used to close the passive shut-off side to the active shutdown of the data transfer, that is, to tell the active shut-off party, my data is sent out, will not send you data.

Wave for the fourth time: the active closing party receives fin, sends an ACK to the passive closing party, confirms the serial number to receive the serial number +1, to this point, completes four times the wave.

Figure 2 shows the state transition diagram in the TCP communication process, and understanding this diagram is the key to understanding the TCP-IP protocol.

Figure 2 TCP state transition diagram

Detailed explanation of the state diagram:

1.CLOSED: The starting point, which enters this state when the time-out or connection is closed.

2.LISTEN: The service side waits for the connection to come over the state, the service side to call Socket,bind,listen function, can enter this state. This is called the application passive open (waiting for the client to connect).

3.syn_sent: The client initiates the connection and sends the SYN to the server side. If the server side cannot connect, go directly to the closed state.

4.SYN_RCVD: Corresponds to 3, the server side accepts the client's SYN request, and the server driven by listen status into the SYN_RCVD state. At the same time the server side to respond to an ACK, while sending a SYN to the client; in another case, the client receives a SYN request from the server while initiating the SYN, and the client is syn_sent to the SYN_RCVD state.

5.ESTABLISHED: The server side and the client have completed 3 handshake entry States, indicating that data can already be transferred.

These are the state transfer instructions generated by the server side and the client when the connection is established. Relatively simple and straightforward, if you are familiar with the three-time handshake, it is easy to understand the state transfer when establishing a connection.

Below, we take a look at the state transfer instructions when the connection is closed, close the need to do 4 interaction between the two sides, but also to deal with some of the aftermath (time_wait state), note that the active shutdown here or the passive side of the party does not refer specifically to the server side or the client, is relative to the person who first initiated the closing request:

6.fin_wait_1: The active closed party, which enters this state by state 5. The specific action is to send fin to each other.

7.fin_wait_2: The active closed party, receives the other party's fin-ack (that is, the FIN Packet response packet), enters this state.

8.close_wait: After receiving fin, the passive closed side enters this state. The specific action is to receive the fin, while sending an ACK. (The reason is called close_wait can be understood as the passive shutdown is now waiting for the upper application to issue a close connection command)

9.last_ack: The passive closed party initiates a shutdown request, which is entered into this state by State 8. The specific action is to send fin to the other side, while receiving an ACK to enter the closed state.

10.CLOSING: When both sides initiate a close request, this state is entered by Fin_wait_1. The specific action is to receive a FIN request while responding to an ACK.

11.time_wait: The most tangled state has come. As can be seen from the state diagram, there are 3 states that can be transformed into it, and we hit analyze:

A. Enter this state by fin_wait_2: In the case where the two parties do not simultaneously initiate fin, the active shut-off party receives a status of the passive closed side's fin after it completes its own initiated shutdown request.

B. Entered by the closing state: Both sides initiated the closure, both made the request to initiate fin, and received the fin and made an ACK in the case of the closing state entered.

C. Entered by the Fin_wait_1 state: At the same time received to fin (each other initiates), the ACK (itself initiates the fin response), differs from B in that the ACK of the fin response itself originated before the other's fin request arrives, and B is the fin arrives first. The probability of this is minimal.

Closed 4 Connections The most difficult to understand state is time_wait, there are 2 reasons for time_wait:

1. The termination of TCP full-duplex connections is implemented reliably.

2. Allow old repeating sections to fade out of the network.

Report:

Slow hot start Algorithm –slow start

First, let's take a look at the slow hot start of TCP. Slow start means that the connection just joined the network, 1.1 points to speed up, do not come up like those privileged cars as overbearing to fill the road. New students on the high-speed or slow, do not put in the high-speed order to mess up.

The algorithm for slow start is as follows (CWnd full name congestion Window):

1) The connection is set up start by first initializing CWnd = 1, indicating that a MSS-sized data can be passed.

2) Whenever a ack,cwnd++ is received; Linearly rising

3) whenever a rtt,cwnd = cwnd*2; To raise the index

4) There is also a ssthresh (slow start threshold), which is an upper limit, and when CWnd >= Ssthresh, it enters the "congestion Avoidance algorithm" (the algorithm is later said)

So, we can see that if the speed is fast, the ACK will return quickly and the RTT will be short, then this slow start is not slow.

Congestion avoidance algorithm –congestion avoidance

As mentioned earlier, there is also a ssthresh (slow start threshold), which is an upper limit, and when CWnd >= Ssthresh, it enters the "congestion avoidance algorithm". In general, the value of Ssthresh is 65535, the unit is byte, and when CWnd reaches this value, the algorithm is as follows:

1) When receiving an ack, CWnd = CWnd + 1/cwnd

2) When every RTT is over, CWnd = CWnd + 1

In this way, you can avoid increasing the network congestion and slowly increase the optimal value of the adjustment to the network. Obviously, it is a linear ascending algorithm.

The algorithm of the congestion state

As we said earlier, there are two situations when a packet is dropped:

1) Wait until the RTO expires and retransmit the packet. TCP considers this situation too bad and reacts strongly.

Sshthresh = CWND/2

CWnd Reset to 1

Enter the slow START process

2) Fast retransmit algorithm, that is, when receiving 3 duplicate ACK, turn on retransmission, instead of waiting for the RTO timeout.

The implementation of the TCP Tahoe is the same as the RTO timeout.

The implementation of TCP Reno is:

CWnd = CWND/2

Sshthresh = CWnd

Enter the fast recovery algorithm--fast Recovery

Above we can see that the RTO time-out, Sshthresh will become half of CWnd, which means that if the Cwnd<=sshthresh occurs when the packet drops, then TCP Sshthresh will be reduced by half, Then, when CWnd quickly climbs up to this place with exponentially increasing numbers, it will slowly increase linearly. We can see how TCP is using this intense concussion to quickly and carefully find the balance point of website traffic.

Fast Recovery algorithm –fast Recovery

TCP Reno

This algorithm is defined in RFC5681. Fast retransmission and fast recovery algorithms are commonly used simultaneously. The fast recovery algorithm is that you have 3 duplicated acks that the network is not so bad, so there is no need to be as strong as the RTO timeout. Note, as mentioned earlier, that CWnd and Sshthresh have been updated before entering fast recovery:

CWnd = CWND/2

Sshthresh = CWnd

Then the real fast recovery algorithm is as follows:

CWnd = Sshthresh + 3 * MSS (3 means to confirm that 3 packets have been received)

Retransmission duplicated ACKs the specified packet

If you receive duplicated Acks again, then CWnd = CWnd +1

If a new ACK is received, then CWnd = Sshthresh, then the congestion avoidance algorithm is entered.

If you think about the algorithm above, you will know that there is a problem with the algorithm above--it relies on 3 repetitive acks. Note that 3 duplicate ACKs does not mean that only one packet has been lost, most likely lost a lot of packets. But this algorithm will only retransmit one, and the remaining packets only wait for the RTO timeout, so, into the nightmare mode-time out a window to halve, a number of timeouts will be over the TCP transmission speed is a series decline, and will not trigger the fast recovery algorithm.

TCP New Reno

Thus, in 1995, the TCP New Reno (see RFC 6582) algorithm was proposed, mainly to improve the fast recovery algorithm without the support of sack-

When sender receives 3 duplicated Acks, enter fast Retransimit mode and develop the packet that repeats the Acks instructions. If only this one packet is lost, then the ACK returned after retransmission of the packet will send the entire data that has been transmitted by sender ACK back. If not, it means that several packages have been lost. We call this ACK for partial ack.

Once sender has found a partial ack on this side, then sender can infer that a number of packets have been lost, and then continue to retransmit the first packet in the sliding window that was not ack. Until the partial Ack is no longer received, the process of really ending fast recovery

As we can see, this "fast recovery change" is a very aggressive play that also extends the process of fast retransmit and fast recovery.

Schematic TCP-IP protocol