TCP connection establishment and Termination

TCP connection establishment and termination --

 

Written by: leaf Zhou
Email: leaf_zhou_8@hotmail.com
It can be freely copied but cannot be deleted.
2005-04-19

TCP is short for transport control protocol. Literally, it is the transmission control protocol. Therefore, TCP is a control protocol that cannot be used to transmit data. It needs to transmit actual data through the IP protocol at the network layer. This is why we often see that TCP/IP and TCP/UDP are always at the same time. Therefore, it can be understood that TCP is composed of many different protocols, which are actually a protocol group. Provides reliable data transmission control protocols from the host to the host layer. The transport control protocol is the fourth layer of the OSI network, and the TCP transmission control protocol is one of the six basic protocols for TCP/IP transmission. TCP is a reliable connection-oriented transmission service. It is in

1. TCP Overview
TCP is short for transport control protocol. Literally, it is the transmission control protocol. Therefore, TCP is a control protocol that cannot be used to transmit data. It needs to transmit actual data through the IP protocol at the network layer. This is why we often see that TCP/IP and TCP/UDP are always at the same time. Therefore, it can be understood that TCP is composed of many different protocols, which are actually a protocol group. Provides reliable data transmission control protocols from the host to the host layer. The transport control protocol is the fourth layer of the OSI network, and the TCP transmission control protocol is one of the six basic protocols for TCP/IP transmission. TCP is a reliable connection-oriented transmission service. It performs data transmission in segments, and the host must first establish a session to exchange data. It uses bitstream communication, that is, data is transmitted as a non-structured byte stream without data boundaries. Specify the sequence number for each TCP transmission field to obtain the reliability. It is the fourth layer in the OSI reference model. TCP provides reliable data transmission by using the internetworking function of IP addresses, and the IP address keeps putting packets on the network, TCP is responsible for ensuring that packets arrive. TCP is responsible for handshaking process, packet management, traffic control, error detection and processing (control) in the actions of the IP addresses ), messages in an abnormal order can be sorted in a new order according to the order of numbers. RFC documents about TCP include rfc793, rfc791, and rfc1700.

Ii. Establishment of TCP Connection
To establish a TCP connection, follow these steps:
(1) The server prepares to accept external connections through listen, which is called passive open ).
(2) The client connects to the server through Connect, which is called active open ). In this operation, the client needs to send a synchronous datagram (SYN) to notify the server to start sending the initial serial number of the data. Normally, the synchronous datagram does not carry data. It only contains one IP header, one TCP Header, And the TCP option used for this communication.
(3) The server must confirm the synchronous datagram SYN sent from the client, and also send a synchronous datagram (SYN), which contains the initial serial number of the data sent by the client. The server puts the initial serial number of the data sent in the same connection and the ACK message sent to the client in a datagram and sends it to the client together.
(4) The client must also send the synchronous datagram (SYN) of the server ).
 
From the above steps, to establish a TCP connection, at least three groups of data must be exchanged between the server and the client. Therefore, it is called the three-way handshake of TCP ).

Client Server
Connect () accept ()
---> SYN s ----->
<--- Syn c, Ack S + 1 <---
---> Ack C + 1 ----->


During the first packet data exchange, the group data may contain Possible TCP options for this communication. These options include:
(1) Maximum group (MSS) option. This option is included in the SYN message sent by TCP. It is used to tell the peer the maximum size of its group data (MSs (maximum segment size), that is, the maximum data volume in each TCP group data that it can receive. This option can be obtained and set through the tcp_maxseg interface option.
(2) window size options. This is the main means that TCP can provide traffic control. Each side of a TCP connection has a fixed buffer space. The TCP receiving end only allows the other end to send data that can be accepted by the receiving end buffer. This will prevent the buffer overflow of the slow host caused by the fast host. The maximum window size that both TCP and TCP can notify each other is 64 K (65535 bytes), because the corresponding Id field value in the TCP header is expressed in 16 bits. Each set of interfaces has a sending buffer and a receiving buffer. The receiving buffer is used by TCP and UDP to save the received data until it is read by the application process. For TCP, TCP advertises the window size of the other end. The receiving buffer of the TCP interface cannot overflow, because the other party cannot send data that exceeds the size of the advertised window. This is the traffic control of TCP. If the recipient ignores the window size and sends out data that exceeds the window size, the receiver TCP will discard it. For UDP, this datagram is discarded when the set of interfaces cannot receive data reports in the buffer zone. There is no traffic control for UDP. A fast sender can easily drown out slow receivers, causing the receiver's UDP to discard the datagram and cause data loss.
(3) TIMESTAMP options. The timestamp option allows the sender to place a timestamp value in each segment. The recipient returns this value in confirmation, allowing the sender to calculate the RTT for each received ack.

Iii. Termination of TCP Connection
Terminate a TCP connection
TCP establishes a connection with three groups of data, but to terminate a connection, it usually requires four groups of data. The process is as follows:
(1) The process that calls close first is called active close ). TCP at this end first sends a fin group data, telling the other party that the data has been sent.
(2) When one end of the received fin group data is passively closed, the ACK group data is sent to the other end. Confirm that the serial number is the received serial number plus 1. Receiving fin group data means that no additional data is received on the current connection.
(3) The application process that receives data from the fin group will call close to close its own set of interfaces, and TCP will send a fin group data to the other end.
(4) The fin group data is received, that is, the end of the active shutdown is executed to confirm the fin group data. Send back the ACK group data and set the confirmation sequence number to receive the serial number plus 1

In this process, the party that executes the passive shutdown operation can put the ACK group data that confirms the fin group data of the other party and the fin group data to be sent. The TCP connection termination process is as follows:

Client Server
Close ()
---> Fin s ----->
<--- Ack S + 1 <---
<--- Fin C <---
---> Fin C + 1 --->


Iv. TCP connection status
The establishment and termination of the TCP connection are basically clear, so how do you know the status of the connection in this process? Of course there are some methods. Run the following command first to check the returned results:
[Root @ linux81 leaf] # netstat-
Active Internet connections (servers and established)
PROTO Recv-Q send-Q local address foreign address State
TCP 0 0 0.0.0.0: 3306 0.0.0.0: * listen
TCP 0 0 0.0.0.0: 139 0.0.0.0: * listen
TCP 0 0 0.0.0.0: 21 0.0.0.0: * listen
TCP 0 0 0.0.0.0: 22 0.0.0.0: * listen
TCP 0 0 0.0.0.0: 23 0.0.0.0: * listen
TCP/IP 0 0 192.168.253.81: 139 192.168.253.35: 1201 established
TCP 0 272 192.168.253.81: 22 192.168.253.59: 1776 established
UDP 0 0 192.168.253.81: 137 0.0.0.0 :*
UDP 0 0 0.0.0.0: 137 0.0.0.0 :*
UDP 0 0 192.168.253.81: 138 0.0.0.0 :*
UDP 0 0 0.0.0.0: 138 0.0.0.0 :*
UDP 0 0 127.0.0.1: 36260 0.0.0.0 :*

In the above returned results, the State column indicates the current status of the connection.
The TCP connection status is as follows:
(01) closed
(02) passive open of listen
(03) syn_rcvd
(04) syn_send
(05) established data transmission status
(06) close_wait
(07) last_ack passive Shutdown
(08) fin_wait_1
(09) fin_wait_2
(10) Closing
(11) time_wait

The TCP connection status conversion is as follows:
+ ---------/Active open
| Closed | /-----------
+ --------- + <--------- // Create TCB
| ^ // Snd SYN
Passive open | close //
------------ | ----------//
Create TCB | Delete TCB //
V | //
+ --------- + Close |/
| Listen | ---------- |
+ --------- + Delete TCB |
Rcv syn | send |
----------- | ------- | V
+ --------- + Snd SYN, Ack // snd SYN + --------- +
| <----------------- ------------------> |
| SYN | rcv syn |
| Rcvd | <----------------------------------------------- | sent |
| Snd ACK |
| ------------------ ------------------- |
+ --------- + RCV ack of SYN // rcv syn, Ack + --------- +
| -------------- | -----------
| X | snd ACK
| V v
| Close + --------- +
| ------- | Estab |
| Snd FIN + --------- +
| Close | RCV fin
V ------- | -------
+ --------- + Snd fin // snd ack + --------- +
| FIN | <----------------- ------------------> | close |
| Wait-1 | ---------------- | wait |
+ --------- + Rcv fin/+ --------- +
| RCV ack of fin ------- | close |
| -------------- Snd ACK | ------- |
V x v snd fin v
+ --------- ++ --------- +
| FINWAIT-2 | closing | LAST-ACK |
+ --------- ++ --------- +
| RCV ack of FIN |
| RCV fin -------------- | timeout = 2msl ------------ |
| ------- X v ------------ x V
/Snd ack + --------- + Delete TCB + --------- +
------------------------> | Time Wait | ------------------> | closed |
+ --------- ++ --------- +

TCP connection state digoal

From the above chart, you can make the following summary:
The normal status conversion process on the server is as follows:
Closed --> listen --> syn_rcvd --> established --> close_wait --> last_ack --> closed
 
The normal status conversion process of the client is as follows:
Closed --> syn_sent --> established --> fin_wait_1 --> fin_wait_2 --> time_wait --> closed
 
From the above connection status transition, we can see that there are two types of transition from the established status. For the client and the server, they are the same, that is, they are automatically closed before receiving the fin datagram, it is converted to fin_wait_1. If the passive shutdown caused by receiving the fin datagram is converted to close_wait state.