Three-time Handshake protocol for TCP/IP

about TCP/IP three handshake protocol, This article has a detailed introduction , very easy to understand, when forgotten, can come over to look at the two eyes, to ensure that soon understand.

First, the TCP/IP protocol is divided into three phases: establishing a connection (handshake phase), data transfer phase, and connection termination phase.

See the previous study of the "Computer network" textbook, the book, the data transmission phase, suddenly think of QQ or Alibaba is not using TCP/IP protocol to chat,

It is found that Alibaba should adopt TCP/IP protocol, but QQ is chatting using UDP protocol, and the TCP protocol is used to keep the login status. about QQ Adoption of the agreement, you can refer to this quiz

With regard to what protocols they specifically adopt, you can analyze their header files as described in this article using Wireshark , and you can see what protocols are being used.

About SEQ and ACK

In fact, they are serial numbers, in a connection, TCP is the number of each data byte that is transmitted. The serial number is independent in each direction.

TCP receives data bytes from the process, stores it in the send buffer, and numbers them. The number is no more than starting from 0, but from 0~ (232-1) to generate a random number as the initial sequence number (Initial Sequence number,isn), the first byte ordinal is from isn+1 start, if the random number is 1000, to send the data is 6000B, Then the ordinal range of these bytes is 1001~7000.

We can see that the first handshake of TCP/IP is the first to establish a connection, the second is to determine the initial sequence number of both sides, thus determining the first byte ordinal isn+1.

Three-time Handshake three-way handshake

The establishment of a virtual connection is achieved by a three-time handshake.

1. (A) –> [syn]–> (B)

If server B and client A are communicating. When a wants to communicate with B, a first sends a SYN (SYNCHRONIZE) token packet to B, telling B to request a connection.

Note: A SYN packet is a TCP packet with only the SYN flag set to 1 (see TCP header Resources). It is important to recognize that a connection can only be established if a is received by a SYN packet sent by B, and there is no other way. Therefore, if your firewall discards all SYN packets destined for the extranet interface, you will not be able to allow any external hosts to actively establish a connection.

2. (b) <–[syn/ack] <– (a)

Next, B receives a confirmation packet (syn/ack) of the SYN packet back, indicates the acknowledgment of the first SYN packet, and continues the handshake operation.

Note: The Syn/ack package is a SYN-only and ACK-marked 1 package.

3. (A) –> [ack]–> (B)

A receives the Syn/ack packet, a sends a confirmation packet (ACK), and notifies B that the connection has been established. At this point, three handshake completed, one TCP connection completed

The Note:ack package is a TCP packet with only ACK flags set to 1. It is important to note that when three of these handshakes are complete and the connection is established, the ACK bit is set for each packet of the TCP connection

Handshake Stage:
Ordinal direction seq Ack
1 a->b 10000 0
2 B->a 20000 10000+1=10001
3 A->b 10001 20000+1=20001
Explain:
1: A to B initiates a connection request, Initializes a SEQ with a random number, here is assumed to be 10000, at this time ack=0

2: B After receiving a connection request, also initializes a SEQ of B with a random number, this is assumed to be 20000, meaning: Your request I have received, my this side of the data flow from this number began. The Ack of B is a SEQ plus 1, which is 10000+1=10001

3: A received B's reply, its SEQ is its last request SEQ plus 1, that is, 10000+1=10001, meaning: Your reply I received, I this side of the data flow from this number began. A The ACK at this time is the seq of B plus 1, i.e. 20000+1=20001

Data transfer phase:
Ordinal direction seq ACK size
A->b 40000 70000 1514

4000 is the sequence number of the packet in a, which is isn+1 (assuming the first send packet), and 7000 is the isn+1 of the packet in B. At this point a sends a packet containing a total of 1514 bytes of TCP head size, The number that is already used in a is from 4000 to (the size of the 4000+ packet-1) =4000+ (1514-54-1) 54 is the head of the TCP packet. So the next time the SEQ should be sent from

(The size of the 4000+ packet) begins. The same way the receiver's serial number is the same!!!

B->a 70000 40000+1514-54=41460 54
A->b 41460 70000+54-54=70000 1514
B->a 70000 41460+1514-54=42920 54
Explain:
23:b received a seq=40000,ack=70000,size=1514 packet from a.
24: So B to a also send a packet, tell B, your last bag I received. The seq of B is populated with the ACK of the packet it receives, and the ACK is the SEQ of the packet it received plus the size of the packet (not including the Ethernet protocol header, IP header, TCP header) to verify that the data sent by B is all received.
25:a received B sent over the ACK 41460 packet, the first to see 41460, exactly its last packet of SEQ plus the size of the packet, it is clear that the last sent packet has arrived safely. Then it sends a packet to B. The SEQ of the packet being sent is also populated with the ACK of the packet it receives, and the ACK is populated with the packet's SEQ (70000) plus the size (54) of the package, i.e. ack=70000+54-54 (all head length, no data items).

In fact, in the handshake and the end of the confirmation number should be the other serial number plus 1, the transmission of data is the other side of the serial number plus the other side of the length of the application layer data. If you return from the Ethernet packet to calculate the added length, it is a detour.
In addition, if the other party does not have data, then its own confirmation number is unchanged, the serial number is the last serial number plus the application layer data send length.

Three-time Handshake protocol for TCP/IP