TCP Finite state machine

Note: There is no explicit correspondence between active, passive and server, client. This figure n many people know that it helps to troubleshoot and locate network or system failures, but how do you keep this picture in mind? Then you must have a deep understanding of each state of the graph and the process of conversion, and not just stay in the smattering. Below is a detailed analysis of the 11 states of this graph in order to enhance the memory! But before that, let's review the three handshake process for TCP to establish a connection, and the four-time handshake process for closing the connection.

1. Establish Connection Agreement (three handshake)
(1) The client sends a TCP message with a SYN flag to the server. This is the message 1 in the three-time handshake process.
(2) server-side response to the client, this is the 2nd message in the three handshake, the message with both an ACK flag and a SYN flag. So it represents the response to the client's SYN message, and it also flags the SYN to the client and asks the client if it is ready for data communication.
(3) The customer must again respond to the service segment an ACK message, which is the message segment 3.
2. Connection termination protocol (four handshake)
Because TCP connections are full-duplex, each direction must be closed separately. The principle is that when a party completes its data sending task, it can send a fin to terminate the connection in this direction. Receiving a fin only means there is no data flow in this direction, and a TCP connection can still send data after receiving a fin. The first party to close will perform an active shutdown, while the other side performs a passive shutdown.
(1) The TCP client sends a fin to shut down the client-to-server data transfer (message segment 4).
(2) The server receives this fin, it sends back an ACK, confirms that the serial number is the received sequence number plus 1 (message Segment 5). As with Syn, a fin will occupy a sequence number.
(3) The server shuts down the client connection and sends a FIN to the client (message segment 6).
(4) The customer segment sends back ACK message confirmation, and the confirmation serial number is set to receive the serial number plus 1 (message segment 7).
CLOSED: This is nothing to say, it means the initial state.
LISTEN: This is also very easy to understand a state, that the server side of a socket is listening state, can accept the connection.
SYN_RCVD: This status means that the SYN message is received, under normal circumstances, this state is the server side of the socket in the establishment of a TCP connection during the three handshake session process of an intermediate state, very short, basically with netstat you are very difficult to see this state, Unless you specifically write a client-side test program, deliberately not send the last ACK message during the three TCP handshake. Therefore, when the ACK message is received from the client, it goes into the established state.
Syn_sent: This state is echoed with the syn_rcvd thinking back, when the client socket performs a connect connection, it sends the SYN message first, so it then enters the syn_sent state and waits for the server to send the 2nd message in the three-time handshake. The Syn_sent status indicates that the client has sent a SYN message.
Established: This is easy to understand, indicating that the connection has been established.
Fin_wait_1: This state should be well explained, in fact, the real meaning of fin_wait_1 and fin_wait_2 state is to wait for each other's fin message. The difference between the two states is: The fin_wait_1 state is actually when the socket in the established state, it would like to actively close the connection, send a FIN message to the other side, when the socket is entered into the fin_wait_1 state. And when the other party responds to the ACK message, then into the fin_wait_2 state, of course, under the actual normal circumstances, regardless of the circumstances of each other, should immediately respond to the ACK message, so fin_wait_1 state is generally more difficult to see, and Fin_wait_ 2 states can also sometimes be seen with netstat.
Fin_wait_2: Above has explained in detail this state, actually fin_wait_2 the socket in the state, indicates the half connection, also namely has the party request close connection, but also tells the other side, I temporarily also some data need to transmit to you, later closes the connection again.
Time_wait: Said to receive the other side of the fin message, and sent out an ACK message, just wait for 2MSL to return to the closed usable state. If the fin_wait_1 state, received the other side with the FIN flag and the ACK flag message, you can directly into the time_wait state, without having to go through the fin_wait_2 state.
CLOSING: This kind of state is special, the actual situation should be very rare, belong to a relatively rare exception state. Normally, when you send a fin message, it is supposed to receive (or receive) the other's ACK message before receiving the other's fin message. But closing status indicates that you send fin message, and did not receive the other's ACK message, but also received the other side of the fin message. Under what circumstances will this happen? In fact, it is not difficult to come to a conclusion: that is, if the two sides close a socket at the same time, then there is a situation where both sides send the fin message, there will be a closing state, indicating that both sides are shutting down the socket connection.
Close_wait: The meaning of this state is actually expressed in waiting to be closed. How do you understand it? When the other side close a socket to send fin message to yourself, you will undoubtedly respond to an ACK message to each other, then enter into the close_wait state. Next, the real thing you really need to consider is whether you still have the data sent to the other person, if not, then you can close the socket, send fin messages to each other, that is, close the connection. So what you need to accomplish in the close_wait state is waiting for you to close the connection.
Last_ack: This state is still relatively easy to understand, it is the passive close side after sending fin messages, and finally wait for each other's ACK message. When an ACK message is received, it is also possible to enter the closed available state.
Finally there are 2 questions answered, my own analysis of the conclusion (not necessarily guaranteed 100% correct)
1, why to establish a connection agreement is three handshake, and close the connection is four handshake it?
This is because the socket in the listen state of the server is sent in a message after it receives a request for the connection of the SYN message, and it can put the ACK and SYN (ACK response, and SYN synchronous). However, when the connection is closed, when receiving the other's fin message notification, it simply means that no data is sent to you, but not all of your data are sent to the other side, so you may not immediately close the socket, that is, you may also need to send some data to the other side, Send the FIN message to the other side to show that you agree that you can now close the connection, so it is here that the ACK message and fin messages are sent separately in most cases.
2, why time_wait state also need to wait 2MSL to return to closed status?
This is because: although both sides agree to close the connection, and the handshake of the 4 messages are also coordinated and sent, can be directly back to the closed state (like from the Syn_send state to establish state); but because we have to assume that the network is unreliable, You cannot guarantee that the last ACK message you send will be received by the other party, so the socket in the Last_ack state may be re-sending the fin message because the timeout does not receive an ACK message, so this time_wait state is used to resend the possible missing ACK message.

Also open

It is possible for two applications to perform active open at the same time, although the likelihood of occurrence is low. Each end sends a SYN and passes it to each other, and each end uses the port known to the end as the local port. For example:

An application in host a uses 7777 as the local port and connects to Host B 8888 Port to open it actively.

Host B An application uses 8888 as the local port and connects to host a 7777 port to do the active open.

TCP protocol When this happens, only one connection is opened.

The process of establishing this connection requires 4 data exchange, while a typical connection establishment requires only 3 exchanges (i.e. 3 handshake)

However, most of the Berkeley versions of TCP/IP implementations do not support simultaneous opening.

Both SYN_RCVD and Syn_send are intermediate states that are converted to established, with the goal being to convert both ends to the established state.

Also close

If the application sends fin at the same time, it enters the fin_wait_1 state first after it is sent. After receiving the peer fin, the reply to an ACK will enter the closing state. After receiving an ACK to the end, enter the TIME_WAIT state. This condition is called simultaneous shutdown.

Simultaneous shutdown also requires 4 message exchanges, which are the same as typical shutdowns.

TCP Finite state machine