1. TCP Message Structure
TCP is a reliable, connection-oriented, full-duplex Transport layer protocol whose message format is as follows:
Source port, Destination port: 16 bits long. Identifies the remote and local port numbers.
Sequence Number: 32 bits long. Indicates the order in which datagrams are sent.
Confirmation Number: 32 bits long. The serial number of the next datagram that you want to receive.
TCP protocol Data header length because the TCP header length is not fixed. Head Length: 4 bits long. Indicates how many 32-bit words are contained in a TCP header. The next 6 bits are unused.
ack:ack position 1 indicates that the confirmation number is legal. If the ACK is 0, the datagram does not contain confirmation information and the confirmation field is omitted.  
psh: Represents data with a push flag. The receiver therefore requests that the datagram be sent to the application without waiting for the buffer to be filled before it is delivered.  
rst: A connection that resets errors that occur due to host crashes or other causes. It can also be used to reject illegal datagrams or deny connection requests.  
syn: Used to establish a connection.  
fin: Used to release the connection.
Window Size: 16 bits long. The window size segment indicates how many bytes can be sent after the byte has been confirmed.
Checksum: 16 bits long. is set to ensure high reliability. It verifies the sum of headers, data, and pseudo-TCP headers.
Available options: 0 or more 32-bit words. Includes options such as maximum TCP load, window scale, and selection of re-send datagrams.
Maximum TCP load: Allows each host to set the maximum TCP payload capacity it can accept. During the establishment of the connection, both parties declare their maximum load capacity and choose the smaller one as the standard. If a host does not use this option, its load capacity is set to 536 bytes by default.
Window Scale: Allows the sender and receiver to agree on a suitable window scale factor. This factor allows the sliding window to reach a maximum of 232 bytes.
TCP protocol Data Header Select Resend Datagram: This option allows the receiving party to request the sending of one or more datagrams specified.
2. TCP connection Setup
A "three handshake" is required to establish a TCP connection:
(1) The client sends the connection request, the SYN field in the TCP message is set to 1, and the sequence number is X (random)
(2) The server to reply, the TCP message in the SYN field set 1,ack Field 1 (indicating that the message is a reply to a previous message), the confirmation number is x+1 (indicating that the next time the server wants to receive the byte sequence number is x+1), and the sequence number is Y (random)
(3) The client responds, the ACK field is set to 1, the SYN 0 (then the 0), the confirmation number is y+1, the sequence number is x+1. At this time the message data can contain the application layer data, three times the handshake completed.
3. TCP Connection Disconnect
TCP connection disconnect requires "Four break up", both sides of the connection need to shut down the end-to-end connection, when the end-to-end connection is closed, the local side can not send data, can only receive data:
(1) Host A sends a TCP message segment, the Fin field is set to 1, the sequence number is x, and the Send connection from A to B is disconnected
(2) Host B sends a reply to a, the ACK field is set to 1, the confirmation number is x+1, at this time (after host a received the ACK packet) host A can only receive can not send
(3) Host B sends a TCP segment, the Fin field is set to 1, the serial number is Y, and the connection of B to A is disconnected
(4) Host a reply to the B,ack field 1, the serial number is y+1
4. TCP State Transitions
The TCP state transition diagram looks like this:
CLOSED: Indicates the initial state.
LISTEN: Indicates that a socket on the server side is listening and can accept the connection.
SYN_RCVD: This status means that the SYN message is received, under normal circumstances, this state is the server side of the socket in the establishment of a TCP connection during the three handshake session process of an intermediate state, very short, basically with netstat you are very difficult to see this state, Unless you specifically write a client-side test program, deliberately not send the last ACK message during the three TCP handshake. Therefore, when the ACK message is received from the client, it goes into the established state.
Syn_sent: This state corresponds to the SYN_RCVD, when the client socket performs a connect connection, it sends the SYN message first, so it then enters the syn_sent state and waits for the server to send the 2nd message in the three-time handshake. The Syn_sent status indicates that the client has sent a SYN message.
Established: Indicates that the connection has been established.
Fin_wait_1: In fact, the real meaning of fin_wait_1 and fin_wait_2 states is to wait for each other's fin message. The difference between the two states is: The fin_wait_1 state is actually when the socket in the established state, it would like to actively close the connection, send a FIN message to the other side, when the socket is entered into the fin_wait_1 state. And when the other party responds to the ACK message, then into the fin_wait_2 state, of course, under the actual normal circumstances, regardless of the circumstances of each other, should immediately respond to the ACK message, so fin_wait_1 state is generally more difficult to see, and Fin_wait_ 2 states can also sometimes be seen with netstat.
Fin_wait_2: Above has explained in detail this state, actually fin_wait_2 the socket in the state, indicates the half connection, also namely has the party request close connection, but also tells the other side, I temporarily also some data need to transmit to you, later closes the connection again.
Time_wait: Said to receive the other side of the fin message, and sent out an ACK message, just wait for 2MSL to return to the closed usable state. If the fin_wait_1 state, received the other side with the FIN flag and the ACK flag message, you can directly into the time_wait state, without having to go through the fin_wait_2 state.
Exception status. Normally, when you send a fin message, it is supposed to receive (or receive) the other's ACK message before receiving the other's fin message. But closing status indicates that you send fin message, and did not receive the other's ACK message, but also received the other side of the fin message. Under what circumstances will this happen? In fact, it is not difficult to come to a conclusion: that is, if the two sides close a socket at the same time, then there is a situation where both sides send the fin message, there will be a closing state, indicating that both sides are shutting down the socket connection.
Close_wait: The meaning of this state is actually expressed in waiting to be closed. How do you understand it? When the other side close a socket to send fin message to yourself, you will undoubtedly respond to an ACK message to each other, then enter into the close_wait state. Next, the real thing you really need to consider is whether you still have the data sent to the other person, if not, then you can close the socket, send fin messages to each other, that is, close the connection. So what you need to accomplish in the close_wait state is waiting for you to close the connection.
Last_ack: This state is still relatively easy to understand, it is the passive close side after sending fin messages, and finally wait for each other's ACK message. When an ACK message is received, it is also possible to enter the closed available state.
After the passive closed party sends FIN, the active closed party enters the Time_wati state, the TIME_WAIT state waits for 2MSL to enter the closed state because: the active closed party sends an ACK to the passive closed party, if the passive closed party receives the ACK, The passive closed party enters the closed state, and if the ACK is lost, the passive closed party is re-sent, which requires the active shutdown to wait for a certain time to confirm that the passive closed party receives its ACK to fin and then enters the closed state.
TCP connection setup and disconnection, and state transitions