TCP is a connection-oriented protocol in which a connection must be established between the two parties in either direction before the other party sends the data. This section discusses in detail how a TCP connection is established and how it terminates after the end of the communication.
Establish a TCP connection TCP uses the three-time handshake (Three-way Handshake) Protocol to establish the connection, and figure 3-10 depicts a sequence of three handshake messages.
Www.2cto.com
These three handshakes are: the requester (usually called the customer) sends a SYN segment (SYN 1) that indicates the port of the server to which the customer intends to connect, and the initial order number (ISN). The server sends back a SYN message segment (SYN 1) that contains the initial order number of the server as a reply. Also, set the confirmation number to customer's ISN plus 1 to confirm the customer's SYN message segment (ACK is also 1). The customer must set the confirmation number to the server's ISN plus 1 to confirm the SYN message segment of the server (ACK 1), which notifies the destination host that both parties have completed the connection setup. Sending one end of the first SYN executes the active open, receiving the SYN and performing the passive open (passive open) at the other end of the next syn. In addition, the Handshake protocol for TCP is carefully designed to handle simultaneous opening (simultaneous open), for opening it at the same time only to establish a connection instead of two connections. Therefore, the connection can be initiated by either party or both, and once the connection is established, the data can flow in both directions, without the so-called master-slave relationship.
Www.2cto.com
The three-time handshake protocol is a necessary and sufficient condition for correct synchronization between two sides. Because TCP is built on unreliable packet transport services, messages can be lost, delayed, duplicated, and scrambled, so the protocol must use a timeout and retransmission mechanism. If a retransmission connection request and the original connection request arrive at the time the connection is being established, or a deferred connection request arrives after a connection has been established, used, and ended, a problem occurs. Use the three-time Handshake protocol (plus the rule that TCP will ignore the connection request again after the connection is established) to resolve these issues.
The three-time handshake protocol can accomplish two important functions: it ensures that the connection is ready for transmission and unifies the initial sequence number for both parties. The initial sequence number is the transmission sequence number during the handshake and is confirmed: when one side sends its SYN for the connection, it selects an initial sequence number for the connection, and each segment includes the Sequence number field and the confirmation Number field, which allows the two machines to negotiate the sequence number of their respective data streams using only three handshake messages. In general, isn varies over time, so each connection will have a different isn. Www.2cto.com
When a TCP connection is closed, a TCP connection is established, and the data stream can be transmitted in two directions. When the TCP application process has no data to send, the Shutdown command is issued. TCP closes the data stream by sending a fin=1 of the control bit, but can continue to receive data until the other side closes the traffic in that direction, and the connection is closed.
The TCP protocol uses the modified three-time handshake protocol to close the connection, as 3-11 shows that terminating a connection takes 4 handshakes. This is due to the semi-shutdown of TCP (half-close). Because a TCP connection is full-duplex (that is, the data can be delivered simultaneously in two directions), each direction must be closed separately. The principle of closure is that when a party completes its data sending task, it can send a FIN to terminate the connection. When one end receives a FIN, it must notify the other end of the application layer that the data transfer in that direction has been terminated. Sending FIN is usually the result of the application layer closing. From one side of TCP, there are three ways to close a connection: www.2cto.com,
• After the party initiates the shutdown of the application process, TCP sends a packet of FIN = 1 to the other party after sending the message segment that has not been processed, and TCP no longer accepts the data sent by the application process. Data bytes sent before fin, including fin, need to be confirmed by the other party, or re-transmitted. Note that FIN also takes a sequential number. Upon receipt of the other's confirmation of fin and the other's Fin message segment, the party TCP confirms the fin, waits for some time, and then closes the connection. The wait is to prevent the loss of the confirmation message of the party, to avoid the retransmission of the other message to interfere with the new connection.
• The other side starts off when TCP receives a fin message from the other side, it sends an ACK confirming the fin message and notifies the application that the process connection is shutting down. The application process responds with a shutdown command. TCP sends a FIN message to the other TCP after sending the message segment that has not been processed, waits for the other party to confirm the fin, and then closes the connection after receiving confirmation. If the other party's confirmation does not arrive in time, the connection is closed after waiting for some time. • Both sides start the application process of closing the connection and send the close command simultaneously, TCP sends the FIN message after sending the message segment that has not been processed. After all parties have received a confirmation of the text sent by TCP before Fin, the ACK confirms the fin it received. After receiving the other party's confirmation of FIN, the parties also wait for a period of time before closing the connection. This is called simultaneous shutdown (simultaneous close). Www.2cto.com
The operation of the TCP state machine TCP protocol can be represented by a finite state machine with 11 states (finite state machines), and figure 3-12 describes the finite state machines for TCP, the rounded rectangles in the graph representing states, the arrows representing transitions between states, and the descriptions of each state as a table As shown in 3-2. A thick line in the figure indicates the normal process of establishing a connection between the client's active and passive server side: The state transition of the client is using the thick solid line, and the server-side state transition is dashed with a coarse dash. Thin lines are used for unusual sequences, such as resetting, opening simultaneously, closing simultaneously, and so on. Each state in the graph has an "event/action" on it: The event refers to a user performing a system call (CONNECT, LISTEN, SEND, or CLOSE), receiving a segment (SYN, FIN, ACK, or RST), or having a packet lifetime of more than twice times the maximum The action refers to sending a segment (SYN, FIN, or ACK) or nothing (denoted by "-").
Figure 3-12 TCP finite state machine. The thick solid line represents the customer's normal path;
A thick dashed line represents the normal path of the server; thin lines represent uncommon events. Each connection starts at the CLOSED state. When a party executes a passive connection primitive (LISTEN) or an active connection primitive (connect), it is out of the CLOSED state. If the other party executes the corresponding connection primitive, the connection is established and the State becomes established. Either party can request to release the connection first, and when the connection is released, the state is back to CLOSED. Table 3-2 TCP Status table
1. Normal state transitions we use Figure 3-13 to show the different states that customers and servers experience during the establishment and termination of a normal TCP connection. Readers can read from figure 3-12, using the state diagram of Figure 3-12 to track the state of the process of figure 3-13, in order to understand the changes in each state: The server side first executes the LISTEN primitive into the passive open state (LISTEN), waiting for the client to connect; www.2cto.com
When one of the client's applications issues the Connect command, the local TCP entity creates a connection record for it and marks it as a SYN SENT state, then sends a SYN segment to the server, and the server receives a SYN message segment whose TCP entity sends the acknowledgement ACK message to the client The segment sends a SYN signal at the same time, enters the Syn RCVD state, the client receives the SYN + ACK segment, and its TCP entity sends the last ACK segment of the three handshake to the server, and converts it to the established state; the server side receives a confirmed ACK message segment, Three handshakes were completed and the established state was entered. In this state, both parties are free to transmit data. When an application finishes the data Transfer task, it needs to close the TCP connection. Assume that the client initiates the active shutdown of the connection. The client executes the CLOSE primitive, and the local TCP entity sends a fin segment and waits for confirmation of the response (enters the status fin wait 1); The server receives a fin segment that confirms that the client's request sent back an ACK message segment into the CLOSE WAIT State; client When the acknowledgment ACK message segment is received, it is transferred to the FIN WAIT 2 state, at which point the connection is disconnected in one direction; when the server-side application is advertised, the close primitive is also executed to close the connection in another direction, and its local TCP entity sends a FIN segment to the client and enters the last ACK Status, waiting for the last ACK acknowledgement message segment; www.2cto.com
The client receives a FIN message segment and confirms that it enters the TIMED wait state, at which point both connections have been disconnected, but TCP waits for a maximum lifetime of twice message segments MSL (Maximum Segment Lifetime) to ensure that all the groupings of the connection disappear to prevent There is a case of confirming the loss. When the timer expires, TCP deletes the connection record and returns to the initial state (CLOSED). When the server receives the last acknowledgment ACK segment, its TCP entity frees the connection and deletes the connection record, returning to the initial state (CLOSED). 2. Open at the same time: although the likelihood of occurrence is minimal, it is still possible for two applications to be actively opened to each other at the same time. Each party must send a SYN, and these SYN must be passed to each other. This requires each party to use a known port as the local port. For example, an application in host a uses local port 7777 and is actively opened with Port 8888 of host B. The application in host B uses local port 8888 and is actively opened with Port 7777 of host A. TCP is intentionally designed in order to be able to handle simultaneous opening, for simultaneous opening it only establishes one connection instead of two connections (other protocol families, most notably the OSI transport layer, in which case two connections will be established instead of a connection). Www.2cto.com
When the situation is open at the same time, the state changes are different from those shown in Figure 3-13. Both ends send the SYN almost simultaneously and enter the Syn_sent state. When each end receives a SYN, the state changes to SYN_RCVD, and they both send a SYN and confirm the received Syn. When both sides receive the SYN and the corresponding ACK, the state changes to established. Figure 3-14 shows the process of these state transitions. Figure 3-14 Switching the message segment at the same time open the connection needs to Exchange 4 message segments, more than the normal three handshake. Also, it is important to note that we do not refer to any end as a customer or server, because each side is both a client and a server. 3. Close at the same time: it is normal for a party (usually but not always the client) to send the first FIN to perform an active shutdown, but it is also possible for both parties to perform an active shutdown, and the TCP protocol allows such a simultaneous shutdown. Www.2cto.com
In Figure 3-12, when both ends of the application layer issue a close command, both ends change from established to fin_wait_1. This will cause each side to send a fin, two fin after the network transmission, respectively, to reach the other end. After receiving FIN, the state changes from fin_wait_1 to CLOSING and sends the final ACK. When the last ACK is received, the state changes to time_wait. Figure 3-15 summarizes the changes in these states, and shows the same number of message segment exchanges that are used to shut down concurrently with normal shutdown. Figure 3-15 Packet-segment switching during simultaneous shutdown 4. Other situation: Service side open: The transition from LISTEN to syn_sent is correct, it is initiated by the server side of the SYN message segment, but the Berkeley version of the TCP software does not support it. Reset Connection (reset): The state transition from SYN_RCVD to LISTEN is valid only if the SYN_RCVD state is entered from the LISTEN State (normal condition) and not from the Syn_sent state (while open). This means that if we perform a passive open (enter LISTEN), receive a SYN, send a SYN with an ACK (enter SYN_RCVD), and then receive an RST, instead of an ACK, it goes back to the LISTEN state and waits for the arrival of another connection request. Www.2cto.com
Fast shutdown: In the fin_wait_1 state after active shutdown, if the received message segment is not only an ACK, but also includes the other's FIN signal, then directly into the TIME_WAIT state, send an ACK message segment, and then wait for timeout. In addition, the wait timeout for the time_wait state needs to be explained in more detail because it directly affects the performance of the network application. Each specific TCP implementation must select a message segment Maximum lifetime MSL (Maximum Segment Lifetime), which is the maximum time in the network before any message segments are discarded. We know that this time is limited because the TCP segment is transmitted over the network with an IP datagram, and the IP datagram has a TTL field that restricts its time to live. RFC 793 [Postel 1981c] indicates that the MSL is 2 minutes. However, the common values in the implementation are 30 seconds, 1 minutes, or 2 minutes.
For a specific implementation of the MSL value given, the principle of processing is: When TCP performs an active shutdown, and then returns the last ACK, the connection must remain in the TIME_WAIT state for a time of twice times the MSL, so the TIME_WAIT state is also known as the 2MSL wait state. During this time, if the last Ack is lost, the other party will time out and resend the last FIN, so that local TCP can send the ACK segment again (this is the only message it can send and reset the 2MSL timer).
Another result of this 2MSL wait is that the TCP connection is no longer used during the 2MSL wait, the socket that defines the connection (socket, the client's IP address and port number, the server's IP address and port number). This connection can only be used after the end of 2MSL. Any late message segments will be discarded when the connection is 2MSL waiting. Www.2cto.com
We assume that figure 3-12 is where the client performs an active shutdown and enters Time_wait, which is normal, because the server typically performs a passive shutdown and does not enter the TIME_WAIT state. This implies that if we terminate a client program and restart the client immediately, the new client program will not be able to reuse the same local port. This does not pose a problem because the customer uses the local port and does not care what the port number is. However, for servers, the situation is different because the server uses a known port.
If we terminate a server program that has already established a connection and attempt to restart the server program immediately, the server program will not be able to assign its known port to its endpoint because that port is part of the 2MSL connection. Before restarting the server program, it needs to be in 1-4 minutes. This is the reason why many Web server programs cannot be restarted immediately after they are killed (the error is "Address already in use").
TCP Status Details-Reprint
