Classic three-way handshake: (# add, "handshake" refers to the link from the left to the right in the figure)
The classic four-way handshake closure diagram:
TCP is the transmission control protocol used by the host to control the host layer. It provides reliable connection services and uses three handshakes to establish a connection: the bit code is the TCP flag bit. There are 6 types of labels: syn (synchronous online) ack (acknowledgement confirmation) Psh (push transfer) Fin (finish ended) RST (reset) URG (Urgent urgent) sequence number (sequential number) acknowledge number (confirmation number) first handshake: host a sends a SYN = 1 packet to the server and generates a random seqnumber = 1234567 packet. Host B is known by SYN = 1, A requires online connection. The second handshake: after receiving the request, host B needs to confirm the online information and send ACK number = (SEQ + 1 of host a), SYN = 1, ACK = 1, generate a random seq = 7654321 Packet
The third handshake: After receiving the handshake, host a checks whether the ACK number is correct, that is, the seq number + 1 sent for the first time, and whether the Ack is 1. If yes, host a will send ACK number = (SEQ + 1 of host B), ACK = 1 again. After host B receives the message, confirm that the seq value is set to ACK = 1, and the connection is established successfully. After three handshakes are completed, data is transmitted between host a and host B.
In TCP/IP, TCP provides reliable connection services and uses three handshakes to establish a connection.
First handshake: when a connection is established, the client sends the SYN Packet (SYN = J) to the server and enters the syn_send status. Wait for the server to confirm;
The second handshake: when the server receives the SYN packet, it must confirm the customer's Syn (ACK = J + 1) and send a SYN Packet (SYN = K), that is, the SYN + ACK packet, the server enters the syn_recv status;
The third handshake: the client receives the server's SYN + ACK package and sends the ACK (ACK = k + 1) Confirmation package to the server. After the package is sent, the client and server enter the established status, complete three handshakes. After three handshakes are completed, the client and the server start to transmit data.
Instance: IP 192.168.1.116.3337> 192.168.1.123.7788: s3626544836: 3626544836
IP 192.168.1.123.7788> 192.168.1.116.3337: s 1739326486: 1739326486 ack3626544837
IP 192.168.1.116.3337> 192.168.1.123.7788: ACK 1739326487, Ack 1 first handshake: 192.168.1.116 sends a location code SYN = 1, randomly generates a data packet with seqnumber = 3626544836 to 192.168.1.123, 192.168.1.123 the SYN = 1 knows that 192.168.1.116 requires an online connection;
The second handshake: after receiving the request, 192.168.1.123 needs to confirm the online information and send acknumber = 3626544837, SYN = 1, ACK = 1 to 192.168.1.116. packets with seq = 1739326486 are randomly generated. The third handshake: when 192.168.1.116 is received, check whether the ACK number is correct, that is, the seq number + 1 sent for the first time, and whether the Ack is 1. If yes, 192.168.1.116 will send ACK number = 1739326487 again, ACK = 1, 192.168.1.123 after receiving the message, confirm seq = seq + 1, ACK = 1, the connection is established successfully.
Illustration:
A three-way handshake process (Figure 1, Figure 2)
(Figure 1)
(Figure 2)
The flag of the first handshake (figure 3)
We can see that there is only one synchronization bit in the flag, that is, the request (SYN)
(Figure 3)
The flag of the second handshake (Figure 4)
We can see that there are two validation bits and synchronization bits in the flag, that is, the response (SYN + ACK)
(Figure 4)
The flag of the third handshake (figure 5)
We can see that there is only one validation bit in the flag, that is, re-confirmation (ACK)
(Figure 5)
A complete three-way handshake, that is, request-response-confirm again
Four breakups: Because the TCP connection is full-duplex, each direction must be closed separately. This principle is that when one party completes its data sending task, it can send a fin to terminate the connection in this direction. Receiving a fin only means that there is no data flow between the two parties. a tcp connection can still send data after receiving a fin. First, the party that closes the service will take the initiative to close the service, and the other party will passively close the service. (1) Client A sends a fin to disable data transmission from client a to server B (packet segment 4 ).
(2) When server B receives the fin, it sends back an ACK and confirms that the serial number is 1 (packet segment 5 ). Like SYN, a fin occupies a sequence number. (3) server B Closes the connection with client a and sends a fin to Client A (packet segment 6 ). (4) Client A sends back the ACK message for confirmation, and sets the confirmation sequence number to receive the serial number plus 1 (packet segment 7 ). 1. Why is the three-way handshake while the four-way handshake when the connection is closed? This is because the socket in the listen status of the server can respond to ack and SYN after receiving the SYN Packet connection request) it is sent in a message. However, when the connection is closed, when the other party receives the fin Message notification, it only indicates that the other party has no data to send to you; but not all your data may have been sent to the other party, therefore, you cannot immediately close the socket, that is, you may need to send some data to the other party, and then send the fin message to the other party, indicating that you agree to close the connection now, therefore, the ACK messages and fin messages are sent separately in most cases.
2. Why does the time_wait status still need to be 2 MSL before it can be returned to the closed status? This is because both parties have agreed to close the connection, and the four handshake packets are also coordinated and sent, it can be directly returned to the closed state (just like from syn_send to establish State), but because we must assume that the network is unreliable, you cannot guarantee that the last ACK message you sent will be received by the other party. Therefore, the socket in the last_ack status of the other party may fail to receive the ACK message due to timeout, but resend the fin message, therefore, the time_wait status is used to resend potentially lost ACK packets. TCP status: Listen: listening for connection requests from remote TCP ports
SYN-SENT: wait for a matched connection request after sending a connection request again
SYN-RECEIVED: Wait for the other party to confirm the connection request after receiving and sending a connection request
Established: indicates an opened connection.
Fin-wait-1: waiting for confirmation of the remote TCP connection interruption request or previous connection interruption request
Fin-wait-2: Waiting for connection interruption requests from remote TCP
Close-Wait: Waiting for connection interruption requests from Local Users
Closing: waiting for confirmation of remote TCP connection interruption
LAST-ACK: waiting for confirmation of the original connection interruption request sent to remote TCP
Time-Wait: Wait for enough time to confirm that the remote TCP receives the connection interruption request.
Closed: No connection status
TCP is a connection-oriented protocol. Therefore, a connection must be established before both parties send data. This is totally different from the preceding protocol. All the Protocols mentioned above only send data. Most of them do not care whether the sent data is sent or not, especially UDP. From a programming perspective, UDP programming is also much simpler-udp does not need to consider data sharding. In the book, telnet login and exit are used to explain the process of establishing and suspending the TCP protocol connection. We can see that the establishment of the TCP connection can be simply called a three-way handshake, the disconnection can be called a four-way handshake.
1. when establishing a connection, the client first requests to the server to open a port (using TCP packets with SYN segments equal to 1 ), then the server sends back an ACK message to notify the client to receive the request message. After receiving the confirmation message, the client sends a confirmation message again to confirm the confirmation message (bypass) sent by the server, the connection is established. This is called a three-way handshake. If you want to prepare both parties, you must send three packets, and only three packets are required. We can imagine that if TCP's timeout retransmission mechanism is added, TCP can completely ensure that a data packet is sent to the destination.
2. A special concept of ending TCP is half-close, which means that the TCP connection is a full-duplex (which can be sent and received at the same time) connection. Therefore, when the connection is closed, you must disable the connection between data transmission and data transmission. The client sends a TCP packet whose fin is 1 to the server, and then the server returns an ACK packet to the client, and sends a FIN packet. When the client replies the ACK packet (four handshakes ), the connection is over. 3. When establishing a connection, both parties must confirm the maximum message length (MSS) of each other to facilitate communication. Generally, the SYN length is MTU minus the fixed IP header and TCP Header Length. For an Ethernet, it can generally reach 1460 bytes. Of course, for non-local IP addresses, the MSS may only have 536 bytes, and the value will be smaller if the mss of the intermediate transmission network is smaller.
4. the TCP status migration book p182 page provides a TCP status chart, which looks complicated because it contains two parts: Server Status migration and client status migration, from a certain point of view, this figure will be much clearer. The servers and clients here are not absolute. The clients that send data are the clients, and the servers that receive data are the servers.
4. 1. client application status transition diagram the client status can be expressed using the following process: closed-> syn_sent-> established-> fin_wait_1-> fin_wait_2-> time_wait-> the closed process is the process that should be performed when the program is normal, as shown in the diagram in the book, when a connection is established, when the client receives the ACK of the SYN packet, the client opens an interactive data connection. The client ends the connection actively. After the client ends the application, it needs to go through the fin_wait_1, fin_wait_2, and other statuses. The migration of these statuses is the four handshakes mentioned above to end the connection.
4. 2. server Status transition diagram the server status can be expressed in the following process: closed-> listen-> SYN received-> established-> close_wait-> last_ack-> when closed establishes a connection, the server enters the data interaction status only after the third handshake, closing a connection is after closing the second handshake (note that it is not the fourth ). After the feature is disabled, you must wait for the client to provide the final ack package before entering the initial state.
4. 3. the diagrams in other State Migration books also have some other State migration. These State Migration summarizes the following two aspects for the server and client: Listen-> syn_sent. This explanation is very simple, the server sometimes needs to open the connection. Syn_sent-> SYN received. If the server and client receive SYN datagram in the syn_sent state, they both need to send the syn ack datagram and adjust their status to the SYN received state, prepare to enter establishedsyn_sent-> closed. When sending times out, it will return to the closed status. SYN _ received-> listen. If an RST packet is received, it returns to the listen status. SYN _ received-> fin_wait_1. This migration means that you can directly jump to the fin_wait_1 status and wait to close without going to the established status.
4.4.2msl There Is A time_wait wait state in the figure given in the wait state book, which is also called the 2msl state. It indicates that after time_wait2 sends the last ack datagram, it enters the time_wait state, this status prevents the datagram of the last handshake from being transmitted to the other party and prepared (note that this is not the four handshakes, but the fourth handshake is the insurance status ). This State ensures that both parties can end normally, but the problem also arises.
Because of the 2msl status of the plug-in port (the plug-in Port indicates the IP address and port pair, socket), the application cannot use the same plug-in again in 2msl time, which is better for the customer program, however, for a service program, such as httpd, it always needs to use the same port for service. In 2msl time, an error occurs when httpd is started (the plug is used ). In order to avoid this error, the server provides a concept of Calm time, which means that although the server can be restarted in 2msl time, however, this server still needs to wait for the 2msl time to complete the next connection.
4.5.fin _ wait_2 status this is the well-known semi-closed status, which is the status after the client and server shake hands when the connection is closed. In this state, the application can accept data, but data cannot be sent. However, the client is always in the fin_wait_2 state, and the server is always in the wait_close state, the Application Layer determines to close this state. 5. Opening and closing the RST at the same time is another way to close the connection. The application should be able to determine the authenticity of the RST package, that is, whether it is an exception or not. Both open and close are two special TCP states, with a low probability of occurrence.
6. TCP server design the UDP server design has previously been described. We can find that UDP servers do not need the so-called concurrency mechanism at all. It only needs to establish a data input queue. But TCP is different. The TCP server needs to establish an independent process (or lightweight, thread) for each connection to ensure the independence of the conversation. Therefore, the TCP server is concurrent. In addition, TCP also requires an incoming connection request queue (which is not required by the UDP server) to establish a dialog process for each connection request, this is why all TCP servers have a maximum number of connections. Based on the IP address and port number of the source host, the server can easily differentiate different sessions for data distribution.
TCP three-way connection and four-way disconnection
