TCP three-way handshake and four-way handshake

Well-known port number

Application ftp tftp Telnet smtp dns http ssh MySQL
Familiar with ports 3306, 20 69 23 25 53 80 22
Transport Layer Protocol TCP UDP TCP

TCP Overview

TCP regards the connection as the most basic object. Each TCP connection has two endpoints. This breakpoint is called socket. It is defined as a socket formed by splicing the port number to an IP address, for example, if the IP address is 192.3.4.16 and the port number is 80, the resulting socket is 192.3.4.16: 80.

TCP packet header

The source port and the destination port each occupy 2 bytes, respectively written to the source port and the destination port;

1. The serial number, which occupies 4 bytes. Each byte in the byte stream transmitted in the TCP connection is numbered sequentially. For example, the serial number field value of a packet is 301, and the data carried is a total of 100 fields. It is clear that the serial number of the next packet segment (if any) should start from 401;
2. The confirmation number (4 bytes) is the sequence number of the First Data byte expected to receive the next packet from the other party. For example, if B receives a packet sent by a, its serial number field is 501, and the data length is 200 bytes, this indicates that B has correctly received the data sent by a to sequence 700. Therefore, B expects that the next data sequence number received by a is 701, So B sets the confirmation number to 701 in the confirmation message segment sent to;
3. Data offset (4 digits) indicates how far the data of a TCP packet is from the beginning of a TCP packet segment;
4. Reserved, which occupies 6 places. reserved for future use, but currently it should all be 0;
5. URG, when URG = 1, indicates that the emergency pointer field is valid. Tell the system that there is urgent data in this packet segment;
6. Confirm ack. This field is valid only when ACK = 1. TCP stipulates that ack must be set to 1 for transmission of all packets after the connection is established;
7. Push Psh. When two application processes perform interactive communication, sometimes the application process at one end wants to receive the response from the other side immediately after a command is typed. In this case, PSH = 1;
8. Reset RST. When rst = 1, it indicates a serious error occurred in the TCP connection. You must release the connection and then re-establish the connection;
9. Synchronize SYN, which is used to synchronize sequence numbers when a connection is established. When SYN = 1, ACK = 0, it indicates a connection request message. If you agree to the connection, the response message should make SYN = 1, ACK = 1;
10. Terminate fin to release the connection. When fin = 1, it indicates that the data of the sender of the message has been sent and needs to be released;
11. Window (2 bytes) refers to the notification recipient. How much space you need to accept when sending this article;
12. Check, which occupies 2 bytes. Check the header and data;
13. The emergency pointer occupies 2 bytes, indicating the number of bytes of emergency data in this section;
14. Optional, variable length, defining some other optional parameters.

TCP connection establishment (three-way handshake)

At the beginning, both the client and server were in the closed state. The client actively opens the connection, and the server passively opens the connection.

The TCP server process first creates a transmission control block TCB, and is always ready to accept the connection request from the client process. Then the server enters the listen status;
The tcp client process also first creates a transmission control block TCB, and then sends a connection request packet to the server. This is the same part of the packet header SYN = 1 and selects an initial serial number seq = x. At this time, the tcp client process enters the SYN-SENT (synchronous sent status) state. TCP stipulates that the SYN packet segment (the SYN = 1 packet segment) cannot carry data, but a sequence number must be consumed.
After receiving the request message, the TCP server will send a confirmation message if it agrees to connect. Check that the message should contain ACK = 1, SYN = 1, ACK = x + 1, and initialize a sequence number seq = Y for yourself, the TCP server process enters the SYN-RCVD (synchronously received) state. This packet cannot carry data, but it also consumes a serial number.
After receiving the confirmation, the tcp client process should also confirm with the server. Confirm the ACK = 1, ACK = Y + 1, and the serial number seq = x + 1. At this time, the TCP connection is established, and the client enters the established (established connection) status. TCP stipulates that ACK packets can carry data, but no serial number is consumed if no data is carried.
After receiving the confirmation from the client, the server enters the established status. Then, both parties can start to communicate.

 

Why does the tcp client send a confirmation message?

In a word, it mainly prevents invalid connection request packets from being suddenly transmitted to the server, resulting in errors.

If two handshakes are used to establish a connection, assume that the client sends the first request and the connection is not lost, the reason is that it takes too long to stay in the network node. Because the tcp client has not received the confirmation message, the server does not receive the message. At this time, the tcp client resends the message to the server, after that, the client and server have two handshakes to complete the connection, transmit data, and then close the connection. At this time, the request connection that was previously stranded reached the server smoothly, and the packet was supposed to be invalid. However, the two handshakes will allow the client to establish a connection with the server again, this will lead to unnecessary errors and waste of resources.

If three handshakes are used, even if the invalid message is sent, the server receives the Invalid Message and replies to the confirmation message, but the client does not send a confirmation message again. Because the server cannot receive the confirmation, the client does not request a connection.

TCP connection release (four waves)

After data transmission is completed, both parties can release the connection. At the beginning, the client and server are both in the established State, and the client closes the server.

1. The client process sends a connection release packet and stops sending data. Release the data packet header, fin = 1, and its serial number is seq = U (equal to the serial number of the last byte of the previously transmitted data plus 1). At this time, the client enters the fin-wait-1 (Termination wait 1) state. TCP stipulates that even if the fin segment does not carry data, a sequence number is required.
2. The server receives the connection release message and sends a confirmation message, ACK = 1, ACK = u + 1, and carries its own serial number seq = V. At this time, the server enters the close-Wait (close Wait) status. The TCP server notifies the High-level application process, and the client is released to the server. At this time, it is in the semi-closed state, that is, the client has no data to send, but if the server sends data, the client still needs to accept it. This status lasts for a while, that is, the entire close-Wait Status.
3. After receiving the confirmation request from the server, the client enters the fin-wait-2 (Stop wait 2) Status and waits for the server to send the connection release message.(Before that, you must accept the final data sent by the server).
4. After the server sends the final data, it sends the connection release packet to the client, fin = 1, ACK = u + 1, because it is in the semi-closed status, the server is likely to send some data again, assuming that the serial number is seq = W at this time, the server enters the LAST-ACK (final confirmation) state, waiting for the client to confirm.
5. After receiving the server connection release message, the client must send a confirmation message, ACK = 1, ACK = W + 1, and its serial number is seq = u + 1, the client enters the time-Wait Status. Note that the TCP connection has not been released yet. Must 2? After MSL (longest message segment life), the client enters the closed State only after the corresponding TCB is revoked.
6. The server immediately enters the closed state after receiving confirmation from the client. Similarly, the TCP connection ends after the TCB is revoked. As you can see, the server end the TCP connection earlier than the client.

Why is the client still waiting for 2msl?

MSL (maximum segment lifetime), TCP allows different implementations to set different MSL values.

First, ensure that the last ACK packet sent by the client can reach the server because the ACK packet may be lost. From the server's perspective, I have sent the FIN + ACK packet request to be disconnected, the client has not responded to me. It should be because the disconnection packet sent by me has not been received, and the server will send it again, the client can receive the retransmission packet in this 2msl period, then provide the response packet, and restart the 2msl timer.

Second, prevent the "invalid connection request packet segment" mentioned in the "three-way handshake" from appearing in this connection. After the client sends the last validation packet, all the packet segments generated during the connection duration will disappear from the network during this 2msl time. In this way, the request packets of the old connection will not appear in the new connection.

Why is it because the three-way handshake is established and the connection is closed for four times?

When a connection is established, the server receives the SYN Packet Of the connection request in the listen state, and then places ack and SYN in a packet and sends it to the client.
When the connection is closed, when the server receives the fin message from the other party, it only means that the other party no longer sends data but can still receive the data, and it may not send all the data to the other party, therefore, you can immediately close the connection, or send some data to the other party, and then send a fin message to the other party to agree to close the connection now.Therefore, both ack and fin are sent separately, resulting in one more time.

What if a connection has been established but the client suddenly fails?

TCP also has a life-saving timer. Obviously, if the client fails, the server won't be able to wait until it is wasted. The server resets the timer every time it receives a request from the client. The timer is usually set to 2 hours. If no data is received from the client within two hours, the server sends a detection packet segment, which is sent every 75 minutes. If the server still does not respond when sending 10 detection packets in a row, the server considers the client to be faulty and closes the connection.

From: 72861891? Utm_source = blogxgwz1

TCP three-way handshake and four-way handshake