TCP/IP status change diagram and TCP three-way handshake/Four Waves

Source: Internet
Author: User

TCP/IP status change diagram and TCP three-way handshake/Four Waves
TCP/IP status change diagram:
Detailed descriptions of each status:
CLOSED: indicates the initial state. It is the same for both the server and the C client. LISTEN: indicates the listening status. The server calls the listen function to start the accept connection. SYN_SENT: indicates that the client has sent the SYN packet. When the client calls the connect function to initiate a connection, it first sends SYN to the server and then enters the SYN_SENT state,
And wait for the server to send ACK + SYN. SYN_RCVD: indicates that the server receives the SYN Packet sent from the client. After receiving the packet, the server enters the SYN_RCVD status and sends ACK + SYN to the client. ESTABLISHED: indicates that the connection has been ESTABLISHED successfully. The server enters this status after sending ACK + SYN, and the client also enters this status after receiving ACK. FIN_WAIT_1: indicates that the connection is closed. No matter which party calls the close function to send the FIN message, it will enter this status. FIN_WAIT_2: indicates that the passive closing party agrees to close the connection. After the user closes the ACK returned by the user, the user enters this status. TIME_WAIT: It indicates that the other party's FIN message is received and the ACK message is sent. Then, it can return to the CLOSED state after 2MSL. If FIN_WAIT_1 is in the FIN_WAIT_1 status, the other party receives a FIN flag at the same time.
And ACK packets can directly enter the TIME_WAIT status without passing through the FIN_WAIT_2 status. CLOSING: both parties close the connection at the same time. If both parties call the close function almost simultaneously, both parties may send FIN packets at the same time, and the CLOSING status will appear, indicating
Both parties are closing the connection. CLOSE_WAIT: indicates that the passive closing party is waiting to close. When receiving the FIN message sent by the other party by calling the close function, it responds to the ACK message of the other party and enters the CLOSE_WAIT status. LAST_ACK: indicates that after the passive shutdown Party sends the FIN packet, it waits for the other party's ACK packet status. when it receives the ACK, it enters the CLOSED status.

1. Establish a connection

1) Client
When the Client calls the socket function, the Client generates a socket in the Closed state.
The Client calls the connect function again. The system randomly assigns a port to the Client, along with the parameters (IP address and port of the Server) passed in to connect, which forms a connection triplet,
The connect call puts the Client socket in the SYN_SENT state.
When the Server returns confirmation and sends SYN, the Client returns confirmation and SYN, And the socket is in the ESTABLISHED stage, the connection between the two parties can be read and written.

2) Server
When the Server calls the socket function, the Server generates a Closed listener socket.
The Server calls the bind operation, associates the listening socket with the specified address and port, and then calls the listen function. The system will allocate unfinished queues and complete queues to the listener socket.
The Client connection is acceptable, and the listener socket is in the LISTEN status.
When the Server calls the accept operation, a completed client connection is retrieved from the Completion queue, and a session socket is generated on the server for communication with the client socket,
The status of this session socket is ESTABLISH.

2. Close connection
Different from establishing a connection, the connection is divided into server/client, and closing a connection is not an absolute server/client. Closing a connection is divided into active closing and passive closing. Both the Server and client can assume these two roles.
. For example, the client can close its connection with the server, and the same server can also close connections that have not been read or written for a long time. In this case, we will divide it into two parts:
Part 1: the client is active and the server is active.

Active Client shutdown, Server passive shutdown:
When a session ends, the Client closes the connection with the Server.
Close rather than shutdown.
When the client wants to close the connection between the client and the server, the client first calls the close function. The client sends a FIN to the server and the client is in the FIN_WAIT1 state. When the server side
After the return to the client ACK, the client is in the FIN_WAIT2 state, and the server is in the CLOSE_WAIT state.
When the server detects the close operation on the client side (read returns 0), the server also needs to call the close operation. The server sends a FIN to the client side. The server status is LAST_ACK,
After the client receives the FIN from the server, the client-side socket is in the TIME_WAIT status. It will send an ack confirmation to the server. After the server receives the ack confirmation, the socket
In the CLOSED status.

The process of active Server shutdown is similar to that of Client-end shutdown, so we will not talk about it more. Here we also need to pay attention to the status of TIME_WAIT, which is described in the client/server Sections respectively.
First, let's talk about the description of TIME_WAIT described in the TCP/IP explanation and its necessity:
When receiving the FIN operation from the peer end, the socket will be in the TIME_WAIT status, and the socket in the TIME_WAIT status will survive 2MSL (Max Segment Lifetime ),
There is a reason to survive for such a long time:
On the one hand, the end of TCP full-duplex connection is reliably implemented, that is, when the last ACK is lost, the passive shutdown end resends the FIN. Therefore, the active shutdown end must maintain the status information, to allow it to repeat
Send the final ACK.
On the other hand, when TCP is waiting for 2MSL, this connection (4 tuples) cannot be used any more, and any late packets will be discarded. Imagine that if there is no 2MSL limit, the new connection just meets the original
In this case, the connection may receive a delay message on the network, which may interfere with the latest connection. Duplicate segments disappear in the network.

3. The Server listening socket is different from the session socket:

When the socket on the server calls bind and listen, the status of the listening socket changes to LISTEN. The work of listening on the socket determines that it only listens on the connection.
When the server calls accept, it is equivalent to extracting a client connection from the socket Completion queue. At this time, you can determine the four tuples, namely, the client IP and port; the server IP and port,
Each side has a socket for interaction. here we need to talk about the socket on the server side. I call the socket generated after the server side accept as the session socket. This socket is in the initial state.
Is ESTABLISH. We can see from the server's four tuples that the number of connections that a server can theoretically receive depends on the number of file descriptors.


4. If the status is TIME_WAIT, will all sockets that are actively closed Go To The TIME_WAIT status?

Is there any situation in which the socket that is automatically CLOSED directly enters the CLOSED state?

After the last ack is sent, the party that closes the task will enter the TIME_WAIT status and stay in the 2MSL (max segment lifetime) time.
This is essential for TCP/IP, that is, it cannot be solved.

That is, the TCP/IP designer was designed like this.
There are two main reasons:
1. Prevent the packets in the last connection from appearing again after they get lost, and affect the new connection (after 2MSL, all the repeated packets in the last connection will disappear)
2. Disable TCP connections reliably. The last ack (fin) sent by the active shutdown party may be lost. The passive party will re-Send the fin. If the active Party is in the CLOSED status,
It will respond to rst instead of ack. Therefore, the active party must be in the TIME_WAIT state, not the CLOSED state.

Note: Why does the TIME_WAIT status still need to wait for 2MSL to return to the CLOSED status? Or why does TCP introduce the TIME_WAIT status? The explanation in TCP/IP explanation: when TCP executes an active shutdown and returns the last ACK, the connection must stay in the TIME_WAIT status for two times of MSL, this allows
TCP resends the last ACK to prevent the ACK from being lost (the other end times out and resends the final FIN ). Note: MSL (Maximum Segment Lifetime) is the Maximum survival time. in RFC 793, MSL is set to 2 minutes, but is usually set to 30 seconds, 1 minute, or 2 minutes.

[Establish a TCP connection] (three-way handshake) as TCP provides reliable connection services, a guaranteed three-way handshake is used to create a TCP connection. The three-way handshake process is as follows:
  1. The client sends a TCP packet (packet 1) with SYN flag to the server, indicating that a TCP connection is required.
  2. The server sends a TCP packet (packet 2) with the ACK and SYN signs to the client. ACK is used to respond to packet 1 and SYN is used to ask whether the client is ready for data transmission.
  3. The client sends a TCP packet (packet 3) with an ACK flag as the response of packet 2.
So far, a TCP connection is established.
[Terminate a TCP connection] (four waves) because the TCP connection is full-duplex, each direction must be closed separately. The principle is that a FIN message is sent to the Party that proactively closes the service (for example, because all data has been transmitted ).
Terminate the connection in this direction. If a FIN is received, data flow is no longer in this direction, but data can still be sent in the other direction until the other direction also sends the FIN message.
The process of four waves is as follows:
  1. The client sends a FIN packet (packet 4) to the server, indicating that I will close the connection from the client to the server.
  2. After the server receives packet 4, it sends an ACK packet (packet 5) to the client. The serial number is the serial number of packet 4 plus 1.
  3. The server sends a FIN packet (packet 6) to the client, indicating that it will also close the connection from the server to the client.
  4. After receiving packet 6, the client sends an ACK packet (packet 7) to the server. The serial number is the serial number of packet 6 plus 1.
So far, a TCP connection is closed. (Four waves are not the only way to close the TCP connection. See the Q3 question below)
TCP three-way handshake and four-way handshake:

[TCP related questions] several common TCP/IP related questions:
  • Q1 why is the three-way handshake established in TCP and the four-way handshake closed?
  • A1 when the server SOCKET in the LISTEN status receives the SYN Packet (the client wants to create a TCP connection), it can synchronize the ACK (response) and SYN (synchronous) packets) in the same message to send it to the client. However, when the TCP connection is closed, when the other party receives the FIN message, the other party only indicates that the other party has no data to send to you, but not all your data may have been sent to the other party, therefore, you do not need to immediately close the SOCKET (send a FIN packet). After sending the remaining data to the other party, you can send the FIN packet to the other party to agree to close the connection, therefore, the ACK messages and FIN messages are sent separately.
  • Q2 why does the TIME_WAIT status still need to wait 2 * MSL seconds before it can be returned to the CLOSED status?
  • A2 although both parties agree to close the connection and the four handshake packets are sent, it is reasonable to directly return to the CLOSED status (like from SYN_SENT to ESTABLISH ), however, we must assume that the network is unreliable. You cannot guarantee that the last ACK message you (client) will be received by the other party, that is to say, the SOCKET in the LAST_ACK status may not receive the ACK packet because of timeout, but resend the FIN packet. Therefore, the TIME_WAIT status is used to resend the possibly lost ACK packet.
  • Q3 do I have to wave four times to close the TCP connection?
  • A3 is not necessarily the best practice. It is the safest practice to close the TCP connection four times. However, in some cases, we do not like the TIME_WAIT status (for example, when the MSL value is too large, the server has too many TCP connections in the TIME_WAIT status, reducing the number of these entries can close the connection faster, release more resources for the new connection). In this case, you can set the SO_LINGER flag of the SOCKET variable to prevent the SOCKET from entering the TIME_WAIT status after close, in this case, the TCP connection is forcibly terminated by sending the RST (instead of the four normal TCP handshakes ). However, this is not a good idea. TIME_WAIT is often advantageous for us.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.