Transport layer (i) TCP three-time handshake and four wave and close socket principle

Source: Internet
Author: User

A TCP connection requires three handshakes to be established, and four handshake is required to disconnect the connection.

   Client TCP State Migration:
Closed->syn_sent->established->fin_wait_1->fin_wait_2->time_wait->closed
   Server TCP state Migration:
Closed->listen->syn receives->established->close_wait->last_ack->closed the entire process as shown: first, establish a TCP connection    three-time handshake:The so-called "three-time handshake," that is, the amount of data sent each time is how to track the data segment sent and received synchronization, based on the amount of data received to confirm the number of data and data sent, received after the cancellation of contact, and establish a virtual connection. in order to provide reliable transmission, TCP sends the sequence number of the packets in a specific order before sending the new data, and the acknowledgement message is required after the packets are delivered to the target machine. TCP is always used to send large amounts of data.  TCP is also used when the application makes a confirmation when it receives the data. Bit code is TCP Flag bit, there are 6 types of markings: SYN(Synchronous set up online)、 ACK(Acknowledgement Confirm)、 PSH(push Transfer) 、 FIN(Finish End)、 RST(Reset Reset), URG (urgent Emergency) Confirmation Number:The value is equal to the sender's sending sequence number +1 (the next sequence number the receiver expects to receive). The detailed procedure is as follows: First time:First handshake: When a connection is established, the client sends a SYN packet (SYN=J) to the server and enters the syn_sent state, waiting for the server to confirm; SYN: Synchronous Sequence Number ( Synchronize Sequence Numbers)。 Second time: Second handshake: The server receives the SYN packet, must confirm the customer's SYN (ACK=J+1), and also sends a SYN packet (SYN=K), which is the Syn+ack package, at which time the server enters the SYN_RECV state. third time:Third handshake: The client receives the server's Syn+ack packet, sends the acknowledgment packet ack (ACK=K+1) to the server, and the packet is sent, the client and the server enter the established (TCP connection succeeded) State and complete the three handshake. The flow chart for the three-time handshake is as follows: There are some important concepts in the three-time handshake process: Queue not connected:

In the three-time handshake protocol, the server maintains an disconnected queue, which is listed as a SYN package (SYN=J) for each client, which indicates that the server has received a SYN packet and has issued a confirmation to the customer that it is waiting for the customer's confirmation package. The connections identified by these entries are in the SYN_RECV state of the server, and when the server receives the customer's confirmation package, the entry is deleted and the server enters the established state.

  Backlog parameters:

  indicates the maximum number of connections the kernel has queued for the corresponding socket. for the backlog only, we need to take a larger value in response to a large number of service requests.

The server sends out the Syn-ack package, if not received the customer confirmation package, the server carries on the first retransmission, waits for some time still not to receive the customer confirmation package, carries on the second retransmission, if the retransmission frequency exceeds the system specified maximum retransmission number , the system will remove the connection information from the half-connection queue. Note that the time to wait for each retransmission is not necessarily the same.

  Half-Connection survival time :

Is the maximum time that the entry for a semi-connected queue survives, that is, the maximum time that the server receives a SYN packet to confirm that the message is invalid, which is the maximum wait time sum of all retransmission request packets. Sometimes we also call the half-connection survival time timeout time, syn_recv survival time.

  Second, close the TCP connection:

  Because TCP connections are full-duplex, each direction must be closed separately. The principle is that when a party completes its data sending task, it can send a fin to terminate the connection in this direction. Receiving a fin only means

There is no data flow in this direction, and a TCP connection can still send data after receiving a fin. The first party to close will perform an active shutdown, while the other side performs a passive shutdown.

The removal of TCP connections requires sending four packets, so called four waves (Four-way handshake). Either the client or the server can initiate a wave gesture, and in socket programming, any party performs a close () operation to generate a wave.

The steps are as follows:

  First step: when host A's application notifies the TCP that the data has been sent, TCP sends a message segment with the Fin additional tag (fin for English finish) to Host B.

  Second step: after receiving this fin segment, Host B does not immediately reply to host A with fin message segment, but first sends a confirmation sequence ACK to host A and notifies itself of the corresponding application: the other party requests that the connection be closed (first

The purpose of sending an ACK is to prevent the other party from re-transmitting the fin segment during this time period.

  Step three: Host B's application tells TCP: I want to shut down the connection completely, TCP sends a FIN message segment to host A.

  Fourth step: after receiving this fin segment, host A sends an ACK to Host B indicating that the connection is completely released.

In network programming, sockets are often created and sockets are often closed after the socket is used, so what exactly does the client and server do when the socket is closed?

The closure of the socket is divided into active shutdown (active closure) and passive shutdown (Passive closure).

Active shutdown refers to the active shutdown of a local host, while a passive shutdown means that the local host detects that the remote host has initiated a shutdown and responds to the shutdown of the entire connection.

  In case of passive shutdown:

  The client initiates an interrupt connection request, which is to send a fin message.

After the server receives the fin message, the message means "My client has no data to send to you, but if you have data that is not sent, you do not need to close the socket, you can continue to send the data."

So the server first sends an ACK, telling the client: "Your request I received, but I am not ready, please continue to wait for my message."

This time the client enters the fin_wait state and continues to wait for the server's fin message.

When the server determines that the data has been sent, the fin message is sent to the client, telling the client: "OK, my side of the data is finished, ready to close the connection."

Client side received fin message, "Know can shut down the connection, but he still do not believe the network, fear that the server does not know to shut down, so send an ACK after entering the TIME_WAIT state, if the server does not receive

To the ACK can be re-transmitted ".

After the server receives an ACK, "You know you can disconnect."

Client side waiting for 2MSL still not received a reply, the server side has been properly shut down, well, I can also close the client terminal connection. In this way, the TCP connection is turned off!

MSL means that the maximum segment life cycle (Maximum Segment Lifetime) indicates when a packet exists between the network and discarded. Each IP packet has a TTL (time_to_live) and the packet is discarded when it is reduced to 0 o'clock.

Each router decrements the TTL and transmits the packet. When a program enters the TIME_WAIT state, he has 2 MSL time, which allows TCP to resend the final ACK, in case the last ACK is lost, so that fin is retransmitted.

After the 2MSL wait state is complete, the socket enters the closed state.

The entire process client is experiencing the following status:

The process that the server undergoes is as follows:

Note: in the time_wait state, if the last ACK sent by the TCP client is lost, it is re-sent. The time required in the TIME_WAIT state is dependent on the implementation method. Typical values are 30 seconds, 1 minutes, and 2 minutes. The connection is formally closed after waiting, and all resources (including the port number) are released.

Question 1: Why is the connection a three-time handshake, when it is closed four times handshake?
The syn+ack message can be sent directly after the server receives the SYN connection request message from the client side. Where the ACK message is used to answer, the SYN message is used for synchronization. But when the connection is closed, when the server side

When the fin message is received, it is likely that the socket will not be closed immediately, so you can only reply to an ACK message to the client side, "I received the fin message you sent." Only when all the messages on my server end are sent, I

To send fin messages, so they cannot be sent together. Therefore, four-step handshake is required.

Question 2: Why does the time_wait state need to go through 2MSL (maximum message segment lifetime) to return to the close state?

Although according to reason, four messages are sent, we can go directly to the close state, but we must pretend that the network is unreliable, there can be a last ACK lost. So the TIME_WAIT state is used to re-send

The possible missing ACK message.

Three, WINSOCKS2 closed socket functions are: Closesocket,shutdown,wsasenddisconnect.

  The function of int closesocket (socket s) is to close the specified socket and reclaim all of its resources.

int shutdown (socket s, int how) is used for any type of socket to prohibit receiving, prohibit sending, or prohibit send and receive, but does not recycle resources.

If the How parameter is 0 o'clock, subsequent receive operations on the socket will be disabled. This has no effect on low-level protocols.

How is 1 o'clock, the subsequent send operation is forbidden. For TCP, FIN is sent.

How is 2 o'clock, it is also forbidden to receive and send.

Transport layer (i) TCP three-time handshake and four wave and close socket principle

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.