Home >Operation and Maintenance >Safety >Example analysis of TCP three-way handshake to establish a link and four-way wave to break the link

Example analysis of TCP three-way handshake to establish a link and four-way wave to break the link

WBOY
WBOYforward
2023-05-11 22:34:241000browse

One step at a time.

Let’s briefly introduce the TCP protocol.

TCP (Transmission Control Protocol) is a connection-oriented, reliable, byte stream-based transport layer protocol. It's complicated, but it's a basic skill that both programmers and operation and maintenance personnel must know.

Object-oriented - The two parties need to establish a connection in advance before communicating. This is like making a phone call in real life. The phone must be dialed before communication can occur.

Reliable - There are many rules in the TCP protocol to ensure the reliability of communication links, including application of data separation, retransmission mechanism, header and data verification, and sorting of received data. Then it is handed over to the application layer, and the receiving end will discard duplicate data and perform flow control.

TCP data is encapsulated in an IP datagram, the format is as follows:

Example analysis of TCP three-way handshake to establish a link and four-way wave to break the link

Contains: port number [16bit], sequence number [32bit], offset [4bit], Reserved [6bit], flag [6bit], window size (window) [16bit], checksum [16bit], emergency pointer [16bit], TCP options

Things to note here:

  • TCP packets do not have IP addresses. That is a matter on the IP layer, but they have source ports and destination ports.

  • A TCP connection requires four tuples to represent the same connection (src_ip, src_port, dst_ip, dst_port). To be precise, it is a five-tuple, and one is the protocol. But since we are only talking about the TCP protocol here, I only talk about quadruples here.

  • Sequence Number is the sequence number of the packet, is used to solve the problem of network packet reordering.

  • Acknowledgement Number is ACK - used to confirm receipt, is used to solve the problem of not losing packets.

  • Window is also called Advertised-Window, which is also the famous sliding window (Sliding Window), is used to solve flow control.

  • TCP Flag, which is the type of packet, is mainly used to control the TCP state machine.

    URG: The emergency pointer is valid

    ACK: The confirmation sequence number is valid

    PSH: The receiver should hand this segment to the application layer as soon as possible

    RST : Rebuilding the connection

    SYN: Synchronization sequence number, used to initiate a connection

    FIN: The originator completes the sending task (actively closes)

Three-way handshake established Link

1. The requesting end (client) sends a SYN=1 to indicate the port of the server the client intends to connect to. TCP stipulates that data cannot be carried when SYN=1, but a sequence number is consumed, so Declare your initial sequence number seq as a random number assuming seq=x.

2. The server confirms the client message segment and sets the confirmation sequence number to ACK=x 1. At the same time, it also requests to connect to the client, sends SYN=1, and sends the initial seq number assuming seq=y.

3. The client confirms the server message segment, sends the confirmation sequence number and agrees to establish a connection with the server ACK=y 1.

These three message segments complete the establishment of the connection. This process is also called a three-way handshake

Wave four times to disconnect the link

1. Host 1 (can be a client or a server), set the Sequence Number and Acknowledgment Number, send a FIN segment to host 2; at this time, host 1 enters the FIN_WAIT_1 state; this means that host 1 has no data to send to host 2;

2. Host 2 received the The FIN message segment sent by 1 returns an ACK message segment to host 1. The Acknowledgment Number is the Sequence Number plus 1; host 1 enters the FIN_WAIT_2 state; host 2 tells host 1 that I have no data to send and can close the connection. ;

3. Host 2 sends a FIN segment to host 1, requesting to close the connection, and host 2 enters the CLOSE_WAIT state;

4. Host 1 receives the FIN sent by host 2 segment, send an ACK segment to Host 2, and then Host 1 enters the TIME_WAIT state; after Host 2 receives the ACK segment from Host 1, it closes the connection; at this time, Host 1 still does not receive a reply after waiting for 2MSL. , it proves that the server side has been closed normally, then host 1 can also close the connection.

So far, TCP’s four breakups have been happily completed.

The icons for establishing and disconnecting links are as follows:

Example analysis of TCP three-way handshake to establish a link and four-way wave to break the link

Let’s break down why it is a three-way handshake?

In order to prevent the invalid link request segment from being suddenly transmitted to the server, causing an error. Give a chestnut.

The first connection request message segment sent by the client was not lost, but stayed at a certain network node for a long time, so that it was delayed until a certain time after the connection was released before reaching the server. It turns out that this is a message segment that has long since expired. However, after the server receives this invalid connection request segment, it mistakenly thinks that it is a new connection request sent by the client again. So it sends a confirmation message segment to the client and agrees to establish the connection. Assuming that the "three-way handshake" is not used, as long as the server sends a confirmation, a new connection is established. Since the client has not issued a request to establish a connection, it will not pay attention to the server's confirmation and will not send data to the server. But the server thinks that a new transport connection has been established and has been waiting for the client to send data. In this way, many resources of the server are wasted. The "three-way handshake" method can prevent the above phenomenon from happening. For example, in the situation just now, the client will not send a confirmation to the server's confirmation. Since the server cannot receive the confirmation, it knows that the client did not ask to establish a connection. "

This is very clear, preventing the server from waiting and wasting resources.

So why are there four waves?

TCP protocol is a oriented A connected, reliable, byte stream-based transport layer communication protocol. TCP is a full-duplex mode, which means that when host 1 sends a FIN segment, it only means that host 1 has no data to send. 1 tells host 2 that all its data has been sent; however, host 1 can still accept data from host 2 at this time; when host 2 returns an ACK message segment, it means that it already knows that host 1 has no data to send. But Host 2 can still send data to Host 1; when Host 2 also sends a FIN segment, it means that Host 2 has no data to send, and it will tell Host 1 that I have no data to send. , then each other will happily terminate the TCP connection. If you want to correctly understand the principles of the four breakups, you need to understand the state changes during the four breakups.

The above is the detailed content of Example analysis of TCP three-way handshake to establish a link and four-way wave to break the link. For more information, please follow other related articles on the PHP Chinese website!

Statement:
This article is reproduced at:yisu.com. If there is any infringement, please contact admin@php.cn delete