Interviewer: Can you tell me why TCP needs three handshakes and four waves?

The TCP protocol is a connection-oriented, reliable, byte stream-based transport layer communication protocol. TCP is a full-duplex mode that requires three handshakes to establish a connection and four handshakes to close the connection.

Three-way handshake

Three-way handshake means that when establishing a TCP connection, the client and server need to send a total of three messages.

The purpose of the three-way handshake is to connect to the server's designated port, establish a TCP connection, synchronize the sequence numbers and confirmation numbers of both parties, and exchange TCP window size information. In socket programming, when the client executes connect(), a three-way handshake will be triggered. The three-way handshake process is as follows:

picture

At the beginning, both the client and the server are in the CLOSED state, and then the server process is in the LISTEN state, waiting for the client's connection request.

1. First handshake (sending SYN): The client sends a connection request to the server, with the client sequence number seq, and then enters the SYN_SENT (synchronous sent) state, waiting for confirmation from the server.
2. Second handshake (sending SYN+ACK): The server receives the connection request, agrees to establish the connection, and then sends a confirmation connection message to the client, along with a connection request to the client. At this time, the server enters the SYN_RCVD (synchronous received) state.
3. The third handshake (sending ACK): The client receives the confirmation message from the server and sends a confirmation message to the server. At this time, the TCP connection has been established and the client enters the ESTABLISHED state. When the server receives the confirmation message sent by the client, it will also enter the ESTABLISHED state, completing the three-way handshake.

Why is a three-way handshake needed instead of a two-way handshake? The purpose of the three-way handshake is to prevent an invalid connection request from being suddenly sent to the server, causing an error.

Assume that a two-way handshake is used to establish a connection. The client sends a connection request to the server for the first time. Due to network delay, it has not reached the server. So the client sends a connection request to the server again. After receiving the connection request, the server replies to the client to confirm and establish the connection. However, the network delay is restored at this time, and the server receives the connection request sent by the client for the first time. The server believes that the client has initiated a connection again, replies to confirm again, and another connection is established.

The server thinks there are two connections, while the client thinks there is one connection, resulting in inconsistent data status.

As for why the four-way handshake is not used like disconnection, it is because the server combines the connection confirmation request and the connection establishment request sent to the client into one request and sends it to the client.

Four waves

Four waves means that when a TCP connection is disconnected, the client and server need to send a total of 4 messages to confirm the disconnection of the connection. The process of four waves is as follows:

picture

1. First wave (sending FIN): When one party in communication completes the data sending task and needs to close the connection, it will send a FIN (end) message segment and enter the FIN_WAIT_1 state. Either the client or the server can actively initiate a request to close the connection.
2. Second wave (sending ACK): After receiving the FIN segment, the server sends an ACK segment as a response and enters the CLOSE-WAIT state. After receiving the ACK, the client enters the FIN-WAIT-2 state. At this time, the connection between the client and the server has been disconnected, and the server can still continue to send data to the client.
3. The third wave (sending FIN): After the server completes the data transmission, it sends a FIN segment to request to close the connection and enter the LAST-ACK state.
4. Fourth wave (send ACK): After receiving the FIN packet from the server, the client sends an ACK segment as a response and enters the TIME-WAIT state. After 2MSL, the client enters the CLOSED state. After receiving the ACK packet from the client, the server enters the CLOSED state and the connection is finally closed.

Why do we need to wave four times?

Since the TCP connection is full-duplex, that is, data can flow in both directions, each direction must be closed separately. Closing the connection in one direction requires one request and one confirmation, which ultimately requires four requests.

Why can't it be three times? Can't the second and third times be combined into one like establishing a connection?

Because in the second request, the server sends a confirmation to the client to close the connection. At this time, the server may have some data that has not been transmitted yet and needs to continue sending data to the client. It cannot be merged with the connection closing request sent by the server to the client, so it needs to be split into two connection requests.