TCP three-way handshake and four-way wave and 11 states

  [[331585]]

Source: 22j.co/buCw

Three-way handshake

Position concept: According to the TCP packet header field, there are three important flags: ACK, SYN, and FIN

ACK: indicates the verification field SYN: the bit is set to 1, indicating the establishment of a TCP connection FIN: the bit is set to 1, indicating the disconnection of a TCP connection

Description of the three-way handshake process:

1. The client sends a request message to establish a TCP connection. The message contains a seq sequence number, which is randomly generated by the sender, and the SYN field in the message is set to 1, indicating that a TCP connection needs to be established. (SYN=1, seq=x, x is a randomly generated value)

2. The server replies to the TCP connection request message sent by the client, which contains the seq sequence number, which is randomly generated by the replying end, and sets SYN to 1, and generates an ACK field. The ACK field value is based on the sequence number seq sent by the client plus 1 for reply, so that when the client receives the information, it knows that its TCP establishment request has been verified. (SYN=1, ACK=x+1, seq=y, y is a randomly generated value) The ack plus 1 here can be understood as confirming who to establish a connection with.

3. After the client receives the TCP establishment verification request sent by the server, it will increase its sequence number by 1, and reply to the ACK verification request again, adding 1 to the seq sent by the server. (SYN=1, ACK=y+1, seq=x+1)

Four waves

Description of the four-wave process:

1. The client sends a TCP disconnect request message, which contains the seq sequence number, which is randomly generated by the sender, and also sets the FIN field in the message to 1, indicating that the TCP connection needs to be disconnected. (FIN=1, seq=x, x is randomly generated by the client)

2. The server will reply to the TCP disconnect request message sent by the client, which contains the seq sequence number, which is randomly generated by the replying end, and will generate an ACK field. The ACK field value is based on the seq sequence number sent by the client plus 1 for reply, so that when the client receives the information, it knows that its TCP disconnect request has been verified. (FIN=1, ACK=x+1, seq=y, y is randomly generated by the server)

3. After the server responds to the client's TCP disconnect request, it will not immediately disconnect the TCP connection. The server will first ensure that all data transmitted to A has been transmitted before disconnecting. Once it confirms that the data transmission is complete, it will set the FIN field of the reply message to 1 and generate a random seq sequence number. (FIN=1, ACK=x+1, seq=z, z is randomly generated by the server)

4. After receiving the TCP disconnect request from the server, the client will reply to the server's disconnect request, including the randomly generated seq field and ACK field. The ACK field will add 1 to the seq of the server's TCP disconnect request, thereby completing the verification reply requested by the server. (FIN=1, ACK=z+1, seq=h, h is randomly generated by the client)

At this point, the 4-wave process of TCP disconnection is completed

11 states

1. At the beginning, before the connection is established, the status of the server and the client is CLOSED;

2. After the server creates the socket, it starts listening and changes to the LISTEN state;

3. The client requests to establish a connection and sends a SYN message to the server. The client's status changes to SYN_SENT;

4. After receiving the client's message, the server sends ACK and SYN messages to the client. At this time, the server's state changes to SYN_RCVD;

5. Then, the client receives ACK and SYN, and sends ACK to the server, and the client status changes to ESTABLISHED;

6. After receiving the ACK from the client, the server changes to ESTABLISHED. At this point, the three-way handshake is completed and the connection is established!

Since TCP connections are full-duplex, disconnecting is a little more troublesome than establishing a connection.

1. The client first sends a FIN message to the server, requesting to disconnect, and its status changes to FIN_WAIT1;

2. After receiving FIN, the server sends ACK to the client, and the server status is CLOSE_WAIT;

3. After receiving the ACK, the client enters the FIN_WAIT2 state, at which point the connection is halfway disconnected. If the server still has data to send to the client, it will continue to send it;

4. After all data is sent, a FIN message will be sent, and the server will enter the LAST_ACK state;

5. After receiving the FIN from the server, the client immediately sends an ACK to the server, and then the client enters the TIME_WAIT state;

6. After another 2MSL, the server enters the CLOSED state. The server enters the CLOSED state when it receives the ACK from the client.

At this point, there is still one state that has not been released: the CLOSING state.

The CLOSING state means: the client sent a FIN, but did not receive an ACK from the server, but received a FIN from the server. This happens when the ACK sent by the server is lost, because network transmission sometimes has unexpected events.

LISTEN: Wait for a connection request from any remote TCP and port.

SYN_SENT: Waiting for a matching connection request after sending a connection request.

SYN_RECEIVED: Sends a connection request and waits for connection request confirmation after receiving a matching connection request.

ESTABLISHED: Indicates an open connection and received data can be delivered to the user. The normal state of the data transfer phase of the connection.

FIN_WAIT_1: Waiting for the remote TCP connection termination request, or waiting for confirmation of the previously sent connection termination request.

FIN_WAIT_2: Waiting for the remote TCP connection termination request.

CLOSE_WAIT: Waiting for the local user's connection termination request.

CLOSING: Waiting for the remote TCP connection termination request confirmation.

LAST_ACK: Waiting for confirmation of the connection termination request previously sent to the remote TCP (including confirmation of the connection termination request of its bytes)

TIME_WAIT: Wait for enough time to elapse to ensure that the remote TCP received acknowledgment of its connection termination request.

TIME_WAIT exists for two reasons:

Reliably implement the termination of TCP full-duplex connections;

Allow old duplicate sections to fade away in the network.

CLOSED: Not in the connected state (this is a hypothetical state for the convenience of description and does not actually exist)