Small knowledge, big challenge! This paper is participating in theEssentials for programmers”Creative activities.

preface

Recently, I am systematically learning computer network related knowledge, and I did not care about these basics before. However, there are many problems on the Internet recently, and I found this short board needs to be made up, so I wrote several blogs to sort it out

Three handshakes and four Waves There are many tutorials on the web, this article is mainly a general description and related verification

The body of the

TCP packet

structure

Figure is the TCP packet structure, excerpted from the computer network principle self-examination textbook book

  • Both source and destination ports are known
  • Serial number (seq)Is the ordinal number of the first byte of encapsulated data
  • Confirmation serial number (ACK_SEq)A byte number is the number of bytes expected to receive data from the other party, ensuring that TCP transfers are orderly
  • The length of the firstIt refers to the size of the header of the packet segment, in unit of 4 bytes. For example, if the header length is 5, the length of the header of the TCP segment is 20
  • URG=1It means urgent data needs to be transmitted as soon as possible. High priority
  • ACK=1Indicates that the field is valid
  • RST=1Indicates that the connection needs to be re-established
  • SYN=1Represents a new link request control section or a new link approval section
  • FIN=1The TCP connection is released after data is sent
  • Accept the windowRepresents the maximum amount of data received by the receiving party for flow control
  • Populate the fieldsI want the whole head to be an integer multiple of 4

validation

The following information is displayed when the wireshark is used to capture packets

Three-way handshake

The reason for shaking hands three times is simply to make sure that the communication links between the two parties are fine for sending and receiving data

validation

You go to a random page in a browser and you get the remote IP

Then find the TCP connection in wireshark

TCP && IP. DST = = 115.231.152.242 | | IP. The SRC = = 115.231.152.242

(Please don’t care if the data in my screenshot is different)

The picture below shows the first handshake

Second handshake

Ack_seq = seq+1 for the first handshake

Third handshake

You can see that seq= seq+1 for the first handshake ack_seq= seq+1 for the second handshake

Four times to wave

process

The same four waves are used to ensure a reliable disconnection process. Since both parties have sent the process of disconnection (FIN=1), this means that all data has been accepted

validation

Query TCP tcp.flags. FIN= =1. The result is as follows

IP and then modify the query conditions. DST = = 121.40.184.75 | | IP. The SRC = = 121.40.184.75

Each parameter is verified by itself