What does it mean to connect?

When we talk about TCP, we often talk about the three-way handshake, the four-way wave, and the means used to ensure the reliable transmission of information. It seems that we are embarrassed to say that we know him without mentioning him, but what does the connection really mean? Ethernet cables are always connected. We don’t have to plug it.

Actually, the connection here refers to the exchange of information between the communication parties. It is the operation of recording some necessary information in the socket and preparing the subsequent data sending and receiving.

It right from the start, after the success of the socket is created, and he who does not know and communication, like new creatures, it is unknown to the world, this time not to connect, protocol stack also don’t know who to send the data to, therefore, we need to tell each other server IP and port number to protocol stack, which is one of the join operation purpose, in the same way, The socket on the server side also does not know who to communicate with after it creates the ServerSocket. Therefore, the client needs to tell the server the necessary information. It sends the server “I want you to communicate with me, my IP address is XXX.XXX.xxx.xxx, and the port number is XXXX”. Another purpose of the connection operation is for the client to send a request to the server to begin communication.

Now we know that the connection is actually the exchange of control information between the communication parties. The necessary information is recorded in the socket. The control information is the information needed to control the sending and receiving of data, such as IP address and port, and other control information.

The TCP header

The above control information can be broadly divided into two categories.

The first is the control information exchanged when the client and server communicate with each other. Such information is required not only during connection, but also during the whole communication process, including data sending and receiving and disconnection operation. These fields are fixed. During connection, receiving and disconnection, each communication between the client and server needs to provide such control information. This information is added to the beginning of the network packet passed between the client and server.

Another class is stored in sockets and is used to control information about stack operations

In the connection stage, there is no actual data in the network packet, but only the control information, which is located at the beginning of the network packet and is called the header. IP protocol also has its own control information, which is also called the header, which is generally referred to as the TCP header and IP header. This is similar to HTTP headers, which we manipulate a lot, but TCP headers are rarely manipulated, and are therefore unfamiliar.

The following figure shows the TCP header

• Source port: A 16-bit field that specifies the port number of the sender.
• Destination port: A 16-bit field that specifies the port number of the receiver.
• Serial number: The serial number is a 32-bit field in which the sender tells the receiver the number of bytes in which the packet corresponds to all the data sent.
• Acknowledgement sequence number: The byte number in which the receiver tells the sender that all data has been received.
• Data offset: Indicates the starting position of the data portion.
• Flag bit: There are six flag bits

1. URG: emergency bit. When URG=1, the emergency pointer field is valid. It tells the system that there is urgent data in this message and it should be transmitted as soon as possible.
2. ACK: Acknowledgement bit. The acknowledgement number field is valid only when ACK=1.
3. PSH: push bit. When TCP receives a packet with a push ratio of 1, the packet is delivered to the receiving application as soon as possible instead of being sent up after the entire cache is filled up.
4. RST: Reset bit. When RST=1, it indicates that there is a serious error in the TCP connection and the connection must be released before being re-established.
5. SYN: Synchronization bit. When SYN=1, it indicates a connection or a connection to receive a packet.
6. FIN: Terminate bit, used to release a connection. When it is 1, it indicates that the sender of the packet segment has finished data and requires the connection to be released.

• Window field: Receiver tells sender window size. The window field is used to control the amount of data sent by the other party, in bytes. One end of the TCP connection determines the size of its own receiving window based on the size of the cache space, and then notifies the other end to determine the upper limit of the sending window.
• Checksum: Used to check for errors.
• Emergency pointer: Indicates the location of data for emergency processing.
• Option: TCP specifies only one option, the maximum segment, which tells TCP the maximum length of a field in a segment that my cache can receive.
• Reserved: 6 bits reserved for future use.

The process of establishing a connection

Before a client can attempt to connect to the server, the server must first bind and listen to a port. Setting up a connection consists of three steps:

1. The client sends SYN to the server:

Is the process of establishing a connection from the connect function, the client will create a first start data transceiver operation control information in the head, the SYN is set to 1, ACK is set to 0, then sent to the server that the client want to start the communication, the news and some other information, such as serial Numbers, is any 32-bit random number, The client enters the SYN_SEND state.

Here’s an example.

The serial number123456(My initial sequence number) SYN flag1ACK flag0The source IP address192.168. 0101.(My IP address) Destination IP address192.168. 0106.(Web server IP address) Source TCP port number57452Destination TCP port number8080
Copy the code

This graph shows that after the first handshake, the server has the ability to receive and the client has the ability to send.

2. The server replies to the client with SYN and ACK:

The ACK flag and the SYN flag are both set to 1 and the other TCP flags are set to 0. The SYN flag is set to 1 to inform the client that the server is willing to open a TCP session with the client. The ACK confirmation number is larger than the received sequence number. In the example above, the server generates an initial sequence number (ISN) such as 34567. The confirmation number is 123457, which is used to notify that the previous data was successfully received.

The serial number34567(Initial serial number of the Web server) confirmation number123457(Confirmation number of the Web server) SYN flag1ACK flag1The source IP address192.168. 0106.(Web server IP address) Destination IP address192.168. 0101.Source TCP port number8080Destination TCP port number57452
Copy the code

3. Client sends ACK to server:

After receiving the SYN from the server, the client sets the ACK flag to 1, the SYN flag to 0, confirms that the sequence number will be set to the received sequence number +1, and sends it to the server.

The serial number34567845Confirmation no.34568The SYN flag0ACK flag1The source IP address192.168. 0101.(My IP address) Destination IP address192.168. 0106.(Web server IP address) Source TCP port number57452Destination TCP port number8080
Copy the code

Once the TCP three-way handshake ACK message has been sent, the TCP connection has been established and you can now start communicating reliably using TCP.

So why three rather than two or four? On this question, after a lot of reference, finally turned out the Example in Xie Xiren’s “Computer Network”, which said so

“The segment of the first connection request packet sent by the client is not lost, but is delayed at a network node for a long time. As a result, it does not reach the server until a certain time after the connection is released. Originally, this is an invalid packet segment. However, after the server receives the invalid connection request packet segment, it mistakenly thinks it is a new connection request sent by the client. Then the client sends a confirmation message to agree to establish a connection. Assuming that the “three-way handshake” is not used, a new connection is established as soon as the server sends an acknowledgement. Since the client does not send a connection request, it ignores the server’s confirmation and does not send data to the server. However, the server assumes that the new transport connection has been established and waits for data from the client. As a result, many of the server’s resources are wasted. The three-way handshake prevents this from happening. For example, the client does not issue an acknowledgement to the server’s acknowledgement. When the server receives no acknowledgement, it knows that the client has not requested a connection.

And TCP protocol communication both sides must maintain a sequence number, three-way handshake communication is the process of mutual told the value of the serial number and confirm each other have already received sequence number starting value, if just shake hands, twice as much as only connection sponsors starting serial number can be confirmed that the serial number of the other party is not confirmed.

Caught analysis

Wireshark can be used to capture packets and analyze the three-way handshake packets in detail. However, The Wireshark is powerful enough to capture all packets in view, so it provides flexible filtering functions. You can use wireshark to display only packets with original and destination addresses, as shown in the following figure.

192.168.0.108 address is another computer, the local COMPUTER IP is 192.168.0.101.

The following code, run locally, listens on port 9999, prints “ABC” when a client comes in, and then reads data from the client.

import java.io.IOException;
import java.net.ServerSocket;
import java.net.Socket;

public class Server {
    public static void main(String[] args) {
        try {
            ServerSocket serverSocket = new ServerSocket(9999);
            while (true) {
                Socket accept = serverSocket.accept();
                accept.getOutputStream().write("abc".getBytes());
                byte[] bytes = new byte[2048];
                int read = accept.getInputStream().read(bytes);
                System.out.println(new String(bytes, 0, read)); }}catch(IOException e) { e.printStackTrace(); }}}Copy the code

Then run the following code on another computer.

import java.io.IOException;
import java.net.Socket;

public class Main {
    public static void main(String[] args) {
        try {
            Socket socket = new Socket("192.168.0.101".9999);
            byte[] bytes = new byte[2048];
            int read = socket.getInputStream().read(bytes);
            System.out.println(new String(bytes, 0, read));
            socket.getOutputStream().write("ab".getBytes());
        } catch(IOException e) { e.printStackTrace(); }}}Copy the code

The following figure shows all packets caught in this communication.

The first handshake packet is as follows: SYN is 1, ACK is 0, and SEQ is 0.

192.168.0.101 is sent to 192.168.0.108. ACK and SYN are both 1. ACK should be X +1, where x is the sequence number of the first handshake, so it ends with 1.

The third handshake is when the client returns a simple acknowledgement packet to the server, that is, only ACK is 1.

Then the server will actively send the character “ABC” to the client, so the fourth packet is sent from 192.168.0.101 to 192.168.0.108. The last three bytes of the packet are the sent data, which is “ABC”.

There is a sea of knowledge about TCP.