【 abstract 】This paper focuses on the process of handshake and wave in TCP protocol in computer network.

[Prerequisite]

Some time ago, I saw an article about TCP/IP model. I thought I used Wireshark to catch some packets at home, so I thought I need to review the network knowledge, so this blog came into being. Of course, the Internet about TCP related knowledge is also numerous, idle can also be more in-depth understanding of Google, this paper focuses on the analysis of TCP protocol handshake and wave process.

[Preparation before packet capture]

Since I want to catch bags, MY equipment is a PC, the operating system is Mac OS. The wireshark is used to capture packets. For details about how to install the wireshark and some basic operations, please refer to this article.

Using the local computer to simulate server and client, both are localhost addresses, but I chose different ports for identification. Port number of the server: 12345; The port number of the client is 50784. Wireshark: Loopback:lo0 wireshark :lo0 Loopback:lo0

Here is my code for simulating client and server:

1) the server side

01 - Python code#! /usr/bin/python
02
# -*- coding: utf-8 -*-
03
 
04
import socket
05
 
06
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
07
 
08
server_address = ('127.0.0.1'09, 12345)print "Starting up on %s:%s" % server_address
10
sock.bind(server_address)
11
 
12
sock.listen(1)
13
 
14
while True:
15
    print "Waiting for a connection"
16
    connection, client_address = sock.accept()
17
 
18
    try:
19
        print "Connection from", client_address
20
 
21
        data = connection.recv(1024)
22
        print "Receive '%s'" % data
23
    finally:
24
        connection.close()Copy the code

2) Client-side Python code

01
# /usr/bin/python
02
# -*- coding: utf-8 -*-
03
 
04
import socket
05
 
06
def check_tcp_status(ip, port):
07
    sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
08
 
09
    server_address = (ip, port)
10
    print 'Connecting to %s:%s.' % server_address
11
    sock.connect(server_address)
12
 
13
    message = "I'm TCP client"
14
    print 'Sending "%s".' % message
15
    sock.sendall(message)
16
 
17
    print 'Closing socket.'
18
    sock.close()
19
 
20
 
21
if __name__ == "__main__":
22
    print check_tcp_status("127.0.0.1", 12345).Copy the code

If the connection is successful, the client will send a message “I’m TCP client”. The server listens to the port in an infinite loop and prints the received information to the console.

【 Result analysis 】

After seeing the console output above, let’s look at the result captured by Wireshark:

I’ve highlighted it in two colors, and you can see that the three communication processes numbered 1, 2 and 3 in the yellow box are actually what we call the three handshakes; The serial numbers 4, 5, and 6 after the handshake is established are the data transmission processes. And serial numbers 7, 8, 9 and 10 are what we call four waves.

Let’s take a closer look at the handshake and wave.

Three-way handshake


Let’s summarize the rules of handshakes:

  • First handshake: Establish a link. The client sends a link request, sends a SYN packet, and sets Seq to 0. The client then enters the SYN_SEND state, waiting for confirmation from the server.
  • Second handshake: The server receives a SYN packet from the client. You need to acknowledge this SYN segment, send an ACK packet, and set ACK to 1. Also send a SYN request, setting Seq to 0. The server sends all of the above information to the client and enters the SYN_RECV state.
  • Third handshake: After receiving ACK and SYN packets from the server, the client acknowledges them, sets ACK to 1 and Seq to 1, and sends an ACK packet to the server. After the ACK packet is sent, the client and the server enter the ESTABLISHED state. This completes the TCP three-way handshake.

Four times to wave


Then summarize the rules of the wave:

  • First wave: If the client wants to send a FIN packet to the server, Seq is set to 15 and Ack is set to 1. The client enters the FIN_WAIT_1 state. This indicates that the client has no data to send to the server and requests to close the connection.
  • Second wave: The server receives the FIN packet from the client and sends back an ACK packet with ACK set to 16 and Seq set to 1. The server enters the CLOSE_WAIT state, and the client enters the FIN_WAIT_2 state immediately after receiving the ACK message from the server.
  • Third wave: The server checks whether any data has not been sent to the client. If yes, the server sends the data to the client and then sends a FIN packet. If no, the server directly sends FIN packets to the client. Request to close the connection while the server enters the LAST_ACK state.
  • Fourth wave: The client receives the FIN packet from the server, sends an ACK packet to the server, sets Seq to 16, ACK to 2, and enters the TIME_WAIT state. The server closes the connection after receiving the ACK packet from the client. If the client waits for 2MSL and still does not receive a reply, the server is shut down and the client can close the connection.

Note the following rules: Each time one party returns an ACK packet, set ACK = the Seq value sent by the other party +1.

Understanding the TCP/IP model

After TCP, it is necessary to talk about the TCP/IP protocol model, which is the classic model of computer networks. This model evolved from the OSI model and was simplified from the original 7 layers to 5 layers, as shown in the figure below:

TCP/IP is called Transmission Control Protocol (TCP) or Internet Protocol (IP). It consists of IP protocol at the network layer and TCP protocol at the transport layer. It is a large set of protocols.

  • The physical layer and data link layer do not define any specific protocols and support all standard and proprietary protocols.
  • The network layer defines the IP protocol for network interconnection, including IP, ARP, RARP, ICMP, and IGMP.
  • The transport layer defines TCP and User Datagram Protocol (UDP), which we will focus on later.
  • The application layer defines protocols such as HTTP(Hypertext Transfer Protocol), FTP(File Transfer Protocol) and DNS(Domain name System).

The idea of TCP/IP network model stratification is a very instructive idea of system stratification. From the perspective of mapping to our software system, in fact, our software system also needs to consider layers more often, which interact with each other through interfaces. In a strictly hierarchical system, the inner layers are visible only to the adjacent layers, which makes it possible to decompose a complex problem into a sequence of incremental steps. Each layer only affects two layers at most, which facilitates maintenance.

References:

www.cnblogs.com/linyfeng/p/…

zhuanlan.zhihu.com/p/33797520

Blog.csdn.net/zhzdeng/art…

Click to follow, the first time to learn about Huawei cloud fresh technology ~