This article is part of the network Protocol Must Know must know
Mountains have peaks, the sea has the other shore, long road, there will be turn, bitter aftertaste, there will be back to gan. Don’t be defeated by the present ordeal, maybe the light is in the moment before you give up. Dream a happy dream with a happy heart. Wake up to a new day.
No books in the world can bring you good luck, but they can make you quietly your own
preface
TCP is a reliable connection service at the transport layer. To accurately transfer data,TCP adopts the three-way handshake and four-way wave. This is about four waves of the hand (also known as four handshakes)
TCP header format
The format of TCP header data is usually 20 bytes plus variable fields. There are six special identification bits, namely URG,ACK,PSH,RST,SYN,FIN, etc., as shown in the figure below
| Identify a | meaning |
|---|---|
| URG | Emergency pointer valid |
| ACK | Confirm serial number is valid |
| PSH | The receiver should deliver the packet segment to the application layer as soon as possible |
| RST | Reset, close abnormal connection |
| SYN | The synchronization number is used to initiate a connection |
| FIN | The sender completes the sending task |
| . |
The identifier used in this article is the ACK FIN bit, which is set to 1 and defaults to 0 otherwise. This is also used for the 32-bit Sequence number and 32-bit Acknowledgment number, which is used to store the initial ISN.
A. Lower case ACK FIN represents the flag bit, lower case SEq represents the Sequence number, and lower case ACK represents the number,
Four times to wave
Popular said
If the client is disconnected first
Client: I have finished sending data. I can close the connection.
Server: Yes, as soon as I finish sending the data.
Server: I am finished sending data, and I can close the connection.
Client: Yes.
The server then closes the connection, and the client closes the connection after a specified period of time.
Normal said
Take the client being disconnected as an example:
During the four swings, ACK FIN, SEq, and ACK are used.
First handshake (client): Send the request. Set FIN=1 in TCP and SEQ to the ISN of the local host.
Second handshake (server): After receiving data from the client, the request is sent. ACK=1 is set in TCP, SEQ is set to the ISN of the host, and ACK is set to the ISN+1 of the client
Third handshake (server): After data transmission is complete, the server sends the request. Set ACK=1, FIN=1, SEQ to ISN2, and THE ISN+1 on the client
Fourth handshake (client): After receiving the return message, the client sends a request. Set ACK=1 in TCP, ISN+1 in SEQ, and ISN2+1 in ACK
The server closes the connection, and the client waits 2MSL to close it again.
Figure as follows
Example: 20.1.0.1 is my computer,20.1.0.128 is a virtual machine on my computer
Use tcpdump to listen on ens33(virtual machine network card) port 80(nginx) on 128
Tcpdump -i ens33 port 80 and host 20.1.0.1 -s-nCopy the codeUse Telnet to request port 80 of 20.1.0.128 on 1 computer
Telnet 20.1.0.128 80Copy the codeAnd then Ctrl+C
The tcpdump listening logs are as follows
Ctrl + C data
10:33:19.377458 IP 20.1.0.1.58633 > 20.1.0.128. HTTP: Flags [P.], seq 2066280967:2066280968, ack 3607501457, win 2053, length 1: HTTP 10:33:19.377573 IP 20.1.0.128.http > 20.1.0.1.58633: Flags [.], ACK 2066280968, win 229, length 0 10:33:19.377855 IP 20.1.0.128.http > 20.1.0.1.58633: Flags [P.], SEQ 3607501457:3607501766, ACK 2066280968, Win 229, Length 309: HTTP: HTTP/1.1 400 Bad RequestCopy the codeFour waves of data
10:33:19.378017 IP 20.1.0.128.http > 20.1.0.1.58633: Flags [F.], SEQ 3607501766, ACK 2066280968, Win 229, length 0 10:33:19.378079 IP 20.1.0.1.58633 > 20.1.0.128. HTTP: Flags [.], ACK 3607501767, win 2051, length 0 10:33:19.382138 IP 20.1.0.1.58633 > 20.1.0.128. HTTP: Flags [F.], SEQ 2066280968, ACK 3607501767, win 2051, length 0 10:33:19.382234 IP 20.1.0.128.http > 20.1.0.1.58633: Flags [.], ack 2066280969, win 229, length 0Copy the codeAn attack against four waves
FIN Flood
RST Flood
.
conclusion
As far as the letter is not as good, the above content is purely one’s opinion, due to the limited personal ability, it is inevitable that there are omissions and mistakes, if you find bugs or have better suggestions, welcome criticism and correction, don’t hesitate to appreciate
If you like my article, you can [follow]+[like]+[comment], your three even is my forward motivation, looking forward to growing with you ~
Source: author: ZOUZDC links: https://juejin.cn/post/7028963866063306760 re the nuggets copyright owned by the author. Commercial reprint please contact the author for authorization, non-commercial reprint please indicate the source.Copy the code