This article is part of the network Protocol Must Know must know
Mountains have peaks, the sea has the other shore, long road, there will be turn, bitter aftertaste, there will be back to gan. Don’t be defeated by the present ordeal, maybe the light is in the moment before you give up. Dream a happy dream with a happy heart. Wake up to a new day.
No books in the world can bring you good luck, but they can make you quietly your own
preface
TCP is a reliable connection service at the transport layer. To accurately transfer data,TCP adopts the three-way handshake and four-way wave. This is talking about three handshakes
TCP header format
The TCP header data format is usually 20 bytes plus variable fields. There are six special identification bits, namely URG,ACK,PSH,RST,SYN, and FIN. The locations are shown in the figure below
| Identify a | meaning |
|---|---|
| URG | Emergency pointer valid |
| ACK | Confirm serial number is valid |
| PSH | The receiver should deliver the packet segment to the application layer as soon as possible |
| RST | Reconstruction of connection |
| SYN | The synchronization number is used to initiate a connection |
| FIN | The sender completes the sending task |
The identifier used in this article is the SYN ACK bit, which is set to 1 and defaults to 0 otherwise. This is also used for the 32-bit Sequence number and 32-bit Acknowledgment number, which is used to store the initial ISN.
Acknowledgment Acknowledgment Acknowledgment Acknowledgment Acknowledgment Acknowledgment Acknowledgment Acknowledgment Acknowledgment Acknowledgment Acknowledgment Acknowledgment
Three-way handshake
Popular said
Like two people on the phone, the following dialogue is used to confirm their connection:
A: Hello, this is A. Can you hear me clearly?
B: Hello A, this is B, I can hear you clearly, can you hear me clearly?
A: Hello B, I can hear you clearly.
At this point, both of them know that the communication quality is good, and they start to talk about it
Normal said
SYN ACK, SEQ, and ACK are used during the three-way handshake.
First handshake (client): Sends the request. TCP SYN=1 ACK=0, and SEQ is set to the ISN of the local host.
Second handshake (server): After receiving data from the client and agreeing to the connection, the server sends the request. In TCP, SYN=1 ACK=1, SEQ is set to the ISN of the host, and ACK is set to the ISN+1 of the client
Third handshake (requestor): After receiving the server information, the server sends the request. In TCP, SYN=0 ACK=1, SEQ is set to the ISN+1, and ACK is set to the ISN+1 of the server
Figure as follows
Example: 20.1.0.1 is my computer,20.1.0.128 is a virtual machine on my computer
Use tcpdump to listen on ens33(virtual machine network card) port 80(nginx) on 128
Tcpdump -i ens33 port 80 and host 20.1.0.1 -s-nCopy the codeUse Telnet to request port 80 of 20.1.0.128 on 1 computer
Telnet 20.1.0.128 80Copy the codeThe tcpdump listening logs are as follows
10:26:24.162036 IP 20.1.0.1.57520 > 20.1.0.128.http: Flags [S], seq 1045570310, win 64240, options [mss 1460,nop,wscale 8,nop,nop,sackOK], length 0
10:26:24.162273 IP 20.1.0.128.http > 20.1.0.1.57520: Flags [S.], seq 3342867055, ack 1045570311, win 29200, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
10:26:24.162497 IP 20.1.0.1.57520 > 20.1.0.128.http: Flags [.], ack 3342867056, win 2053, length 0
Copy the codeAn attack on the three-way handshake
SYN Flood
After the client sends the first handshake, the server still sends SYN+ACK. If the handshake fails, the server discards the connection only after multiple retries. This time is about 30s-2min (different time Settings are different). If a large number of users simulate such data and the server spends all its resources responding to the wrong data, the server cannot properly respond to the requests of real customers, at which point the customer will think that the server is in trouble
The rest will be added later…
conclusion
As far as the letter is not as good, the above content is purely one’s opinion, due to the limited personal ability, it is inevitable that there are omissions and mistakes, if you find bugs or have better suggestions, welcome criticism and correction, don’t hesitate to appreciate
If you like my article, you can [follow]+[like]+[comment], your three even is my forward motivation, looking forward to growing with you ~
Source: author: ZOUZDC links: https://juejin.cn/post/7028963866063306760 re the nuggets copyright owned by the author. Commercial reprint please contact the author for authorization, non-commercial reprint please indicate the source.Copy the code