This is the 8th day of my participation in the November Gwen Challenge. Check out the event details: The last Gwen Challenge 2021

preface

The TCP three-way handshake and the four-way handshake are used to establish a connection. The TCP three-way handshake and the four-way handshake are used to establish a connection. .

1. What is TCP?

TCP is a connection-oriented protocol. It transmits TCP packets based on transport connections. The establishment and release of TCP transport connections is an essential process in every connection-oriented communication.

A TCP transport connection has the following three phases:

  • To establish a TCP connection, the three-packet handshake is used to establish a TCP connection.
  • Data transmission, that is, reliable data transmission based on established TCP connections.
  • Release the TCP connection. After data transmission, the TCP connection is released by waving four packets.

TCP transport connection management is to enable the normal establishment and release of transport connections.

2. TCP header format

Source port: a 16-bit source port number that identifies the application process that sends the TCP packet segment. Destination port: a 16-bit destination port number that identifies the application process that receives the TCP packet segment.

Serial number: contains 32 bits. The value ranges from 0 to 2^32-1. After the serial number increases to the last one, the next one returns to 0. Indicates the sequence number of the first byte of the data payload of this TCP packet segment.

Confirmation number: contains 32 bits. The value ranges from 0 to 2^32-1. After the confirmation number is added to the last one, the next one returns to 0. Indicates the sequence number of the first byte of the data payload of the next TCP segment that is expected to be received from the other party. It is also an acknowledgement of all previously received data. If the confirmation number =n, it indicates that all data up to serial number n-1 has been correctly received and data with serial number N is expected to be received.

ACK: The ACK number field is valid only when the value is 1. If the value is 0, the confirmation number field is invalid. According to TCP, ACK must be set to 1 for all TCP packet segments transmitted after the connection is established.

Data offset: 4 bits in units of 4 bytes. Indicates the distance between the start of the payload of a TCP packet segment and the start of the TCP packet segment. This field actually indicates the header length of the TCP packet segment.

Window: 16 bits, in bytes. Indicates the receiving window of the party sending the message.

Synchronization flag bit SYN: Indicates the sequence number used to synchronize a TCP connection. Terminate flag FIN: Used to release TCP connections. Reset flag bit RST: used to reset the TCP connection.

Push flag bit PSH: The TCP on the receiving end delivers the packet segment with flag bit 1 to the application process as soon as possible, rather than waiting for the receive cache to fill up.

Checksum: 16 bits, including the TCP header and data payload. When calculating the checksum, add a 12-byte dummy header to the front of the TCP packet segment.

Emergency pointer: 16 bits, in bytes, used to indicate the length of emergency data.

Padding: Since the options are of variable length, padding is used to ensure that the header is divisible by 4 (because the data offset field, the header length field, is in 4-byte units).

3. Establish the TCP connection

The process of establishing a TCP connection is called handshake. In a handshake, three TCP packet segments are exchanged between the client and the server. The three-packet handshake is used to prevent the invalid connection request segment from being suddenly sent to the server, causing errors.

TCP connection establishment to solve the following three problems:

  • 1. Enable the TCP and TCP parties to confirm the existence of each other.

  • 2. Enable THE TCP parties to negotiate some parameters (whether the maximum window value uses window enlargement option and timestamp option, and quality of service, etc.).

  • 3. Enable the TCP parties to allocate transport entity resources (such as items in the cache size connection table).

4, three handshake graphic explanation

Here are two hosts that want to communicate over TCP:

  • Initiating a TCP connection is called a TCP client.

  • An application process that passively waits for a TCP connection to be established is called a TCP server.

The process of establishing a TCP connection can be likened to a handshake, in which three TCP packet segments are exchanged between the TCP client and the server.

Initially, TCP processes at both ends are closed.

The TCP server process starts by creating a transport control block that stores some of the important information in the TCP connection. For example, the TCP connection table, Pointers to the send and receive caches, Pointers to the retransmission queue, current send and receive sequence numbers, and so on. Then it is ready to accept the connection request from the TCP client process. At this time, the TCP server process enters the listening state and waits for the connection request from the TCP client process.

TCP client processes also create transport control blocks first and then intend to do so. The TCP server process passively waits for the connection request from the TCP client process, so it is called passively opening the connection.

During a TCP connection, TCP connection request packets are sent to the TCP server process and the TCP connection is synchronized.

  • The SYN bit in the header of the TCP connection request packet is set to 1, indicating that this is a TCP connection request packet.

  • The sequence number field seq is set to an initial value x as the initial sequence number selected by the TCP client process.

Since the ESTABLISHMENT of a TCP connection is initiated by the TCP client process, it is called an active open connection. Note that TCP states that a segment with the SYN set to 1 cannot carry data but consumes a sequence number.

After the TCP server process receives a TCP connection request packet and agrees to establish a connection, the TCP server process sends a TCP connection request acknowledgement packet to the TCP client process and enters the received state synchronously.

  • The SYN bit and ACK bit in the header of the packet are both set to 1, indicating that this is a TCP connection request.
  • The sequence number field seq is set to an initial value y as the initial sequence number selected by the TCP server process.
  • The value of the ack number field is set to X +1, which acknowledges the initial number seQ selected by the TCP client process.

Note that this segment also cannot carry data because it is the segment where the SYN is set to one but also consumes a sequence number.

After receiving a TCP connection request, the TCP client process sends a common TCP connection request to the TCP server process and enters the connection established state.

  • The ACK bit in the header of the packet is set to 1, indicating that this is an ordinary TCP acknowledgement packet segment.
  • The sequence number field seq is set to X +1 because the first TCP segment sent by the TCP client process is numbered X and does not carry data, so the sequence number of the second segment is x+1.
  • The acknowledgment number field ACK is set to Y + 1, which is an acknowledgment of the initial sequence number chosen by the TCP server process.

Note that TCP rules allow the normal TCP acknowledgment segment to carry data. However, if no data is carried, the serial number is not consumed. In this case, the serial number of the next data packet segment sent is still X + 1.

The TCP server process also enters the established state after receiving the confirmation packet. Now both TCP parties enter the established state and can transfer data reliably based on the established TCP connection.

5. Text summary of three handshakes

The three-way handshake is the process of establishing a TCP connection. Before the handshake, the client that actively opens the connection ends the CLOSE phase, and the server that passively opens the connection also ends the CLOSE phase and enters the LISTEN phase. Then enter the three-way handshake:

① The client sends a SYN packet to the server and waits for the server to confirm:

  • The flag bit is SYN, indicating that a connection is requested.
  • Serial number: Seq = x (x is usually a random number);
  • The client then enters the SYN-sent phase.

(2) After receiving the SYN packet from the client, the server confirms the SYN packet, ends LISTEN, and returns a TCP packet.

  • The flag bit is SYN and ACK, indicating that the Seq number of the packets sent by the client is valid, the server can receive the data sent by the client and agrees to create a new connection.
  • The serial number is Seq = y;
  • If the Ack number is Ack = X + 1, the server receives Seq from the client and adds 1 to the Ack number. Then, the server enters the SYN-RECV phase.

③ After the client receives the SYN + ACK packet, the data transmission from the client to the server is normal, and the SYN-sent phase is ended. And returns the last packet. Among them:

  • The flag bit is ACK, indicating that the signal that the server agrees to connect is received.
  • Seq = X + 1 indicates that it receives the Ack number from the server and uses the Ack number as its serial number.
  • If the Ack number is Ack= Y + 1, it indicates that the server receives seQ and adds 1 to the value of its Ack number.
  • The client then enters ESTABLISHED.

After receiving a packet from the client confirming the receipt of server data, the server knows that the data transmission from the server to the client is normal. In this way, the SYN-RECv phase is ended and the ESTABLISHED phase is entered. The three-way handshake is complete.

5. Can the two-packet handshake be used to establish a connection?

Why does the TCP client process end up sending a normal TCP acknowledgment segment?

In this case, a TCP client process sends a TCP connection request packet segment, but the packet segment is detained on some network nodes for a long time. This inevitably causes timeout retransmission of the packet segment.

Assuming that the TCP server process receives the retransmitted packet, the TCP server process sends a TCP connection confirmation packet to the TCP client process, and the connection is established.

Please note that due to our changed to two message to shake hands, so the TCP server process after sending the TCP connection request confirmation message segment, the state of the connection has been established, and don’t like three handshake message into synchronization has received state, from the TCP server process and wait for the TCP client process for TCP connection request confirmation message segment of ordinary message segment. The TCP client process enters the ESTABLISHED TCP connection state after receiving a TCP connection confirmation packet, but does not send a common confirmation packet to the TCP server process.

Now, both TCP parties are in the established connection state, and they can transfer data to each other. Then, they can release the connection by waving four packets, and both TCP parties enter the closed state.

After a period of time, the invalid TCP connection request segment that was stranded in the network reaches the TCP server process. The TCP server process mistakenly considers this as a new TCP connection request initiated by the TCP client process, and sends the TCP connection request confirmation packet segment to the TCP client process and enters the connection establishment state.

The packet reaches the TCP client process. Because the TCP client process does not initiate a new TCP connection request and is in the closed state, the packet is ignored.

However, the TCP server process has entered the connection established state. He thinks that the new TCP connection has been established and is waiting for data from the TCP client process. This wastes a lot of resources on the host where the TCP server process is running.

To sum up, the three-message handshake instead of the two-message handshake is used to establish a TCP connection to prevent the invalid connection request segment from suddenly being transmitted to the TCP server process and causing errors.


6. Text summary of two handshakes

The main purpose of the three-way handshake is to confirm that you and the other party are sending and receiving normally, thus ensuring reliable communication between the two parties. If two handshakes are used and the connection is established after the second handshake, the client knows that the server can receive the data it sends, but the server does not know whether the client can receive the data it sends.

We know that the network is often not ideal (there is packet loss and delay). When a client initiates a request to create a connection, if the server directly creates the connection and returns a packet containing SYN, ACK, and Seq to the client, the packet is lost due to network transmission. After the loss, the client cannot receive the returned packet. Since the client could set a timeout, after a period of time was shut down the request of the connection is established, and then to initiate a new request, the server is not know, if there is no third handshake can tell the server to the client receiving server data transmission, the server port is open, wait until the client for a timeout to request, The server reopens a port connection. In the long run, there will be more and more such ports, resulting in a waste of server overhead.