Four times three times during the interview, shake hands and wave can be said to be the most frequently asked a knowledge point, I believe you have seen many articles about three-way handshake and four wave, this article today, the focus is on around the interview, we should grasp what important point, which is asked by the interviewer, I think if you can remember and understand some of the points I listed below, I think it will be all right.
Three-way handshake
Since the three-way handshake is the most frequently asked interview question, this time we will explain the three-way handshake from the perspective of the interview
When an interviewer asks you why you need the three handshakes, what the three handshakes are for, and talk about the three handshakes, I think a lot of people will say something like this:
First of all, many people talk about the process of shaking hands:
1. First handshake: The client sends a SYN packet to the server.
2. Second handshake: After receiving a SYN packet, the server responds with a SYN+ACK packet.
3. Third handshake: After receiving a SYN+ACK packet, the client responds with an ACK packet.
4. After the server receives the ACK packet, the three-way handshake is established.
The function is to confirm whether the receiving and sending capabilities of both sides are normal.
Here, by the way, I will explain why it takes three handshakes to confirm the ability of both parties to receive and send, but not two:
First handshake: The client sends a network packet and the server receives it. The server can then conclude that the sending capability of the client and the receiving capability of the server are normal.
Second handshake: the server sends the packet and the client receives it. Then the client can conclude that the receiving and sending capabilities of the server and the receiving and sending capabilities of the client are normal. However, the server is not able to confirm whether the client’s reception is normal.
Third handshake: The client sends the packet and the server receives it. In this way, the server can conclude that the client’s receiving and sending capabilities are normal, and the server’s own sending and receiving capabilities are also normal.
Therefore, three handshakes are needed to confirm the ability of both parties to receive and send.
This is ok, but I think we should describe this process in more detail, because in the course of the three-way handshake, there are many states of change, and these are the points that the interviewer may ask. So I think in response to the three handshake, we should be a little bit more detailed, and a little bit more detailed means a little bit longer. The description of bonus points I think should be like this:
The client is in the closed state and the server is in the LISTEN state. then
1. First handshake: The client sends a SYN packet to the server, specifying the client initialization sequence number (C). The client is in the SYN_Send state.
2. Second handshake: After receiving a SYN packet from the client, the server responds with its own SYN packet, specifies the ISN(s), and uses the ISN + 1 as the ACK value to indicate that it has received the SYN from the client. The server is in the *SYN_REVD* state.
Third handshake: After receiving a SYN packet, the client sends an ACK packet. The ISN + 1 is used as an ACK value to indicate that it has received a SYN packet from the server. At this time, the client is in the establised state.
4. After receiving the ACK message, the server is also in the establised state. At this time, both parties have established a link.
The effect of three handshakes
The effect of three handshakes is also a lot of, remember a few more, guarantee not to lose. Such as:
1. Confirm whether the acceptance ability and sending ability of both parties are normal.
2. Specify your own initialization sequence number to prepare for reliable transmission.
That alone isn’t enough for three handshakes. The interviewer may also ask a few other questions, such as:
1. Is (ISN) fixed
An important function of the three-way handshake is that the client and server exchange Initial Sequence numbers (isNs) so that the server knows how to assemble data based on Sequence numbers before receiving data.
If the ISN is fixed, it is easy for an attacker to guess the subsequent confirmation number, so the ISN is dynamically generated.
2. What is a half-connection queue
After the server receives the SYN from the client for the first time, it is in the SYN_RCVD state before the connection is fully established. The server puts the requests in this state into a queue, which we call a half-connection queue. Of course, there is also a full connection queue, which means that the three handshakes that have been completed and the connections that have been established are placed in the full connection queue. If the queue is full, packet loss may occur.
Here is a supplementary question about the number of syn-ACK retransmissions: After the syn-ACK packet is sent, the server retransmits the syn-ACK packet for the first time. If the server does not receive the acknowledgement packet after a period of time, the server retransmits the syn-ACK packet for the second time. If the number of retransmissions exceeds the maximum number of retransmissions, the system deletes the connection information from the half-connection queue. Note that the wait time for each retransmission is not necessarily the same. It is usually exponential, such as 1s, 2s, 4s, 8s,….
3. Can I carry data during the three-way handshake
A lot of people might think that you can’t carry data on the third handshake, but you can carry data on the third handshake. That is, the first and second handshakes are not allowed to carry data, but the third handshakes are allowed to carry data.
Why is that? You can think a problem, if the first handshake can carry data, if someone want to malicious attacks server, that he shook hands with every time for the first time in the SYN packet into a large amount of data, because the attacker simply ignore the server’s ability to receive, send is normal, then crazy on recurrent SYN packet, This can cost the server a lot of time and memory to receive these messages. That said, the first handshake can be used for data for one simple reason: it makes the server more vulnerable to attack.
On the third attempt, the client is already established, that is, the client has established the connection and knows that the server can send and receive data, so it is ok to carry data pages.
Four times to wave
Since the three-way handshake is the most frequently asked interview question, this time we will explain the three-way handshake from the perspective of the interview
The same is true for four waves. Do not send a FIN message to the other side, an ACK message to us, a FIN message to us, and an ACK message to us. Then the end, it is best to say a little more detailed, for example, like the following so almost, to remember the status of each stage, MY last interview was asked a few, ha ha. I answer wrong, still think oneself answer right, still explain at that time is reasonable, ha ha.
In the beginning, both parties are in the establised state. If the client initiates the close request first, then:
1. First wave: The client sends a FIN packet. The packet contains a serial number. The client is in the FIN_WAIT1 state.
2. Second handshake: After receiving the FIN packet, the server will send an ACK packet and take the serial number of the client + 1 as the serial number of the ACK packet, indicating that the packet has been received from the client. In this case, the server is in CLOSE_WAIT state.
3. Third wave: If the server also wants to disconnect the connection, the server sends a FIN packet and specifies a serial number, just like the first wave on the client. The server is in the LAST_ACK state.
4. Fourth wave: After receiving the FIN packet, the client sends an ACK packet and uses the server sn + 1 as the SN of the ACK packet. In this case, the client is in TIME_WAIT state. The server enters the CLOSED state after receiving its OWN ACK packets
5. After receiving the ACK packet, the server is in the CLOSED state.
If the client sends an ACK, it will not be shut down directly. If the client sends an ACK, it will be shut down for a while. If the client sends an ACK, it will be shut down. The reason for this is to ensure that the server has received our ACK packet. If not, the server will resend the FIN packet to the client. After receiving the ACK packet again, the client will know that the previous ACK packet is lost and send the ACK packet again.
The duration of TIME_WAIT is at least one packet return time. Generally, a timer is set. If no FIN packet is received after the timer expires, the ACK packet is successfully received and the device is in the CLOSED state.
Here I give you the meaning of each state, if you are interested.
LISTEN – Listens for connection requests from a remote TCP port.
Syn-sent – Waits for a matching connection request after sending a connection request;
Syn-received – Waits for acknowledgement of a connection request after receiving and sending a connection request;
ESTABLISHED- represents an open connection and data can be sent to the user;
Fin-wait-1 – Waiting for a remote TCP connection break request, or for acknowledgement of a previous connection break request;
Fin-wait-2 – Waits for connection interruption requests from remote TCP;
Close-wait – Waits for the connection interruption request from the local user.
CLOSING – Waiting for the remote TCP to confirm the connection interruption.
Last-ack – Waits for acknowledgement of the original connection break request sent to the remote TCP;
Time-wait – To WAIT enough TIME to ensure that the remote TCP receives an acknowledgement of the connection interruption request;
CLOSED – No connection status;
Finally, put in the picture of three handshakes with four waves
In addition, the computer network network and the operating system was asked the probability is still very high, recommend everyone to read this note, easy to understand, read the basic stable
Graphical operating system, network, computer composition PDF download!
There are also some good articles written here, for you to find
1. Introduction to the five-layer computer network model
2. How can the communication parties ensure that messages are not lost?
3. What’s the difference between hub, switch and router?
4. What is TCP Congestion Control?
5. What is TCP Flow control
6. What is the TCP three-way handshake?
7. What is TCP four wave?
8. What is HTTP?
9. What is HTTPS?
10. What is SSL/TLS protocol?
11. What is DNS?
12. What is DHCP?
13. What is a broadcast routing algorithm?
What is a digital signature?
15. What are SQL injection attacks?
16. What are XSS attacks?
If you like to watch videos, you can also watch this computer basic video [computer basic three course video](