Principle and flow analysis of three handshakes and four waves in TCP / IP protocol
When I first learned the major of communication, after graduation, the students went their own way to pursue their dreams and rush between large and small construction sites. Ha ha, I'm kidding. Some of them are powerful. They entered XX Research Institute, huh? His father is not the director. Don't be too dark inside. I remember a very tall course called computer network (probably this name). There is a concept of handshake. Now review it.
Let's take a look at the schematic diagram:
TCP is connection oriented. No matter which party sends data to the other party, a connection must be established between the two parties. In TCP / IP protocol, TCP protocol provides reliable connection service, and the connection is initialized through three handshakes. The purpose of the third handshake is to synchronize the serial number and confirmation number of both sides of the connection and exchange TCP window size information.
1. First handshake: establish a connection. The client sends the connection request message segment with syn position of 1 and sequence number of X; Then, the client enters syn_ Send status, waiting for the confirmation of the server;
2. Second handshake: the server receives the syn message segment. When the server receives the syn message segment from the client, it needs to confirm the syn message segment and set the acknowledsegment number to x + 1 (sequence number + 1); At the same time, you should also send syn request information. Set syn position to 1 and sequence number to y; The server puts all the above information into a message segment (syn + ACK message segment) and sends it to the client. At this time, the server enters syn_ Recv status;
3. The third Handshake: the client receives the syn + ACK message segment from the server. Then set the acknowledsegment number to y + 1 and send an ACK message segment to the server. After this message segment is sent, both the client and the server enter the established state and complete the TCP handshake for three times.
After three handshakes, the client and server can start transmitting data. The above is the general introduction of TCP triple handshake.
What about the four waves?
After the client and server establish a TCP connection through three handshakes, when the data transmission is completed, they must disconnect the TCP connection. For TCP disconnection, there is a mysterious "four waves".
1. Wave for the first time: host 1 (either client or server), set sequence number and acknowledsegment number, and send a fin message segment to host 2; At this point, host 1 enters fin_ WAIT_ 1. Status; This means that host 1 has no data to send to host 2;
2. Second wave: host 2 receives the fin message segment sent by host 1 and returns an ACK message segment to host 1. The acknowledsegment number is the sequence number plus 1; Host 1 enters fin_ WAIT_ 2. Status; Host 2 tells host 1 that I have no data to send and can close the connection;
3. Waving for the third time: host 2 sends fin message segment to host 1, requests to close the connection, and host 2 enters close_ Wait status;
4. The fourth wave: host 1 receives the fin message segment sent by host 2, sends ACK message segment to host 2, and then host 1 enters time_ Wait status; After receiving the ACK message segment from host 1, host 2 closes the connection; At this time, if host 1 still does not receive a reply after waiting for 2msl, it proves that the server has been shut down normally. Well, host 1 can also close the connection.
So far, TCP's four waves have been completed so happily. When you see here, you will have a lot of questions in your mind, many don't understand, and feel very messy; It's okay. Let's continue to summarize.
Why three handshakes?
The so-called three way handshake is to establish a TCP connection, which means that when establishing a TCP connection, the client and server need to send a total of three packets to confirm the establishment of the connection. In socket programming, this process is triggered by the client executing connect.
Since we have summarized the three handshakes of TCP, why do we have to do it three times? How do you think you can finish it twice. Then why does TCP have to make three connections? In Xie Xiren's computer network, it says:
In order to prevent the invalid connection request message segment from being suddenly transmitted to the server, resulting in an error.
An example is also given in the book, as follows:
"Invalid connection request message segment" is generated in such a case: the first connection request message segment sent by the client is not lost,
Instead, a network node stays for a long time, so that it delays reaching the server some time after the connection is released. It was a
A long expired message segment. However, after receiving the invalid connection request message segment, the server mistakenly considers it a new message sent by the client again
Connection request for. Therefore, a confirmation message segment is sent to the client to agree to establish the connection. Assuming that the "triple handshake" is not used, as long as the server
Send a confirmation and the new connection is established. Since the client has not sent a request to establish a connection, the server's confirmation will not be ignored,
Data will not be sent to the server. However, the server thinks that a new transport connection has been established and has been waiting for data from the client. So,
Many resources of server are wasted. The above phenomenon can be prevented by using the method of "three handshakes". For example, in the case just now,
The client will not send a confirmation to the server. Because the server cannot receive the confirmation, it knows that the client did not request to establish a connection. "
This is very clear and prevents the server from wasting resources by waiting all the time.
Why wave four times?
What are the four waves?
The so-called four way wavehand is to terminate the TCP connection, which means that when a TCP connection is disconnected, the client and the server need to send a total of four packets to confirm the disconnection. In socket programming, this process is triggered by either the client or the server executing close.
TCP protocol is a connection oriented, reliable transport layer communication protocol based on byte stream. TCP is in full duplex mode, which means that when host 1 sends fin message segment, it only means that host 1 has no data to send, and host 1 tells host 2 that all its data has been sent; However, at this time, host 1 can still accept data from host 2; When host 2 returns the ACK message segment, it means that it knows that host 1 has not sent data, but host 2 can still send data to host 1; When host 2 also sends the fin message segment, it means that host 2 has no data to send, and it will tell host 1 that I have no data to send, and then they will happily interrupt the TCP connection. If you want to correctly understand the principle of four waves, you need to understand the state changes in the process of four waves.
FIN_ WAIT_ 1: This state should be well explained. In fact, fin_ WAIT_ 1 and fin_ WAIT_ 2. The real meaning of status is to wait for the fin message of the other party. The difference between these two states is: fin_ WAIT_ 1 status actually means that when the socket is in the established status, it wants to actively close the connection and sends fin message to the other party. At this time, the socket enters fin_ WAIT_ 1 status. When the other party responds to the ACK message, it enters fin_ WAIT_ 2 status. Of course, under actual normal conditions, no matter what the other party's situation, it should immediately respond to the ACK message, so fin_ WAIT_ 1 status is generally difficult to see, while fin_ WAIT_ 2. The status can often be seen with netstat. (active party)
FIN_ WAIT_ 2: This state has been explained in detail above. In fact, fin_ WAIT_ 2. Socket in status indicates a semi connection, that is, one party requests a close connection, but also tells the other party that I have some data to transmit to you temporarily (ACK information), and then close the connection later. (active party)
CLOSE_ Wait: the meaning of this status actually means that you are waiting for shutdown. How to understand? When the other party closes a socket and sends a fin message to itself, your system will undoubtedly respond to an ACK message to the other party, and then enter close_ Wait status. Next, in fact, what you really need to consider is to check whether you still have data to send to the other party. If not, you can close the socket and send fin message to the other party, that is, close the connection. So you're closing_ In the wait state, what needs to be done is waiting for you to close the connection. (passive party)
LAST_ ACK: this state is easy to understand. It is passively closed. After sending fin message, one party finally waits for the other party's ACK message. After receiving the ACK message, you can enter the closed available state. (passive party)
TIME_ Wait: indicates that you have received the fin message from the other party and sent an ACK message. After 2msl, you can return to the closed available state. If the message with fin flag and ACK flag is received from the other party under finwait1 status, you can directly enter time_ Wait status without going through fin_ WAIT_ 2 status. (active party)
Closed: indicates that the connection is broken.
summary
The above is all about the principle and process analysis of three handshakes and four waves in TCP / IP protocol. I hope it will be helpful to you. If there are any deficiencies, please leave a message and look forward to your valuable comments.