TCP Connection Setup
When we browse the web, send an email, or play an online game, we often don't think about the complex network connection behind it. However, it is these seemingly small steps that ensure stable communication between us and the server. One of the most important steps is the TCP connection setup, and the core of this is the three-way handshake.
This article will discuss the principle, process and importance of the three-way handshake in detail. Step by step, we'll explain why the three-way handshake is needed, how it ensures connection stability and reliability, and how important it is for data transfer. With a deeper understanding of the three-way handshake, we will gain a better understanding of the underlying mechanisms of network communication and a clearer view of the reliability of TCP connections.
TCP Three-way Handshake Process and State Transitions
TCP is a connection-oriented transport protocol, which requires connection establishment before data transmission. This connection establishment process is done by a three-way handshake.
Let's take a closer look at the TCP packets that are sent in each connection.
Initially, both the client and server are CLOSED. First, the server actively listens on a port and is in the LISTEN state, which means that the server must be started. Next, the client is ready to start accessing the webpage.It needs to establish a connection with the server. The format of the first connection packet is as follows:
When a client initiates a connection, it generates a random initial sequence number (client_isn) and places it in the "Sequence number" field of the TCP header. At the same time, the client sets the SYN flag position to 1 to indicate that the outgoing packet is a SYN packet. The client indicates that it wishes to establish a connection with the server by sending the first SYN packet to the server. This packet does not contain application layer data (that is, data sent). At this point, the status of the client is marked as SYN-SENT.
When a server receives a SYN packet from a client, it randomly initializes its own serial number (server_isn) and then puts that number in the "Serial number" field of the TCP header. Next, the server enters client_isn + 1 in the "Acknowledgement number" field and sets both SYN and ACK bits to 1. Finally, the server sends the packet to the client, which contains no application-layer data (and no data for the server to send). At this time, the server is in SYN-RCVD state.
Once the client receives the packet from the server, it needs to perform the following optimizations to respond to the final reply packet: First, the client sets the ACK bit of the TCP header of the reply packet to 1; Second, the client enters the value server_isn + 1 in the "Confirm answer number" field; Finally, the client sends the packet to the server. This packet can carry data from the client to the server. Upon completion of these operations, the client will enter the ESTABLISHED state.
Once the server receives the reply packet from the client, it also switches to the ESTABLISHED state.
As you can see from the above process, when performing a three-way handshake, the third handshake is allowed to carry data, but the first two handshakes are not. This is a question that is often asked in interviews. Once the three-way handshake is complete, both parties enter the ESTABLISHED state, indicating that the connection has been successfully established, at which point the client and server can start sending data to each other.
Why three handshakes? Not twice, four times?
The common answer is, "Because the three-way handshake guarantees the ability to receive and send." This answer is correct, but it is only the surface reason, does not put forward the main reason. In the following, I will analyze the reasons for the triple handshake from three aspects to deepen our understanding of this issue.
The three-way handshake can effectively avoid the initialization of historically repeated connections (the main reason)
The three-way handshake guarantees that both parties have received a reliable initial sequence number.
The three-way handshake avoids wasting resources.
Reason 1: Avoid Historical Duplicate Joins
In a nutshell, the main reason for the three-way handshake is to avoid confusion caused by the old duplicate connection initialization. In a complex network environment, the transmission of data packets is not always sent to the destination host in accordance with the specified time, and old data packets may arrive at the destination host first because of network congestion and other reasons. To avoid this, TCP uses a three-way handshake to establish the connection.
When a client sends multiple SYN connection establishment packets in succession, in situations such as network congestion, the following may occur:
1- The old SYN packets arrive at the server before the latest SYN packets.
2- The server will reply a SYN + ACK packet to the client after receiving the old SYN packet.
3- When the client receives the SYN + ACK packet, it determines that the connection is a historical connection (sequence number expired or timeout) according to its own context, and then sends the RST packet to the server to abort the connection.
With a two-handshake connection, there is no way to determine if the current connection is a historical connection. The three-way handshake allows the client to determine whether the current connection is a historical connection based on the context when it is ready to send the third packet:
1- If it is a historical connection (sequence number expired or timeout), the packet sent by the third handshake is an RST packet to abort the historical connection.
2- If it is not a historical connection, the packet sent for the third time is an ACK packet, and the two communicating parties successfully establish the connection.
Therefore, the main reason that TCP uses the three-way handshake is that it initializes the connection to prevent historical connections.
Reason 2: To synchronize the initial sequence numbers of both parties
Both sides of the TCP protocol must maintain a sequence number, which is a key factor to ensure reliable transmission. Sequence numbers play an important role in TCP connections.They do the following:
The receiver can eliminate duplicate data and ensure the accuracy of the data.
The receiver can receive packets in the order of the sequence number to ensure the integrity of the data.
● The sequence number can identify the data packet that has been received by the other party, enabling reliable data transmission.
Therefore, upon establishing a TCP connection, the client sends SYN packets with the initial sequence number and requires the server to reply with an ACK packet indicating successful reception of the client's SYN packet. Then, the server sends the SYN packet with the initial sequence number to the client and waits for the client to reply, once and for all, to ensure that the initial sequence numbers are reliably synchronized.
Although a four-way handshake is also possible to reliably synchronize the initial sequence numbers of both parties, the second and third steps can be combined into a single step, resulting in a three-way handshake. However, the two handshakes can only guarantee that the initial sequence number of one party is successfully received by the other party, but there is no guarantee that the initial sequence number of both parties can be confirmed. Therefore, the three-way handshake is the best choice to take in order to ensure the stability and reliability of TCP connections.
Reason 3: Avoid Wasting Resources
If there is only a "two-handshake", when the client SYN request is blocked in the network, the client cannot receive the ACK packet sent by the server, so the SYN will be resent. However, since there is no third handshake, the server cannot determine if the client received an ACK acknowledgement to establish the connection. Therefore, the server can only proactively establish a connection after receiving each SYN request. This leads to the following:
Waste of resources: If the client's SYN request is blocked, resulting in repeated transmission of multiple SYN packets, the server will establish multiple redundant invalid connections after receiving the request. This leads to an unnecessary waste of server resources.
Message retention: Due to the lack of a third handshake, the server has no way of knowing whether the client correctly received the ACK acknowledgement to establish the connection. As a result, if messages get stuck in the network, the client will keep sending SYN requests over and over again, causing the server to constantly establish new connections. This will increase network congestion and delay and negatively affect the overall network performance.
Therefore, in order to ensure the stability and reliability of the network connection, TCP uses the three-way handshake to establish the connection to avoid the occurrence of these problems.
Summary
The Network Packet Broker TCP connection establishment is done with a three-way handshake. During the three-way handshake, the client first sends a packet with the SYN flag to the server, indicating that it wants to establish a connection. After receiving the request from the client, the server replies a packet with SYN and ACK flags to the client, indicating that the connection request is accepted, and sends its own initial sequence number. Finally, the client replies with an ACK flag to the server to indicate that the connection has been successfully established. Thus, the two parties are in the ESTABLISHED state and can start sending data to each other.
In general, the three-way handshake process for TCP connection establishment is designed to ensure connection stability and reliability, avoid confusion and waste of resources over historical connections, and ensure that both parties are able to receive and send data.
Post time: Jan-08-2025
