Joke Collection Website - Mood Talk - TCP three-way handshake and Four Waves

TCP three-way handshake and Four Waves

Transmission Control Protocol (TCP) is a connection-oriented, reliable and byte-stream based transport layer communication protocol, which is defined by RFC 793 of IETF.

TCP is designed to adapt to the layered protocol hierarchy supporting multi-network applications. Pairs of processes in host computers connected to different but interconnected computer communication networks rely on TCP to provide reliable communication services. TCP assumes that it can obtain simple and possibly unreliable datagram services from lower-level protocols. In principle, TCP should be able to operate on all kinds of communication systems from hard-wired connection to packet-switched or circuit-switched networks.

Transmission Control Protocol (TCP) is a transmission protocol specially designed to provide reliable end-to-end byte stream on unreliable internet.

the internet is very different from a single network because different parts of the internet may have completely different topologies, bandwidths, delays, packet sizes and other parameters. The design goal of TCP is to be able to dynamically adapt to these characteristics of the Internet, and to be robust in the face of various failures.

three-way handshake process understanding

The first handshake: when establishing a connection, the client sends a syn packet (syn=x) to the server and enters the SYN_SENT state, waiting for the server to confirm; SYN: Synchronize Sequence Numbers.

second handshake: when the server receives the syn packet, it must confirm the customer's SYN(ack=x+1) and send a SYN packet (syn=y) by itself, that is, the SYN+ACK packet. At this time, the server enters the SYN_RECV state;

three-way handshake: The client receives the SYN+ACK packet from the server and sends an acknowledgement packet ACK(ack=y+1) to the server. After this packet is sent, the client and the server enter the ESTABLISHED(TCP state, and the three-way handshake is completed.

For example

A couple is going to see a movie on Sunday.

The first handshake boy sends: Let's go to the movies on Sunday.

The second handshake girl responds: OK.

The first three-way handshake boy responded: That's a deal.

1. Why can't we connect by shaking hands twice?

three handshakes accomplish two important functions, that is, both parties should be ready to send data (both parties know each other is ready), and both parties should be allowed to negotiate the initial serial number, which is sent and confirmed during the handshake.

when two handshakes are unexpected, there will be a waste of resources.

handshake is divided into Server s and Client c ..

two handshakes. When C wants to establish a connection, it sends a SYN, and then waits for an ACK. As a result, this SYN didn't arrive at S in time due to network problems, so C sent another SYN after it didn't receive an ACK for a period of time. This time, S received it successfully, and then C also received an ACK. At this time, the first SYN sent by C finally arrived at S, which is a new connection request for S. Then S applies for resources for this connection and returns an ACK. However, this SYN is an invalid request, and C will not pay attention to it after receiving the ACK of this SYN, but S doesn't know that S will always maintain resources for this connection, resulting in a waste of resources.

three-way handshake's countermeasures when an error occurs

The first handshake A failed to send SYN transmission, and neither A nor B applied for resources, so the connection failed. If multiple SYN connection requests are sent within a period of time, then A will only accept the SYN+ACK response of the last syn it sent, ignoring all other responses, and the resources applied for in B will also be released

? The second handshake when B sends SYN+ACK transmission fails, A will not apply for resources, and B applies for resources, but fails to receive A's ACK, and releases the resources after a period of time. If multiple A's SYN requests are received, B will reply to SYN+ACK, but A will only acknowledge the SYN response it sent the earliest and reply to the ACK of the last handshake. When the transmission of the three-way handshake ACK fails, B does not receive the ACK, releasing resources and returning RST to the transmission data of the subsequent A.. In fact, B will send SYN+ACK for many times because it has not received ACK from A, and the number of times can be set. If it still does not receive ACK from A at last, it will release resources and return RST to the data transmission of A..

four waves of TCP

(1) First, the client wants to release the connection, and sends a TCP message to the server, where:

the flag bit is FIN, which means "requesting to release the connection"; Sequence number is seq = u; Then the client enters the FIN-WAIT-1 phase, that is, the semi-closed phase. And stop sending data in the direction from the client to the server, but the client can still receive the data transmitted from the server. Note: What is not sent here is the data transmitted during normal connection (non-acknowledgement message), not all data, so the client can still send the ACK acknowledgement message.

(2) after receiving the TCP message from the client, the server confirms that the client wants to release the connection, and then the server ends the ESTABLISHED phase, enters the CLOSE-WAIT phase (semi-closed state) and returns a TCP message.

The first "two waves" not only let the server know that the client wants to release the connection, but also let the client know that the server knows its request to release the connection. Therefore, it can be confirmed that the connection from the client to the server has been closed

(3) After sending the ACK confirmation message, the server is ready to release the connection from the server to the client through the CLOSED-WAIT stage, and sends a TCP message to the client again, where

the flag bit is FIN and ACK, which means "it is ready to release the connection". Note: The ACK here is not a confirmation message to confirm the receipt of the server-side message. Sequence number is seq = w; The confirmation number is ack = u+1; It means that on the basis of receiving the client message, add 1 to its sequence number Seq value as the value of the acknowledgement number Ack of this message. Then the server ends the CLOSE-WAIT phase and enters the LAST-ACK phase. And stop sending data in the direction from the server to the client, but the server can still receive the data transmitted from the client.

(4) The client receives the TCP message sent from the server, confirms that the server is ready to release the connection, ends the FIN-WAIT-2 phase, enters the TIME-WAIT phase, and sends a message to the server, in which:

The flag bit is ACK, which means "the signal that the server is ready to release the connection is received". Sequence number is seq = u+1; It means that on the basis of receiving the server-side message, the Ack value of its confirmation number is taken as the value of the message sequence number of this paragraph. The confirmation number is ack = w+1; It means that on the basis of receiving the server-side message, the value of its sequence number Seq is taken as the value of the confirmation number of this message. Then the client starts TIME-WAIT for the 2MSL

server to receive the TCP message from the client, and then ends the LAST-ACK phase and enters the CLOSED phase. This officially confirms the closing of the connection from the server side to the client side.

after the client waits for 2MSL, it ends the TIME-WAIT phase and enters the CLOSED phase, thus completing the "four waves".

after "waving twice", the client knows that the server is ready to release the connection, and the server also knows that the client knows that it is ready to release the connection. Therefore, it can be confirmed that the connection from the server side to the client side is closed, thus completing the "four waves".

just like the "three waves", in the TCP message transmitted between the client and the server, the values of the acknowledgement number Ack and the sequence number Seq of both parties are calculated on the basis of each other's Ack and Seq values, which ensures the continuity of TCP message transmission. Once the TCP message sent by one party is lost, it is impossible to continue to "wave", thus ensuring the smooth completion of the "four waves".

why did you break up four times?

before that, let's talk about the abnormal disconnection of TCP

Abnormal disconnection of TCP

1. What if a connection has been established, but one party suddenly fails?

TCP also has a keep-alive timer. Obviously, if the client fails, the server can't wait forever, wasting resources. The server will reset this timer every time it receives a request from the client, and the time is usually set to 2 hours. If it has not received any data from the client for two hours, the server will send a probe message segment and then send it every 75 seconds. If there is still no response after sending 1 probe messages in a row, the server thinks that the client has failed, and then closes the connection.

heartbeat detection mechanism

in TCP network communication, abnormal disconnection between client and server often occurs, so it is necessary to detect the link status of query in real time. The common solution is to add heartbeat mechanism to the program.

in addition, there are mechanisms such as Heart-Beat thread and setting TCP properties.

it is commonly understood that

power failure and crash mean the loss of all state information, just like a person with amnesia, who is unfamiliar with the outside world, even if he restarts and the program runs normally.

The other party must still have normal memory, but the asymmetry of the two sides' state (memory) can no longer complete the normal communication, so the best way is to let the good side detect the asymmetry of memory, and then release its own memory (reset), and then the two sides can talk about it again-TCP reconnection.

how can a good party be tested?

TCP Keepalive

By default, TCP will send a detection signal in 12 minutes. If the other party doesn't reply, it will retry several times until it gives up, and then announce that the other party is dead and send a Reset to release the connection. The other party will receive it inexplicably and ignore it silently, because there is no such connection at all (power failure is released).

2 hours is a long wait, and the stranded TCP session will use resources directly, which is a waste!

Application Keepalive

in order to quickly detect the fact that the other party has died, the application layer can send detection signals, such as once every 5 -1 minutes.

Through the above two common methods, we can overcome the current situation that the good party permanently resides in the memory, and releasing is the only correct method! In fact, apart from detecting whether the other party is online, the Application Keepalive has a great role in avoiding the overtime deletion of the NAT device list between the two communication parties, and needs to refresh the keepalive periodically.

So waving four times is also to disconnect in real time and release resources

This is also to deal with unexpected situations

For example, the client directly disconnects itself after sending a disconnect message. But this connection was not received by the server.

at this time, the server does not know that the client has been disconnected. During this period, it will always send a request to determine whether the client is connected. The connection will not be disconnected until there is no response at the end.

TCP protocol is a connection-oriented, reliable and byte stream-based transport layer communication protocol. TCP is in full duplex mode, which means that when host 1 sends a FIN segment, it only means that host 1 has no data to send, and host 1 tells host 2 that all its data has been sent. However, at this time, host 1 can still accept data from host 2; When the host 2 returns the ACK segment, it means that it already knows that the host 1 has no data to send, but the host 2 can still send data to the host 1. When the host 2 also sends the FIN segment, it means that the host 2 has no data to send, so it will tell the host 1 that I have no data to send, and then they will happily interrupt the TCP connection. If we want to correctly understand the principle of four breakups, we need to understand the state changes in the process of four breakups.

For example,

A couple originally made an appointment to go to the movies on Sunday

If it is a wave, one party will close the connection immediately after sending a disconnection request.

If the girl doesn't want to go, she will send: If she doesn't go on Sunday, her mobile phone will be turned off (the connection will be closed). If this message is not sent successfully.

Boys think dating still counts. I kept waiting, and when I waited for the timeout, I asked: Are you still there?

At this time, the girl has turned off her phone, so she can't receive this message.

The boy may wait for two hours before choosing to go back.

if it's two waves.

if the girl doesn't want to go, she sends: she won't go on Sunday. Then the phone was not turned off, and I wanted to make sure that the boy had received it.

because it's two waves. The boy responded after receiving the message: OK. Just choose to turn it off (disconnect, here the boy has no other data to send, because it is two waves). But the response was not sent to.

At this time, the girl will keep waiting and send messages repeatedly. But by this time, the boy had turned off his phone. Girls may send it repeatedly for a long time before choosing to disconnect.

or after the boy replied well, the girl accepted it, but the boy still has something to say. I want to continue talking about the previous topic, which is still very important. But because the connection is closed opposite, it can't be received.

(This may lead to incomplete data in the transmission process, which may not satisfy the data reliability)

Therefore, we have to wait for four waves when the data of both parties have been transmitted.

the connection can be closed in real time.