Why does TCP use the "three-way handshake" to establish a connection? An example will teach you

First of all, why is it a three-way handshake?

After the client sends a request A, but A is delayed for a long time on the network, the client then sends B again, but A is no longer valid.

The server then responds to B and returns the TCP connection header to establish a connection (twice here).

Then, A finally reaches the server after going through thousands of miles. When the server sees the request, it accepts it.

Since the TCP format carried by A was correct at the beginning, the server should also return the flag of successful connection. However, at this time, the client has determined that the request is invalid and discarded it.

Then the server just hangs like this (wasting resources), which causes a problem: md, who is to blame for this? So, to be on the safe side, just add another connection.

So 3 times is the most appropriate. In Chinese, 3 is considered a lot. If you use 4, 5, 6, 7, 8... times, isn't that more wasteful?

As a reliable transmission control protocol, the core idea of ​​TCP is to ensure reliable data transmission and improve transmission efficiency. Using three times can meet the above two requirements.

In the TCP/IP protocol, the TCP protocol provides a reliable connection service and uses a three-way handshake to establish a connection. The connection process is as follows:

• First handshake: When establishing a connection, the client sends a syn packet (syn=j) to the server and enters the SYN_SEND state, waiting for the server to confirm;
• Second handshake: When the server receives the SYN packet, it must confirm the client's SYN (ack=j+1) and send a SYN packet (syn=k) at the same time, that is, a SYN+ACK packet. At this time, the server enters the SYN_RECV state;
• The third handshake: The client receives the SYN+ACK packet from the server and sends a confirmation packet ACK (ack=k+1) to the server. After this packet is sent, the client and server enter the ESTABLISHED state, completing the three-way handshake.

Why do we need to do a three-way handshake? Let me give you an example!

During the Red Army period, Company A and Company B were divided into the left and right wings, and agreed to launch an attack together at a certain time and minute. This information needed to be delivered manually through a messenger on foot. So the commander of Company A sent out a messenger.

This is the *** time.

Suppose the signalman arrives at Company B and informs the commander of Company B the time and minute. The commander of Company B will definitely ask the signalman to go back and inform the commander of Company A. The poor signalman can only risk his life to return to Company A, because the commander of Company A cannot see the signalman return, and does not know whether the information has been delivered to Company B at what time and minute.

This is the second time.

Now the commander of Company B begins to worry about whether the signalman has returned to Company A. If not, the commander of Company B will put himself in the shoes of the commander of Company A and think that he will definitely not dare to fight if he cannot see the signalman who has returned. Therefore, the commander of Company B most hopes to see the signalman appear in Company B again, so the commander of Company A will let the signalman go back to Company B again.

Therefore, it can be said that the three-way handshake is the fastest and most labor-saving choice.

The above analysis is not vivid enough and it is easy to forget. Let's use wireshark to prove the above analysis process.

It is easy to see from the output below that an http request is made only after the previous three tcp requests.

In the first handshake packet, the client sends a TCP with the flag bit set to SYN and the sequence number set to 0, which means the client requests to establish a connection, as shown in the following figure

(First handshake)

The server sends back a confirmation packet for the second handshake, with the flag SYN, ACK. The confirmation number is set to the client's ISN plus 1. That is, 0+1=1, as shown in the following figure

(Second handshake)

In the third handshake data packet, the client sends an acknowledgment packet (ACK) again. The SYN flag is 0 and the ACK flag is 1. The sequence number field of the ACK sent by the server + 1 is placed in the confirmation field and sent to the other party. And ISN + 1 is placed in the data segment, as shown in the following figure

(Third handshake)

The above is the TCP three-way handshake process in Wireshark.

That’s all for today’s sharing.