TCP Three-Way Handshake and Four-Way Wavehand

TCP Three-Way Handshake and Four-Way Wavehand

Description
TCP (Transmission Control Protocol) is a connection-oriented, reliable, byte-stream-based transport layer communication protocol. To establish a reliable connection, TCP uses a "three-way handshake" mechanism; to terminate a connection, it uses a "four-way wavehand" mechanism. This is a crucial core knowledge point in network programming and internet fundamentals.

Problem-Solving Process / Knowledge Point Explanation

We will understand this process in two steps: first, the three-way handshake to establish a connection, and then the four-way wavehand to terminate the connection.

Step One: Understanding the TCP Three-Way Handshake (Connection Establishment)

The goal of the three-way handshake is for both communicating parties to confirm that each other's sending and receiving capabilities are normal and to synchronize initial sequence numbers.

  1. First Handshake (SYN):

    • Initiator (Client) wants to establish a connection with the server.
    • Action: The client sends a TCP segment. The characteristics of this segment are:
      • The SYN (Synchronize) flag in the header is set to 1 (i.e., SYN=1).
      • It randomly selects an initial sequence number (seq = x). The sequence number is key to ensuring data is transmitted in order.
    • State Change: After sending, the client enters the SYN-SENT state.
    • Meaning: This segment is like saying: "Hello server, I want to establish a connection with you. My initial sequence number is x, can you hear me?"

  2. Second Handshake (SYN-ACK):

    • Receiver (Server) receives the client's SYN segment.
    • Action: If the server agrees to establish the connection, it replies with a segment. The characteristics of this segment are:
      • The SYN flag and ACK (Acknowledgment) flag in the header are both set to 1 (i.e., SYN=1, ACK=1).
      • It also randomly generates its own initial sequence number (seq = y).
      • Simultaneously, it acknowledges the received client sequence number by setting its Acknowledgment Number (ack) field to x + 1 (i.e., ack = x + 1). ack = x + 1 means: "I have indeed received your segment with sequence number x, and I expect you to start sending data from sequence number x+1 next time."
    • State Change: After sending, the server enters the SYN-RCVD state.
    • Meaning: This segment is like saying: "I heard your request (ack=x+1), and I agree to establish the connection. My initial sequence number is y, can you hear me?"

  3. Third Handshake (ACK):

    • Initiator (Client) receives the server's SYN-ACK segment.
    • Action: The client needs to send an acknowledgment segment. The characteristics of this segment are:
      • The ACK flag in the header is set to 1 (i.e., ACK=1).
      • Its sequence number seq = x + 1 (because the SYN segment from the first handshake consumes one sequence number).
      • Its acknowledgment number ack = y + 1, indicating acknowledgment of the server's SYN segment.
    • State Change: After sending, the client enters the ESTABLISHED state. After the server receives this ACK segment, it also enters the ESTABLISHED state.
    • Meaning: This segment is like saying: "I also heard your reply, the connection is successfully established!"

Why Three Times, Not Two?
The key is to prevent a "stale connection request segment" from suddenly reaching the server, causing the server to erroneously open a connection.

  • Scenario: The client sends a connection request (first SYN), but this segment is delayed in the network. The client, not receiving a reply within the timeout, resends a SYN, successfully establishes a connection, transmits data, and closes the connection. At this point, the delayed first SYN segment finally arrives at the server.
  • If it were a two-way handshake: The server receives this stale SYN, mistakenly thinks the client is initiating a new connection, replies with SYN-ACK (second handshake), and directly enters the ESTABLISHED state, waiting for the client to send data, thereby wasting server resources.
  • With a three-way handshake: After the server replies with SYN-ACK, the client will recognize this as a stale request (since it did not actively initiate a new connection) and therefore will not send the third ACK acknowledgment. The server, not receiving the ACK, will not establish the connection, thus avoiding resource waste.

Step Two: Understanding the TCP Four-Way Wavehand (Connection Termination)

The goal of the four-way wavehand is for both parties to confirm the desire to close the connection. Since a TCP connection is full-duplex (data can flow bidirectionally), each direction must be closed separately.

  1. First Wavehand (FIN):

    • Active Closer (assume it's the client) has finished sending data and requests to close the connection.
    • Action: The client sends a segment with the FIN (Finish) flag in the header set to 1 (FIN=1).
    • State Change: After sending, the client enters the FIN-WAIT-1 state.
    • Meaning: The client says to the server: "I have no more data to send from my side, I want to close my data channel to you (the client-to-server direction)."

  2. Second Wavehand (ACK):

    • Passive Closer (Server) receives the client's FIN segment.
    • Action: The server sends an acknowledgment segment (ACK=1), with its acknowledgment number ack being the client's sequence number plus 1.
    • State Change: After sending, the server enters the CLOSE-WAIT state.
    • Meaning: The server says to the client: "Oh, I know you want to close." At this point, TCP is in a half-close state, meaning the client-to-server channel is closed (the client can no longer send data), but the server-to-client channel is still open, and the server may still have data to send to the client.
    • Client State Change: After receiving this ACK, the client moves from FIN-WAIT-1 to FIN-WAIT-2, waiting for the server's FIN segment.

  3. Third Wavehand (FIN):

    • Passive Closer (Server) finishes sending any remaining data and is also ready to close the connection.
    • Action: The server sends a segment with the FIN flag in the header set to 1 (FIN=1).
    • State Change: After sending, the server enters the LAST-ACK state.
    • Meaning: The server says to the client: "I've also finished sending data from my side, I want to close too (the server-to-client channel)."

  4. Fourth Wavehand (ACK):

    • Active Closer (Client) receives the server's FIN segment.
    • Action: The client sends an acknowledgment segment (ACK=1), with its acknowledgment number ack being the server's sequence number plus 1.
    • State Change: After sending, the client enters the TIME-WAIT state. Note that the connection is not released immediately. The client needs to wait for 2MSL (Maximum Segment Lifetime, typically 1-2 minutes) before entering the CLOSED state.
    • Server State Change: After receiving this ACK, the server immediately enters the CLOSED state.

Why does the client need the TIME-WAIT state? What is the purpose of waiting for 2MSL?
There are two main reasons:

  1. Reliably Terminating the Connection: To ensure the client's final ACK reaches the server. If this ACK is lost in the network, the server in the LAST-ACK state will retransmit its FIN segment due to timeout. The client in the TIME-WAIT state, upon receiving the retransmitted FIN, will resend the ACK and restart the 2MSL timer.
  2. Allowing Old Connection Segments to Vanish from the Network: Waiting for 2MSL is sufficient time for all segments generated during this connection to "vanish" from the network (exceed their maximum lifetime and be discarded). This ensures that when a new connection is established, it will not be interfered with by segments from the old connection.

Through the above step-by-step process, we have comprehensively understood how TCP reliably establishes connections via the three-way handshake and gracefully terminates connections via the four-way wavehand.