Shulou(Shulou.com)06/03 Report--

This article shows you how the computer network transmission protocol TCP three-way handshake and four-wave principle is, the content is concise and easy to understand, absolutely can make your eyes bright, through the detailed introduction of this article, I hope you can get something.

TCP shook hands three times and waved four times.

We introduced the format of UDP protocol and TCP protocol and their respective characteristics in detail in the transport layer protocols TCP and UDP. We know that TCP protocol is connection-oriented, so connection-oriented work needs to be done to establish, maintain and disconnect connections.

Server state transition

[CLOSED- > LISTEN] after the server calls listen, it enters the LISTEN state and waits for the client to initiate a connection to itself

[LISTEN- > SYN_RCVD] once a connection request (synchronization message segment) is heard, the connection is placed in the connection waiting queue maintained in the kernel, and a SYN+ACK message is sent to the client confirming that the connection request from the viewing client has been received.

[SYN_RCVD- > ESTABLISHED] once the server receives the confirmation message from the client, it enters the ESTABLISHED state and can read and write data

[ESTABLISHED- > CLOSE_WAIT] when the client closes the connection actively (calling close), the server receives the end message segment FIN sent by the client, and the server returns to the client to acknowledge receipt of the closed connection message, it will enter CLOSE_WAIT

[CLOSE_WAIT- > LAST_ACK] when the server enters the CLOSE_WAIT state, it means that the server is ready to close the connection (but the previous data needs to be processed first). When the server actually calls close to close the connection, it will send a FIN message to the client, and enter the LAST_ACK state, waiting for the arrival of the last ACK (here ACK refers to the client's response message to the FIN sent by the server)

[LAST_ACK- > CLOSED] the server received the ACK response from the client to the FIN message, and the server closed the connection successfully

Client state transition

[CLOSED- > SYN_SEND] the client calls connect to send a synchronization message segment to the server, indicating that it wants to establish a connection with the server and enters the SYN_SEND state to wait for the server's response.

[SYN_SEND- > ESTABLISHED] connect is called successfully. The client receives the response message ACK from the server, enters the ESTABLISHED state, and can read and write data.

[ESTABLISHED- > FIN_WIAT_1] the client initiatively calls close, sends an end message segment to the server, enters the FIN_WAIT_1 state, and waits for the server's response

[FIN_WAIT_1- > FIN_WAIT_2] when the client receives the acknowledgement of the end message segment from the server, it enters the FIN_WAIT_2 state and begins to wait for the end message segment of the server

[FIN_WAIT_2-> TIME_WAIT] the client receives the end message segment from the server, enters the TIME_WAIT, and sends out a LAST_ACK response to the end message sent by the server

[TIME_WAIT-> CLOSED] the client has to wait for a 2MSL (Max Segment Life, maximum message lifetime) before entering the CLOSED state (because to prevent the server from not receiving the LASK_ACK, it needs to be retransmitted).

TCP state transition diagram

Why is the common interview question in TCP three handshakes, not one or two?

A: the three-way handshake performs two important functions: both the two parties are ready to send data (both parties know they are ready for each other), and both parties are allowed to negotiate the initial serial number, which is sent and confirmed during the handshake.

Now change the three-way handshake to require only two handshakes, deadlock is possible. As an example, consider the communication between computers S and C, suppose C sends a connection request packet to S, S receives the packet and sends an acknowledgement reply packet.

According to the two-time handshake agreement, S believes that the connection has been successfully established and can start sending data packets.

However, when the reply packet of S is lost in transmission, C will not know whether S is ready, what sequence number S will establish, and C will even doubt whether S has received its own connection request packet.

In this case, C thinks that the connection has not been established successfully and will ignore any data grouping sent by S and only wait for the connection confirmation reply packet. On the other hand, S repeatedly sends the same packet after the sent packet times out. This creates a deadlock.

Two handshakes may also cause a waste of server resources. Let's say that C sends a connection request to S today and waits for a response from S. After S sends ACK to C, we think that the connection has been established. We know that the connection needs to be maintained after the connection is established. At this time, the operating system of S needs to allocate resources and space to maintain the connection. Assuming that the response from S to C is lost, and C does not receive the response, it thinks that the connection has not been established successfully and cannot communicate properly. At this time, the connection maintained by S is a failed connection and cannot communicate successfully. Suppose that today, 1 million clients send connection requests to the server S, and no response is received. At this time, S maintains 1 million useless connections, wasting the server's resources.

Why three handshakes and four waves?

Answer: because when the Server receives the SYN connection request message from the client, it can send the SYN+ACK message directly. The ACK message is used to reply, and the SYN message is used to synchronize.

However, when the connection is closed, when the Server side receives the FIN message, it is likely that the SOCKET will not be closed immediately, so it can only reply an ACK message first, telling the client, "I received the FIN message you sent."

Only after all the messages on the server side have been sent and all the data have been processed, the Server side can send FIN messages indicating that it can disconnect, so it can not be sent together. So you need a four-step handshake.

What if a connection has been established, but the client suddenly fails?

Answer: there is a keep-alive timer for TCP connection. Obviously, if the client fails, the server can't wait forever, wasting resources.

The server resets the timer every time it receives a request from the client. The time is usually set to 2 hours. If no data from the client is received in two hours, the server will send a probe message segment, and then send it every 75 seconds.

If 10 probe messages are sent in a row and still do not respond, the server thinks that the client has failed and then closes the connection.

Why is there a TIME_WAIT status?

Now do a test, first start server, then start client, then stop server with Ctrl-C, and then run server right away, and the result is:

This is because, although the server application is terminated, the connection to the TCP protocol layer is not completely disconnected, so the same server port cannot be monitored again. Let's take a look with the netstat command:

The TCP protocol stipulates that the party who actively closes the connection must be in the TIME_ WAIT state and wait for two MSL (maximum segment lifetime) before returning to the CLOSED state.

We use Ctrl-C to terminate server, so server is the party that actively shuts down the connection, and still cannot listen to the same server port again during TIME_WAIT

MSL is specified as two minutes in RFC1122, but the implementation varies from operating system to operating system. The default configuration value on Centos7 is 60s.

You can view the value of msl through cat / proc/sys/net/ipv4/tcp_fin_timeout

Let's think about why TIME_WAIT 's time is 2MSL.

MSL is the maximum lifetime of TCP messages, so the persistence of 2MSL in TIME_WAIT ensures that unreceived or late segments of messages in both transmission directions have disappeared (otherwise the server restarts immediately and may receive late data from the previous process, but this data is probably wrong)

It is also theoretically guaranteed that the last message arrives reliably (assuming the last ACK is lost, then the server will resend a FIN. At this time, although the client process is gone, the TCP connection is still there, and you can still resend the LAST_ACK)

The method to solve the bind failure caused by TIME_WAIT status

Re-monitoring is not allowed until server's TCP connection is completely disconnected, which may be unreasonable in some cases

The server needs to handle a very large number of client connections (the lifetime of each connection may be short, but there are a large number of clients requesting each second).

At this time, if the connection is actively closed by the server (for example, if some clients are not active, they need to be cleaned up actively by the server), a large number of TIME_WAIT connections will be generated.

Because of the large number of requests, it may lead to a large number of TIME_WAIT connections, each connection will occupy a communication quintuple (source ip, source port, destination ip, destination port, protocol). The ip, port and protocol of the server are fixed. If the ip and port number of the new client connection and the link occupied by TIME_WAIT duplicate, there will be a problem.

Use setsockopt () to set the option SO_REUSEADDR for socket descriptors to 1, which allows you to create multiple socket descriptors with the same port number but different IP addresses

After adding setsockopt, the server can be started immediately after ctrl+c terminates the server.

The above is the principle of TCP three-way handshake and four-time wave of the computer network transmission protocol. Have you learned the knowledge or skills? If you want to learn more skills or enrich your knowledge reserve, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.