Shulou(Shulou.com)06/03 Report--

Tcp protocol:

Tcp is a connection-oriented, reliable process-to-process protocol. Tcp provides full-duplex service: data can be transmitted in both directions at the same time.

Tcp message segment header format:

The meaning of each field:

Source port number: 16-bit field, which is the port number corresponding to the sending port process

Destination port: a 16-bit field, which is the port number corresponding to the receiving end process. After receiving the packet, the receiver determines that the data will be sent to the corresponding program for processing.

Serial number: a 32-bit field that is stored in the send cache when tcp receives data from the process. And number each byte to form a sequence number. The features are as follows:

A random number is generated as the number of the first byte, which becomes the serial number (ISN). The range is: 0-(232-1)

The numbers of each direction of tcp are independent of each other.

When the bytes are numbered, tcp assigns a sequence number to each message segment, which is the number of the first byte in the message segment

Confirmation number: 32-bit field. The confirmation number is the confirmation message to the sender, which is used to tell the sender that all the data segments before the sequence number have been received. If the confirmation number is x, it means that one segment has been received.

Header length: it can be used to determine the byte length of the header data structure. Normally, the header length of tcp is 20 bytes, but the maximum header length can be extended to 60 bytes.

Reserved: reserved for use as an extension.

Control bits: the connection and disconnection of the tcp are directed by these six control bits. The meaning is as follows:

URG: emergency pointer valid bit

ACK: the confirmation serial number field is valid only when ACK=1, and invalid when ACK=0.

PSH: a flag bit of 1 requires the receiver to send the data segment to the application layer as soon as possible.

RST: notifies you to re-establish a tcp connection when the value of RST is 1.

SYN: the synchronization sequence number is, and set this value to 1 when tcp needs to establish a connection.

FIN: the sender completes the sending task. When the tcp completes the data transmission and needs to disconnect, the disconnecting party is proposed and the control bit is set to 1.

Window value: the number of locally acceptable segments, the size of which is variable with the network. When the network is unblocked, the larger the value can speed up the transmission speed, and when the network is unstable, the smaller the value can ensure the reliability of the transmitted data; the flow control in tcp protocol is realized by changing the window value.

Checksum: used for error control, calculating a checksum before sending a tcp message. When the receiver receives the data and verifies it again, when the two values are the same, it means that the data is fine.

Emergency pointer: used in conjunction with URG, valid when URG=1

Options: there can be up to 40 bytes of optional information in the header of the tcp.

Connection and disconnection of tcp:

Before data communication, a connection should be established between the sender and the receiver; after the data transmission is over, the two sides are disconnected. Each side of the tcp connection is made up of an IP and a port,

Three handshakes and four waves are shown in the picture:

Suppose the server listens on port 80. Access by the client

Three-way handshake:

The first time:

The client uses a random port to initiate a connection request to port 80 of the server. The typical sign in this process is that the SYN control bit of tcp is 1. 0. The other five control bits are all 0

The second time:

It is completed in two parts:

1. The server receives the connection request sent by the client and responds to the confirmation message to the client. The typical sign in this process is that the ACK control bit of TCP is 1, the other five control bits are all 0, and the sequence number is the client initial sequence number + 1.

2. The server also sends a connection request to the client, and the typical flag bit in this process is the same as in the first handshake. That is, the SYN control bit of TCP is 1, and the other five control bits are 0.

In order to improve the communication efficiency, these two parts are implemented in the same data packet.

The third time:

When the client receives the reply (confirmation and request) from the server, it also needs to send a confirmation message to the server. The typical sign of this process is that the ACK control bit of tcp is 1, and the other five control bits are all 0. Confirm that the sequence number is the initial sequence number of the server + 1.

The three-way handshake is complete and the tcp connection is established successfully. Use the command netstat-an command to view the status as: ESTABLISHED

Three-way handshake status monitoring:

After the socket is created, the server starts listening and changes to the LISTEN state. The client requests to establish a connection, sends a SYN message to the server, and the status of the client changes to SYN_SENT. After receiving the message from the client, the server sends ACK and SYN messages to the client, and the state of the server becomes SYN_RCVD. Then, when the client receives the ACK and SYN, it sends the ACK to the server, the client state changes to ESTABLISHED, and the server becomes ESTABLISHED after receiving the ACK from the client. At this point, the 3-way handshake is complete and the connection is established!

Four waves:

The first time:

The client sends a tcp message with control bit FIN and ACK location 1 to the server.

The second time:

The server returns the tcp message with control bit ACK 1 to the client.

At this time in a half-closed state, the client terminates sending data, only replies to ACK acknowledgement messages, and no longer sends data messages, but throws can receive data. When the server sends the data, it sends a FIN message to the client and receives an ACK acknowledgment, thus completely shutting down the tcp connection

The third time:

The server sends the tcp message with control bit FIN and ACK location 1 to the client.

The fourth time:

The client returns the tcp message with control bit ACK 1 to the server.

Four wave status monitoring:

Because the tcp connection is full-duplex, disconnecting the connection can be a little more troublesome than establishing a connection. The client first sends a FIN message to the server, requesting to disconnect, and its status changes to FIN_WAIT1. After the server receives the FIN, ACK occurs to the client, and the server status changes to CLOSE_WAIT. After receiving the ACK, the client enters the FIN_WAIT2 state. By this time the connection was half disconnected. If the server still has data to send to the client, it will continue to send. Until it is finished, the FIN message is sent, and the server enters the LAST_ACK state. After the client receives the FIN of the server, it immediately sends the ACK to the server. At this time, the client enters the TIME_WAIT state, and then enters the CLOSED state after a long time of 2MSL. The server enters the CLOSED state when it receives the ACK from the client.

At this point, there is another state that has not been mentioned: CLOSING status. The CLOSING status indicates that the client has a FIN, but does not receive the server's ACK, but receives the server's FIN. This happens when the ACK sent by the server is lost, because there are sometimes accidents in network transmission.

Use the command to view the tcp network connection status:

Netstat-n | grep port | awk'/ ^ tcp/ {+ + a [$NF]} END {for (v in a) print v [v]}'

Detailed description of status:

Listen: listens for client connection requests

Syn_send: the client sends a connection request and waits to confirm the connection

Syn_recv: the status when the server receives a connection request and gives the other party an acknowledgement (syn+ack is also 1)

Established: the state in which a connection is opened and data is transferred normally

Fin_wait1: wait for confirmation after the client initiates a request for fin to close the connection

Fin_wait2: after the client receives the ACK confirmation of closing the connection, the status (semi-closed state) only accepts data and sends ACK acknowledgement, not data.

Close_wait: after receiving the FIN, the server sends an ACK in response to the FIN request and waits for a local connection disconnection request to be initiated.

Closing: wait for the other party to confirm the connection interruption after sending the FIN request on the active shutdown side (normally, you can't see this state)

Last_ack: passive shutdown side, the status of sending a fin request waiting for ACK to the active shutdown side after receiving the file Terminator

Time_wait: (2MSK status) after the active shutdown end receives the FIN, it sends the ACK into the time-wait state. Prevent the other party from not receiving the final ACK confirmation message and ensure that both parties can end normally. During this period, the startup service connection can be restarted but data cannot be sent.

Closed: the state after the passive shutdown side receives the ACK package. Represents the end of the connection.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.