TCP连接状态说明

参考了网上一些文章,最终发现wireshark的wiki写的比较好,以此为基准,说明TCP在连接和断开时的状态迁移过程。

全局的TCP连接和断开的状态变更如下图所示:

复制代码

TCP 3-way handshake

We assume that both host (A) and server (B) side start from CLOSED status.

复制代码
  1. The server process create a TCB [1] and use TCB prepares to accept the host's request. After TCB born the server change status to LISTEN.

  2. The host does the same thing, create a TCB and use this TCB to send request, set the "SYN=1" in the request header, and initates a arbitrary sequence number, seq=x . SYN paccket (which means SYN=1) can not take any data content, but it will consume a sequence number. After request sent, the host goes into SYN-SENT status.

  3. After receiving the host's request:

    1. i. If the server accept to this connection, it will send back a confirm response. In the response both SYN and ACK bits should be '1', and server side also initiates a SEQ number, seq=y . The server will send its sequence number within packet which is used to be acknowledged to the clinet's SYN packet. This packet can not take any data content either, but it consumes a sequence number . So in this packet seq=y, ack=x+1. And the server goes into SYN-RCVD status.

    2. ii. If the server rejects the connection, it just responses a RST packet to reset the connection.

  4. After the host received the server's response, it will send back also a confirm packet with ACK bit sets to '1' and seq=x+1, ack=y+1. [2]

After that, both side gose into ESTABLISHED status. This is what we called three-way handshake.

Example

复制代码

Capture Example

3-way handshake.pcap

1\]. TCB---Transmission Control Block, something like PCB, it stores some significant info like, **TCP** connectio table, the pointer for the sending and receiving buffer, retransmission queue pointer, the current sequence number and acknowledge number and ext. \[2\]. ACK packet could take data content, if not, this packet will not consume SYN number. So the sequence number of the confirm packet is *seq=x+1* . But in practice, at times, **TCP** **3-way** **handshake** not only just initiates the connection, but also negotiate some very important parameters. MSS (*maximum segment size*) negotiation occurs in this steps. ### TCP 4-times close ``` ``` 1. Client send finish datagram to the server, indicated that client will close the transmission from client to server. This is called **active close**. (FIN=1, seq=u) 2. Server acknowledged the FIN datagram. (ACK=1, seq=v, ack=u+1) 3. Server contiues to transmit, if the server finishs the transmission it will close transmission from server to client. This is called **passive close**.(FIN=1, ACK=1, seq=w, ack=u+1) 4. Client acknowledged the FIN datagram to the server.\[1\] (ACK=1, seq=u+1, ack=w+1) \[1\]. After the ACK send, the client will not release the resource immediately, it will turn into TIME-WAIT status and wait 2-MSL (*Maximum Segment Lifetime*) time to release resource. #### Example ``` ``` #### Capture Example [4 times close.pcap](https://wiki.wireshark.org/TCP%204-times%20close?action=AttachFile&do=view&target=4+times+close.pcap "4 times close.pcap") ### 状态迁移图 ``` ```

相关推荐
睿思达DBA_WGX10 分钟前
由于主库切换归档路径导致的 Oracle DG 无法同步问题的解决过程
运维·数据库·oracle
XXYBMOOO44 分钟前
Xilinx-FPGA-PCIe-XDMA 驱动内核兼容性问题修复方案
linux·运维·服务器
waveee1231 小时前
学习嵌入式的第三十三天-数据结构-(2025.7.25)服务器/多客户端模型
服务器·数据结构·学习
爱学习的狮王1 小时前
window10和ubuntu22.04双系统之卸载ubuntu系统
linux·运维·ubuntu
wmm_会飞的@鱼3 小时前
FlexSim-汽车零部件仓库布局优化与仿真
服务器·前端·网络·数据库·数学建模·汽车
Deutsch.3 小时前
负载均衡Haproxy
运维·负载均衡·haproxy
-XWB-4 小时前
【安全漏洞】网络守门员:深入理解与应用iptables,守护Linux服务器安全
linux·服务器·网络
不做无法实现的梦~4 小时前
mid360连接机载电脑,远程桌面连接不上的情况
运维·服务器·电脑
还是朝夕4 小时前
OSPF路由协议 多区域
网络
消失的旧时光-19434 小时前
Android网络框架封装 ---> Retrofit + OkHttp + 协程 + LiveData + 断点续传 + 多线程下载 + 进度框交互
android·网络·retrofit