TCP three-time handshake process capture demonstration

Before learning TCP, I could not remember the three handshakes, which felt very abstract. Later, I was more impressed by the actual operation through the packet capture tool Wireshark.

The situation of three handshakes and bag capture is as follows:



First handshake:The client sends the message segment to the server. If SYN=1, the client wants to establish a connection with the server, the serial number is seq=x, and the actual packet capture results in seq=0. Wireshark’s first packet capture is shown below.



The state Settings for SYN are shown below.



Second handshake:The server receives the connection request from the client and sends the client a message segment with the content: SYN=1, indicating that the server wants to establish a connection with the client. The establishment of a connection is bidirectional. The client should establish a connection with the server by setting SYN=1, and the server should also establish a connection with the client by setting SYN=1. ACK= X +1, means that the server has successfully received the previous X pieces of data sent by the client. The server expects the data sent by the client to start with X +1, because the serial number actually sent by the client is seq= X =0, so ACK=1. Only when ACK=1, the value of ACK is valid, so ACK=1 in the message segment. The server also sends the serial number seq=y and actually sends seq=0. Wireshark’s second packet capture is shown below.



The state Settings for SYN and ACK are shown below.



Third handshake:The client receives the connection request from the server and sends a confirmation packet to the server, which includes: ACK= Y +1, means that the previous Y data sent by the server has been successfully received, and the starting sequence number of the next packet sent by the server is expected to be Y +1. Since the actual seq= Y =0, ACK=1 is obtained. Similarly, only ACK=1 is valid, so ACK is set to 1 in the message segment. The second handshake server expects the next packet sent from the client to start with seq 1, so seq=1. Wireshark’s third catch is shown below.



The state setting of ACK is shown below.