riven

Riven

Riven

TCP 3 way handshake process

Three-Way Handshake is a fundamental concept in the Transmission Control Protocol (TCP) used to establish a reliable connection between two devices over a network. This process is crucial for ensuring that both parties are ready for communication, allowing them to synchronize their sequence numbers and establish parameters for the connection

Understanding TCP

Before discussing the Three-Way Handshake, it’s essential to understand the context in which it operates. TCP is one of the core protocols of the Internet Protocol Suite, primarily responsible for ensuring reliable data transmission between devices.

Key Features of TCP

  1. Connection-Oriented: TCP establishes a connection before data transfer, ensuring both parties are synchronized.
  2. Reliable Delivery: TCP guarantees that data packets are delivered accurately and in the correct order.
  3. Error Detection and Correction: TCP incorporates mechanisms to identify and correct errors during transmission.
  4. Flow Control: TCP manages the rate of data transmission to prevent overwhelming the receiver.
  5. Congestion Control: TCP adjusts data transmission rates based on network conditions to prevent congestion.

The Importance of Connection Establishment

Connection establishment is critical in networking, as it prepares both devices for data exchange. The Three-Way Handshake serves several essential functions:

  1. Synchronization: Ensures both devices have agreed on the initial sequence numbers.
  2. Resource Allocation: Allows devices to allocate resources necessary for data transmission.
  3. Reliability: Establishes a reliable communication channel, enabling error checking and retransmission mechanisms.

The Three-Way Handshake Process

The Three-Way Handshake involves three distinct steps: SYN, SYN-ACK, and ACK. Let’s break down each step in detail.

Step 1: SYN (Synchronize)

The handshake begins when a client wants to establish a connection with a server. The client sends a SYN (synchronize) packet to the server.

Packet Structure

The SYN packet contains several key components:

  • Sequence Number: A randomly generated initial sequence number (ISN) that identifies the start of the connection.
  • Control Flags: The SYN flag is set to indicate that this is a synchronization request.
  • Source Port: The port number of the client.
  • Destination Port: The port number of the server
 
Step 2: SYN-ACK (Synchronize-Acknowledge)

Upon receiving the SYN packet, the server responds with a SYN-ACK (synchronize-acknowledge) packet. This packet serves two primary purposes:

  1. Acknowledgment: It acknowledges the receipt of the client’s SYN request by setting the ACK flag and including the next expected sequence number.
  2. SYN from the Server: The server also sends its own SYN request, providing its initial sequence number.

Packet Structure

The SYN-ACK packet contains the following components:

  • Acknowledgment Number: The client’s sequence number incremented by one (i.e., x + 1).
  • Sequence Number: The server’s own randomly generated initial sequence number (let’s say y).
  • Control Flags: Both SYN and ACK flags are set.
 

Step 3: ACK (Acknowledge)

After receiving the SYN-ACK packet, the client sends an ACK (acknowledge) packet back to the server. This final step completes the handshake process.

Packet Structure

The ACK packet contains:

  • Acknowledgment Number: The server’s sequence number incremented by one (i.e., y + 1).
  • Sequence Number: The client’s sequence number incremented by one (i.e., x + 1).
  • Control Flags: The ACK flag is set. 

Connection Established

After the ACK is received, both the client and server have established a reliable TCP connection, ready to transmit data.

Visual Representation of the Three-Way Handshake

To better illustrate the Three-Way Handshake, consider the following diagram:

lua
Client Server | | |------ SYN
(Seq = x) ---->| | | |<----- SYN-ACK (Seq = y, Ack = x + 1)| | | |------ ACK (Seq = x + 1, Ack = y + 1)---->| | |

This diagram shows the flow of packets during the handshake process, highlighting the sequence and acknowledgment numbers exchanged between the client and server.

The Role of Sequence and Acknowledgment Numbers

Sequence Numbers

Every byte of data transmitted in a TCP connection is assigned a sequence number. The initial sequence number (ISN) plays a crucial role in managing the order of packets. Sequence numbers ensure that data can be reassembled correctly at the receiving end, even if packets arrive out of order.

Acknowledgment Numbers

Acknowledgment numbers signify the next expected byte from the other side of the connection. When a packet is received, the recipient sends back an acknowledgment indicating that it has received all bytes up to that number. This mechanism is vital for ensuring reliable delivery and for triggering retransmission in case of packet loss.

Benefits of the Three-Way Handshake

The Three-Way Handshake provides several advantages that contribute to the reliability and efficiency of TCP connections:

  1. Reliable Connection Establishment: The handshake ensures that both devices are ready for communication, preventing data loss during transmission.
  2. Synchronization of Sequence Numbers: By exchanging initial sequence numbers, both devices can track the order of packets.
  3. Resource Allocation: The handshake allows both devices to allocate the necessary resources for the connection, optimizing performance.
  4. Error Checking: The acknowledgment mechanism helps identify and rectify transmission errors.

Challenges and Limitations

While the Three-Way Handshake is a robust mechanism, it is not without challenges:

1. SYN Flood Attacks

SYN flooding is a type of Denial of Service (DoS) attack where an attacker sends a large number of SYN requests to a target server. The server allocates resources for each request and waits for the corresponding ACK packets, which may never arrive. This can exhaust server resources and prevent legitimate connections.

Mitigation Strategies:

  • SYN Cookies: A technique that allows the server to avoid allocating resources until the handshake is fully established.
  • Rate Limiting: Implementing limits on the number of incoming SYN requests from a single source can help mitigate SYN flood attacks.

2. Latency Issues

The Three-Way Handshake introduces a latency overhead due to the three packets exchanged before data transmission can begin. This delay can be significant in high-latency networks.

3. Connection Timeout

If the handshake process is interrupted or delayed, the connection may time out. This timeout can lead to dropped connections and require the client to restart the handshake process.

The Three-Way Handshake in Real-World Applications

The Three-Way Handshake is employed in numerous real-world applications and protocols:

1. Web Browsing (HTTP/HTTPS)

When you access a website, your browser initiates a TCP connection to the web server using the Three-Way Handshake. This ensures a reliable communication channel for transmitting web content.

2. File Transfer Protocol (FTP)

FTP relies on TCP for reliable file transfers. The Three-Way Handshake establishes the connection, allowing for efficient and accurate file transfer between the client and server.

3. Remote Access Protocols (SSH, Telnet)

Protocols like SSH (Secure Shell) and Telnet utilize the Three-Way Handshake to establish secure connections for remote access to servers and devices.

4. Streaming Services

Streaming applications use the Three-Way Handshake to ensure reliable connections for transmitting audio and video data. This is crucial for maintaining quality and continuity during playback.

Advanced Topics Related to the Three-Way Handshake

1. TCP State Transitions

The TCP connection lifecycle involves various states, which can be visualized as a finite state machine. During the connection establishment phase, the following states are important:

  • LISTEN: The server waits for incoming connections.
  • SYN-SENT: The client has sent a SYN packet and is waiting for a SYN-ACK.
  • SYN-RECEIVED: The server has received a SYN and sent a SYN-ACK.
  • ESTABLISHED: Both client and server have completed the handshake and can begin data transmission.

2. Simultaneous Open

In some scenarios, both the client and server may attempt to initiate a connection simultaneously. This is known as a simultaneous open. Both sides send SYN packets, leading to the exchange of SYN-ACK and ACK packets. This scenario can be complex but is handled within the TCP protocol.

3. Connection Termination

The Three-Way Handshake is essential for connection establishment, but TCP also requires a mechanism for connection termination. The connection termination process typically involves a four-step process known as the Four-Way Handshake, which includes FIN (finish) and ACK packets.