Now, In my previous post I talked about TCP’s “three way handshake” while realising i hadnt actually written a basic introductory blog about it for people who arent as in-tune with the way of the packet yet 🙂
Basically, to establish a TCP connection, you will need 4 things:
1. A Destination IP Address
2. A port on that Destination IP Address
3. A Source IP Address
4. A port on that Source IP Address
As you may be aware, an IP Address with a port listening on it is referred to as a “Socket”; for example 192.168.1.1:80 is a socket, listening on port 80 typically means this is a HTTP Server.
To establish a TCP connection, you need 2 sockets to be able to talk to each other in order to initiate what is known as a “flow”; think of it as a 100m running track, its a straight line with 2 points, a start and a finish. If you dont have a start you cant send anything, if you dont have a finish it’ll never get there.
This “flow” between the 2 sockets is why TCP is typically referred to as a connection oriented protocol, as opposed to UDP which is referred to as connection less.
Anyway, before I digress too far from the crux of the matter: In order to establish a connection to transmit “data” over, you must first complete the three way handshake between the 2 sockets. This 3 way handshake consists of two vital flags used in a TCP conversation:
1. SYN (Synchronise)
2. ACK (Acknowledgement)
In the first stage, the Client (Establisher) sends a TCP SYN control segment to the Server (Recipient). This is the first stage of the handshake.
The Server receives this SYN, and in turn sends a SYN-ACK to the client. This ACK confirms Server has recieved the SYN, and in turn he has sent out his own SYN to synchronise with the client. This is the second stage of the three way handshake.
Finally, the client receives the SYN-ACK, and knows that Server got his SYN so he is good to receive communications. Client responds with an ACK to the Servers SYN, saying that he confirms the SYN packet sent by Server. This is the third and final stage of the handshake. Once this is done, it is said that a TCP Connection is “Established”.
To give this a metaphorical twist; Joe wants to communicate with Harry over a two-way radio. To ensure that Harry is listening on his send frequency, Joe shouts “Hello can you hear me?” down the radio (Stage 1, SYN).
On hearing this, Harry answers with “Yes, Can you hear me?” (ACKnowledges Joes original transmission, and sends a SYN of his own).
Finally, Joe knows Harry is listening as he has confirmed his question (ACK’d), so Joe answers Harrys question (SYN) with a “Yes” (ACK). It can now be said that Joe and Harry in an established communication.
Now, you may ask – what is being done in this SYN stage? Well, technically they are allocating buffer sizes, synchronising sequence numbers and various other variables. You can think of it using the metaphor as they are tweaking the frequency in which they are going to communicate on.
For further background information, there is a very good introductory page here:
http://www.inetdaemon.com/tutorials/internet/tcp/3-way_handshake.shtml
It has some good graphics, etc which help convey the concept.
Hope this helps!
Sam