TCP 3-way Handshake Process

TCP three way handshake process

TCP 3 way handshake process

TCP (Transmission Control Protocol) is a connection oriented protocol which works on Transport Layer for reliable communication between network devices. TCPv4 was published in RFC-793 in 1981 and is still the current version. TCP is a connection-oriented full-featured transport layer protocol that provides all the functions needed by a typical application for the reliable transportation of data across an internetwork. TCP is a host-to-host protocol. TCP provides reliable communication with a mechanism called Positive Acknowledgement with Re-transmission (PAR) employing the 3-way Handshake.

 

3-way Handshake Process

TCP uses a process called 3-way Handshake for reliable communication. In 3-way Handshake process, three TCP segments are exchanged between the sender and the receiver to establish a reliable connection. These are called SYN, SYN-ACK and ACK.

Step1 (SYN): In the first step, client wants to establish a connection with server, so it sends a segment with SYN (Synchronize Sequence Number). This informs server that client is likely to start communication and with what sequence number it starts segments with.

TCP 3 way handshake process

Step2 (SYN + ACK): In the second step, Server responds to the client request with SYN-ACK signal bits set. Acknowledgement(ACK) signifies the response of segment it received and SYN signifies with what sequence number it is likely to start the segments with.

TCP 3 way handshake process

Step3 (ACK): In the last step, client acknowledges the response of server by ACK message. Status on both sides change to ESTABLISHED and both get ready to start the actual data transfer.

The steps 1 and 2 establish the connection parameter (seq nos.) for one direction and it is acknowledged. The steps 2 and 3 establish the connection parameter (seq nos.) for the other direction and it is acknowledged. After the whole process, a full-duplex communication is established. ISN (Initial Sequence Numbers) are randomly selected while establishing connections between client and server. Below is the simplified view of TCP 3-way handshake process.

Any device using this 3-way Handshake process resends the data unit until it receives an acknowledgement. Transport Layer checks the data with checksum functionality for Error Detection at the receiver side. If the data unit received at the receiver’s end is damaged, then receiver discards the segment. So, the sender has to resend the data unit for which positive acknowledgement is not received.

TCP allows one side/device to establish a connection. The other side/device may either accept the connection or refuse it. The device that is establishing/requesting the connection is called client and the side waiting for a connection is called server. TCP uses virtual ports to create a virtual end-to-end connection that can reuse the physical connections between two computers. TCP is encapsulated within the data field of IP datagrams and TCP encapsulates higher level protocol data such as Network Mgmt (SNM), HTTP (web), SMTP (email) and many other protocols.

 

TCP Open Call Types

TCP identifies two types of OPEN calls which are Active OPEN and Passive OPEN calls as in below:

  1. Active OPEN: In an Active Open call a device using TCP takes the active role and initiates the connection by sending a TCP SYN message to start the connection. The Device in Active OPEN state is called Client
  2. Passive OPEN: In passive OPEN state, device is waiting for an active OPEN from other. It does not generate any TCP message segment. The Device in Passive OPEN state is called Server

 

TCP Message Types

There are four types of message that control transitions between states during TCP 3-way Handshake process. SYNchronize and ACKnowledge messages are indicated by a either the SYN bit, or the ACK bit inside the TCP header, and the SYN-ACK message has both the SYN and the ACK bits turned on (set to 1) in the TCP header.

 

TCP Message Types

Message Description
SYN

(Synchronize message)

Used to initiate and establish a connection. It is used to synchronize sequence numbers between devices.

SYN bit =1in the TCP Header

ACK

(Acknowledgement message)

Used to confirm to the other side that it has received the SYN

ACK bit =1 in the TCP Header

SYN-ACK

(Synchronize & ACK message)

SYN message from local device & ACK of the previous packet.

SYN bit =1,ACK bit=1 in the TCP Header

FIN

(Finish)

Used to terminate a connection.

FIN bit =1 in the TCP Header

 

TCP States

There are 6 types of TCP states during the 3-way handshake process which are called CLOSED, LISTEN, SYN-SENT, SYN-ACK SENT, SYN RCVD and ESTABLISHED. Below table lists the detail of each state:

 

TCP States

State Description
CLOSED In-active or Initial state where not TCP activity has begun yet
LISTEN The device is waiting for contact request
SYN-SENT The device waits to receive an ACK to the SYN it has sent to the other side
SYN+ACK SENT The device sends an ACK that it has received the SYN.

Also, it sends its own SYN request & waits to receive an ACK from the other side

SYN RCVD The device has received the SYN for the ACK it sent previously
ESTABLISHED TCP Handshake has been completed/Established & the device is ready for data transfer now

After the Three-way handshake, the connection is open and the participant computers start sending data using the agreed sequence and acknowledge numbers

 

TCP Complete Data Transfer Process

TCP Data Transfer process completes in three phases as in below:

Phase1: In first Phase, Three-way handshake is completed so that sender & receiver can know each other & build a trust relationship.

Phase2: After the first phase, the connection is opened and the participant devices start sending data using the agreed sequence and acknowledge numbers that they have agreed upon in phase1

Phase3: Once all Data transfer is completed, the connection is terminated using the FIN flags from both sides.

This whole setup and teardown of a TCP socket connection is part of what qualifies TCP a reliable protocol. TCP also acknowledges that data is successfully received and guarantees the data is reassembled in the correct order. Below is the detailed overview of TCP processes showing all three Phases.

 

 

TCP 3-way Handshake Example with Packet Tracer

Below is a Wireshark capture which shows detailed packets exchanges that happen between a Client and Server during TCP handshake, Data Transfer & Connection Termination phases:

TCP and 3-way Handshake Cheatsheet notes:

Below is detailed Cheatsheet for TCP which covers all the above mentioned topics on one page for long term memory:

Now, test your knowledge on OSI Model using our free Quizzes & Cheat sheet resources for long term memory:

 

Networkwalks Summary Cheatsheets

 

Free Online Quizzes (Best for Cisco CCNA, Huawei HCNA, N+)

 

 

Follow our Facebook Page & YouTube Channel for more updated Cheatsheets & Quizzes:

 

5 1 vote
Article Rating
Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments