Open in app

Sign in

Write

Sign in

What is TCP, and how do the three-way and four-way handshakes work?

Dhaval Kachhiya Patel
6 min readOct 27, 2024

--

TCP (Transmission Control Protocol) is a fundamental protocol in the Internet Protocol Suite (TCP/IP) that provides reliable, ordered, and error-checked delivery of data packets between networked devices.

Connection-oriented:
TCP establishes a three-way handshake to create a connection between two devices before data can be exchanged.
This handshake involves the client sending a SYN (synchronize) packet, the server responding with a SYN-ACK (synchronize-acknowledge) packet, and the client then sending an ACK (acknowledge) packet to complete the connection.
This ensures that both devices are ready and able to communicate with each other.

Reliable data transfer:
TCP uses sequence numbers to keep track of the order of data packets.
When a packet is received, the recipient sends an acknowledgment (ACK) back to the sender, confirming that the packet was received correctly.
If a packet is lost or corrupted, the sender will retransmit the packet until it is successfully delivered.
This ensures that data is delivered reliably and in the correct order.

Flow control:
TCP implements a sliding window mechanism to control the rate of data transfer.
The receiver specifies the size of the window, which represents the amount of data it is willing to accept at a time.
The sender can only send data within the size of the current window, and the window size is adjusted dynamically based on the receiver’s ability to handle the incoming data.
This prevents the sender from overwhelming the receiver and ensures that the data is transmitted at a rate that the receiver can handle.

Error checking:
TCP uses checksum algorithms to detect errors in the data packets.
If a packet is received with an incorrect checksum, it is discarded, and the sender will retransmit the packet.
This ensures that corrupted data is not accepted and that the integrity of the data is maintained.

Overall, TCP provides a reliable and ordered data transfer mechanism, ensuring that data is delivered correctly between networked devices, even in the presence of packet loss or network congestion. This makes it a widely used protocol for applications that require reliable data delivery, such as web browsing, file transfers, and email.

TCP header

The TCP (Transmission Control Protocol) header is the structure that precedes the actual data being transmitted in a TCP packet. The TCP header contains various fields that provide important information for the reliable and ordered delivery of data.

1. Source Port (16 bits):
- This field identifies the port number of the sending application on the source device.

2. Destination Port (16 bits):
- This field identifies the port number of the receiving application on the destination device.

3. Sequence Number (32 bits):
- This field contains the sequence number of the first byte of data in the current TCP segment.
- It is used to ensure the correct ordering of the data packets.

4. Acknowledgment Number (32 bits):
- This field contains the sequence number of the next byte of data that the receiver expects to receive.
- It is used to acknowledge the successful receipt of data.

5. Data Offset (4 bits):
- This field specifies the size of the TCP header in 32-bit words.
- It indicates the starting position of the data within the TCP packet.

6. Reserved (6 bits):
- This field is reserved for future use and is currently set to 0.

7. Flags (6 bits):
- This field contains various control flags, such as:
- URG (Urgent Pointer field significant)
- ACK (Acknowledgment field significant)
- PSH (Push function)
- RST (Reset the connection)
- SYN (Synchronize sequence numbers)
- FIN (No more data from sender)

8. Window Size (16 bits):
- This field specifies the size of the receive window, which is the amount of data the receiver is willing to accept.
- It is used for flow control to prevent the sender from overwhelming the receiver.

9. Checksum (16 bits):
- This field contains the checksum value calculated over the TCP header, TCP payload, and a pseudo-header.
- It is used to detect errors in the received data.

10. Urgent Pointer (16 bits):
- This field points to the last byte of urgent data in the TCP segment.
- It is used to indicate the presence of urgent data that should be processed immediately.

11. Options (variable length):
- This field can contain additional options, such as Maximum Segment Size (MSS), Window Scale, or Timestamp.
- The options are used to negotiate and configure various TCP parameters during the connection establishment.

12. Data :

  • It contains actual data .

The TCP header provides the necessary information for the reliable and ordered delivery of data, as well as the control mechanisms for flow control and error detection. The combination of these fields ensures the efficient and robust operation of the TCP protocol.

TCP 3 WAY Handshaking and 4 WAY Handshaking process.

1. 3-way Handshake:

- The 3-way handshake is the process of establishing a TCP connection between two devices.

Step 1: Client sends a SYN (synchronize) packet to the server.
- The client sets the sequence number (SEQ) to a random initial value, let's say 100.
- The SYN flag is set to 1 to indicate that this is the start of a connection.

Step 2: Server responds with a SYN-ACK (synchronize-acknowledge) packet.
- The server sets the sequence number (SEQ) to a random initial value, let's say 300.
- The server also sets the acknowledgment number (ACK) to the client's sequence number plus 1, which is 101.
- The SYN and ACK flags are both set to 1.

Step 3: Client sends an ACK (acknowledge) packet to the server.
- The client sets the sequence number (SEQ) to 101 (the previous acknowledgment number).
- The client sets the acknowledgment number (ACK) to the server's sequence number plus 1, which is 301.
- The ACK flag is set to 1.

At the end of the 3-way handshake, the TCP connection is established, and both the client and server are ready to exchange data.

2. 4-way Handshake:

- The 4-way handshake is the process of gracefully closing a TCP connection.

Step 1: Client sends a FIN (finish) packet to the server.
- The client sets the sequence number (SEQ) to the current value, let's say 101.
- The FIN flag is set to 1 to indicate that the client wants to close the connection.

Step 2: Server responds with an ACK (acknowledge) packet.
- The server sets the sequence number (SEQ) to the current value, let's say 301.
- The server sets the acknowledgment number (ACK) to the client's sequence number plus 1, which is 102.
- The ACK flag is set to 1.

Step 3: Server sends a FIN-ACK (finish-acknowledge) packet to the client.
- The server sets the sequence number (SEQ) to the current value, let's say 302.
- The server sets the acknowledgment number (ACK) to the client's sequence number plus 1, which is 102.
- Both the FIN and ACK flags are set to 1.

Step 4: Client sends a final ACK (acknowledge) packet to the server.
- The client sets the sequence number (SEQ) to the current value, let's say 102.
- The client sets the acknowledgment number (ACK) to the server's sequence number plus 1, which is 303.
- The ACK flag is set to 1.

At the end of the 4-way handshake, the TCP connection is gracefully closed, and both the client and server have acknowledged the closure.

The sequence numbers and acknowledgment numbers are used to ensure the reliable and ordered delivery of data packets during the connection establishment and termination processes. They help the devices keep track of the data flow and detect any missing or out-of-order packets.

Cybersecurity
Networking
Network

--

--

Dhaval Kachhiya Patel
Dhaval Kachhiya Patel

Written by Dhaval Kachhiya Patel

1 Follower
1 Following

Explaining/Teaching concepts in simple terms instead of making them complex manner For Query Contact : +91-7359330223

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams