What is TCP 3 Way Handshake?
Overview
TCP establishes a secure and reliable connection between two devices. This is possible because of the TCP's 3-way handshake process, which occurs when two devices establish and close connections. There are three steps to both establishing and closing the connection, as the name implies. So, in this article, we'll go through the TCP 3-way handshake process and the various steps that it includes.
What is a TCP 3-way Handshake?
The 3-Way handshake is a TCP/IP network connection mechanism that connects the server and client. Before the real data communication process begins, both the client and server must exchange synchronization and acknowledgment packets.
The 3-way handshake mechanism is designed to allow both communicating ends to initiate and negotiate the network TCP socket connection parameters at the same time before data is transmitted. It allows you to transfer numerous TCP socket connections in both directions simultaneously.
TCP Segment Structure
Every TCP segment consists of a data field and a header field, as shown below:
A TCP segment's header field can be anything from 20 to 60 bytes long. Here 40 bytes are used for the options field, which is located at the end of the TCP header. A header is 20 bytes if there are no options field; otherwise, it can be up to 60 bytes.
Header Fields
- Source port- It is a 16-bit field that holds the port address of the application sending the data.
- Destination Port- It is a 16-bit field that holds the port address of the application receiving the data.
- Sequence Number- It is used to keep track of the bytes sent. Each byte in a TCP stream is uniquely identified by the TCP sequence number, which is a four-byte number.
- Acknowledgment number- It is a 32-bit field that contains the acknowledgment number or the byte number that the receiver expects to receive next. It works as an acknowledgment for the previous data received successfully.
- Header Length (HLEN)- The header length is a 4-bit field that specifies the length of the TCP header. It helps in knowing from where the actual data begins.
- Flags- There are six control flags or bits:
- URG: It indicates an urgent pointer. If URG is set, then the data is processed urgently.
- ACK: It represents the acknowledgment field in a segment. If the ACK is set to 0, the data packet does not contain an acknowledgment.
- RST: It Resets the connection. If RST is set, then it requests to restart a connection.
- PSH: If this field is set, the receiving device is requested to push the data directly to the receiving application without buffering it.
- SYN: It initiates and establishes a connection between the hosts. If SYN is set, the device wants to establish a secure connection; else, not.
- FIN: It is used to terminate a connection. If FIN is 1, the device wants to terminate the connection; else, not.
- Checksum- A checksum is a sequence of numbers and letters used to detect errors in data. It is a 16-bit field that is optional in UDP but mandatory in TCP/IP.
- Window size- It is a 16-bit field. This field specifies the size of data that the receiver can accept.
- Urgent pointer- This field (valid only If the URG flag is set to 1) is used to indicate urgently needed data and must be received as soon as possible. It specifies a value that will be appended to the sequence number to get the last urgent byte's sequence number.
TCP 3-way Handshake Process
TCP 3-way handshake process is used for establishing and terminating the connection between the client and server.
Steps of a 3-Way Handshake for Establishing the Connection
The three steps involved in establishing a connection using the 3-way handshake process in TCP are as follows:
-
The client sends the SYN (synchronize) message to the server: When a client requests to connect to a server, it sends the message to the server with the SYN flag set to 1. The message also includes:
- The sequence number (any random 32-bit number).
- The ACK (which is set to 0 in this case).
- The window size.
- The maximum segment size. For example, if the window size is 3000 bits and the maximum segment size is 300 bits, the connection can send a maximum of 10 data segments (3000/300 = 10).
-
The server responds with the SYN and the ACK (synchronize-acknowledge) message to the client: After receiving the synchronization request, the server sends the client an acknowledgment by changing the ACK flag to '1'. The ACK's acknowledgment number is one higher than the sequence number received. If the client sends an SYN with a sequence number of 2000, the server will send the ACK using acknowledgment number = 20001. If the server wants to create the connection, it sets the SYN flag to '1' and transmits it to the client. The SYN sequence number used here will be different from the SYN used by the client. The server also informs the client of its window size and maximum segment size. After this step is completed, the connection is established from the client to the server.
-
The client sends the ACK (acknowledge) message to the server: The client will set the ACK flag to '1' after receiving the SYN from the server and transmits it with an acknowledgment number 1 greater than the server's SYN sequence number. The SYN flag has been set to '0' in this case. The connection between the server and the client is now formed after this phase is completed.
Refer to the diagram below that explains the connection establishment process using the 3-way handshake.
Steps of a 3-Way Handshake for Terminating the Connection
Most implementations today allow three-way and four-way handshaking with a half-close option for connection termination. Here we only mentioned the steps of three-way handshaking for connection termination. The three steps involved in terminating a connection using the 3-way handshake process in TCP are as follows:
-
The client sends the FIN (finish) message to the server: When the client decides to disconnect from the network, it transmits the message to the server with a random sequence number and sets the FIN flag to '1'. ACK is set to 0 in this case.
-
The server responds with the FIN and the ACK (finish-acknowledge) message to the client: After receiving the request, the server acknowledges the client's termination request by changing the ACK flag to '1'. The ACK's acknowledgment number is one higher than the sequence number received. If the client sends a FIN with a sequence number of 2000, the server will send the ACK using acknowledgment number = 20001. If the server also decides to terminate the connection, it sets the FIN flag to '1' and transmits it to the client. The FIN sequence number used here will be different from the FIN used by the client. After this step is completed, the connection between the client to the server is disconnected.
-
The client sends the ACK (acknowledge) message to the server: The client will set the ACK flag to '1' after receiving the FIN from the server and transmits it with an acknowledgment number 1 greater than the server's FIN sequence number. The FIN flag is set to '0' in this case. After this step is completed, the connection is also disconnected from the server to the client.
Refer to the diagram below that explains the connection termination process using the 3-way handshake.
Enroll in our Free Computer Networks course with certification designed by industry experts. Sign up today & pave the way for a thriving career!
Conclusion
- TCP 3-way handshake, also known as a 3-way handshake, is a protocol for establishing a connection between a server and a client in a TCP/IP network.
- A client must initiate a conversation by using the TCP handshake to request a communication session with the server.
- SYN flag is used to start and maintain a connection while the ACK flag confirms that the other side has received the SYN flag.
- The FIN flag is used to terminate a connection.
- The server replies to the client request with the SYN-ACK signal set in the second step.
- The client acknowledges the server's response in the final step.