• notice
  • Congratulations on the launch of the Sought Tech site

The most straightforward to tell the process of TCP three-way handshake

Describe the process of TCP three-way handshake with the most simple and easy-to-understand love process

the first time

I love you 
woman received-" proves that the man has the ability to love

the second time

I Receive Your Love, I Love You 
Man "------------Woman
Man Receives-" proves that the woman has the ability to love and be loved

the third time

I received your beloved 
man ---------------- "The
woman received-" proves that the man has the ability to be loved

So what does a real handshake look like?

real three-way handshake

It is also necessary to confirm the two capabilities of both parties: the ability to send and the ability to receive.


Initially, both parties belong to the CLOSED state. Then the server starts listening on a certain port and enters the LISTEN state.

The client pays attention to initiating a connection, sending SYN, and it becomes a SYN-SENT state
. The server receives it, returns SYN and ACK (corresponding to the SYN sent by the client), and becomes a SYN-RECD
client and sends ACK to the service. The server itself becomes ESTABLISHED (established) state; after the server receives the ACK, it also becomes this state
. SYN needs confirmation from the peer, but ACK does not. Therefore, SYN consumes a sequence number and ACK does not.

Remember a rule: Anything that needs to be confirmed by the peer must consume the serial number of the TCP packet.

Why not twice?

Root cause: Unable to confirm client's receive capability.

analyse as below:

If it is two 
SYN messages,
you ------------" want to shake hands
but the packets are stuck in the current network and have not arrived at the
TCP, think it is a packet loss - " so retransmit the
two handshakes to establish connected

This seems to be no problem, but after the connection is closed, what if the packet stuck in the network reaches the server?

Here comes the problem, two handshakes, as long as the server receives and sends the corresponding data packet, it will be connected by default, but in fact now the client has been disconnected, which also brings a waste of connection resources

Why not four times?

Because three times is enough to confirm the ability of both parties to send and receive, four times or more is of course unnecessary.

Can data be carried during the three-way handshake?

Yes, but only the third time the
first two times cannot be brought and the reasons for the third time to be brought are as follows:

  • Prevent hackers. It will increase the risk of server attack and prevent hackers from putting a lot of data in the SYN message in the first handshake, causing the server to consume a lot of time and memory space.

  • The established state is relatively safe. The third time this state has been able to confirm that the server's receiving and sending capabilities are normal

State transition (simultaneous waving)

What is this situation? When the sender sends a SYN message to the receiver, the receiver also sends a SYN message to the sender, and the two just got on!


The above figure is to explain the state transition in the case of simultaneous opening.

After sending SYN, the status of both becomes SYN-SENT.
After each receives the other's SYN, the state of both becomes SYN-REVD.
Then the corresponding ACK + SYN will be replied. After the message is received by the other party, the two statuses become ESTABLISHED together.


Technical otaku

Sought technology together

Related Topic


Leave a Reply