The article is intended for anyone who is familiar with TCP/IP and explains the TCP three-way handshake process.
I have captured the traffic between the client PC and a web server (example.net) using Wireshark.
To establish a connection between client and server, TCP uses a process called three-way handshake. (SYN, SYN-ACK, ACK)
First thing first, why is three-way handshake called as a three-way handshake? The reason being is that three segments are exchanged between the client and the server for TCP connection to be established.
The following sequence shows the process of a TCP connection being established.
Step 1Packet# 1
The client wants to initiate a connection to the server (184.108.40.206). So, the client sends a packet with SYN bit set. SYN flag announces an attempt to open a connection.
If you look at the TCP header, the source port is randomly selected by Windows and the destination is well-known port 80. Length of the data is zero because this is a SYN packet and no data is transmitted in this stage. If you look at the sequence number, the value is set to zero by Wireshark (Relative sequence number).
The actual value would be a 32 bit randomly selected number which we humans will find hard to keep up with. From the screenshot you can see the actual SEQ number from the client is 1932704549 (I have also attached the picture which shows the actual 32 bits sequence number below)
Step 2Packet# 2
In step 2, the server will respond to the client with ACK and SYN bit set. Like step 1, Length of the data is zero, no data is transmitted in this stage. The sequence number is set to 0 (relative) and acknowledges the request of the client for synchronization. The server sends an acknowledgment of 1 to the client. The ACK is specific to the SYN the client sent. The acknowledge number is set to one more than the receive sequence number.
Step 3Packet# 3
Finally, the client acknowledges the server’s request for synchronization with ACK 1. The ACK is specific to the SYN the server sent. The acknowledge number is set to one more than the receive sequence number.
The above process creates a reliable OSI Layer 4 connection between two hosts.
I have had an established fully functional site running an ISR1100 with SDWAN. Just last week I lost tunnels on my MPLS connection and even though I have full connectivity (can ping all other edges, no firewalls in path, MPLS circuit seem...
I've inherited a mess a couple of years ago, I left things the way they were but now's the time it's biting me in the a**. We have 10.0.0.0/8 network at HQ. We have a MPLS connection to our DR site. That DR site also have a 10.0.0.0/8 network (it's essent...
I am setting up ospf between area 1 and area 0 along with 2 9500 switches that are connected to both area 1 and area 0. 9500A and 9500B are connected on the same vlan that is part of area 1, however I need 9500B to prefer the area 0 routes learned from th...
I have a L2 portchannel between a 9407 and two Nexus 5000
We have Exfo testers at each end.
My port one on 9407 goes two port two on his nexus and I loop his port two.
He does the opposite. He port one loops my port two and we both send a 1Gig Down...