标签：

常见问题

Q1. TCP报文头结构多大？

Q2. TCP为何采用三次握手来建立连接，若采用二次握手可以吗，请说明原因？

Q3. TCP为何采用四次挥手来释放连接？

TCP协议

　　首先，我们需要知道TCP在网络OSI的七层模型中的第四层——传输层（Transport），IP在第三层——网络层（Network），ARP在第二层——（Data Link），在第二层上的数据，我们叫帧（Frame），在第三层上的数据叫包（Packet），第四层的数据叫报文段（Segment）。

1. TCP报文头结构

　　首先，我们看一下TCP报文的头结构，如下图所示：

　　需要注意以下几点：

　　(1) TCP的包是没有IP地址的，那是IP层的事。但是有源端口和目标端口；

　　(2) 一个TCP连接需要四个元组来表示同一个连接（src_ip, src_port, dst_ip, dst_port），准确的说，应该是五元组，还有一个是协议。但因为这里只是说TCP协议，所以是四元组；

　　(3) 注意上图中四个非常重要的字段：

• • • 1. Sequence Number：包的序号，用来解决网络包乱序问题（reordering）；
    • 2. Acknowledgement Number：即ACK——用于确认收到，用来解决不丢包的问题；
    • 3. Window：又叫做Advertised-Window，也就是著名的滑动窗口（Sliding Window），用业解决流量控制问题；
    • 4. TCP Flag：也就是包的类型，主要是用于操控TCP状态机的。
      • C：0x80 Congestion Window Reduced (CWR)
      • E：0x40 ECN Echo (ECE)
      • U：0x20 Urgent
      • A：0x10 ACK
      • P：0x80 Push
      • R：0x40 Reset
      • S：0x20 Syn
      • F：0x10 Fin

　　(4) 其他的一些字段（略）

2. TCP状态机

　　其实，网络上的传输是没有连接的，包括TCP也是一样的。而TCP所谓的"连接"，其实只不过是在通讯的双方维护一个"连接状态"，让它看上去好像有连接一样。所以，TCP的状态变换是非常重要的。

　　下面是TCP协议的状态机：

(1) CLOSED

• State Description

　　This is the default state that each connection starts in before the process of establishing it begins. The state is called "fictional" in the standard. The reason is that this state represents the situation where there is no connection between devices——it either hasn‘t been created yet, or has just been destroyed. If that makes sense. 

• Event and Transition
  

　　Passive Open: A server begins the process of connection set up by doing a passive open on a TCP port. At the same time, it sets up the data structure (transmission control block or TCB) needed to manage the connection. It then transitions to the LISTEN state. 

　　Active Open, Send SYN: A client begins connection setup by sending a SYN message, and also sets up a TCB for this connection. It then transitions to the SYN-SENT state. 

(2) LISTEN

• State Description

　　A device (normally a server) is waiting to receive a synchronize (SYN) from a client. It has not yet sent its own SYN message. 

• Event and Transition

　　Receive Client SYN, Send SYN+ACK: The server device receives a SYN from a client. It sends back a message that contains its own SYN and also acknowledges the one it recevied. The server moves to the SYN-RECEIVED state. 

(3) SYN-SENT

• State Description

　　The device (nomally a client) has sent a synchronize (SYN) message and is waiting for a matching SYN from the other device (usually a server). 

• Event and Transaction

　　Receive SYN, Send ACK: If the device that has sent its SYN message receives a SYN from the other device but not an ACK for its own SYN, it acknowledges the SYN it receives and then transitions to SYN-RECIVED to wait for the acknowledgment to its SYN. 

　　Receive SYN+ACK, Send ACK: If the device that sent the SYN receives both an acknowledgment to its SYN and also a SYN from the other device, it acknowledges the SYN received and then moves straight to the ESTABLISHED state. 

(4) SYN-RECEIVED 

• State Description

　　The device has both received a SYN (connetion request) from its partner and sent its own SYN. It is now waiting for an ACK to its SYN to finish connection setup. 

• Event and Transition

　　Receive ACK: When the receives the ACK to the SYN it sent, it transitions to the ESTABLISHED state. 

(5) ESTABLISHED

• State Description

　　The "steady state" of an open TCP connection. Data can be exchanged freely once both devices in the connection enter this state. This will continue until the connection is closed for one reason or another. 

• Event and Transaction

　　Close, Send FIN: A device can close the connection by sending a message with the FIN (finish) bit sent and transition to the FIN-WAIT-1 state. 

　　Receive FIN: A device may receive a FIN message from its connection partner asking that the connection be closed. It will acknowledge this message and transition to the CLOSE-WAIT state.  

(6) CLOSE-WAIT

• State Description 

　　The device has received a close request (FIN) from the other device. It must now wait for the application on the local device to acknowlegde this request and generate a matching request. 

• Event and Transition

　　Close, Send FIN: The application using TCP, having been informed the other process wants to shut down, sends a close request to the TCP layer on the machine upon which it is running. TCP then sends a FIN to the remote device that already asked to terminate the connection. This device now transitions to LAST-ACK. 

(7) LAST-ACK 

• State Description

　　A device that has already recevied a close request and acknowledged it, has sent its own FIN and is waiting for an ACK to this request. 

• Event and Transition

　　Receive ACK for FIN: The device receives an acknowlegment for its close request. We have now sent our FIN and had it acknowledged, and received the other device‘s FIN and acknowledged it, so we go straight to the CLOSED state. 

(8) FIN-WATI-1

• State Description

　　A device in this state is waiting for an ACK for a FIN it has sent, or is waiting for a connection termination request from the other device. 

• Event and Transition

　　Receive ACK for FIN: The device receives an acknowledgment for its close request. It transitions to the FIN-WAIT-2 state. 

　　Receive FIN, Send ACK: The device does not receive an ACK for its own FIN, but receives a FIN from the other device. It acknowledges it, and moves to the CLOSING state. 

(9) FIN-WAIT-2

• State Description

　　A device in this state has received an ACK for its request to terminate the connection and is now waiting for a matching FIN from the other device. 

• Event and Transition

　　Receive FIN, Send ACK: The device receives a FIN from the other device. It acknowlegdes it and moves to the TIME-WAIT state. 

(10) CLOSING 

• State Description

　　The device has received a FIN from the other device and sent an ACK for it, but not yet received an ACK for its own FIN message. 

• Event and Transition

　　Receive ACK for FIN: The device receives an acknowledgment for its close request. it transitions to the TIME-WAIT state. 

(11) TIME-WAIT

• State Description

　　The device has now received a FIN from the other device and acknowledged it, and sent its own FIN and received an ACK for it. We are done, except for waiting to ensure the ACK is received and prevent potential overlap with new connstions. 

• Event and Transition

　　Timer Expiration: After a designated wait period, device transtions to the CLOSED state. 

3. TCP建连接、传数据、断连接

　　TCP建连接、传数据、断连接的过程如下图所示：

(1) 三次握手

　　对于建连接的3次握手，主要是要初始化Sequence Number的初始值。通信的双方互相通知对方自己的初始化的Sequence Number (缩写为ISN: Inital Sequence Number) —— 所以叫SYN，全称是Synchronize Sequence Numbers。也就是上图中的x和y。这个号要作为以后的数据通信的序号，以保证应用层接收到的数据不会因为网络上的传输的问题而乱序（TCP会用这个序号来拼接数据）。

　　三次握手的大致流程如下：

• 1. 客户端向服务器发送一个SYN seq = x；
• 2. 服务器向客户端响应一个SYN seq = y，并对SYN seq = x 进行确认ACK = x + 1；
• 3. 客户端再向服务器发一个确认ACK = y + 1。

　　采用三次握手是为了防止失效的连接请求报文段突然又传送到服务器，从而发生错误。当客户端发出的连接请求报文段由于某些原因没有及时到达服务器，而客户端在等待一段时间后，又重新发向服务器发送连接请求，且建立成功，顺序完成数据传输，那么第一次发送的连接请求报文段就称为失效的连接请求报文段。

　　考虑这样一种特殊情况，客户端第一次发送的连接请求并没有丢失，而是因为网络问题导致延迟到达服务器，服务器以为是客户端又发起的新连接，于是服务器同意连接，并向客户端发回确认，但是此时客户端不予理会，服务器就一直等待客户端发送数据，导致服务器的资源浪费。

(2) 四次挥手

　　建立一个连接需要三次握手，而终止一个连接要经过四次挥手。这是由于TCP的半关闭（half-close）造成的。既然一个TCP连接是全双工（即数据在两个方向上能同时传递），因此每个方向必须单独地进行关闭。四次挥手的过程如下：

• 1. 某个应用进程首先调用close，我们称这一端执行主动关闭。这一端的TCP于是发送一个FIN分节，表示数据发送完毕；
• 2. 另一端收到FIN分节之后，执行被动关闭，对这个FIN进行确认。它的接收也作为文件结束符传递给接收端应用进程，因为FIN的接收意味着应用进程在相应的连接上再也接收不到额外数据；
• 3. 一段时间过后，接收到文件结束符的应用进程调用close关闭它的套接口，而导致它的TCP也发送一个FIN；
• 4. 接收到这个FIN的原发送端TCP（即执行主动关闭的那一端）对它进行确认。

　　这样每个方向上都有一个FIN和ACK，所以一共需要四个分节。

　　对于四次挥手，其实你仔细看是两次，因为TCP是全双工的，所以发送方和接收方都需要FIN和ACK。只不过，有一方是被动的，所以看上去就成了所谓的四次挥手。如果两边同时断连接，那就会都进入到CLOSING状态，然后到达TIME_WAIT状态。下图是双方同时断连接的示意图：

　　下面我们来回答TCP为何采用四次挥手来释放连接。

　　关闭连接时，当收到对方的FIN报文通知时，它仅仅表示对方没有数据发送给你了，但未必你所有的数据都全部发送给对方了，所以你未必会马上关闭socket，也即你可能还需要发送一些数据给对方之后，再发送FIN报文给对方来表示你没有数据发送给对方了，针对每个FIN报文，都需要一次ACK报文，故需要四次挥手。

　　需要注意的是，四次挥手并非都需要四个报文段，例如当你收到对方的FIN报文通知时，若你所有的数据都全部发送给对方了，那么可以将ACK和FIN合并为一个报文段，这样对方收到FIN后，再发送一个ACK报文即可，故此时只需要三个报文段。

【计算机网络】TCP协议详解

标签：

原文地址：http://www.cnblogs.com/xiaoxxmu/p/5768512.html