top of page

TCP/IP 3-way handshake

Updated: Aug 8, 2023

TCP stands for Transmission control protocol and IP for Internet protocol. Any digital communication starts with TCP handshake. this means the client and server are ready to communicate with each other. TCP is connection-oriented protocol. few examples are Websites, client-server communication.



3-way Handshake

You might now that we have various version of TCP/IP suite. these layers are building blocks of any web application, SS7/Sigtran Signaling GW, Routers, Switches etc.


In OSI, there are 7 layers:

P = Physical Layer

D = Data link layer

N = Network Layer

T = Transport Layer

S = Session Layer

P = Presentation Layer

A = Application Layer


TCP/IP is stripped down version of OSI layer.

OSI Vs TCP/IP


UDP stands for User datagram protocol, and it is connection less protocol. this also uses TCP/IP stack but doesn't perform any CRC or frame check. So, packet can be lost in between and there is no guarantee. This is used mostly where we don't care about response. this is is widely used for DNS queries, Video streaming etc.


LAB

Let's learn to identify the right packets. Down below, I am going to show you communication between client and server. please focus on source IP and Destination IP.

source IP: 192.168.216.1

Destination IP: 192.168.216.128

Note: I have used VMware for all the demonstration


Stage 1: Syn Packet (Client to Server)

Layer 1: talks about physical connection.

Layer 2: talks about Mac Address, Source, Destination

Layer 3: talks about IP, Source IP, Destination IP and other stuff.

Layer 4: talks about the payload which is sent from client to server. Payload refers to the data which is sent. the important parameters are

Source Port: 56506

Destination Port: 80

Sequence Number: 915605242

Acknowledge Number: 0

Flags: S


Note: please focus, the Sequence number sent by client will be used as reference to track all communication.

Stage1 of TCP handshake

Stage 2: Syn,Ack Packet (Server to Client)

Layer 1: talks about physical connection.

Layer 2: talks about Mac Address, Source, Destination

Layer 3: talks about IP, Source IP, Destination IP and other stuff.

Layer 4: talks about the payload which is sent from client to server. Payload refers to the data which is sent. the important parameters are

Source Port: 56506

Destination Port: 80

Sequence Number : 3279467397

Acknowledgement number :915605242

Acknowledge number : 0

Flags: A - - S


Note: please focus, the Sequence number sent by client in Stage1, comes as Acknowledgement number from server and server send his new sequence number.


Stage2 of TCP handshake

Stage 3: Ack Packet (Client to Server)

Layer 1: talks about physical connection.

Layer 2: talks about Mac Address, Source, Destination

Layer 3: talks about IP, Source IP, Destination IP and other stuff.

Layer 4: talks about the payload which is sent from client to server. Payload refers to the data which is sent. the important parameters are

Source Port: 56506

Destination Port: 80

Sequence Number: 915605243 (this has been incremented by client by +1)

Acknowledgement number :3279467397

Acknowledge number: 0

Flags: A


Note: please focus: the Sequence number sent by server in Stage2 becomes Acknowledgement number from client and client send new sequence number which is increment by +1. This is the way you can track all the upcoming packets.



Stage3 of TCP handshake

11 views1 comment

1 Comment

Rated 0 out of 5 stars.
No ratings yet

Add a rating
Guest
Aug 15, 2023
Rated 5 out of 5 stars.

fruitful description

Like
bottom of page