TCP Handshake with Examples

TCP Handshake with Examples

The TCP handshake is a three-way process that occurs between a client and a server to establish a TCP connection. It involves a series of steps where the client and server exchange specific TCP packets. 

The handshake ensures both parties agree on initial sequence numbers, enabling reliable data transfer in TCP/IP networks, crucial for preventing data loss and ensuring synchronization. 

Understanding the TCP handshake is essential for CCIE Enterprise Infrastructure certification, which covers advanced TCP/IP protocols, network infrastructure, and troubleshooting techniques. 

Here is a detailed explanation of the TCP handshake, including steps, packet formats, and flags:

Step 1: SYN (Synchronize) packet

Example: The client (192.168.1.10) initiates the handshake by sending a TCP packet to the server (10.0.0.1) with the SYN (Synchronize) flag set to 

Packet Format:

  • Source IP address: 192.168.1.10
  • Source port number: 4321
  • Destination IP address: 10.0.0.1
  • Destination port number: 80
  • Flags: SYN=1, ACK=0 (other flags, such as FIN or RST, are set to 0)
  • Sequence number: 1001
  • Acknowledgment number: 0 (not applicable in this packet)

Step 2: SYN-ACK (Synchronize-Acknowledgment) packet

Example: Upon receiving the SYN packet, the server (10.0.0.1) responds with a TCP packet of its own.

Packet format:

  • Source IP address: 10.0.0.1
  • Source port number: 80
  • Destination IP address: 192.168.1.10
  • Destination port number: 4321
  • Flags: SYN=1, ACK=1 (other flags are set to 0)
  • Sequence number: 2001
  • Acknowledgment number: 1002 (acknowledging the client’s ISN)

Step 3: ACK (Acknowledgment) packet

Example: Upon receiving the SYN-ACK packet, the client (192.168.1.10) sends a final TCP packet to the server (10.0.0.1).

Packet format:

  • Source IP address: 192.168.1.10
  • Source port number: 4321
  • Destination IP address: 10.0.0.1
  • Destination port number: 80
  • Flags: SYN=0, ACK=1 (other flags are set to 0)
  • Sequence number: 1002
  • Acknowledgment number: 2002 (acknowledging the server’s ISN)

After these three steps, the TCP handshake is complete, and a reliable connection is established between the client and the server. 

Both the client (192.168.1.10) and the server (10.0.0.1) have exchanged SYN and ACK packets, agreeing on the initial sequence numbers (ISNs) and acknowledging each other’s packets. 

They are now ready to exchange data over the established connection.