From the horses mouth - http://www.ietf.org/rfc/rfc793.txt
For each connection there is a send sequence number and a receive
sequence number. The initial send sequence number (ISS) is chosen by
the data sending TCP, and the initial receive sequence number (IRS) is
learned during the connection establishing procedure.
For a connection to be established or initialized, the two TCPs must
synchronize on each other's initial sequence numbers. This is done in
an exchange of connection establishing segments carrying a control bit
called "SYN" (for synchronize) and the initial sequence numbers. As a
shorthand, segments carrying the SYN bit are also called "SYNs".
Hence, the solution requires a suitable mechanism for picking an
initial sequence number and a slightly involved handshake to exchange
the ISN's.
The synchronization requires each side to send it's own initial
sequence number and to receive a confirmation of it in acknowledgment
from the other side. Each side must also receive the other side's
initial sequence number and send a confirming acknowledgment.
1) A --> B SYN my sequence number is X
2) A <-- B ACK your sequence number is X
3) A <-- B SYN my sequence number is Y
4) A --> B ACK your sequence number is Y
Because steps 2 and 3 can be combined in a single message this is
called the three way (or three message) handshake.
A three way handshake is necessary because sequence numbers are not
tied to a global clock in the network, and TCPs may have different
mechanisms for picking the ISN's. The receiver of the first SYN has
no way of knowing whether the segment was an old delayed one or not,
unless it remembers the last sequence number used on the connection
(which is not always possible), and so it must ask the sender to
verify this SYN.
On Thu, Mar 21, 2013 at 4:32 PM, Mohammad Mousa <mohd-mousa_at_hotmail.com>wrote:
> Hello Security guru :o)
>
> I have question regarding how the TCP works? I know that the TCP is a
> connection oriented protocol and is used to make sure that that packet
> received in order and at the same time it's a reliable protocol which means
> if we lost a packet we can detect that based on the TCP sequence number and
> tell the other side to retransmit the packet again.
>
>
> TCP is three way-hand shaking, TCP syn packet and other side will reply
> syn ack and the third phase is the ack. My question is why we need the
> third phase? what the information we have? Actually, I think if I say hello
> and the other side is say hello back is enough, why should I need the third
> step?
>
> Thanks in advance,
>
> Mohammad
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Thu Mar 21 2013 - 16:49:45 ART
This archive was generated by hypermail 2.2.0 : Wed Apr 03 2013 - 19:06:19 ART