TCP 3-way handshake

TCP or transmission control protocol is a reliable and connection-oriented protocol, and with TCP data can be delivered accurately. Many applications, such as web (HTTP), email (SMTP), and file transfer (FTP) use TCP.

Before TCP transmits data segments from one device to another on the internet, it will first use a 3-way handshake to establish a connection and be synchronized. The TCP 3-way handshake is a series of communication between 2 devices (e.g. computer and server) to establish a network connection and to make sure that data is transferred error-free and completely.

Suppose the client sends a GET request to the host server to access web content. Recall that data from the server will first be cut down to smaller portions of data packets, and then each data packet is encapsulated by a transport header to form a segment. Before transmitting each segment, a TCP 3-way handshake must be first done between the client and server to establish a connection and have synchronized data transfer.

The following diagram illustrates how the TCP 3-way handshake is done.

Step 1: SYN

The 3-way handshake begins with the client sending a SYN segment to the server. This is to establish connection with the server and for synchronization data transfer. This is similar to saying: “hi server, can you establish a connection with me?”.

At the machine level, the client will: 

  1. Set SYN=1, this is a SYN control bit flag that signifies a request to establish connection and data synchronization,
  2. Set ACK=0, this is an ACK control bit flag that signifies that there is no acknowledgment of request,
  3. Define a client initial sequence number (ISN) (e.g. 7001),
  4. Define acknowledgment number (ACK #) to null.

“Initial sequence number” (ISN) and “acknowledgment number” (ACK #) are random unique identifiers in the form of a 32-bit number that is used to mark the sequence of data packets that a device will transmit from a client (or a server), and back. This will allow devices to identify the correct order of data packets when requesting/sending segments, and also when reforming the whole data. Sequence numbers are just one of the data included during the encapsulation of data packets; port numbers and IP addresses are also included, but for the sake of simplicity, we omitted the other data in the descriptions.

Step 2: SYN/ACK

The server replies with a SYN-ACK segment back to the client. This acknowledges the client’s synchronization request while asking the client for synchronization as well. This is similar to saying: “hi client, I will establish a connection with you, can you please also allow me to establish a connection with you?”

At the machine level, the server will:

  1. Set SYN=1 to signify a counter connection and synchronization request,
  2. Set ACK=1, to signify acknowledgment of the request,
  3. Define a server’s ISN (e.g. 3001), and
  4. Send ACK # by adding 1 to the client’s ISN (e.g. 7002) – to acknowledge the client’s request.

After step 2, the server has already agreed to open the connection from server to client.

Note: a ghost bit with a value of 1 is added to the ISN (or ACK #) to identify the order of the next data packet.

Step 3: ACK

Finally, the client replies with an ACK segment, acknowledging the server’s synchronization request. This is similar to saying: “hi again server, I will also establish a connection with you as well”.

At the machine level, the client will:

  1. Set SYN=0, to signify that there is no more request,
  2. Set ACK=1, to signify acknowledgement of request,
  3. Receive server sequence number (e.g. 7002), and
  4. Send ACK # by adding 1 to the server’s ISN (e.g. 3002) – to acknowledge the server’s request.

After step 3, the client has also agreed to open the connection from the client to server.

By performing a 3-way handshake, the connection between the client and server is fully established. In addition, data packets are now ready to be received/delivered with agreed up sequence orders.