Similar to our earlier post on how devices communicate with each other, when a Client and Server system on the internet have to communicate with each other, they use the TCP/IP protocol and use what is called a 3 Way Handshake.
Just like how two people communicate and decide, say something like: Hi, I want to buy a phone. Okay, I can provide you the phones you want. Okay, I confirm that I would like to buy from you. Similarly, the client and server send some messages to each other to establish or disconnect a connection.
Each of the message looks like the below
Steps to start the connection for the client with the server
Step 1: When a client initially requests for a connection to the server, the client sends a message to the server with the message having the SYN flag set to ‘1’ and the ACK flag set to 0. It also sends a sequence number (32 bit random number) in that message. For example, the sequence number could be 20000.
Step 2: The server then responds with the SYN and the ACK flag set to ‘1’ back to the client. In this server’s message the acknowledgement number will be the sequence number sent by the client appended with ‘1’. For example, if the sequence number in the client’s first message is 20000, then the acknowledgement number in the server’s reply message is going to be 20001. The server setting the ACK flag to 1 is a way for the server to acknowledge the client’s request message. Please note that the SYN flag will be set to ‘1’ only if the server can establish the connection. In cases where the queue is very large, and the server cannot entertain the connection request from the client, then the server will simply ignore the SYN message from the client. Also, please note that while the acknowledgement number is the sequence number of the client’s SYN message appended with 1, the sequence number in the “SYN+ACK” message sent by the server will be a new random number. But, this number will be used by the client in the next step. After this step, the connection from client to the server is formed.
Step 3: In this step, the client has to acknowledge that the server message is received and we are all good to communicate with each other. The server will respond with the SYN set to ‘0’ and the ACK flag set to ‘1’. But, it also increases the sequence number in the message from the server appended by ‘1’ and uses it as the acknowledgement number in this message. So, the sequence number in the previous message from the server is 55000, then the acknowledgement number in this message from the client to the server will be 55001. After this step, the connection from the server to the client is formed. So, the connection is formed both ways.
You can see this happening in detail at a packet level in the Wireshark software below.
Steps to close the connection for the client with the server
Similar to the above, there are three steps to close a connection.
Step 1: When a client initially requests for a connection to the server, the client sends a message to the server with the message having the FIN (not SYN) flag set to ‘1’ and the ACK flag set to 0. It also sends a sequence number (32 bit random number) in that message. For example, the sequence number could be 20000.
Step 2: The server then responds with the FIN and the ACK flag set to ‘1’ back to the client. In this server’s message the acknowledgement number will be the sequence number sent by the client appended with ‘1’. For example, if the sequence number in the client’s first message is 20000, then the acknowledgement number in the server’s reply message is going to be 20001. The server setting the ACK flag to 1 is a way for the server to acknowledge the client’s request message. Please note that the FIN flag will be set to ‘1’ only if the server can entertain the request and disconnect the connection. In cases where the queue is very large, and the server cannot entertain the disconnection request from the client, then the server will simply ignore the FIN message from the client. Also, please note that while the acknowledgement number is the sequence number of the client’s FIN message appended with 1, the sequence number in the “FIN+ACK” message sent by the server will be a new random number. But, this number will be used by the client in the next step. After this step, the connection from client to the server is disconnected.
Step 3: In this step, the client has to acknowledge that the server message is received and we are all good to communicate with each other. The server will respond with the FIN set to ‘0’ and the ACK flag set to ‘1’. But, it also increases the sequence number in the message from the server appended by ‘1’ and uses it as the acknowledgement number in this message. So, the sequence number in the previous message from the server is 55000, then the acknowledgement number in this message from the client to the server will be 55001. After this step, the connection from the server to the client is disconnected. So, the connection is disconnected both ways.
Hope this is useful to provide you a good idea of how TCP communication is used to establish a client-server connection.
You may like to read: Cybersecurity Laws & Regulations, Ethical Hacking for Youngsters, and How Prime Numbers & Encryption are Related?.
