TCP Connection Establishment: Three-way Handshake

A TCP connection is established by using a three-way handshake, which we briefly touched upon in a previous lesson. The connection establishment phase uses the sequence number, the acknowledgment number, and the SYN flag.

Initiating a Connection

When a client host wants to open a TCP connection with a server host, it creates and sends a TCP segment with:

• The SYN flag set
• The sequence number set to a random initial value. So the sequence numbers do not start with 0! Can you guess why?

Responding to an Initial Connection Message

Upon reception of this segment (which is often called a SYN segment), the server host replies with a segment containing:

• the SYN flag set
• the sequence number set to a random number.
• The ACK flag set
• The acknowledgment number set to the sequence number of the received SYN segment incremented by 1 mod $2^{32}$, because the SYN segment consumes one byte. This new number may exceed $2^{32}$, which is the limit of the ACK header field, so the modulus by $2^{32}$ of this number is taken. This allows the number to cycle back and start from $0$.

Note When a TCP entity sends a segment with $x+1$ as the acknowledgment number, it means that it has received all the segments up to and including the segments with the sequence number $x$, and that it’s expecting data having sequence number $x+1$.

This segment is often called a SYN+ACK segment. The acknowledgment confirms to the client that the server has correctly received the SYN segment. The random sequence number of the SYN+ACK segment is used by the server host to verify that the client has received the segment.

Acknowledging The Response

Upon reception of the SYN+ACK segment, the client host replies with a segment containing:

• The ACK flag set
• The acknowledgment number set to the sequence number of the received SYN+ACK segment incremented by 1. The modulus of the number by $2^{32}$ is obviously taken. At this point, the TCP connection is open and both the client and the server are allowed to send TCP segments containing data. This is illustrated in the figure below:

In the figure above, the connection is considered to be established by the client once it has received the SYN+ACK segment, while the server considers the connection to be established upon reception of the ACK segment.

Quick Quiz!