Sign in Subscribe
linux 🍹

SYN-SYN-ACK and ACK 🤝

Scarlett Clarke, Aleksandra Sloan, Kenzo Kylo

2 min read
SYN-SYN-ACK and ACK 🤝


Understanding TCP Flags


TCP flags are used to indicate a particular state during a TCP conversation. TCP flags can be used for troubleshooting purposes or to control how a particular connection is handled. Each of them has its own significance. They initiate connections, carry data, and tear down connections. Commonly used TCP flags are "SYN", "ACK" and "FIN".

🎧

TCP Flags List

  • SYN (synchronize): Packets that are used to initiate a connection.
  • ACK (acknowledgment): Packets that are used to confirm that the data packets have been received, also used to confirm the initiation request and tear down requests
  • FIN (finish): It is used to request for connection termination. Both the sender and receiver send the FIN packets to gracefully terminate the connection. Only one side of the conversation is stopped; no data loss. This is the last packet sent by the sender.
  • RST (reset): It is used to terminate the connection if the RST sender feels something is wrong with the TCP connection or that the conversation should not exist. Abruptly tells the other side to stop communicating. The whole conversation is stopped; data is discarded.
  • PSH (push): Indicate that the incoming data should be passed on directly to the application instead of getting buffered. Here data is delivered in sequence.
  • URG (urgent): Indicate that the data that the packet is carrying should be processed immediately by the TCP stack. Here data is delivered out of sequence.


TCP handshake/ three-way handshake


TCP (Transmission Control Protocol)'s role is to ensure the packets are reliably delivered (delivery of data and packets in the same order as they were sent), and error-free. TCP has concurrence control, which means the initial requests start small, increasing in size to the levels of bandwidth the computers, servers, and network can support.

TCP uses a three-way handshake (aka TCP-handshake, three message handshake, and/or SYN-SYN-ACK) to establish a reliable TCP/IP connection over an IP-based network. The exchange of these four flags is performed in three steps—SYN, SYN-ACK, and ACK—as shown below.


1 - Computer X transmits a SYNchronize packet to server N

First, the client sends a packet with a sequence number and only the SYN flag bit set in the header.
This initial packet allows the client to set what the first sequence number should be for request packets originating from the client. This is the client's synchronization step.



2 - Server N sends back a SYNchronize-ACKnowledge packet to Computer X


Second, server N responds to the SYN packet with an SYN/ACK packet. Here, the server sets both the SYN flag bit and the ACK flag bit. This packet confirms the sequence number sent by the client by acknowledging it. However, the server must also send an SYN and a sequence number back to the client to set what the first sequence number should be for response packets originating from the server. Similar to the first step, this response packet is the server's synchronization step.



3 - Computer X then transmits an ACKnowledge packet to N

Finally, client X responds to the SYN/ACK packet with an ACK packet that acknowledges the server's sequence number request.


At this point, the 3-way handshake is complete, and the connection is established. All these steps are necessary to verify the serial numbers originated by both sides, guaranteeing the stability of the connection and since both hosts must acknowledge the connection parameters of the other side, a missing or out-of-order segment can be quickly detected before the actual data transfer process is initiated.

Sign up for more like this.

Enter your email
Subscribe