三次握手和四次分手

若星河

2023-09-15 帮助3人

三次握手与四次分手图解

三次握手

三次握手的作用：确定通行双方的发送与接收功能是否正常，同步通信序列号，交换tcp通信窗口大小与最大报文段长度（mss）

学新通

四次挥手

正常情况下，由客户端来决定何时关闭连接。四次挥手的意义在于确保数据能够完整传输。

学新通

使用tcpdump进行抓包

测试命令

curl www.谷歌.com

抓包命令网卡：wlo1 端口：80

tcpdump -nn -i wlo1 port 80

输出（已添加注释）

tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on wlo1, link-type EN10MB (Ethernet), snapshot length 262144 bytes
# 三次握手
## SYN = 1 | seq = 3464472424 | mss = 1460
23:59:04.224062 IP 192.168.50.43.49312 > 142.250.217.132.80: Flags [S], seq 3464472424, win 64240, options [mss 1460,sackOK,TS val 388526343 ecr 0,nop,wscale 7], length 0
## ACK = 1 | ack = 3464472424   1  | seq = 2089195576 | mss = 1460
23:59:04.225261 IP 142.250.217.132.80 > 192.168.50.43.49312: Flags [S.], seq 2089195576, ack 3464472425, win 28960, options [mss 1460,sackOK,TS val 612064231 ecr 388526343,nop,wscale 6], length 0
## ACK = 1 
23:59:04.225273 IP 192.168.50.43.49312 > 142.250.217.132.80: Flags [.], ack 1, win 502, options [nop,nop,TS val 388526344 ecr 612064231], length 0

# 发送HTTP GET请求
23:59:04.225323 IP 192.168.50.43.49312 > 142.250.217.132.80: Flags [P.], seq 1:79, ack 1, win 502, options [nop,nop,TS val 388526344 ecr 612064231], length 78: HTTP: GET / HTTP/1.1
23:59:04.229628 IP 142.250.217.132.80 > 192.168.50.43.49312: Flags [.], ack 79, win 453, options [nop,nop,TS val 612064235 ecr 388526344], length 0
# 服务器响应
23:59:04.593391 IP 142.250.217.132.80 > 192.168.50.43.49312: Flags [.], seq 1:1449, ack 79, win 453, options [nop,nop,TS val 612064598 ecr 388526344], length 1448: HTTP: HTTP/1.1 200 OK
23:59:04.593433 IP 192.168.50.43.49312 > 142.250.217.132.80: Flags [.], ack 1449, win 493, options [nop,nop,TS val 388526713 ecr 612064598], length 0
23:59:04.594312 IP 142.250.217.132.80 > 192.168.50.43.49312: Flags [P.], seq 1449:8175, ack 79, win 453, options [nop,nop,TS val 612064598 ecr 388526344], length 6726: HTTP
23:59:04.594348 IP 192.168.50.43.49312 > 142.250.217.132.80: Flags [.], ack 8175, win 441, options [nop,nop,TS val 388526713 ecr 612064598], length 0
23:59:04.594367 IP 142.250.217.132.80 > 192.168.50.43.49312: Flags [P.], seq 8175:12081, ack 79, win 453, options [nop,nop,TS val 612064598 ecr 388526344], length 3906: HTTP
23:59:04.594378 IP 192.168.50.43.49312 > 142.250.217.132.80: Flags [.], ack 12081, win 411, options [nop,nop,TS val 388526713 ecr 612064598], length 0
23:59:04.597658 IP 142.250.217.132.80 > 192.168.50.43.49312: Flags [.], seq 12081:13529, ack 79, win 453, options [nop,nop,TS val 612064603 ecr 388526713], length 1448: HTTP
23:59:04.597682 IP 192.168.50.43.49312 > 142.250.217.132.80: Flags [.], ack 13529, win 493, options [nop,nop,TS val 388526717 ecr 612064603], length 0
23:59:04.597989 IP 142.250.217.132.80 > 192.168.50.43.49312: Flags [P.], seq 13529:14883, ack 79, win 453, options [nop,nop,TS val 612064603 ecr 388526713], length 1354: HTTP
23:59:04.598013 IP 192.168.50.43.49312 > 142.250.217.132.80: Flags [.], ack 14883, win 493, options [nop,nop,TS val 388526717 ecr 612064603], length 0
# 四次挥手 (@优化 三次挥手) 因为关闭连接有两种方式，当一方关闭连接，另外一方没有数据发送时，马上关闭连接，也就将第二步的ack与第三步的fin合并为一步了，这个优化在RFC793 3.5节
## FIN =1 | seq = 79 | ack = [ last seq ]   1 = 14883
23:59:04.598320 IP 192.168.50.43.49312 > 142.250.217.132.80: Flags [F.], seq 79, ack 14883, win 501, options [nop,nop,TS val 388526717 ecr 612064603], length 0
## ACK = 1 | FIN =1 | ack = 79  1 | seq =  14883
23:59:04.600734 IP 142.250.217.132.80 > 192.168.50.43.49312: Flags [F.], seq 14883, ack 80, win 453, options [nop,nop,TS val 612064605 ecr 388526717], length 0
## ACK = 1 | ack = 14883  1
23:59:04.600768 IP 192.168.50.43.49312 > 142.250.217.132.80: Flags [.], ack 14884, win 501, options [nop,nop,TS val 388526720 ecr 612064605], length 0

这篇好文章是转载于：学新通技术网

三次握手和四次分手

三次握手与四次分手图解

三次握手

四次挥手

使用tcpdump进行抓包

photoshop保存的图片太大微信发不了怎么办

Android 11 保存文件到外部存储，并分享文件

《学习通》视频自动暂停处理方法

word里面弄一个表格后上面的标题会跑到下面怎么办

photoshop扩展功能面板显示灰色怎么办

微信公众号没有声音提示怎么办

excel下划线不显示怎么办

excel打印预览压线压字怎么办

怎样阻止微信小程序自动打开

TikTok加速器哪个好免费的TK加速器推荐