What is the TCP three-way handshake?

The TCP is an example of the transport layer protocol implementation per the OSI model. It is connection-oriented, which means before sending any data to the remote peer, the TCP client sets up a virtual connection over a packet-based underlying IP network.

A three-way handshake is a protocol procedure to set up a both-way connection between two peers. The tutorial will cover the TCP connection setup procedure in detail.

The first question comes to mind, who is responsible for starting a TCP connection?

The protocol layer instructs the layer for connection initiation on startup or some other external entity. The answer is TCP user is responsible for triggering the TCP three-way handshake. For example, HTTP ( a web browser such as Chrome uses HTTP) is a user of TCP when the HTTP user needs to send a web request to the remote Server.

  • Before sending any user data, the HTTP requests the TCP layer to create a new connection with the remote Server.
  • Once the TCP layer receives a connection request from HTTP, it starts TCP 3-way handshake.
  • Like any other protocol, the three-way handshake procedure requires exchanging protocol messages between the client and Server.

The following are messages in the connection setup procedure.

tcp three way handshake

Following is the message flow for a three-way handshake.

The user of HTTP issues a connect request to the TCP layer. The protocol layer works as a client and sends the TCP-SYN segment with an initial sequence number. The sequence number is to maintain the sequencing of messages because TCP delivers messages to the user in sequence.

Upon SYN received Server sends a new syn and an ack for a received SYN to the client, then the client sends the ACK to the Server for a received SYN from the Server. This completes the connection setup. The following mentions each message in detail for a three-way handshake.

TCP SYN packet:

This is the first packet from the client to the Server. TCP message sets SYN flag to 1 in the message, so make the TCP message a SYN segment. It has the client’s initial sequence number, along with a few more parameters.

TCP SYN-ACK packet:

After receiving the SYN packet, the Server sends the syn ack packet to the client. Not to mention that this is a single TCP packet with syn and ack bit set to 1. The syn sequence number is the Server’s initial sequence number accepting the connection. The ACK part has the client sequence number plus one. This way Server tells that it is ready to accept the packet with the next sequence number from the client.

TCP ACK packet:

The final packet for the connection setup is TCP ack. The client sends a TCP ack packet upon receiving TCP syn ack from the Server. The packet includes a sequence number from the Server plus one.

TCP user indication after three-way handshake : 

At the start, we mentioned that the user initiates a connection request. But how the user knows that the connection is done? And the user can use the connection to send data to a remote server? The user gets an indication of the connection setup result from the TCP layer. 

If the handshake is successful, the TCP user gets the connection identifier. Else and error. The connection identifier is a handler for sending/receiving data to/from the Server. We will show in another post the exact implementation of the TCP client/Server. Then you can get a more clear picture of the connection handler.