常聽說tcp建立連線時需要3次握手,這裡介紹幾種特殊情況。
1、三次握手 (正常連線)
三次握手,最常見的情況,下面開始實戰。
#監聽端
xjp@DESKTOP-JS5DDL9:~$ nc -l 666
#連線端
xjp@DESKTOP-JS5DDL9:~$ nc 127。0。0。1 6666
#抓包
[xjp@DESKTOP-JS5DDL9 case5_tcp_handshake_3]$sudo tcpdump -i any port 6666 -nnn[sudo] password for xjp: tcpdump: verbose output suppressed, use -v or -vv for full protocol decodelistening on any, link-type LINUX_SLL (Linux cooked v1), capture size 262144 bytes19:22:01。393934 IP 127。0。0。1。50296 > 127。0。0。1。6666: Flags [S], seq 1034301573, win 65495, options [mss 65495,sackOK,TS val 115665054 ecr 0,nop,wscale 7], length 019:22:01。394011 IP 127。0。0。1。6666 > 127。0。0。1。50296: Flags [S。], seq 515678678, ack 1034301574, win 65483, options [mss 65495,sackOK,TS val 115665054 ecr 115665054,nop,wscale 7], length 019:22:01。394030 IP 127。0。0。1。50296 > 127。0。0。1。6666: Flags [。], ack 1, win 512, options [nop,nop,TS val 115665054 ecr 115665054], length 0
經典的三次握手:syn;syn+ack;ack
2、同時開啟 (simultaneous open)
同時開啟(
simultaneous open
),不存在
監聽端,
兩面都是連線端。
#一手官方資料
simultaneous open
介紹:RFC-793 Section 3。4, page 32
https://www。rfc-editor。org/rfc/rfc793#section-3。4
#實戰程式碼
https://gitee。com/northeast_coder/code/tree/master/case/case6_simultaneous_open/
#啟動client1
bind(127。0。0。1,6666),connect(127。0。0。1,8888)
xjp@DESKTOP-JS5DDL9:case6_simultaneous_open$ 。/client1/client1 connected!peer=127。0。0。1:8888,local=127。0。0。1:6666
#啟動client2
bind(127。0。0。1,8888),connect(127。0。0。1,6666)
xjp@DESKTOP-JS5DDL9:case6_simultaneous_open$ 。/client2/client2 connected!peer=127。0。0。1:6666,local=127。0。0。1:8888
#抓包
[xjp@DESKTOP-JS5DDL9 case5_tcp_handshake_3]$sudo tcpdump -i any port 6666 or port 8888 -nnn -vv21:11:47。423324 IP (tos 0x0, ttl 64, id 56598, offset 0, flags [DF], proto TCP (6), length 60) 127。0。0。1。6666 > 127。0。0。1。8888: Flags [S], cksum 0xfe30 (incorrect -> 0xc370), seq 340967518, win 65495, options [mss 65495,sackOK,TS val 121205733 ecr 0,nop,wscale 7], length 021:11:47。423327 IP (tos 0x0, ttl 64, id 60791, offset 0, flags [DF], proto TCP (6), length 60) 127。0。0。1。8888 > 127。0。0。1。6666: Flags [S], cksum 0xfe30 (incorrect -> 0x3958), seq 1919741020, win 65495, options [mss 65495,sackOK,TS val 121205733 ecr 0,nop,wscale 7], length 021:11:47。423338 IP (tos 0x0, ttl 64, id 56599, offset 0, flags [DF], proto TCP (6), length 60) 127。0。0。1。6666 > 127。0。0。1。8888: Flags [S。], cksum 0xfe30 (incorrect -> 0xe977), seq 340967518, ack 1919741021, win 65495, options [mss 65495,sackOK,TS val 121205733 ecr 121205733,nop,wscale 7], length 021:11:47。423347 IP (tos 0x0, ttl 64, id 60792, offset 0, flags [DF], proto TCP (6), length 60) 127。0。0。1。8888 > 127。0。0。1。6666: Flags [S。], cksum 0xfe30 (incorrect -> 0xe977), seq 1919741020, ack 340967519, win 65495, options [mss 65495,sackOK,TS val 121205733 ecr 121205733,nop,wscale 7], length 0
這個包其實不好抓,因為如果達不到“
simultaneous
”,會收到rst包斷開連線,所以我就寫了死迴圈一直嘗試連線,等一會才可以連上。
3、自連線(self connect)
自連線是
simultaneous open
的特殊情況,client 的local address和remote address一樣。
下面開始實戰:
#啟動
bind(127。0。0。1,6666),connect(127。0。0。1,6666)
xjp@DESKTOP-JS5DDL9:case6_simultaneous_open$ nc -s 127。0。0。1 -p 6666 127。0。0。1 6666
#抓包
[xjp@DESKTOP-JS5DDL9 case5_tcp_handshake_3]$sudo tcpdump -i any port 6666 -nnn -vvtcpdump: listening on any, link-type LINUX_SLL (Linux cooked v1), capture size 262144 bytes21:33:50。941066 IP (tos 0x0, ttl 64, id 61726, offset 0, flags [DF], proto TCP (6), length 60) 127。0。0。1。6666 > 127。0。0。1。6666: Flags [S], cksum 0xfe30 (incorrect -> 0xf8ae), seq 703876123, win 65495, options [mss 65495,sackOK,TS val 122529250 ecr 0,nop,wscale 7], length 021:33:50。941084 IP (tos 0x0, ttl 64, id 61727, offset 0, flags [DF], proto TCP (6), length 60) 127。0。0。1。6666 > 127。0。0。1。6666: Flags [S。], cksum 0xfe30 (incorrect -> 0xd55d), seq 703876123, ack 703876124, win 65495, options [mss 65495,sackOK,TS val 122529251 ecr 122529250,nop,wscale 7], length 021:33:50。941093 IP (tos 0x0, ttl 64, id 61728, offset 0, flags [DF], proto TCP (6), length 52) 127。0。0。1。6666 > 127。0。0。1。6666: Flags [。], cksum 0xfe28 (incorrect -> 0xfc25), seq 1, ack 1, win 512, options [nop,nop,TS val 122529251 ecr 122529250], length 0
全網同名(公眾號&今日頭條&部落格園)歡迎關注~
