Sorting out tcp/udp communication problems

https://baijiahao.baidu.com/s?id=1693383134922615393&wfr=spider&for=pc

1. Three handshakes

2. Four waves

3. Why three handshakes 、 Four waves

Because when Server End receipt Client Terminal SYN After connecting the request message , It can be sent directly SYN+ACK message . among ACK Messages are used to answer ,SYN Messages are used to synchronize .

But when you close the connection , When Server End receipt FIN When the message , It's not likely to shut down immediately SOCKET, So you can only reply one first ACK message , tell Client End ,“ You sent it FIN I received the message ”. Only when I Server All messages are sent , I can send FIN message , So we can't send . So it takes four steps to shake hands . Generally speaking , Two handshakes release one end to the other TCP Connect , A total of four handshakes are required to fully release the connection .

4. The server keeps a lot of TIME_WAIT state

TIME_WAIT Is the state maintained by the party actively closing the connection , For a crawler server, it is “ client ”, After completing a crawling task , He will initiate an active closing of the connection , To enter TIME_WAIT The state of , And keep it that way 2MSL（max segment lifetime） After time , Close recycling completely .

TIME_WAIT The role of state maintenance
（1） Be sure to be reliable TCP Full duplex termination
（2） Allow old duplicate packets to disappear in the network

5. The server keeps a lot of CLOSE_WAIT state

After the other party closes the connection, the server program itself does not send out further ACK The signal . let me put it another way , After the other party's connection is closed , The program didn't detect , Or the program simply forgot to close the connection at this time , There is no call close(), So this resource has been occupied by the program ; It's usually a coding problem .

6. If a connection has been established , But what to do if the client suddenly fails ？

TCP There is also a Life timers , obviously , If the client fails , It is now in a semi open state , The server can't wait , Waste resources in vain . Every time the server receives a request from the client, it will reset the timer , The time is usually set to 2 Hours , If you haven't received any data from the client in two hours , The server will send a detection segment , After every 75 Send once per second . If you send it in a row 10 Detection messages still don't respond , The server thinks the client is down , Then close the connection .

7. ISN (Initial Sequence Number) Is it fixed

One of the important functions of triple handshake is the exchange between client and server ISN ( Initial serial number ,Initial Sequence Number), In order to let the other party know how to assemble the data by serial number when receiving the data next .
When one end sends it... To establish a connection SYN when , It selects an initial sequence number for the connection .ISN Change over time , So each connection will have a different ISN. If ISN Is constant , It is easy for an attacker to guess the subsequent confirmation number , therefore ISN It's generated dynamically .

8. Can I carry data during the three handshakes

Only the third handshake , It can carry data . however , First of all 、 The second handshake must not carry data .

If the first handshake can carry data , If someone wants to attack the server maliciously , Then every time he was in the first handshake SYN Put a lot of data in the message , And then it repeats like crazy SYN Message words （ Because the attacker doesn't care about the reception of the server at all 、 Whether the sending ability is normal , It's meant to attack you ）, It's going to take a lot of time for the server 、 Memory space to receive these messages .

The simple memory is , Request connection / receive namely SYN = 1 You can't carry data with you when you're on the road .

And for the third time , The client is already in ESTABLISHED state . For the client , He has established a connection , And we already know the server's reception 、 The ability to send is normal , So of course it can be sent normally / Carrying data .

9. Semi connected queues

For the first time, the server received SYN after , Will be in SYN_RCVD state , At this time, the two sides have not fully established their connection , The server will put the request connection in this state in a queue , We call this line Semi connected queues .

Of course, there is another one Full connection queue , After three handshakes, the established connection is placed in the full connection queue . If the queue is full, packet loss may occur .

10. SYN Flooding attack

SYN attack （ Semi connected attack ） Namely Client In a short time Fake a lot of nonexistent IP Address , And to Server Constantly sending SYN package ,Server Then reply to the confirmation package , And wait for Client confirm , Because the source address does not exist , therefore Server Need to resend until timeout , These fake SYN The package will take up... For a long time Semi connected queues , Cause normal SYN The request was dropped because the queue was full , Thus causing network congestion and even system paralysis .

11. If the third handshake is lost , What will the client server do

The server sends it SYN + ACK package , If No confirmation package received from the client response , The third handshake is lost . Then the server will retransmit for the first time , If waiting for a period of time has not received customer confirmation package , It's a second retransmission . If the number of retransmissions exceeds Maximum number of retransmissions , The system will delete the connection information from the semi connection queue .

Be careful , Every time Waiting time for retransmission Not necessarily the same , It's going to be exponential growth , For example, the interval is 1s,2s,4s,8s…

12. tcp rst There are several situations

13. about socket Selection of horizontal trigger and edge trigger modes

• For listening sockfd, It is best to use the horizontal trigger mode , Edge triggered mode can lead to high concurrency , Some clients will not connect . If you have to use edge trigger , Some schemes on the Internet use while To cycle accept().
• For reading and writing connfd, In horizontal trigger mode , Blocking and non blocking effects are the same , But to prevent special circumstances , It is still recommended to set non blocking .
• For reading and writing connfd, In edge trigger mode , Must use non blocking IO, And read and write all the data at once .

14. TCP In communication SIGPIPE、EINTR、EAGAIN