What does Three-Way Handshake mean?
A three-way handshake is a method used in a TCP/IP network to create a connection between a local host/client and server.
It is a three-step method designed to allow both communicating ends to initiate and negotiate the parameters of the network TCP socket connection at the same time before data such as HTTP and SSH is transmitted.
Multiple TCP socket connections can be transmitted in both directions simultaneously. A three-way handshake is also known as a TCP handshake or SYN-SYN-ACK, and requires both the client and server to exchange SYN (synchronization) and ACK (acknowledgment) packets before actual data communication begins.
In fact, its name originates from the three messages transmitted by TCP before a session between the two ends is initiated.
Techopedia explains Three-Way Handshake
A three-way handshake is primarily used to create a TCP socket connection to reliably transmit data between devices. For example, it supports communication between a web browser on the client side and a server every time a user navigates the Internet.
As soon as a client requests a communication session with the server, a three-way handshake process initiates TCP traffic by following three steps.
The Three Steps of a Three-Way Handshake
Step 1: A connection between server and client is established
First, a connection between server and client is established, so the target server must have open ports that can accept and initiate new connections. The client node sends a SYN (Synchronize Sequence Number) data packet over an IP network to a server on the same or an external network.
This SYN packet is a random sequence number that the client wants to use for the communication (for example, X). The objective of this packet is to ask/infer if the server is open for new connections.
Step 2: The server receives the SYN packet from the client node
When the server receives the SYN packet from the client node, it responds and returns a confirmation receipt – the ACK (Acknowledgement Sequence Number) packet or SYN/ACK packet. This packet includes two sequence numbers.
The first one is ACK one, which is set by the server to one more than the sequence number it received from the client (e.g. X+1).
The second one is the SYN sent by the server, which is another random sequence number (for example, Y).
This sequence indicates that the server correctly acknowledged the client’s packet, and that is sending its own to be acknowledged as well.
Step 3: Client node receives the SYN/ACK from the server and responds with an ACK packet
The client node receives the SYN/ACK from the server and responds with an ACK packet. Once again, each side must acknowledge the sequence number received by incrementing it by one.
So now it’s the turn of the client to acknowledge the server’s packet by adding one to the sequence number (in this case, Y+1), and resend it to the server.
Upon completion of this process, the connection is created and the host and server can communicate.
All these steps are necessary to verify the serial numbers originated by both sides, guaranteeing the stability of the connection.
Since both hosts must acknowledge the connection parameters of the other side, a missing or out-of-order segment can be quickly detected before the actual data transfer process is initiated.