Understanding the 3-Way Handshake in TCP / IP Connections

Aditya SharmaAditya Sharma
7 min read

Table of contents

Introduction

When you visit a website, it may seem like your browser simply sends a request, and the server responds. This appears to be a straightforward two-way interaction. However, under the hood, a crucial process known as the TCP three-way handshake is happening, ensuring that the connection is stable and reliable before any actual data is transferred. This hidden layer of communication makes the internet function smoothly, preventing data loss and improving security.

When two computers communicate over the internet, they need a reliable method to establish a connection before exchanging data. The 3-way handshake is a fundamental process used in Transmission Control Protocol (TCP) to create a secure and reliable connection between a client and a server. This process ensures that both devices are ready to communicate, agree on initial connection parameters, and synchronize their sequence numbers to prevent data loss.

If you've ever visited a website, sent an email, or streamed a video, your computer has likely performed a 3-way handshake without you even knowing. In this article, we will explore the what, how, and why of the 3-way handshake, explaining each step in detail with examples.

What is the 3-Way Handshake?

The three-way handshake is a fundamental mechanism used in Transmission Control Protocol (TCP) to establish a connection between a client and a server over a network. This process ensures both parties are synchronized and ready for data exchange. Without it, unreliable connections could lead to data corruption, lost packets, or failed communications.

Think of the three-way handshake like introducing yourself over the phone. If you call someone, you say "Hello," they respond with "Hello, I hear you," and you finally acknowledge by saying, "Great, let's talk." Similarly, TCP establishes a connection with three essential steps before data transfer begins.

The 3-way handshake is a three-step process used in TCP / IP networks to establish a reliable connection between a client (such as your browser) and a server (such as a web server). It ensures both devices are ready for communication before actual data transfer begins. The handshake involves three essential messages:

  1. SYN (Synchronize): The client sends a request to initiate the connection.

  2. SYN-ACK (Synchronize-Acknowledge): The server acknowledges the request and responds.

  3. ACK (Acknowledge): The client confirms receipt, and the connection is established.

This process is similar to a formal handshake between two people, where one person extends their hand, the other person accepts and shakes it, and finally, the first person acknowledges the handshake before starting a conversation.

How Does the 3-Way Handshake Work?

The handshake follows a structured approach to ensure both parties are synchronized before data transfer begins. Here’s a step-by-step breakdown:

Step 1: SYN (Synchronization Request)

  • The client (e.g., your computer) wants to establish a connection with a server (e.g., a website's server).

  • It sends a SYN packet (Synchronization Request) to the server.

  • This packet contains an initial sequence number (SYN), which is a randomly chosen number (e.g., 1000) used to keep track of the communication sequence.

Example:

Imagine you want to open a website (www.example.com). Your browser (client) sends a SYN message to the website’s server, asking, “Can we communicate?”

Step 2: SYN-ACK (Synchronization-Acknowledgment)

  • The server receives the SYN packet.

  • If it has an open port and is ready to establish a connection, it responds with a SYN-ACK packet (Synchronization and Acknowledgment).

  • The SYN-ACK packet contains:

    • A new SYN number (e.g., 2000, randomly chosen by the server).

    • An ACK number, which is the client’s SYN number + 1 (e.g., 1001).

Example:

The website’s server responds to the browser, saying, “Yes, I am available. Let’s communicate! Here’s my sequence number.”

Step 3: ACK (Acknowledgment)

  • The client receives the ACK packet.

  • It then sends an ACK packet (Acknowledgment) back to the server to confirm the connection.

  • The ACK packet contains:

    • The server’s SYN number + 1 (e.g., 2001).

    • A final acknowledgment that both parties are synchronized.

  • Now, the TCP connection is established, and data transfer can begin.

Example:

The browser confirms with the server, saying, “Got it! Let’s begin the data transfer.”

The Hidden Role of TCP in HTTP Requests

Most people assume that when they type a URL into a browser, their HTTP request simply travels to the server and comes back with a response. However, before this visible request-response cycle happens, a hidden TCP three-way handshake takes place.

For example, when you visit https://www.example.com, your browser doesn’t immediately send an HTTP request. Instead, it first establishes a TCP connection using the 3-way handshake. Once the handshake is complete, only then is the HTTP request sent over this reliable connection.

This means every time you browse the web, stream videos, or send messages, a hidden 3-way handshake is happening in the background, making sure that the communication channel is stable before any actual content is exchanged.

Why is the 3-Way Handshake Important?

The 3-way handshake plays a critical role in network communications for several reasons:

1. Ensures Reliable Communication

Unlike UDP (User Datagram Protocol), which sends data without establishing a connection, TCP provides a connection-oriented approach. The handshake ensures that both the client and server are ready and agree on initial sequence numbers, preventing data loss or corruption.

2. Prevents Packet Loss and Duplication

Each TCP packet carries a sequence number that helps keep track of data. The handshake ensures both sides acknowledge these numbers, preventing duplicate or missing packets during transmission.

3. Protects Against Malicious Attacks

The handshake mechanism can help prevent unauthorized access by ensuring that only legitimate connections are established. However, it is also susceptible to SYN Flood Attacks, where attackers send multiple SYN requests without completing the handshake, overloading the server.

4. Essential for Secure Transactions

Anytime you use HTTPS (SSL / TLS encryption) for secure communication (like online banking or logging into social media), the 3-way handshake ensures that the data exchange begins safely.

Technical Aspects of the 3-Way Handshake

Let’s look at how the handshake process appears at a lower level:

StepMessage TypeSequence NumberAcknowledgment Number
1. SYNClient → ServerSYN (1000)-
2. SYN-ACKServer → ClientSYN (2000)SYN + 1 (1001)
3. ACKClient → Server-SYN + 1 (2001)

Each sequence number plays a vital role in maintaining order and integrity during communication.

Real-World Usecases of a 3-Way Handshake

Imagine you’re using an online banking service. Before your transaction data is sent, your device first goes through the TCP handshake with the bank’s server. This ensures that the connection is secure, stable, and ready for sensitive financial data. If this step didn’t exist, the connection might drop mid-transaction, leading to failed payments or lost records.

Another example is video streaming services like YouTube. When you click on a video, before it even starts playing, your device and the streaming server perform a TCP handshake. This ensures that the connection can handle the high-quality video stream without interruptions.

Real-World Example

Imagine you are calling a friend:

  1. You (Client) call your friend (Server) and say, "Hey, can we talk?" (SYN)

  2. Your friend responds, "Sure, I’m ready. Can you hear me?" (SYN-ACK)

  3. You confirm, "Yes, I hear you. Let’s talk." (ACK)

Now, the conversation begins, just like a TCP connection is established for data transfer.

Conclusion

The 3-way handshake is a fundamental process in TCP / IP networking that ensures reliable communication between devices. It establishes a structured and secure connection, preventing packet loss, data corruption, and unauthorized access. Whether you're browsing the web, sending an email, or streaming content, the 3-way handshake is working behind the scenes to make sure your data reaches its destination correctly.

By understanding this concept, you gain deeper insights into how the internet works and why TCP is a preferred choice for reliable data transfer.

Next time you browse the web, remember that a hidden handshake is making sure your connection is rock solid before any content is delivered to your screen!

0
Subscribe to my newsletter

Read articles from Aditya Sharma directly inside your inbox. Subscribe to the newsletter, and don't miss out.

TCPtcp/ip-modelTCP/IPTCP HandshakeIPhttphttpshttp requestsnetworkingnetwork securitynetworking for beginnerscomputer networkingbackendBackend Development

Written by

Aditya Sharma
Aditya Sharma