10.3.1.53 sends a SYN packet to 10.1.2.5:
10.1.2.5 sends a SYN ACK back to 10.3.1.53:
10.3.1.53 sends an ACK packet back to 10.1.2.5:
And that is what they call the three way handshake for TCP.
Tuesday, February 24, 2015
Packet Capture: Seeing The TCP Three Way Handshake In Wireshark
This is just TCP. It takes a "three way handshake" for a connection to be established. It starts with a SYN from the device that starts the conversation, then a SYN ACK from the receiving end, and finishes with an ACK from the sending end. See below what you would see in Wireshark:
10.3.1.53 sends a SYN packet to 10.1.2.5:
10.1.2.5 sends a SYN ACK back to 10.3.1.53:
10.3.1.53 sends an ACK packet back to 10.1.2.5:
And that is what they call the three way handshake for TCP.
10.3.1.53 sends a SYN packet to 10.1.2.5:
10.1.2.5 sends a SYN ACK back to 10.3.1.53:
10.3.1.53 sends an ACK packet back to 10.1.2.5:
And that is what they call the three way handshake for TCP.
Subscribe to:
Post Comments (Atom)
SYN
ReplyDeleteSYN/ACK
ACK
Data: Excellent post Shane! Very clear and concise!
FIN
ACK
FIN
ACK