About “3-way handshake” & TCP flags

Connection establishment

To establish a connection, TCP uses a three-way handshake. Before a client attempts to connect with a server, the server must first bind to and listen at a port to open it up for connections: this is called a passive open. Once the passive open is established, a client may initiate an active open. To establish a connection, the three-way (or 3-step) handshake occurs:

1. SYN: The active open is performed by the client sending a SYN to the server. The client sets the segment's sequence number to a random value A.

2. SYN-ACK: In response, the server replies with a SYN-ACK. The acknowledgment number is set to one more than the received sequence number (A + 1), and the sequence number that the server chooses for the packet is another random number, B.

3. ACK: Finally, the client sends an ACK back to the server. The sequence number is set to the received acknowledgement value i.e. A + 1, and the acknowledgement number is set to one more than the received sequence number i.e. B + 1.

At this point, both the client and server have received an acknowledgment of the connection. The steps 1, 2 establish the connection parameter (sequence number) for one direction and it is acknowledged. The steps 2, 3 establish the connection parameter (sequence number) for the other direction and it is acknowledged. With these, a full-duplex communication is established.

Connection termination

The connection termination phase uses a four-way handshake, with each side of the connection terminating independently. When an endpoint wishes to stop its half of the connection, it transmits a FIN packet, which the other end acknowledges with an ACK. Therefore, a typical tear-down requires a pair of FIN and ACK segments from each TCP endpoint. After both FIN/ACK exchanges are concluded, the side which sent the first FIN before receiving one waits for a timeout before finally closing the connection, during which time the local port is unavailable for new connections; this prevents confusion due to delayed packets being delivered during subsequent connections.

A connection can be "half-open", in which case one side has terminated its end, but the other has not. The side that has terminated can no longer send any data into the connection, but the other side can. The terminating side should continue reading the data until the other side terminates as well.

It is also possible to terminate the connection by a 3-way handshake, when host A sends a FIN and host B replies with a FIN & ACK (merely combines 2 steps into one) and host A replies with an ACK. This is perhaps the most common method.

It is possible for both hosts to send FINs simultaneously then both just have to ACK. This could possibly be considered a 2-way handshake since the FIN/ACK sequence is done in parallel for both directions.

Some host TCP stacks may implement a half-duplex close sequence, as Linux or HP-UX do. If such a host actively closes a connection but still has not read all the incoming data the stack already received from the link, this host sends a RST instead of a FIN (Section 4.2.2.13 in RFC 1122). This allows a TCP application to be sure the remote application has read all the data the former sent—waiting the FIN from the remote side, when it actively closes the connection. However, the remote TCP stack cannot distinguish between a Connection Aborting RST and this Data Loss RST. Both cause the remote stack to throw away all the data it received, but that the application still didn't read.

3 Way Handshake

The three steps of a TCP three way handshake and how two TCP devices synchronize.

Before the sending device and the receiving device start the exchange of data, both devices need to be synchronized. During the TCP initialization process, the sending device and the receiving device exchange a few control packets for synchronization purposes. This exchange is known as a three-way handshake.

The three-way handshake begins with the initiator sending a TCP segment with the SYN control bit flag set.

TCP allows one side to establish a connection. The other side may either accept the connection or refuse it. If we consider this from application layer point of view, the side that is establishing the connection is the client and the side waiting for a connection is the server.

TCP identifies two types of OPEN calls:

Active Open. In an Active Open call a device (client process) using TCP takes the active role and initiates the connection by sending a TCP SYN message to start the connection.

Passive Open A passive OPEN can specify that the device (server process) is waiting for an active OPEN from a specific client. It does not generate any TCP message segment. The server processes listening for the clients are in Passive Open mode.

Three-way Handshake

Step 1. Device A (Client) sends a TCP segment with SYN = 1, ACK = 0, ISN (Initial Sequence Number) = 2000.

The Active Open device (Device A) sends a segment with the SYN flag set to 1, ACK flag set to 0 and an Initial Sequence Number 2000 (For Example), which marks the beginning of the sequence numbers for data that device A will transmit. SYN is short for SYNchronize. SYN flag announces an attempt to open a connection. The first byte transmitted to Device B will have the sequence number ISN+1.

Step 2. Device B (Server) receives Device A's TCP segment and returns a TCP segment with SYN = 1, ACK = 1, ISN = 5000 (Device B's Initial Sequence Number), Acknowledgment Number = 2001 (2000 + 1, the next sequence number Device B expecting from Device A).

Step 3. Device A sends a TCP segment to Device B that acknowledges receipt of Device B's ISN, With flags set as SYN = 0, ACK = 1, Sequence number = 2001, Acknowledgment number = 5001 (5000 + 1, the next sequence number Device A expecting from Device B)

This handshaking technique is referred to as the Three-way handshake or SYN, SYN-ACK, ACK.

After the three-way handshake, the connection is open and the participant computers start sending data using the sequence and acknowledge numbers.

You have learned what is TCP three way hand shake (3 way handshake), the three steps of a TCP three way handshake and how two TCP devices synchronize.

In TCP connection, flags are used to indicate a particular state of connection or to provide some additional useful information like troubleshooting purposes or to handle a control of a particular connection. Most commonly used flags are "SYN", "ACK" and "FIN". Each flag corresponds to 1 bit information.

Types of Flags:

• Synchronization (SYN) – It is used in first step of connection establishment phase or 3-way handshake process between the two hosts. Only the first packet from sender as well as receiver should have this flag set. This is used for synchronizing sequence number i.e. to tell the other end which sequence number they should except.

• Acknowledgement (ACK) – It is used to acknowledge packets which are successful received by the host. The flag is set if the acknowledgement number field contains a valid acknowledgement number.
  In given below diagram, the receiver sends an ACK = 1 as well as SYN = 1 in the second step of connection establishment to tell sender that it received its initial packet.

• 
  
  
  Finish (FIN) – It is used to request for connection termination i.e. when there is no more data from the sender, it requests for connection termination. This is the last packet sent by sender. It frees the reserved resources and gracefully terminate the connection.

• 
  Reset (RST) – It is used to terminate the connection if the RST sender feels something is wrong with the TCP connection or that the conversation should not exist. It can get send from receiver side when packet is send to particular host that was not expecting it.

Finish (FIN) v/s Reset (RST) –

 

• Push (PSH) – Transport layer by default waits for some time for application layer to send enough data equal to maximum segment size so that the number of packets transmitted on network minimizes which is not desirable by some application like interactive applications(chatting). Similarly transport layer at receiver end buffers packets and transmit to application layer if it meets certain criteria.
  This problem is solved by using PSH. Transport layer sets PSH = 1 and immediately sends the segment to network layer as soon as it receives signal from application layer. Receiver transport layer, on seeing PSH = 1 immediately forwards the data to application layer.
  In general, it tells the receiver to process these packets as they are received instead of buffering them.

•  Urgent (URG) –Data inside a segment with URG = 1 flag is forwarded to application layer immediately even if there are more data to be given to application layer. It is used to notify the receiver to process the urgent packets before processing all other packets. The receiver will be notified when all known urgent data has been received.

Push (PSH) v/s Urgent (URG) –

The Six Sigma Summary

I recently completed the Six Sigma Black Belt Certification. So here is a set of collected notes that summarise what it is and how to put it into practice. Hopefully, this will clear a lot of doubts about Six Sigma and allow budding Program Managers to understand the concepts without having to read too many books and material out there!

To apply Six Sigma to your business and produce the best results, you need to understand what Six Sigma is, the principles of Six Sigma, and the DMAIC problem-solving method. The correct tools and use of the Six Sigma scale and methods will keep your data dependable and reusable.

What Is Six Sigma?

Generally, Six Sigma is a problem-solving methodology that helps enhance business and organisational operations. It can also be defined in a number of other ways: 

• A quality level of 3.4 defects per million opportunities
• A rate of improvement of 70 percent or better
• A data-driven, problem-solving methodology of Define-Measure-Analyse-Improve-Control
• An initiative taken on by organisations to create bottom-line breakthrough change

Six Sigma Principles

Six Sigma is based on a handful of basic principles, and these principles create the entire Six Sigma arrangement. Here are Six Sigma's fundamental principles:

• Y=f(X) + ε: All outcomes and results (the Y) are determined by inputs (the X's) with some degree of uncertainty (å).
• To change or improve results (the Y), you have to focus on the inputs (the X's), modify them, and control them.
• Variation is everywhere, and it degrades consistent, good performance. Your job is to find it and minimise it!
• Valid measurements and data are required foundations for consistent, breakthrough improvement.
• Only a critical few inputs have significant effect on the output. Concentrate on the critical few.
• Every decision and conclusion has risk (ε), which must be weighed against the context of the decision.

The Six Sigma Scale

 The Six Sigma scale shows how well a vital feature performs compared to its requirements. The higher the sigma score, the more efficient the feature is. This table shows the universal Six Sigma scale:

Sigma Level (Z)	Defects per Million Opportunities (DPMO)	Percent Defects (%)	Percent Success (Yield %)	Capability (CP)
1	691,462	69	31	0.33
2	308,538	31	69	0.67
3	66,807	6.7	93.3	1.00
4	6,210	0.62	99.38	1.33
5	233	0.023	99.977	1.67
6	3.4	0.00034	99.99966	2.00

 

The DMAIC Method of Six Sigma

The DMAIC (Define-Measure-Analyse-Improve-Control) project method is a formalised problem-solving process of Six Sigma. It's made-up of five steps to apply to any procedure of a business to improve effectiveness.

1. Define: Set the context and objectives for your improvement project.
2. Measure: Determine the baseline performance and capability of the process or system you're improving.
3. Analyse: Use data and tools to understand the cause-and-effect relationships in your process or system.
4. Improve: Develop the modifications that lead to a validated improvement in your process or system.
5. Control: Establish plans and procedures to ensure that your improvements are sustained.

The Tools-Methods Landscape of Six Sigma

Having the right tools and knowing how to apply them to your Six Sigma projects will help you produce accurate, acceptable, and reusable outcomes. Here's an overview of the Six Sigma landscape:

 

DMAIC (Define – Measure – Analyse – Improve – Control)

 

As seen above, The Six Sigma Methodology uses the DMAIC approach.  It is a five-step approach that drives unwanted variation from products and processes. By understanding and controlling underlying root causes, teams fix problems at the source, resulting in the lowest possible cost of quality for a given process.

It's no wonder that so many feel like lost when it comes to Six Sigma: every significant process improvement tool developed over the years has been placed under the Six Sigma umbrella, along with a healthy dose of statistics. But the good news is that most processes can be improved with a well-defined problem, the right team, and a simple set of process improvement tools. So the Pareto Principle applies to the Six Sigma toolkit itself: a small handful of process improvement tools (which existed long before the Six Sigma approach was created) will solve the majority of the problems that a team will encounter – tools involving very little in the way of statistics. Too many Six Sigma practitioners and consultants make Six Sigma about the tools, and not about the results. Stay focused on results and learning the best methods to achieve those results, and you will become a "designated-hitter" in your organisation.

So what are the key ingredients and tools that will solve the majority (let's say 4 out of every 5) of process improvement challenges?

• A clearly defined problem statement that is narrow enough in scope for the team to succeed.
• Data to support where the process is currently, in terms of defects per million, scrap cost, sigma-level, or whatever measure is going to be improved upon.
• A project team made up of those who understand the process the most, and a team leader who is respected, understands the basics of DMAIC, and can keep the team on track.
• Positive management support – team members will need time to collect data and work on the project.

If the above ingredients are in place, the team has an excellent chance of succeeding. Now for some specific tools to deploy during the problem solving process –

• Develop a flow-chart of the current process.
• Develop a fact-based Pareto Chart.
• Conduct a 5-why analysis that addresses the significant Pareto items.
• Brainstorm and verify possible solutions – in many cases, those closest to the process (those working with it every day – make sure they are part of the team) know what needs to be done – oftentimes a Six Sigma project simply brings the necessary focus to implement long-overdue fixes.
• Implement the fixes.
• Verify that the fixes have improved the process.
• Implement controls, audits, etc., where necessary to ensure the fixes are sustained over the long run.

That's it. The remaining 20% of the problems might need more advanced methods inside the DMAIC toolkit.  Understanding those tools will place you in the top 1% of all problem solvers.