Demystifying TCP: Handshakes, Data Transfer, and Connection Teardown with Python

TCP Overview

The author recently explored Python networking and built a local TCP server to analyze the request‑response process, covering connection establishment (three‑way handshake), data transmission, and connection termination (four‑way handshake).

OSI Model Position

TCP is a connection‑oriented, reliable, byte‑stream transport‑layer protocol defined by RFC 793. In the OSI model it resides in layer 4 (Transport), and similarly in the TCP/IP suite it is part of the transport layer alongside UDP.

Figure: OSI model and TCP/IP protocol suite.

Three‑Way Handshake

TCP establishes a connection using three packets:

Client sends SYN=1, Seq=x (usually 0).

Server replies with SYN=1, Ack=x+1, Seq=y.

Client sends ACK=1, Seq=x+1, Ack=y+1.

Figure: TCP three‑way handshake.

Window Update

A TCP Window Update occurs when the receiver’s buffer fills faster than it can be read, prompting the sender to adjust its transmission rate.

Figure: TCP Window Update packet.

Data Transfer

After the handshake, the client sends data (e.g., the byte string b'AB' ) and the server echoes it back. The article explains sequence numbers, acknowledgement numbers, and flags such as ACK and PSH.

Figure: Client → Server (AB).

Figure: Server → Client (AB).

Four‑Way Termination

Connection teardown uses four packets:

Client sends FIN=1, Seq=7.

Server replies with ACK=1, Ack=8.

Server sends FIN=1, Seq=7.

Client replies with ACK=1, Ack=8.

Figure: First FIN (client → server).

Figure: Second FIN (server → client).

Python Server Code

<code>from socketserver import BaseRequestHandler, TCPServer

class EchoHandler(BaseRequestHandler):
    def handle(self):
        print('Got connection from', self.client_address)
        while True:
            msg = self.request.recv(8192)
            if not msg:
                break
            self.request.send(msg)

if __name__ == '__main__':
    serv = TCPServer(('', 20000), EchoHandler)
    serv.serve_forever()
</code>

Python Client Code

<code>import socket
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect(('localhost', 20000))
s.send(b'AB')
response = s.recv(8192)
print('Received:', response)
s.shutdown(2)
</code>

Packet Capture Insights

Wireshark captures show the exact sequence numbers, acknowledgement numbers, and flag settings for each step, confirming the client’s source port (e.g., 59006) and the server’s port (20000). The article also includes updated TCP header diagrams and control‑flag explanations.

Figure: TCP header within an IP packet.

Figure: Updated TCP header format.