What Is a TCP Three-Way Handshake?

This blog post is part of our Akamai Explains series – a collection of posts that break down the infrastructure behind the internet. This week we explain the TCP three-way handshake.

The TCP three-way handshake is one of the critical building blocks of the internet. It facilitates the smooth and consistent flow of information across and among different networks.

The handshake is a data-sharing process that involves a back-and-forth communication between a client (for example a mobile phone or Smart TV) and a server. The purpose of this communication is to establish a secure and reliable connection so that data (files, images, videos, etc.) can be transferred efficiently between the systems. 

Why is the TCP three-way handshake important?

The TCP three-way handshake has become the de facto way of sharing data across networks because it is so robust.

It comes complete with error checking, retransmission of missing/corrupt data, and several other important features that preserve performance even on unreliable connections.

How the TCP three-way handshake works

Step 1: The client uses the IP address of the server to request an initial connection. This message is known as a SYN, which stands for synchronization.

Step 2: The server can then choose to allow the connection and allocate resources such as a network port. This step is known as a synchronization acknowledgment or SYN ACK.

Step 3: The final step of the handshake is the client acknowledging the connection with an ACK message. This is often followed immediately by a request for content such as an HTML page, images or an API call.

In most cases, connections between client and server will be secured by Transport Layer Security (TLS). This adds another two or three round-trips to allow the two parties to share encryption information and establish a mutual encrypted connection.

How do I accelerate the TCP three-way handshake?

The inherent weakness of TCP three-way handshake is that it’s limited by the distance between the client and server. 

Despite the fact that data can often move near the speed of light, traversing long distances still takes time. For example, if you’re sending a request from the United States to India, the process will take a second (at least), which can have a knock-on effect on performance. For example, a page may load slowly or a video may get stuck buffering.

This is a difficult problem to solve as TCP is hardcoded into the infrastructure of the internet, and we can’t yet increase the speed of light.

One way of improving delivery speeds is to refine the data in the packets themselves, but this delivers negligible results unless repeated at scale. One way to dramatically increase speeds is to shorten the distance between clients and servers.

This is one of the reasons we developed our content delivery network (CDN). This network incorporates hundreds of thousands of servers and edge nodes distributed across 4,100 locations. In essence, we’re bringing the edge of the network (clients) closer to the heart (servers).

This means that data can be shared in record time, accelerating the handshake process.

TCP and persistent connections

Another way of accelerating the communication between clients and servers is to establish a persistent connection.

So rather than establish a new connection, and conduct a three-way handshake every time a client makes a request, you reuse an existing TCP connection. When you skip the three-way handshake, you can send data back and forth much more quickly.

Our servers do this by default. They optimize the persistent connections from client to Edge server as well as from the edge of our network to your origin server.

What’s the difference between TCP and UDP?

TCP isn’t the only protocol that steers traffic across the internet. User Datagram Protocol (UDP) is a more flexible and simpler alternative. It’s supported by every operating system and doesn’t require a three-way handshake to establish a connection between a server and a client. 

This means it can facilitate faster data sharing and, in theory, improve app or browser performance.

Crucially, UDP is an integral part of HTTP/3. HTTP/3 is the next version of the HTTP protocol, which has the potential to transform the internet. The HTTP protocol is essentially a “master” protocol that bridges the gap between protocols like TCP and other key building blocks of the internet like HTML, CSS, and JavaScript.

The big difference between HTTP/2 and HTTP/3 is that the latter uses a new protocol called QUIC (pronounced “quick”) based on UDP instead of TCP. This means that when we open our browsers and apps in the future, it’s very likely that QUIC will be the protocol that’s ferrying data and content to our devices.  

But, UDP has its drawbacks.

Unlike TCP, it doesn’t check packet integrity. UDP is a ‘fire-and-forget’ protocol so dropped packets are not automatically detected and resent. This is why it’s currently used in applications where performance can be sacrificed or compromised. For example, it supports multiplayer gaming and virtual conference call apps.

Right now, UDP shouldn’t be seen as a replacement for TCP. Rather, the two protocols complement each other. TCP is a robust and secure means of steering the majority of traffic around the internet. UDP is a simpler method that’s useful when you need to send large files quickly and you can tolerate some packet loss.

Akamai and the TCP three-way handshake

We can help you accelerate and optimize the TCP three-way handshake.

Using a CDN like Akamai helps to both improve performance — by reducing the need for long-distance data sharing — and enhance security — by acting as a shield that protects your servers from threats. 

As TCP connections are made between the client and the CDN, we can ensure that the connections are valid and legitimate. Plus, we can insulate your origin servers from spikes of load by managing a smaller number of connections from the Edge to your origin.

Learn more about our platform