TCP/IP Data Transmission Basics [Wireshark Example]
TCP 3-Way Handshake
Let’s take a real life example and illustrate it via wireshark:
First, the TCP 3-Way Handshake will establishes a connection between the client and server:

You can refer to following post:
TCP/IP Data Transmission
Once the connection is established, data can be exchanged reliably using sequence (SEQ) and acknowledgment (ACK) numbers:

- The example is based on TLS negociation process.
- First packet was “Client Hello”, len 186:

- Then, we have Ack from the server, ACK=187 (No data send from server yet):

- Next, we see the “server Hello” sent with len=1460 (which is the value MSS in this example):

- Then , more data sent from server (for certificate, key exchange etc) with Len 628.
- Here, the sequence number for this segement is 1460 (since server already sent 1460 Bytes) and same ACK value representing what received from client and next expected seq from client:

And the client ACK back, ACK=2089 (1460+628 + 1), and seq num=187 based on what server already sent (186 Bytes
