Understanding TCP/IP Handshakes in Modern Networks
March 18, 2026Recently, I've been diving deep into network layer protocols. The traditional 3-way handshake (SYN, SYN-ACK, ACK) has been the backbone of reliable transmission for decades. However, the way modern load balancers handle TCP connections has changed significantly with the adoption of TLS 1.3.
With TLS 1.3, the cryptographic handshake is condensed. The server and client negotiate parameters much faster, often resulting in a 1-RTT (Round Trip Time) setup, or even 0-RTT for resumed sessions. This drastically reduces latency for globally distributed applications.
Client Hello + Key Share
Server Hello + Key Share + Finished
[Encrypted Data Begins]Monitoring these handshakes using tools like `tcpdump` or Wireshark reveals just how much overhead we used to tolerate in older TLS 1.2 environments. It's a massive leap forward for the modern web.