A tcp connection has a client and a server, my question is will the server start a timer when it sends an ACK packet to the client? and will the server retransmit that ACK packet if the packet gets timeout or lost?
will the server start a timer when it sends an ACK packet to the client?
The server will not control if the ACK was received by the client. If the client does not receive an ACK for transmitted data it will assume that either the data or the ACK to the data got lost. In this case it will simply resend the unacknowledged data - which will result in the server sending another ACK for the same data.
Related
I understand that the client and the server are connected after client receives SYN ACK messages from the server during 3 way handshake and sending ACK messages to the Server. After they are connected, when the client sends the other messages to the server, what happens if that messages arrives at the server before the ACK message that client sent when doing the 3 way handshake?
what happens if that messages arrives at the server before the ACK message that client sent when doing the 3 way handshake?
ACK is just the flag in the TCP header together with the sequence number of the latest received data. It can be contained in an empty packet (i.e. no payload, just TCP header) but also in a packet with payload. It does not matter if a specific packet with an ACK is received as long as an ACK covering the data is received at all.
This means it is sufficient if the initial data send by the client cover the final ACK for the TCP handshake. In fact there is not even a need to send a standalone ACK (without payload) from the client at all to finish the TCP handshake but the client can start sending data as soon as the client has received the SYN and ACK from the server.
I am using a simulator. in this simulator when a client sends a tcp syn request to a server and server responds it with RST packet (when the requesting port is close) the same client sends tcp syn retransmission to the same server (and the same port) for four times. i want to know real networks do the same? i mean in real networks if a client sends a tcp syn to a server and recieve RST , do that client sends tcp syn retransmission to that server for four times?
It totally depends on the client implementation. If you program a client to respond to a server's RST with a SYN 4 times, then that's what it will do. It might be that the server is sending an RST because it's detecting a SYN flood (if you keep on sending SYNs unsuccessfully, eventually heuristics will class it as such).
You may want to play with Scapy so you can easily write the client for these kinds of questions.
I have a server with multiple clients. The simulated network is in heavy congestion. What I found is that the server reset some TCP connections after received the ACK segment of three-way handshake. But it doesn't happen when the network is in good condition.
What I found is that the ACK of three-way handshake is received about 3.5s later than the SYN-ACK.
Is that because the three-way handshake SYN-ACK time-out? If SYN-ACK time out, why not resend SYN-ACK.
Thank you for any suggestions.
This looks like related to SYN cookies.
SYN cookies
When a Linux host receives too much SYN traffic, it activates the SYN cookies mechanism.
When SYN cookies is enabled, a server answers to SYN by issuing a SYN-ACK segment with specific data encoded in the TCP sequence field. In that field it encodes the timestamp, the MSS and a cryptographic hash of the two endpoints (local and remote IPs and ports) plus the timestamp.
This is done so that the server does not have to store anything about the connection at this point, it simply send the answer and forget about it.
Then, when the client answer with its ACK, the server checks the hash in the ack field (the ack of the client is the sequence of the server). If it is correct, it creates the connection with the data stored in the field.
SYN cookies explain why the server does not resend SYN-ACK packets when they timeout.
But, why the reset after receiving the ACK?
Maybe clients (or server) are behind a NAT that modifies ports and the NAT also gets congested, so that it cannot link the final ACK to the previous SYN, and assigns a new source port. When the server receives it, it resets the connection (it does not matter if SYN cookies are enabled or not).
Or maybe the server process is not accepting connections at the same speed they are arriving, the kernel queue has filled and newer ones are discarded that way.
In the process of 3 way hand-shaking between a client and a server, what will happen in the following scenarios? Thanks.
Lost (control) packets:
What happen if SYN lost? client vs. server actions
What happen if SYN+ACK lost? client vs. server actions
What happen if ACK lost? client vs. server actions
Duplicate (control) packets:
What does server do if duplicate SYN received?
What does client do if duplicate SYN+ACK received?
What does server do if duplicate ACK received?
What happen if SYN lost?
It is retransmitted by the client if it hasn't been acknowledged by the server with a SYN-ACK.
What happen if SYN+ACK lost?
The SYN is retransmitted by the client if it hasn't been acknowledged by the server with a SYN-ACK.
What happen if ACK lost?
The SYN-ACK is retransmitted by the server if it hasn't been acknowledged by the client with an ACK.
What does server do if duplicate SYN received?
It retransmits the SYN-ACK.
What does client do if duplicate SYN+ACK received?
It retransmits the ACK.
What does server do if duplicate ACK received?
Nothing.
Connect function returns after sending the last ACK(3rd segment of 3-way handshake of initiating TCP connection). What happens if this 3rd segment is lost because listen is still waiting for ACK at server but there is no one at client to send that ACK again ?
If the client sends its ACK with a data packet, and it gets lost, the client will notice that the data hasn't been ACKd by the server and resend the packet.
If the client sends its ACK in a separate packet, and it gets lost, the server will notice that the SYN/ACK hasn't been ACKd by the client and resend the packet. Client will respond by resending the ACK.
Whether the application's connect call is still blocking at that time doesn't matter, since the ACKing is done by the OS's TCP/IP implementation.