In a TCP connection the end that performs the active close is required to stay in TIME_WAIT state for 2MSL of time. Why exactly does it need to be 2MSL? Many people said that one MSL is for the final ACK and the other MSL is for retransmitted FIN. But, the RTO of FIN is way shorter than MSL, and the FIN doesn't need to wait for an MSL to be retransmitted. So, their explanation doesn't make sense to me. Can anyone present a specific example of how segments are exchanged during that time?
Figure 1. Packet exchange for TCP connection.
Why does the TIME_WAIT state exist?
The book <<UNIX Network Programming(Volume1,3rd)>> give an answer:
There are two reasons for the TIME_WAIT state:
To implement TCP's full-duplex connection termination reliably
To allow old duplicate segments to expire in the network
I think this is also the answer to this question(Why TIME_WAIT state need to be 2MSL long?)
First look at reason 1. In order to reliably terminate the full-duplex connection, suppose that the last ACK sent by the client in Figure 1 is lost, and the server will retransmit the FIN. In order to receive this timeout and retransmitted FIN, the client needs TIME_WAIT Status; does the TIME_WAIT status have to be 2MSL? In fact, this depends on the server-side FIN timeout retransmission time RTO. If RTO is less than MSL, then TIME_WAIT state MSL is enough. If RTO is greater than 2MSL then TIME_WAIT state 2MSL is not enough, so only when RTO is between MSL and 2MSL , Reason 1 for the existence of the TIME_WAIT state is the reason why the time of TIME_WAIT is 2MSL. In fact, in general, RTO is much smaller than MSL, but considering the worst case, RTO is 2MSL, so the TIME_WAIT state is 2MSL to ensure that the worst case can also receive the FIN that is retransmitted over time.
The time of TIME_WAIT is another important reason for 2MSL. Reason 2, in order to ensure that all packets generated during the duration of this connection disappear from the network, that is, to ensure that when a new TCP connection is established, the old duplicate packets from the connection are already in Disappeared from the network. Some people here may have a question: After the client replies to the last ACK, it feels that all packets can disappear with one MSL. Why do all packets of 2MSL disappear? The reason is:
Suppose that the client sends an ACK just after one MSL time, and the server just starts to retransmit the FIN over time before receiving the ACK, so if the FIN disappears, 2MSL is needed.
Let's recall the process
A FIN B
B ACK A
B FIN A
A ACK B
After above 4 steps, A is now at TIME_WAIT stage while B is at LASK_ACK.
What if step 4(A ACK B) is lost?
B will wait for 1 MSL for step 4, yet failed to get it, so B redo step 3, and step 3 will take 1 MSL to reach A. Hence, A has to wait for 2 MSL for a graceful wave goodbyte.
But there is another question, what if step 4 is lost again? :)
I also have the same question about this. I thought of an assumption.
In extreme senario, suppose the last ACK from client end spends MSL to reach server end. At this point, the end point thinks that this ACK has already perished due to MSL timeout. So server end retransmit the FIN imediately. In order to assure this FIN can reach client end (or if not, we have to assure its perishment), we must have another MSL.
The purpose of TIME-WAIT is to prevent delayed packets from one connection being accepted by a later connection. It can happen as:
A connection from (address a, port p) to (address b, port q) is terminated
A second connection from (address a, port p) to (address b, port q) is established
A duplicate packet from the first connection is delayed in the network and arrives at the second connection when its sequence number is in the second connection’s window.
In such cases the endponts have no idea to identify to identify which connection the packet belongs.
The two reasons for the existence of the TIME-WAIT state and the 2SML timer:
If the last ACK segment is lost, the server TCP, which sets a timer for the last FIN (Finish) bit set, assumes that its FIN is lost and resends it. If the client goes to the CLOSED state and closes the connection before the 2MSL timer expires, it never receives this resent FIN segment, and consequently, the server never receives the final ACK. The server cannot close the connection. The 2MSL timer makes the client wait for a duration that is enough time for an ACK to be lost (one SML) and a FIN to arrive (another SML). If during the TIME-WAIT state, a new FIN arrives, the client sends a new ACK and restarts the 2SML timer.
A duplicate segment from one connection might appear in the next one. Assume a client and a server have closed a connection. After a short period, they open a connection with the same socket addresses (same source and destination IP addresses and the same source and destination port numbers). A duplicated segment from the previous connection may arrive in this new connection and be interpreted as belonging to the new connection if there is not enough time between the two connections. To prevent this problem, TCP requires that an incarnation cannot occur unless a 2MSL amount of time has elapsed.
Tcp must prevent old duplicates from a connection from reappearing at some later time and being misinterpreted as belonging to a new the same connection. To do this, Tcp will not initiate a new connection that is currently in the TIME_WAIT state.
The TIME_WAIT state is twice the MSL, this allows MSL seconds for a packet in one direction to be lost, and another MSL seconds for the reply to be lost.
Related
I am very new to networking, so this might sound simple. Though I have tried to look here and here and here and have got few basics of TCP, there are few questions whose answers I am not certain about.
Is a request and response part of 2 different TCP establishments. To explain that :
Is a connection established, kept alive until all packets are delivered, request sent and connection closed for each request and same happens for its response.
or
A connection is opened, request sent, connection kept alive, response arrives and connection closed.
Is the ACK number always 1 + sequence number of sent segment.
Is a request and response part of 2 different TCP establishments
You need just 3 packets to handshake and establish a bidirectional TCP connection. So no, you do not establish TCP connection for receiving and sending parts.
On the other hand, there is a sutdown() system call which allows to shutdown a part of the bidirectional connection. See man shutdown(2). So there is a possibility to establish a unidirectional connection by opening a bidirectional and then shutdown one of the sides.
Is the ACK number always 1 + sequence number of sent segment.
We usually do not send ACK for every received packet. There are also selective ACKs, retransmissions etc. So in general, the answer is no, the ACK number is not always seq + 1.
On the other hand, if you are sending a small amount of data and waiting for the confirmation, no errors or packet loss occurred, most probably there will be just one packet with that data and one ACK with seq + 1.
Hope that helps.
I'm working on implementing TCP myself for a class project, and there's one detail I can't seem to understand. What is a FIN+ACK message? In the diagram I included here, receipt of a FIN+ACK will take a host from the FIN_WAIT_1 state to the TIME_WAIT state. Yet, NO state transition in the entire diagram sends a FIN+ACK. So how could a FIN+ACK ever be received if nothing is ever sending it?
When an application calls close it moves to FIN_WAIT_1
From FIN_WAIT_1 multiple things can happen:
Application receives ACK:
This means that the peer as acknowledged the last sent data packet. Local application moves to FIN_WAIT_2
Application receives FIN:
This indicates that peer has called close. And local application should acknowledge that. Hence ACK goes out to peer. Local application moves to CLOSING
Application receives FIN + ACK:
What FIN+ACK as you put it means is that the peer has called close as well as in the same TCP segment is acknowledging the data received last. Local application will acknowledge the FIN and this takes the state to TIME_WAIT.
TCP is defined by more than just that state diagram, the basic specification can be found in RFC 793. One particular statement is as follows (page 15, description of ACK field):
Once a connection is established this is always sent.
So basically this says an ACK must always be present after the initial three-way handshake, including during the four-way disconnect phase. There are subsequently only 2 messages that do not include an ACK:
The very first SYN as there is nothing to ACK
A RST as this usually means the connection state is non-existent or so messed up that an ACK does not make sense.
So to answer your question: in that diagram, whenever a FIN is sent, the ACK flag will also be set and an ACK nr will be present, even though it is not explicitly stated.
if there is a tcp connection between A and B,
A send some packets and then a TCP RST(or TCP FIN/ACK) to close the connection,
let me say?
PKT1, PKT2, PKT3, TCP_RST
or
PKT1, PKT2, PKT3, TCP_FIN/ACK
but the packet arrival is out of order
PKT1, TCP_RST(or TCP_FIN/ACK), PKT2, PKT3
then how will B react?
according to the sequence number of TCP_RST and TCP_FIN/ACK,
B knows there are some packets missing(PKT2 and PKT3),
will B wait for PKT2 and PKT3 before it close the connection,
or B immediately close the connection when it receives TCP_RST(or TCP_FIN/ACK)?
thanks
The TCP protocol will reorder the packets before sending them further up the stack. This means it will wait for out of order packets according to the sequence number, ask for retransmission if needed, etc. and wait for the last ack before closing the connection.
You can find the TCP state diagram here:
http://www.ssfnet.org/Exchange/tcp/tcpTutorialNotes.html#ST
TCP guarantees sequence. That includes the sequence of the EOS. It must be delivered after all the data.
In TCP 3-way handshake, 3 segments will be sent (SYN, SYN ACK, ACK). What if the third segment(ACK) is lost? Is the sender going to resend the segment or give up establishing the connection? And how do the two hosts know the segment is lost?
TCP has a sequence number in all packets. Hence it's easy to know if a packet was lost or not. If a host doesn't get an ACK on a packet he just resends it.
In most cases though, even if that ACK was lost, there will be no resending for a very simple reason. Directly after the ACK, the host that opened the TCP protocol is likely to start sending data. That data will, as all TCP packets, have an ACK number, so the recipient would get an ACK that way. Hence, the sender of the SYN-ACK should reasonably not care that it didn't get the ACK, because it gets an "implicit" ACK in the following package.
The re-send of the SYN-ACK is only necessary of there no data is received at all.
Update: I found the place in the RFC that specified exactly this:
If our SYN has been acknowledged (perhaps in this
incoming segment) the precedence level of the incoming segment must
match the local precedence level exactly, if it does not a reset
must be sent.
In other words, if the ACK is dropped but the next packet is not dropped, then everything is fine. Otherwise, the connection must be reset. Which makes perfect sense.
I am not an expert on this particular situation, but I suspect what will happen is the client will think it is connected but the server will not. If the client tries to send data to the server, the server will reject it and send a RST packet to the client so it can reset its "connection".
Can anyone please let me know the procedures that happens in closing a tcp connection.
suppose there is A(Client) and B(Server) that A establish a TCP connection
A is creating a TCP connection with B
In opening a connection what happens if SYN packet from A drops in reaching the B, even if u do some retransmissions.
What happens if SYN+ACK drops in the network if B sending the packet to A.
What happens if ACK drops in the network from A to B.
A is closing the connection with B.
In closing a connection what happens if FIN packet from A drops in reaching the B, even if u do some retransmissions.
What happens if FIN+ACK drops in the network if B sending the packet to A.
What happens if ACK drops in the network from A to B.
Initial SYN packets are re-transmitted with an exponential backoff, usually starting at 2 seconds. I.e. 2s, 4s, 8s, 16s, etc.
The same goes for re-transmitted SYN-ACK packets (though there are some odd implementations that you really don't want to know about).
No ACK is ever re-transmitted blindly. If the other side re-transmits a packet, then another ACK will be sent.
The above is true for FIN as well, just substitute FIN where you see SYN. Of course, the starting re-transmit time is not 2s but whatever has been calculated to be the round-trip-time over the course of the session.
A SYN/FIN packet is treated the same as a data packet with regard to re-transmissions and reliability. Those flags even take up a sequence number so they can be properly tracked.