Posted on by patrickmarcpreuss

TCP Session Closing

Customer was approaching us if we see an issue to change the tcp behavior of an application interface, due to timing concerns on the server side.


-> TCP  [SYN]
<- TCP  [SYN,ACK]
-> TCP  [ACK]
-> COPT [CR]
<- COPT [CC]
-> COPT [DT]
<- TCP  [ACK]
-> COPT [DR]
<- TCP  [ACK]
-> TCP  [FIN,ACK]
<- TCP  [ACK]

One thing to notice is the Session Closing is missing the initial [FIN]

The wanted to change this to 

-> TCP  [SYN]
<- TCP  [SYN,ACK]
-> TCP  [ACK]
-> COPT [CR]
<- COPT [CC]
-> COPT [DT]
<- TCP  [ACK]
-> TCP  [RST,ACK]

For sure you can close a session with only [RST] as mentioned in “UNIX Network Programming” third edition  page 202 – 203.

“There are certain circumstances which warrant using this feature to send an abortive close. One example is an RS-232 terminal server, which might hang forever in CLOSE_WAIT trying to deliver data to a stuck terminal port, but would properly reset the stuck port if it got an RST to discard the pending data.”

I would agree that there are use cases to use RST, but would it better to send FIN FIN,ACK RST. This would at least give Statefull packet filters, aka firewalls, to start closing the Session. 

-> TCP  [FIN]
<- TCP  [FIN,ACK]
-> TCP  [RST]

Just sending an RST at the Start of a Session might be OK, since the Firewall State Table just shaw the SYN packtet.

But closing the session with an RST will bring the session to a close on the First Firewall, but what happens on the other Firewalls in the chain.

This can lead to a situation where the Sencond Firewall still sees the Session as open and IDLE.

Still there is the question if SO_REUSEADDR would not solve the Issue?

Below you will find Links to some discussion around the topic.

Links

Blog at WordPress.com.