TCP Handshake

Setup

1. C2S: SYN
   1. SYN With a random sequence number $S_A$ . We do this rather than assume 0 for security and reliability reason (no overlay window).
   2. Win
   3. MSS
   4. SACK_PERM (Selective ACK)
   5. WS
2. S2C: [SYN, ACK].
   1. SYN with a sequence number $S_P$ and set the ACK bit to 1, acknowledge $S_A+1$ (received the SYN)
   2. Win
   3. 0 length
3. C2S: [ACK]
   1. Acknowledge $S_P+1$.
   2. Finalize Win
   3. 0 length
   4. ESTABLISHED

Queue

The SYN Queue

• stores inbound SYN packets (struct inet_request_sock)
• responsible for sending out SYN+ACK packets and retrying them on timeout.
• After transmitting the SYN+ACK, it waits for the last ACK packet from the client
  • All received ACK packets must first be matched against the fully established connection table, and only then against data in the relevant SYN Queue.
  • On SYN Queue match, the kernel removes the item from the SYN Queue. Creates a struct inet_sock, adds it to the Accept Queue

$ sysctl net.ipv4.tcp_synack_retries
net.ipv4.tcp_synack_retries = 5

The Accept Queue

• Stores fully established connections: ready to be picked up by the application.
• When a process calls accept(), the sockets are de-queued and passed to the application.

backlog

The maximum allowed length of both the Accept and SYN Queues is taken from the backlog parameter passed to the listen(2) syscall by the application.

SYN Cookies

Allows the SYN+ACK to be generated statelessly, without actually saving the inbound SYN and wasting system memory.

TCP会通过源地址端口、目标地址端口和时间戳打造出一个特别的Sequence Number发回去

SYN Flood

第一个是：tcp_synack_retries 可以用他来减少重试次数；第二个是：tcp_max_syn_backlog，可以增大SYN连接数；第三个是：tcp_abort_on_overflow 处理不过来干脆就直接拒绝连接了。

Teardown

1. A -> B: FIN, seq $S_A$, ACK $S_B$
2. B -> A: (Data+) ACK $S_A+1$, continue sending unfinished packets
3. B -> A: FIN, seq $S_B$, ACK $S_A+1$
4. A -> B: ACK $S_B+1$

• Problems with closed socket
  • What if final ack is lost in the network?
  • What if the same port pair is immediately reused for a new connection?
• Solution:“active” closer goes into TIME WAIT
  • Active close is sending FIN before receiving one
  • Keep socket around for 2MSL (twice the “maximum segment lifetime”)
• Can pose problems with servers
  • OS has too many sockets in TIMEWAIT, slows things down
  • Hack: Can send RST and delete socket, set SO_LINGER socket option to time O
  • OS won’t let you re-start server because port still in use (SO_REUSEADDR option lets you re-bind used port number)

ACK

Naked ACK

ACK sent without any data payload

Delay ACK

When one side of TCP receives data, it should reply with an ACK to the data. But If you also have a data to send, you can delay the ACK and include data within it (since ACK is only a flag in the packet)

Links

• MSS