18-TCP Connection Establishment and Termination

Please indicate the source: http://blog.csdn.net/gaoxiangnumber1

Welcome to my github: https://github.com/gaoxiangnumber1

18.1 Introduction

18.2 Connection Establishment and Termination

• To see what happens when a TCP connection is established and then terminated, we type the following command on the system svr4:

svr4 % telnet bsdi discard
Trying 192.82.148.3 ...
Connected to bsdi.
Escape character is '^]'.
^]                      #type Control, right bracket to talk to the Telnet client
telnet> quit                #terminate the connection
Connection closed.

• The telnet command establishes a TCP connection with the host bsdi on the port corresponding to the discard service(Section 1.12).

tcpdump Output

• Figure 18.1 shows the tcpdump output for the segments generated by this command.

• These seven TCP segments contain TCP headers only. For TCP segments, each output line begins with
  source > destination: flags
  where flags represents four of the six flag bits in the TCP header(the other two flag bits(ACK and URG) are printed specially). Figure 18.2 shows the five different characters that can appear in the flags output.

• Line 1: 1415531521:1415531521(0) means the sequence number of the packet was 1415531521 and the number of data bytes was 0. tcpdump displays this by printing the starting sequence number, a colon, the implied ending sequence number, and the number of data bytes in parentheses.
• The implied ending sequence number is output only if
  (1) the segment contains one or more bytes of data, or
  (2) the SYN, FIN, or RST flag was on.
  Lines 1, 2, 4, and 6 display this field because of the flag bits.
• Line 2: ack 1415531522 shows the acknowledgment number. This is printed only if the ACK flag in the header is on.
• The field win 4096 in every line of output shows the window size being advertised by the sender. Since we are not exchanging any data in this case, the window size never changes from its default of 4096.(Section 20.4.)
• The field <mss 1024> shows the maximum segment size(MSS) option specified by the sender. The sender does not want to receive TCP segments larger than this value.

Time Line

• Figure 18.3 shows the time line for this sequence of packets.

Connection Establishment Protocol

1. The requesting end sends a SYN segment specifying the port number of the server that the client wants to connect to, and the client’s initial sequence number (1415531521 in this case). This is segment 1.
2. The server responds with its own SYN segment containing the server’s initial sequence number(segment 2). The server also acknowledges the client’s SYN by ACK the client’s ISN plus one. A SYN consumes one sequence number.
3. The client must acknowledge this SYN from the server by ACK the server’s ISN plus one(segment 3).
   
   • The side that sends the first SYN is said to perform an active open. The other side, which receives this SYN and sends the next SYN, performs a passive open. In Section 18.8 we describe a simultaneous open where both sides can do an active open.
   • When each end sends its SYN to establish the connection, it chooses an initial sequence number for that connection. The ISN should change over time so that each connection has a different ISN. The purpose in sequence numbers is to prevent packets that get delayed in the network from being delivered later and then misinterpreted as part of an existing connection.
   • The 4.1 seconds gap between segments 3 and 4 is the time between establishing the connection and typing the quit command to telnet to terminate the connection.

Connection Termination Protocol

• Since a TCP connection is full-duplex, each direction must be shut down independently. The rule is that either end can send a FIN when it is done sending data. When a TCP receives a FIN, it must notify the application that the other end has terminated that direction of data flow. A TCP can still send data after receiving a FIN.
• We say that the end that first issues the close performs the active close and the other end performs the passive close. We’ll see in Section 18.9 how both ends can do an active close.
• Segment 4 in Figure 18.3 initiates the termination of the connection and is sent when the Telnet client closes its connection(i.e., when we type quit). This causes the client TCP to send a FIN, closing the flow of data from the client to the server.
• When the server receives the FIN, it sends back an ACK of the received sequence number plus one(segment 5). At this point the server’s TCP delivers an end-of-file to the application(the discard server). The server then closes its connection, causing its TCP to send a FIN(segment 6), which the client TCP must ACK by incrementing the received sequence number by one(segment 7).

• Figure 18.4. In this figure sending the FINs is caused by the applications closing their end of the connection, whereas the ACKs of these FINs are automatically generated by the TCP software.

Normal tcpdump Output

• The default tcpdump output shows the complete sequence numbers only on the SYN segments, and shows all following sequence numbers as relative offsets from the original sequence numbers.(To generate the output for Figure 18.1 we had to specify the -S option.) The normal tcpdump output corresponding to Figure 18.1 is shown in Figure 18.5.

18.3 Timeout of Connection Establishment

• There are several instances when the connection cannot be established. If the server host is down, Figure 18.6 shows the tcpdump output.

• To see how long the client’s TCP keeps retransmitting before giving up, we have to time the telnet command:

bsdi % date ; telnet svr4 discard ; date
Thu Sep 24 16:24:11 MST 1992
Trying 192.82.148.2...
telnet: Unable to connect to remote host: Connection timed out
Thu Sep 24 16:25:27 MST 1992

• The time difference is 76 seconds. Most Berkeley-derived systems set a time limit of 75 seconds on the establishment of a new connection.

First Timeout Period

• In Figure 18.6, the first timeout period is 5.8 seconds, close to 6 seconds, while the second period is almost exactly 24 seconds.
• BSD implementations of TCP run a timer that goes off every 500 ms. This 500-ms timer is used for various TCP timeouts. When we type in the telnet command, an initial 6-second timer is established(12 clock ticks), but it may expire anywhere between 5.5 and 6 seconds in the future. Figure 18.7 shows what’s happening.

• Although the timer is initialized to 12 ticks, the first decrement of the timer can occur between 0 and 500 ms after it is set. From that point on the timer is decremented about every 500 ms.(We use “about” because the time when TCP gets control every 500 ms can be preempted by other interrupts being handled by the kernel.) When that 6-second timer expires at the tick labeled 0 in Figure 18.7, the timer is reset for 24 seconds(48 ticks) in the future.

Type-of-Service Field

• In Figure 18.6, the notation tos 0x10 is the type-of-service(TOS) field in the IP datagram(Figure 3.2).

18.4 Maximum Segment Size

• The maximum segment size(MSS) is the largest chunk of data that TCP will send to the other end. When a connection is established, each end can announce its MSS. The resulting IP datagram is normally 40 bytes larger: 20 bytes for the TCP header and 20 bytes for the IP header.
• When a connection is established, each end has the option of announcing the MSS it expects to receive.(An MSS option can only appear in a SYN segment.) If one end does not receive an MSS option from the other end, a default of 536 bytes is assumed.
• In general, the larger the MSS the better, until fragmentation occurs.(See Figures 24.3 and 24.4 for a counterexample.) A larger segment size allows more data to be sent in each segment, amortizing the cost of the IP and TCP headers.
• When TCP sends a SYN segment, it can send an MSS value up to the outgoing interface’s MTU, minus the size of the fixed TCP and IP headers. For an Ethernet this implies an MSS of up to 1460 bytes(1500 - 20 TCP header - 20 IP header).
• If the destination IP address is “nonlocal,” the MSS normally defaults to 536:
  
  1. A destination whose IP address has the same network ID and the same subnet ID as ours is local.
  2. A destination whose IP address has a different network ID from ours is nonlocal.
  3. A destination with the same network ID but different subnet ID could be either local or nonlocal.
• The MSS lets a host limit the size of datagrams that the other end sends, it also limit the size of the datagrams that this h