At 06:47 AM 1/13/2004, wrolf.courtney@xxxxxxxxxxxxxxx wrote:
1 C TCP 2394 > http [SYN] Seq=1716877397 Ack=0 Win=65535 Len=0
2 S TCP http > 2394 [SYN, ACK] Seq=9296 Ack=1716877398 Win=2048 Len=0
3 C TCP 2394 > http [ACK] Seq=1716877398 Ack=9297 Win=65535 Len=0
Your client sent Seq=...97 in packet 1, but Seq=...98 in packet 3, without
sending another byte.
The server ignores the data sent later, and is still waiting for the
missing byte. Eventually it closes thet connection, when the client won't
send up the missing byte.
I don't think there is a missing byte. The SYN has a sequence of
...97. The SYN itself occupies a byte in the sequence, so the other end
correctly sends an ACK for ...98. The third message correctly has a
sequence of ...98.
1 C TCP 2394 > http [SYN] Seq=1716877397 Ack=0 Win=65535 Len=0
2 S TCP http > 2394 [SYN, ACK] Seq=9296 Ack=1716877398 Win=2048 Len=0
3 C TCP 2394 > http [ACK] Seq=1716877398 Ack=9297 Win=65535 Len=0
4 C HTTP GET /titleMIH.gif HTTP/1.1
5 S TCP http > 2394 [FIN, ACK] Seq=9297 Ack=1716877398 Win=2048 Len=0
6 C TCP 2394 > http [ACK] Seq=1716877667 Ack=9298 Win=65535 Len=0
7 C TCP 2394 > http [FIN, ACK] Seq=1716877667 Ack=9298 Win=65535 Len=0
8 S TCP http > 2394 [ACK] Seq=9298 Ack=1716877398 Win=2048 Len=0
9 C HTTP GET /titleMIH.gif HTTP/1.1
10 S TCP http > 2394 [ACK] Seq=9298 Ack=1716877667 Win=2048 Len=0
11 C TCP 2394 > http [FIN, ACK] Seq=1716877667 Ack=9298 Win=65535 Len=0
12 S TCP http > 2394 [RST, ACK] Seq=9299 Ack=1716877668 Win=2048 Len=0
Here is what I think is happening:
Packet 1, client to server, SYN (requests a connection).
Packet 2, server to client, ACKs the SYN and sends it own SYN.
Packet 3, client to server, ACKs the server's SYN.
Packet 4, client to server, HTTP GET (apparently this packet had a checksum
error).
Packet 5, server to client, FIN (termination request), ACKs only the
previous SYN.
Packet 6, client to server, ACKs the server's FIN.
Packet 7, client to server, FIN (termination request for other direction).
Packet 8, server to client, ACK the client's SYN (doesn't ACK the GET).
Packet 9, client apparently resends the GET.
Packet 10, server to client, ACKs the GET (but not the FIN).
Packet 11, client to server, resends FIN.
Packet 12, server to client, RST. The server now thinks the client has
sent something illegal.
First, I don't know why the server would send FIN in packet 5. FIN should
come from the http server process closing the connection - the checksum
error should be invisible to that process, and I can't think of any reason
the TCP stack would send a FIN on its own.
Second, I don't think there is any violation of TCP protocol that would
cause the server to send RST in packet 12, although I can imagine a TCP
stack could be written that would think the resend of the FIN was a violation.