Browse Prior Art Database

TIME-WAIT Assassination Hazards in TCP (RFC1337)

IP.com Disclosure Number: IPCOM000002160D
Original Publication Date: 1992-May-01
Included in the Prior Art Database: 2000-Sep-12
Document File: 9 page(s) / 21K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

R. Braden: AUTHOR

Abstract

This note describes some theoretically-possible failure modes for TCP connections and discusses possible remedies. In particular, one very simple fix is identified.

This text was extracted from a ASCII document.
This is the abbreviated version, containing approximately 13% of the total text.

Network Working Group R. Braden

Request for Comments: 1337 ISI

May 1992

TIME-WAIT Assassination Hazards in TCP

Status of This Memo

This memo provides information for the Internet community. It does

not specify an Internet standard. Distribution of this memo is

unlimited.

Abstract

This note describes some theoretically-possible failure modes for TCP

connections and discusses possible remedies. In particular, one very

simple fix is identified.

1. INTRODUCTION

Experiments to validate the recently-proposed TCP extensions [RFC-

1323] have led to the discovery of a new class of TCP failures, which

have been dubbed the "TIME-WAIT Assassination hazards". This note

describes these hazards, gives examples, and discusses possible

prevention measures.

The failures in question all result from old duplicate segments. In

brief, the TCP mechanisms to protect against old duplicate segments

are [RFC-793]:

(1) The 3-way handshake rejects old duplicate initial

segments, avoiding the hazard of replaying a connection.

(2) Sequence numbers are used to reject old duplicate data and ACK

segments from the current incarnation of a given connection

(defined by a particular host and port pair). Sequence numbers

are also used to reject old duplicate segments.

For very high-speed connections, Jacobson's PAWS ("Protect

Against Wrapped Sequences") mechanism [RFC-1323] effectively

extends the sequence numbers so wrap-around will not introduce a

hazard within the same incarnation.

(3) There are two mechanisms to avoid hazards due to old duplicate

segments from an earlier instance of the same connection; see

the Appendix to [RFC-1185] for details.

For "short and slow" connections [RFC-1185], the clock-driven

ISN (initial sequence number) selection prevents the overlap of

the sequence spaces of the old and new incarnations [RFC-793].

(The algorithm used by Berkeley BSD TCP for stepping ISN

complicates the analysis slightly but does not change the

conclusions.)

(4) TIME-WAIT state removes the hazard of old duplicates for "fast"

or "long" connections, in which clock-driven ISN selection is

unable to prevent overlap of the old and new sequence spaces.

The TIME-WAIT delay allows all old duplicate segments time

enough to die in the Internet before the connection is reopened.

(5) Afte...