EE 281 Lecture 5: 5
of order and was not dropped. Now the receiver can fill in its hole in the receive buffer. It just got bytes 1960…2959 and it
already had bytes 2960…3459 from the earlier receipt of the segment with sequence number 2060. The acknowledgement it
sends now will be the cumulative acknowledgement – the sequence number of the next byte it needs: 3460. The sender will see
acknowledgements of 1960, 1960, and 3460. Had the transmitted segments arrived in order, the acknowledgements would have
been 1960, 2960, and 3460.
TCP Connection setup and teardown
Connection setup
TCP employs a three-way handshake to set up a connection: a process of SYN, SYN-ACK, and ACK. The client initiates the
process; it creates a random initial sequence number (client_isn) and sends it to the server in a TCP segment with the SYN flag
set. The server receives this and allocates send and receiver buffers as well as variables. This set of data, containing all the
information about a connection, is called the transmission control block (TCB). The server then creates a SYN-ACK segment
that acknowledges the received sequence number and contains a random sequence number from the receiver. This segment also
has the SYN bit set. Upon receiving this, the client acknowledges the server’s sequence number by sending the
final ACK segment to the server and allocates its own TCP buffers and variables for the connection.
SYN flooding
Kernel memory is finite and the operating system will not allocate an unlimited amount of memory for managing TCP
connections. A denial-of-service attack called SYN flooding sends a large number of SYN segments to a machine but usually
uses an unreachable return address to never complete the handshake to set up a legitimate connection. The recipient normally
allocates memory for each SYN segment that it receives, expecting each to become a legitimate connection. Eventually, kernel
memory is exhausted and the operating system will not allow any more incoming TCP connection requests, including, of course,
legitimate ones. The operating system will continue to refuse incoming connections until those incomplete ones time out. The
connection setup timeout is an administrator-configured value and can range from half a minute to several minutes.
Several approaches have been proposed to deal with SYN flooding. One of these is SYN cookies. The key realization is that the
kernel allocates memory (the TCB) before the connection is fully set up. With the technique of SYN cookies, no state is
saved (no memory allocated) upon the receipt of a connection request. Instead, any needed information is encoded into the initial
sequence number. Since that sequence number (+1) will be sent back in the final ACK from the client, the server will be able to
validate that the ACK, and hence the requesting client, is legitimate. The initial sequence number that the server creates is a hash
of the source and destination IP addresses, ports, and some secret value known only to the server. A client will not be able to
spoof this value since it does not know the secret but a server can easily validate it from the acknowledgement number in the
ACK message from a legitimate client.
MSS announcement
TCP provides an option during connection setup to tell the other side its maximum segment size (MSS); that is, the largest size
segment that it is willing to accept. If both machines are on the same LAN, the MSS is likely to be the MTU of the network
interface minus the size of the protocol headers (20 bytes for IP and 20 more bytes for TCP), although it can differ even here if,
for example, one device supports jumbo (9000-byte) Ethernet packets and the other does not. The Internet requirement is that all
IP routers support an MSS of at least 536 bytes.
Invalid messages
If a host receives a TCP segment where the port numbers or source address to not match any connection (e.g., the socket is closed
or there is no listener on that address), it will send back a reset segment, a TCP segment with the RST flag set. In the case of
UDP, an attempt to send a message to a port that does not have any process listening on it will result in the generation of an
ICMP message back to the sender.
find more resources at oneclass.com
find more resources at oneclass.com
Document Summary
Now the receiver can fill in its hole in the receive buffer. It just got bytes 1960 2959 and it already had bytes 2960 3459 from the earlier receipt of the segment with sequence number 2060. The acknowledgement it sends now will be the cumulative acknowledgement the sequence number of the next byte it needs: 3460. The sender will see acknowledgements of 1960, 1960, and 3460. Had the transmitted segments arrived in order, the acknowledgements would have been 1960, 2960, and 3460. Tcp employs a three-way handshake to set up a connection: a process of syn, syn-ack, and ack. The client initiates the process; it creates a random initial sequence number (client_isn) and sends it to the server in a tcp segment with the syn flag set. The server receives this and allocates send and receiver buffers as well as variables. This set of data, containing all the information about a connection, is called the transmission control block (tcb).
