Keep-Alive Packets after FIN
I have started to capture TCP packets with wireshark.
I'm using chrome for my testing:
I have sent a http request to my local tomcat server.
I have seen TCP handshake and data packets in wireshark.
The server closed the connection by sending FIN flag,after 20 sec. Server's Keepalive timeout is 20 sec.
But after sometime(45 sec) client is sending keepalive packets to server and server acknowledging the same. After 45 sec client is sending another keepalive packet, this time server responds with RST flag.
I have tried the same in firefox
In firefox the trace is completely different
Keep-Alive packet has been sent after 10 sec.
Server sent the FIN,ACK after 20 sec and client immediately responds with FIN,ACK.
My Question is:
Why Keep-alive packet is sent from chrome, after server closing the connection? And why the server is acknowledging since it's already closed ?
Why the RST packet was not sent for first keep alive packet itself(in chrome)?
Why the FIN,ACK was not sent from Chrome?
PS: I'm new to networking and Wireshark. Please correct me if anything wrong.
The Screenshot for looks a little bit strange... Without a trace no deeper analysis is possible. Could you please share a trace with us at public accessible place?
Hi Christian, Please find the capture file in below links.
Firefox Capture
Chrome Capture
Sorry but I cannot spot the sessions from the screenshot (127.0.0.1 with server port 7171) inside the trace.
Sorry I have changed the port to 8080, Can you check with 8080 port. I have reattached the required trace alone, Please download it again.
Well the trace for Chrome looks now different. But in your cases the server closes the connection. So from end user point of view it is very polite from the Browser to keep the session as long open as possible or the user closes the connection.