Can someone give me a reason the FIN bit exists, or a use case where it would be used to "terminate" a connection instead of using the RST bit? I ask this because I've been watching a bunch of Laura's training videos. She continually mentions that when a connection is terminated using the FIN bit, the other side doesn't actually tear down the connection. It then allows someone else to hijack the connection... So, could the FIN bit be considered legacy, or is there a real reason to use it instead of RST? asked 25 Jul '14, 13:09  patrick_harrold |
One Answer:
The RST bit was historically designed to signal fatal connection problems, while FIN was designed to signal graceful shutdown. FIN also allows late packet arrivals and one sided connection tear down without the other party being forbidden to send more data. I'm not sure why Laura says that with FIN the other side does not tear down the connection, because in most cases it does. It just does not HAVE to right away. FIN is not (yet) legacy, it's still used quite often. RST is just quicker and releases resources right away, so it is slowly replacing the use of FIN. answered 25 Jul '14, 13:17  Jasper ♦♦ |
Thanks for the prompt reply and apologies for my late reply. I figured I would get a notification email by default when someone answered my question but I guess not.
Can you think of any reason a node would choose to not tear down a connection when it receives a FIN? I mean... if you hear that someone isn't listening to you anymore, why wouldn't you tear down the connection? I know you say they don't HAVE to, but why shouldn't they be forced?
I'm just trying to think of a valid, real-world use case that FIN would be used instead of RST (assuming one exists).
A node would not tear down the connection immediately if it still had data to send. FIN does not mean "I'm not listening any more," it means "I have no more data to send." It's unusual, but the other host is allowed to continue sending. RST, on the other hand, does mean "I'm not listening any more."
You see that kind of one sided teardown for some web based services, e.g. a client sending "hey server, I need this XML, btw, that's all I need" by sending a GET request with a FIN following it right away. The server can then prepare the XML and send it, already knowing that that was all the client wants. So it usually sends the content and a FIN of its own to signal that it has finished the job as well.