Hello, After server receives RST packet conection stays ESTABLISHED and setting new connection on the same ports is impossible. Can anybody point me why? Thanks for help.
asked 03 Dec '14, 08:58 JozefB |
One Answer:
Assuming this is a trace taken at the client, I'd say the reset did not make it to the server's TCP layer. answered 05 Dec '14, 10:49 mrEEde The trace was taken at the server. (08 Dec '14, 07:17) JozefB RFC 793 Says,In all states except SYN-SENT, all reset (RST) segments are validated by checking their SEQ-fields. A reset is valid if its sequence number is in the window. In the SYN-SENT state (a RST received in response to an initial SYN), the RST is acceptable if the ACK field acknowledges the SYN.Can you post the capture because in capture seq no. are not matching not sure why(because relative sequence feature or capture taken at some proxy or FW device) (08 Dec '14, 09:28) kishan pandey |
Seems Tcp port 16081 is reused by client after 5 seconds, we can reuse the same socket but only if the SYN packet contains a sequence number which is larger than was previously used.for your reference http://blog.davidvassallo.me/2010/07/13/time_wait-and-port-reuse/
Port 16081 is reused after more than 5 minutes (after RST) but i think it doesn't matter (no FIN). Shouldn't connection change state to CLOSED after server receives RST/ACK segment? Now it stays ESTABLISHED.