Hi, I have some questions regarding some TCP concepts.
According to Richard Stevens, when the active-close end of a TCP connection sends FIN and receives the corresponding ACK from the other end, the connection is "half closed". In this state, the active-close end cannot send but can receive date from its peer. Question 1: it sounds the "half closed" state is the same as the WAIT_FIN_2 state? Question 2: when the passive-close end receives the FIN, how does it know whether the other end wants to stay in the half closed state (in this case, it should send data) or to do a full close (in this case, it should send FIN)? Seems half-close is achieved by using the shutdown() function, so in other words, both close() and shutdown() cause FIN to be sent, but what's the difference between them so that close() causes the peer to send FIN also, while shutdown() caused the peer to delay the FIN? According to Richard, "A TCP connection is said to be half-open if one end has closed or aborted the connection without the knowledge of the other end." Question 3: what's meaning of "without the knowledge of the other end"? Does it mean "don't know the status of the other end", or "the other end doesn't know that I've closed/aborted the connection"? Question 4: seems the term "half open" is also used in the context of the SYN flood DoS attack, to describe the state of "SYN sent and SYN-ACK received, but the last ACK not sent". Clearly the "half open" here is not same as the one we talked above. Is it a valid usage of this term? Thanks. _______________________________________________ networking-discuss mailing list [email protected]
