Hi Kacheong, thanks for replying. I have further questions. Please see below. Thanks.
> I think you'll get a better response if you send general TCP > questions to, say the IETF TCPM mailing list ([EMAIL PROTECTED]). > The networking-discuss mailing list is mainly for OpenSolaris > networking related issues. Thanks. I'll contact them in the future. > > Question 2: when the passive-close end receives the FIN, how does it > > know whether the other end wants to stay in the half closed state (in > > this case, it should send data) or to do a full close (in this case, > > it should send FIN)? > > > It does not need to know that. The TCP close sequence is done > independently on both ends. Receiving a FIN just means that > the peer is done with sending. The application may still want > to send more. TCP will do the close sequence when the app tells > it to (say by calling close() on the socket). > > > > Seems half-close is achieved by using the shutdown() function, so in > > other words, both close() and shutdown() cause FIN to be sent, but > > what's the difference between them so that close() causes the peer to > > send FIN also, while shutdown() caused the peer to delay the FIN? > > There is nothing in close() which forces the other end to start > the TCP close sequence. And shutdown() also does not cause the > peer to delay sending the FIN. The peer's close sequence is > controlled by the peer's application. I see. So a common use it, when I do close(), FIN is sent, and the peer will get an EOL when it read(). When getting the EOF, the peer knows about the "half-close" state, and then it can either send data or also call close(). Is it right? > > Question 3: what's meaning of "without the knowledge of the other > > end"? Does it mean "don't know the status of the other end", or "the > > other end doesn't know that I've closed/aborted the connection"? > > For example, if there is a transient network outage such that > the initial FIN and all subsequent retransmissions of it are > lost. So TCP connection is killed on one end. The other end > does not know about this and it will still keep the TCP connection > alive (half-"open"). So "without the knowledge of the other end" means "the other side doesn't know my crash here"? And we say the other side (not the side that crashes) is in "half-open"? > > Question 4: seems the term "half open" is also used in the context of > > the SYN flood DoS attack, to describe the state of "SYN sent and > > SYN-ACK received, but the last ACK not sent". Clearly the "half open" > > here is not same as the one we talked above. Is it a valid usage of > > this term? > > I believe it is referring to the passive open side, which receives > the SYN and sends back a SYN-ACK. To this side, it does not > know that the other side is non-existing, similar to the above > case. So it will keep the TCP connection alive (half-"open"). I see. Thanks. _______________________________________________ networking-discuss mailing list [email protected]
