Content deleted Content added
→Embryonic connection: Remove repeating "protocol" from after TCP |
Fordsfords (talk | contribs) Added section explaining that a stateful firewall can lead to half-open connections. |
||
Line 3:
== RFC 793 ==
According to [http://www.ietf.org/rfc/rfc0793.txt RFC 793], a TCP connection is referred to as ''half-open'' when the host at one end of that TCP connection has crashed, or has otherwise removed the socket without notifying the other end. If the remaining end is idle, the connection may remain in the half-open state for unbounded periods of time.
== Stateful Firewall Timeout ==
Another circumstance that can lead to half-open connections is if a [[stateful firewall]] times out a connection that is idle for too long. In this case, the firewall clears its internal state, and if either side of the connection sends a packet, the firewall will drop the packet. This will often result in a half-open connection as the two sides of the connection can end up with inconsistent connection states.
== Embryonic connection ==
[[Transmission Control Protocol|TCP]] has a [[Three-way handshake|three state system]] for opening a connection. First, the originating endpoint (A) sends a [[SYN (TCP)|SYN packet]] to the destination (B). A is now in an embryonic state (specifically, SYN_SENT), and awaiting a response. B now updates its kernel information to indicate the incoming connection from A, and sends out a request to open a channel back (the [[SYN/ACK]] packet).
Line 19 ⟶ 22:
* [[SYN flood]]
* [[SYN cookies]]
* [[Stateful firewall]]
== External links ==
| |||