Translated message

A translation of this page exists in English.

TIME_WAIT ソケットへの SYN を受け取ると、リッスンしているサーバーが SYN/ACK を返さないのはなぜですか?

Solution Unverified - Updated -

Issue

  • TIME_WAIT ソケットへの SYN を受け取ると、リッスンしているサーバーが SYN/ACK を返さないのはなぜですか?

  • http サーバー 192.168.122.1 が、以下の tcpdump の 時刻 15:53:24.751472 で SYN/ACK パケットを返さないのはなぜですか?

$ tcpdump -S -r http.cap port 40353
reading from file http.cap, link-type EN10MB (Ethernet)
15:53:04.259829 IP 192.168.122.2.40353 > 192.168.122.1.http:Flags [S], seq 2518290022, win 5840, options [mss 1460,sackOK,TS val 901255426 ecr 0,nop,wscale 2], length 0
15:53:04.259843 IP 192.168.122.1.http > 192.168.122.2.40353:Flags [S.], seq 927258300, ack 2518290023, win 5792, options [mss 1460,sackOK,TS val 394573207 ecr 901255426,nop,wscale 2], length 0
15:53:04.260032 IP 192.168.122.2.40353 > 192.168.122.1.http:Flags [.], ack 927258301, win 1460, options [nop,nop,TS val 901255427 ecr 394573207], length 0
15:53:04.260121 IP 192.168.122.2.40353 > 192.168.122.1.http:Flags [P.], seq 2518290023:2518290430, ack 927258301, win 1460, options [nop,nop,TS val 901255427 ecr 394573207], length 407
15:53:04.260131 IP 192.168.122.1.http > 192.168.122.2.40353:Flags [.], ack 2518290430, win 1716, options [nop,nop,TS val 394573207 ecr 901255427], length 0
15:53:04.260207 IP 192.168.122.1.http > 192.168.122.2.40353:Flags [P.], seq 927258301:927258680, ack 2518290430, win 1716, options [nop,nop,TS val 394573207 ecr 901255427], length 379
15:53:04.260236 IP 192.168.122.1.http > 192.168.122.2.40353:Flags [F.], seq 927258680, ack 2518290430, win 1716, options [nop,nop,TS val 394573207 ecr 901255427], length 0
15:53:04.260462 IP 192.168.122.2.40353 > 192.168.122.1.http:Flags [.], ack 927258680, win 1728, options [nop,nop,TS val 901255427 ecr 394573207], length 0
15:53:04.260511 IP 192.168.122.2.40353 > 192.168.122.1.http:Flags [F.], seq 2518290430, ack 927258681, win 1728, options [nop,nop,TS val 901255427 ecr 394573207], length 0
15:53:04.260521 IP 192.168.122.1.http > 192.168.122.2.40353:Flags [.], ack 2518290431, win 1716, options [nop,nop,TS val 394573208 ecr 901255427], length 0
15:53:24.751461 IP 192.168.122.2.40353 > 192.168.122.1.http:Flags [S], seq 3294045866, win 5840, options [mss 1460,sackOK,TS val 3992346020 ecr 0,nop,wscale 7], length 0
15:53:24.751472 IP 192.168.122.1.http > 192.168.122.2.40353:Flags [.], ack 2518290431, win 1716, options [nop,nop,TS val 394593698 ecr 901255427], length 0
15:53:24.751744 IP 192.168.122.2.40353 > 192.168.122.1.http:Flags [R], seq 2518290431, win 0, length 0

時刻 15:53:04.260521 において http サーバー(192.168.122.1) には LISTEN ソケットと TIME_WAIT ソケットがあったはずです。

# netstat -antp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name   
tcp        0      0 :::80                       :::*                        LISTEN      7363/httpd          
tcp        0      0 192.168.122.1:80            192.168.122.1:40353         TIME_WAIT   -  
...skip

クライアントが時刻 15:53:24.751461 に SYN パケットを送ると、http サーバーは、15:53:24.751472 に SYN/ACK を送信する代わりに、1 つ前のセッションの FIN パケットに ACK パケットを返しました。それにより、クライアントは 15:53:24.751744 で RST パケットを送信します。

Environment

  • Red Hat Enterprise Linux 4 (おそらくは Red Hat Enterprise Linux 5 にも適用されます)

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content