What happens when a TCP stream suddenly receives a packet that was not destined for the current stream?

Solution Verified - Updated -

Issue

  • In the middle of a TCP session, possibly during the three-way-handshake, a random packet from another TCP session is sent to the wrong system. What is the response from the kernel that can be expected when this happens?

  • For example, in this TCP session:

No.     Time                       Source                Destination           Protocol Length Info
    285 2013-06-19 16:15:46.697294 192.168.1.4          172.34.124.220        TCP      66     50221 > http [SYN] Seq=3960902987 Win=14600 Len=0 MSS=1460 WS=7
    286 2013-06-19 16:15:46.697703 172.34.124.220        192.168.1.4          TCP      60     [TCP ACKed lost segment] http > 50221 [PSH, ACK] Seq=3530742827 Ack=3961023912 Win=16560 Len=0
  • In the above scenario, a client sends a SYN to port 80 with ephemeral port 50221 (packet 285). The client is expecting a SYN-ACK in response as per TCP/IP standards for opening a new socket - in this instance, however, it receives an ACK that was not intended for this current stream (packet 286).

Environment

  • Red Hat Enterprise Enterprise Linux 6
  • Red Hat Enterprise Enterprise Linux 5
  • Red Hat Enterprise Enterprise Linux 4
  • Red Hat Enterprise Enterprise Linux 3

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content