TCP port reuse results in a lower TCP Sequence number

Solution In Progress - Updated -

Issue

  • When an ephemeral port is reused, the kernel generates a lower TCP sequence number compared to the previous connection. Under normal conditions, I would expect a higher initial sequence number, especially since the remote TCP peer does not support TCP timestamps and therefore drops the SYN packet.
  • TCP connection on the same tuple/quadruplet as a previous connection results in an ISN (Initial Sequence Number) which unexpectedly goes backwards, resulting in the remote listener rejecting the packet because of the TIME-WAIT socket on the listener. The TCP RFC says that if the ISN of a new connection attempt is larger then the port can be legally reused.

Environment

  • Red Hat Enterprise Linux 8.4 (4.18.0-305.12.1.el8)
  • Transmission Control Protocol (TCP)
  • Same tuple (IP and port on each end) reused

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content