RFC 1337 (rfc1337) - Page 1 of 11


TIME-WAIT Assassination Hazards in TCP



Alternative Format: Original Text Document



Network Working Group                                          R. Braden
Request for Comments: 1337                                           ISI
                                                                May 1992


                 TIME-WAIT Assassination Hazards in TCP

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard.  Distribution of this memo is
   unlimited.

Abstract

   This note describes some theoretically-possible failure modes for TCP
   connections and discusses possible remedies.  In particular, one very
   simple fix is identified.

1. INTRODUCTION

   Experiments to validate the recently-proposed TCP extensions [RFC-
   1323] have led to the discovery of a new class of TCP failures, which
   have been dubbed the "TIME-WAIT Assassination hazards".  This note
   describes these hazards, gives examples, and discusses possible
   prevention measures.

   The failures in question all result from old duplicate segments.  In
   brief, the TCP mechanisms to protect against old duplicate segments
   are [RFC-793]:

   (1)  The 3-way handshake rejects old duplicate initial 
        segments, avoiding the hazard of replaying a connection.

   (2)  Sequence numbers are used to reject old duplicate data and ACK
        segments from the current incarnation of a given connection
        (defined by a particular host and port pair).  Sequence numbers
        are also used to reject old duplicate  segments.

        For very high-speed connections, Jacobson's PAWS ("Protect
        Against Wrapped Sequences") mechanism [RFC-1323] effectively
        extends the sequence numbers so wrap-around will not introduce a
        hazard within the same incarnation.

   (3)  There are two mechanisms to avoid hazards due to old duplicate
        segments from an earlier instance of the same connection; see
        the Appendix to [RFC-1185] for details.




Braden