Re: seq reconstruction.

[Greg Stark <gsstark () mit edu>]

Matt Comb <mattyc () orcon net nz> writes:

> I am piecing sequences together using the following basic algorithm,
>
> 1.When a packet arrives with a start flag, i create a sequence with an
> expected id.
>
> 2.If a packet arrives with that seq number, I append and then inc the
> expected id with the packet size., until 1 of the following happens.

Do you handle out-of-sequence packets? If packet 1 is missed but packet 2
arrives fine then when packet 1 is resent the ack will acknowledge receipt of
packet 2 as well. If you ignored packet 2 entirely when it was first sent then
you'll lose the rest of the connection since it will never be resent.

> a) I receive a finish.

TCP connections are composed of two independent one-directional streams. You
realize that receiving a FIN in one direction doesn't close the connection in
the other direction? 

Unless the other side sends a FINACK it can continue sending data. HTTP/1.1
does this frequently because requests can be fairly short and the client can
queue several up and close the connection and then just read the responses.

> b) I receive a reset

> c) the sequence times out.

Well, TCP/IP doesn't time out, but that's a bit of a religious issue...

-- 
greg

-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe