establish connection without tcp options
Andre Oppermann
andre at freebsd.org
Mon Jun 2 07:49:42 UTC 2008
Victor Hugo Bilouro wrote:
> On Sun, Jun 1, 2008 at 5:45 PM, Andre Oppermann <andre at freebsd.org> wrote:
>> Victor Hugo Bilouro wrote:
>>> syn---------------------------------
>>> sport 59966
>>> dport 22022
>>> sequence 874312230
>>> ack_number 0
>>> offset 5
>>> reserved 0
>>> urgent 0
>>> ack 0
>>> push 0
>>> reset 0
>>> syn 1
>>> fin 0
>>> window 65535
>>> checksum 50667
>>> urg_pointer 0
>>>
>>> ---------------------------------
>>>
>>> syn+ack-----------------------------
>>> sport 22022
>>> dport 59966
>>> sequence 2755934977
>>> ack_number 874312231
>>> offset 6
>>> reserved 0
>>> urgent 0
>>> ack 1
>>> push 2
>>> reset 4
>>> syn 9
>>> fin 0
>>> window 65535
>>> checksum 52952
>>> urg_pointer 0
>>>
>>> ---------------------------------
>>>
>>> ack---------------------------------
>>> sport 59966
>>> dport 22022
>>> sequence 874312230
>> ^^^^^^^^^^^^^^ increment by one for SYN you sent.
>> See also the ACK you got back above.
>>
>>> ack_number 2755934978
>>> offset 5
>>> reserved 0
>>> urgent 0
>>> ack 1
>>> push 0
>>> reset 0
>>> syn 0
>>> fin 0
>>> window 65535
>>> checksum 59030
>>> urg_pointer 0
>>> ---------------------------------
>>>
>>> ...and the log showed:
>>> TCP [192.168.1.10]:59966 to [192.168.1.20]:22022 tcpflags 0x10<ACK>;
>>> syncache_expand: SEQ 874312230 != IRS+1 874312230, segment rejected.
>>>
>>> I'm still working...
>> You should familiarize yourself some more with the sequence number
>> system TCP uses. The Stevens books "TCP/IP Illustrated" Volume 1+2
>> are very good for that.
>>
>> --
>> Andre
>>
>
> PS.: I forgot to copy the list in the previous email exchanging, so
> I'm doing now....
>
>
> Andre, thank you SO VERY MUCH. It's working fine!
>
> As every book show tcpdump examples of connection establishment , and
> when the SYN flag is 0(as step #3 of three way handshake), sequence
> number(SN) are omitted of dump, BUT, it's present.
You should use the "-S" option to tcpdump. It will show absolute
sequence number instead of relative ones (as guessed by tcpdump).
> The thing is, the SN is present but it isn't consumed. So, packets
> that don't consumes the SN, must have the last consumed SN + 1.
>
> Only for curiosity, linux and windows 2k accomplished without
> problems the three way handshake without Sequence Number filled on
> step #3.
I have a hard time believing that. At most they may have sent you
a retransmit or a challenge-ACK.
--
Andre
More information about the freebsd-net
mailing list