📄 rfc1379.txt
字号:
(4) providing an initial server window. A recently proposed set of enhancements [RFC-1323] defines a TCP Timestamps option that carries two 32-bit timestamp values. The Timestamps option is used to accurately measure round-trip time (RTT). The same option is also used in a procedure known as "PAWS" (Protect Againsts Wrapped Sequence) to prevent erroneous data delivery due to a combination of old duplicate segments and sequence number reuse at very high bandwidths. The particular approach to transactions chosen in this memo does not require the RFC-1323 enhancements; however, they are important and should be implemented in every TCP, with or without the transaction extensions described here.3. BYPASSING THE 3-WAY HANDSHAKE To avoid 3-way handshakes for transactions, we introduce a new mechanism for validating initial SYN segments, i.e., for enforcing at-most-once semantics without a 3-way handshake. We refer to this as the TCP Accelerated Open, or TAO, mechanism. 3.1 Concept of TAO The basis of TAO is this: a TCP uses cached per-host information to immediately validate new SYNs [Clark89]. If this validation fails, e.g., because there is no current cached state or the segment is an old duplicate, the procedure falls back to a normal 3-way handshake to validate the SYN. Thus, bypassing a 3-way handshake is considered to be an optional optimization.Braden [Page 6]
RFC 1379 Transaction TCP -- Concepts November 1992 The proposed TAO mechanism uses a finite sequence-like space of values that increase monotonically with successive transactions (connections) between a given (client, server) host pair. Call this monotonic space M, and let each initial SYN segment carry an M value SEG.M. If M is not the existing sequence (SEG.SEQ) field, SEG.M may be carried in a TCP option. When host B receives from host A an initial SYN segment containing a new value SEG.M, host B compares this against cache.M[A], the latest M value that B has cached for host A. This comparison is the "TAO test". Because the M values are monotonically increasing, SEG.M > cache.M[A] implies that the SYN must be new and can be accepted immediately. If not, a normal 3-way handshake is performed to validate the initial SYN segment. Figure 2 illustrates the TAO mechanism; cached M values are shown enclosed in square brackets. The M values generated by host A satisfy x0 < x1, and the M values generated by host B satisfy y0 < y1. An appropriate choice for the M value space is discussed in Section 5. M values are drawn from a finite number space, so inequalities must be defined in the usual way for sequence numbers [STD-007]. The M space must not wrap so quickly that an old duplicate SYN will be erroneously accepted. We assume that some maximum segment lifetime (MSL) is enforced by the IP layer. ____T_C_P__A_____ ____T_C_P__B_____ cache.M[B] cache.M[A] V V [ y0 ] [ x0 ] 1. --> <SYN,data1,M=x1> --> ( (x1 > x0) => data1 -> user_B; cache.M[A]= x1) [ y0 ] [ x1 ] 2. <-- <SYN,ACK(data1),data2,M=y1> <-- (data2 -> user_A, cache.M[B]= y1) [ y1 ] [ x1 ] ... (etc.) ... Figure 2. TAO: Three-Way Handshake is BypassedBraden [Page 7]
RFC 1379 Transaction TCP -- Concepts November 1992 Figure 2 shows the simplest case: each side has cached the latest M value of the other, and the SEG.M value in the client's SYN segment is greater than the value in the cache at the server host. As a result, B can accept the client A's request data1 immediately and pass it to the server application. B's reply data2 is shown piggybacked on the <SYN,ACK> segment. As a result of this 2-way exchange, the cached M values are updated at both sites; the client side becomes relevant only if the client/server roles reverse. Validation of the <SYN,ACK> segment at host A is discussed later. Figure 3 shows the TAO test failing but the consequent 3-way handshake succeeding. B updates its cache with the value x2 >= x1 when the initial SYN is known to be valid. _T_C_P__A _T_C_P__B cache.M[B] cache.M[A] V V [ y0 ] [ x0 ] 1. --> <SYN,data1,M=x1> --> ( (x1 <= x0) => data1 queued; 3-way handshake) [ y0 ] [ x0 ] 2. <-- <SYN,ACK(SYN),M=y1> <-- (cache.M[B]= y1) [ y1 ] [ x0 ] 3. --> <ACK(SYN),M=x2> --> (Handshake OK => data1->user_B, cache.M[A]= x2) [ y1 ] [ x2 ] ... (etc.) ... Figure 3. TAO Test Fails but 3-Way Handshake Succeeds. There are several possible causes for a TAO test failure on a legitimate new SYN segment (not an old duplicate). (1) There may be no cached M value for this particular client host. (2) The SYN may be the one of a set of nearly-simultaneous SYNs for different connections but from the same host, whichBraden [Page 8]
RFC 1379 Transaction TCP -- Concepts November 1992 arrived out of order. (3) The finite M space may have wrapped around between successive transactions from the same client. (4) The M values may advance too slowly for closely-spaced transactions. None of these TAO failures will cause a lockout, because the resulting 3-way handshake will succeed. Note that the first transaction between a given host pair will always require a 3-way handshake; subsequent transactions can take advantage of TAO. The per-host cache required by TAO is highly desirable for other reasons, e.g., to retain the measured round trip time and MTU for a given remote host. Furthermore, a host should already have a per-host routing cache [HR-COMM] that should be easily extensible for this purpose. Figure 4 illustrates a complete TCP transaction sequence using the TAO mechanism. Bypassing the 3-way handshake leads to new connection states; Figure 4 shows three of them, "SYN-SENT*", "CLOSE-WAIT*", and "LAST-ACK*". Explanation of these states is deferred to Section 6. TCP A (Client) TCP B (Server) _______________ ______________ CLOSED LISTEN 1. SYN-SENT* --> <SYN,data1,FIN,M=x1> --> CLOSE-WAIT* (TAO test OK=> data1->user_B) <-- <SYN,ACK(FIN),data2,FIN,M=y1> <-- LAST-ACK* 2. TIME-WAIT (data2->user_A) 3. TIME-WAIT --> <ACK(FIN),M=x2> --> CLOSED (timeout) CLOSED Figure 4: Minimal Transaction Sequence Using TAOBraden [Page 9]
RFC 1379 Transaction TCP -- Concepts November 1992 3.2 Cache Initialization The first connection between hosts A and B will find no cached state at one or both ends, so both M caches must be initialized. This requires that the first transaction carry a specially marked SEG.M value, which we call SEG.M.NEW. Receiving a SEG.M.NEW value in an initial SYN segment, B will cache this value and send its own M back to initialize A's cache. When a host crashes and restarts, all its cached M values cache.M[*] must be invalidated in order to force a re-synchronization of the caches at both ends. This cache synchronization procedure is illustrated in Figure 5, where client host A has crashed and restarted with its cache entries undefined, as indicated by "??". Since cache.TS[B] is undefined, A sends a SEG.M.NEW value instead of SEG.M in the <SYN> segment of its first transaction request to B. Receiving this SEG.M.NEW, the server host B invalidates cache.TS[A] and performs a 3-way handshake. SEG.M in segment #2 updates A's cache, and when the handshake completes successfully, B updates its cached M value to x2 >= x1. _T_C_P__A _T_C_P__B cache.M[B] cache.M[A] V V [ ?? ] [ x0 ] 1. --> <SYN,data1,M.NEW=x1> --> (invalidate cache; queue data1; [ ?? ] 3-way handshake) [ ?? ] 2. <-- <SYN,ACK(SYN),M=y1> <-- (cache.M[B]= y1) [ y1 ] [ ?? ] 3. --> <ACK(SYN),M=x2> --> data1->user_B, cache.M[A]= x2) [ y1 ] [ x2 ] ... (etc.) ... Figure 5. Client Host Crashed Suppose that the 3-way handshake failed, presumably becauseBraden [Page 10]
RFC 1379 Transaction TCP -- Concepts November 1992 segment #1 was an old duplicate. Then segment #3 from host A would be an RST segment, with the result that both side's caches would be left undefined. Figure 6 shows the procedure when the server crashes and restarts. Upon receiving a <SYN> segment from a host for which it has no cached M value, B initiates a 3-way handshake to validate the request and sends its own M value to A. Again the result is to update cached M values on both sides. _T_C_P__A _T_C_P__B cache.M[B] cache.M[A] V V [ y0 ] [ ?? ] 1. --> <SYN,data1,M=x1> --> (data1 queued; 3-way handshake) [ y0 ] [ ?? ] 2. <-- <SYN,ACK(SYN),M=y1> <-- (cache.M[B]= y1) [ y1 ] [ ?? ] 3. --> <ACK(SYN),M=x2> --> (data1->user_B, cache.M[A]= x2) [ y1 ] [ x2 ] ... (etc.) ... Figure 6. Server Host Crashed 3.3 Accepting <SYN,ACK> Segments Transactions introduce a new hazard of erroneously accepting an old duplicate <SYN,ACK> segment. To be acceptable, a <SYN,ACK> segment must arrive in SYN-SENT state, and its ACK field must⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -