When Connection Establishment Fails: Syn Floods & Retransmission
In this lesson, we'll look at a couple of loopholes in TCP's implementation and how modern fixes took care of them.
Hosts Can Refuse Connection Requests
A host could refuse to open a TCP connection upon reception of a SYN segment. This refusal may be due to various reasons, for example:
- There may be no server process that’s listening on the destination port of the SYN segment.
- The server could always refuse connection establishments from a particular client (e.g., due to security reasons).
- The server may not have enough resources to accept a new TCP connection at that time.
There are other scenarios in which a connection may be refused but these are the common ones. If a process is listening on a port, but the connection is to be refused, the server sends a SYN segment with the following properties:
- Has its RST flag set
- Contains the sequence number of the received SYN segment as its acknowledgment number.
This is illustrated in the slides below. We will discuss the other utilizations of the TCP RST flag later in the TCP connection release lesson.
Create a free account to view this lesson.
By signing up, you agree to Educative's Terms of Service and Privacy Policy