发表新帖
发表新帖

What causes a TCP/IP reset (RST) flag to be sent?

后端 未结
关注
8 1596
谎友^
谎友^ 2020-11-27 10:47

I\'m trying to figure out why my app\'s TCP/IP connection keeps hiccuping every 10 minutes (exactly, within 1-2 seconds). I ran Wireshark and discovered that after 10 minut

相关标签:
8条回答
  • 余生分开走
    2020-11-27 11:24

    Some firewalls do that if a connection is idle for x number of minutes. Some ISPs set their routers to do that for various reasons as well.

    In this day and age, you'll need to gracefully handle (re-establish as needed) that condition.

    0 讨论(0)
  • 日久生厌
    2020-11-27 11:27

    I've just spent quite some time troubleshooting this very problem. None of the proposed solutions worked. Turned out that our sysadmin by mistake assigned the same static IP to two unrelated servers belonging to different groups, but sitting on the same network. The end results were intermittently dropped vnc connections, browser that had to be refreshed several times to fetch the web page, and other strange things.

    0 讨论(0)
  • 走了就别回头了
    2020-11-27 11:28

    Run a packet sniffer (e.g., Wireshark) also on the peer to see whether it's the peer who's sending the RST or someone in the middle.

    0 讨论(0)
  • 深忆病人
    2020-11-27 11:29

    One thing to be aware of is that many Linux netfilter firewalls are misconfigured.

    If you have something like:

    -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT

    -A FORWARD -p tcp -j REJECT --reject-with tcp-reset

    then packet reordering can result in the firewall considering the packets invalid and thus generating resets which will then break otherwise healthy connections.

    Reordering is particularly likely with a wireless network.

    This should instead be:

    -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT

    -A FORWARD -m state --state INVALID -j DROP

    -A FORWARD -p tcp -j REJECT --reject-with tcp-reset

    Basically anytime you have:

    ... -m state --state RELATED,ESTABLISHED -j ACCEPT

    it should immediately be followed by:

    ... -m state --state INVALID -j DROP

    It's better to drop a packet then to generate a potentially protocol disrupting tcp reset. Resets are better when they're provably the correct thing to send... since this eliminates timeouts. But if there's any chance they're invalid then they can cause this sort of pain.

    0 讨论(0)
  • 余生分开走
    2020-11-27 11:37

    This is because there is another process in the network sending RST to your TCP connection.

    Normally RST would be sent in the following case

    • A process close the socket when socket using SO_LINGER option is enabled
    • OS is doing the resource cleanup when your process exit without closing socket.

    In your case, it sounds like a process is connecting your connection(IP + port) and keeps sending RST after establish the connection.

    0 讨论(0)
  • 借酒劲吻你
    2020-11-27 11:38

    If there is a router doing NAT, especially a low end router with few resources, it will age the oldest TCP sessions first. To do this it sets the RST flag in the packet that effectively tells the receiving station to (very ungracefully) close the connection. this is done to save resources.

    0 讨论(0)
 看不清?
提交回复
热议问题