When a TCP peer initiates a TCP connection termination and the connection termination completes, the TCP connection enters the TIME-WAIT state. Once the TIME-WAIT state is reached, TCP must wait twice the maximum segment lifetime (MSL) before a connection with the same set of socket addresses can be created. The set of socket addresses consist of the combination of the source and destination IP addresses and source and destination TCP ports. The MSL is the maximum amount of time a TCP segment can exist in an internetwork, and its recommended value is 120 seconds. This delay prevents a new connection’s TCP segments that are using the same set of socket addresses from being confused with duplicated TCP segments of the old connection.
The TCP port for a connection in the TIME-WAIT state is considered an available port and can be assigned for use by an application. This can lead to the following situation:
-
An application requests any available TCP port.
-
TCP/IP assigns a TCP port to use for the application socket.
-
The application attempts to open a socket with a specific destination IP address.
-
The application establishes a TCP connection and sends data.
-
The application terminates the TCP connection.
-
TCP/IP places the application's TCP connection in the TIME-WAIT state until twice the MSL has passed.
-
The same application requests another available TCP port.
-
TCP/IP assigns a TCP port to use for the application socket. Because the port for the connection in the TIME-WAIT state is considered open, it can be chosen as the next port to assign to the requesting application.
-
Assuming that TCP/IP assigns the same TCP port number, the application attempts to open a socket with the same destination IP address.
-
Because the connection is using the same set of socket addresses as the connection in the TIME-WAIT state, TCP/IP indicates an error to the application.
You can mitigate this situation by setting the TcpTimedWaitDelay registry entry at HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters (REG_DWORD type) to a lower value. The value of TcpTimedWaitDelay determines the length of time that a connection stays in the TIME-WAIT state. However, lowering the value of TcpTimedWaitDelay is contrary to the original design of TCP and the MSL.
To prevent an application from creating a connection with the same set of socket addresses of a connection that is in a TIME-WAIT state, TCP/IP in Windows Server 2003 Service Pack 1 has implemented a smart TCP port allocation algorithm. When an application requests any available TCP port, TCP/IP first attempts to find an available port that does not correspond to a connection in the TIME-WAIT state. If a port cannot be found, then it picks any available port.
This new behavior makes it much more unlikely that an application will be assigned a TCP port that is in the TIME-WAIT state when connecting to the same destination. You no longer need to modify the TcpTimedWaitDelay registry entry.
|
