cloud‎ > ‎

TCP Connection Termination

posted Jun 23, 2010, 6:04 PM by Kuwon Kang   [ updated Jun 23, 2010, 6:22 PM ]

TCP Connection Termination 
(Page 1 of 4)

As the saying goes, “all good things must come to an end”… and so it is with TCP connections. The link between a pair of devices can remain open for a considerable period of time, assuming that a problem doesn't force the connection to be aborted. Eventually, however, one or both of the processes in the connection will run out of data to send and will shut down the TCP session, or will be instructed by the user to do so.

Requirements and Issues In Connection Termination

Just as TCP follows an ordered sequence of operations to establish a connection, it includes a specific procedure for terminating a connection. As with connection establishment, each of the devices moves from one state to the next to terminate the connection. This process is more complicated than one might imagine it needs to be. In fact, an examination of the TCP finite state machine shows that there are more distinct states involved in shutting down a connection than in setting one up.

The reason that connection termination is complex is that during normal operation, both of the devices are sending and receiving data simultaneously. Usually, connection termination begins with the process on just one device indicating to TCP that it wants to close the connection. The matching process on the other device may not be aware that its peer wants to end the connection at all. Several steps are required to ensure that the connection is shut down gracefully by both devices, and that no data is lost in the process.

Ultimately, shut down of a TCP connection requires that the application processes on both ends of the connection recognize that “the end is nigh” for the connection and stop sending data. For this reason, connection termination is implemented so that each device terminates its end of the connection separately. The act of closing the connection by one device means that device will no longer send data, but can continue to receive it until the other device has decided to stop sending. This allows all data that is pending to be sent by both sides of the communication to be flushed before the connection is ended.


TCP Connection Termination
 
(Page 2 of 4)

Normal Connection Termination

In the normal case, each side terminates its end of the connection by sending a special message with the FIN (finish) bit set. This message, sometimes called a FIN, serves as a connection termination request to the other device, while also possibly carrying data like a regular segment. The device receiving the FIN responds with an acknowledgment to the FIN to indicate that it was received. The connection as a whole is not considered terminated until both sides have finished the shut down procedure by sending a FIN and receiving an ACK.

Thus, termination isn't a three-way handshake like establishment: it is a pair of two-way handshakes. The states that the two devices in the connection move through during a normal connection shutdown are different because the device initiating the shutdown must behave differently than the one that receives the termination request. In particular, the TCP on the device receiving the initial termination request must inform its application process and wait for a signal that the process is ready to proceed. The initiating device doesn't need to do this, since the application is what started the ball rolling in the first place.

Key Concept: A TCP connection is normally terminating using a special procedure where each side independently closes its end of the link. It normally begins with one of the application processes signalling to its TCP layer that the session is no longer needed. That device sends a FIN message to tell the other device that it wants to end the connection, which is acknowledged. When the responding device is ready, it too sends a FINthat is acknowledged; after waiting a period of time for the ACK to be received, the session is closed.


Table 154 describes in detail how the connection termination process works; the progression of states and messages exchanged can also be seen in Figure 214. The table is adapted from Table 151, describing the TCP finite state machine, but shows what happens for both the server and the client over time during connection shutdown. Either device can initiate connection termination; in this example I am assuming the client does it. Each row shows the state each device begins in, what action it takes in that state and what state to which it transitions. I have also shown the send and receive stages of both of the steps for each of the client and server’s close operations.


Table 154: TCP Connection Termination Procedure

Client

Server

Start State

Action

Transitions To State

Start State

Action

Transitions To State

ESTABLISHED

Client Close Step #1 Transmit: The application using TCP signals that the connection is no longer needed. The client TCP sends a segment with theFIN bit set to request that the connection be closed.

FIN-WAIT-1

ESTABLISHED

At this stage the server is still in normal operating mode.

FIN-WAIT-1

The client, having sent aFIN, is waiting for it to both be acknowledged and for the serve to send its ownFIN. In this state the client can still receive data from the server but will no longer accept data from its local application to be sent to the server.

ESTABLISHED

Client Close Step #1 Receive and Step #2 Transmit: The server receives the client's FIN. It sends an ACKto acknowledge the FIN. The server must wait for the application using it to be told the other end is closing, so the application here can finish what it is doing.

CLOSE-WAIT

FIN-WAIT-1

Client Close Step #2 Receive: The client receives the ACK for itsFIN. It must now wait for the server to close.

FIN-WAIT-2

CLOSE-WAIT

The server waits for the application process on its end to signal that it is ready to close.

FIN-WAIT-2

The client is waiting for the server's FIN.

CLOSE-WAIT

Server Close Step #1 Transmit: The server's TCP receives notice from the local application that it is done. The server sends itsFIN to the client.

LAST-ACK

FIN-WAIT-2

Server Close Step #1 Receive and Step #2 Transmit: The client receives the server's FINand sends back an ACK.

TIME-WAIT

LAST-ACK

The server is waiting for anACK for the FINit sent.

TIME-WAIT

The client waits for a period of time equal to double the maximum segment life (MSL) time, to ensure theACK it sent was received.

LAST-ACK

Server Close Step #2 Receive: The server receives the ACK to itsFIN and closes the connection.

CLOSED

TIME-WAIT

The timer expires after double the MSL time.

CLOSED

CLOSED

The connection is closed on the server's end.

 

CLOSED

The connection is closed.

 

CLOSED

The connection is closed.

 

Figure 214: TCP Connection Termination Procedure

This diagram shows the conventional termination procedure for a TCP session, with one device initiating termination and the other responding. In this case the client initiates; it sends a FIN which is acknowledged by the server. The server waits for the server process to be ready to close and then sends its FIN, which is acknowledged by the client. The client waits for a period of time to ensure that its ACK is received, before proceeding to the CLOSED state.


TCP Connection Termination 
(Page 3 of 4) 

The TIME-WAIT State

The device receiving the initial FIN may have to wait a fairly long time (in networking terms) in the CLOSE-WAITstate for the application it is serving to indicate that it is ready to shut down. TCP cannot make any assumptions about how long this will take. During this period of time, the server in our example above may continue sending data, and the client will receive it. However, the client will not send data to the server.

Eventually, the second device (the server in our example) will send a FIN to close its end of the connection. The device that originally initiated the close (the client above) will send an ACK for this FIN. However, the client cannot immediately go to the CLOSED state right after sending that ACK. The reason is that it must allow time for the ACKto travel to the server. Normally this will be quick, but delays might result in it being slowed down somewhat.

The TIME-WAIT state is required for two main reasons. The first is to provide enough time to ensure that the ACKis received by the other device, and to retransmit it if it is lost. The second is to provide a “buffering period” between the end of this connection and any subsequent ones. If not for this period, it is possible that packets from different connections could be mixed, creating confusion.

The standard specifies that the client should wait double a particular length of time called the maximum segment lifetime (MSL) before finishing the close of the connection. The TCP standard defines MSL as being a value of 120 seconds (2 minutes). In modern networks this is an eternity, so TCP allows implementations to choose a lower value if it is believed that will lead to better operation.


TCP Connection Termination 
(Page 4 of 4)

Simultaneous Connection Termination

Just as it is possible for the normal connection establishment process to be changed if two devices decide to actively OPEN a connection to each other, it is also possible for two devices to try to terminate a connection simultaneously. This term “simultaneously” doesn't mean that they both decide to shut down at exactly the same time—variances in network delays mean nothing can be simultaneous on an internetwork anyway. It simply means that, in the example above, the client decides to shut down and sends a FIN, but the server sends its own FIN before the client's FIN shows up at the server. In that case, a different procedure is followed, as described in Table 155 andFigure 215.

As you can see, the process is much more symmetric in this case, with both devices transitioning through the same states. In either case the end result is the same, with the connection in the CLOSED state—meaning no connection. Each TCP will make sure all outstanding data is sent to the application, sometimes referred to as an implied “push” (see the description of the “push” function for an explanation of this term). The transmission control blocks (TCBs) established for the connection in both devices are destroyed when the connection is closed down.


Table 155: TCP Simultaneous Connection Termination Procedure

Client

 

 

Server

 

 

Start State

Action

Transitions To State

Start State

Action

Transitions To State

ESTABLISHED

Client Close Step #1 Transmit: The application using TCP signals that the connection is no longer needed. The TCP on the client sends the next segment with the FIN bit set, indicating a request to close the connection.

FIN-WAIT-1

ESTABLISHED

Server Close Step #1 Transmit:Before the server can receive the FINsent by the client, the application on the server also signals a close. The server also sends a FIN.

FIN-WAIT-1

FIN-WAIT-1

Server Close Step #1 Receive and Step #2 Transmit: The client has sent a FIN and is waiting for it to be acknowledged. Instead, it receives the FINsent by the server. It acknowledges the server's close request with an ACKand continues to wait for its own ACK.

CLOSING

FIN-WAIT-1

Client Close Step #1 Receive and Step #2 Transmit: The server has sent a FIN and is waiting for it to be acknowledged. Instead, it receives theFIN sent by the client. It acknowledges the client's close request with an ACKand continues to wait for its own ACK.

CLOSING

CLOSING

Client Close Step #2 Receive: The client receives the ACK for its FIN.

TIME-WAIT

CLOSING

Server Close Step #2 Receive: The server receives the ACK for itsFIN.

TIME-WAIT

TIME-WAIT

The client waits for a period of time equal to double the maximum segment life (MSL) time. This gives enough time to ensure theACK it sent to the server was received.

TIME-WAIT

The server waits for a period of time equal to double the maximum segment life (MSL) time. This gives enough time to ensure the ACKit sent to the client was received.

TIME-WAIT

The timer expires after double the MSL time.

CLOSED

TIME-WAIT

The timer expires after double the MSL time.

CLOSED

CLOSED

The connection is closed.

CLOSED

The connection is closed.



Figure 215: TCP Simultaneous Connection Termination Procedure

Under certain circumstances both devices may decide to terminate a connection simultaneously, or nearly simultaneously. In this case each sends a FIN and before getting an ACK for it, receives the other device’s FIN. Each acknowledges the other’s FIN and waits for a period of time before closing the connection. Note the transition through the CLOSING state, which is only used as part of simultaneous termination.

Key Concept: Just as two devices can simultaneously open a TCP session, they can terminate it simultaneously as well. In this case a different state sequence is followed, with each device responding to the other’s FIN with an ACK, waiting for receipt of its own ACK, and pausing for a period of time to ensure that itsACK is received by the other device before ending the connection.



Comments