O número de sequência dos cabeçalhos dos pacotes TCP é contornado?

16

Eu queria saber, uma vez que o número de seqüência em um campo de cabeçalho TCP é escolhido aleatoriamente durante o handshake e gradualmente incrementado conforme os pacotes são trocados, o que acontece após as transmissões 2 ^ 32 - initial_seq_no? O número de sequência se contorna e se torna 0 ou o valor inicial é reutilizado (ou é uma nova conexão inicializada de onde o anterior parou)?

    
por Sebi 02.09.2015 / 11:42

3 respostas

19

Ele gira em torno de 0. De acordo com RFC 793 :

It is essential to remember that the actual sequence number space is finite, though very large. This space ranges from 0 to 2**32 - 1. Since the space is finite, all arithmetic dealing with sequence numbers must be performed modulo 2**32. This unsigned arithmetic preserves the relationship of sequence numbers as they cycle from 2**32 - 1 to 0 again. There are some subtleties to computer modulo arithmetic, so great care should be taken in programming the comparison of such values. The symbol "=<" means "less than or equal" (modulo 2**32).

    
por 02.09.2015 / 12:15
17

O numero da sequência envolve e se torna 0?

Sim. Todos os detalhes podem ser encontrados na RFC 793 - Protocolo de Controle de Transmissão da Especificação TCP .

Números de sequência

It is essential to remember that the actual sequence number space is finite, though very large. This space ranges from 0 to 232 - 1.

Since the space is finite, all arithmetic dealing with sequence numbers must be performed modulo 232. This unsigned arithmetic preserves the relationship of sequence numbers as they cycle from 232 - 1 to 0 again.

There are some subtleties to computer modulo arithmetic, so great care should be taken in programming the comparison of such values. The symbol "=<" means "less than or equal" (modulo 232).

Fonte RFC 793 - Protocolo de Controle da Transmissão

    
por 02.09.2015 / 12:13
7

Sim, envolve. Você pode ler na Wikipedia ou em RFC1323 , que mostra como se proteger contra números de sequência agrupados.

Deixe-me citar:

TCP timestamps are used in an algorithm known as Protection Against Wrapped Sequence numbers, or PAWS (see RFC 1323 for details). PAWS is used when the receive window crosses the sequence number wraparound boundary. In the case where a packet was potentially retransmitted it answers the question: "Is this sequence number in the first 4 GB or the second?" And the timestamp is used to break the tie.

E:

PAWS uses the same TCP Timestamps option as the RTTM mechanism described earlier, and assumes that every received TCP segment (including data and ACK segments) contains a timestamp SEG.TSval whose values are monotone non-decreasing in time. The basic idea is that a segment can be discarded as an old duplicate if it is received with a timestamp SEG.TSval less than some timestamp recently received on this connection.

In both the PAWS and the RTTM mechanism, the "timestamps" are 32-bit unsigned integers in a modular 32-bit space. Thus, "less than" is defined the same way it is for TCP sequence numbers, and the same implementation techniques apply. If s and t are timestamp values, s < t if 0 < (t - s) < 2**31, computed in unsigned 32-bit arithmetic.

    
por 02.09.2015 / 12:20