Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

How do I send a TCP RST?

Hi,

I am having a problem with a TCP session staying open on a server. The session is a FIX (Financial Infomation Exchange) session. Here is a synopsis of the problem.

We connect to a order routing service via BT Radianz, they NAT our internal private IP to a Radianz global 75.x.x.x, this connection is via Dublin.

I then simulate a service failure from Dublin and we now learn routes to the broker through our radianz connection in London, however we are NAT to a different global 76.x.x.x.

The FIX session stays active sending heartbeats but the firewall at the other end see's us coming from a diffrent global address. So the TCP packet has the ESTABLISHED flag send and the firewall rightly so rejects the connection.

The main problem is the nature of the FIX protocol. It may take up to 3 minutes to reset the connection.

I would like to reset the connection as it traverses the london router with the established flag set, i.e. the 3 way handsake has not taken place.

Is there any way to do this?

Any help well rated!

Gavin

1 REPLY

Re: How do I send a TCP RST?

Hi,

Some application/s can't handle RST which is triggered by remote host that initiates the connection to terminate it. This triggers ECONNRESET to the destination application. The application therefore waits for maximum timeout setting to expire to cleanup those ECONNRESET (in your case is 3 minutes). However, if the application received multiple RST within a 3 minute period, it "may" reach maximum number of thread and stops receiving new connections until some of it is cleared (the oldest).

This problem is usually a BUG of the application not able to handle RST. Check if there is a patch for the application. Applications should be able to handle all types of code for connection termination. i.e. ABRUPT which is RST and GRACEFUL which is FIN.

I have encountered a lot of this problem in different application (most recent is MQProxy). The root cause is usually a BUG in the application. Though remote connection/s which is terminated abruptly contributed to the problem (or exploited it), in the end its still need to fix at the application side. Think about how DDOS cause the services down.

Regards,

Dandy

282
Views
5
Helpful
1
Replies
CreatePlease to create content