Zwlin's Blog

TCP Reset Segments


In general, a reset is sent by TCP whenever a segment arrives that does not appear to be correct for the referenced connection. the term referenced connection measn the connection specified by the 4-tuple in the TCP and IP headers of the reset. Resets ordinarily result in a fast teardown of a TCP connection.


For a reset segment to be accepted by a TCP, the ACK bit field must be set and the ACK Number field must be within the valid window. This helps to prevent a simple attack in which anyone able to generate a reset matching the appropriate connection (4-tuple) could disrupt a connection [RFC5961].



  1. Connection Request to Nonexistent Port (连接到不存在的端口)

    A common case for generating a reset segment is when a connection request arrives and no process is listening on the destination port.


  2. Aborting a Connection (终止一条连接)

    Aborting a connection provides two features to the application:

    (1) any queued data is thrown away and a reset segment is sent immediately.


    (2) the receiver of the reset can tell that the other end did an abort instead of a normal close. The API being used by the application must provide a way to generate the abort instead of a normal close.


  3. Half-Open Connections (半打开连接发送数据)

    A TCP connection is said to be half-open if one end has closed or aborted the connection without the knowledge of the other end.This can happen anytime one of the peers crashes. As long as there is no attempt to transfer data across a half-open connection, the end that is still up does not detect that the other end has crashed.



  4. TIME-WAIT Assassination (TWA) (暗杀)

    An RST segment can “assassinate” the TIME_WAIT state and force the connection to close prematurely. Various methods exist to resist this problem, including ignoring RST segments when in the TIME_WAIT state.

    TIME_WAIT Assassination




TCP/IP Illustrated, Volume 1 The Protocol - Kevin R. Fall

tcp rst产生的几种情况