tags:

views:

159

answers:

5

Is there any field/option/anything that I can put in a TCP packet (be it a syn or an ack or just plain data) that I can be sure will be returned by the other end intact?

For eg. I want to "tag" a particular connection (src, srcport, dst, dstport) with a number that I can always read from a packet belonging to that connection. That means I can identify the connection without using the 4-tuple (as given above).

+3  A: 

Yes: it is called a Client protocol encapsulated in the TCP server protocol.

In other words: define the Client protocol to meet your needs. Don't try to "shove" extra bits in the TCP overhead.


There are of course the 'options' overhead in TCP but I doubt you'll find an easy way to access these... and in any case, you shouldn't.

jldupont
A: 

No, there isn't any facility for what you describe.

Typically what you would do if you're writing a socket application with multiple connections to other systems, is keep track of the socket handle that belongs to each remote system. When receiving data, you are using the socket handle (in some form, don't know which OS or language you're using) so you can take appropriate action based on whichever socket handle that is.

I've never seen a server application that keeps track of connections based on the 4-tuple of address/ports. That seems like way too much work.

On rereading your question, it seems like you may be asking this from the point of view of the TCP driver level. What sort of software are you writing here?

Greg Hewgill
+1  A: 

You can have a lookup table in your application where you associate your tag with the socket.

stefanB
+1  A: 

You could possibly abuse the TCP Timestamp option for this. It does not seem like a great idea, though.

caf
bad bad bad idea.
jldupont
why is it a bad idea?
TripShock
Because it is a standard field and should only be manipulated in a standard way. There are a bunch of network elements between two end-points and even more so when the traffic crosses a place like the Internet. You never know when some DPI (Deep-Packet-Inspection) equipped machine will enforce the proper semantics for a field, even a low usage one.
jldupont
A: 

In UDP, destination IP and destination port number are used to demultiplex the packets, but in TCP destination IP, source IP, destination port number and source port numbers (4-tuple) all needed to distinguish between the connections why reasoning for this usage.

ert