tags:

views:

58

answers:

3
+3  Q: 

Windows TCP Handshake Problem

I am trying to create a TCP connection from an embedded controller to a Windows Vista server. I am writing the Windows server part of the application.

When the controller attempts to connect, it can take many attempts to establish the connection. I have used Wireshark to debug the problem and it appears that the Windows TCP stack is not following the correct handshake protocol.

Wireshark dump:

"No","Time","Source","Destination","Protocol","Info"

Try1:

"39","9.025322","10.0.0.252","10.0.0.92","TCP","49153 > xinuexpansion4 [SYN] Seq=0 Win=127 Len=0"

"40","9.025377","10.0.0.92","10.0.0.252","TCP","xinuexpansion4 > 49153 [ACK] Seq=1 Ack=1 Win=2048 Len=0"

"47","10.031750","10.0.0.252","10.0.0.92","TCP","49153 > xinuexpansion4 [RST] Seq=0 Win=127 Len=0"

Try 2:

"55","12.193941","10.0.0.252","10.0.0.92","TCP","49154 > xinuexpansion4 [SYN] Seq=0 Win=127 Len=0"

"56","12.194045","10.0.0.92","10.0.0.252","TCP","xinuexpansion4 > 49154 [ACK] Seq=1 Ack=1 Win=2048 Len=0"

"57","13.200431","10.0.0.252","10.0.0.92","TCP","49154 > xinuexpansion4 [RST] Seq=0 Win=127 Len=0"

Try 3:

"67","18.529871","10.0.0.252","10.0.0.92","TCP","49156 > xinuexpansion4 [SYN] Seq=0 Win=127 Len=0"

"68","18.529957","10.0.0.92","10.0.0.252","TCP","xinuexpansion4 > 49156 [SYN, ACK] Seq=0 Ack=1 Win=8192 Len=0 MSS=1460"

"69","18.536318","10.0.0.252","10.0.0.92","TCP","49156 > xinuexpansion4 [ACK] Seq=1 Ack=1 Win=127 Len=0"

10.0.0.252 is the controller initiating the connection, 10.0.0.92 is the Windows PC.

As I understand it, the correct sequence is SYN, SYN+ACK, SYN. What I get most of the time is SYN, ACK, RST (i.e. Windows is responding with ACK rather than SYN+ACK). In the above dump it shows 3 connection attempts, the 3rd one works.

Is there anything I can do to 'fix' Windows so that it responds correctly ?

EDIT - 2 packet captures

http://tinyurl.com/33bvyxk shows the embedded controller taking 4 attempts to connect.

http://tinyurl.com/2cd6klr shows the windows client connecting and disconnecting twice without problem.

A: 

while the handshake is failing, this does follow the protocol. RST is allowed to reset the connection as part of the protocol. The question is, why is the reset ocurring? Is there a system between the two machines, whcih is sending the reset? If you run botht he server and the client on the same system, do you still get the reset (this would suggest a bug in your code)? if you run the server on a different OS, in the same network jack as the Windows server, do you see the RST?

atk  2010-10-27 13:01:25
There is nothing between the client and server apart from an unmanaged switch. The client is an embedded processor (a propeller chip) so cannot run under Windows. RST is allowed, but is coming in response to an incorrect ACK that should be SYN+ACK, so its the server that is failing.
Paul Garner  2010-10-27 13:42:34
Running the server program under XP, the connection happens first time every time I have tried it.
Paul Garner  2010-10-27 13:47:32
The protocol allows for the server's SYN and ACK packets to be sent either separately or together, though most implementations will send both together. Are you writing your own TCP stack, or are you using the embedded processor's implementation? Can you run your client in an emulator? If it works in the emulator and not the hardware, that would indicate a bug in one of the two...
atk  2010-10-27 15:55:36
I am now totally confused. I wrote a simple client program in Windows to connect. Every time, the server prog responds SYN+ACK. I have also found a pattern with the embedded proc. Each time I reboot the client without re-starting the server, it takes 1 more attempt to connect (i.e. first reboot takes 2 attempts to connect, 2nd reboot takes 3 attempts etc). I am using a freely available TCP stack that I have the code for, but I have a feeling that there is some weird feature in Vista to determine how to respond to the first SYN packet that I can't find any info for.
Paul Garner  2010-10-28 14:48:31
It could also be something to do with the TCP stack that you're using on the embedded device - there may be something different between the first two SYNs and the third one. Can you add the full packet capture to your questions? Also, do you see this same behavior with the embedded device with other applications?
atk  2010-10-28 15:34:15
A: 

Have you tried connecting to your Vista server from a client running a full OS like Windows or Linux, using say telnet? On Linux at least you can specify a TCP port number to connect to on the command line, and see whether that can make a connection to your Vista server or not.

One possibility to check: Is the Vista server running some kind of firewall that prevents the connection from occurring?

andy_fingerhut  2010-10-29 07:18:57
There is no firewall. I have a very simple client program that connects first time every time. The logs show that for the Windows client the server responds with SYN+ACK. For the embedded client it can take several attempts to get the SYN+ACK.
Paul Garner  2010-10-29 09:33:42

related questions

Verifying files for testing
How do you create your own moniker (URL Protocol) on Windows systems?
Windows Equivalent of 'nice'
Is this a good way to determine OS Architecture?
Dual vs. Quadcore on a Webserver
Is there a WMI Redistributable Package?
PHP Error - Uploading a file
Ruby On Rails with Windows Vista - Best Setup?
OpenVPN Config file to prevent timeout
How can I create Debian install packages in Windows for a Visual Studio project?
How do I configure and communicate with a serial port?
What's the best setup for Mono development on Windows?
Appropriate pagefile size for SQL Server
XML Editing/Viewing Software
Linux shell equivalent on IIS
What is a better file copy alternative than the Windows default?
Windows Help files - what are the options?
Heap corruption under Win32; how to locate?
Best way to access Exchange using PHP?
Get a preview jpeg of a pdf on windows?
WinForms ComboBox data binding gotcha
How do you schedule tasks in Windows?
Register Windows program with the mailto protocol programmatically
Embedding Windows Media Player for all Browsers
Best Subversion clients for Windows Vista (64bit)