upvote

points

by smarks10 hours ago |
comments
upvoteby justin_2 hours ago|
next
[-]
> But what are the “awful effects” of sending FIN instead? Can someone explain?

The RFC explains.

The other side - the server - will be stuck on `send(sock_fd, more_bytes...)`. If it's the 90s and your FTP server is single-threaded, that means the server will appear completely stuck. This won't resolve for several minutes, or possibly forever if the server-side TCP stack is buggy or lacks timeouts.

The client's connection, even after the process is gone, will still be alive in the kernel. It will be in FIN-WAIT-2, waiting for the server to send its FIN. The remote sender will be stuck waiting for the zero-window state to pass, sending probes to figure out when the receive window opens (which will never happen). Things will be stuck in this state until one of the sides times out, which could be several minutes. Or if the implementations are buggy, it could be permanent.

From RFC 2525, 2.17

      Failure to reset the connection can lead to permanently hung
      connections, in which the remote endpoint takes no further action
      to tear down the connection because it is waiting on the local TCP
      to first take some action.  This is particularly the case if the
      local TCP also allows the advertised window to go to zero, and
      fails to tear down the connection when the remote TCP engages in
      "persist" probes (see example below).
https://datatracker.ietf.org/doc/html/rfc2525#page-50
reply
upvoteby smarks2 hours ago|
parent|
[-]
Thanks for your explanation; it’s very helpful.
reply
upvoteby jmalicki8 hours ago|
prev|
next
[-]
The difference between RST and FIN shows up in read() as an ECONNRESET vs end-of-file reading 0.

In some protocols, end-of-file has semantic meaning that all data has been transferred, and TCP is set up such that you should be able to rely on that - if you can't rely on that difference, it is a bug in a TCP stack along the way.

FIN also has a sequence number, so you can wait to ACK it until you get the corresponding data if it is dropped or out of order.

TCP RST says the other side won't be resending if not ACKed, it is reset. Further, the downloading client usually cannot even read any packets in the receive window either once an RST has been received - that might be hundreds of KB of missed data.

RST and FIN are very semantically meaningfully different.

Reading the post, if gunicorn is e.g. sending a 404 after seeing a POST to a path it doesn't know about before reading the body, the client will never get the 404 because gunicorn hasn't read the message body.

This case is partly why "Expect: 100-continue" exists, so it will be properly handled, even if it does introduce an extra round-trip lag in the POST.

It might be dangerous to have your protocol rely on a piece of TCP that is often incorrectly implemented.

reply
upvoteby buckle801710 hours ago|
prev|
next
[-]
Client sees a clean disconnect and I guess assumes thats the entire file?
reply
upvoteby amluto9 hours ago|
parent|
[-]
The client has been SIGKILLed, so it’s not assuming anything. I wonder whether the comment is a typo and they meant to kill -9 the server instead.
reply
upvoteby jmalicki8 hours ago|
parent|
next
[-]
Hypothetically if this was HTTP without a Content-length (like it used to be in the olden days), you could have a proxy server assume this is the entire file.
reply
upvoteby MrBuddyCasino9 hours ago|
parent|
prev|
[-]
Perhaps a permanently hung connection because timeout is zero (=disabled?)?
reply
upvoteby muststopmyths8 hours ago|
parent|
[-]
Seems plausible since FIN only means “I’m done sending” also called a “half close”.

FTP has different data and command connections so the server may not have an outstanding read to detect the data connection break.

But.. it should still clean up both when the command connection dies

reply
upvoteby 8 hours ago|
prev|
[-]
deleted
reply