CN1299485C - Method for setting waiting time for completely closing transmission control procotol connection - Google Patents
Method for setting waiting time for completely closing transmission control procotol connection Download PDFInfo
- Publication number
- CN1299485C CN1299485C CNB021212651A CN02121265A CN1299485C CN 1299485 C CN1299485 C CN 1299485C CN B021212651 A CNB021212651 A CN B021212651A CN 02121265 A CN02121265 A CN 02121265A CN 1299485 C CN1299485 C CN 1299485C
- Authority
- CN
- China
- Prior art keywords
- transmission control
- completely closing
- closing transmission
- client
- time
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
本发明提供了一种传输控制协议连接全关闭等待时间的设定方法,该方法为:首先,客户端发出关闭连接请求进行主动关闭;客户端收到服务器端的确认后,进入到全关闭等待状态;客户端启动定时器,提供传输控制协议连接全关闭等待时间变量的配置管理界面;然后,客户端通过所述配置管理界面确定需要进行传输控制协议连接全关闭等待时间的设置,并确定相应的全关闭等待时间值;最后,客户端完成关闭连接,并释放相应资源。本发明改变了现有定时器的值由宏控制,无法方便地进行更改所存在的缺点,从而可有效地避免攻击者在短时间内建立起大量的半连接来耗费系统的连接资源。
The invention provides a method for setting the waiting time for full closing of transmission control protocol connections. The method is as follows: firstly, the client sends a request to close the connection for active closing; after receiving the confirmation from the server, the client enters the full closing waiting state ; The client starts the timer and provides a configuration management interface for the variable of the waiting time for the transmission control protocol connection to be completely closed; then, the client determines the setting of the waiting time for the transmission control protocol connection to be completely closed through the configuration management interface, and determines the corresponding Full close waiting time value; finally, the client finishes closing the connection and releases the corresponding resources. The present invention changes the existing shortcoming that the value of the existing timer is controlled by a macro and cannot be changed conveniently, thereby effectively preventing an attacker from establishing a large number of semi-connections in a short time to consume system connection resources.
Description
技术领域technical field
本发明涉及网络通信技术领域,尤其涉及一种传输控制协议连接全关闭等待时间的设定方法。The invention relates to the technical field of network communication, in particular to a method for setting a transmission control protocol connection full-close waiting time.
背景技术Background technique
网络通信过程中,客户端通常是通过与服务器间建立TCP(传输控制协议)连接进行数据的传输;数据传输过程结束后,则需要将所建立的连接关闭,释放连接资源供其它连接使用。如图1所示,客户端关闭连接时,首先发出FIN(关闭连接请求)进行主动关闭,收到了服务器端的确认后,本端进入FIN_WAIT_2(全关闭等待)状态,等待服务器端的应用程序意识到它已收到一个文件结束符说明,并向本端发一个FIN来关闭另一个方向的连接,本端的的TCP连接便从FIN_WAIT_2状态迁移到TIME_WAIT(时间等待)状态,直至TCP连接全关闭。During the network communication process, the client usually transmits data by establishing a TCP (Transmission Control Protocol) connection with the server; after the data transmission process is completed, the established connection needs to be closed to release connection resources for other connections. As shown in Figure 1, when the client closes the connection, it first sends a FIN (connection close request) to actively close it. After receiving the confirmation from the server, the local end enters the FIN_WAIT_2 (full close wait) state, waiting for the server-side application to realize it. An end-of-file description has been received, and a FIN is sent to the local end to close the connection in the other direction, and the TCP connection of the local end will migrate from the FIN_WAIT_2 state to the TIME_WAIT (time waiting) state until the TCP connection is completely closed.
当本端发出FIN进行主动关闭后,可能一直没有收到服务器端的响应,这样本端便有可能持续保持FIN_WAIT_2状态,而对端也将长时间地处于CLOSE WAIT(关闭等待)状态,这种状态将一直保持到应用程序关闭该连接。系统中如果存在过多的处于这种状态的连接,必将浪费大量的连接资源,从而影响系统的传输性能。目前,为了避免这种情况的发生,针对TCP连接设置了FIN_WAIT_2定时器,如果本端的应用程序是执行主动关闭进行全关闭,则启动该定时器,第一次设置时间为10分钟,如果10分钟内没有收到对端关闭连接的消息,重置该定时器时间为75秒,如果75秒超时仍然没有收到对端关闭连接的消息,本端将自己完成关闭连接的操作,并释放相应资源。When the local end sends out FIN to actively close, it may not receive a response from the server, so the local end may continue to maintain the FIN_WAIT_2 state, and the peer end will also be in the CLOSE WAIT state for a long time. This state Will be maintained until the application closes the connection. If there are too many connections in this state in the system, a large amount of connection resources will be wasted, thereby affecting the transmission performance of the system. At present, in order to avoid this situation, the FIN_WAIT_2 timer is set for the TCP connection. If the application on the local end performs an active shutdown for full shutdown, start the timer. The first time is set to 10 minutes. If 10 minutes If there is no message that the peer closes the connection is received, reset the timer to 75 seconds. If the message that the peer closes the connection is not received after 75 seconds expires, the local end will complete the operation of closing the connection by itself and release the corresponding resources. .
由上述现有技术可以看出,FIN_WAIT_2定时器的第一次超时时间和第二次超时时间值均设置为固定时间值,用户无法根据实际需要对其进行调整。例如,有时为了防止攻击者在短时间内建立大量的这种半连接来耗费系统资源,需要令这种半连接在短时间内消失,而现有技术却无法满足该技术要求。It can be seen from the above prior art that the first time-out time and the second time-out time of the FIN_WAIT_2 timer are both set to fixed time values, which cannot be adjusted by the user according to actual needs. For example, sometimes in order to prevent an attacker from consuming system resources by establishing a large number of such semi-connections in a short period of time, it is necessary to make such semi-connections disappear in a short period of time, but the existing technology cannot meet this technical requirement.
发明内容Contents of the invention
本发明的目的是提供一种传输控制协议连接全关闭等待时间的设定方法,使用户可以根据需要通过命令行配置来设定TCP连接的全关闭等待时间,即FIN_WAIT_2定时器的值。The purpose of the present invention is to provide a method for setting the waiting time for full closing of transmission control protocol connections, so that users can set the full closing waiting time of TCP connections through command line configuration as required, that is, the value of the FIN_WAIT_2 timer.
本发明的目的是这样实现的:传输控制协议连接全关闭等待时间的设定方法包括:The purpose of the present invention is achieved in that the setting method of transmission control protocol connection full closing waiting time comprises:
a、客户端发出FIN(关闭连接请求)进行主动关闭;a. The client sends a FIN (close connection request) to actively close;
b、客户端收到服务器端的确认后,客户端进入到FIN_WAIT_2(全关闭等待)状态;b. After the client receives the confirmation from the server, the client enters the FIN_WAIT_2 (full close waiting) state;
c、客户端启动FIN_WAIT_2定时器,提供传输控制协议连接全关闭等待时间变量的配置管理界面;c. The client starts the FIN_WAIT_2 timer and provides a configuration management interface for the transmission control protocol connection full close waiting time variable;
d、客户端通过所述配置管理界面调用传输控制协议连接全关闭等待时间变量,并为该变量设定相应时间值,作为传输控制协议连接全关闭等待时间值;d. The client invokes the transmission control protocol connection full-close waiting time variable through the configuration management interface, and sets a corresponding time value for the variable as the transmission control protocol connection full-close waiting time value;
e、客户端完成关闭连接,并释放相应资源。e. The client closes the connection and releases the corresponding resources.
所述的步骤c还包括为传输控制协议连接全关闭等待时间变量设定初始化默认值。The step c further includes setting an initial default value for the waiting time variable of TCP connection full close.
所述的传输控制协议连接全关闭等待时间为两次超时时间之和,即第一次超时时间与第二次超时时间之和。所述的第二次超时时间值固定设置为75秒。The waiting time for all TCP connections to be closed is the sum of the two timeout times, that is, the sum of the first timeout time and the second timeout time. The second timeout time value is fixedly set to 75 seconds.
所述的传输控制协议连接全关闭等待时间变量的赋值范围为76-3600秒。The value assignment range of the TCP connection full close waiting time variable is 76-3600 seconds.
所述的步骤d包括:Described step d comprises:
d1、客户端确定需要进行传输控制协议连接全关闭等待时间的设置,并确定相应的全关闭等待时间值;d1. The client determines that it is necessary to set the waiting time for full closing of the transmission control protocol connection, and determines the corresponding waiting time value for full closing;
d2、客户端通过所述配置管理界面调用所述传输控制协议连接全关闭等待时间变量,并将确定的全关闭等待时间值赋给该变量,作为传输控制协议连接全关闭等待时间值。d2. The client invokes the TCP connection full-close waiting time variable through the configuration management interface, and assigns the determined full-close waiting time value to the variable as the TCP connection full-close waiting time value.
由上述技术方案可以看出,本发明将基于TCP连接的FIN_WAIT_2定时器的值(即传输控制协议连接全关闭等待时间值)采用变量控制,用户可以通过命令行进行变量的值的配置,从而达到配置FIN_WAIT_2定时器值的目的。本发明改变了现有定时器的值由宏控制,无法方便地进行更改所存在的缺点,可方便灵活地满足用户的某些特殊需求。而且,本发明中可以很方便地根据需要进行FIN WAIT 2定时器值的配置,从而可有效地避免攻击者在短时间内建立大量的半连接来耗费系统的连接资源。As can be seen from the above-mentioned technical scheme, the present invention adopts variable control based on the value of the FIN_WAIT_2 timer of the TCP connection (that is, the transmission control protocol connection full close waiting time value), and the user can configure the value of the variable through the command line, so as to achieve The purpose of configuring the FIN_WAIT_2 timer value. The invention changes the disadvantage that the value of the existing timer is controlled by a macro and cannot be easily changed, and can conveniently and flexibly meet some special needs of users. Moreover, in the present invention, the configuration of the FIN WAIT 2 timer value can be carried out very conveniently as required, thereby effectively avoiding the assailant from establishing a large number of semi-connections in a short time to consume the connection resources of the system.
附图说明Description of drawings
图1为TCP连接的建立和终止状态示意图:Figure 1 is a schematic diagram of the establishment and termination of a TCP connection:
图2为本发明的具体实施流程图。Fig. 2 is a flow chart of the specific implementation of the present invention.
具体实施方式Detailed ways
本发明所述的传输控制协议连接全关闭等待时间的设定方法的具体实施方式参见图2,叙述如下:Referring to Fig. 2 for the specific implementation of the setting method of the transmission control protocol connection full closing waiting time of the present invention, narrate as follows:
步骤1:将不再使用原来的宏来表示传输控制协议连接全关闭等待时间定时器的值,而改为用变量来表示,即建立传输控制协议连接全关闭等待时间变量,并为传输控制协议连接全关闭等待时间变量设定初始化默认值,如可设置基初始化默认值为10分钟,则传输控制协议连接进入全关闭等待状态时的等待时间为10分钟;Step 1: The original macro will no longer be used to represent the value of the TCP connection full close waiting time timer, but will be represented by a variable, that is, the TCP connection full close waiting time variable will be established, and the TCP The connection full close waiting time variable sets the initialization default value. If the base initialization default value can be set to 10 minutes, the waiting time when the transmission control protocol connection enters the full close waiting state is 10 minutes;
建立了传输控制协议连接全关闭等待时间变量后,便可以根据需要调用该变量,并为该变量设定相应时间值;After the transmission control protocol connection full close waiting time variable is established, the variable can be called as required, and the corresponding time value can be set for the variable;
传输控制协议连接全关闭等待时间为两次超时时间之和,即第一次超时时间与第二次超时时间之和;第二次超时时间值固定设置为75秒;传输控制协议连接全关闭等待时间变量的赋值范围为76-3600秒;即当用户配置为76秒,则说明定时器第一次超是时间为1秒;默认配置是675秒,即第一次超时时间为10分钟;The waiting time for all TCP connections to be closed is the sum of the two timeouts, that is, the sum of the first timeout and the second timeout; the second timeout is fixed at 75 seconds; The assignment range of the time variable is 76-3600 seconds; that is, when the user configures it as 76 seconds, it means that the first timeout of the timer is 1 second; the default configuration is 675 seconds, that is, the first timeout time is 10 minutes;
步骤2:确定需要进行传输控制协议连接全关闭等待时间的设置,并确定相应的全关闭等待时间值;Step 2: Determine the need to set the waiting time for full closing of the transmission control protocol connection, and determine the corresponding waiting time value for full closing;
步骤3:调用传输控制协议连接全关闭等待时间变量,并将确定的全关闭等待时间值赋给该变量,作为传输控制协议连接全关闭等待时间值;Step 3: calling the TCP connection full-close waiting time variable, and assigning the determined full-close waiting time value to the variable as the TCP connection full-close waiting time value;
即:通过配置管理平面提供给用户一条传输控制协议连接全关闭等待时间设置命令:tcp finwait-time time_value,其中“time_value”就是用户所配置的值,取值范围为76-3600秒;该命令可将变量的值改变为“time_value”值,这样,以后每次进入传输控制协议连接全关闭等待时间状态时,关闭连接的等待时间即为该“time_value”值。That is: through the configuration management plane, provide the user with a transmission control protocol connection full close waiting time setting command: tcp finwait-time time_value, where "time_value" is the value configured by the user, and the value range is 76-3600 seconds; this command can Change the value of the variable to the "time_value" value. In this way, each time the transmission control protocol connection is fully closed waiting time state is entered, the waiting time for closing the connection is the "time_value" value.
Claims (6)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB021212651A CN1299485C (en) | 2002-06-12 | 2002-06-12 | Method for setting waiting time for completely closing transmission control procotol connection |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB021212651A CN1299485C (en) | 2002-06-12 | 2002-06-12 | Method for setting waiting time for completely closing transmission control procotol connection |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1466346A CN1466346A (en) | 2004-01-07 |
| CN1299485C true CN1299485C (en) | 2007-02-07 |
Family
ID=34142154
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB021212651A Expired - Fee Related CN1299485C (en) | 2002-06-12 | 2002-06-12 | Method for setting waiting time for completely closing transmission control procotol connection |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1299485C (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101018233B (en) * | 2007-03-20 | 2011-08-24 | 杭州华三通信技术有限公司 | Session control method and control device |
| CN100499931C (en) * | 2007-04-30 | 2009-06-10 | 华为技术有限公司 | Method, system and access equipment for access terminal to request to enter semi-connection state |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPH05236044A (en) * | 1992-02-24 | 1993-09-10 | Nec Corp | Automatic level controller |
| JP2000261496A (en) * | 1999-03-04 | 2000-09-22 | Toshiba Corp | Wireless communication device |
| CN1303242A (en) * | 1998-05-26 | 2001-07-11 | 花王株式会社 | Fastener and absorbent article using the same |
-
2002
- 2002-06-12 CN CNB021212651A patent/CN1299485C/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JPH05236044A (en) * | 1992-02-24 | 1993-09-10 | Nec Corp | Automatic level controller |
| CN1303242A (en) * | 1998-05-26 | 2001-07-11 | 花王株式会社 | Fastener and absorbent article using the same |
| JP2000261496A (en) * | 1999-03-04 | 2000-09-22 | Toshiba Corp | Wireless communication device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1466346A (en) | 2004-01-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1658558A (en) | Systems and methods for maintaining network connections | |
| US20020103909A1 (en) | Methods, systems and computer program products for resuming SNA application-client communications after loss of an IP network connection | |
| CN103490945B (en) | Method for testing maximum telnet user number | |
| CN108882262B (en) | Device state synchronization method, system, intelligent terminal and readable storage medium | |
| WO2010006544A1 (en) | Configuring application method, device and system | |
| CA2790409A1 (en) | Method and apparatus for detecting active and orphan session-based connections | |
| CN1299485C (en) | Method for setting waiting time for completely closing transmission control procotol connection | |
| EP1859594A4 (en) | TFTP RATE CONTROL OF A SERVER | |
| WO2012079374A1 (en) | Method, device, and system for binding virtual serial port and physical serial port | |
| CN114710515B (en) | Communication method and related assembly | |
| CN112351089B (en) | Data transmission method, system and device between virtual machine and accelerator | |
| CN102546659B (en) | Durable TCP (transmission control protocol) connection method oriented to remote procedure call | |
| US7149224B1 (en) | Method of point-to-point protocol negotiation | |
| CN106357454A (en) | Log system control device and method | |
| CN114124702B (en) | A method for controlling automatic upgrade of home network equipment based on traffic statistics | |
| CN111343010B (en) | Method and equipment for configuring storage IP network port | |
| CN1663189A (en) | Method for creating new communication network through wireless terminal and terminal for realizing the method | |
| CN1553649A (en) | Implementation method of remote maintenance | |
| CN114138825B (en) | Server and method for providing data query service for application program | |
| CN1567884A (en) | Method for detecting and controlling user access by using Internet control protocol | |
| CN1092893C (en) | Method for connecting terminal equipment into remote computer network | |
| CN1281074C (en) | Method of automatic establishing multi-level cascade link pased on point to point | |
| CN1235373C (en) | Method of triggering re-consultation mechanism based on point-to-point communication protocol in asynchronous transfer mode | |
| CN1135808C (en) | Data transfer method | |
| WO2005114444A1 (en) | Network configuration management |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20070207 Termination date: 20150612 |
|
| EXPY | Termination of patent right or utility model |