Table of Contents
Some of the applications often leave a connection open long after data has been transmitted, although the connection is no longer required. This typically happens when a connection is not deliberately closed as part of the transmission and is terminated later when the connection times out. This is an inefficient way to close a TCP connection. Let’s get a deep dive on TCP FIN.
TCP FIN
TCP FIN packet is required to close a connection. During normal circumstances both sides are sending and receiving data simultaneously. Connection termination typically begins with one side signaling that it wants to close the connection to ensure that the connection is shutting down gracefully. TCP Connection termination is a 4-way handshake and not a 3-way handshake. To understand these requirements, it’s important to remember two TCP flags:
- FIN-ACK — Indicates acknowledgment of FIN packet.
- FIN — Indicates no more data will be transmitted from the sender.
When either side of a TCP data transmission is done, FIN signal is sent to close the connection. When one side receives a FIN, it must intimate to the application the other side is shutting down transmission. Application data transmission stops sending packets to the other side, while this side acknowledges FIN packet with an FIN-ACK. Even though a TCP connection is established with a three-way handshake (SYN, SYN-ACK, ACK), it can be terminated in various ways.
1) User initiates FIN to CLOSE the connection.
2) Remote TCP initiates by sending a FIN control signal.
3) Both users CLOSE simultaneously.
Related – TCP FIN VS RST Packets
Case 1: Local user initiates the close
In this case, a four-way handshake termination could begin, when one side transmits a FIN packet which the other side acknowledges with an ACK. No further data from the user will be accepted by the TCP and it enters the FIN-WAIT-1 state. FIN will be retransmitted until acknowledged. When the other Server has acknowledged the FIN and sent a FIN of its own, the client can ACK this FIN. Note that client receiving a FIN will ACK but not send its own FIN until its user has CLOSED the connection. After both FIN and ACK exchange has been concluded, the terminating side waits for a timeout before finally closing the connection.
Case 2: TCP receives a FIN from the network error
If an unsolicited FIN arrives from the network, the receiving side can ACK it and tell the user that the connection is closing. The user will respond with a CLOSE upon which the client can send a FIN to the server after sending any remaining data. The TCP then waits until its own FIN is acknowledged, from whereon it deletes the connection. If an ACK is not received after the user timeout, the connection is aborted. Half close connections are closed independently of each other. Each host closes its half-duplex connection independently of each other. This means closing of two unidirectional connections is unsynchronized.
In such a case, only one half duplex connection is closed. TCP connection is half-open if one end has aborted the session without the knowledge of the other end. This can happen any time when one of the two host crashes. When no attempt is made to transfer data across a half-open connection, one end that’s still up won’t detect that the other end has crashed.
Another common scenario of a half-open connection is when a client workstation is powered off. This happens when hosts are being used to run Telnet to server. If there is no data transfer going on between client-server and the user establish connection again after some time when workstation get power on, a new Telnet session initiated but previous connection is still active from server side but closed from client side. This way, many TCP half-open connections keep active on the server.
Related – TCP FLAGS
Case 3: Both users Close Simultaneously
A simultaneous CLOSE by client and server end connection causes FIN segments to be exchanged. When all segments preceding the FINs have been processed and acknowledged, each TCP can ACK the FIN has received. Both end terminate session upon receiving these ACKs to delete the connection.
Conclusion
The connection termination phase uses a 4-way handshake with each side of the connection terminating. When both end want to terminate the established session, they sends the FIN packet. Which was acknowledged by an ACK from both sides and the data transmission stops.
Related FAQs
Q.1 What is a TCP FIN packet?
A TCP FIN packet is used to terminate a TCP connection gracefully. It signals that one side of the connection has finished sending data and wishes to close the connection.
Q.2 How does the TCP connection termination process work?
The process typically involves four steps:
- The sender sends a FIN packet to indicate it has finished sending data.
- The receiver acknowledges the FIN packet with an ACK packet.
- The receiver sends its own FIN packet once it has finished sending its data.
- The original sender acknowledges the receiver’s FIN packet with an ACK packet.
Q.3 What is the difference between a FIN packet and an RST packet?
FIN packet: Used for a graceful termination of a connection, allowing any remaining data to be sent and acknowledged.
RST packet: Used to immediately terminate a connection, often in response to an error or unexpected condition, without waiting for any remaining data.
Q.4 Can data be sent after a FIN packet is sent?
Once a FIN packet is sent, the sender can no longer send any additional data on that connection. However, the receiver can still send data until it sends its own FIN packet.
Q.5 What happens if a FIN packet is lost in transit?
If a FIN packet is lost, the TCP retransmission mechanism will resend the FIN packet until it is acknowledged by the receiver, ensuring the connection is properly terminated.
Q.6 How does a FIN packet differ from a normal TCP data packet?
A FIN packet is similar to a regular TCP data packet but includes the FIN flag set in the TCP header. It may or may not carry data; its primary function is to signal the end of data transmission.
Q.7 What is the TCP FIN-WAIT-1 state?
When a TCP endpoint sends a FIN packet, it enters the FIN-WAIT-1 state, indicating it is waiting for the corresponding ACK for the FIN it sent or a simultaneous FIN from the other side.
Q.8 What is the TIME-WAIT state in TCP?
After a connection is closed, the endpoint that sent the final ACK enters the TIME-WAIT state. This state ensures that any delayed packets on the network are properly handled before the connection resources are released. It typically lasts for twice the maximum segment lifetime (2MSL).
Q.9 Can a TCP connection be closed without using a FIN packet?
Yes, a TCP connection can be closed using an RST packet, which immediately terminates the connection. This is often used in error conditions or when a connection reset is required.
Q.10 What is a half-close in TCP?
A half-close occurs when one side of the TCP connection sends a FIN packet, indicating it has finished sending data, but the other side continues to send data. This allows for a one-directional data transfer until the second FIN packet is sent.
Continue Reading:
TCP – Transport Control Protocol
ABOUT THE AUTHOR
I am here to share my knowledge and experience in the field of networking with the goal being – “The more you share, the more you learn.”
I am a biotechnologist by qualification and a Network Enthusiast by interest. I developed interest in networking being in the company of a passionate Network Professional, my husband.
I am a strong believer of the fact that “learning is a constant process of discovering yourself.”
– Rashmi Bhardwaj (Author/Editor)