What do TCP Flags mean

Discussion in 'Windows Networking' started by Rich, Mar 10, 2009.

  1. Rich

    Rich Guest

    Hello Everyone,

    We're trying to troublshooot message delivery probems within our BizTalk
    2006 R2 environment. we are able to duplicate the problem in our QA
    environment. We are getting a lot of the following errors:

    Event Type: Warning
    Event Source: BizTalk Server 2006
    Event Category: (1)
    Event ID: 5743
    Date: 2/10/2009
    Time: 1:36:35 PM
    User: N/A
    Computer: ECCAS774
    Description:
    The adapter failed to transmit message going to send port
    "WWWWW.XXXXX.YYYYY.prod" with URL
    "http://111.222.333.444:996/QQQQQQQ/BTSHTTPReceive.dll". It will be
    retransmitted after the retry interval specified for this Send Port.
    Details:"Unable to read data from the transport connection: The connection
    was closed.".

    We took a network capture and have tons of packets with bad checksums. Not
    sure what this means yet, but network team is looking into it.

    We want to know what server is triggering the closing of the connection.

    2 questions:

    1. What do the following TCP flags mean:
    ACK FIN SYN PSH Reset

    2. What would the flags be within the packet that signals a connection to
    be closed?



    TIA,
    Rich
     
    Rich, Mar 10, 2009
    #1
    1. Advertisements

  2. Rich

    Alister Guest

    There are six ‘control bits’ defined in TCP, one or more of which is
    defined in each packet. The control bits are ‘SYN’, ‘ACK’, ‘PSH’,
    ‘URG’, ‘RST’, and ‘FIN’. TCP uses these bits to define the purpose and
    contents of a packet.

    SYN bit is used in establishing a TCP connection to synchronize the
    sequence numbers between both endpoints.

    ACK bit is used to acknowledge the remote host’s sequence numbers,
    declaring that the information in the acknowledgment field is valid.

    PSH flag is set on the sending side, and tells the TCP stack to flush
    all buffers and send any outstanding data up to and including the data
    that had the PSH flag set. When the receiving TCP sees the PSH flag,
    it too must flush its buffers and pass the information up to the
    application.

    URG bit indicates that the urgent pointer field has a valid pointer to
    data that should be treated urgently and be transmitted before non-
    urgent data.

    Reset or RST is used to reset the connection. If a station involved in
    a TCP session notices that it is not receiving acknowledgements for
    anything it sends, the connection is now unsynchronized, and the
    station should send a reset. This is a half-open connection where only
    one side is involved in the TCP session. This cannot work by
    definition of the protocol.

    FIN bit is used to indicate that the client will send no more data
    (but will continue to listen for data).

    HTH

    Alister
     
    Alister, Mar 10, 2009
    #2
    1. Advertisements

  3. Rich

    Alister Guest

    Sorry, forgot to answer 2/

    In your particular case I would think you would see RST as the flag
    which closes the connection, as you seem to be getting one way
    traffic.

    Alister
     
    Alister, Mar 10, 2009
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.