TCP IP Illustrated

252129 restricting local ip address we can see what

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: he ESTABLISHED state cannot receive SYN segments, and the end point in the LISTEN state cannot receive data segments. Next we initiate a third Telnet client, from the host solaris that is across the SLIP link from sun, and not on its Ethernet. Proto tcp tcp tcp tcp RecvQ 0 0 0 0 SendQ 0 0 0 0 Local Address Foreign Address (state) 140.252.1.29.23 140.252.1.32.34603 ESTABLISHED 140.252.13.33.23 140.252.13.65.1030 ESTABLISHED 140.252.13.33.23 140.252.13.65.1029 ESTABLISHED *.23 LISTEN *.* The local IP address of the first ESTABLISHED connection now corresponds to the interface address of SLIP link on the multihomed host sun (140.252.1.29). Restricting Local IP Address We can see what happens when the server does not wildcard its local IP address, setting it to one particular local interface address instead. If we specify an IP address (or host-name) to our sock program when we invoke it as a server, that IP address becomes the local IP address of the listening end point. For example sun % sock -s 140.252.1.29 8888 restricts this server to connections arriving on the SLIP interface (140.252.1.29). The netstat output reflects this: Proto tcp Recv- SendForeign Address Local Address Q Q 140.252.1.29.8888 *.* 0 0 (state) LISTEN file:///D|/Documents%20and%20Settings/bigini/Docu...homenet2run/tcpip/tcp-ip-illustrated/tcp_conn.htm (29 of 37) [12/09/2001 14.47.16] Chapter 18. TCP Connection Establishment and Termination If we connect to this server across the SLIP link, from the host solaris, it works. Proto tcp tcp Recv- SendForeign Address Local Address (state) Q Q 140.252.1.29.8888 140.252.1.32.34614 ESTABLISHED 0 0 140.252.1.29.8888 *.* LISTEN 0 0 But if we try to connect to this server from a host on the Ethernet (140.252.13), the connection request is not accepted by the TCP module. If we watch it with tcpdump the SYN is responded to with an RST, as we show in Figure 18.21. 1 0.0 2 0.000859 (0.0009) bsdi.l026 > sun.8888: S 3657920001:3657920001(0) win 4096 <mss 1024> sun.8888 > bsdi.l026: R 0:0(0) ack 3657920002 win 0 Figure 18.21 Rejection of a connection request based on lo...
View Full Document

Ask a homework question - tutors are online