|
A connection in the context of TCP is essentially the state related to the handshake. With UDP, you build a packet, slap an IP header on it, and send it out in the hopes that the other side receives it. With TCP, you can't just send data, you have to perform a three-way handshake first: send a packet with the SYN flag set, receive a SYN-ACK, and if you received a SYN-ACK send an ACK back. Stateful firewalls, for instance, track the connection state for Network Address Translation (NAT) or firewalling purposes. When a TCP connection is opened (SYN), the connection is considered 'new'. After the handshake is completed (SYN-ACK, ACK), the state changes to 'established'. The lifetime of the connection ends after a TCP packet with the RST or FIN flags set, and the state changes to 'closed'. Cool, related things to read up on: Linux conntrack, TCP reordering and retransmission, Stream Control Transmission Protocol (SCTP), Multi-Path TCP (MPTCP), Internet Control Message Protocol (ICMP, also known as "ping"). |
So is a connection really just the maintained state in both the sender and receiver machines. What is maintained in that state? The ACK flags and the IP of the other machine?