TCP Reset with Invalid Sequence Number should not Trigger Connection Close

Feature Summary and Revision History

Summary Data

Applicable Product(s) or Functional Area

P-GW

Applicable Platform(s)

  • ASR5500

  • VPC-DI

Feature Default

Disabled - Configuration Required

Related Changes in This Release

Not Applicable

Related Documentation

P-GW Administration Guide

Revision History

Revision Details

Release

In this release, the TCP RST segment will be sequence number validated.

  • 21.25

  • 21.20.25

  • 21.15.60

Feature Changes

Previous Behavior: P-GW always accepted TCP RST Segments as valid and closed the TCP Data Connection Session on receiving a RST Segment.

New Behavior: If a TCP RST Segment is received and the TCP FSM is in SYN-RCVD state, the TCP RST Segment is sequence number validated. Refer to RFC793 for more information.

If the validation fails (an invalid TCP RST segment), the TCP RST segment is not processed at P-GW and the TCP Data Connection is not closed. The TCP RST segment is passed on seamlessly to the destination.

If the TCP RST Segment is valid, then the normal TCP Data Connection teardown continues.

The new TCP RST Segment validation is only done in TCP FSM SYN-RCVD state. For other TCP FSM states, the behaviour has not changed.

Impact on Customer: TCP Data connection is not closed for invalid TCP RST Segment in SYN-RCVD state and flow at PDN-GW continues to be active.