net 0.0.0.0
no auto-summary
On Router R3 open Telnet
R3(config)#line vty 0 16
R3(config-line)#password cisco
R3(config-line)#login
R3(config-line)#exit
R3(config)#enable secret cisco
R3(config)#do write
On Router R2 run these
R2(config)#ip tcp intercept list ?
<100-199> Extended access list number for intercept
WORD Access list name for intercept
R2(config)#ip tcp intercept list 100
R2(config)#access-list 100 permit tcp any host 10.1.12.3
R2(config)#ip tcp intercept watch-timeout ?
<1-2147483> Timeout in seconds
R2(config)#ip tcp intercept watch-timeout 20
R2(config)#ip tcp intercept mode watch
When R1 telnet to R3
R1#telnet 10.1.12.3
Trying 10.1.12.3 ... Open
User Access Verification
Password:
R3>enable
Password:
R3#
R2#debug ip tcp intercept
TCP intercept debugging is on
Output show from R2 when debuging tcp intercept on R2 during R1 telnet to R3
R2#
*Mar 1 00:22:31.507: INTERCEPT: new connection (10.1.11.1:27646 SYN -> 10.1.12.3:23)
*Mar 1 00:22:31.563: INTERCEPT: (10.1.11.1:27646 <- ACK+SYN 10.1.12.3:23)
*Mar 1 00:22:31.583: INTERCEPT: (10.1.11.1:27646 ACK -> 10.1.12.3:23)
How does TCP Connection terminate the session ?
A TCP connection is normally terminating using a special procedure where each side independently closes its end of the link
The device sends a FIN message to tell the other device that it wants to end the connection,which is acknowledged.
When the responding device is ready, it too sends a FIN that is acknowledged; after waiting a period of time for the ACK to be received, the session is closed.
All Router run EIGRP 100
net 0.0.0.0
no auto-summary
On Router R3 open Telnet
R3(config)#line vty 0 16
R3(config-line)#password cisco
R3(config-line)#login
R3(config-line)#exit
R3(config)#enable secret cisco
R3(config)#do write
R1#debug ip tcp transactions
R1#telnet 10.1.12.3
Trying 10.1.12.3 ... Open
User Access Verification
Password:
[Connection to 10.1.12.3 closed by foreign host]
R1#
*Mar 1 00:22:01.603: TCP0: FIN processed
*Mar 1 00:22:01.603: TCP0: state was ESTAB -> CLOSEWAIT [42759 -> 10.1.12.3(23)]
*Mar 1 00:22:01.615: TCP0: state was CLOSEWAIT -> LASTACK [42759 -> 10.1.12.3(23)]
*Mar 1 00:22:01.619: TCP0: sending FIN
*Mar 1 00:22:01.763: TCP0: Got ACK for our FIN
*Mar 1 00:22:01.767: TCP0: state was LASTACK -> CLOSED [42759 -> 10.1.12.3(23)]
*Mar 1 00:22:01.767: Released port 42759 in Transport Port Agent for TCP IP type 1 delay 240000
*Mar 1 00:22:01.771: TCB 0x63D8A9E4 destroyed
R3#debug ip tcp transactions
R3#
*Mar 1 00:21:58.935: TCP130: state was ESTAB -> FINWAIT1 [23 -> 10.1.11.1(42759)]
*Mar 1 00:21:58.939: TCP130: sending FIN
*Mar 1 00:21:59.019: TCP130: state was FINWAIT1 -> FINWAIT2 [23 -> 10.1.11.1(42759)]
*Mar 1 00:21:59.027: TCP130: FIN processed
*Mar 1 00:21:59.027: TCP130: state was FINWAIT2 -> TIMEWAIT [23 -> 10.1.11.1(42759)]
R3#
*Mar 1 00:22:59.031: TCP130: state was TIMEWAIT -> CLOSED [23 -> 10.1.11.1(42759)]
*Mar 1 00:22:59.031: TCB 0x63D8B05C destroyed
Fig: TCP Connection Ternination Procedure
No comments:
Post a Comment