AFAIK, after RST, the connection need not start all over again.
the RST might also be a reason if there are any malformed packets in
the tcp stream.
OR
there the sender has already closed the port on whcih the connection
was open some time back and hence the RST.
OR
the host has simply run out of resources.
i dont find a definite answer to your questions, but these might be
the possible reasons.
if you can attach the trace file, people can look at that and probably
analyze more.
Thanks,
Sadeep Nitta
On Mon, May 3, 2010 at 6:04 AM, Jeff Bruns <jeff.bruns@xxxxxxxxx> wrote:
> Greetings-
> This is more of a beginners TCP question than it is a wireshark question,
> but I haven't had much success finding the answer. I have a TCP transmission
> that appears to have been delivered successfully and in its entirety, but
> has an RST packet sent by the sender. There are no out of order packets,
> packet retransmissions or other indications of stream interruption.
>
> It was my understanding that the reset flag was a request by the sending
> party that the connection be reset and everything start over. That being the
> case, I would have expected to have some packet loss or other stream issues
> precipitate the RST flag. I also would have expected that immediately
> following the RST flag, a new connection would be established and the whole
> process repeated. There was no follow up connection or retransmission.
>
> I am close to understanding the purpose of the RST flag? Or am I way off?
>
> Thanks.
>
> ___________________________________________________________________________
> Sent via: Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
> Archives: http://www.wireshark.org/lists/wireshark-users
> Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
> mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe
>
