10.178.155.180 - F5
10.178.100.64 - server
Nr Time Source Destination Protocol flags Length vlan hsrc hdst sport dport Info
1 9.970000 10.178.155.180 10.178.100.64 TCP 0x02 100 777 F5Networ_45:c9:05 Rackspac_08:2d:3d 41588 80 41588 > http [SYN] Seq=0 Win...
1 9.970821 10.178.100.64 10.178.155.180 TCP 0x12 100 777 Rackspac_08:2d:3d F5Networ_45:c9:05 80 41588 http > 41588 [SYN, ACK] Seq=...
1 9.971842 10.178.155.180 10.178.100.64 TCP 0x10 92 777 F5Networ_45:c9:05 Rackspac_08:2d:3d 41588 80 41588 > http [ACK] Seq=1 Ack...
1 9.971921 10.178.155.180 10.178.100.64 HTTP 0x18 179 777 F5Networ_45:c9:05 Rackspac_08:2d:3d 41588 80 GET /status.aspx HTTP/1.1 ...
1 9.978979 10.178.100.64 10.178.155.180 HTTP 0x18 475 777 Rackspac_08:2d:3d F5Networ_45:c9:05 80 41588 HTTP/1.1 200 OK (text/html)...
1 9.979898 10.178.155.180 10.178.100.64 TCP 0x10 92 777 F5Networ_45:c9:05 Rackspac_08:2d:3d 41588 80 41588 > http [ACK] Seq=88 Ac...
1 9.980028 10.178.155.180 10.178.100.64 TCP 0x11 92 777 F5Networ_45:c9:05 Rackspac_08:2d:3d 41588 80 41588 > http [FIN, ACK] Seq=...
1 9.980315 10.178.100.64 10.178.155.180 TCP 0x11 92 777 Rackspac_08:2d:3d F5Networ_45:c9:05 80 41588 http > 41588 [FIN, ACK] Seq=...
1 9.980950 10.178.155.180 10.178.100.64 TCP 0x10 92 777 F5Networ_45:c9:05 Rackspac_08:2d:3d 41588 80 41588 > http [ACK] Seq=89 Ac...
The HTTP request and response:
GET /status.aspx HTTP/1.1 Host: www.dummy.com User-Agent: MyAgent :) HTTP/1.1 200 OK Cache-Control: private Content-Type: text/html; charset=utf-8 Server: Microsoft-IIS/7.5 Set-Cookie: ASP.NET_SessionId=tbc1vlvsjxjx01xs2frend5z; path=/; HttpOnly Date: Mon, 25 Mar 2013 09:59:33 GMT Content-Length: 9 Status OK
Problem
The 'Host' header is mandatory in HTTP 1.1. Is 'Connection: keep-alive|close' HTTP header mandatory in HTTP 1.1 as well?
Analisis and results description
An example request from the Chrome browser that specifically provide a value for the 'Connection' header:
GET / HTTP/1.1 Host: www.google.com Connection: keep-alive Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.22 (KHTML, like Gecko) Chrome/25.0.1364.172 Safari/537.22 Accept-Encoding: gzip,deflate,sdch HTTP/1.1 302 Found Date: Mon, 25 Mar 2013 10:15:23 GMT Server: gws Location: https://www.google.com/ Connection: Keep-Alive Content-Type: text/html; charset=UTF-8 Cache-Control: private Content-Length: 220
We can see that the client specify what should happen to the underlying TCP session. In this example the TCP session should remain active and idle for a while - until either the client or server decide to close it.
Although in our example we can see that the client (F5)
- didn't specify the 'Connection' header in the GET request
- the session was closed by the F5 (the client) after receiving the response
According to 8.1 Persistent Connections of the rfc 2616 the persistent connections are the default behaviour in HTTP 1.1. The field is not mandatory and either sides can close it. In our example the client decide to close the established tcp session after receiving the HTTP response.
References
Posts
No comments:
Post a Comment