Phone Lines icon GFI Support Home Start a conversation Sign in
Start a conversation
  1. KerioControl
  2. KerioControl - Security
  3. Articles

Effects of Disabling 3-Way Handshaking

Overview

A 3-way handshake might be the common reason for integration systems, such as hardware phones, monitor devices, to frequently drop the packets or lose the network connection, making users' web navigation impossible.

The TCP 3-way handshake in Transmission Control Protocol is the method for setting up a TCP/IP connection over an Internet Protocol-based network. TCP's 3-way handshaking technique is often referred to as SYN-SYN-ACK (or more accurately SYN, SYN-ACK, ACK) because there are 3 messages transmitted by TCP to negotiate and start a TCP session between two computers.

handshake-1.png

The TCP handshaking mechanism is designed so that two computers attempting to communicate can negotiate the parameters of the network TCP socket connection before transmitting data, such as SSH and HTTP web browser requests.

The 3-way handshake process is also designed so that both ends can initiate and negotiate separate TCP socket connections at the same time. Being able to negotiate multiple TCP socket connections in both directions at the same time allows a single physical network interface, such as Ethernet, to be multiplexed.

 

Information

The debug logs below show packets dropped due to a 3-way handshake not completed:

 

{pktdrop} packet dropped: 3-way handshake not completed (from DMZ, proto:TCP, len:465, x.x.x.x:443 -> 172.1.5.84:59928, flags:[ ACK PSH ], seq:2583892222 ack:4237640823, win:1022, tcplen:425)

{pktdrop} packet dropped: 3-way handshake not completed (from DMZ, proto:TCP, len:40, x.x.x.x:443 -> 172.1.5.84:59927, flags:[ RST ACK ], seq:1463469989 ack:2425530693, win:0, tcplen:0)

 

Impact 

When the network is not configured properly, the LAN segment switches could cause a data leak because the 3-way handshaking could not be completed. Users then experience slowness or are disconnected from the network.

By default, the 3-way handshake is enabled in Kerio Control. The debug logs show errors (if any) related to packet drops (for some reason) when this option is enabled.

After disabling the 3-way handshake setting, in terms of Kerio VPN, you will notice the following:

Please refer to the article Modifying Configuration Parameters in Kerio Control for the procedure on how to disable 3-way handshaking.

 

Choose files or drag and drop files
Was this article helpful?
Yes
No

  1. Priyanka Bhotika

  2. Posted
  3. Updated

Comments