PAWS uses the same TCP Timestamps option as the RTTM mechanism
described earlier, and assumes that every received TCP segment
(including data and ACK segments) contains a timestamp SEG.TSval
whose values are monotone non-decreasing in time. The basic idea
is that a segment can be discarded as an old duplicate if it is
received with a timestamp SEG.TSval less than some timestamp
recently received on this connection.
In both the PAWS and the RTTM mechanism, the "timestamps" are 32-
bit unsigned integers in a modular 32-bit space. Thus, "less
than" is defined the same way it is for TCP sequence numbers, and
the same implementation techniques apply. If s and t are
timestamp values, s < t if 0 < (t - s) < 2**31, computed in
unsigned 32-bit arithmetic.
The choice of incoming timestamps to be saved for this comparison
must guarantee a value that is monotone increasing. For example,
we might save the timestamp from the segment that last advanced
the left edge of the receive window, i.e., the most recent in-
sequence segment. Instead, we choose the value TS.Recent
introduced in Section 3.4 for the RTTM mechanism, since using a
common value for both PAWS and RTTM simplifies the implementation
of both. As Section 3.4 explained, TS.Recent differs from the
timestamp from the last in-sequence segment only in the case of
delayed ACKs, and therefore by less than one window. Either
choice will therefore protect against sequence number wrap-around.
RTTM was specified in a symmetrical manner, so that TSval
timestamps are carried in both data and ACK segments and are
echoed in TSecr fields carried in returning ACK or data segments.
PAWS submits all incoming segments to the same test, and therefore
protects against duplicate ACK segments as well as data segments.
(An alternative un-symmetric algorithm would protect against old
duplicate ACKs: the sender of data would reject incoming ACK
segments whose TSecr values were less than the TSecr saved from
the last segment whose ACK field advanced the left edge of the
send window. This algorithm was deemed to lack economy of
mechanism and symmetry.)
TSval timestamps sent on {SYN} and {SYN,ACK} segments are used to
initialize PAWS. PAWS protects against old duplicate non-SYN
segments, and duplicate SYN segments received while there is a
synchronized connection. Duplicate {SYN} and {SYN,ACK} segments
received when there is no connection will be discarded by the
normal 3-way handshake and sequence number checks of TCP.
It is recommended that RST segments NOT carry timestamps, and that
RST segments be acceptable regardless of their timestamp. Old
duplicate RST segments should be exceedingly unlikely, and their
cleanup function should take precedence over timestamps.
