Sorcerer's Apprentice Syndrome

Sorcerer's Apprentice Syndrome

Sorcerer's Apprentice Syndrome (SAS) is a particularly bad network protocol flaw, discovered in the original versions of TFTP. It was named after the "Sorcerer's Apprentice" segment of the animated film "Fantasia", because the details of its operation closely resemble the disaster that befalls the sorcerer's apprentice: the problem resulted in an ever-growing replication of every packet in the transfer. The problem occurred because of a known failure mode of the internetwork which, through a mistake on the part of the protocol designers, was not taken into account when the protocol was designed; it interacted with several details of the mechanisms of TFTP to produce SAS.

Technical background

TFTP operates in a simple lock-step: there is only ever one packet outstanding at any time, and every packet received by either party caused one packet to be sent in reply (until the termination of the transfer). The TFTP specification said that any time "any" packet was received, the receiver was "required" to send the appropriate reply packet. Thus, the receipt of a block of data triggered the sending of an 'acknowledgement', and the receipt of an acknowledgement triggered the sending of the next data block. This may sound fairly harmless, but it led to disaster.

TFTP also, like all protocols designed to operate across an unreliable network, includes timeouts. For example, when it does something to which it expects a reply from the party at the other end (such as sending it a packet), it starts a timer, and if the timer goes off and the reply has not been received, it takes some action; usually, the response is to re-send the original packet.

Details of SAS

SAS occurred when a packet was not "lost" in the internetwork, but rather simply "delayed", and later successfully delivered, after a timeout had occurred (on either side).

The timeout caused a second copy of the previous packet to be generated, notionally to replace the 'lost' packet. However, the first copy was not lost, and since, according to the TFTP specification, receipt of any packet "always" forced the generation of a reply packet, two replies were generated (one to each copy). Those forced the generation of two replies to them, and so on. A typical scenario was as follows:

* Computer S (source) sends data block X to computer D (destination)
* Computer D receives block X, and sends an acknowledgement for X back to S
* The packet containing the acknowledgement for X is delayed in the internetwork
* Computer S times out, and resends data block X to D
* Computer S receives the delayed acknowledgement for X, and sends data block X+1
* Computer D receives the second copy of block X, and sends another acknowledgement for X back to S
* Computer D receives block X+1, and sends an acknowledgement for X+1 back to S
* Computer S receives the second acknowledgement for X, and sends a second copy of data block X+1
* Computer S receives the acknowledgement for X+1, and sends data block X+2
* Computer D receives the second copy of block X+1, and sends another acknowledgement for X+1 back to S
* Computer D receives block X+2, and sends an acknowledgement for X+2 back to S

It will be seen that at this point the situation is now stable, and repeats; "every packet" from then on is duplicated (that is, two identical copies are sent across the internetwork).

Even worse, the increased number of packets being sent around the internetwork was likely to cause congestion, which was likely to cause a packet to be delayed past the timeout yet again, which would then cause yet "another" duplicate packet to be generated by a timeout, and from then on a "third" copy of each packet would be sent. Needless to say, at that point, the situation would usually snowball, and "further" copies would be generated —hence the name given to this pattern of behaviour.

For a small file, the transfer would complete, and the duplicate packets would eventually drain from the internetwork. If the file were large, however, congestive collapse would result, and only when the transfer failed would the mass of packets drain from the internetwork.

Fixing SAS

The fix to SAS was quite simple: the TFTP specification was modified to indicate that only the "first" instance of a received acknowledgment would cause the next data block to be sent, thus breaking the retransmission loop. In the new version of the protocol, a block would only be retransmitted on timeout.

This change also makes it possible to simplify the implementation of the receiving end (often, a bootstrap program written in a low level language) by omitting the retransmission timer, as any lost packet would cause retransmission of the last packet sent by the sender. However, keeping the timer has its benefits, such as dealing with lost ACKs more efficiently.

ee also

*Fork Bomb
*Morris Worm
*Denial-of-service attack

Further reading

* Bob Braden (editor), "Requirements for Internet Hosts -- Application and Support" (RFC 1123, USC/Information Sciences Institute, October 1989) See section 4.2


Wikimedia Foundation. 2010.

Игры ⚽ Нужен реферат?

Look at other dictionaries:

  • The Sorcerer's Apprentice — This article is about the poem by Goethe. For other uses, see Sorcerer s Apprentice. Illustration from around 1882 by S. Barth The Sorcerer s Apprentice is the English name of a poem by Goethe, Der Zauberlehrling, written in 1797. The poem is a… …   Wikipedia

  • Trivial File Transfer Protocol — Trivial File Transport Protocol(TFTP) is a very simple file transfer protocol, with the functionality of a very basic form of FTP; it was first defined in 1980.Fact|date=September 2008Since it is so simple, it is easy to implement in a very small …   Wikipedia

  • Network congestion — In data networking and queueing theory, network congestion occurs when a link or node is carrying so much data that its quality of service deteriorates. Typical effects include queueing delay, packet loss or the blocking of new connections. A… …   Wikipedia

  • Congestive collapse — (or congestion collapse) is a condition which a packet switched computer network can reach, when little or no useful communication is happening due to congestion.When a network is in such a condition, it has settled (under overload) into a stable …   Wikipedia

  • performing arts — arts or skills that require public performance, as acting, singing, or dancing. [1945 50] * * * ▪ 2009 Introduction Music Classical.       The last vestiges of the Cold War seemed to thaw for a moment on Feb. 26, 2008, when the unfamiliar strains …   Universalium

  • List of Atari 2600 games — This is a list of games for the Atari 2600 video game console, organized alphabetically by name. See Lists of video games for related lists. 0–9* 3 D Tic Tac Toe (Atari) 1980 * 32 in 1 (Atari) 1988 * 9 to 5 (20th Century Fox) UnreleasedA* Acid… …   Wikipedia

  • Juegos de Atari 2600 — Anexo:Juegos de Atari 2600 Saltar a navegación, búsqueda Esta es una lista de videojuegos para Atari 2600, ordenados alfabéticamente por nombre. Ver Anexo:Videojuegos para listas relacionadass. Contenido: Arriba 0 9 A B C D E F G H I J K L M N Ñ… …   Wikipedia Español

  • Midnight Rescue! — Box art Developer(s) The Learning Company Publisher(s) The Learning Company …   Wikipedia

  • Liste De Jeux Atari 2600 — Listes de jeux vidéo 0 9 A B C D E F G H I J K L M N O P Q R S T …   Wikipédia en Français

  • Liste de jeux Atari 2600 —   Liste des listes de jeux vidéo  Ceci est la liste de tous les jeux sortis sur Atari 2600, trié alphabétiquement. So …   Wikipédia en Français

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”