From owner-freebsd-net@FreeBSD.ORG Tue Mar 16 04:04:09 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ED17816A4CE; Tue, 16 Mar 2004 04:04:09 -0800 (PST) Received: from demos.su (mx.demos.su [194.87.0.32]) by mx1.FreeBSD.org (Postfix) with ESMTP id C8F3143D49; Tue, 16 Mar 2004 04:04:08 -0800 (PST) (envelope-from tolyar@mx.ru) Received: from [194.87.2.159] (HELO dwarf.demos.su) by demos.su (CommuniGate Pro SMTP 4.1.8/D) with SMTP id 179079082; Tue, 16 Mar 2004 15:04:07 +0300 Date: Tue, 16 Mar 2004 15:04:07 +0300 From: Zherdev Anatoly To: Andre Oppermann Message-Id: <20040316150407.5d9eb9f4@dwarf.demos.su> In-Reply-To: <4056D84C.514EC45C@freebsd.org> References: <20040316125335.5f64cac5@dwarf.demos.su> <4056CFEA.6A231A9@freebsd.org> <20040316131256.015a082d@dwarf.demos.su> <4056D84C.514EC45C@freebsd.org> X-Mailer: Sylpheed version 0.9.9claws (GTK+ 1.2.10; i386-portbld-freebsd5.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit cc: freebsd-net@freebsd.org Subject: Re: Problem with closing tcp session between cisco and freebsd X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Mar 2004 12:04:10 -0000 On Tue, 16 Mar 2004 11:34:52 +0100 Andre Oppermann wrote: > Do you know when it was working correctly the last time? I can't say closely because i first time look that situation on tcp level. But i have rlogin sessions that was'nt closed but cisco send stop packet in RADIUS. This was in april. I can't see tcp session because monitoring tool kill this rlogin. But looks like that it is the same situation. > Do you have > another machine (4.9R or lower, or 5.2 or 5.C) to test against? On I have servers with newer FreeBSD but not older. After problem with FreeBSD-SA-04:04.tcp i upgrade all my servers. And no -CURRENT on it, only -STABLE. > > March 2 the commit of the TCP segment reassembly queue limiter has > been done but that does not change TCP processing otherwise in any > way. A month ago the TCP-MD5 stuff has been committed. A year ago > there have been some NewReno fixes. > > So no obvious suspect. Before digging deep into the code its better > to have some more surrounding information. This situation not stable and may not be represented in short time. I have many rlogin sessions, but only in april was something similar. -- Zherdev Anatoly.