Date: Thu, 11 Jul 2002 10:55:31 +0000 From: "Alex Dyas" <alexdyas@hotmail.com> To: net@freebsd.org Subject: BSD / Firewall / 0 window size problem Message-ID: <F255DapE6dEeQkhtzmC0000d00a@hotmail.com>
next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. ------=_NextPart_000_62e2_3a0_21fe Content-Type: text/plain; format=flowed Hi, I hope someone can help me with this, I've been struggling with it for quite some time now. The set up: bsdbox.foo.com -> internal GNAT firewall -> otherbox.foo.com where bsdbox.foo.com has been anything from 4.0 to 4.5, and otherbox.foo.com is anything from FreeBSD, Solaris 2.7, Solaris 2.8 The problem is delays when telnetting from the BSD box to the Solaris box. I open and use the telnet session no problem. However, if I leave the session alone for more than about 15 seconds it will lock up. The lock up will last for about 8 seconds before it lets me type again. This is not fun. The only clue I've managed to find as to what is going on is in a tcpdump of the session (attached). The trigger for the lock up seems to be a messages from the Otherbox machine setting the window size to 0 : 10:41:38.614141 otherbox.foo.com.telnet > bsdbox.foo.com.2230: . ack 154 win 0 10:41:38.614200 bsdbox.foo.com.2230 > otherbox.foo.com.telnet: . ack 337 win 33304 <nop,nop,timestamp 9026230 147804149> (DF) [tos 0x10] I've tried all the following scenarios, none of which exhibit the same problem, which is why I think the problem is with FreeBSD : bsdbox.foo.com -> otherbox.foo.com solarisbox.foo.com -> internal GNAT firewall -> otherbox.foo.com windowsbox.foo.com -> internal GNAT firewall -> otherbox.foo.com linuxbox.foo.com -> internal GNAT firewall -> otherbox.foo.com No blocks are seen on the firewall. Any ideas/pointers/suggestions/fixes at all much appreciated. Alex... _________________________________________________________________ Chat with friends online, try MSN Messenger: http://messenger.msn.com ------=_NextPart_000_62e2_3a0_21fe Content-Type: text/plain; name="tcpdump.txt"; format=flowed Content-Transfer-Encoding: 8bit Content-Disposition: attachment; filename="tcpdump.txt" 10:41:22.149761 bsdbox.foo.com.2230 > solarisbox.foo.com.telnet: P 146:148(2) ack 285 win 33304 <nop,nop,timestamp 9024584 147802840> (DF) [tos 0x10] 10:41:22.150396 solarisbox.foo.com.telnet > bsdbox.foo.com.2230: P 285:287(2) ack 148 win 24616 <nop,nop,timestamp 147804072 9024584> (DF) 10:41:22.249151 bsdbox.foo.com.2230 > solarisbox.foo.com.telnet: . ack 287 win 33304 <nop,nop,timestamp 9024594 147804072> (DF) [tos 0x10] 10:41:22.249515 solarisbox.foo.com.telnet > bsdbox.foo.com.2230: P 287:298(11) ack 148 win 24616 <nop,nop,timestamp 147804082 9024594> (DF) 10:41:22.349154 bsdbox.foo.com.2230 > solarisbox.foo.com.telnet: . ack 298 win 33304 <nop,nop,timestamp 9024604 147804082> (DF) [tos 0x10] 10:41:22.380132 bsdbox.foo.com.2230 > solarisbox.foo.com.telnet: P 148:150(2) ack 298 win 33304 <nop,nop,timestamp 9024607 147804082> (DF) [tos 0x10] 10:41:22.380644 solarisbox.foo.com.telnet > bsdbox.foo.com.2230: P 298:300(2) ack 150 win 24616 <nop,nop,timestamp 147804095 9024607> (DF) 10:41:22.484269 bsdbox.foo.com.2230 > solarisbox.foo.com.telnet: . ack 300 win 33304 <nop,nop,timestamp 9024617 147804095> (DF) [tos 0x10] 10:41:22.484920 solarisbox.foo.com.telnet > bsdbox.foo.com.2230: P 300:311(11) ack 150 win 24616 <nop,nop,timestamp 147804105 9024617> (DF) 10:41:22.579160 bsdbox.foo.com.2230 > solarisbox.foo.com.telnet: . ack 311 win 33304 <nop,nop,timestamp 9024627 147804105> (DF) [tos 0x10] 10:41:22.599564 bsdbox.foo.com.2230 > solarisbox.foo.com.telnet: P 150:152(2) ack 311 win 33304 <nop,nop,timestamp 9024629 147804105> (DF) [tos 0x10] 10:41:22.600250 solarisbox.foo.com.telnet > bsdbox.foo.com.2230: P 311:313(2) ack 152 win 24616 <nop,nop,timestamp 147804117 9024629> (DF) 10:41:22.699161 bsdbox.foo.com.2230 > solarisbox.foo.com.telnet: . ack 313 win 33304 <nop,nop,timestamp 9024639 147804117> (DF) [tos 0x10] 10:41:22.699564 solarisbox.foo.com.telnet > bsdbox.foo.com.2230: P 313:324(11) ack 152 win 24616 <nop,nop,timestamp 147804127 9024639> (DF) 10:41:22.799162 bsdbox.foo.com.2230 > solarisbox.foo.com.telnet: . ack 324 win 33304 <nop,nop,timestamp 9024649 147804127> (DF) [tos 0x10] 10:41:22.818906 bsdbox.foo.com.2230 > solarisbox.foo.com.telnet: P 152:154(2) ack 324 win 33304 <nop,nop,timestamp 9024650 147804127> (DF) [tos 0x10] 10:41:22.819479 solarisbox.foo.com.telnet > bsdbox.foo.com.2230: P 324:326(2) ack 154 win 24616 <nop,nop,timestamp 147804139 9024650> (DF) 10:41:22.919168 bsdbox.foo.com.2230 > solarisbox.foo.com.telnet: . ack 326 win 33304 <nop,nop,timestamp 9024661 147804139> (DF) [tos 0x10] 10:41:22.919576 solarisbox.foo.com.telnet > bsdbox.foo.com.2230: P 326:337(11) ack 154 win 24616 <nop,nop,timestamp 147804149 9024661> (DF) 10:41:23.019171 bsdbox.foo.com.2230 > solarisbox.foo.com.telnet: . ack 337 win 33304 <nop,nop,timestamp 9024671 147804149> (DF) [tos 0x10] 10:41:38.614141 solarisbox.foo.com.telnet > bsdbox.foo.com.2230: . ack 154 win 0 10:41:38.614200 bsdbox.foo.com.2230 > solarisbox.foo.com.telnet: . ack 337 win 33304 <nop,nop,timestamp 9026230 147804149> (DF) [tos 0x10] 10:41:47.199533 bsdbox.foo.com.2230 > solarisbox.foo.com.telnet: . 154:155(1) ack 337 win 33304 <nop,nop,timestamp 9027089 147804149> (DF) [tos 0x10] 10:41:47.297912 solarisbox.foo.com.telnet > bsdbox.foo.com.2230: . ack 155 win 24616 <nop,nop,timestamp 147806587 9027089> (DF) 10:41:47.297970 bsdbox.foo.com.2230 > solarisbox.foo.com.telnet: P 155:162(7) ack 337 win 33304 <nop,nop,timestamp 9027098 147806587> (DF) [tos 0x10] 10:41:47.298154 solarisbox.foo.com.telnet > bsdbox.foo.com.2230: P 337:339(2) ack 155 win 24616 <nop,nop,timestamp 147806587 9027089> (DF) 10:41:47.389540 bsdbox.foo.com.2230 > solarisbox.foo.com.telnet: . ack 339 win 33304 <nop,nop,timestamp 9027108 147806587> (DF) [tos 0x10] 10:41:47.390038 solarisbox.foo.com.telnet > bsdbox.foo.com.2230: P 339:395(56) ack 162 win 24616 <nop,nop,timestamp 147806596 9027098> (DF) 10:41:47.489541 bsdbox.foo.com.2230 > solarisbox.foo.com.telnet: . ack 395 win 33304 <nop,nop,timestamp 9027118 147806596> (DF) [tos 0x10] ------=_NextPart_000_62e2_3a0_21fe-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F255DapE6dEeQkhtzmC0000d00a>