Date: Mon, 05 Oct 2009 07:38:37 -0700 From: "Kevin Oberman" <oberman@es.net> To: Andre Oppermann <andre@freebsd.org> Cc: net@freebsd.org Subject: Re: Unusual TCP options can cause FreeBSD to issue a reset Message-ID: <20091005143837.C370F1CC2E@ptavv.es.net> In-Reply-To: Your message of "Mon, 05 Oct 2009 10:24:33 %2B0200." <4AC9AD41.2070200@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> Date: Mon, 05 Oct 2009 10:24:33 +0200 > From: Andre Oppermann <andre@freebsd.org> > > Kevin Oberman wrote: > > I have a system that is unable to connect to a FreeBSD system due to > > the odd formatting of the TCP options. The options contains only the > > timestamp which, if recommendations in RFC1323 are followed, are > > preceded by two NOP bytes to put the timestamp values on 4 byte > > boundaries. > > > > This system sends the 12 byte timestamp option alone, followed by two > > zero bytes to pad it. This meets the requirements of RFC793 and 1323 is > > explicit that stacks must accept this, even though it results in > > sub-optimal performance and does not meet the recommendations in 1323 > > appendix A. > > Just this alone should not cause a reset from FreeBSD. > > > Any idea if this is hard to fix? I see in on both 7.2 and 8.0. > > Can you post a detailed tcpdump of a failing connect? And please enable > net.inet.tcp.log_debug which should give a better explanation on why > FreeBSD thinks the connection is bad. Thanks!. The debug output made the issue clear and it is not a FreeBSD problem. It is with the remote system and the timestamps used, I see the following timestamps: SYN----->159082 0 SYNACK-->57062695 159082 ACK----->159082 0 Clearly, this is bogus. Sorry for the noise and the bad analysis on Friday. -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20091005143837.C370F1CC2E>