Date: Tue, 01 Apr 2008 12:08:52 +0200 From: Erik Stian Tefre <erik@tefre.com> To: Doug Hardie <bc979@lafn.org> Cc: FreeBSD Stable <freebsd-stable@freebsd.org> Subject: Re: Access Problems with 7.0 Message-ID: <47F209B4.1050405@tefre.com> In-Reply-To: <C9F5484A-534B-4218-9993-F9C73999FF84@lafn.org> References: <C9F5484A-534B-4218-9993-F9C73999FF84@lafn.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Doug Hardie wrote: >> I recently upgraded 3 of my 5 servers to 7.0. Two of them are on new >> hardware and one is on hardware that used to run 6.2. Since then, 2 >> of my thousands of users are unable to access the servers running >> 7.0. They can access the server running 6.2 just fine. What happens >> is the server receives the SYN packet from the client properly and >> then responds with the SYN packet. Nothing more is heard from the >> client. The server sends a few duplicates of the SYN and then drops >> the connection. >> >> At this point I am not able to verify that the client receives the >> SYN. Neither of them has a clue about tcpdump. The packets look fine >> on this end (included later). Both are using Windows, including XP >> and Vista. I suspect they are receiving it and not accepting it for >> some reason. However, I don't really see anything that would cause >> that behavior in the packets. I can't reproduce the problem here. >> Every computer I can try works just fine. >> >> Here is one of the packet traces: >> >> 11:59:00.630414 00:00:0c:38:6f:e1 (oui Cisco) > 00:a0:cc:3e:87:9e (oui >> Unknown), ethertype IPv4 (0x0800), length 66: >> cpe-76-169-78-119.socal.res.rr.com.59025 > zool.lafn.org.8000: S >> 2779920420:2779920420(0) win 8192 <mss 1460,nop,wscale 2,nop,nop,sackOK> >> >> 11:59:00.630634 00:a0:cc:3e:87:9e (oui Unknown) > 00:00:0c:38:6f:e1 >> (oui Cisco), ethertype IPv4 (0x0800), length 66: zool.lafn.org.8000 > >> cpe-76-169-78-119.socal.res.rr.com.59025: S >> 2480373222:2480373222(0) ack 2779920421 win 65535 <mss 1460,nop,wscale >> 3,sackOK,eol> >> >> 11:59:03.613011 00:00:0c:38:6f:e1 (oui Cisco) > 00:a0:cc:3e:87:9e (oui >> Unknown), ethertype IPv4 (0x0800), length 66: >> cpe-76-169-78-119.socal.res.rr.com.59025 > zool.lafn.org.8000: S >> 2779920420:2779920420(0) win 8192 <mss 1460,nop,wscale 2,nop,nop,sackOK> >> >> 11:59:03.613194 00:a0:cc:3e:87:9e (oui Unknown) > 00:00:0c:38:6f:e1 >> (oui Cisco), ethertype IPv4 (0x0800), length 66: zool.lafn.org.8000 > >> cpe-76-169-78-119.socal.res.rr.com.59025: S 2480373222:2480373222(0) >> ack 2779920421 win 65535 <mss 1460,nop,wscale 3,sackOK,eol> >> > > Checking with the 6.2 server I see there are some differences in the TCP > options. 7.0 includes wscale 3 where 6.2 does not. Is there a way to > disable that feature using sysctl to see if thats the issue? sysctl net.inet.tcp.rfc1323=0 This may disable more than you want, but maybe it's worth a try. http://www.ietf.org/rfc/rfc1323.txt -- Erik
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?47F209B4.1050405>