Date: Sun, 7 Nov 2010 23:38:15 +1100 (EST) From: Ian Smith <smithi@nimnet.asn.au> To: Alexander Frolkin <avf@eldamar.org.uk> Cc: freebsd-questions@freebsd.org Subject: Re: How to disable syncookies & syncache Message-ID: <20101107232708.U66572@sola.nimnet.asn.au> In-Reply-To: <20101107120028.E549610656CA@hub.freebsd.org> References: <20101107120028.E549610656CA@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In freebsd-questions Digest, Vol 335, Issue 14, Message: 2 On Sun, 7 Nov 2010 12:09:26 +0100 Alexander Frolkin <avf@eldamar.org.uk> wrote: > Hi, > > I spent all day yesterday trying to get my FreeBSD box (8.1-RELEASE, > amd64) to talk to a Qlogic 4010 iSCSI card. > > The problem is that when the Qlogic card tries to make a connection, > FreeBSD resets it (SYN, SYN|ACK, ACK, RST). > > If I turn on net.inet.tcp.log_in_vain, I can see a message similar to > > TCP: [172.16.25.2]:30557 to [172.16.25.1]:3260 tcpflags 0x10<ACK>; > syncache_expand: TSECR 0 != TS 267223, segment rejected > > for each connection attempt. > > I've tried fiddling around with the net.inet.tcp.syn* sysctls, but all > I've managed to to is change the message to > > TCP: [172.16.25.2]:29387 to [172.16.25.1]:3260 tcpflags 0x10<ACK>; > syncache_expand: Segment failed SYNCOOKIE authentication, segment > rejected (probably spoofed) > > (this was with net.inet.tcp.syncookies_only=1, I believe) --- the > connection still gets reset, as before. > > The only "solution" I've found so far is to comment out the bit of code > in sys/netinet/tcp_syncache.c that checks if TSECR == TS, but needless > to say, this is horrible, and will probably create other problems. > > Now, I know what you're probably going to say --- the Qlogic card has a > broken TCP implementation. While that may well be true, this is the > card I have and I'm stuck with it, so there's not much I can about that. > > Any suggestions welcome. :-) Only that if I had such an issue I'd head for net@freebsd.org and post the above there, where the syncache cookie monsters tend to hang out :) cheers, Ian
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20101107232708.U66572>