TCP zombie connections with 7-RELEASE and STABLE from 15th june
Mike Silbersack
silby at silby.com
Fri Aug 1 05:35:28 UTC 2008
On Fri, 18 Jul 2008, Bernd Walter wrote:
> 443 is a self written server, but it also happens with port 80 and
> sslproxy.
> The client is a telnet, which disconnects directly after connecting,
> so the disconnect is initiated from the client, which seems to be
> important for this problem to trigger.
>
> You can see that the FIN handshake completes and netstat on the
> client box shows the connection in TIME_WAIT.
> The server however has the connection still in ESTABLISHED state.
Well, syncookies allow the ack of the 3WHS to establish a connection.
Just a quick look at your tcpdump shows that since you aren't sending any
data you are not advancing the sequence number. As a result, it looks
like one of the ACKs the client sends during connection shutdown may
actually be causing the server to re-establish the connection.
You might want to file a PR with exact instructions (and code) that'll
easily reproduce this so that it can be solved at some point in the
future. I don't have time to look into it now, although I'd be happy to
code review a fix!
-Mike
More information about the freebsd-net
mailing list