Unusual TCP options can cause FreeBSD to issue a reset
Andre Oppermann
andre at freebsd.org
Mon Oct 5 08:51:11 UTC 2009
Kevin Oberman wrote:
> I have a system that is unable to connect to a FreeBSD system due to
> the odd formatting of the TCP options. The options contains only the
> timestamp which, if recommendations in RFC1323 are followed, are
> preceded by two NOP bytes to put the timestamp values on 4 byte
> boundaries.
>
> This system sends the 12 byte timestamp option alone, followed by two
> zero bytes to pad it. This meets the requirements of RFC793 and 1323 is
> explicit that stacks must accept this, even though it results in
> sub-optimal performance and does not meet the recommendations in 1323
> appendix A.
Just this alone should not cause a reset from FreeBSD.
> Any idea if this is hard to fix? I see in on both 7.2 and 8.0.
Can you post a detailed tcpdump of a failing connect? And please enable
net.inet.tcp.log_debug which should give a better explanation on why
FreeBSD thinks the connection is bad.
--
Andre
More information about the freebsd-net
mailing list