Unusual TCP options can cause FreeBSD to issue a reset
Kevin Oberman
oberman at es.net
Mon Oct 5 14:38:39 UTC 2009
> Date: Mon, 05 Oct 2009 10:24:33 +0200
> From: Andre Oppermann <andre at freebsd.org>
>
> Kevin Oberman wrote:
> > I have a system that is unable to connect to a FreeBSD system due to
> > the odd formatting of the TCP options. The options contains only the
> > timestamp which, if recommendations in RFC1323 are followed, are
> > preceded by two NOP bytes to put the timestamp values on 4 byte
> > boundaries.
> >
> > This system sends the 12 byte timestamp option alone, followed by two
> > zero bytes to pad it. This meets the requirements of RFC793 and 1323 is
> > explicit that stacks must accept this, even though it results in
> > sub-optimal performance and does not meet the recommendations in 1323
> > appendix A.
>
> Just this alone should not cause a reset from FreeBSD.
>
> > Any idea if this is hard to fix? I see in on both 7.2 and 8.0.
>
> Can you post a detailed tcpdump of a failing connect? And please enable
> net.inet.tcp.log_debug which should give a better explanation on why
> FreeBSD thinks the connection is bad.
Thanks!. The debug output made the issue clear and it is not a FreeBSD
problem. It is with the remote system and the timestamps used,
I see the following timestamps:
SYN----->159082 0
SYNACK-->57062695 159082
ACK----->159082 0
Clearly, this is bogus. Sorry for the noise and the bad analysis on
Friday.
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman at es.net Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
More information about the freebsd-net
mailing list