Re: dtrace to trace incoming connection not suceeding ?

Reply: Kurt Jaeger : "Re: dtrace to trace incoming connection not suceeding ?"
In reply to: Kurt Jaeger : "Re: dtrace to trace incoming connection not suceeding ?"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Andrey V. Elsukov <bu7cher_at_yandex.ru>
Date: Sun, 14 Nov 2021 17:27:08 UTC

12.11.2021 20:31, Kurt Jaeger пишет:
> That's why I provided two outputs.
> 
> There's one small diff between the two that I do not understand:
> 
> -       18040 times no signature provided by segment
> +       18045 times no signature provided by segment
> 

Hello,

This means, that received TCP segment has not TCP-MD5 signature, but 
listen socket expects it. Such SYN segment will be dropped by syncache 
code. Probably your BGP daemon configured to use TCP-MD5 for connection, 
but remote side does not.

-- 
WBR, Andrey V. Elsukov