[Bug 270285] Network issue with very small frames (tcp, padded)

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=270285

--- Comment #2 from Marcus Haarmann <mhaarmann@midoco.de> ---
Yes, packet also looks ok for me, the question is why the traffic forwarded to
the client includes these two 0 bytes in the middle of the payload.
(pfsense/freebsd reorders the traffic and as a result, we are getting different
frame sizes in output).

So some part in the code does not the respect the actual length but seems to
read the whole segment starting from the payload.
The whole setup is:
Server (10GBit) 
-> Switch1 
-> Switch2 
-> pfSense LAN (GBit) <--- here we can see the small packet with padding
-> haproxy 
-> pfSense WAN (GBit) <--- here we can see the 00 00 bytes in the outgoing
frame
-> some internet hops
-> client   -> resulting in a defect download

We wanted to reduce this to a minimal number of components.
We were able to reproduce the error situation from local pfsense command line
(not touching the WAN interface or haproxy at all), with a "fetch http:......"
call.

So even the local file was defect which was produced on the firewall.
This means that some code internally did forward the 0 bytes to the logical
socket which was opened by the fetch command.
This can be reproduced in 1 of ~500 requests.
And we always see the padded packet in the incoming data in case a corruption
is found.

-- 
You are receiving this mail because:
You are the assignee for the bug.