RELENG-7 tcp connectivity problems with certain clients

Jake Rizzo rizzojake at gmail.com
Fri Mar 7 15:24:14 PST 2008 

Hi,

I had two 6.3-STABLE boxen which have been happily running away for months
on end now without any problems. Last week I upgraded  (via buildworld) both
boxes to 7.0-STABLE.  Since then I've had reports of some clients being
unable to connect via tcp.  I've seen this happen first hand on an affected
remote machine. Traceroute & ping gets to the machine just fine
but connecting to an open tcp port on the machine just times out.  The
remote box was a XP machine and so I didn't have the luxury of tcp dump on
that end, however I did get a chance to run it at the freebsd end:

16:04:31.445390 IP (tos 0x20, ttl 109, id 41184, offset 0, flags [DF], proto
TCP (6), length 48) xxxxx.comcastbusiness.net.22625 > 192.168.1.104.http: S,
cksum 0x81e2 (correct), 3539746141:3539746141(0) win 16384 <mss
1380,nop,nop,sackOK>
16:04:31.445405 IP (tos 0x0, ttl 64, id 55077, offset 0, flags [DF], proto
TCP (6), length 48, bad cksum 0 (->b21)!) 192.168.1.104.http >
xxxxx.comcastbusiness.net.22625: S, cksum 0x58a4 (incorrect (-> 0x8f6e),
152644170:152644170(0) ack 3539746142 win 65535 <mss 1380,sackOK,eol>
16:04:34.444871 IP (tos 0x0, ttl 64, id 56095, offset 0, flags [DF], proto
TCP (6), length 48, bad cksum 0 (->727)!) 192.168.1.104.http >
xxxxx.comcastbusiness.net.22625: S, cksum 0x58a4 (incorrect (-> 0x8f6e),
152644170:152644170(0) ack 3539746142 win 65535 <mss 1380,sackOK,eol>
16:04:40.444521 IP (tos 0x0, ttl 64, id 57587, offset 0, flags [DF], proto
TCP (6), length 48, bad cksum 0 (->153)!) 192.168.1.104.http >
xxxxx.comcastbusiness.net.22625: S, cksum 0x58a4 (incorrect (-> 0x8f6e),
152644170:152644170(0) ack 3539746142 win 65535 <mss 1380,sackOK,eol>

It seems the the tcp handshake is not happening for one reason or another. I
downgraded one of the boxes back to 6.3-STABLE and now the same client's
connectivity issues disappeared.  Has anyone any ideas of where to look? I'd
really like to stay on 7.0-STABLE if I can because of the performance
increase!

Here's some additional configuration details:


Ifconfig output:
bge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
        ether 00:e0:81:33:48:f6
        inet 192.168.1.197 netmask 0xffffff00 broadcast 192.168.1.255
        inet 192.168.1.104 netmask 0xffffffff broadcast 192.168.1.104
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active

dmesg| grep bge0:

bge0: <Broadcom Gigabit Ethernet Controller, ASIC rev. 0x2003> mem
0xfc9c0000-0xfc9cffff,0xfc9b0000-0xfc9bffff irq 24 at device 9.0 on pci2
miibus0: <MII bus> on bge0
bge0: Ethernet address: 00:e0:81:33:48:f6
bge0: [ITHREAD]


I have a few network related sysctl's defined since 6.3-STABLE too:

security.bsd.see_other_uids=0
net.inet.icmp.icmplim=50
kern.ipc.somaxconn=12768
net.inet.udp.blackhole=1
net.inet.tcp.blackhole=2
net.inet.tcp.msl=7500


Any help would be greatly appreciated.

Thanks,
Regards,
Jerry

More information about the freebsd-net mailing list