Re: TCP SACK issue, hung connection, tcpdump included

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

To: Darryl L. Miles <darryl-mailinglists@...>

Cc: <linux-kernel@...>

Subject: Re: TCP SACK issue, hung connection, tcpdump included

Date: Sunday, July 29, 2007 - 11:30 am

On Sun, Jul 29, 2007 at 06:59:26AM +0100, Darryl L. Miles wrote:
quoted text> The problems start around time index 09:21:39.860302 when the CLIENT issues 
> a TCP packet with SACK option set (seemingly for a data segment which has 
> already been seen) from that point on the connection hangs.

I'd say most likely scenario is the SERVER is behind a Cisco Pix firewall,
which has known bugs in handling packets with sack option.  By default the Cisco
has sequence number randomization enabled, but it's a half-assed implementation
which doesn't bother adjusting the sequence numbers inside sack options.

This has been reported to Cisco, and they don't seem to care.  As a workaround,
you can do this:

	echo 0 > /proc/sys/net/ipv4/tcp_sack

and it will probably fix it up.  It'd be really nice, however, to have a per-route
option for sack, similar to how we can clamp window scaling per route.  Something
like the below

	ip r a <host> <gw> <nosack>

Phil
-
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

TCP SACK issue, hung connection, tcpdump included, Darryl L. Miles, (Sun Jul 29, 1:59 am)

Re: TCP SACK issue, hung connection, tcpdump included, Phil Oester, (Sun Jul 29, 11:30 am)

Re: TCP SACK issue, hung connection, tcpdump included, Willy Tarreau, (Sun Jul 29, 2:45 am)

Re: TCP SACK issue, hung connection, tcpdump included, Jan Engelhardt, (Sun Jul 29, 4:39 am)

Re: TCP SACK issue, hung connection, tcpdump included, Ilpo Järvinen, (Sun Jul 29, 4:26 am)

Re: TCP SACK issue, hung connection, tcpdump included, David Miller, (Sun Jul 29, 4:56 am)

Re: TCP SACK issue, hung connection, tcpdump included, Willy Tarreau, (Sun Jul 29, 4:54 am)

Re: TCP SACK issue, hung connection, tcpdump included, Ilpo Järvinen, (Sun Jul 29, 5:28 am)

Re: TCP SACK issue, hung connection, tcpdump included, Willy Tarreau, (Sun Jul 29, 12:07 pm)

Re: TCP SACK issue, hung connection, tcpdump included, Darryl L. Miles, (Tue Jul 31, 1:03 am)

Re: TCP SACK issue, hung connection, tcpdump included, Ilpo Järvinen, (Thu Aug 2, 5:23 am)

Re: TCP SACK issue, hung connection, tcpdump included, Darryl Miles, (Thu Aug 2, 12:58 pm)

Re: TCP SACK issue, hung connection, tcpdump included, David Miller, (Thu Aug 2, 5:26 am)

Re: TCP SACK issue, hung connection, tcpdump included, Ilpo Järvinen, (Sun Jul 29, 12:28 pm)


linux-kernel:
Greg KH	Re: Dual-Licensing Linux Kernel with GPL V2 and GPL V3
Jan Engelhardt	intel iommu (Re: -mm merge plans for 2.6.23)
Roland Dreier	Re: Integration of SCST in the mainstream Linux kernel
Andrew Morton	Re: 2.6.24-rc3-mm1 make headers_check fails
git:

linux-netdev:
Ingo Molnar	iwlwifi: fix build bug in "iwlwifi: fix LED stall"
Jarek Poplawski	[PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
Gerrit Renker	[PATCH 27/37] dccp: Integration of dynamic feature activation - part 2 (server side)
Frans Pop	svc: failed to register lockdv1 RPC service (errno 97).
openbsd-misc:

Re: TCP SACK issue, hung connection, tcpdump included

Online users