From owner-freebsd-questions@FreeBSD.ORG Mon Mar 21 19:30:18 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BEA9B16A4CE for ; Mon, 21 Mar 2005 19:30:18 +0000 (GMT) Received: from smtpout.mac.com (smtpout.mac.com [17.250.248.71]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9675843D1D for ; Mon, 21 Mar 2005 19:30:18 +0000 (GMT) (envelope-from cswiger@mac.com) Received: from mac.com (smtpin07-en2 [10.13.10.152])j2LJUIWF005978; Mon, 21 Mar 2005 11:30:18 -0800 (PST) Received: from [10.1.1.245] (nfw2.codefab.com [199.103.21.225] (may be forged)) (authenticated bits=0)j2LJUFXR009166; Mon, 21 Mar 2005 11:30:17 -0800 (PST) In-Reply-To: <423F17D9.70802@web.de> References: <423EFE41.6040805@web.de> <56b90b3668acea792519e1e70a7b837a@mac.com> <423F05F2.3010101@web.de> <7c82a2d1780970b84810aefc59bdb295@mac.com> <423F17D9.70802@web.de> Mime-Version: 1.0 (Apple Message framework v619.2) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Charles Swiger Date: Mon, 21 Mar 2005 14:30:14 -0500 To: Robert Gogolok X-Mailer: Apple Mail (2.619.2) cc: freebsd-questions@freebsd.org Subject: Re: FIN_WAIT_2 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 21 Mar 2005 19:30:18 -0000 On Mar 21, 2005, at 1:52 PM, Robert Gogolok wrote: > I've looked at the "Closing a Connection" chapter from the RFC and > tried to understand it. The state diagram above shows that from the > FINWAIT-2 state there is only one possible way to reach TIME WAIT. That's right. > So FreeBSD must be using another extension of the RFC-793, when it's > sending ACK messages in the FINWAIT-2 state? If the TCP connection is in FIN_WAIT_2, FreeBSD may send out ACKs periodicly, trying to nudge the other side to send a FIN to finish closing the connection. That may be controlled by the keepalive sysctl, but we're starting to go beyond my specific knowledge. One of the true FreeBSD network wizards like Andre Oppermann might be able to provide more information. > Wow, I'm confused at this point, I have a linux box here which was the > previous webserver, and I can't remember seeing ACK's hitting the > firewall logs as it is now with the FreeBSD webserver. Hmm, it's hard to say. Having a complete tcpdump of a TCP connection handy would help, as would making sure that your firewall rules aren't doing something to interrupt or block the end of the connection. Are you getting any responses back from the clients, or have they disappeared? -- -Chuck