From owner-freebsd-current@FreeBSD.ORG Fri Jun 29 14:55:50 2007 Return-Path: X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id BEF5016A46B for ; Fri, 29 Jun 2007 14:55:50 +0000 (UTC) (envelope-from dwmalone@maths.tcd.ie) Received: from salmon.maths.tcd.ie (salmon.maths.tcd.ie [134.226.81.11]) by mx1.freebsd.org (Postfix) with SMTP id AB57A13C44C for ; Fri, 29 Jun 2007 14:55:49 +0000 (UTC) (envelope-from dwmalone@maths.tcd.ie) Received: from walton.maths.tcd.ie ([134.226.81.10] helo=walton.maths.tcd.ie) by salmon.maths.tcd.ie with SMTP id ; 29 Jun 2007 11:51:40 +0100 (BST) Date: Fri, 29 Jun 2007 11:51:40 +0100 From: David Malone To: Steve Kargl Message-ID: <20070629105140.GA51586@walton.maths.tcd.ie> References: <20070628014311.GA50012@troutmask.apl.washington.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20070628014311.GA50012@troutmask.apl.washington.edu> User-Agent: Mutt/1.5.6i Sender: dwmalone@maths.tcd.ie Cc: freebsd-current@freebsd.org Subject: Re: SYNCOOKIE authentication problems X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Jun 2007 14:55:50 -0000 On Wed, Jun 27, 2007 at 06:43:11PM -0700, Steve Kargl wrote: > Any advice on how to isolate or avoid? > > Jun 27 18:31:19 node11 kernel: TCP: [192.168.0.11]:59661 to > [192.168.0.11]:63266 tcpflags 0x10; syncache_expand: Segment failed > SYNCOOKIE authentication, segment rejected (probably spoofed) It looks like you tried to open a TCP connection to yourself, but the connection failed. You could try leaving a tcpdump running: tcpdump -i whatever_interface -w /tmp/synfinrstdata -s 1500 'tcp[tcpflags] & (tcp-syn|tcp-fin|tcp-rst) != 0' while your MPI app runs and then we can have a look at the packets that caused the problem. The above should collect all TCP SYN, FIN and RST packets, which would probably be enough to diagnose the problem. David.