From owner-freebsd-net@FreeBSD.ORG Sun Jun 19 12:16:06 2005 Return-Path: X-Original-To: net@FreeBSD.org Delivered-To: freebsd-net@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2E84316A41C for ; Sun, 19 Jun 2005 12:16:06 +0000 (GMT) (envelope-from glebius@FreeBSD.org) Received: from relay.bestcom.ru (relay.bestcom.ru [217.72.144.5]) by mx1.FreeBSD.org (Postfix) with ESMTP id 98EAB43D58 for ; Sun, 19 Jun 2005 12:16:05 +0000 (GMT) (envelope-from glebius@FreeBSD.org) Received: from cell.sick.ru (root@cell.sick.ru [217.72.144.68]) by relay.bestcom.ru (8.13.1/8.12.9) with ESMTP id j5JCG2ub084072 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for ; Sun, 19 Jun 2005 16:16:03 +0400 (MSD) (envelope-from glebius@FreeBSD.org) Received: from cell.sick.ru (glebius@localhost [127.0.0.1]) by cell.sick.ru (8.13.1/8.12.8) with ESMTP id j5JCG23V013445 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 19 Jun 2005 16:16:02 +0400 (MSD) (envelope-from glebius@FreeBSD.org) Received: (from glebius@localhost) by cell.sick.ru (8.13.1/8.13.1/Submit) id j5JCG2AB013444 for net@FreeBSD.org; Sun, 19 Jun 2005 16:16:02 +0400 (MSD) (envelope-from glebius@FreeBSD.org) X-Authentication-Warning: cell.sick.ru: glebius set sender to glebius@FreeBSD.org using -f Date: Sun, 19 Jun 2005 16:16:01 +0400 From: Gleb Smirnoff To: net@FreeBSD.org Message-ID: <20050619121601.GA13370@cell.sick.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline User-Agent: Mutt/1.5.6i X-Virus-Scanned: ClamAV version devel-20050125, clamav-milter version 0.80ff on relay.bestcom.ru X-Virus-Status: Clean Cc: Subject: bug in libalias? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 19 Jun 2005 12:16:06 -0000 While working on ng_nat + libalias in kernel, I've found that sometimes in very rare conditions libalias produces completely broken packets. Fortunately they also have incorrect TCP checksum, and thus are discarded and being restransmitted. Fortunately retransmits are not broken. This is not related to any protocol aliasing, it is a bug in alias.c. I have two cases which are 100% reproducible. The first case is an ssh session to my mailbox, I can't give reproduce recipe, sorry :) The second case is the following: you must be behind a box running natd(8) and have MTU of 1500, router running natd should have 1500 MTU on both interfaces. Now, you should run # tcpdump -w qqq -s 1600 -vvnpi fxp0 host www.rambler.ru & # fetch -vvv http:/www.rambler.ru # fg # ^C # tcpdump -s 1600 -vXXnpr qqq | less Look into incoming TCP segment with offset 2921:4381(1460). The first packet is broken one. Search again for 2921:4381(1460). Now I've found the retransmitted packet. -- Totus tuus, Glebius. GLEBIUS-RIPN GLEB-RIPE