From owner-freebsd-net Wed Mar 29 18:18:45 2000 Delivered-To: freebsd-net@freebsd.org Received: from volatile.by-tor.tacorp.net (ci391991-a.grnvle1.sc.home.com [24.9.31.75]) by hub.freebsd.org (Postfix) with ESMTP id 3821D37B9DC for ; Wed, 29 Mar 2000 18:18:37 -0800 (PST) (envelope-from by-tor@volatile.by-tor.tacorp.net) Received: (from by-tor@localhost) by volatile.by-tor.tacorp.net (8.9.3/8.9.3) id VAA00306; Wed, 29 Mar 2000 21:20:09 -0500 (EST) (envelope-from by-tor) Date: Wed, 29 Mar 2000 21:20:09 -0500 (EST) From: Wes Morgan X-Sender: by-tor@volatile.by-tor.tacorp.net To: freebsd-net@freebsd.org Subject: 5.0 tcp weirdness Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In 5.0 since sometime last weekend, I have been experiencing some very strange TCP problems. Complete inability to connect to some machines, poor throughput, etc. I first noticed that my nameserver was having trouble talking to some other nameservers, and at first thought @home was using some very weird filtering, or maybe had set up something to require some sort of DHCP validation (I don't bother with DHCP since my IP is virtually static). After running dhclient, the nameserver lookups seemed to improve, but there were still a few sites I could not connect to. Here is some data I gathered: tcpdump of conversation with an "unconnectable" site: [root@volatile:/usr/home/by-tor#]: tcpdump src or dst port 110 tcpdump: listening on ed0 21:16:37.066637 ci391991-a.grnvle1.sc.home.com.1027 > mailbox.engr.sc.edu.pop3: S 1003018417:1003018417(0) win 16384 (DF) 21:16:40.066444 ci391991-a.grnvle1.sc.home.com.1027 > mailbox.engr.sc.edu.pop3: S 1003018417:1003018417(0) win 16384 (DF) 21:16:46.066497 ci391991-a.grnvle1.sc.home.com.1027 > mailbox.engr.sc.edu.pop3: S 1003018417:1003018417(0) win 16384 (DF) 21:16:58.066660 ci391991-a.grnvle1.sc.home.com.1027 > mailbox.engr.sc.edu.pop3: S 1003018417:1003018417(0) win 16384 (DF) 21:17:22.066970 ci391991-a.grnvle1.sc.home.com.1027 > mailbox.engr.sc.edu.pop3: S 1003018417:1003018417(0) win 16384 (DF) nmap "TCP SYN stealth" scan _will_ successfully communicate with the machine (according to tcpdump). The "Stealth FIN, Xmas, or Null" scans report that the port is filtered, and the regular connect() scan doesnt work at all. Booting to 4.0 solves ALL the problems. **this is no complaint, but an offer to help find the problem** My kernel config has INET and INET6 enabled, network card is an ed0 (Realtek 8029). Any other info is gladly provided! -- _ __ ___ ____ ___ ___ ___ Wesley N Morgan _ __ ___ | _ ) __| \ morganw@engr.sc.edu _ __ | _ \._ \ |) | FreeBSD: The Power To Serve _ |___/___/___/ Hi! I'm a .signature virus! Copy me into your ~/.signature to help me spread! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message