From owner-freebsd-net@FreeBSD.ORG Wed Jul 18 05:52:38 2007 Return-Path: X-Original-To: freebsd-net@freebsd.org Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 87A6316A403 for ; Wed, 18 Jul 2007 05:52:38 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) Received: from pobox.codelabs.ru (pobox.codelabs.ru [144.206.177.45]) by mx1.freebsd.org (Postfix) with ESMTP id 3A4B213C47E for ; Wed, 18 Jul 2007 05:52:37 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru; h=Received:Date:From:To:Cc:Message-ID:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:Sender:X-Spam-Status:Subject; b=Ajcse88nOovqpgqg48BeXEf7iAG7Ddvdd23B7PTe65v+of8VP5YXzyQa+U9+IAjGMGLeFFhO2kt5CCpheZw7V8eBKNnwqLBK84ohHp47m4b8dz/DtWATumiowxLt5erJCdqB/grEsdwdUT2II1uMxEQIaxCgg8T+RZSZ5sdyYOs=; Received: from void.codelabs.ru (void.codelabs.ru [144.206.177.25]) by pobox.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256) id 1IB2Sf-000GWO-Vj; Wed, 18 Jul 2007 09:52:34 +0400 Date: Wed, 18 Jul 2007 09:52:28 +0400 From: Eygene Ryabinkin To: Chuck Swiger Message-ID: <20070718055228.GA4053@void.codelabs.ru> References: <469D4C9D.7090302@ironport.com> <469D4FB6.9040609@elischer.org> <3DBBD4E3-ABEA-451A-8E6A-02E9CBAD6A37@mac.com> MIME-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <3DBBD4E3-ABEA-451A-8E6A-02E9CBAD6A37@mac.com> Sender: rea-fbsd@codelabs.ru X-Spam-Status: No, score=-3.0 required=4.0 tests=ALL_TRUSTED,AWL,BAYES_00 Cc: Julian Elischer , FreeBSD Net , Julian Elischer Subject: Re: Wierd networking. X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 18 Jul 2007 05:52:38 -0000 Chuck, Julian, good day. Tue, Jul 17, 2007 at 04:47:30PM -0700, Chuck Swiger wrote: > % tcpdump -nS -r IE7.pcap > reading from file IE7.pcap, link-type EN10MB (Ethernet) > 18:24:41.313890 IP 172.28.15.82.3128 > 10.251.22.29.1121: . ack 1573162290 win > 32120 > 18:24:41.313995 IP 10.251.22.29.1121 > 172.28.15.82.3128: P > 1573162290:1573162378(88) ack 3799409121 win 65535 > 18:24:41.314015 IP 172.28.15.82.3128 > 10.251.22.29.1121: . ack 1573162378 win > 33492 > 18:24:41.314072 IP 172.28.15.82.3128 > 10.251.22.29.1121: . > 3799409121:3799410581(1460) ack 1573162378 win 33580 > 18:24:41.314080 IP 172.28.15.82.3128 > 10.251.22.29.1121: P > 3799410581:3799410861(280) ack 1573162378 win 33580 > 18:24:41.314118 IP 172.28.15.82.3128 > 10.251.22.29.1121: F > 3799410861:3799410861(0) ack 1573162378 win 33580 > > ...at this point, the client should have received the above packets and ACK for > 3799410862 to include the FIN. > > 18:24:41.314744 IP 10.251.22.29.1121 > 172.28.15.82.3128: P > 1573162378:1573162380(2) ack 3799409121 win 65535 > > ...instead it sends an ACK for earlier traffic. The Squid box should be in > FIN-WAIT-1 and simply ignore this as a dup ACK, rather than sending an RST: Seems like it is the effect of the SS_NOFDREF check in the netinet/tcp_input.c, at least it is present in the rev. 1.281.2.5. See the post http://lists.freebsd.org/pipermail/freebsd-current/2007-July/074837.html I believe it discuisses the same problem, but for -CURRENT. In short, Squid child closes the descriptor, so connection is present in the TCP/IP stack only. And SS_NOFDREF check provokes RST and invokes tcp_close(). -- Eygene