Date: Fri, 1 Aug 2008 13:50:07 +0200 From: Bernd Walter <ticso@cicely7.cicely.de> To: Mike Silbersack <silby@silby.com> Cc: freebsd-net@freebsd.org, ticso@cicely.de Subject: Re: TCP zombie connections with 7-RELEASE and STABLE from 15th june Message-ID: <20080801115007.GA76575@cicely7.cicely.de> In-Reply-To: <alpine.BSF.1.10.0808010004440.14518@odysseus.silby.com> References: <20080718135931.GA48087@cicely7.cicely.de> <alpine.BSF.1.10.0808010004440.14518@odysseus.silby.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Aug 01, 2008 at 12:08:38AM -0500, Mike Silbersack wrote: > > > On Fri, 18 Jul 2008, Bernd Walter wrote: > > >443 is a self written server, but it also happens with port 80 and > >sslproxy. > >The client is a telnet, which disconnects directly after connecting, > >so the disconnect is initiated from the client, which seems to be > >important for this problem to trigger. > > > >You can see that the FIN handshake completes and netstat on the > >client box shows the connection in TIME_WAIT. > >The server however has the connection still in ESTABLISHED state. > > Well, syncookies allow the ack of the 3WHS to establish a connection. > Just a quick look at your tcpdump shows that since you aren't sending any > data you are not advancing the sequence number. As a result, it looks > like one of the ACKs the client sends during connection shutdown may > actually be causing the server to re-establish the connection. Ah - that makes sense. > You might want to file a PR with exact instructions (and code) that'll > easily reproduce this so that it can be solved at some point in the > future. I don't have time to look into it now, although I'd be happy to > code review a fix! Thank you - I will file a PR. -- B.Walter <bernd@bwct.de> http://www.bwct.de Modbus/TCP Ethernet I/O Baugruppen, ARM basierte FreeBSD Rechner uvm.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080801115007.GA76575>