From owner-freebsd-net@FreeBSD.ORG Sat Nov 8 15:25:32 2003 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EC61E16A4CE for ; Sat, 8 Nov 2003 15:25:32 -0800 (PST) Received: from gw.catspoiler.org (217-ip-163.nccn.net [209.79.217.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2A30043FBF for ; Sat, 8 Nov 2003 15:25:32 -0800 (PST) (envelope-from truckman@FreeBSD.org) Received: from FreeBSD.org (mousie.catspoiler.org [192.168.101.2]) by gw.catspoiler.org (8.12.9p2/8.12.9) with ESMTP id hA8NPIeF062364; Sat, 8 Nov 2003 15:25:25 -0800 (PST) (envelope-from truckman@FreeBSD.org) Message-Id: <200311082325.hA8NPIeF062364@gw.catspoiler.org> Date: Sat, 8 Nov 2003 15:25:18 -0800 (PST) From: Don Lewis To: jamnt@knology.net In-Reply-To: <3FAD6103.1010407@knology.net> MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii cc: freebsd-net@FreeBSD.org Subject: Re: problems caused by net.inet.tcp.blackhole=2 X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Nov 2003 23:25:33 -0000 On 8 Nov, Michal wrote: > Hello, > maybe someone will be able to help me with the problem. Namely setting > net.inet.tcp.blackhole=2 make samba to start very slow (90sec). Also > smbclient is slow. After samba starts there is no delay to connect from > the another machine with persistant local problems (smbclient). > Additionally the sysctl setting has veird impact on mozilla: trying to > write to web forms causes freezing of mozilla. Now setting > net.inet.tcp.blackhole=0 reverts all the problemsr: samba starts fast > and no problems with writing to the web forms. > my system: > FreeBSD 5.1-CURRENT #0: Thu Oct 30 17:49:13 EST 2003 > ports updated 11-08-03 > > I appreciate any suggestions I looked at a similar problem that someone was having a while back. It appears that the problem is that this sysctl setting is suppressing the sending of TCP RST packets which are needed to tear down dead connections, and if one end of the connection thinks the connection is still established, it is not possible to create a new connection between the hosts that reuses the same addresses and ports as the old connection. Since the whole point of net.inet.tcp.blackhole=2 is to block the RST packets that could allow the host to be scanned, I suspect you are stuck.