From owner-freebsd-net@FreeBSD.ORG Mon Dec 13 10:38:14 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DB39816A4CE for ; Mon, 13 Dec 2004 10:38:14 +0000 (GMT) Received: from able.com.ua (able.com.ua [80.91.162.66]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4302E43D4C for ; Mon, 13 Dec 2004 10:38:14 +0000 (GMT) (envelope-from don_oles@able.com.ua) Received: from localhost (localhost [127.0.0.1]) by able.com.ua (Postfix) with SMTP id AB08B44AC3 for ; Mon, 13 Dec 2004 12:38:06 +0200 (EET) Received: from ohnatkevych.kiev.ua.alfabank (unknown [80.91.172.226]) (using TLSv1 with cipher DES-CBC3-SHA (168/168 bits)) (No client certificate requested) by able.com.ua (Postfix) with ESMTP id 8F11544ABB for ; Mon, 13 Dec 2004 12:38:05 +0200 (EET) Date: Mon, 13 Dec 2004 12:38:25 +0200 From: Oles Hnatkevych X-Mailer: The Bat! (v1.60) X-Priority: 3 (Normal) Message-ID: <884019296.20041213123825@able.com.ua> To: freebsd-net@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subject: TCP ECN X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Oles Hnatkevych List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Dec 2004 10:38:15 -0000 Hello dear All. I have a very strange FreeBSD box. It was 4.6, now it runs currently 4.11 - prerelease, cvsupped yesterday, on sunday. However the problem persists. The problem is that TCP connections to this BOX with SYN+ENC bits can not be established. There's another Linux box, that can not send mail to FreeBSD box. tcpdump shows the following: 12:12:21.960831 212.82.218.243.4349 > 212.109.60.114.25: SE 855427262:855427262(0) win 5840 (DF) 12:12:24.960902 212.82.218.243.4349 > 212.109.60.114.25: SE 855427262:855427262(0) win 5840 (DF) 12:12:30.957610 212.82.218.243.4349 > 212.109.60.114.25: SE 855427262:855427262(0) win 5840 (DF) 12:12:42.957429 212.82.218.243.4349 > 212.109.60.114.25: SE 855427262:855427262(0) win 5840 (DF) 12:13:06.955415 212.82.218.243.4349 > 212.109.60.114.25: SE 855427262:855427262(0) win 5840 (DF) ... and timeout. Yet again, when remote administator uses telnet to connect to port 25, everything goes as needed. 12:13:13.787333 212.82.218.243.50686 > 212.109.60.114.25: S 1250984054:1250984054(0) win 65535 (DF) 12:13:13.823640 212.109.60.114.25 > 212.82.218.243.50686: S 1362670573:1362670573(0) ack 1250984055 win 57344 (DF) 12:13:16.775253 212.82.218.243.50686 > 212.109.60.114.25: S 1250984054:1250984054(0) win 65535 (DF) 12:13:16.813864 212.109.60.114.25 > 212.82.218.243.50686: S 1362670573:1362670573(0) ack 1250984055 win 57344 (DF) I have another FreeBSD boxes, they work properly in both cases, so this is really an exceptional OS/kernel installation. I hardly believe it is IPFW problem: the rule is allow tcp from any to 212.109.60.114 25 in recv ${oif} What the problem can be????? -- Oles mailto:don_oles@able.com.ua