Date: Sun, 14 Feb 2021 17:45:54 +0000 From: bugzilla-noreply@freebsd.org To: ipfw@FreeBSD.org Subject: [Bug 253476] ipfw keepalive: tcp_do_segment: Timestamp missing, segment silently dropped Message-ID: <bug-253476-8303-9X6jVAGl0w@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-253476-8303@https.bugs.freebsd.org/bugzilla/> References: <bug-253476-8303@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D253476 --- Comment #7 from Michael Tuexen <tuexen@freebsd.org> --- (In reply to Helge Oldach from comment #6) > Indeed a proper fix would be in ipfw - but that is our code as well, and = it > looks like a major effort while tweaking TSopt slightly seems more straig= htforward. OK. We agree that there this is a bug in ipfw. Why not use in ipfw a timeout which is in tune with standard keepalive timeout. Then there is no need for ipfw to send out packets pretending that a peer is still alive... > The essence of this bug report is that D27148 broke working setups. > Maybe tolerate_missing_ts=3D1 should be a sensible default? D27148 breaks setups with broken peers or with middleboxes transforming non-broken peers into broken peers. D27148 just uncovers bug in ipfw which = has been there for a longer time. In my personal view, having a sysctl you have= to tweak if you want to communicate with broken peers is fine. You seem to hav= e a different opinion. I can bring this up at the next bi-weekly transport telco and see what othe= rs think. --=20 You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-253476-8303-9X6jVAGl0w>