From owner-freebsd-net@FreeBSD.ORG  Thu Jan 24 12:52:55 2008
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: freebsd-net@FreeBSD.ORG
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 9675116A417
	for <freebsd-net@FreeBSD.ORG>; Thu, 24 Jan 2008 12:52:55 +0000 (UTC)
	(envelope-from andre@freebsd.org)
Received: from c00l3r.networx.ch (c00l3r.networx.ch [62.48.2.2])
	by mx1.freebsd.org (Postfix) with ESMTP id 0BB9913C447
	for <freebsd-net@FreeBSD.ORG>; Thu, 24 Jan 2008 12:52:54 +0000 (UTC)
	(envelope-from andre@freebsd.org)
Received: (qmail 126 invoked from network); 24 Jan 2008 12:14:08 -0000
Received: from localhost (HELO [127.0.0.1]) ([127.0.0.1])
	(envelope-sender <andre@freebsd.org>)
	by c00l3r.networx.ch (qmail-ldap-1.03) with SMTP
	for <maxim@macomnet.ru>; 24 Jan 2008 12:14:08 -0000
Message-ID: <47988A2A.5010506@freebsd.org>
Date: Thu, 24 Jan 2008 13:52:58 +0100
From: Andre Oppermann <andre@freebsd.org>
User-Agent: Thunderbird 1.5.0.14 (Windows/20071210)
MIME-Version: 1.0
To: Maxim Konovalov <maxim@macomnet.ru>
References: <200711200656.lAK6u4bc021279@repoman.freebsd.org>
	<4797B77E.2090605@freebsd.org>
	<20080124005006.D93697@odysseus.silby.com>
	<47986F27.10401@freebsd.org>
	<20080124145713.K15031@mp2.macomnet.net>
In-Reply-To: <20080124145713.K15031@mp2.macomnet.net>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: freebsd-net@FreeBSD.ORG
Subject: Re: cvs commit: src/sys/netinet tcp_syncache.c
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 24 Jan 2008 12:52:55 -0000

Maxim Konovalov wrote:
> [...]
>>> I'm not generally opposed to security improvements that only affect edge
>>> cases... but being unable to connect is not an edge case!
>> Fully agreed.  I'll reopen the PR and follow up with the originator
>> to do some further analysis.  All operating system he cites that were
>> unable to connect correctly send timestamps and do not stop after
>> the SYN phase.  So there must be something else at play here.  Have
>> you received or heart of any *other* reports that may be related to
>> the timestamp check?
>>
> I saw this with my adsl router.  Happy to test patches.

Please provide a tcpdump of a connection that failed before.  It'll
show the problem even though it doesn't cause an abort.  Was the
problem you saw with communication through the adsl router, or when
you connected to the adsl router itself (configuration menu, etc)?

[Reducing CC list]

-- 
Andre