From owner-freebsd-bugs  Sat Nov  2 17:48:33 1996
Return-Path: owner-bugs
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id RAA12344
          for bugs-outgoing; Sat, 2 Nov 1996 17:48:33 -0800 (PST)
Received: from root.com (implode.root.com [198.145.90.17])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id RAA12332
          for <freebsd-bugs@freebsd.org>; Sat, 2 Nov 1996 17:48:25 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by root.com (8.7.6/8.6.5) with SMTP id RAA23310; Sat, 2 Nov 1996 17:47:11 -0800 (PST)
Message-Id: <199611030147.RAA23310@root.com>
X-Authentication-Warning: implode.root.com: Host localhost [127.0.0.1] didn't use HELO protocol
To: kent@lono.nosc.mil (Kent K. Kuriyama)
cc: freebsd-bugs@freebsd.org, u651rc@emh.cpf.navy.mil,
        kobash@lono.nosc.mil (Sidney H. Kobashigawa)
Subject: Re: Illegal options in TCP header? 
In-reply-to: Your message of "Sat, 02 Nov 1996 15:23:06 -1000."
             <9611030123.AA16199@lono.nosc.mil> 
From: David Greenman <dg@root.com>
Reply-To: dg@root.com
Date: Sat, 02 Nov 1996 17:47:11 -0800
Sender: owner-bugs@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

>I am running FreeBSD version 2.1.0.
>
>I believe that FreeBSD is inserting illegal options in the TCP header
>packets which it sends out during the session negotiation phase.
>Shown below is a sniffer trace of the packets sent out by the
>FreeBSD box to 198.22.146.10.  Notice that it sends an unknown option
>3 on the TCP header.
>
>This causes the host at 198.22.146.10 to refuse the connection (frame
>2).  Now granted the host at 198.22.146.10 (system type unknown) is
>the first one that refuses a connection from our FreeBSD's systems
>but the sniffer trace also indicates that the FreeBSD system is sending
>TCP headers with illegal options.  I believe that 1 is the only valid
>option defined.

   Conforming TCP stacks are supposed to ignore options they don't understand.
There are far more than just one valid option defined. Here are a few of them:

#define TCPOPT_EOL              0
#define TCPOPT_NOP              1
#define TCPOPT_MAXSEG           2
#define TCPOPT_WINDOW           3
#define TCPOPT_SACK_PERMITTED   4               /* Experimental */
#define TCPOPT_SACK             5               /* Experimental */
#define TCPOPT_TIMESTAMP        8
#define    TCPOLEN_TIMESTAMP            10

   You may wish to try:

sysctl -w net.inet.tcp.rfc1323=0
sysctl -w net.inet.tcp.rfc1644=0

   ...and see if this helps the problem.

-DG

David Greenman
Core-team/Principal Architect, The FreeBSD Project