From owner-freebsd-current@freebsd.org Fri Feb 12 20:07:03 2016 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 79553AA766E; Fri, 12 Feb 2016 20:07:03 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from venus.codepro.be (venus.codepro.be [IPv6:2a01:4f8:162:1127::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.codepro.be", Issuer "Gandi Standard SSL CA 2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 402DBC6D; Fri, 12 Feb 2016 20:07:03 +0000 (UTC) (envelope-from kp@FreeBSD.org) Received: from [IPv6:2a02:1811:2419:4e02:4d21:542c:d7c9:cf3f] (unknown [IPv6:2a02:1811:2419:4e02:4d21:542c:d7c9:cf3f]) by venus.codepro.be (Postfix) with ESMTPSA id C3FF0C951; Fri, 12 Feb 2016 21:06:58 +0100 (CET) Subject: Re: IPV6 TCP6 Slow Connect Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3120\)) Content-Type: text/plain; charset=utf-8 From: Kristof Provost X-Checked-By-Nsa: Probably In-Reply-To: <7d399dddcde79d950e0817acddcbcfc1@thebighonker.lerctr.org> Date: Fri, 12 Feb 2016 21:07:10 +0100 Cc: Freebsd current , owner-freebsd-current@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: References: <8ca0068954b5cb25891c3324b2e8c863@thebighonker.lerctr.org> <20160211101449.GI19084@vega.codepro.be> <88197BB9-F03F-48BB-97DC-9BAAA2FA299F@FreeBSD.org> <125b65d56d310c0436ceb8047d1d0417@thebighonker.lerctr.org> <563b81912fc2de4670be51a832467ba9@thebighonker.lerctr.org> <06d72e0d3ae9f20bea04af39dba74847@thebighonker.lerctr.org> <33469a0ef87e3299819248f153d842d2@thebighonker.lerctr.org> <3df20fcac20d532ef77bf63ea2e042cb@thebighonker.lerctr.org> <7d399dddcde79d950e0817acddcbcfc1@thebighonker.lerctr.org> To: Larry Rosenman X-Mailer: Apple Mail (2.3120) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 Feb 2016 20:07:03 -0000 > On 12 Feb 2016, at 15:33, Larry Rosenman wrote: >=20 > On 2016-02-12 08:31, Kristof Provost wrote: >>> On 12 Feb 2016, at 15:29, Larry Rosenman wrote: >>> On 2016-02-12 08:13, Larry Rosenman wrote: >>>> sysctl net.inet.tcp.rfc1323=3D0 >>>> makes it work >>> Shouldn't the stack do the right thing here? For the record, the = other side >>> is also FreeBSD (10.2-STABLE). >> Yes, but it=E2=80=99s possible that there=E2=80=99s a problem with = the pf scrubbing of >> the window scaling or timestamp options. >> I have a vague recollection of having looked at that in the past. >> Bug 172648 also claims there is/was an issue with checksums in that >> case, but I=E2=80=99ve never been able to reproduce it. >> Regards, >> Kristof > Ok. Since I can reproduce this at will, and the 2 firewalls are = pfSense, how can I help? I=E2=80=99ll still need to reproduce it locally to fix it, but it might = be interesting to know if the packet is dropped by the router, or sent = out again with an incorrect checksum. Can you take a capture on the WAN interface and see if the TCP SYN makes = it out (if it does, I=E2=80=99d expect the checksum to be wrong) or not? Regards, Kristof=