Date: Sat, 7 Mar 2015 17:26:35 +0000 From: Rory Byrne <rory@nybek.com> To: freebsd-net@freebsd.org Subject: TCP aborted from state FIN_WAIT1 after empty 60 secs Message-ID: <20150307172635.GA4203@nybek.com>
next in thread | raw e-mail | index | archive | help
--gj572EiMnwbLXET9 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hello, I've been doing some cross-platform testing [1] and I noticed some unusual behaviour in the way FreeBSD handles TCP connections. Consider the following scenario: 1. A server writes a 20K payload to the socket send buffer and calls close() or shutdown(). 2. The client, who has a small socket receive buffer of 8K, sits idle rather than trying to read the payload off the stream. What usually happens on FreeBSD is that the server TCP aborts the connection after about 150 seconds. Specifically, if 60 seconds passes where no packets are transferred over the connection, the server TCP discards the socket send buffer and sends an RST to the client TCP; this usually happens about 150 seconds after the connection was established, but sometimes takes longer, and sometimes much longer (over 5 mins). None of the other platforms I have tested (NetBSD, OpenBSD, Linux, Illumos, Darwin, Cygwin and native Windows) abort the connection: they allow it to persist indefinitely (more than 30 minutes anyway). Assuming that I haven't messed up in my tests, I was wondering if this is a bug or an intentional anti-DOS protection mechanism. If it is the latter, is there a way to control the behaviour? I've attached a tcpdump trace and included some test code inline below. The client and server must be on different hosts: the TCP connection won't be aborted if you run it over lo0. Thanks, Rory [1] https://www.nybek.com/blog/2015/03/05/cross-platform-testing-of-so_linger/ --- client.c | 90 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ server.c | 101 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 191 insertions(+) create mode 100644 client.c create mode 100644 server.c diff --git a/client.c b/client.c new file mode 100644 index 0000000..e908289 --- /dev/null +++ b/client.c @@ -0,0 +1,90 @@ + +#include <ctype.h> +#include <errno.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> +#include <arpa/inet.h> +#include <netinet/in.h> +#include <sys/socket.h> + +#define PORT 7777 +#define RCVBUF_SIZE 8192 +#define READ_SIZE 512 + +void die(const char *where) +{ + perror(where); + exit(EXIT_FAILURE); +} + +void usage_exit(const char *prog_name, const char *err_msg) +{ + if (err_msg != NULL) + fprintf(stderr, "%s\n", err_msg); + fprintf(stderr, + "usage: %s ip-address\n" + " -h Print usage and exit.\n", + prog_name); + exit(EXIT_FAILURE); +} + +void set_socket_options(int fd) +{ + int r, val; + + val = RCVBUF_SIZE, + r = setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &val, sizeof(val)); + if (r == -1) + die("setting SO_RCVBUF"); +} + +int main(int argc, char *argv[]) +{ + int sockfd, total, n, r; + char buf[READ_SIZE]; + struct sockaddr_in servaddr; + + if (argc != 2 || strcmp("-h", argv[1]) == 0) + usage_exit(argv[0], NULL); + + memset(&servaddr, 0, sizeof(servaddr)); + servaddr.sin_family = AF_INET; + servaddr.sin_port = htons(PORT); + + r = inet_pton(AF_INET, argv[1], &servaddr.sin_addr.s_addr); + if (r != 1) { + fprintf(stderr, "failed at inet_pton()\n"); + exit(EXIT_FAILURE); + } + + sockfd = socket(AF_INET, SOCK_STREAM, 0); + if (sockfd == -1) + die("socket()"); + + set_socket_options(sockfd); + + r = connect(sockfd, (struct sockaddr *) &servaddr, sizeof(servaddr)); + if (r == -1) + die("connect()"); + + /* Prompt user before reading next 512 byte block */ + total = 0; + while ((n = read(sockfd, buf, READ_SIZE)) != 0) { + if (n == -1) + die("socket read()"); + total += n; + printf("RECV: %d (%d)\n", n, total); + + printf("Press RETURN to read next %d bytes: ", READ_SIZE); + while (getchar() != '\n') + ; + } + puts("End of input stream"); + + close(sockfd); + puts("Connection closed"); + + exit(EXIT_SUCCESS); +} diff --git a/server.c b/server.c new file mode 100644 index 0000000..ffdee85 --- /dev/null +++ b/server.c @@ -0,0 +1,101 @@ + +#include <ctype.h> +#include <errno.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> +#include <netinet/in.h> +#include <sys/socket.h> + +#define PORT 7777 +#define SNDBUF_SIZE (50 * 1024) +#define PAYLOAD_SIZE (20 * 1024) +#define BACKLOG 128 + +void die(const char *where) +{ + perror(where); + exit(EXIT_FAILURE); +} + +void get_payload(char *buf, int size) +{ + int i; + + for (i = 0; i < size; i++) { + buf[i] = '.'; + } +} + +void set_socket_options(int fd) +{ + int r, val; + + val = 1; + r = setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &val, sizeof(val)); + if (r == -1) + die("setting SO_REUSEADDR"); + + val = SNDBUF_SIZE, + r = setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &val, sizeof(val)); + if (r == -1) + die("setting SO_SNDBUF"); +} + +int main(void) +{ + int listenfd, connfd, r; + ssize_t n; + struct sockaddr_in servaddr; + char buf[PAYLOAD_SIZE]; + + memset(buf, 0, sizeof(buf)); + get_payload(buf, sizeof(buf)); + + listenfd = socket(AF_INET, SOCK_STREAM, 0); + if (listenfd == -1) + die("socket"); + + set_socket_options(listenfd); + + memset(&servaddr, 0, sizeof(servaddr)); + servaddr.sin_family = AF_INET; + servaddr.sin_addr.s_addr = htonl(INADDR_ANY); + servaddr.sin_port = htons(PORT); + + r = bind(listenfd, (struct sockaddr *) &servaddr, sizeof(servaddr)); + if (r == -1) + die("bind()"); + + r = listen(listenfd, BACKLOG); + if (r == -1) + die("listen()"); + + puts("-- waiting for client connection"); + connfd = accept(listenfd, (struct sockaddr *) NULL, NULL); + if (connfd == -1) + die("accept()"); + puts("-- client connected"); + + puts("-- closing listening socket"); + r = close(listenfd); + if (r == -1) + die("closing listenfd"); + + puts("-- writing payload"); + n = write(connfd, buf, sizeof(buf)); + if (n == -1) { + die("write()"); + } else if (n != sizeof(buf)) { + fprintf(stderr, "failed to write full buffer"); + exit(EXIT_FAILURE); + } + + puts("-- closing connected socket"); + r = close(connfd); + if (r == -1) + die("closing connfd"); + + exit(EXIT_SUCCESS); +} -- 1.7.10.4 --gj572EiMnwbLXET9 Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="freebsd-trace.txt" 16:34:06.606740 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [S], seq 3384095403, win 7300, options [mss 1460,sackOK,TS val 343707092 ecr 0,nop,wscale 0], length 0 16:34:06.606988 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [S.], seq 2436435063, ack 3384095404, win 65535, options [mss 1460,nop,wscale 6,sackOK,TS val 287206175 ecr 343707092], length 0 16:34:06.607018 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 1, win 7300, options [nop,nop,TS val 343707092 ecr 287206175], length 0 16:34:06.607446 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 1:1449, ack 1, win 1040, options [nop,nop,TS val 287206175 ecr 343707092], length 1448 16:34:06.607493 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 1449, win 5852, options [nop,nop,TS val 343707092 ecr 287206175], length 0 16:34:06.607738 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 1449:2897, ack 1, win 1040, options [nop,nop,TS val 287206175 ecr 343707092], length 1448 16:34:06.607754 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 2897, win 5852, options [nop,nop,TS val 343707092 ecr 287206175], length 0 16:34:06.607830 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 2897:4345, ack 1, win 1040, options [nop,nop,TS val 287206175 ecr 343707092], length 1448 16:34:06.607873 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 4345:5793, ack 1, win 1040, options [nop,nop,TS val 287206175 ecr 343707092], length 1448 16:34:06.607933 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 5793:7241, ack 1, win 1040, options [nop,nop,TS val 287206175 ecr 343707092], length 1448 16:34:06.608022 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 7241:8689, ack 1, win 1040, options [nop,nop,TS val 287206175 ecr 343707092], length 1448 16:34:06.645953 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8689, win 60, options [nop,nop,TS val 343707102 ecr 287206175], length 0 16:34:11.648081 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 8689:8749, ack 1, win 1040, options [nop,nop,TS val 287211216 ecr 343707102], length 60 16:34:11.648102 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8749, win 0, options [nop,nop,TS val 343708352 ecr 287211216], length 0 16:34:16.650443 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 8749:8750, ack 1, win 1040, options [nop,nop,TS val 287216218 ecr 343708352], length 1 16:34:16.650465 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8749, win 0, options [nop,nop,TS val 343709603 ecr 287216218], length 0 16:34:21.649606 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 8749:8750, ack 1, win 1040, options [nop,nop,TS val 287221218 ecr 343709603], length 1 16:34:21.649633 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8749, win 0, options [nop,nop,TS val 343710852 ecr 287221218], length 0 16:34:26.650323 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 8749:8750, ack 1, win 1040, options [nop,nop,TS val 287226218 ecr 343710852], length 1 16:34:26.650349 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8749, win 0, options [nop,nop,TS val 343712103 ecr 287226218], length 0 16:34:31.650237 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 8749:8750, ack 1, win 1040, options [nop,nop,TS val 287231218 ecr 343712103], length 1 16:34:31.650266 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8749, win 0, options [nop,nop,TS val 343713353 ecr 287231218], length 0 16:34:36.650198 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 8749:8750, ack 1, win 1040, options [nop,nop,TS val 287236218 ecr 343713353], length 1 16:34:36.650225 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8749, win 0, options [nop,nop,TS val 343714603 ecr 287236218], length 0 16:34:41.650129 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 8749:8750, ack 1, win 1040, options [nop,nop,TS val 287241218 ecr 343714603], length 1 16:34:41.650159 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8749, win 0, options [nop,nop,TS val 343715853 ecr 287241218], length 0 16:34:49.544400 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 8749:8750, ack 1, win 1040, options [nop,nop,TS val 287249113 ecr 343715853], length 1 16:34:49.544433 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8749, win 0, options [nop,nop,TS val 343717826 ecr 287249113], length 0 16:35:05.149862 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 8749:8750, ack 1, win 1040, options [nop,nop,TS val 287264718 ecr 343717826], length 1 16:35:05.149894 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8749, win 0, options [nop,nop,TS val 343721727 ecr 287264718], length 0 16:35:36.095041 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 8749:8750, ack 1, win 1040, options [nop,nop,TS val 287295664 ecr 343721727], length 1 16:35:36.095071 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8749, win 0, options [nop,nop,TS val 343729464 ecr 287295664], length 0 16:36:36.096976 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [R.], seq 8750, ack 1, win 1040, options [nop,nop,TS val 287355667 ecr 343729464], length 0 16:36:52.058384 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8749, win 1448, options [nop,nop,TS val 343748455 ecr 287295664], length 0 16:36:52.058632 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [R], seq 2436443812, win 0, length 0 --gj572EiMnwbLXET9--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150307172635.GA4203>