From owner-freebsd-net@FreeBSD.ORG  Mon Oct  5 08:51:11 2009
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Delivered-To: net@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 925A2106566B
	for <net@freebsd.org>; Mon,  5 Oct 2009 08:51:11 +0000 (UTC)
	(envelope-from andre@freebsd.org)
Received: from c00l3r.networx.ch (c00l3r.networx.ch [62.48.2.2])
	by mx1.freebsd.org (Postfix) with ESMTP id 074F28FC1D
	for <net@freebsd.org>; Mon,  5 Oct 2009 08:51:10 +0000 (UTC)
Received: (qmail 20015 invoked from network); 5 Oct 2009 07:52:26 -0000
Received: from localhost (HELO [127.0.0.1]) ([127.0.0.1])
	(envelope-sender <andre@freebsd.org>)
	by c00l3r.networx.ch (qmail-ldap-1.03) with SMTP
	for <oberman@es.net>; 5 Oct 2009 07:52:26 -0000
Message-ID: <4AC9AD41.2070200@freebsd.org>
Date: Mon, 05 Oct 2009 10:24:33 +0200
From: Andre Oppermann <andre@freebsd.org>
User-Agent: Thunderbird 1.5.0.14 (Windows/20071210)
MIME-Version: 1.0
To: Kevin Oberman <oberman@es.net>
References: <20091002231826.066291CC0E@ptavv.es.net>
In-Reply-To: <20091002231826.066291CC0E@ptavv.es.net>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: net@freebsd.org
Subject: Re: Unusual TCP options can cause FreeBSD to issue a reset
X-BeenThere: freebsd-net@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Networking and TCP/IP with FreeBSD <freebsd-net.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-net>
List-Post: <mailto:freebsd-net@freebsd.org>
List-Help: <mailto:freebsd-net-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-net>,
	<mailto:freebsd-net-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Oct 2009 08:51:11 -0000

Kevin Oberman wrote:
> I have a system that is unable to connect to a FreeBSD system due to
> the odd formatting of the TCP options. The options contains only the
> timestamp which, if recommendations in RFC1323 are followed, are
> preceded by two NOP bytes to put the timestamp values on 4 byte
> boundaries.
> 
> This system sends the 12 byte timestamp option alone, followed by two
> zero bytes to pad it. This meets the requirements of RFC793 and 1323 is
> explicit that stacks must accept this, even though it results in
> sub-optimal performance and does not meet the recommendations in 1323
> appendix A.

Just this alone should not cause a reset from FreeBSD.

> Any idea if this is hard to fix? I see in on both 7.2 and 8.0.

Can you post a detailed tcpdump of a failing connect?  And please enable
net.inet.tcp.log_debug which should give a better explanation on why
FreeBSD thinks the connection is bad.

-- 
Andre