From owner-freebsd-net@FreeBSD.ORG Mon Aug 24 14:57:48 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EBE56106568C for ; Mon, 24 Aug 2009 14:57:48 +0000 (UTC) (envelope-from ndenev@gmail.com) Received: from mail-fx0-f210.google.com (mail-fx0-f210.google.com [209.85.220.210]) by mx1.freebsd.org (Postfix) with ESMTP id 4524A8FC14 for ; Mon, 24 Aug 2009 14:57:47 +0000 (UTC) Received: by fxm6 with SMTP id 6so1402904fxm.43 for ; Mon, 24 Aug 2009 07:57:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:from:to :content-type:content-transfer-encoding:mime-version:subject:date :x-pgp-agent:x-mailer; bh=kA69w1M3XkbFhNjUAgW+3tg6nyRVAWMaJ9WUqkOOIHw=; b=rlPuCUX7XJ3j6VdXtgi53djNHwb9LDxGDqtw6fIYqcoM2OgkPV3kg5iXm5+kHO7Rc5 XvP+j2qvPuUHu7CAvSFu9vZe43NXj16t83pPUHW3opO3/AhYYwCDl2SIhQ0GttRndH7C 2G6hPKNoPeJnfa5LIioutGIvN6PM8Oi3Qj2uU= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:from:to:content-type:content-transfer-encoding :mime-version:subject:date:x-pgp-agent:x-mailer; b=xMy3XuHS4gCh+tJ0t3CEygOfzTZOGYHBxHev+e0zOtQWDAefrN/reOn65kJ5V3E5u5 Q7cfyNmyPWXWtbPWG2NAIMaPftUzJO5y2dEgCZPpdfU4PrZ8hwQ7b6X0Qjxgts2HZjTw sqW2lYgvDVB+GXR3bYSLaj/kxW6iWU6jP2cFQ= Received: by 10.103.184.18 with SMTP id l18mr1961030mup.51.1251124572562; Mon, 24 Aug 2009 07:36:12 -0700 (PDT) Received: from ndenev.cmotd.com (blah.sun-fish.com [217.18.249.150]) by mx.google.com with ESMTPS id 7sm22480492mup.54.2009.08.24.07.36.11 (version=TLSv1/SSLv3 cipher=RC4-MD5); Mon, 24 Aug 2009 07:36:12 -0700 (PDT) Message-Id: <6C253DEA-0C34-4109-9D45-3DE1750DB1BE@gmail.com> From: Nikolay Denev To: freebsd-net@freebsd.org Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Apple Message framework v936) Date: Mon, 24 Aug 2009 17:36:08 +0300 X-Pgp-Agent: GPGMail d55 (v55, Leopard) X-Mailer: Apple Mail (2.936) Subject: 7.2 sends broken TCP retransmits while in half-closed state? X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Aug 2009 14:57:49 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, Today while I was diagnosing a FTP problem which turned out to be EPSV =20= issue I found some very interesting things in the tcpdumps. =46rom what I understand from the trace, after a few retransmits, the =20= client side sends FIN/ACK to close the connection, and receives ACK. But while waiting for the remote side to send it's FIN/ACK to be =20 ACK'ed, it continues to send the retransmits that it did before the first FIN/ACK, but they =20= are now truncated. Here is the exported trace from Wireshark. I can also send it in =20 tcpdump output format if someone prefers it. 10.10.0.10 is the client IP. 10.20.0.20 is the server IP. Look for the "Destination Unreachable" messages generated by the =20 broken retransmits. Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 65073 (65073), Dst Port: ftp =20= (21), Seq: 47, Ack: 248, Len: 0 No. Time Source Destination =20 Protocol Info 23 11.930506 10.10.0.10 10.20.0.20 FTP =20 Request: EPSV Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 65073 (65073), Dst Port: ftp =20= (21), Seq: 47, Ack: 248, Len: 6 File Transfer Protocol (FTP) No. Time Source Destination =20 Protocol Info 24 11.987691 10.20.0.20 10.10.0.10 FTP =20 Response: 229 Entering Extended Passive Mode (|||59364|) Internet Protocol, Src: 10.20.0.20 (10.20.0.20), Dst: 10.10.0.10 =20 (10.10.0.10) Transmission Control Protocol, Src Port: ftp (21), Dst Port: 65073 =20 (65073), Seq: 248, Ack: 53, Len: 48 File Transfer Protocol (FTP) No. Time Source Destination =20 Protocol Info 25 11.987770 10.10.0.10 10.20.0.20 TCP =20 62552 > 59364 [SYN] Seq=3D0 Win=3D65535 Len=3D0 MSS=3D1460 WS=3D3 = TSV=3D2276550531 =20 TSER=3D0 Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 62552 (62552), Dst Port: =20 59364 (59364), Seq: 0, Len: 0 No. Time Source Destination =20 Protocol Info 26 12.087485 10.10.0.10 10.20.0.20 TCP =20 65073 > ftp [ACK] Seq=3D53 Ack=3D296 Win=3D66608 Len=3D0 TSV=3D2276550631 = =20 TSER=3D3200765949 Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 65073 (65073), Dst Port: ftp =20= (21), Seq: 53, Ack: 296, Len: 0 No. Time Source Destination =20 Protocol Info 27 14.987564 10.10.0.10 10.20.0.20 TCP =20 62552 > 59364 [SYN] Seq=3D0 Win=3D65535 Len=3D0 MSS=3D1460 WS=3D3 = TSV=3D2276553531 =20 TSER=3D0 Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 62552 (62552), Dst Port: =20 59364 (59364), Seq: 0, Len: 0 No. Time Source Destination =20 Protocol Info 28 18.187647 10.10.0.10 10.20.0.20 TCP =20 62552 > 59364 [SYN] Seq=3D0 Win=3D65535 Len=3D0 MSS=3D1460 WS=3D3 = TSV=3D2276556731 =20 TSER=3D0 Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 62552 (62552), Dst Port: =20 59364 (59364), Seq: 0, Len: 0 No. Time Source Destination =20 Protocol Info 29 21.387724 10.10.0.10 10.20.0.20 TCP =20 62552 > 59364 [SYN] Seq=3D0 Win=3D65535 Len=3D0 MSS=3D1460 Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 62552 (62552), Dst Port: =20 59364 (59364), Seq: 0, Len: 0 No. Time Source Destination =20 Protocol Info 30 24.587802 10.10.0.10 10.20.0.20 TCP =20 62552 > 59364 [SYN] Seq=3D0 Win=3D65535 Len=3D0 MSS=3D1460 Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 62552 (62552), Dst Port: =20 59364 (59364), Seq: 0, Len: 0 No. Time Source Destination =20 Protocol Info 31 27.787885 10.10.0.10 10.20.0.20 TCP =20 62552 > 59364 [SYN] Seq=3D0 Win=3D65535 Len=3D0 MSS=3D1460 Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 62552 (62552), Dst Port: =20 59364 (59364), Seq: 0, Len: 0 No. Time Source Destination =20 Protocol Info 32 33.988042 10.10.0.10 10.20.0.20 TCP =20 62552 > 59364 [SYN] Seq=3D0 Win=3D65535 Len=3D0 MSS=3D1460 Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 62552 (62552), Dst Port: =20 59364 (59364), Seq: 0, Len: 0 No. Time Source Destination =20 Protocol Info 33 46.188343 10.10.0.10 10.20.0.20 TCP =20 62552 > 59364 [SYN] Seq=3D0 Win=3D65535 Len=3D0 MSS=3D1460 Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 62552 (62552), Dst Port: =20 59364 (59364), Seq: 0, Len: 0 No. Time Source Destination =20 Protocol Info 34 70.388952 10.10.0.10 10.20.0.20 TCP =20 62552 > 59364 [SYN] Seq=3D0 Win=3D65535 Len=3D0 MSS=3D1460 Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 62552 (62552), Dst Port: =20 59364 (59364), Seq: 0, Len: 0 No. Time Source Destination =20 Protocol Info 35 86.989453 10.10.0.10 10.20.0.20 FTP =20 Request: EPRT |1|10.10.0.10|49610| Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 65073 (65073), Dst Port: ftp =20= (21), Seq: 53, Ack: 296, Len: 31 File Transfer Protocol (FTP) No. Time Source Destination =20 Protocol Info 36 87.287370 10.10.0.10 10.20.0.20 FTP =20 [TCP Retransmission] Request: EPRT |1|10.10.0.10|49610| Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 65073 (65073), Dst Port: ftp =20= (21), Seq: 53, Ack: 296, Len: 31 File Transfer Protocol (FTP) No. Time Source Destination =20 Protocol Info 37 87.683379 10.10.0.10 10.20.0.20 FTP =20 [TCP Retransmission] Request: EPRT |1|10.10.0.10|49610| Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 65073 (65073), Dst Port: ftp =20= (21), Seq: 53, Ack: 296, Len: 31 File Transfer Protocol (FTP) No. Time Source Destination =20 Protocol Info 38 88.275395 10.10.0.10 10.20.0.20 FTP =20 [TCP Retransmission] Request: EPRT |1|10.10.0.10|49610| Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 65073 (65073), Dst Port: ftp =20= (21), Seq: 53, Ack: 296, Len: 31 File Transfer Protocol (FTP) No. Time Source Destination =20 Protocol Info 39 89.259423 10.10.0.10 10.20.0.20 FTP =20 [TCP Retransmission] Request: EPRT |1|10.10.0.10|49610| Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 65073 (65073), Dst Port: ftp =20= (21), Seq: 53, Ack: 296, Len: 31 File Transfer Protocol (FTP) No. Time Source Destination =20 Protocol Info 40 91.027467 10.10.0.10 10.20.0.20 FTP =20 [TCP Retransmission] Request: EPRT |1|10.10.0.10|49610| Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 65073 (65073), Dst Port: ftp =20= (21), Seq: 53, Ack: 296, Len: 31 File Transfer Protocol (FTP) No. Time Source Destination =20 Protocol Info 41 92.859511 10.10.0.10 10.20.0.20 FTP =20 [TCP Retransmission] Request: EPRT |1|10.10.0.10|49610| Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 65073 (65073), Dst Port: ftp =20= (21), Seq: 53, Ack: 296, Len: 31 File Transfer Protocol (FTP) No. Time Source Destination =20 Protocol Info 42 96.323600 10.10.0.10 10.20.0.20 FTP =20 [TCP Retransmission] Request: EPRT |1|10.10.0.10|49610| Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 65073 (65073), Dst Port: ftp =20= (21), Seq: 53, Ack: 296, Len: 31 File Transfer Protocol (FTP) No. Time Source Destination =20 Protocol Info 43 103.051770 10.10.0.10 10.20.0.20 FTP =20 [TCP Retransmission] Request: EPRT |1|10.10.0.10|49610| Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 65073 (65073), Dst Port: ftp =20= (21), Seq: 53, Ack: 296, Len: 31 File Transfer Protocol (FTP) No. Time Source Destination =20 Protocol Info 44 116.308102 10.10.0.10 10.20.0.20 FTP =20 [TCP Retransmission] Request: EPRT |1|10.10.0.10|49610| Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 65073 (65073), Dst Port: ftp =20= (21), Seq: 53, Ack: 296, Len: 31 File Transfer Protocol (FTP) No. Time Source Destination =20 Protocol Info 45 142.620762 10.10.0.10 10.20.0.20 FTP =20 [TCP Retransmission] Request: EPRT |1|10.10.0.10|49610| Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 65073 (65073), Dst Port: ftp =20= (21), Seq: 53, Ack: 296, Len: 31 File Transfer Protocol (FTP) No. Time Source Destination =20 Protocol Info 46 146.991908 10.10.0.10 10.20.0.20 TCP =20 65073 > ftp [FIN, ACK] Seq=3D84 Ack=3D296 Win=3D66608 Len=3D0 = TSV=3D2276685532 =20 TSER=3D3200765949 Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 65073 (65073), Dst Port: ftp =20= (21), Seq: 84, Ack: 296, Len: 0 No. Time Source Destination =20 Protocol Info 47 147.049585 10.20.0.20 10.10.0.10 TCP ftp =20= > 65073 [ACK] Seq=3D296 Ack=3D65 Win=3D5792 Len=3D0 TSV=3D3200901032 =20= TSER=3D2276550631 SLE=3D72 SRE=3D73 Internet Protocol, Src: 10.20.0.20 (10.20.0.20), Dst: 10.10.0.10 =20 (10.10.0.10) Transmission Control Protocol, Src Port: ftp (21), Dst Port: 65073 =20 (65073), Seq: 296, Ack: 65, Len: 0 No. Time Source Destination =20 Protocol Info 48 211.050479 10.10.0.10 10.20.0.20 FTP =20 [TCP Retransmission] Request: 10.0.10|49610| Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 65073 (65073), Dst Port: ftp =20= (21), Seq: 65, Ack: 296, Len: 19 File Transfer Protocol (FTP) No. Time Source Destination =20 Protocol Info 49 211.118136 10.20.0.20 10.10.0.10 ICMP =20 Destination unreachable (Host administratively prohibited) Internet Protocol, Src: 10.20.0.20 (10.20.0.20), Dst: 10.10.0.10 =20 (10.10.0.10) Internet Control Message Protocol No. Time Source Destination =20 Protocol Info 50 275.052084 10.10.0.10 10.20.0.20 FTP =20 [TCP Retransmission] Request: 10.0.10|49610| Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 65073 (65073), Dst Port: ftp =20= (21), Seq: 65, Ack: 296, Len: 19 File Transfer Protocol (FTP) No. Time Source Destination =20 Protocol Info 51 275.105225 10.20.0.20 10.10.0.10 ICMP =20 Destination unreachable (Host administratively prohibited) Internet Protocol, Src: 10.20.0.20 (10.20.0.20), Dst: 10.10.0.10 =20 (10.10.0.10) Internet Control Message Protocol No. Time Source Destination =20 Protocol Info 52 299.988028 10.20.0.20 10.10.0.10 FTP =20 Response: 421 No Transfer Timeout (300 seconds): closing control =20 connection. Internet Protocol, Src: 10.20.0.20 (10.20.0.20), Dst: 10.10.0.10 =20 (10.10.0.10) Transmission Control Protocol, Src Port: ftp (21), Dst Port: 65073 =20 (65073), Seq: 296, Ack: 65, Len: 68 File Transfer Protocol (FTP) No. Time Source Destination =20 Protocol Info 53 299.988051 10.10.0.10 10.20.0.20 TCP =20 65073 > ftp [RST] Seq=3D65 Win=3D0 Len=3D0 Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 65073 (65073), Dst Port: ftp =20= (21), Seq: 65, Len: 0 No. Time Source Destination =20 Protocol Info 54 299.988053 10.20.0.20 10.10.0.10 TCP ftp =20= > 65073 [FIN, ACK] Seq=3D364 Ack=3D65 Win=3D5792 Len=3D0 TSV=3D3201053996= =20 TSER=3D2276550631 SLE=3D72 SRE=3D73 Internet Protocol, Src: 10.20.0.20 (10.20.0.20), Dst: 10.10.0.10 =20 (10.10.0.10) Transmission Control Protocol, Src Port: ftp (21), Dst Port: 65073 =20 (65073), Seq: 364, Ack: 65, Len: 0 No. Time Source Destination =20 Protocol Info 55 299.988060 10.10.0.10 10.20.0.20 TCP =20 65073 > ftp [RST] Seq=3D65 Win=3D0 Len=3D0 Internet Protocol, Src: 10.10.0.10 (10.10.0.10), Dst: 10.20.0.20 =20 (10.20.0.20) Transmission Control Protocol, Src Port: 65073 (65073), Dst Port: ftp =20= (21), Seq: 65, Len: 0 No. Time Source Destination =20 Protocol Info 56 300.041497 10.20.0.20 10.10.0.10 ICMP =20 Destination unreachable (Host administratively prohibited) - -- Regards, Nikolay Denev -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (Darwin) iEYEARECAAYFAkqSpVgACgkQHNAJ/fLbfrmTHwCfUcgiwrc1VsWB3Om627VDqTx9 bzwAoJrlsZCOqiZ99QWHoGkvSYpuDbmr =3D0VLB -----END PGP SIGNATURE-----