Date: Mon, 01 Feb 2021 20:28:02 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 253096] TCP MD5 not supported with net.inet.tcp.functions_default=rack Message-ID: <bug-253096-7501-9zkdvDCmgI@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-253096-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-253096-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=253096 Marek Zarychta <zarychtam@plan-b.pwste.edu.pl> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|TCP MD5 regression on |TCP MD5 not supported with |STABLE/13 |net.inet.tcp.functions_defa | |ult=rack --- Comment #3 from Marek Zarychta <zarychtam@plan-b.pwste.edu.pl> --- The setting net.inet.tcp.functions_default=rack was the culprit. Probably TCP RACK is not supposed to support TCP MD5 and this bug has to be closed, but let people from the project decide and give some feedback here. I have done more tests with the most recent stable{12,13} and it looks like that with net.inet.tcp.functions_default=freebsd TCP MD5 signatures are supported fine. I have tried to revert this setting to default prior to reporting this as a bug but it not always worked. I am sorry for the noise on Bugzilla and freebsd-net@ mailing list, but in initial tests disabling RACK wasn't sufficient to get TCP MD5 working (probably due to accidentally flushing IPsec rules in the meantime), so I took some ad-hoc steps to repair it quickly, disabling some devices, reverting sysclts to default values etc. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-253096-7501-9zkdvDCmgI>