Date: Mon, 01 Feb 2021 20:28:02 +0000 From: bugzilla-noreply@freebsd.org To: net@FreeBSD.org Subject: [Bug 253096] TCP MD5 not supported with net.inet.tcp.functions_default=rack Message-ID: <bug-253096-7501-9zkdvDCmgI@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-253096-7501@https.bugs.freebsd.org/bugzilla/> References: <bug-253096-7501@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D253096 Marek Zarychta <zarychtam@plan-b.pwste.edu.pl> changed: What |Removed |Added ---------------------------------------------------------------------------- Summary|TCP MD5 regression on |TCP MD5 not supported with |STABLE/13 |net.inet.tcp.functions_defa | |ult=3Drack --- Comment #3 from Marek Zarychta <zarychtam@plan-b.pwste.edu.pl> --- The setting net.inet.tcp.functions_default=3Drack was the culprit. Probably= TCP RACK is not supposed to support TCP MD5 and this bug has to be closed, but = let people from the project decide and give some feedback here. I have done more tests with the most recent stable{12,13} and it looks like that with net.inet.tcp.functions_default=3Dfreebsd TCP MD5 signatures are supported fine. I have tried to revert this setting to default prior to reporting this as a bug but it not always worked. I am sorry for the noise on Bugzilla and freebsd-net@ mailing list, but in initial tests disabling RACK wasn't sufficient to get TCP MD5 working (prob= ably due to accidentally flushing IPsec rules in the meantime), so I took some ad-hoc steps to repair it quickly, disabling some devices, reverting sysclt= s to default values etc. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-253096-7501-9zkdvDCmgI>