Date: Sat, 7 Feb 2015 15:05:43 +0100 From: Simone Lombardo <evil.lombo@gmail.com> To: freebsd-questions@freebsd.org Subject: HTTPS/TLS issue on a NDIS wrapped NIC Message-ID: <CALnnSEivExhv=v5jJ3xxFmJANCQs9Y%2BB7LFyEPeA1wtjk1zJwA@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hi, I am currently facing an issue and I don't know how to investigate and address it. I am currently using the release FreeBSD 10.1 on a laptop having a RTL8188CE chipset as wireless chipset. Native driver is not avaiable so I am using the NDIS 5.1 driver via the NDIS wrapper. The wrapper is working fine for most application protocols, except when using HTTPS/TLS on browsers. In this case, the following situations arise: - Sistematically, HTTPS/TLS communication near immediately fails when trying to upload a binary file (e.g. an image on a image hosting site). Monitoring via tcpdump/wireshark shows encrypted alerts (21) and the connection is reset by the remote peer. Since the first point is recurring, I am going to setup a test web server in order to decrypt the payload and read the encrypted alert. - Randomly, HTTPS/TLS communication enter in a retrasmission loop, stalling all other HTTPS/TLS connections. Monitor via tcpdump/wireshark shows high density of duplicate ACKs and after a while the TCP stack initiate a retransmission keeping the connection stalled until the remote host does not reset the connection and the buffers are flushed. The issue is not present when using an usb wireless dongle or the bundled wired card where native driver is avaiable, so it seems specific to ndis wrapper, though I have no other wireless cards to try atm. Tried to tune tcp settings via sysctl, but I have not gain results yet. Any indications or hints on where I should look to discover the origin of the issue (especially for the second point), is greatly appreciated. Best regards, Simone
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CALnnSEivExhv=v5jJ3xxFmJANCQs9Y%2BB7LFyEPeA1wtjk1zJwA>