From owner-freebsd-questions@FreeBSD.ORG Sat Feb 7 16:29:39 2015 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 0F43C840 for ; Sat, 7 Feb 2015 16:29:39 +0000 (UTC) Received: from mail-ie0-f170.google.com (mail-ie0-f170.google.com [209.85.223.170]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id D2782A4D for ; Sat, 7 Feb 2015 16:29:38 +0000 (UTC) Received: by iecrd18 with SMTP id rd18so7993064iec.9 for ; Sat, 07 Feb 2015 08:29:32 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=v9HJzL7xtbc7OSxhWvgQL1qfxScZbrX67r0TbpENGqs=; b=JscfjguGVfCq+KaznWKG5tI6/xvBmzjT/LDSgCJlVgxw81MFjQYSmWxginTmP9EF/W j1uCGqSyPMLhBNqa1jKyY6MuZ57nH7zCiSJEgDuM9M2CKwrn4GzVh37maxl62jaJp8Jm r1aW5lSXAZONcGZJSUHfpntwRpGWNd7NuunYpk58gihW0VysxlcFURuPDnGnEsR+7peS StNi8V+BIOV1LhnTXD6/GwlenbBdJCAv2GLHyjRwINcD4Q617l2gUhuVmLppOmDP1GCE pdMZyb8JEqaafphE0Op0/eDj8xxromXyZD1Tnenk6etdrX7NUzjNOfAG7JY0M7jgiUZK xT9A== MIME-Version: 1.0 X-Received: by 10.42.201.78 with SMTP id ez14mr17935480icb.22.1423326572262; Sat, 07 Feb 2015 08:29:32 -0800 (PST) Sender: adrian.chadd@gmail.com Received: by 10.36.17.7 with HTTP; Sat, 7 Feb 2015 08:29:32 -0800 (PST) In-Reply-To: References: Date: Sat, 7 Feb 2015 08:29:32 -0800 X-Google-Sender-Auth: bjUkj3z77hUtbAYK9-FR2k310Zk Message-ID: Subject: Re: HTTPS/TLS issue on a NDIS wrapped NIC From: Adrian Chadd To: Simone Lombardo Content-Type: text/plain; charset=UTF-8 Cc: FreeBSD Questions X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Feb 2015 16:29:39 -0000 Hi, Yeah - the fpu context saving stuff in the kernel, perhaps? -adrian On 7 February 2015 at 06:05, Simone Lombardo wrote: > Hi, > > I am currently facing an issue and I don't know how to investigate and > address it. > > I am currently using the release FreeBSD 10.1 on a laptop having a > RTL8188CE chipset as wireless chipset. Native driver is not avaiable so I > am using the NDIS 5.1 driver via the NDIS wrapper. > > The wrapper is working fine for most application protocols, except when > using HTTPS/TLS on browsers. In this case, the following situations arise: > - Sistematically, HTTPS/TLS communication near immediately fails when > trying to upload a binary file (e.g. an image on a image hosting site). > Monitoring via tcpdump/wireshark shows encrypted alerts (21) and the > connection is reset by the remote peer. Since the first point is recurring, > I am going to setup a test web server in order to decrypt the payload and > read the encrypted alert. > > - Randomly, HTTPS/TLS communication enter in a retrasmission loop, stalling > all other HTTPS/TLS connections. Monitor via tcpdump/wireshark shows high > density of duplicate ACKs and after a while the TCP stack initiate a > retransmission keeping the connection stalled until the remote host does > not reset the connection and the buffers are flushed. > > The issue is not present when using an usb wireless dongle or the bundled > wired card where native driver is avaiable, so it seems specific to ndis > wrapper, though I have no other wireless cards to try atm. Tried to tune > tcp settings via sysctl, but I have not gain results yet. > > Any indications or hints on where I should look to discover the origin of > the issue (especially for the second point), is greatly appreciated. > > Best regards, > > Simone > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"