From owner-freebsd-current@FreeBSD.ORG Wed May 30 20:52:00 2007 Return-Path: X-Original-To: freebsd-current@freebsd.org Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 1480716A469 for ; Wed, 30 May 2007 20:52:00 +0000 (UTC) (envelope-from andre@freebsd.org) Received: from c00l3r.networx.ch (c00l3r.networx.ch [62.48.2.2]) by mx1.freebsd.org (Postfix) with ESMTP id 7959713C45D for ; Wed, 30 May 2007 20:51:59 +0000 (UTC) (envelope-from andre@freebsd.org) Received: (qmail 19774 invoked from network); 30 May 2007 20:07:54 -0000 Received: from c00l3r.networx.ch (HELO [127.0.0.1]) ([62.48.2.2]) (envelope-sender ) by c00l3r.networx.ch (qmail-ldap-1.03) with SMTP for ; 30 May 2007 20:07:54 -0000 Message-ID: <465DE3F6.3030001@freebsd.org> Date: Wed, 30 May 2007 22:52:06 +0200 From: Andre Oppermann User-Agent: Thunderbird 1.5.0.10 (Windows/20070221) MIME-Version: 1.0 To: Steve Kargl References: <20070525234115.GA48789@troutmask.apl.washington.edu> <465AF5C6.2010302@freebsd.org> <20070529002304.GA90534@troutmask.apl.washington.edu> <465D70A4.3040107@freebsd.org> <20070530193523.GA13655@troutmask.apl.washington.edu> In-Reply-To: <20070530193523.GA13655@troutmask.apl.washington.edu> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-current@freebsd.org Subject: Re: Segment failed SYNCOOKIE? X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 30 May 2007 20:52:00 -0000 Steve Kargl wrote: > On Wed, May 30, 2007 at 02:40:04PM +0200, Andre Oppermann wrote: >> I have committed further changes and logging to tcp_input() that >> will give more insight into this. Please update to the latest >> current and report the new log messages. >> > > Andre, > > I have > src/sys/netinet/tcp_syncache.c,v 1.120 2007/05/28 23:27:44 andre Exp $ > which is giving me > > > May 30 12:20:07 node13 kernel: bge0: watchdog timeout -- resetting > May 30 12:20:07 node13 kernel: bge0: link state changed to DOWN > May 30 12:20:09 node13 kernel: bge0: link state changed to UP > May 30 12:20:53 node13 kernel: TCP: [192.168.0.13]:55626 to [192.168.0.13]:59148 tcpflags 0x10; syncache_expand: Segment failed SYNCOOKIE authentication, segment rejected (probably spoofed) > May 30 12:20:53 node13 kernel: TCP: [192.168.0.11]:62391 to [192.168.0.13]:50827 tcpflags 0x11; syncache_expand: Segment failed SYNCOOKIE authentication, segment rejected (probably spoofed) > May 30 12:20:54 node13 kernel: TCP: [192.168.0.12]:63318 to [192.168.0.13]:55624 tcpflags 0x10; syncache_expand: Segment failed SYNCOOKIE authentication, segment rejected (probably spoofed) Our TCP has a bug where it closes a socket and tcpcb too fast and follow-up replies from the remote host may then hit the listen socket giving these artifacts. I have a large TCP cleanup/rewrite upcoming that fixes these issues. > I don't know if the watchdog timeout is a symptom or cause of the > SYNCOOKIE problem. In theory this is not related. However if it *only* happens shortly after a bge0 watchdog timeout then there may be a relation. > Note, this is an openmpi app that is using the Message Passing Interface > to communicate between processes. Does the openmpi application or the openmpi library raise any errors? -- Andre