From owner-freebsd-net  Tue Jul 16 21:56: 8 2002
Delivered-To: freebsd-net@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 3347337B400
	for <net@freebsd.org>; Tue, 16 Jul 2002 21:56:06 -0700 (PDT)
Received: from patrocles.silby.com (d151.as12.nwbl0.wi.voyager.net [169.207.136.153])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 51D5543E4A
	for <net@freebsd.org>; Tue, 16 Jul 2002 21:56:04 -0700 (PDT)
	(envelope-from silby@silby.com)
Received: from patrocles.silby.com (localhost [127.0.0.1])
	by patrocles.silby.com (8.12.4/8.12.4) with ESMTP id g6H50Kcv079820;
	Wed, 17 Jul 2002 00:00:20 -0500 (CDT)
	(envelope-from silby@silby.com)
Received: from localhost (silby@localhost)
	by patrocles.silby.com (8.12.5/8.12.5/Submit) with ESMTP id g6H50IgY079816;
	Wed, 17 Jul 2002 00:00:19 -0500 (CDT)
X-Authentication-Warning: patrocles.silby.com: silby owned process doing -bs
Date: Wed, 17 Jul 2002 00:00:18 -0500 (CDT)
From: Mike Silbersack <silby@silby.com>
To: Alex Dyas <alexdyas@hotmail.com>
Cc: net@freebsd.org
Subject: Re: BSD / Firewall / 0 window size problem
In-Reply-To: <F175KzGZuNY1SWoBDys00012182@hotmail.com>
Message-ID: <20020716235818.K79793-100000@patrocles.silby.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org


On Tue, 16 Jul 2002, Alex Dyas wrote:

> I've attached a tcpdump of a Linux machine doing the same thing
> (working.txt).
>
> the same 0 sized window can be seen:
>
> 17:15:56.094161 linuxbox.foo.com.3479 > solarisbox.foo.com.telnet: . ack 456
> win 5840 <nop,nop,timestamp 176027347 193370834> (DF) [tos 0x10]
> 17:16:12.634540 solarisbox.foo.com.telnet > linuxbox.foo.com.3479: . ack 74
> win 0
> 17:16:12.634540 linuxbox.foo.com.3479 > solarisbox.foo.com.telnet: . ack 456
> win 5840 <nop,nop,timestamp 176029001 193370834> (DF) [tos 0x10]
>
> but the Linux telnet session does not freeze up as the BSD one does.
>
> Again, any help would be most appreciated.
>
> Thanks again,
>
> Alex...

As Barney noted, the behavior of both OSes looks very similar.

Have you run tcpdump on the solaris box at the same time?  That win 0
packet looks _really_ suspicious to me; it doesn't share the DF bit or
timestamps of the other packets in the stream.  On top of that, I see no
reason why a win 0 should be sent when the previous window was ~24K in
size.  Is it possible that the NAT box is adding it in?

Mike "Silby" Silbersack



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message