From owner-freebsd-net  Mon Jul  2 12: 3:25 2001
Delivered-To: freebsd-net@freebsd.org
Received: from node7.cluster.srrc.usda.gov (symbion.srrc.usda.gov [199.133.86.40])
	by hub.freebsd.org (Postfix) with ESMTP
	id 62CD637B401; Mon,  2 Jul 2001 12:03:21 -0700 (PDT)
	(envelope-from gjohnson@srrc.ars.usda.gov)
Received: (from glenn@localhost)
	by node7.cluster.srrc.usda.gov (8.11.4/8.11.4) id f62J30Q00843;
	Mon, 2 Jul 2001 14:03:00 -0500 (CDT)
	(envelope-from glenn)
Date: Mon, 2 Jul 2001 14:02:59 -0500
From: Glenn Johnson <gjohnson@srrc.ars.usda.gov>
To: Mike Silbersack <silby@silby.com>
Cc: Jonathan Lemon <jlemon@flugsvamp.com>, net@freebsd.org,
	kris@freebsd.org, Gilbert Gong <ggong@cal.alumni.berkeley.edu>
Subject: Re: select fails to return incoming connect on FreeBSD-4.3
Message-ID: <20010702140259.A639@node7.cluster.srrc.usda.gov>
References: <20010627220031.B10008@prism.flugsvamp.com> <20010701214104.V1087-200000@achilles.silby.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <20010701214104.V1087-200000@achilles.silby.com>; from silby@silby.com on Sun, Jul 01, 2001 at 09:45:47PM -0500
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org

On Sun, Jul 01, 2001 at 09:45:47PM -0500, Mike Silbersack wrote:

> On Wed, 27 Jun 2001, Jonathan Lemon wrote:
>
> > I don't object; while the security provided by the new scheme is
> > nice, breaking TIME_WAIT assassination is a serious bug in some
> > environments, and there should be a way to work around it now.
> > --
> > Jonathan
>
> Ok, attached is a patch for 4.3-stable which makes the
> generation scheme sysctl selectable.  You use the sysctl
> net.inet.tcp.tcp_seq_genscheme to set which scheme you want.  0 is the
> old random positive increments scheme, 1 is the more random OpenBSD
> scheme.  1 is the default setting, so those encountering the TIME_WAIT
> problem will have to put something in a boot script to set the
> variable to 0.
>
> There's one slight difference in this implementation of the old scheme
> versus the old implementation of it.  Before, we used TCP_ISSINCR/2
> for outgoing incrementations, and /4 for incoming.  We use /2 in both
> cases now, for simplicity's sake.
>
> Please review, especially if you're experiencing the TIME_WAIT
> problem.

I just tested this and it looks fine to me.  It gets the sample code in
PR misc/27880 working and more importantly it gets PBS (Portable Batch
System) working again.  Once this is merged into 4.3-STABLE I will send
a message to the pbs mail list to let the FreeBSD users know what to do.

Thank you very much for fixing this.

-- 
Glenn Johnson
USDA, ARS, SRRC			 Phone: (504) 286-4252
New Orleans, LA 70124		e-mail: gjohnson@srrc.ars.usda.gov

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message