Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 18 Jul 2007 09:52:28 +0400
From:      Eygene Ryabinkin <rea-fbsd@codelabs.ru>
To:        Chuck Swiger <cswiger@mac.com>
Cc:        Julian Elischer <julian@ironport.com>, FreeBSD Net <freebsd-net@freebsd.org>, Julian Elischer <julian@elischer.org>
Subject:   Re: Wierd networking.
Message-ID:  <20070718055228.GA4053@void.codelabs.ru>
In-Reply-To: <3DBBD4E3-ABEA-451A-8E6A-02E9CBAD6A37@mac.com>
References:  <469D4C9D.7090302@ironport.com> <469D4FB6.9040609@elischer.org> <3DBBD4E3-ABEA-451A-8E6A-02E9CBAD6A37@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
Chuck, Julian, good day.

Tue, Jul 17, 2007 at 04:47:30PM -0700, Chuck Swiger wrote:
> % tcpdump -nS -r IE7.pcap
> reading from file IE7.pcap, link-type EN10MB (Ethernet)
> 18:24:41.313890 IP 172.28.15.82.3128 > 10.251.22.29.1121: . ack 1573162290 win 
> 32120
> 18:24:41.313995 IP 10.251.22.29.1121 > 172.28.15.82.3128: P 
> 1573162290:1573162378(88) ack 3799409121 win 65535
> 18:24:41.314015 IP 172.28.15.82.3128 > 10.251.22.29.1121: . ack 1573162378 win 
> 33492
> 18:24:41.314072 IP 172.28.15.82.3128 > 10.251.22.29.1121: . 
> 3799409121:3799410581(1460) ack 1573162378 win 33580
> 18:24:41.314080 IP 172.28.15.82.3128 > 10.251.22.29.1121: P 
> 3799410581:3799410861(280) ack 1573162378 win 33580
> 18:24:41.314118 IP 172.28.15.82.3128 > 10.251.22.29.1121: F 
> 3799410861:3799410861(0) ack 1573162378 win 33580
> 
> ...at this point, the client should have received the above packets and ACK for 
> 3799410862 to include the FIN.
> 
> 18:24:41.314744 IP 10.251.22.29.1121 > 172.28.15.82.3128: P 
> 1573162378:1573162380(2) ack 3799409121 win 65535
> 
> ...instead it sends an ACK for earlier traffic.  The Squid box should be in 
> FIN-WAIT-1 and simply ignore this as a dup ACK, rather than sending an RST:

Seems like it is the effect of the SS_NOFDREF check in the
netinet/tcp_input.c, at least it is present in the rev. 1.281.2.5.

See the post
    http://lists.freebsd.org/pipermail/freebsd-current/2007-July/074837.html

I believe it discuisses the same problem, but for -CURRENT.  In
short, Squid child closes the descriptor, so connection is present
in the TCP/IP stack only.  And SS_NOFDREF check provokes RST and
invokes tcp_close().
-- 
Eygene

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070718055228.GA4053>