Date: Sat, 7 Mar 2015 15:49:02 +0000 From: Rory Byrne <rory@nybek.com> To: freebsd-questions@freebsd.org Subject: TCP aborted from state FIN_WAIT1 after empty 60 secs Message-ID: <20150307154902.GA3060@nybek.com>
next in thread | raw e-mail | index | archive | help
--bg08WKrSYDhXBjb5
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Hello,
I've been doing some cross-platform testing and I noticed some unusual behaviour
in the way FreeBSD handles TCP connections. Consider the following scenario:
1. A server writes a 20K payload to the socket send buffer and calls close()
or shutdown().
2. The client, who has a small socket receive buffer of 8K, sits idle rather
than trying to read the payload off the stream.
What usually happens on FreeBSD is that the server TCP aborts the connection
after about 150 seconds. Specifically, if 60 seconds passes where no packets
are transferred over the connection, the server TCP discards the socket send
buffer and sends an RST to the client TCP; this usually happens about 150
seconds after the connection was established, but sometimes takes longer, and
sometimes much longer (over 5 mins).
None of the other platforms I have tested (NetBSD, OpenBSD, Linux, Illumos,
Darwin, Cygwin and native Windows) abort the connection: they allow it to
persist indefinitely (more than 30 minutes anyway).
Assuming that I haven't messed up in my tests, I was wondering if this is a
bug or an intentional anti-DOS protection mechanism. If it is that latter,
is there a way to control the behaviour?
See attached for test code and a tcpdump trace. The client and server must be
on different hosts: the TCP connection won't be aborted if you run it over lo0.
I am currently running 10.1-RELEASE-p6 with the default kernel.
Thanks,
Rory
--bg08WKrSYDhXBjb5
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename="freebsd-trace.txt"
16:34:06.606740 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [S], seq 3384095403, win 7300, options [mss 1460,sackOK,TS val 343707092 ecr 0,nop,wscale 0], length 0
16:34:06.606988 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [S.], seq 2436435063, ack 3384095404, win 65535, options [mss 1460,nop,wscale 6,sackOK,TS val 287206175 ecr 343707092], length 0
16:34:06.607018 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 1, win 7300, options [nop,nop,TS val 343707092 ecr 287206175], length 0
16:34:06.607446 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 1:1449, ack 1, win 1040, options [nop,nop,TS val 287206175 ecr 343707092], length 1448
16:34:06.607493 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 1449, win 5852, options [nop,nop,TS val 343707092 ecr 287206175], length 0
16:34:06.607738 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 1449:2897, ack 1, win 1040, options [nop,nop,TS val 287206175 ecr 343707092], length 1448
16:34:06.607754 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 2897, win 5852, options [nop,nop,TS val 343707092 ecr 287206175], length 0
16:34:06.607830 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 2897:4345, ack 1, win 1040, options [nop,nop,TS val 287206175 ecr 343707092], length 1448
16:34:06.607873 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 4345:5793, ack 1, win 1040, options [nop,nop,TS val 287206175 ecr 343707092], length 1448
16:34:06.607933 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 5793:7241, ack 1, win 1040, options [nop,nop,TS val 287206175 ecr 343707092], length 1448
16:34:06.608022 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 7241:8689, ack 1, win 1040, options [nop,nop,TS val 287206175 ecr 343707092], length 1448
16:34:06.645953 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8689, win 60, options [nop,nop,TS val 343707102 ecr 287206175], length 0
16:34:11.648081 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 8689:8749, ack 1, win 1040, options [nop,nop,TS val 287211216 ecr 343707102], length 60
16:34:11.648102 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8749, win 0, options [nop,nop,TS val 343708352 ecr 287211216], length 0
16:34:16.650443 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 8749:8750, ack 1, win 1040, options [nop,nop,TS val 287216218 ecr 343708352], length 1
16:34:16.650465 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8749, win 0, options [nop,nop,TS val 343709603 ecr 287216218], length 0
16:34:21.649606 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 8749:8750, ack 1, win 1040, options [nop,nop,TS val 287221218 ecr 343709603], length 1
16:34:21.649633 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8749, win 0, options [nop,nop,TS val 343710852 ecr 287221218], length 0
16:34:26.650323 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 8749:8750, ack 1, win 1040, options [nop,nop,TS val 287226218 ecr 343710852], length 1
16:34:26.650349 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8749, win 0, options [nop,nop,TS val 343712103 ecr 287226218], length 0
16:34:31.650237 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 8749:8750, ack 1, win 1040, options [nop,nop,TS val 287231218 ecr 343712103], length 1
16:34:31.650266 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8749, win 0, options [nop,nop,TS val 343713353 ecr 287231218], length 0
16:34:36.650198 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 8749:8750, ack 1, win 1040, options [nop,nop,TS val 287236218 ecr 343713353], length 1
16:34:36.650225 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8749, win 0, options [nop,nop,TS val 343714603 ecr 287236218], length 0
16:34:41.650129 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 8749:8750, ack 1, win 1040, options [nop,nop,TS val 287241218 ecr 343714603], length 1
16:34:41.650159 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8749, win 0, options [nop,nop,TS val 343715853 ecr 287241218], length 0
16:34:49.544400 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 8749:8750, ack 1, win 1040, options [nop,nop,TS val 287249113 ecr 343715853], length 1
16:34:49.544433 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8749, win 0, options [nop,nop,TS val 343717826 ecr 287249113], length 0
16:35:05.149862 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 8749:8750, ack 1, win 1040, options [nop,nop,TS val 287264718 ecr 343717826], length 1
16:35:05.149894 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8749, win 0, options [nop,nop,TS val 343721727 ecr 287264718], length 0
16:35:36.095041 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [.], seq 8749:8750, ack 1, win 1040, options [nop,nop,TS val 287295664 ecr 343721727], length 1
16:35:36.095071 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8749, win 0, options [nop,nop,TS val 343729464 ecr 287295664], length 0
16:36:36.096976 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [R.], seq 8750, ack 1, win 1040, options [nop,nop,TS val 287355667 ecr 343729464], length 0
16:36:52.058384 IP 192.168.0.1.35459 > 192.168.0.25.7777: Flags [.], ack 8749, win 1448, options [nop,nop,TS val 343748455 ecr 287295664], length 0
16:36:52.058632 IP 192.168.0.25.7777 > 192.168.0.1.35459: Flags [R], seq 2436443812, win 0, length 0
--bg08WKrSYDhXBjb5--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20150307154902.GA3060>