Date: Tue, 23 Jul 2002 10:14:31 +0000 From: "Alex Dyas" <alexdyas@hotmail.com> To: net@freebsd.org Cc: silby@silby.com Subject: Re: BSD / Firewall / 0 window size problem Message-ID: <F181w037NqMPbYquXUR00018f80@hotmail.com>
next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. ------=_NextPart_000_1348_dd7_6f23 Content-Type: text/plain; format=flowed >On Tue, 16 Jul 2002, Alex Dyas wrote: > > > I've attached a tcpdump of a Linux machine doing the same thing > > (working.txt). > > > > the same 0 sized window can be seen: > > > > 17:15:56.094161 linuxbox.foo.com.3479 > solarisbox.foo.com.telnet: . ack >456 > > win 5840 <nop,nop,timestamp 176027347 193370834> (DF) [tos 0x10] > > 17:16:12.634540 solarisbox.foo.com.telnet > linuxbox.foo.com.3479: . ack >74 > > win 0 > > 17:16:12.634540 linuxbox.foo.com.3479 > solarisbox.foo.com.telnet: . ack >456 > > win 5840 <nop,nop,timestamp 176029001 193370834> (DF) [tos 0x10] > > > > but the Linux telnet session does not freeze up as the BSD one does. > > > > Again, any help would be most appreciated. > > > > Thanks again, > > > > Alex... > >As Barney noted, the behavior of both OSes looks very similar. > >Have you run tcpdump on the solaris box at the same time? That win 0 >packet looks _really_ suspicious to me; it doesn't share the DF bit or >timestamps of the other packets in the stream. On top of that, I see no >reason why a win 0 should be sent when the previous window was ~24K in >size. Is it possible that the NAT box is adding it in? (Sorry for the delay in replying) Attached are two more tcpdumps, client.txt being the client side of a problematic session, server.txt being the server side of the same session. Both machines in this case are BSD. The thing to note in these dumps is what you suggested, ie the 0 sized window can only be seen on the client side, NOT on the server side. So as you say, the problem seems to be being introduced by the GNAT box. I've been suspecting the GNAT box all along. BSD->Any_other_machine connections have no problem. Unfortunately I don't admin it, and don't (yet) know enough about it to debug such a thing. The guy who does points out that we have never seen the problem in anything other than BSD clients. A guess, but could it be that other clients (Windows/Linux etc) are in some way more tolerant of such problems? Not knowing very much at all about NAT, what would I look for in debugging such a problem on the GNAT box, as I can probably get a look at it? Thanks again for the help. I'm learning a lot here. Alex.. _________________________________________________________________ Join the world’s largest e-mail service with MSN Hotmail. http://www.hotmail.com ------=_NextPart_000_1348_dd7_6f23 Content-Type: text/plain; name="server.txt"; format=flowed Content-Transfer-Encoding: 8bit Content-Disposition: attachment; filename="server.txt" 10:38:10.937283 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: P 3892481562:3892481564(2) ack 3255356464 win 33304 <nop,nop,timestamp 112678799 6684336> (DF) [tos 0x10] 10:38:10.937830 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 1:3(2) ack 2 win 33304 <nop,nop,timestamp 6685001 112678799> (DF) [tos 0x10] 10:38:11.034519 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 3 win 33304 <nop,nop,timestamp 112678809 6685001> (DF) [tos 0x10] 10:38:11.034561 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 3:12(9) ack 2 win 33304 <nop,nop,timestamp 6685011 112678809> (DF) [tos 0x10] 10:38:11.141018 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 12 win 33304 <nop,nop,timestamp 112678819 6685011> (DF) [tos 0x10] 10:38:11.512935 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: P 2:4(2) ack 12 win 33304 <nop,nop,timestamp 112678856 6685011> (DF) [tos 0x10] 10:38:11.513312 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 12:14(2) ack 4 win 33304 <nop,nop,timestamp 6685058 112678856> (DF) [tos 0x10] 10:38:11.614544 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 14 win 33304 <nop,nop,timestamp 112678867 6685058> (DF) [tos 0x10] 10:38:11.614576 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 14:23(9) ack 4 win 33304 <nop,nop,timestamp 6685069 112678867> (DF) [tos 0x10] 10:38:11.714502 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 23 win 33304 <nop,nop,timestamp 112678877 6685069> (DF) [tos 0x10] 10:38:12.288291 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: P 4:6(2) ack 23 win 33304 <nop,nop,timestamp 112678934 6685069> (DF) [tos 0x10] 10:38:12.288684 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 23:25(2) ack 6 win 33304 <nop,nop,timestamp 6685136 112678934> (DF) [tos 0x10] 10:38:12.385360 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 25 win 33304 <nop,nop,timestamp 112678944 6685136> (DF) [tos 0x10] 10:38:12.385392 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 25:34(9) ack 6 win 33304 <nop,nop,timestamp 6685146 112678944> (DF) [tos 0x10] 10:38:12.485034 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 34 win 33304 <nop,nop,timestamp 112678954 6685146> (DF) [tos 0x10] 10:38:28.957955 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 34 win 33304 <nop,nop,timestamp 112680601 6685146> (DF) [tos 0x10] 10:38:47.914027 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . 6:7(1) ack 34 win 33304 <nop,nop,timestamp 112682497 6685146> (DF) [tos 0x10] 10:38:47.914571 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 34:36(2) ack 7 win 33304 <nop,nop,timestamp 6688699 112682497> (DF) [tos 0x10] 10:38:47.916340 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: P 7:14(7) ack 36 win 33303 <nop,nop,timestamp 112682497 6688699> (DF) [tos 0x10] 10:38:47.916379 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 36:45(9) ack 14 win 33300 <nop,nop,timestamp 6688699 112682497> (DF) [tos 0x10] 10:38:48.015019 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 45 win 33304 <nop,nop,timestamp 112682507 6688699> (DF) [tos 0x10] 10:38:48.015052 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 45:78(33) ack 14 win 33304 <nop,nop,timestamp 6688709 112682507> (DF) [tos 0x10] 10:38:49.013968 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 45:78(33) ack 14 win 33304 <nop,nop,timestamp 6688809 112682507> (DF) [tos 0x10] 10:38:49.015395 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 78 win 33304 <nop,nop,timestamp 112682607 6688809> (DF) [tos 0x10] 10:38:49.555092 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: P 14:16(2) ack 78 win 33304 <nop,nop,timestamp 112682661 6688809> (DF) [tos 0x10] 10:38:49.555465 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 78:80(2) ack 16 win 33304 <nop,nop,timestamp 6688863 112682661> (DF) [tos 0x10] 10:38:49.653930 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 80 win 33304 <nop,nop,timestamp 112682671 6688863> (DF) [tos 0x10] 10:38:49.653971 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 80:89(9) ack 16 win 33304 <nop,nop,timestamp 6688872 112682671> (DF) [tos 0x10] 10:38:49.757662 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 89 win 33304 <nop,nop,timestamp 112682681 6688872> (DF) [tos 0x10] ------=_NextPart_000_1348_dd7_6f23 Content-Type: text/plain; name="client.txt"; format=flowed Content-Transfer-Encoding: 8bit Content-Disposition: attachment; filename="client.txt" 10:37:17.301366 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: P 3892481562:3892481564(2) ack 3255356464 win 33304 <nop,nop,timestamp 112678699 6684336> (DF) [tos 0x10] 10:37:18.297903 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: P 0:2(2) ack 1 win 33304 <nop,nop,timestamp 112678799 6684336> (DF) [tos 0x10] 10:37:18.306500 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 1:3(2) ack 2 win 33304 <nop,nop,timestamp 6685001 112678799> (DF) [tos 0x10] 10:37:18.397890 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 3 win 33304 <nop,nop,timestamp 112678809 6685001> (DF) [tos 0x10] 10:37:18.399319 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 3:12(9) ack 2 win 33304 <nop,nop,timestamp 6685011 112678809> (DF) [tos 0x10] 10:37:18.503009 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 12 win 33304 <nop,nop,timestamp 112678819 6685011> (DF) [tos 0x10] 10:37:18.876339 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: P 2:4(2) ack 12 win 33304 <nop,nop,timestamp 112678856 6685011> (DF) [tos 0x10] 10:37:18.878070 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 12:14(2) ack 4 win 33304 <nop,nop,timestamp 6685058 112678856> (DF) [tos 0x10] 10:37:18.977906 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 14 win 33304 <nop,nop,timestamp 112678867 6685058> (DF) [tos 0x10] 10:37:18.979383 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 14:23(9) ack 4 win 33304 <nop,nop,timestamp 6685069 112678867> (DF) [tos 0x10] 10:37:19.077907 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 23 win 33304 <nop,nop,timestamp 112678877 6685069> (DF) [tos 0x10] 10:37:19.651179 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: P 4:6(2) ack 23 win 33304 <nop,nop,timestamp 112678934 6685069> (DF) [tos 0x10] 10:37:19.654872 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 23:25(2) ack 6 win 33304 <nop,nop,timestamp 6685136 112678934> (DF) [tos 0x10] 10:37:19.747917 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 25 win 33304 <nop,nop,timestamp 112678944 6685136> (DF) [tos 0x10] 10:37:19.750464 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 25:34(9) ack 6 win 33304 <nop,nop,timestamp 6685146 112678944> (DF) [tos 0x10] 10:37:19.847926 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 34 win 33304 <nop,nop,timestamp 112678954 6685146> (DF) [tos 0x10] 10:37:36.319667 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: . ack 6 win 0 10:37:36.319724 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 34 win 33304 <nop,nop,timestamp 112680601 6685146> (DF) [tos 0x10] 10:37:45.278314 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . 6:7(1) ack 34 win 33304 <nop,nop,timestamp 112681497 6685146> (DF) [tos 0x10] 10:37:50.278391 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . 6:7(1) ack 34 win 33304 <nop,nop,timestamp 112681997 6685146> (DF) [tos 0x10] 10:37:55.278464 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . 6:7(1) ack 34 win 33304 <nop,nop,timestamp 112682497 6685146> (DF) [tos 0x10] 10:37:55.280574 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 34:36(2) ack 7 win 33304 <nop,nop,timestamp 6688699 112682497> (DF) [tos 0x10] 10:37:55.280614 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: P 7:14(7) ack 36 win 33303 <nop,nop,timestamp 112682497 6688699> (DF) [tos 0x10] 10:37:55.282349 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 36:45(9) ack 14 win 33300 <nop,nop,timestamp 6688699 112682497> (DF) [tos 0x10] 10:37:55.378459 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 45 win 33304 <nop,nop,timestamp 112682507 6688699> (DF) [tos 0x10] 10:37:55.381018 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 45:78(33) ack 14 win 33304 <nop,nop,timestamp 6688709 112682507> (DF) [tos 0x10] 10:37:55.478456 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 78 win 33304 <nop,nop,timestamp 112682517 6688709> (DF) [tos 0x10] 10:37:56.379908 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 45:78(33) ack 14 win 33304 <nop,nop,timestamp 6688809 112682507> (DF) [tos 0x10] 10:37:56.379966 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 78 win 33304 <nop,nop,timestamp 112682607 6688809> (DF) [tos 0x10] 10:37:56.919602 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: P 14:16(2) ack 78 win 33304 <nop,nop,timestamp 112682661 6688809> (DF) [tos 0x10] 10:37:56.921371 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 78:80(2) ack 16 win 33304 <nop,nop,timestamp 6688863 112682661> (DF) [tos 0x10] 10:37:57.018481 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 80 win 33304 <nop,nop,timestamp 112682671 6688863> (DF) [tos 0x10] 10:37:57.020279 bsdserver.telnet > bsdclient.twowaytv.co.uk.bootserver: P 80:89(9) ack 16 win 33304 <nop,nop,timestamp 6688872 112682671> (DF) [tos 0x10] 10:37:57.118487 bsdclient.twowaytv.co.uk.bootserver > bsdserver.telnet: . ack 89 win 33304 <nop,nop,timestamp 112682681 6688872> (DF) [tos 0x10] ------=_NextPart_000_1348_dd7_6f23-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?F181w037NqMPbYquXUR00018f80>