lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 21 Aug 2017 22:58:10 +0530
From:   Akshat Kakkar <akshat.1984@...il.com>
To:     Eric Dumazet <eric.dumazet@...il.com>
Cc:     David Laight <David.Laight@...lab.com>,
        netdev <netdev@...r.kernel.org>
Subject: Re: Something hitting my total number of connections to the server

On Monday, August 21, 2017, Eric Dumazet <eric.dumazet@...il.com> wrote:
>
> On Mon, 2017-08-21 at 15:26 +0530, Akshat Kakkar wrote:
> > On Mon, Aug 21, 2017 at 3:13 PM, David Laight <David.Laight@...lab.com> wrote:
> > > From: Akshat Kakkar
> > >> Sent: 18 August 2017 10:14
> > >> On Thu, Aug 17, 2017 at 5:06 PM, Eric Dumazet <eric.dumazet@...il.com> wrote:
> > >> > On Thu, 2017-08-17 at 14:35 +0530, Akshat Kakkar wrote:
> > >> >
> > >> >> I upgraded to 4.4 but still experiencing same issue.
> > >> >> Please help.
> > >> >
> > >> > Still too old kernel, shoot again ;)
> > >> >
> > >> >
> > >>
> > >>
> > >> Sorry but that's the maximum I can try as of now as its the LT version.
> > >
> > > You should be able to build a current kernel and run it with your
> > > existing user space.
> > >
> > >         David
> > >
> >
> > The issue is with tcp timestamp. When I am disabling it, things are
> > working fine but when I enable the issue re-occurs. However, I am not
> > seeing tcp timestamps on packet, even when it is enabled simply
> > because my client doesn't support it.
> >
> > But the question is, if I my client doesnt support timestamp , why
> > enabling timestamp on server side is creating an issue??
>
> Maybe you changed some sysctls wrongly ?
>
>

As mentioned in my initial description, the server is not sending
SYN-ACK. Thats what the main symptom. For completeness, its not
sending any RST also.
However, if I disable TCP timestamp ... the server starts giving SYN-ACK.
The strangest thing is, my client doesnt initiate a connection with
tcp timestamp, so how come disabling tcp timestamp is making things
work.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ