lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 4 Dec 2017 21:22:41 -0800
From:   Steve Ibanez <sibanez@...nford.edu>
To:     Neal Cardwell <ncardwell@...gle.com>
Cc:     Eric Dumazet <edumazet@...gle.com>,
        Yuchung Cheng <ycheng@...gle.com>,
        Daniel Borkmann <daniel@...earbox.net>,
        Netdev <netdev@...r.kernel.org>, Florian Westphal <fw@...len.de>,
        Mohammad Alizadeh <alizadeh@...il.mit.edu>,
        Lawrence Brakmo <brakmo@...com>
Subject: Re: Linux ECN Handling

Hi Neal,

Happy to help out :) And thanks for the tip!

I was able to track down where the missing bytes that you pointed out
are being lost. It turns out the destination host seems to be
misbehaving. I performed a packet capture at the destination host
interface (a snapshot of the trace is attached). I see the following
sequence of events when a timeout occurs (note that I have NIC
offloading enabled so wireshark captures packets larger than the MTU):

1. The destination receives a data packet of length X with seqNo = Y
from the src with the CWR bit set and does not send back a
corresponding ACK.
2. The source times out and sends a retransmission packet of length Z
(where Z < X) with seqNo = Y
3. The destination sends back an ACK with AckNo = Y + X

So in other words, the packet which the destination host does not
initially ACK (causing the timeout) does not actually get lost because
after receiving the retransmission the AckNo moves forward all the way
past the bytes in the initial unACKed CWR packet. In the attached
screenshot, I've marked the unACKed CWR packet with a red box.

Have you seen this behavior before? And do you know what might be
causing the destination host not to ACK the CWR packet? In most cases
the CWR marked packets are ACKed properly, it's just occasionally they
are not.

Thanks!
-Steve



On Fri, Dec 1, 2017 at 8:35 AM, Neal Cardwell <ncardwell@...gle.com> wrote:
> On Mon, Nov 27, 2017 at 1:49 PM, Steve Ibanez <sibanez@...nford.edu> wrote:
>>
>> Hi Neal,
>>
>> I tried out your new suggested patches and indeed it looks like it is
>> working. The duration of the freezes looks like it has reduced from an
>> RTO to 10ms (tcp probe reports SRTT measurements of about 200us just
>> before the freeze). So the PTO value seems to be correctly set to
>> max(2*SRTT, 10ms).
>
> Great. Thank you for testing this!
>
> Our team will look into testing these patches more and sending some
> version of them upstream if things look good.
>
> Also, BTW, in newer kernels, with bb4d991a28cc ("tcp: adjust tail loss
> probe timeout") from July, the TLP timeout should be closer to 2*SRTT
> + 2 jiffies, so if your kernel has 1ms jiffies this should further
> improve things.
>
> Thanks,
> neal

Download attachment "han-5_timeout.png" of type "image/png" (151773 bytes)

Powered by blists - more mailing lists