lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <8e8a9c7c0909030741j63a26192m54feab96cc9fbd5a@mail.gmail.com>
Date:	Thu, 3 Sep 2009 22:41:52 +0800
From:	Treker Chen <treker.chen@...il.com>
To:	linux-kernel@...r.kernel.org
Subject: Why sometimes linux kernel does not reply the ACK of second FIN 
	packet?

Hi all

I was wondering if anyone know sometimes linux kernel seems does not
reply the ACK to the second FIN packet?
I tried it on Linux Ubuntu804Server 2.6.24-16-server #1 SMP Thu Apr 10
13:58:00 UTC 2008 i686 GNU/Linux

and here is the tcpdump log

22:24:37.444551 IP 192.168.6.3.42049 > 192.168.6.30.22: S
880658043:880658043(0) win 5840 <mss 1000,sackOK,timestamp 405800485
0,nop,wscale 7>
22:24:37.445091 IP 192.168.6.30.22 > 192.168.6.3.42049: S
1391057992:1391057992(0) ack 880658044 win 5792 <mss
1460,sackOK,timestamp 68876023 405800485,nop,wscale 6>
22:24:37.445182 IP 192.168.6.3.42049 > 192.168.6.30.22: . ack 1 win 46
<nop,nop,timestamp 405800485 68876023>
22:24:37.453582 IP 192.168.6.30.22 > 192.168.6.3.42049: P 1:39(38) ack
1 win 91 <nop,nop,timestamp 68876024 405800485>
22:24:37.453663 IP 192.168.6.3.42049 > 192.168.6.30.22: . ack 39 win
46 <nop,nop,timestamp 405800486 68876024>
22:24:39.183281 IP 192.168.6.3.42049 > 192.168.6.30.22: P 1:3(2) ack
39 win 46 <nop,nop,timestamp 405800659 68876024>
22:24:39.183846 IP 192.168.6.30.22 > 192.168.6.3.42049: . ack 3 win 91
<nop,nop,timestamp 68876196 405800659>
22:24:39.183899 IP 192.168.6.30.22 > 192.168.6.3.42049: P 39:58(19)
ack 3 win 91 <nop,nop,timestamp 68876196 405800659>
22:24:39.183934 IP 192.168.6.3.42049 > 192.168.6.30.22: . ack 58 win
46 <nop,nop,timestamp 405800659 68876196>
22:24:39.183952 IP 192.168.6.30.22 > 192.168.6.3.42049: F 58:58(0) ack
3 win 91 <nop,nop,timestamp 68876196 405800659>
22:24:39.184636 IP 192.168.6.3.42049 > 192.168.6.30.22: F 3:3(0) ack
59 win 46 <nop,nop,timestamp 405800659 68876196>
22:24:39.185093 IP 192.168.6.30.22 > 192.168.6.3.42049: . ack 4 win 91
<nop,nop,timestamp 68876196 405800659>

you can see at the end there is only one ACK packet and sometimes it
did. does any one know the possible reason?
I am asking this because with a high traffic server, it caused lots'
of connection in TIME_WAIT state, and i was suspecting that's causing
the issue.

please kindly CC to my email address. thanks

Regards
Treker
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ