lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1337278363.3403.39.camel@edumazet-glaptop>
Date:	Thu, 17 May 2012 20:12:43 +0200
From:	Eric Dumazet <eric.dumazet@...il.com>
To:	Miklos Szeredi <miklos@...redi.hu>
Cc:	netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: tcp timestamp issues with google servers

On Thu, 2012-05-17 at 11:39 +0200, Miklos Szeredi wrote:
> Sometimes connection to google.com, gmail.com and other google servers
> doesn't work or takes ages to connect.  When this hits it hits all
> google servers at the same time and it's persistent.  It never happens
> to anything other than google.  Rebooting helps.  Rarely it goes away
> spontaneously.
> 
> Apparently google is sometimes replying with an invalid TSecr timestamp
> value (smaller than the one sent in the last packet) and this confuses
> the Linux TCP stack which either discards the packet or sends a Reset.
> 
> Network dump attached.
> 
> I found only a couple of references to this issue:
> 
> http://gotchas.livejournal.com/3028.html
> 
> http://groups.google.com/group/comp.os.linux.networking/browse_thread/thread/29f56feded11b42a
> 
> Turning tcp timestamps fixes the issue:
> 
>   sysctl -w net.ipv4.tcp_timestamps=0
> 
> Not sure why this happens only to me and a very few others.
> 
> It appears to be an issue with google TCP stack (is it a modified
> stack?) but I thought about issues in my network switch (restarting it
> doesn't help) or something in the ISP, but those look unlikely.
> 
> Any ideas?
> 
> Thanks,
> Miklos
> 
> 
> 
>   1   0.000000 192.168.28.100 -> 74.125.232.226 TCP 51303 > http [SYN] Seq=0 Win=14600 Len=0 MSS=1460 SACK_PERM=1 TSV=35355050 TSER=0 WS=5
>   2   0.002730 74.125.232.226 -> 192.168.28.100 TCP http > 51303 [SYN, ACK] Seq=0 Ack=1 Win=14180 Len=0 MSS=1430 SACK_PERM=1 TSV=1184565067 TSER=35325344 WS=6


Do you really have 2730 usec RTT between you and this (Google ?)
server ?

Are you sure this is not a broken middle box ?



--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ