lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Tue, 1 May 2007 22:25:06 +0400
From:	Evgeniy Polyakov <>
To:	Benjamin LaHaise <>
Cc:	David Miller <>,
Subject: Re: [PATCH] TCP FIN gets dropped prematurely, results in ack storm

On Tue, May 01, 2007 at 10:20:07PM +0400, Evgeniy Polyakov ( wrote:
> On Tue, May 01, 2007 at 11:13:54AM -0400, Benjamin LaHaise ( wrote:
> > Hello,
> > 
> > While testing a failover scenario, I managed to trigger an ack storm 
> > between a Linux box and another system.  Although the cause of this particular 
> > ACK storm was due to the other box forgetting that it sent out a FIN (the 
> > second node was unaware of the FIN the first sent in its dying gasp, which 
> > is what I'm trying to fix, but it's a tricky race), the resulting Linux 
> > behaviour wasn't very robust.  Is there any particularly good reason that 
> One of the packets sent by broken 1.1 host has incorrect checksum, so it
> will be dropped by 2.2 system in theory, could that packet somehow break
> 2.2 stack's state machine?

It seems so, 2.2 stack expects i-1 sequence number, so when you add fin
into both (i-1)'th and i'th packets, 2.2 system correctly completes session
thinking that i-1 is the real last message, which is not.

	Evgeniy Polyakov
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists