| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 1 May 2007 22:25:06 +0400 From: Evgeniy Polyakov <johnpol@....mipt.ru> To: Benjamin LaHaise <bcrl@...ck.org> Cc: David Miller <davem@...emloft.net>, netdev@...r.kernel.org Subject: Re: [PATCH] TCP FIN gets dropped prematurely, results in ack storm On Tue, May 01, 2007 at 10:20:07PM +0400, Evgeniy Polyakov (johnpol@....mipt.ru) wrote: > On Tue, May 01, 2007 at 11:13:54AM -0400, Benjamin LaHaise (bcrl@...ck.org) wrote: > > Hello, > > > > While testing a failover scenario, I managed to trigger an ack storm > > between a Linux box and another system. Although the cause of this particular > > ACK storm was due to the other box forgetting that it sent out a FIN (the > > second node was unaware of the FIN the first sent in its dying gasp, which > > is what I'm trying to fix, but it's a tricky race), the resulting Linux > > behaviour wasn't very robust. Is there any particularly good reason that > > One of the packets sent by broken 1.1 host has incorrect checksum, so it > will be dropped by 2.2 system in theory, could that packet somehow break > 2.2 stack's state machine? It seems so, 2.2 stack expects i-1 sequence number, so when you add fin into both (i-1)'th and i'th packets, 2.2 system correctly completes session thinking that i-1 is the real last message, which is not. -- Evgeniy Polyakov - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists