lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Tue, 26 Aug 2008 14:18:12 -0300
From:	Dâniel Fraga <fragabr@...il.com>
To:	"Ilpo Järvinen" <ilpo.jarvinen@...sinki.fi>
Cc:	David Miller <davem@...emloft.net>, thomas.jarosch@...ra2net.com,
	billfink@...dspring.com, Netdev <netdev@...r.kernel.org>,
	Patrick Hardy <kaber@...sh.net>,
	netfilter-devel@...r.kernel.org, kadlec@...ckhole.kfki.hu
Subject: Re: [PATCH] tcp FRTO: in-order-only "TCP proxy" fragility
 workaround

On Tue, 26 Aug 2008 17:10:46 +0300 (EEST)
"Ilpo Järvinen" <ilpo.jarvinen@...sinki.fi> wrote:

> There is more than one TCP flow in your workload btw (so using 
> "connection" is a bit more blurry from my/TCP's pov). Some stall and never 
> finish, some get immediately through without any stalling and proceed ok. 
> So far I've not seen any cases with mixed behavior.

	Interesting.

> It could be userspace related thing.

	Hmmm. I'll try to report this to the dovecot and inn lists.

> It seems that there could well be more than one problem, with symptoms 
> similar enough that they're hard to distinguish without a packet trace.

	Yes, exactly! I think the same.

> Did it solve in this particular case? At least for 995 nothing 

	Yes. nmap -sS always solves the problem. Very strange. nmap -sS
for me is kind of brute force attempt to restablish the normal
behaviour of the server... 

	Anyway, I disabled htb and frto and everything is fine for now.
I'll keep investigating this.

> ListenOverflows might explain this (it can't be ListenDrops since it's 
> equal to ListenOverflows and both get incremented on overflow). Are you 
> perhaps short on workers at the userspace server? It would be nice to 

	I use dovecot por mail. I'll post on the dovecot list. If it's
an userspace issue, better.

> capture those mibs often enough (eg., once per 1s with timestamps) during 
> the stall to see what actually gets incremented during the event because 
> there's currently so much haystack that finding the needle gets impossible 
> (ListenOverflows 47410) :-). Also, the corresponding tcpdump would be 
> needed to match the events.

	Ok. If I had more useful information, I'll reply.

	Thank you very much!

-- 
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists