lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <5331BF63.6070106@hp.com>
Date:	Tue, 25 Mar 2014 10:39:47 -0700
From:	Rick Jones <rick.jones2@...com>
To:	netdev@...r.kernel.org
Subject: Re: TCP being hoodwinked into spurious retransmissions by lack of
 timestamps?

On 03/03/2014 04:29 PM, Rick Jones wrote:
> I've been looking at some packet traces of an application looking to
> upload a Large Quantity (tm) of data to a server across the Big Bad
> Internet (tm).  They've been Linux senders, and the destination while
> supporting SACK and window scaling does not support TCP timestamps. (TCP
> timestamp support was requested of the supplier of said server many many
> months ago now.)
>
> This destination system has been issuing RSTs at seemingly random points
> in the middle of a large fraction of the attempted transfers.  In
> looking at the traces, they all seem to be variations on the theme of
> what is shown by:
>
> ftp://netperf.org/retrans_question/for_netdev.png
>
> which is a passing of ftp://netperf.org/retrans_question/for_netdev.pcap
> through tcptrace -nG and zoomed-in to the end.  I've seen this with a
> 3.2.0 kernel as the sender, have reports of it happening with whatever
> is in Fedora Core 20, and the traces above are from a 3.11.0 kernel as
> the sender.
>
> The large quantity of (likely) unnecessary retransmissions shouldn't be
> triggering a RST by the receiver, but the failures consistently show
> that and I was wondering if the (spurious) retransmissions were perhaps
> "encouraged" (so to speak) by the lack of TCP Timestamps.

I have learned why the receiving TCP has reset the connection.  It would 
seem that stack has a heuristic whereby if it receives more than 255 
retransmissions in a window it will abort the connection.

rick jones
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ