lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Mon, 10 Jun 2019 15:10:23 +0300
From:   iam@...ddict.ru
To:     netdev@...r.kernel.org
Subject: How long TCP state change from SYN_RECV to ESTABLISHED should take?

While playing with eBPF i tried tcpstates.py (https://github.com/iovisor/bcc/blob/master/tools/tcpstates.py) and noticed very low time for TCP state transition SYN_RECV -> ESTABLISHED

My numbers from tests:

SYN_RECV -> ESTABLISHED 0.015   
SYN_RECV -> ESTABLISHED 0.017   
SYN_RECV -> ESTABLISHED 0.051 

>From handshake diagram (https://user-images.githubusercontent.com/1006307/58944706-0ffdb580-878b-11e9-95d3-8e7a4f85d8b0.png) it looks like that transition time from SYN_RECV to ESTABLISHED should be near RTT between hosts?

TCP Fast Open turned off on host.

OS: Ubuntu 18.10 (GNU/Linux 4.18.0-21-generic x86_64)

tcpdump -tttttv output

Receiver got SYN:
 00:00:00.000000 IP (tos 0x28, ttl 49, id 280, offset 0, flags [DF], proto TCP (6), length 60)
    dst_host > src_host: Flags [S], cksum 0x46ae (correct), seq 4063608731, win 29200, options [mss 1460,sackOK,TS val 332512899 ecr 0,nop,wscale 6], length 0

Receiver sent SYN+ACK:
 00:00:00.000071 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto TCP (6), length 60)
    src_host > dst_host: Flags [S.], cksum 0x84c2 (incorrect -> 0x3c01), seq 1516815880, ack 4063608732, win 28960, options [mss 1460,sackOK,TS val 2341429130 ecr 332512899,nop,wscale 7], length 0

Receiver got ACK:
 00:00:00.079183 IP (tos 0x28, ttl 49, id 281, offset 0, flags [DF], proto TCP (6), length 52)
    dst_host > src_host: Flags [.], cksum 0xda11 (correct), ack 1, win 457, options [nop,nop,TS val 332512918 ecr 2341429130], length 0

such low numbers are between syn_recv and syn+ack send, but between syn_recv and established it should be 00:00:00.079183

ping between hosts in this tcpdump is around 83ms

Is it bug or i'm wrong?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ