| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <05ae90a3-4fc4-45aa-c001-fb26334332c4@candelatech.com>
Date: Wed, 12 Jan 2022 10:54:05 -0800
From: Ben Greear <greearb@...delatech.com>
To: Eric Dumazet <edumazet@...gle.com>
Cc: Eric Dumazet <eric.dumazet@...il.com>,
Neal Cardwell <ncardwell@...gle.com>,
netdev <netdev@...r.kernel.org>
Subject: Re: Debugging stuck tcp connection across localhost [snip]
On 1/12/22 10:47 AM, Eric Dumazet wrote:
> On Wed, Jan 12, 2022 at 10:44 AM Ben Greear <greearb@...delatech.com> wrote:
>
>> Well, I think maybe I found the problem.
>>
>> I looked in the right place at the right time and saw that the kernel was spewing about
>> neigh entries being full. The defaults are too small for the number of interfaces
>> we are using. Our script that was supposed to set the thresholds higher had a typo
>> in it that caused it to not actually set the values.
>>
>> When the neigh entries are fully consumed, then even communication across 127.0.0.1
>> fails in somewhat mysterious ways, and I guess this can break existing connections
>> too, not just new connections.
>
> Nice to hear this is not a TCP bug ;)
For sure...it took me a long time to get brave enough to even suggest it might
be on a public list :)
That said, might be nice to always reserve a neigh entry for localhost
at least...can't be that hard to arp for it!
--Ben
--
Ben Greear <greearb@...delatech.com>
Candela Technologies Inc http://www.candelatech.com
Powered by blists - more mailing lists