FreeBSD 7 TCP syncache fix: request for testers
Eygene Ryabinkin
rea-fbsd at codelabs.ru
Tue Jul 10 13:42:50 UTC 2007
Mike, good day.
Tue, Jul 10, 2007 at 12:20:49AM -0500, Mike Silbersack wrote:
> Anyway, the attached patch simplifies the syncache structure a bit and
> makes it retransmit properly. I'd appreciate testing from anyone who
> has experienced TCP problems with FreeBSD 7, as well as anyone who is
> pushing significant traffic through FreeBSD 7.
Can't say that I am pushing much traffic through my box, but after
applying your patch and rebuilding the kernel I am still seeing the
messages like
-----
TCP: [209.132.176.NNN]:NNN to [144.206.NNN.NNN]:NNN tcpflags 0x19<FIN,PUSH,ACK>; syncache_expand: Segment failed SYNCOOKIE authentication, segment rejected (probably spoofed)
TCP: [201.90.65.NNN]:NNN to [144.206.NNN.NNN]:NNN; syncache_timer: Response timeout
-----
But what had changed is that the lines with the 'syncache_timer'
started to appear. There were no such lines prior to the patch,
only the 'failed SYNCOOKIE' ones.
But the patch received only half a day of testing, so I will continue
the tests and will inform you if some other information will be
available. Up to date I don't see problems that had appeared without
the patch, but they tend to show up after a midnight ;))
Thank you!
--
Eygene
More information about the freebsd-net
mailing list