[Openswan Users] KLIPS 2.4.x set tcp window to 0
Marco Berizzi
pupilla at hotmail.com
Thu Nov 24 12:14:53 CET 2005
Hello.
I have a problem with KLIPS 2.4.4 (static compiled) on linux vanilla 2.4.4
My network schema:
nt4.0 wks ----- KLIPS 2.4.4 ----- the internet ----- KLIPS 2.05 -----
windows NT 4.0 Terminal server
------------------------tunnel
ipsec-----------------------
Tunnel is 3DES/IPComp.
I'm try to establish a TCP socket from my windows NT wks 4.0sp6 machine to
the windows NT 4.0 terminal server but it doesn't work. Ping packet flow:
any size (I tried with 32 and 1300 bytes.)
I see only SYN SENT. This is a tcpdump capture on the ipsec0 device on the
KLIPS 2.4.4 system:
11:09:29.546831 IP (tos 0x0, ttl 127, id 32257, offset 0, flags [DF], proto:
TCP (6), length: 44) 10.1.3.1.1045 > 172.18.1.13.3389: S, cksum 0xd751
(correct), 54625:54625(0) win 8192 <mss 1460>
11:09:29.569664 IP (tos 0x0, ttl 127, id 28621, offset 0, flags [DF], proto:
TCP (6), length: 44) 172.18.1.13.3389 > 10.1.3.1.1045: S, cksum 0x7271
(correct), 1815475809:1815475809(0) ack 54626 win 8760 <mss 1460>
11:09:29.570137 IP (tos 0x0, ttl 127, id 32513, offset 0, flags [none],
proto: TCP (6), length: 40) 10.1.3.1.1045 > 172.18.1.13.3389: R, cksum
0x39a8 (correct), 54626:54626(0) win 0
11:09:32.529402 IP (tos 0x0, ttl 127, id 32769, offset 0, flags [DF], proto:
TCP (6), length: 44) 10.1.3.1.1045 > 172.18.1.13.3389: S, cksum 0xd751
(correct), 54625:54625(0) win 8192 <mss 1460>
11:09:32.551083 IP (tos 0x0, ttl 127, id 34765, offset 0, flags [DF], proto:
TCP (6), length: 44) 172.18.1.13.3389 > 10.1.3.1.1045: S, cksum 0x8e07
(correct), 1816320702:1816320702(0) ack 54626 win 8760 <mss 1460>
11:09:32.551457 IP (tos 0x0, ttl 127, id 33025, offset 0, flags [none],
proto: TCP (6), length: 40) 10.1.3.1.1045 > 172.18.1.13.3389: R, cksum
0x39a8 (correct), 54626:54626(0) win 0
As you can see tcp window is set to 0. This happens with KLIPS 2.4.4
This problem does not happen with KLIPS 2.3.1. This is the tcpdump caputure
(KLIPS 2.3.1):
11:26:25.137331 IP (tos 0x0, ttl 127, id 21250, offset 0, flags [DF], proto:
TCP (6), length: 44) 10.1.3.1.1049 > 172.18.1.13.3389: S, cksum 0xd729
(correct), 54661:54661(0) win 8192 <mss 1460>
11:26:25.158408 IP (tos 0x0, ttl 127, id 59353, offset 0, flags [DF], proto:
TCP (6), length: 44) 172.18.1.13.3389 > 10.1.3.1.1049: S, cksum 0x7c43
(correct), 2077547720:2077547720(0) ack 54662 win 8760 <mss 1460>
11:26:25.158831 IP (tos 0x0, ttl 127, id 21506, offset 0, flags [DF], proto:
TCP (6), length: 40) 10.1.3.1.1049 > 172.18.1.13.3389: ., cksum 0x9400
(correct), ack 1 win 8760
11:26:25.159583 IP (tos 0x0, ttl 127, id 21762, offset 0, flags [DF], proto:
TCP (6), length: 51) 10.1.3.1.1049 > 172.18.1.13.3389: P, cksum 0x8a02
(correct), 1:12(11) ack 1 win 8760
11:26:25.200239 IP (tos 0x0, ttl 127, id 59609, offset 0, flags [DF], proto:
TCP (6), length: 51) 172.18.1.13.3389 > 10.1.3.1.1049: P, cksum 0x77de
(correct), 1:12(11) ack 12 win 8749
11:26:25.200893 IP (tos 0x0, ttl 127, id 22018, offset 0, flags [DF], proto:
TCP (6), length: 316) 10.1.3.1.1049 > 172.18.1.13.3389: P 12:288(276) ack 12
win 8749
11:26:25.256395 IP (tos 0x0, ttl 127, id 59865, offset 0, flags [DF], proto:
TCP (6), length: 365) 172.18.1.13.3389 > 10.1.3.1.1049: P 12:337(325) ack
288 win 8473
11:26:25.257150 IP (tos 0x0, ttl 127, id 22274, offset 0, flags [DF], proto:
TCP (6), length: 52) 10.1.3.1.1049 > 172.18.1.13.3389: P, cksum 0x0acd
(correct), 288:300(12) ack 337 win 8424
11:26:25.257352 IP (tos 0x0, ttl 127, id 22530, offset 0, flags [DF], proto:
TCP (6), length: 48) 10.1.3.1.1049 > 172.18.1.13.3389: P, cksum 0x0ca5
(correct), 300:308(8) ack 337 win 8424
11:26:25.291194 IP (tos 0x0, ttl 127, id 60121, offset 0, flags [DF], proto:
TCP (6), length: 40) 172.18.1.13.3389 > 10.1.3.1.1049: ., cksum 0x92b0
(correct), ack 308 win 8453
11:26:25.291703 IP (tos 0x0, ttl 127, id 60377, offset 0, flags [DF], proto:
TCP (6), length: 51) 172.18.1.13.3389 > 10.1.3.1.1049: P, cksum 0x0974
(correct), 337:348(11) ack 308 win 8453
11:26:25.292251 IP (tos 0x0, ttl 127, id 22786, offset 0, flags [DF], proto:
TCP (6), length: 52) 10.1.3.1.1049 > 172.18.1.13.3389: P, cksum 0x0896
(correct), 308:320(12) ack 348 win 8413
11:26:25.314487 IP (tos 0x0, ttl 127, id 60633, offset 0, flags [DF], proto:
TCP (6), length: 55) 172.18.1.13.3389 > 10.1.3.1.1049: P, cksum 0x3149
(correct), 348:363(15) ack 320 win 8441
11:26:25.315054 IP (tos 0x0, ttl 127, id 23042, offset 0, flags [DF], proto:
TCP (6), length: 52) 10.1.3.1.1049 > 172.18.1.13.3389: P, cksum 0x088b
(correct), 320:332(12) ack 363 win 8398
11:26:25.338551 IP (tos 0x0, ttl 127, id 60889, offset 0, flags [DF], proto:
TCP (6), length: 55) 172.18.1.13.3389 > 10.1.3.1.1049: P, cksum 0x333a
(correct), 363:378(15) ack 332 win 8429
11:26:25.342732 IP (tos 0x0, ttl 127, id 23298, offset 0, flags [DF], proto:
TCP (6), length: 134) 10.1.3.1.1049 > 172.18.1.13.3389: P 332:426(94) ack
378 win 8383
11:26:25.343413 IP (tos 0x0, ttl 127, id 23554, offset 0, flags [DF], proto:
TCP (6), length: 126) 10.1.3.1.1049 > 172.18.1.13.3389: P 426:512(86) ack
378 win 8383
11:26:25.368572 IP (tos 0x0, ttl 127, id 61145, offset 0, flags [DF], proto:
TCP (6), length: 40) 172.18.1.13.3389 > 10.1.3.1.1049: ., cksum 0x9287
(correct), ack 512 win 8249
11:26:25.390593 IP (tos 0x0, ttl 127, id 61401, offset 0, flags [DF], proto:
TCP (6), length: 377) 172.18.1.13.3389 > 10.1.3.1.1049: P 378:715(337) ack
512 win 8249
11:26:25.407587 IP (tos 0x0, ttl 127, id 23810, offset 0, flags [DF], proto:
TCP (6), length: 207) 10.1.3.1.1049 > 172.18.1.13.3389: P 512:679(167) ack
715 win 8046
11:26:25.453308 IP (tos 0x0, ttl 127, id 61657, offset 0, flags [DF], proto:
TCP (6), length: 74) 172.18.1.13.3389 > 10.1.3.1.1049: P, cksum 0xf642
(correct), 715:749(34) ack 679 win 8082
11:26:25.513813 IP (tos 0x0, ttl 127, id 61913, offset 0, flags [DF], proto:
TCP (6), length: 337) 172.18.1.13.3389 > 10.1.3.1.1049: P 749:1046(297) ack
679 win 8082
Running Windows XPsp2 instead of windows NT 4.0sp6 "resolve" the problem
(with KLIPS 2.4.4)
Here is the tcpdump capture (KLIPS 2.4.4):
11:42:20.575811 IP (tos 0x0, ttl 127, id 150, offset 0, flags [none], proto:
TCP (6), length: 48) 10.1.3.1.1047 > 172.18.1.13.3389: S, cksum 0x0b2a
(correct), 1463375375:1463375375(0) win 65535 <mss 1260,nop,nop,sackOK>
11:42:20.598786 IP (tos 0x0, ttl 127, id 8283, offset 0, flags [DF], proto:
TCP (6), length: 44) 172.18.1.13.3389 > 10.1.3.1.1047: S, cksum 0xb890
(correct), 2324347336:2324347336(0) ack 1463375376 win 8820 <mss 1460>
11:42:20.599256 IP (tos 0x0, ttl 127, id 151, offset 0, flags [none], proto:
TCP (6), length: 40) 10.1.3.1.1047 > 172.18.1.13.3389: ., cksum 0xf2c1
(correct), ack 1 win 65535
11:42:20.599639 IP (tos 0x0, ttl 127, id 152, offset 0, flags [none], proto:
TCP (6), length: 79) 10.1.3.1.1047 > 172.18.1.13.3389: P, cksum 0xae81
(correct), 1:40(39) ack 1 win 65535
11:42:20.627847 IP (tos 0x0, ttl 127, id 8539, offset 0, flags [DF], proto:
TCP (6), length: 51) 172.18.1.13.3389 > 10.1.3.1.1047: P, cksum 0xb42b
(correct), 1:12(11) ack 40 win 8781
11:42:20.628366 IP (tos 0x0, ttl 127, id 153, offset 0, flags [none], proto:
TCP (6), length: 128) 10.1.3.1.1047 > 172.18.1.13.3389: . 40:128(88) ack 12
win 65524
11:42:20.628655 IP (tos 0x0, ttl 127, id 154, offset 0, flags [none], proto:
TCP (6), length: 128) 10.1.3.1.1047 > 172.18.1.13.3389: . 128:216(88) ack 12
win 65524
11:42:20.628874 IP (tos 0x0, ttl 127, id 155, offset 0, flags [none], proto:
TCP (6), length: 128) 10.1.3.1.1047 > 172.18.1.13.3389: . 216:304(88) ack 12
win 65524
11:42:20.656918 IP (tos 0x0, ttl 127, id 8795, offset 0, flags [DF], proto:
TCP (6), length: 40) 172.18.1.13.3389 > 10.1.3.1.1047: ., cksum 0xd042
(correct), ack 216 win 8605
11:42:20.657328 IP (tos 0x0, ttl 127, id 156, offset 0, flags [none], proto:
TCP (6), length: 128) 10.1.3.1.1047 > 172.18.1.13.3389: . 304:392(88) ack 12
win 65524
11:42:20.657571 IP (tos 0x0, ttl 127, id 157, offset 0, flags [none], proto:
TCP (6), length: 100) 10.1.3.1.1047 > 172.18.1.13.3389: P 392:452(60) ack 12
win 65524
11:42:20.680498 IP (tos 0x0, ttl 127, id 9051, offset 0, flags [DF], proto:
TCP (6), length: 40) 172.18.1.13.3389 > 10.1.3.1.1047: ., cksum 0xd042
(correct), ack 392 win 8429
11:42:20.700238 IP (tos 0x0, ttl 127, id 9307, offset 0, flags [DF], proto:
TCP (6), length: 365) 172.18.1.13.3389 > 10.1.3.1.1047: P 12:337(325) ack
452 win 8369
11:42:20.700825 IP (tos 0x0, ttl 127, id 158, offset 0, flags [none], proto:
TCP (6), length: 52) 10.1.3.1.1047 > 172.18.1.13.3389: P, cksum 0x679a
(correct), 452:464(12) ack 337 win 65535
11:42:20.701029 IP (tos 0x0, ttl 127, id 159, offset 0, flags [none], proto:
TCP (6), length: 48) 10.1.3.1.1047 > 172.18.1.13.3389: P, cksum 0x6972
(correct), 464:472(8) ack 337 win 65535
11:42:20.722763 IP (tos 0x0, ttl 127, id 9563, offset 0, flags [DF], proto:
TCP (6), length: 40) 172.18.1.13.3389 > 10.1.3.1.1047: ., cksum 0xcefd
(correct), ack 472 win 8349
11:42:20.723360 IP (tos 0x0, ttl 127, id 9819, offset 0, flags [DF], proto:
TCP (6), length: 51) 172.18.1.13.3389 > 10.1.3.1.1047: P, cksum 0x45c1
(correct), 337:348(11) ack 472 win 8349
11:42:20.723755 IP (tos 0x0, ttl 127, id 160, offset 0, flags [none], proto:
TCP (6), length: 52) 10.1.3.1.1047 > 172.18.1.13.3389: P, cksum 0x6563
(correct), 472:484(12) ack 348 win 65524
11:42:20.746448 IP (tos 0x0, ttl 127, id 10075, offset 0, flags [DF], proto:
TCP (6), length: 55) 172.18.1.13.3389 > 10.1.3.1.1047: P, cksum 0x6d96
(correct), 348:363(15) ack 484 win 8337
11:42:20.747029 IP (tos 0x0, ttl 127, id 161, offset 0, flags [none], proto:
TCP (6), length: 52) 10.1.3.1.1047 > 172.18.1.13.3389: P, cksum 0x6558
(correct), 484:496(12) ack 363 win 65509
11:42:20.768097 IP (tos 0x0, ttl 127, id 10331, offset 0, flags [DF], proto:
TCP (6), length: 55) 172.18.1.13.3389 > 10.1.3.1.1047: P, cksum 0x6f87
(correct), 363:378(15) ack 496 win 8325
11:42:20.769291 IP (tos 0x0, ttl 127, id 162, offset 0, flags [none], proto:
TCP (6), length: 128) 10.1.3.1.1047 > 172.18.1.13.3389: . 496:584(88) ack
378 win 65494
Any feedback are welcome.
More information about the Users
mailing list