[Openswan Users] KLIPS 2.4.x set tcp window to 0
Paul Wouters
paul at xelerance.com
Thu Nov 24 20:11:21 CET 2005
On Thu, 24 Nov 2005, Marco Berizzi wrote:
> I'm try to establish a TCP socket from my windows NT wks 4.0sp6 machine to the
> windows NT 4.0 terminal server but it doesn't work. Ping packet flow: any size
> (I tried with 32 and 1300 bytes.)
> I see only SYN SENT. This is a tcpdump capture on the ipsec0 device on the
> KLIPS 2.4.4 system:
> As you can see tcp window is set to 0. This happens with KLIPS 2.4.4
> This problem does not happen with KLIPS 2.3.1. This is the tcpdump caputure
> (KLIPS 2.3.1):
What happens if you toggle /proc/sys/net/ipv4/tcp_window_scaling or change
the settings in /proc/sys/net/ipv4/tcp_adv_win_scale ?
We will add those to the ipsec barf output in the next release.
> Running Windows XPsp2 instead of windows NT 4.0sp6 "resolve" the problem (with
> KLIPS 2.4.4)
So that leads me to believe that NT4 might just have a broken stack that does
not implement TCP window scaling, and instead of ignoring unknown tcp options,
does weird things. Try setting /proc/sys/net/ipv4/tcp_window_scaling to 0 and
see if that fixes your issues with NT4.
Paul
More information about the Users
mailing list