[Openswan Users]
Re: [Openswan dev] KLIPS 2.4.x set tcp window to 0 (fwd)
Michael Richardson
mcr at sandelman.ottawa.on.ca
Mon May 22 16:11:59 CEST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
{cleaning out mailbox. Did this get resolved somehow?}
Marco> I'm try to establish a TCP socket from my windows NT wks
Marco> 4.0sp6 machine to the windows NT 4.0 terminal server but it
Marco> doesn't work. Ping packet flow: any size (I tried with 32 and
Marco> 11:09:32.551457 IP (tos 0x0, ttl 127, id 33025, offset 0,
Marco> flags [none], proto: TCP (6), length: 40) 10.1.3.1.1045 >
Marco> 172.18.1.13.3389: R, cksum 0x39a8 (correct), 54626:54626(0)
Marco> win 0
Marco> As you can see tcp window is set to 0. This happens with
Well, the tcp window will slowly decrease if there are no ACKs in the
opposite direction.
11:09:29.546831 IP (tos 0x0, ttl 127, id 32257, offset 0, flags [DF], proto: 6(TCP), length: 44) 10.1.3.1.1045 > 172.18.1.13.3389: S, cksum 0xd751 (correct),54625:54625(0) win 8192 <mss 1460>
11:09:29.569664 IP (tos 0x0, ttl 127, id 28621, offset 0, flags [DF], proto: TCP(6), length: 44) 172.18.1.13.3389 > 10.1.3.1.1045: S, cksum 0x7271 (correct),1815475809:1815475809(0) ack 54626 win 8760 <mss 1460>
11:09:29.570137 IP (tos 0x0, ttl 127, id 32513, offset 0, flags [none], proto:TCP (6), length: 40) 10.1.3.1.1045 > 172.18.1.13.3389: R, cksum 0x39a8(correct), 54626:54626(0) win 0
Connection opened, and then closed. It was reset ("R").
It isn't the window size that matters here. Something is resetting the
connection.
11:09:32.529402 IP (tos 0x0, ttl 127, id 32769, offset 0, flags [DF], proto: TCP(6), length: 44) 10.1.3.1.1045 > 172.18.1.13.3389: S, cksum 0xd751 (correct),54625:54625(0) win 8192 <mss 1460>
11:09:32.551083 IP (tos 0x0, ttl 127, id 34765, offset 0, flags [DF], proto: TCP(6), length: 44) 172.18.1.13.3389 > 10.1.3.1.1045: S, cksum 0x8e07 (correct),1816320702:1816320702(0) ack 54626 win 8760 <mss 1460>
11:09:32.551457 IP (tos 0x0, ttl 127, id 33025, offset 0, flags [none], proto:TCP (6), length: 40) 10.1.3.1.1045 > 172.18.1.13.3389: R, cksum 0x39a8(correct), 54626:54626(0) win 0
Ditto.
Marco> KLIPS 2.4.4 This problem does not happen with KLIPS
Marco> 2.3.1. This is the tcpdump caputure (KLIPS 2.3.1):
So, this is not a window size issue. It looks like some kind of firewall
issue to me.
Where is the tcpdump being taken?
(Please make sure to avoid line wrap on tcpdump traces)
- - --
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] mcr at xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
"The Microsoft _Get the Facts CD_ does not work on Linux." - orospakr
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Finger me for keys
iQEVAwUBRHIM+4CLcPvd0N1lAQIDAgf/f93gOZi3zC8E8FzaadOtj1qrvDipIIB2
+A0I2G8FDO69FG7OwPENlaPuIxSSnmKgErkmNOfugk/+ZWNLYD6B8KzEJ3f6kMKP
g5pGMiMLUayeSJr0iaKhBJPr2jugGHC//CEWMXZPTE75HU6m4EX8/qGo4ginCGMb
1XHGooHnYkWbltKftQMtHte2pr0+flR08YNrCkRUjAtIr+DpdxmoI8Z6LnFngsnH
kAKYNTpPn0TgUjbOQnfEVmQtyUAgg+dVI7f7GW3jHTiFT6bQiHTyeuXYmaTfOTM/
C8cfs8TXLe6rS2f1d8ucIpThu/s+ZtEngwjsTPaZtMtSxGUtzk258g==
=V69d
-----END PGP SIGNATURE-----
More information about the Users
mailing list