ipf sometimes freezes RFC 1323 transfers
Discovered in SmartOS https://smartos.org/bugview/OS-7586
Something is triggering packet drops, or at least one packet drop, and it's observable by seeing fr_tcpinwindow() (in ipf) returning 0 when processing a packet with data (i.e. not just an ACK). The attached DTrace script will print data on fr_tcpinwindow() returning 0. If you see a packet of non-zero size here, it indicates this problem and a connection is hung.
Examining more recent ipfilter updates (such as the one proposed by an illumos community member to be ported into illumos), it appears the TCP state-maintenance checks have some flaws. There's a commit in FreeBSD:
That addressed a sabotage of RFC 1323 window-scaling. PARTS of this fix appeared in illumos already thanks to:
but not ALL of them. This bug will address the full integration of the FreeBSD fix above to match what was already in illumos back from the early days of OpenSolaris.
Updated by Electric Monk 8 months ago
- Status changed from New to Closed
- % Done changed from 0 to 100
commit 6a6ded8a9716c81d429d2d916745909354d93fee Author: Dan McDonald <email@example.com> Date: 2019-02-20T21:34:13.000Z 10409 ipf sometimes freezes RFC 1323 transfers Reviewed by: Jason King <firstname.lastname@example.org> Reviewed by: Andy Fiddaman <email@example.com> Reviewed by: Cody Peter Mello <firstname.lastname@example.org> Reviewed by: Gergő Doma <email@example.com> Approved by: Robert Mustacchi <firstname.lastname@example.org>