On Tue, 16 Mar 2004 11:29:45 +0000 (UTC) "Bjoern A. Zeeb" <[EMAIL PROTECTED]> wrote:
> > > FreeBSD 4.9-STABLE cvsupped March 3 > > > Cisco IOS 12.2.19a ip only Cisco 5300 > > > > Do you know when it was working correctly the last time? Do you have > > another machine (4.9R or lower, or 5.2 or 5.C) to test against? On > > March 2 the commit of the TCP segment reassembly queue limiter has > > been done but that does not change TCP processing otherwise in any > > way. A month ago the TCP-MD5 stuff has been committed. A year ago > > there have been some NewReno fixes. > > > > So no obvious suspect. Before digging deep into the code its better > > to have some more surrounding information. > > Another question: any packet filters in between ? Yes i have IPFW1 on this servers (it was the same problem on two servers at one time and one cisco) But in IPFW i have ACCEPT by default and only this deny rules: 00200 deny ip from any to 127.0.0.0/8 00300 deny ip from 127.0.0.0/8 to any 00400 deny log logamount 100 tcp from any to any 135-139,445,593 00500 deny log logamount 100 udp from any to any 135-139,445 01100 deny tcp from any to any 22 in recv fxp1 01600 reset tcp from any to any 113 I make ipfw flush when i see this situation and keep only 65535 allow ip from any to any but problem was not resolved and tcp session not ended. -- Zherdev Anatoly. _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
