On 1 February 2013 16:21, Kevin Day <ke...@your.org> wrote: > We've got a large cluster of HTTP servers, each server handling > >10,000req/sec. Occasionally, and during periods of heavy load, we'd get > complaints from some users that downloads were working but going EXTREMELY > slowly. After a whole lot of debugging, we narrowed it down to being only > Windows 8 clients experiencing this problem. It turns out that FreeBSD's > implementation of syncookies is likely violating RFC1323.
Kevin, Thanks for the thorough analysis and report, although I didn't see mention of which FreeBSD version you're running. It looks like andre@ added storage of the window scale option in the timestamp many years ago in r162277[1], so I'm curious if you have an old version or there's an issue with this implementation. > This implementation extends the orginal idea and first implementation > of FreeBSD by using not only the initial sequence number field to store > information but also the timestamp field if present. This way we can > keep track of the entire state we need to know to recreate the session in > its original form. Almost all TCP speakers implement RFC1323 timestamps > these days. For those that do not we still have to live with the known > shortcomings of the ISN only SYN cookies. The use of the timestamp field > causes the timestamps to be randomized if syncookies are enabled. -Ed [1] http://svnweb.freebsd.org/base?view=revision&revision=162277 _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "freebsd-net-unsubscr...@freebsd.org"
