On Fri, Oct 17, 2008 at 12:46:13PM +0200, Luigi Iotti wrote:
> > > Two seconds later we have 46 bytes of data from the sender.
> >
> > Or is window scaling in effect? And perhaps an edge firewall at the
> > sender's edge system that fails to take window scaling into account?
> >
> > We'd need to see the initial TCP handshake (SYN, SYN-ACK,
> > ACK). This could
> > be another recent case of poor interaction between WS>0 and firewalls.
>
> It seems you caught it. Window scaling is in effect. The handshake:
> 01:15:38.122112 IP (tos 0x0, ttl 46, id 53117, offset 0, flags [DF], proto:
> TCP (6), length: 64) squid-cache.org.54737 > 192.168.0.100.smtp: S, cksum
> 0x7502 (correct), 854600175:854600175(0) win 65535 <mss 1460,nop,wscale
> 1,nop,nop,timestamp 4005670333 0,sackOK,eol>
> 01:15:38.122213 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: TCP
> (6), length: 60) 192.168.0.100.smtp > squid-cache.org.54737: S, cksum 0xce37
> (correct), 2984125380:2984125380(0) ack 854600176 win 5792 <mss
> 1460,sackOK,timestamp 1595763800 4005670333,nop,wscale 7>
> 01:15:38.476421 IP (tos 0x0, ttl 46, id 53395, offset 0, flags [DF], proto:
> TCP (6), length: 64) squid-cache.org.54737 > 192.168.0.100.smtp: S, cksum
> 0x694a (correct), 854600175:854600175(0) win 65535 <mss 1460,nop,wscale
> 1,nop,nop,timestamp 4005673333 0,sackOK,eol>
>
> So the tiny window (0x2e, 46) my box announces should read 5888.
> Unfortunately, as Wietse observed, the remote site sends me exactly 46 bytes
> so it seems that it simply ignores the scale.
That would be the firewall, buffering/fragmenting rather large frames
and getting confused by the scaled window sizes. My observation is
that on today's Internet at least mail servers need to disable window
scaling to avoid interoperability issues with a non-negligible fraction
of deployed firewalls.
If you set your window scale to zero, the problem will mostly go away.
In this case the peer system also offers a non-zero scale (1), so when
you are sending to them, large messages could experience some delays.
Their postmaster should be made aware of the issue, and should disable
window scaling on their side, or get a better firewall.
--
Viktor.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:[EMAIL PROTECTED]>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
