Re: Pathological TCP behavior running ls(1) over SSH

To: tech-net%NetBSD.org@localhost
Subject: Re: Pathological TCP behavior running ls(1) over SSH
From: David Young <dyoung%pobox.com@localhost>
Date: Sun, 27 Jan 2008 18:06:46 -0600

On Sun, Jan 27, 2008 at 11:34:10PM +0200, Andreas Gustafsson wrote:
> Aside from the question of whether sshd should set TCP_NODELAY or not,
> could someone explain why the server waits almost a whole second to
> retransmit the segment starting at octet 417; why don't the
> 38 duplicate ACKs cause a fast retransmit?

Does the server run a packet filter of any kind?  I was astonished to
find that PF was filtering duplicate ACKs unless I told it otherwise with,
e.g., the 'flags A/A' rule, below:

# pfctl -a gateway -s rules
No ALTQ support in kernel
ALTQ related functions disabled
pass out log-all quick on ath0 route-to gre2 from <cuwin> to ! <cuwin> flags A/A
pass out log-all quick on ath0 route-to gre2 from <cuwin> to ! <cuwin> keep 
state (if-bound)

Dave

-- 
David Young             OJC Technologies
dyoung%ojctech.com@localhost      Urbana, IL * (217) 278-3933 ext 24

Follow-Ups:
- Re: Pathological TCP behavior running ls(1) over SSH
  - From: Steven M. Bellovin

References:
- Pathological TCP behavior running ls(1) over SSH
  - From: Andreas Gustafsson

Prev by Date: Re: Revamping optimised in_cksum/in4_cksum/in6_cksum support
Next by Date: Re: Pathological TCP behavior running ls(1) over SSH
Previous by Thread: Pathological TCP behavior running ls(1) over SSH
Next by Thread: Re: Pathological TCP behavior running ls(1) over SSH
Indexes:

Home | Main Index | Thread Index | Old Index