tech-net: Fwd: TCP and RFC 1323 extension

Subject: Fwd: TCP and RFC 1323 extension
To: None <tech-net@NetBSD.ORG>
From: Rostislav Krasny <rosti_bsd@yahoo.com>
List: tech-net
Date: 01/04/2003 08:16:31
--0-737951303-1041696991=:87344
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

"Martin Husemann" <martin@NetBSD.ORG> suggested to resend my message
into this mailing list. So, I'm sending the forward, look at the
attachment. Please send your replies to me directly because I'm not
subscribed to any @netbsd.org mailing list.

Thanks

__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
--0-737951303-1041696991=:87344
Content-Type: message/rfc822

Date: Fri, 3 Jan 2003 12:34:03 -0800 (PST)
From: Rostislav Krasny <rosti_bsd@yahoo.com>
Subject: TCP and RFC 1323 extension
To: netbsd-bugs@netbsd.org, bugs@openbsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Length: 1586

Hello.

I have FreeBSD 4.7-RELEASE and Windows 98 Second Edition operating
systems installed in the same computer. Also I have Alcatel Speedtouch
Home ADSL modem connected to this computer by Ethernet. I use PPPoE
protocol in both operating systems for connecting with my ISP (Internet
Service Provider) through the ADSL. In FreeBSD I use ppp (a.k.a.
user-ppp) and in Win98SE I use RASPPPOE. Because of PPPoE protocol
usage the MTU cannot be greater than 1492, so I use MTU == 1492 in both
OS-es. Win98SE doesn't support RFC 1323 extension of the TCP protocol.
FreeBSD 4.7 supports RFC 1323 extensiontion of the TCP protocol and
this extension is enabled by default.

I don't use proxies and my ISP doesn't run transparent proxy.
When I use FreeBSD I have troubles with some hosts but when I use
Win98SE I have no troubles with those hosts. For example www.ssh.com
and www.netbsd.org. When I make a tcp connection to the tcp/80 port of
one of the hosts and send a HTTP/1.0 or a HTTP/1.1 request I get no
answer. But if I send a HTTP/0.9 (just "GET /") or any wrong request
(something like "dfghfdh") I get some short answer. No matter what
browser I use, the problem exist even if I use telnet.
I don't have this problem with www.openbsd.org but this host use
Solaris. According to
http://uptime.netcraft.com/up/graph?site=www.ssh.com the host
www.ssh.com uses NetBSD or OpenBSD operating system. So I'm not sure
about OpenBSD have any bug or not. Also I don't know exactly what OS
www.ssh.com use, maybe NetBSD but maybe OpenBSD.

I found two independent workarounds that I can use in my side:

1. reconfigure ppp in my FreeBSD according to the following expression:
MTU == MRU == 1484 (or smaller)

or

2. reconfigure the FreeBSD according to the following expression:
net.inet.tcp.rfc1323 == 0

It looks like a bug in NetBSD's and/or OpenBSD's implementation(s) of
the TCP protocol or/and its extensions. Something like MSS/MTU overflow
because of timestamps when my host declared some infrequently used MSS
like 1452 (in case of MTU == 1492).

P.S.
When I first confronted by the problem with www.ssh.com I found one
more strangeness. Look at the following diagrams of first two TCP/IP
packets in case of Win98SE, FreeBSD with net.inet.tcp.rfc1323 == 0 and
FreeBSD with net.inet.tcp.rfc1323 == 1

Windows 98 Second Edition with RASPPPOE

1. my host -----> SYN (DF) -----> www.ssh.com
   options = <mss 1452,nop,nop,0402>

2. my host <----- ACK,SYN <----- www.ssh.com
   options = <mss 1452>

0402 is a SACK-Permitted option that IMHO have no influence to the main
problem. More information about this option can be found in RFCs 1072
and 2018.


FreeBSD 4.7-RELEASE; net.inet.tcp.rfc1323 == 1 (default)

1. my host -----> SYN (DF) -----> www.ssh.com
   options = <mss 1452,nop,wscale 0,nop,nop,timestamp 1532715 0>

2. my host <----- ACK,SYN <----- www.ssh.com
   options = <mss 1460,nop,wscale 0,nop,nop,timestamp 12034970 1532715>


FreeBSD 4.7-RELEASE; net.inet.tcp.rfc1323 == 0

1. my host -----> SYN (DF) -----> www.ssh.com
   options = <mss 1452>

2. my host <----- ACK,SYN <----- www.ssh.com
   options = <mss 1460>

Why in case of Win98SE the second packet have MSS == 1452 and in the
both cases of FreeBSD the second packet have MSS == 1460? Maybe
RASPPPOE decreases the MSS of incoming ACK,SYN packet according to MTU
or maybe www.ssh.com sends such ACK,SYN because of SACK-Permitted
option? What do you think?

__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com

--0-737951303-1041696991=:87344--