tech-net: Re: Fwd: TCP and RFC 1323 extension

Subject: Re: Fwd: TCP and RFC 1323 extension
To: Rostislav Krasny <rosti_bsd@yahoo.com>
From: Martin Husemann <martin@NetBSD.ORG>
List: tech-net
Date: 01/05/2003 02:21:28
So I have a similar setup at home, but I'm using a NetBSD-current (sparc) 
system as gateway. I tried to configure this as close as possible to your
situation - and it just worked (tm).

Here is (edited for brevity) log of what I tried and below the tcpdump at
the same time (actually I'm not sure if I used -v or -vv on the tcpdump
command line, but I guess it doesn't matter).

I disabled the MSS clamping and all relevant NAT settings on the router while
running this - and this is on the router itself.

Martin
P.S.: don't be worried about the "bad tcp sums" in the fragmented packets,
thats just a tcpdump bug

[/tmp] root@nightfall > ifconfig pppoe0
pppoe0: flags=8851<UP,POINTOPOINT,RUNNING,SIMPLEX,MULTICAST> mtu 1492
        inet 217.225.26.192 -> 217.5.98.30 netmask 0xff000000
[/tmp] root@nightfall > sysctl net.inet.tcp.rfc1323
net.inet.tcp.rfc1323 = 1
[/tmp] root@nightfall > telnet www.netbsd.org 80
Trying 2001:4f8:4:b:290:27ff:feab:19a7...
Trying 204.152.184.116...
Connected to www.netbsd.org.
Escape character is '^]'.
GET /
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
<!-- Copyright (c) 1994-2003
	The NetBSD Foundation, Inc.  ALL RIGHTS RESERVED. -->
<link rev="made" href="mailto:www@NetBSD.ORG">
<link rel="shortcut icon" href="/favicon.ico" type="image/x-icon">
<title>The NetBSD Project</title>

[..]

</html>
Connection closed by foreign host.

[/tmp] root@nightfall > netstat -rn
Routing tables
Internet:
Destination        Gateway            Flags     Refs     Use    Mtu  Interface
default            217.5.98.30        UGS         2      953      -  pppoe0
127                127.0.0.1          UGRS        0        0  33220  lo0
127.0.0.1          127.0.0.1          UH          4      633  33220  lo0
[..]
217.5.98.30        217.225.26.192     UH          1        0      -  pppoe0

[/tmp] root@nightfall > tcpdump -i pppoe0 -vv -s 2000 host www.netbsd.org
tcpdump: listening on pppoe0
10:52:46.313818 PPPoE  [ses 0x1d18] IP 62: pD9E11AC0.dip.t-dialin.net.65531 > www.netbsd.org.www: S [tcp sum ok] 2208960354:2208960354(0) win 16384 <mss 1452,nop,wscale 0,nop,nop,timestamp 0 0> (DF) (ttl 64, id 1230, len 60)
10:52:46.545272 PPPoE  [ses 0x1d18] IP 62: www.netbsd.org.www > pD9E11AC0.dip.t-dialin.net.65531: S [tcp sum ok] 26880189:26880189(0) ack 2208960355 win 32768 <mss 1460,nop,wscale 0,nop,nop,timestamp 11144660 0> (ttl 55, id 50060, len 60)
10:52:46.545992 PPPoE  [ses 0x1d18] IP 54: pD9E11AC0.dip.t-dialin.net.65531 > www.netbsd.org.www: . [tcp sum ok] 1:1(0) ack 1 win 17424 <nop,nop,timestamp 0 11144660> (DF) (ttl 64, id 1231, len 52)
10:53:01.746332 PPPoE  [ses 0x1d18] IP 61: pD9E11AC0.dip.t-dialin.net.65531 > www.netbsd.org.www: P [tcp sum ok] 1:8(7) ack 1 win 17424 <nop,nop,timestamp 31 11144660> (DF) (ttl 64, id 1256, len 59)
10:53:01.987989 PPPoE  [ses 0x1d18] IP 766: www.netbsd.org.www > pD9E11AC0.dip.t-dialin.net.65531: . [bad tcp cksum 37fe!] 1:713(712) ack 8 win 33580 <nop,nop,timestamp 11144691 31> (frag 50196:744@0+) (ttl 55, len 764)
10:53:01.996287 PPPoE  [ses 0x1d18] IP 758: www.netbsd.org > pD9E11AC0.dip.t-dialin.net: tcp (frag 50196:736@744) (ttl 55, len 756)
10:53:02.004845 PPPoE  [ses 0x1d18] IP 766: www.netbsd.org.www > pD9E11AC0.dip.t-dialin.net.65531: . [bad tcp cksum af74!] 1449:2161(712) ack 8 win 33580 <nop,nop,timestamp 11144691 31> (frag 50197:744@0+) (ttl 55, len 764)
10:53:02.013029 PPPoE  [ses 0x1d18] IP 758: www.netbsd.org > pD9E11AC0.dip.t-dialin.net: tcp (frag 50197:736@744) (ttl 55, len 756)
10:53:02.013848 PPPoE  [ses 0x1d18] IP 54: pD9E11AC0.dip.t-dialin.net.65531 > www.netbsd.org.www: . [tcp sum ok] 8:8(0) ack 2897 win 15976 <nop,nop,timestamp 31 11144691> (DF) (ttl 64, id 1258, len 52)
10:53:02.021390 PPPoE  [ses 0x1d18] IP 766: www.netbsd.org.www > pD9E11AC0.dip.t-dialin.net.65531: . [bad tcp cksum 928a!] 2897:3609(712) ack 8 win 33580 <nop,nop,timestamp 11144691 31> (frag 50198:744@0+) (ttl 55, len 764)
10:53:02.029519 PPPoE  [ses 0x1d18] IP 758: www.netbsd.org > pD9E11AC0.dip.t-dialin.net: tcp (frag 50198:736@744) (ttl 55, len 756)
10:53:02.033128 PPPoE  [ses 0x1d18] IP 54: pD9E11AC0.dip.t-dialin.net.65531 > www.netbsd.org.www: . [tcp sum ok] 8:8(0) ack 4345 win 17424 <nop,nop,timestamp 31 11144691> (DF) (ttl 64, id 1259, len 52)
10:53:02.038335 PPPoE  [ses 0x1d18] IP 766: www.netbsd.org.www > pD9E11AC0.dip.t-dialin.net.65531: . [bad tcp cksum 6175!] 4345:5057(712) ack 8 win 33580 <nop,nop,timestamp 11144691 31> (frag 50199:744@0+) (ttl 55, len 764)
10:53:02.046514 PPPoE  [ses 0x1d18] IP 758: www.netbsd.org > pD9E11AC0.dip.t-dialin.net: tcp (frag 50199:736@744) (ttl 55, len 756)
10:53:02.247065 PPPoE  [ses 0x1d18] IP 54: pD9E11AC0.dip.t-dialin.net.65531 > www.netbsd.org.www: . [tcp sum ok] 8:8(0) ack 5793 win 17148 <nop,nop,timestamp 32 11144691> (DF) (ttl 64, id 1260, len 52)
10:53:02.250794 PPPoE  [ses 0x1d18] IP 766: www.netbsd.org.www > pD9E11AC0.dip.t-dialin.net.65531: . [bad tcp cksum 2188!] 5793:6505(712) ack 8 win 33580 <nop,nop,timestamp 11144692 31> (frag 50219:744@0+) (ttl 55, len 764)
10:53:02.259490 PPPoE  [ses 0x1d18] IP 758: www.netbsd.org > pD9E11AC0.dip.t-dialin.net: tcp (frag 50219:736@744) (ttl 55, len 756)
10:53:02.267548 PPPoE  [ses 0x1d18] IP 766: www.netbsd.org.www > pD9E11AC0.dip.t-dialin.net.65531: . [bad tcp cksum 8b8!] 7241:7953(712) ack 8 win 33580 <nop,nop,timestamp 11144692 31> (frag 50220:744@0+) (ttl 55, len 764)
10:53:02.276578 PPPoE  [ses 0x1d18] IP 758: www.netbsd.org > pD9E11AC0.dip.t-dialin.net: tcp (frag 50220:736@744) (ttl 55, len 756)
10:53:02.277484 PPPoE  [ses 0x1d18] IP 54: pD9E11AC0.dip.t-dialin.net.65531 > www.netbsd.org.www: . [tcp sum ok] 8:8(0) ack 8689 win 14252 <nop,nop,timestamp 32 11144692> (DF) (ttl 64, id 1261, len 52)
10:53:02.284584 PPPoE  [ses 0x1d18] IP 766: www.netbsd.org.www > pD9E11AC0.dip.t-dialin.net.65531: . [bad tcp cksum 3fa8!] 8689:9401(712) ack 8 win 33580 <nop,nop,timestamp 11144692 31> (frag 50221:744@0+) (ttl 55, len 764)
10:53:02.293210 PPPoE  [ses 0x1d18] IP 758: www.netbsd.org > pD9E11AC0.dip.t-dialin.net: tcp (frag 50221:736@744) (ttl 55, len 756)
10:53:02.304311 PPPoE  [ses 0x1d18] IP 766: www.netbsd.org.www > pD9E11AC0.dip.t-dialin.net.65531: . [bad tcp cksum 71e1!] 10137:10849(712) ack 8 win 33580 <nop,nop,timestamp 11144692 31> (frag 50224:744@0+) (ttl 55, len 764)
10:53:02.309505 PPPoE  [ses 0x1d18] IP 758: www.netbsd.org > pD9E11AC0.dip.t-dialin.net: tcp (frag 50224:736@744) (ttl 55, len 756)
10:53:02.310814 PPPoE  [ses 0x1d18] IP 54: pD9E11AC0.dip.t-dialin.net.65531 > www.netbsd.org.www: . [tcp sum ok] 8:8(0) ack 11585 win 11356 <nop,nop,timestamp 32 11144692> (DF) (ttl 64, id 1263, len 52)
10:53:02.317923 PPPoE  [ses 0x1d18] IP 766: www.netbsd.org.www > pD9E11AC0.dip.t-dialin.net.65531: . [bad tcp cksum a48f!] 11585:12297(712) ack 8 win 33580 <nop,nop,timestamp 11144692 31> (frag 50225:744@0+) (ttl 55, len 764)
10:53:02.326166 PPPoE  [ses 0x1d18] IP 758: www.netbsd.org > pD9E11AC0.dip.t-dialin.net: tcp (frag 50225:736@744) (ttl 55, len 756)
10:53:02.482833 PPPoE  [ses 0x1d18] IP 766: www.netbsd.org.www > pD9E11AC0.dip.t-dialin.net.65531: . [bad tcp cksum 765c!] 13033:13745(712) ack 8 win 33580 <nop,nop,timestamp 11144692 31> (frag 50234:744@0+) (ttl 55, len 764)
10:53:02.491236 PPPoE  [ses 0x1d18] IP 758: www.netbsd.org > pD9E11AC0.dip.t-dialin.net: tcp (frag 50234:736@744) (ttl 55, len 756)
10:53:02.492070 PPPoE  [ses 0x1d18] IP 54: pD9E11AC0.dip.t-dialin.net.65531 > www.netbsd.org.www: . [tcp sum ok] 8:8(0) ack 14481 win 8460 <nop,nop,timestamp 32 11144692> (DF) (ttl 64, id 1268, len 52)
10:53:02.499447 PPPoE  [ses 0x1d18] IP 766: www.netbsd.org.www > pD9E11AC0.dip.t-dialin.net.65531: . [bad tcp cksum 2877!] 14481:15193(712) ack 8 win 33580 <nop,nop,timestamp 11144692 31> (frag 50235:744@0+) (ttl 55, len 764)
10:53:02.507738 PPPoE  [ses 0x1d18] IP 758: www.netbsd.org > pD9E11AC0.dip.t-dialin.net: tcp (frag 50235:736@744) (ttl 55, len 756)
10:53:02.510439 PPPoE  [ses 0x1d18] IP 282: www.netbsd.org.www > pD9E11AC0.dip.t-dialin.net.65531: FP [tcp sum ok] 15929:16157(228) ack 8 win 33580 <nop,nop,timestamp 11144692 31> (ttl 55, id 50236, len 280)
10:53:02.511167 PPPoE  [ses 0x1d18] IP 54: pD9E11AC0.dip.t-dialin.net.65531 > www.netbsd.org.www: . [tcp sum ok] 8:8(0) ack 16158 win 6783 <nop,nop,timestamp 32 11144692> (DF) (ttl 64, id 1269, len 52)
10:53:06.274262 PPPoE  [ses 0x1d18] IP 54: pD9E11AC0.dip.t-dialin.net.65531 > www.netbsd.org.www: . [tcp sum ok] 8:8(0) ack 16158 win 10732 <nop,nop,timestamp 40 11144692> (DF) (ttl 64, id 1279, len 52)
10:53:09.474503 PPPoE  [ses 0x1d18] IP 54: pD9E11AC0.dip.t-dialin.net.65531 > www.netbsd.org.www: . [tcp sum ok] 8:8(0) ack 16158 win 13775 <nop,nop,timestamp 46 11144692> (DF) (ttl 64, id 1284, len 52)
10:53:11.608976 PPPoE  [ses 0x1d18] IP 54: pD9E11AC0.dip.t-dialin.net.65531 > www.netbsd.org.www: . [tcp sum ok] 8:8(0) ack 16158 win 16771 <nop,nop,timestamp 50 11144692> (DF) (ttl 64, id 1287, len 52)
10:53:16.938551 PPPoE  [ses 0x1d18] IP 54: pD9E11AC0.dip.t-dialin.net.65531 > www.netbsd.org.www: F [tcp sum ok] 8:8(0) ack 16158 win 17424 <nop,nop,timesta