panic
Johannes Hofmann
Johannes.Hofmann at gmx.de
Mon Apr 17 05:19:17 PDT 2006
Matthew Dillon <dillon at xxxxxxxxxxxxxxxxxxxx> wrote:
>
> :ipw0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1492
> : inet 192.168.1.5 netmask 0xffffff00 broadcast 192.168.1.255
> : ether 00:0c:f1:3b:d1:ef
> : media: IEEE 802.11 Wireless Ethernet autoselect (DS/11Mbps)
> : status: associated
> :
> :
> :Perhaps it's some negotiation with the remote host that reduces t_maxopd?
> :And the problem only occurs since I have upgarded my openwrt router...
>
> A tcpdump may give us a clue. Something like:
>
> tcpdump -i ipw0 -s 4096 -l -vvv
>
> would do the job, but you need to filter out data unrelated to the TCP
> connection causing the problem. So, e.g. you might have to add
> 'not port 22 and not port <blah> and not port <blah>' or things of
> that nature.
Unfortunately the traffic is encrypted by IPSEC, so there is not much,
one can see in the tcpdump output:
18:33:12.872804 IP (tos 0x10, ttl 64, id 3341, offset 0, flags [none], length: 104) blob > 192.168.1.1: ESP(spi=0xf50f7c30,seq=0x69)
18:33:12.876106 IP (tos 0x0, ttl 64, id 43795, offset 0, flags [none], length: 152) 192.168.1.1 > blob: ESP(spi=0x0fe09ce6,seq=0x11a)
18:33:12.971780 IP (tos 0x10, ttl 64, id 3343, offset 0, flags [none], length: 104) blob > 192.168.1.1: ESP(spi=0xf50f7c30,seq=0x6a)
and so on...
>
> I have enclosed a patch that I believe will stop the crashes. The TCP
> connection will still fail, because its an unrecoverable situation (the
> MTU must be large enough to hold the packet's options!), but hopefully
> the system will not crash. It should report problem packets on the
> console/dmesg (limited to one report per second).
The patch fixes the core dumps, thanks. I think the other thing is a
bug or misconfiguration in my router. I will try to track this down
later.
Johannes
PS: Sorry for the late reply. Weather and snow have been too good here :-)
>
> -Matt
> Matthew Dillon
> <dillon at xxxxxxxxxxxxx>
>
> Index: netinet/tcp_output.c
> ===================================================================
> RCS file: /cvs/src/sys/netinet/tcp_output.c,v
> retrieving revision 1.30
> diff -u -r1.30 tcp_output.c
> --- netinet/tcp_output.c 14 Jan 2006 11:33:50 -0000 1.30
> +++ netinet/tcp_output.c 9 Apr 2006 17:34:48 -0000
> @@ -631,18 +631,29 @@
> #endif
>
> /*
> - * Adjust data length if insertion of options will
> - * bump the packet length beyond the t_maxopd length.
> - * Clear the FIN bit because we cut off the tail of
> - * the segment.
> + * Adjust data length if insertion of options will bump the packet
> + * length beyond the t_maxopd length. Clear FIN to prevent premature
> + * closure since there is still more data to send after this (now
> + * truncated) packet.
> + *
> + * If just the options do not fit we are in a no-win situation and
> + * we treat it as an unreachable host.
> */
> if (len + optlen + ipoptlen > tp->t_maxopd) {
> - /*
> - * If there is still more to send, don't close the connection.
> - */
> - flags &= ~TH_FIN;
> - len = tp->t_maxopd - optlen - ipoptlen;
> - sendalot = TRUE;
> + if (tp->t_maxopd <= optlen + ipoptlen) {
> + static time_t last_optlen_report;
> +
> + if (last_optlen_report != time_second) {
> + last_optlen_report = time_second;
> + printf("tcpcb %p: MSS (%d) too small to hold options!\n", tp, tp->t_maxopd);
> + }
> + error = EHOSTUNREACH;
> + goto out;
> + } else {
> + flags &= ~TH_FIN;
> + len = tp->t_maxopd - optlen - ipoptlen;
> + sendalot = TRUE;
> + }
> }
>
> #ifdef INET6
More information about the Bugs
mailing list