Bug 4782

Summary:

Under certain conditions, several krsh's in a row to the same destination machine can result in refused connections

Product:

Base System

Reporter:

Matt Dillon <dillon>

Component:

kern

Assignee:

freebsd-bugs (Nobody) <bugs>

Status:

Closed FIXED

Severity:

Affects Only Me

Priority:

Normal

Version:

2.2-STABLE

Hardware:

Any

OS:

Any

Attachments:

Description	Flags
file.diff	none

Description Matt Dillon 1997-10-16 19:40:00 UTC

	When krsh'ing between two FreeBSD boxes, it is possible to get
	the destination in a TIME_WAIT state which causes the next krsh
	from the source machine to get a connection refused (an RST).
	The problem only seems to occur when the previous connection
	has been established for longer then TCPTV_MSL and the destination
	goes into TIME_WAIT on termination of the previous connection.

	The new connection attempts to use the same port pair.

Fix: I believe the ordering of the TCPS_TIME_WAIT state code in
	tcp_input.c is incorrect.  If I patch it as below, the problem
	goes away.  However, I DO NOT KNOW if I am breaking something else
	by reordering this code.  My understanding is that the condition can
	only occur if the same port pair is reused (which rcmd and krcmd
	will do) and that THIS can only occur if the source machine's tcb
	has already been completely closed, in which case it is safe to
	close the destination machine's tcb.

						-Matt
How-To-Repeat: 
	Make a krsh from host1 to host2 and run a command which takes
	longer then TCPTV_MSL to execute.  Then try doing another random
	krsh right after the first one finishes.

		(assuming 10BaseT, this takes around 65 seconds)
	host1> krsh host2 "dd if=/dev/zero bs=64k count=138" || dd of=/dev/null
	host1> krsh host2 -n "echo hello world"

Comment 1 Johan Karlsson freebsd_committer

2000-08-11 07:38:13 UTC

Responsible Changed
From-To: freebsd-bugs->dillon

Let Matt handle his own PRs.

Comment 2 Giorgos Keramidas freebsd_committer

2003-02-23 02:12:47 UTC

Responsible Changed
From-To: dillon->freebsd-bugs

Back to the free pool.

Comment 3 Kris Kennaway 2003-07-13 07:54:24 UTC

Adding to audit trail

----- Forwarded message from Matthew Dillon <dillon@apollo.backplane.com> -----

:--zhXaljGHf11kAtnf
:Content-Type: text/plain; charset=us-ascii
:Content-Disposition: inline
:
:Is this PR still valid?
:
:Kris

    Good god, that's from 1997! 

    Well, lets see... it does not appear that the patch I suggested in
    that PR was ever put in.  tcp_input is still using the original 
    ordering so, theoretically, the problem can still occur.  I would say
    that it at least merits a review.

						-Matt

----- End forwarded message -----

Comment 4 Remko Lodder freebsd_committer

2006-12-29 20:23:24 UTC

State Changed
From-To: open->closed

the TCP code changed a lot and the world changed dramatically after 
three years, assuming this got worked out somehow, matthew if i am wrong 
please contact me!