Bug 4782 - Under certain conditions, several krsh's in a row to the same destination machine can result in refused connections
Summary: Under certain conditions, several krsh's in a row to the same destination mac...
Status: Closed FIXED
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 2.2-STABLE
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 1997-10-16 19:40 UTC by Matt Dillon
Modified: 2006-12-29 20:23 UTC (History)
0 users

See Also:

Attachments
file.diff (1.32 KB, patch)
1997-10-16 19:40 UTC, Matt Dillon 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Matt Dillon 1997-10-16 19:40:00 UTC 
	When krsh'ing between two FreeBSD boxes, it is possible to get
	the destination in a TIME_WAIT state which causes the next krsh
	from the source machine to get a connection refused (an RST).
	The problem only seems to occur when the previous connection
	has been established for longer then TCPTV_MSL and the destination
	goes into TIME_WAIT on termination of the previous connection.

	The new connection attempts to use the same port pair.

Fix: I believe the ordering of the TCPS_TIME_WAIT state code in
	tcp_input.c is incorrect.  If I patch it as below, the problem
	goes away.  However, I DO NOT KNOW if I am breaking something else
	by reordering this code.  My understanding is that the condition can
	only occur if the same port pair is reused (which rcmd and krcmd
	will do) and that THIS can only occur if the source machine's tcb
	has already been completely closed, in which case it is safe to
	close the destination machine's tcb.

						-Matt
How-To-Repeat: 
	Make a krsh from host1 to host2 and run a command which takes
	longer then TCPTV_MSL to execute.  Then try doing another random
	krsh right after the first one finishes.

		(assuming 10BaseT, this takes around 65 seconds)
	host1> krsh host2 "dd if=/dev/zero bs=64k count=138" || dd of=/dev/null
	host1> krsh host2 -n "echo hello world"
Comment 1 Johan Karlsson freebsd_committer freebsd_triage 2000-08-11 07:38:13 UTC 
Responsible Changed
From-To: freebsd-bugs->dillon

Let Matt handle his own PRs.
Comment 2 Giorgos Keramidas freebsd_committer freebsd_triage 2003-02-23 02:12:47 UTC 
Responsible Changed
From-To: dillon->freebsd-bugs

Back to the free pool.
Comment 3 Kris Kennaway 2003-07-13 07:54:24 UTC 
Adding to audit trail

----- Forwarded message from Matthew Dillon <dillon@apollo.backplane.com> -----

:--zhXaljGHf11kAtnf
:Content-Type: text/plain; charset=us-ascii
:Content-Disposition: inline
:
:Is this PR still valid?
:
:Kris

    Good god, that's from 1997! 

    Well, lets see... it does not appear that the patch I suggested in
    that PR was ever put in.  tcp_input is still using the original 
    ordering so, theoretically, the problem can still occur.  I would say
    that it at least merits a review.

						-Matt

----- End forwarded message -----
Comment 4 Remko Lodder freebsd_committer freebsd_triage 2006-12-29 20:23:24 UTC 
State Changed
From-To: open->closed

the TCP code changed a lot and the world changed dramatically after 
three years, assuming this got worked out somehow, matthew if i am wrong 
please contact me!