For RTT calculations mid-session, we explicitly ignore ACKs with tsecr of 0 as

many borken middle-boxes tend to do that. But during 3whs, in syncache_expand(),
we don't do that which causes us to send a RST to such a client. Relax this
constraint by only using tsecr to compare against timestamp that we sent when it
is not 0. As a result, we'd now accept the final ACK of 3whs with tsecr of 0.

Reviewed by:	    jtl, gnn
Sponsored by:	    Limelight Networks
Differential Revision:	https://reviews.freebsd.org/D8552
This commit is contained in:
Hiren Panchasara 2016-11-21 20:53:11 +00:00
parent 5370c80e0e
commit 2806b2933b

View File

@ -1069,10 +1069,17 @@ syncache_expand(struct in_conninfo *inc, struct tcpopt *to, struct tcphdr *th,
}
/*
* If timestamps were negotiated the reflected timestamp
* must be equal to what we actually sent in the SYN|ACK.
* If timestamps were negotiated, the reflected timestamp
* must be equal to what we actually sent in the SYN|ACK
* except in the case of 0. Some boxes are known for sending
* broken timestamp replies during the 3whs (and potentially
* during the connection also).
*
* Accept the final ACK of 3whs with reflected timestamp of 0
* instead of sending a RST and deleting the syncache entry.
*/
if ((to->to_flags & TOF_TS) && to->to_tsecr != sc->sc_ts) {
if ((to->to_flags & TOF_TS) && to->to_tsecr &&
to->to_tsecr != sc->sc_ts) {
if ((s = tcp_log_addrs(inc, th, NULL, NULL)))
log(LOG_DEBUG, "%s; %s: TSECR %u != TS %u, "
"segment rejected\n",