|From:||"David S. Miller" <davem-AT-redhat.com>|
|To:||Nivedita Singhvi <niv-AT-us.ibm.com>|
|Subject:||Re: [PATCH] fix tcp_default_win_scale.|
|Date:||Tue, 6 Jul 2004 13:16:17 -0700|
|Cc:||shemminger-AT-osdl.org, ahu-AT-ds9a.nl, acme-AT-conectiva.com.br, netdev-AT-oss.sgi.com, alessandro.suardi-AT-oracle.com, phyprabab-AT-yahoo.com, linux-net-AT-vger.kernel.org, linux-kernel-AT-vger.kernel.org|
On Tue, 06 Jul 2004 13:00:07 -0700 Nivedita Singhvi <firstname.lastname@example.org> wrote: > Stephen Hemminger wrote: > > Recent TCP changes exposed the problem that there ar lots of really broken firewalls > > that strip or alter TCP options. > > We should not be accepting of this situation, surely. I mean, the firewalls > have to get fixed. Multiple things are breaking here, due to this. What > are the other options they are messing with, and and any idea why? I totally agree with Nivedita, and that's why I'm not going to apply Stephen's patch. > If the firewall is actually stripping the TCP window scaling option, > then that tells the other end that we can't *receive* scaled windows > either, since the option indicates both, we are sending and capable > of receiving. i.e. The other end will not send us scaled windows. > There is no way we can fix this on the rcv end. > That's correct. If the SYN contains a window scale option, this tells the SYN+ACK sending side that both receive and send side window scaling is supported. I think what's really happening is that the firewall is patching the non-zero window scale option in the SYN+ACK packet to be zero, yet not adjusting the window field of packets in the rest of the TCP stream. > Does this need to be the default behaviour? Just how prevalent is > this?? Frankly, I've personally seen none of this. I sit on a DSL line with no firewalling at my end and I can access all sites just fine. This seems to indicate that most of the breakage is local to the user's point of access to the net, rather than a firewall at google.com or kernel.org or similar. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to email@example.com More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Copyright © 2004, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds