[f-nsp] TCP retransmissions

Lyle Tagawa foundry-nsp at foureleven.org
Mon Jul 16 20:03:59 EDT 2012 

Greetings Foundry-NSP,

We have an internal ServerIron ADX 12.3 sandwiched between a couple
linux servers, one being the client of the other.

The client reuses TCP source-ports as expected.  tcp_tw_re(use|cycle)
is disabled.  I have observed however, that when my linux client
reuses the source-port of a recently closed (8-12 seconds old) TCP
connection, the ServerIron does not acknowledge the SYN.

The linux client will retransmit using the same src-port after 3
seconds, and again after 6 seconds (9 seconds total) if necessary.

I believe the "3 second retransmission" and subsequent doubling is
defined in RFC1122, but the 8-12 second window is just an observation.


My question(s):

How do I configure the ServerIron to either accept/acknowledge this TCP flow?

Or, how do I configure the ServerIron to send a NACK or RST to the
client, so that we can abort the 3/6/12 second retransmission timers?

Am I naive to expect the ServerIron session entry (or whatever) to
expire faster than the 8-12 seconds (<< 2*MSL)?

Thank you,
lyle


Here's a sample flow where 10.0.0.3 is the source/client, and
10.0.210.92 is the virtual-server/ServerIron.  The 3-second and
6-second retransmissions can be found at 17:29:43 and 17:29:49.  The
ServerIron (10.0.210.92) ignores the first two SYNs, then finally ACKs
the third (the second retransmission):

17:29:36.738326 IP 10.0.210.92.80 > 10.0.0.3.44368: . ack 2076 win 9612
17:29:36.738330 IP 10.0.0.3.44368 > 10.0.210.92.80: R
3731308505:3731308505(0) win 0
17:29:40.831336 IP 10.0.0.3.44368 > 10.0.210.92.80: S
3736246299:3736246299(0) win 17920
17:29:43.830840 IP 10.0.0.3.44368 > 10.0.210.92.80: S
3736246299:3736246299(0) win 17920
17:29:49.830005 IP 10.0.0.3.44368 > 10.0.210.92.80: S
3736246299:3736246299(0) win 17920
17:29:49.830081 IP 10.0.210.92.80 > 10.0.0.3.44368: S
1833587:1833587(0) ack 3736246300 win 8000
17:29:49.830098 IP 10.0.0.3.44368 > 10.0.210.92.80: . ack 1 win 17920
17:29:49.830190 IP 10.0.0.3.44368 > 10.0.210.92.80: P 1:159(158) ack 1 win 17920
17:29:49.830680 IP 10.0.210.92.80 > 10.0.0.3.44368: . ack 159 win 6432

More information about the foundry-nsp mailing list