I've got a Linux system running remotely that has a strange TCP problem, when it sends (not receives) a large packet the connection hangs. For example if I ssh in and run commands with small amounts of output everything is fine, but if I run "ls -l /" then the connection hangs forever. My first thought was PMTU discovery, but "ping -M want -s 1400 8.8.8.8" works without any problems and also setting the MTU on the only Ethernet device to unusually low values (I tried as low as 400 bytes) didn't make any difference. Any ideas as to what I should try next? The system in question is a fairly standard AMD64 desktop PC running Debian/Jessie. -- My Main Blog http://etbe.coker.com.au/ My Documents Blog http://doc.coker.com.au/
Russell Coker via luv-main writes:
I've got a Linux system running remotely that has a strange TCP problem, when it sends (not receives) a large packet the connection hangs. For example if I ssh in and run commands with small amounts of output everything is fine, but if I run "ls -l /" then the connection hangs forever.
I had a problem like that once where an ancient OpenBSD (or Solaris?) router was poorly configured. I was told to turn off window scaling on the Linux boxes behind it: sysctl net/ipv4/tcp_window_scaling=0 Eventually, I fixed it properly, by throwing away the broken router. Not sure if that's just broken PMTUD.
On Thu, Apr 28, 2016 at 10:46:31AM +1000, luv-main wrote:
I've got a Linux system running remotely that has a strange TCP problem, when it sends (not receives) a large packet the connection hangs. For example if I ssh in and run commands with small amounts of output everything is fine, but if I run "ls -l /" then the connection hangs forever.
My first thought was PMTU discovery, but "ping -M want -s 1400 8.8.8.8" works without any problems and also setting the MTU on the only Ethernet device to unusually low values (I tried as low as 400 bytes) didn't make any difference.
Any ideas as to what I should try next?
The system in question is a fairly standard AMD64 desktop PC running Debian/Jessie.
Start a tcpdump to a file before issue ls -l. Suspect you will see packet not being acknowledged, likely due to faulty hardware somewhere. Cheers ... Duncan.
On Thursday, 28 April 2016 10:46:31 AM AEST Russell Coker via luv-main wrote:
but "ping -M want -s 1400 8.8.8.8" works without any problems
I usually use "-M do" for that sort of testing. The "tracepath" program will also show you the MTU along the route (as long as UDP isn't being blocked). ...and from bitter experience I would suggest doing the same test in the reverse direction; at work we were having problems for a while with sites outside using jumbo frames until we learnt that the uni had asymetric routing and the return path had a different MTUon one segment to the incoming path. Oh, and some bright spark had decided that they could save IP's by using RFC1918 addresses on those segments and so the router was sending out PMTUD ICMP's with addresses that would get dropped at the border. :-/ Good luck! Chris -- Chris Samuel : http://www.csamuel.org/ : Melbourne, VIC
participants (4)
-
Chris Samuel -
Duncan Roe -
Russell Coker -
trentbuck@gmail.com