NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2006-09

Re: Timeout Problem with mail3.tk-online.net

From: Wietse Venema (wietseporcupine.org)
Date: Wed Sep 06 2006 - 11:39:35 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Wietse Venema:
> Wietse Venema:
> > Someone has an MTU problem: segments of 1024 bytes make it through,
> > but segments of 1380 bytes don't.
>
> On closer examination, the 1380 byte segment has a had TCP checksum.
> Someone is having bad hardware (ethernet adapter, switch, router)
> that can't handle certain bit patterns.

Evidence:

08:06:45.568720 IP (tos 0x0, ttl 50, id 65390, offset 0, flags [DF], length: 1420) 193.22.182.31.60193 > 160.45.207.131.25: . [bad tcp cksum e03c (->e03b)!] 1137:2517(1380) ack 228 win 49680
08:06:45.568752 IP (tos 0x0, ttl 50, id 65391, offset 0, flags [DF], length: 708) 193.22.182.31.60193 > 160.45.207.131.25: P [tcp sum ok] 2517:3185(668) ack 228 win 49680
08:06:45.568763 IP (tos 0x0, ttl 64, id 58528, offset 0, flags [DF], length: 52) 160.45.207.131.25 > 193.22.182.31.60193: . [tcp sum ok] ack 1137 win 7168 <nop,nop,sack sack 1 {2517:3185} >
08:06:45.568908 IP (tos 0x0, ttl 50, id 65392, offset 0, flags [DF], length: 1420) 193.22.182.31.60193 > 160.45.207.131.25: . [bad tcp cksum ce90 (->ce8f)!] 3185:4565(1380) ack 228 win 49680
08:06:45.568940 IP (tos 0x0, ttl 50, id 65393, offset 0, flags [DF], length: 708) 193.22.182.31.60193 > 160.45.207.131.25: P [tcp sum ok] 4565:5233(668) ack 228 win 49680
08:06:45.568947 IP (tos 0x0, ttl 64, id 58529, offset 0, flags [DF], length: 60) 160.45.207.131.25 > 193.22.182.31.60193: . [tcp sum ok] ack 1137 win 7168 <nop,nop,sack sack 2 {4565:5233}{2517:3185} >
08:06:50.312745 IP (tos 0x0, ttl 50, id 65394, offset 0, flags [DF], length: 1420) 193.22.182.31.60193 > 160.45.207.131.25: . [bad tcp cksum e03c (->e03b)!] 1137:2517(1380) ack 228 win 49680

And so on.

Wietse

> > 08:06:43.360497 IP 193.22.182.31.60193 > 160.45.207.131.25: S 13793624:13793624(0) win 49640 <mss 1380,nop,wscale 0,nop,nop,sackOK>
> > 08:06:43.360567 IP 160.45.207.131.25 > 193.22.182.31.60193: S 2691837300:2691837300(0) ack 13793625 win 5840 <mss 1460,nop,nop,sackOK>
> > 08:06:43.384093 IP 193.22.182.31.60193 > 160.45.207.131.25: . ack 1 win 49680
> >
> > TCP handshake completed.
> >
> > 08:06:43.386017 IP 160.45.207.131.25 > 193.22.182.31.60193: P 1:142(141) ack 1 win 5840
> > 220 mail.charite.de...
> > 08:06:43.410324 IP 193.22.182.31.60193 > 160.45.207.131.25: . ack 142 win 49680
> > 08:06:43.410730 IP 193.22.182.31.60193 > 160.45.207.131.25: P 1:27(26) ack 142 win 49680
> > HELO mail3.tk-online.net
> > 08:06:43.410737 IP 160.45.207.131.25 > 193.22.182.31.60193: . ack 27 win 5840
> > 08:06:43.410878 IP 160.45.207.131.25 > 193.22.182.31.60193: P 142:163(21) ack 27 win 5840
> > 250 mail.charite.de
> > 08:06:43.434268 IP 193.22.182.31.60193 > 160.45.207.131.25: . ack 163 win 49680
> > 08:06:43.435472 IP 193.22.182.31.60193 > 160.45.207.131.25: P 27:67(40) ack 163 win 49680
> > MAIL FROM:<AAAAAAAAAAAAAtk-online.de>
> > 08:06:43.437451 IP 160.45.207.131.25 > 193.22.182.31.60193: P 163:177(14) ack 67 win 5840
> > 250 2.1.0 Ok
> > 08:06:43.464989 IP 193.22.182.31.60193 > 160.45.207.131.25: P 67:107(40) ack 177 win 49680
> > RCPT TO:<AAAAAAAAAAAAAAAAAcharite.de>
> > 08:06:43.508212 IP 160.45.207.131.25 > 193.22.182.31.60193: . ack 107 win 5840
> > 08:06:45.518252 IP 160.45.207.131.25 > 193.22.182.31.60193: P 177:191(14) ack 107 win 5840
> > 250 2.1.5 Ok
> > 08:06:45.541512 IP 193.22.182.31.60193 > 160.45.207.131.25: P 107:113(6) ack 191 win 49680
> > DATA
> > 08:06:45.541522 IP 160.45.207.131.25 > 193.22.182.31.60193: . ack 113 win 5840
> > 08:06:45.541803 IP 160.45.207.131.25 > 193.22.182.31.60193: P 191:228(37) ack 113 win 5840
> > 354 End data with <CR><LF>.<CR><LF>
> >
> > Client sends a bunch of TCP segments.
> >
> > 08:06:45.568503 IP 193.22.182.31.60193 > 160.45.207.131.25: P 113:1137(1024) ack 228 win 49680
> > Content
> > 08:06:45.568720 IP 193.22.182.31.60193 > 160.45.207.131.25: . 1137:2517(1380) ack 228 win 49680
> > Content
> > ... more content skipped...
> > 08:06:45.568947 IP 160.45.207.131.25 > 193.22.182.31.60193: . ack 1137 win 7168 <nop,nop,sack sack 2 {4565:5233}{2517:3185} >
> >
> > >From here on the retransmissions of the first 1380 byte segment start, and it is never
> > acknowledged by the receiving TCP/IP stack.
> >
> > 08:06:50.312745 IP 193.22.182.31.60193 > 160.45.207.131.25: . 1137:2517(1380) ack 228 win 49680
> > 08:06:59.459182 IP 193.22.182.31.60193 > 160.45.207.131.25: . 1137:2517(1380) ack 228 win 49680
> > 08:07:17.749622 IP 193.22.182.31.60193 > 160.45.207.131.25: . 1137:2517(1380) ack 228 win 49680
> > 08:07:54.320240 IP 193.22.182.31.60193 > 160.45.207.131.25: . 1137:2517(1380) ack 228 win 49680
> > 08:08:54.321142 IP 193.22.182.31.60193 > 160.45.207.131.25: . 1137:2517(1380) ack 228 win 49680
> > 08:09:54.332226 IP 193.22.182.31.60193 > 160.45.207.131.25: . 1137:2517(1380) ack 228 win 49680
> > 08:10:54.346126 IP 193.22.182.31.60193 > 160.45.207.131.25: . 1137:2517(1380) ack 228 win 49680
> >
> > The receiving MTA times out.
> >
> > 08:11:45.590130 IP 160.45.207.131.25 > 193.22.182.31.60193: P 228:279(51) ack 1137 win 7168 <nop,nop,sack sack 2 {4565:5233}{2517:3185} >
> > 421 4.4.1 mail.charite.de Error: timeout exceeded
> > 08:11:45.591370 IP 160.45.207.131.25 > 193.22.182.31.60193: F 279:279(0) ack 1137 win 7168 <nop,nop,sack sack 2 {4565:5233}{2517:3185} >
> > 08:11:45.615320 IP 193.22.182.31.60193 > 160.45.207.131.25: R 13798857:13798857(0) win 49680
> >
> >
> >
>
>
>

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]