Need a quick test from someone running linux 2.6.17

[cleverhandle]

2.6.17 changed some tcp window scaling options, causing problems with certain routers and firewalls, notably OpenBSD ones (like mine). But from what I can see, my firewall is set up correctly. So could someone running 2.6.17 check the following sites for connectivity?

http://cvs.horde.org
http://www.everymac.com

Also, if you could do a...

cat /proc/sys/net/ipv4/tcp_window_scaling

...and say whether that's a 1 or a 0.

That would tell me whether the problem is with me or with another router on the Internet.

Thanks.

 

[silverpig]

I'm on 2.6.16 at home, but have the source for 2.6.17 sitting there waiting to be compiled. I won't be able to get it done today, but if you still need someone tomorrow, then PM me as a reminder and I'll update and test for you.

 

[JeSpre]

2.6.17.7 here. I can't bring up either of those sites and tcp_window_scaling is 1.

 

[cleverhandle]

Thanks JeSpre. That suggests that the problem is with a router close to those sites and not with me. If you haven't already guessed, you can workaround this by setting the tcp_window_scaling sysctl to 0, at the cost of a small performance hit if you're on a very high speed line.

 

[Brazen]

Originally posted by: cleverhandle
Thanks JeSpre. That suggests that the problem is with a router close to those sites and not with me. If you haven't already guessed, you can workaround this by setting the tcp_window_scaling sysctl to 0, at the cost of a small performance hit if you're on a very high speed line.

Does my 28.8 connection count? I kid, I kid

 

[sourceninja]

both work fine 2.6.17-r4 gentoo sources and latest ubuntu sources (which are not 2.6.17)

 

[xcript]

Neither worked for me with 2.6.17.1 until I set tcp_window_scaling to 0.

 

[imported_LoKe]

Compiling 2.6.17 as we speak. Will check back later.

 

[n0cmonkey]

Some more information that might help (when dealing with an OpenBSD firewall):
http://www.benzedrine.cx/pf/msg05117.html

 

[cleverhandle]

Originally posted by: n0cmonkey
Some more information that might help (when dealing with an OpenBSD firewall):
http://www.benzedrine.cx/pf/msg05117.html

Yeah, I saw that. All the information regarding this issue that I've seen just comes down to common sense about creating state tables. All my keep state entries are on flags S/SAFR, and I'm pretty sure I'm not double counting any state entries on different interfaces. Which is why I wanted to see if other people were having issues with those sites. The fact that three people couldn't connect suggests that there's a problem with the routers near the sites. Unless we all have misconfigured PF firewalls...

 

[n0cmonkey]

I didn't think it necessarily had anything to do with this particular instance, but putting the information here is nice for searching.

At least it would be if the search function really worked.